This patch introduces a new buildroot website based on a modern flat
layout inspired by material design.
Each page of the old website is converted to the new css/layout, the
big bump is in main page which is completely rewritten. Content of
the old website is copied more or less verbatim, planning to add more
content in the future.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Rodrigo Rebello [Sun, 22 Nov 2015 13:40:26 +0000 (11:40 -0200)]
fastd: add upstream patch to fix build with musl
The missing 'sys/queue.h' issue when building with musl has been solved
by an upstream commit which eliminates the dependency on
'net/if_ether.h' and, consequently, 'sys/queue.h' (needed on OpenBSD
since 'net/if_ether.h' uses LIST_* definitions).
As usual, the included patch can be dropped in the future when a new
version of this package gets released and integrated into Buildroot.
Yann E. MORIN [Sun, 22 Nov 2015 14:03:34 +0000 (15:03 +0100)]
package/rpi-userland: bump version
Fixes build with glibc-2.22.
Also fixes hard-to-trigger deadlock in highly threaded case, and fix
libraries dependencies.
Misc minor improvements in test programs as well.
Fixes #8446.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: gamadril.dev@gmail.com Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Sun, 22 Nov 2015 20:29:47 +0000 (21:29 +0100)]
oprofile: don't install shared library in BR2_STATIC_LIBS=y configs
When building with BR2_STATIC_LIBS=y, no shared library gets built, so
the installation of libopagent.so* fails. This commit gets rid of this
installation step when BR2_STATIC_LIBS=y.
Thomas Petazzoni [Sun, 22 Nov 2015 19:11:51 +0000 (20:11 +0100)]
configs/arm_foundationv8: fix build and update documentation
The arm_foundationv8_defconfig currently doesn't build because it uses
an external AArch64 toolchain that has been updated (Linaro toolchain)
and is now based on gcc 5.x. Unfortunately, Linux 3.13 is too old to
be built with gcc 5.x.
As a minimal fix to make this defconfig build again, we switch to use
the internal toolchain backend. At the time this defconfig was
introduced, there was no support for AArch64 in the internal toolchain
backend, but now that it is available, there is no reason to not use
it. This makes the defconfig also more consistent with the other
defconfigs.
Obviously, the kernel headers used to build the toolchain are set to
the fixed version 3.13, so that they match the kernel being used.
While we're at it, the readme.txt file corresponding to this defconfig
is updated. Runtime testing has been performed with the latest version
of the ARM Foundation model.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Jérôme Pouiller [Sat, 21 Nov 2015 11:09:36 +0000 (12:09 +0100)]
apitrace: do not use bundled version of libpng
In case libpng is not found apitrace its own version of libpng. However
current bundled version (1.1.16) is impacted by
https://sourceforge.net/p/libpng/bugs/230/. We simplify problem by
forcing use of external libpng.
Notice this patch also impact use of zlib. Apitrace also use its own
version of zlib if none was found. Since we select libpng, external
zlib is also selected.
The gpsd package was disabled due to an internal compiler error for
the microblaze architecture in the following commit:
http://git.buildroot.net/buildroot/commit/?id=d517415bcda380336f4a27bf248cef4d81791c9e
The problem is due to an specific GCC optimization flag
(-fexpensive-optimizations), so disabling it we can work around this
problem and compile gpsd for the microblaze architecture.
Danomi Manchego [Sun, 22 Nov 2015 01:38:28 +0000 (20:38 -0500)]
libxml2: security bump to version 2.9.3
- Fixes:
- CVE-2015-5312 - Another entity expansion issue
- CVE-2015-7497 - Avoid an heap buffer overflow in xmlDictComputeFastQKey
- CVE-2015-7500 - Fix memory access error due to incorrect entities boundaries
- CVE-2015-8242 - Buffer overead with HTML parser in push mode
- Incorporates upstreamed patches as well, which also fixed:
- CVE-2015-1819 - The xmlreader in libxml allows remote attackers to cause
a denial of service (memory consumption) via crafted XML data, related
to an XML Entity Expansion (XEE) attack.
- CVE-2015-7941 - out-of-bounds memory access.
- CVE-2015-7942 - heap-buffer-overflow in xmlParseConditionalSections.
- CVE-2015-8035 - DoS via crafted xz file.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Sergio Prado [Sat, 21 Nov 2015 19:28:28 +0000 (17:28 -0200)]
ustr: fix build issue with GCC5
This patch fixes the following error messages:
ustr-cmp-code-so-dbg.o: In function `ustr_pool_make_subpool':
ustr-cmp-dbg-code.c:(.text+0x0): multiple definition of `ustr_pool_make_subpool'
ustr-b-code-so-dbg.o:ustr-b-dbg-code.c:(.text+0x0): first defined here
ustr-cmp-code-so-dbg.o: In function `ustr_pool_clear':
ustr-cmp-dbg-code.c:(.text+0x44): multiple definition of `ustr_pool_clear'
ustr-b-code-so-dbg.o:ustr-b-dbg-code.c:(.text+0x44): first defined here
ustr-cmp-code-so-dbg.o: In function `ustr_pool_free':
...
That's because the application assumes gnu89 behaviour of "inline" and
"extern inline", but gcc5 defaults to gnu11. So we need to force gnu89
in the compilation flags.
Rodrigo Rebello [Fri, 20 Nov 2015 22:48:15 +0000 (20:48 -0200)]
mongrel2: add upstream patch to fix symbol conflict
The symbol 'max_align_t', defined in the mongrel2 sources
(src/mem/align.h), is also defined in one of the standard headers in
some toolchains (the ones based on GCC 5+ apparently).
This conflict has been solved upstream, and a new version (1.10.0)
containing the fix has been released already, so this backported patch
may be dropped in the future when mongrel2 gets a version bump.
Peter Seiderer [Thu, 19 Nov 2015 21:42:47 +0000 (22:42 +0100)]
sdl: overwrite libpth autodetection
The sdl libpth autodetection gets confused in case a host
version is present. Overwrite libpth autodection for the
target build dependent on BR2_PACKAGE_LIBPTHSEM_COMPAT and
use pth-config from staging directory.
Fixes [1]:
checking for pthreads... no
checking for pth-config... /usr/bin/pth-config
checking pth... yes
[...]
./src/SDL.c:33:17: fatal error: pth.h: No such file or directory
#include <pth.h>
Thomas Petazzoni [Thu, 19 Nov 2015 21:07:00 +0000 (22:07 +0100)]
iproute2: fix build with musl
This commit adds two patches to the iproute2 package that are
necessary to build it against the musl C library. Both patches have
been submitted upstream.
Carlos Santos [Tue, 17 Nov 2015 12:24:06 +0000 (10:24 -0200)]
perl-file-util: restore host variant and fix dependencies
The host variant was added by us (DATACOM) because it is useful to
build some third-party packages that we use in our firmware. We humbly
request you to keep it alive.
Declare that it requires host-perl-module-build.
Signed-off-by: Carlos Santos <casantos@datacom.ind.br> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thomas Petazzoni [Wed, 18 Nov 2015 20:40:38 +0000 (21:40 +0100)]
libserial: add patch to fix build failure on sparc/sparc64
Like c-periphery and lua-periphery, libserial fails to build because
it tries to use some baud rate definitions that are not available on
sparc and sparc64 (the highest baud rates).
This commit fixes that by introducing a patch to libserial to make the
use of these high baud rates conditional on their availability.
Ben Boeckel [Fri, 13 Nov 2015 21:48:52 +0000 (22:48 +0100)]
core/pkg-infrastructures: remove LD_LIBRARY_PATH from the environment
If system tools are selected, the host's lib/ directory may shadow
libraries from the system which are configured differently and do not
have all of the symbols required by the system tool.
Since buildroot now uses rpath everywhere, LD_LIBRARY_PATH should not
be necessary anyways.
Signed-off-by: Ben Boeckel <mathstuf@gmail.com> Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Fri, 13 Nov 2015 21:48:51 +0000 (22:48 +0100)]
core: check host executables have appropriate RPATH
When we build our host programs, and they depend on a host library we
also build, we want to ensure that program actually uses that library at
runtime, and not the one from the system.
We currently ensure that in two ways:
- we add a RPATH tag that points to our host library directory,
- we export LD_LIBRARY_PATH to point to that same directory.
With these two in place, we're pretty much confident that our host
libraries will be used by our host programs.
However, it turns our that not all the host programs we build end up
with an RPATH tag:
- some packages do not use our $(HOST_LDFLAGS)
- some packages' build system are oblivious to those LDFLAGS
In this case, there are two situations:
- the program is not linked to one of our host libraries: it in fact
does not need an RPATH tag [0]
- the program actually uses one of our host libraries: in that case it
should have had an RPATH tag pointing to the host directory.
For libraries, they only need an RPATH if they depend on another library
that is not installed in the standard library path. However, any system
library will already be in the standard library path, and any library we
install ourselves is in $(HOST_DIR)/usr/lib so already in RPATH.
We add a new support script that checks that all ELF executables have
a proper DT_RPATH (or DT_RUNPATH) tag when they link to our host
libraries, and reports those file that are missing an RPATH. If a file
missing an RPATH is an executable, the script aborts; if only libraries
are are missing an RPATH, the script does not abort.
[0] Except if it were to dlopen() it, of course, but the only program
I'm aware of that does that is openssl, and it has a correct RPATH tag.
[Peter: reworded as suggested by Arnout, fix HOT_DIR typo in comment] Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Cc: Arnout Vandecappelle <arnout@mind.be> Cc: Peter Korsgaard <jacmet@uclibc.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Gustavo Zacarias [Tue, 17 Nov 2015 23:08:45 +0000 (20:08 -0300)]
libxml2: add several security patches
Fixes:
CVE-2015-1819 - The xmlreader in libxml allows remote attackers to cause
a denial of service (memory consumption) via crafted XML data, related
to an XML Entity Expansion (XEE) attack.
CVE-2015-7941 - out-of-bounds memory access.
CVE-2015-7942 - heap-buffer-overflow in xmlParseConditionalSections.
CVE-2015-8035 - DoS via crafted xz file.
All patches upstream.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Rodrigo Rebello [Mon, 16 Nov 2015 10:58:18 +0000 (08:58 -0200)]
qemu: add patch to fix SSP support detection
The QEMU configure script incorrectly assumes SSP is supported by the
toolchain in some cases where the compiler accepts -fstack-protector*
flags but the C library does not provide the necessary __stack_chk_*()
functions.
Even though a full compile and link test is performed by the script,
this is done with a code fragment which does not actually meet any of
the conditions required to cause the compiler to emit canary code when
the -fstack-protector-strong variant is used. As no compile or link
failure occurs in this case, a false positive is generated and a
subsequent error is seen when the probe for pthreads is performed.
The fix consists in patching the configure script to use a more
appropriate test program for the SSP support checks.
Gustavo Zacarias [Tue, 17 Nov 2015 18:20:44 +0000 (15:20 -0300)]
liquid-dsp: blacklist CS powerpc toolchains
They're unable to build liquid-dsp successfully resulting in an internal
compiler error. Fixes:
http://autobuild.buildroot.net/results/2ac/2acd745f4e5ec6edfd09afcd57b9ece216724c1b/
[Thomas: propagate the dependencies to the comment.]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Daniel Nyström [Wed, 16 Sep 2015 12:52:58 +0000 (14:52 +0200)]
qt5base: Patch Qt config to detect sunxi-mali
Currently Qt 5.5 only detects and build the eglfs_mali device
integration if the commercial Mali driver package from ARM is used.
This patch makes sure the Qt configure script also test for the
sunxi-mali driver package. It also removes the dependency of
the proprietary fbdev_window.h.
This issue is set to be fixed in upcoming Qt 5.6:
https://codereview.qt-project.org/#/c/125837/
[Thomas: renumber patch from 0010 to 0009.]
Signed-off-by: Daniel Nyström <daniel.nystrom@timeterminal.se> Tested-by: Ariel D'Alessandro <ariel@vanguardiasur.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Tested-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas: build tested before the patch, verified that indeed the
eglfs-mali plugin doesn't get built, and that after the patch it gets
built as expected.]
Thomas Petazzoni [Tue, 17 Nov 2015 12:27:54 +0000 (13:27 +0100)]
pulseaudio: fix build issue with old gcc versions
This commit adds a patch to pulseaudio (already submitted upstream)
that avoids a structure redefinition build failure that occurs with
old gcc versions.
To build libcurl, we need to override LD_LIBRARY and force it to a sane
value, otherwise libcurl is confused when target == host (see a51ce319,
libcurl: fix configure with openssl when target == host).
That is currently OK, since we always set LD_LIBRARY_PATH to a non-empty
value.
However, we're soon to stop setting it at all.
So, if the user has an empty (or no) LD_LIBRARY_PATH in his envirnment,
we'd end up adding the current working directory to LD_LIBRARY_PATH (as
an empty entry in a colon-separated list is most probably interpreted as
meaning the current working directory, which we do know can cause issue,
and which we expressely check against in support/dependencies/dependencies.sh
Fix that by only using an existing LD_LIBRARY_PATH if it is not empty.
Also use a Makefile construct as it is easier to read than a shell one
(we can do that, as all variables from the environment are available as
make variables).
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Peter Korsgaard <jacmet@uclibc.org> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
To build the host-mysql, we only build parts of the source, just the
strictly minimum required to then cross-compile it.
However, the host variables (conf opts, build and install cmds) are only
defined when the mysql server is enabled in the configuration.
So, this breaks:
make defconfig; make host-mysql
Even though it is not much use to have that partial host-mysql on its
own, it is still very interesting to be able to build it, if at least
for testing changes in the core package infrastructures (like new step
hooks or the likes...)
Move the definitions of the host variant out of the server conditional
block.
[Peter: add comment about what we build and why as suggested by Arnout] Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Cc: Marcelo Gutiérrez(UTN/FRH) <kuyurix@gmail.com> Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Fri, 13 Nov 2015 21:48:47 +0000 (22:48 +0100)]
package/axfsutils: fix Makefile
mkfs.axfs uses zlib, but does not have an rpath to our host dir.
That's because:
- we're not passing our host CFLAGS or LDFLAGS
- it is forcibly setting CFLAGS in the Makefile, overriding anything
specified by the user
- it is not using LDFLAGS at all
Add two patches so that CFLAGS and LDFLAGS from the environment are
used if present.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Tested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
apply-patches.sh: use everything from the series file
When a series file exists, we should use every file mentioned in it,
not just the ones ending with .patch or .diff. Also, there's no need
to uncompress anything if it's mentioned in a series file (the tools
that manipulate series files don't support compressed patches).
Building with -mtune=e6500 led to build failures in glibc (probably in
uclibc as well) because gcc was built for a 32-bit target even though
the target tuple is powerpc64-*. This lead to a mix of 32-bit and
64-bit support and build errors like:
fatal error: gnu/lib-names-32.h: No such file or directory
The root cause is that the configure script is not handling e6500
correctly, because of stupid typo in the condition.
GCC5 defaults to -std=gnu11, which has different semantics for inline than
previous versions:
https://gcc.gnu.org/gcc-5/porting_to.html
Which causes linker issues when display_headers() and start_log() are
referenced from other files. There's no real reason why these needs to be
inline, so just drop the keyword.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a fanotify include bug where old kernels (2.6.x) fail to build.
Fixes recent failures on x86 with Linux 4.3.x kernel regarding
network sockets. Includes the removed patch.
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org> Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Thomas:
- add comment explaining where the architecture dependency is coming
from, as suggested by Arnout.
- move the definition of BR2_PACKAGE_GAUCHE_ARCH_SUPPORTS to the
beginning of the Config.in file, to be consistent with what we do
in other packages.]
By default, with the original patch bootcmd runs sdboot before loading uEnv.txt.
Consequently, if the user change modeboot, the user's defined content is updated
too late.
By loading uEnv.txt before 'run $modeboot' the correct boot mode is used instead
of default mode.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com> Acked-By: Jan Viktorin <viktorin@rehivetech.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Mon, 16 Nov 2015 20:50:56 +0000 (21:50 +0100)]
boost: do not allow context module on sparc
The boost context module does not build on sparc, even if sparc is
advertised as a supported architecture by the boost documentation. So
let's disallow this module for the time being.
Gustavo Zacarias [Mon, 16 Nov 2015 19:55:06 +0000 (16:55 -0300)]
strongswan: security bump to version 5.3.4
Fixes:
CVE-2015-8023 - authentication bypass vulnerability in the eap-mschapv2
plugin that was caused by insufficient verification of the internal
state when handling EAP-MSCHAPv2 Success messages received by the
client.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Romain Naour [Wed, 11 Nov 2015 18:01:17 +0000 (19:01 +0100)]
package/ebtables: disable for musl toolchains
ebtabes fail to build with a musl based toolchain due to several errors.
Most of them has been fixed by [1] and [2] but it's not enought because
useful_functions.c fail to build due to mixed usespace and kernel headers
usage [3].
In file included from [...]/sysroot/usr/include/netinet/ether.h:8:0,
from useful_functions.c:28:
[...]/sysroot/usr/include/netinet/if_ether.h:96:8: error: redefinition of ‘struct ethhdr’
struct ethhdr {
^
In file included from include/linux/netfilter_bridge.h:8:0,
from include/linux/netfilter_bridge/ebtables.h:17,
from include/ebtables_u.h:27,
from useful_functions.c:25:
include/linux/if_ether.h:119:8: note: originally defined here
struct ethhdr {
^
Makefile:78: recipe for target 'useful_functions.o' failed
The build system builds api documentation if it finds pdflatex, which we
don't need to spend time on and which may fail if not all the pdflatex
dependencies are available, so disable it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Gustavo Zacarias [Thu, 12 Nov 2015 19:30:46 +0000 (16:30 -0300)]
polarssl: security bump to version 1.2.18
Fixes a potential heap corruption on Windows when
mbedtls_x509_crt_parse_path() is passed a path longer than 2GB. This
cannot be triggered remotely. Found by Guido Vranken, Intelworks.
Fixes a potential buffer overflow in some asn1_write_xxx() functions.
This cannot be triggered remotely unless you create X.509 certificates
based on untrusted input or write keys of untrusted origin. Found by
Guido Vranken, Intelworks.
The X509 max_pathlen constraint was not enforced on intermediate
certificates. Found by Nicholas Wilson, and fix and tests provided by
Janos Follath.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Gustavo Zacarias [Tue, 10 Nov 2015 11:25:46 +0000 (08:25 -0300)]
configs/qemu: bump to the latest linux version
ppc-mpc8544ds: switch to custom kernel config since the new 4.3-shipped
mpc85xx_basic_defconfig doesn't work with Qemu.
Incidentally while cleaning it up it now seems to work fine with newer
qemu versions.
sparc64_sun4u: ditch ne2k driver since it's useless, and add the e1000
driver which works fine.
x86: stick to 4.2.x kernels since 4.3 doesn't work right with uclibc
(any variant) based toolchains.
Results table:
Defconfig Kernel Qemu Network Status
--------------------------------------------------------------
aarch64_virt 4.3 2.3.0 YES OK
arm_nuri 3.10.93 2.3.0 NO(1) OK(2)
arm_versatile 4.3 2.3.0 YES OK
arm_vexpress 4.3 2.3.0 YES OK
microblazebe 4.3 2.3.0 YES OK
microblazeel 4.3 2.3.0 YES OK
mips64el_malta 4.3 2.3.0 YES OK
mips64_malta 4.3 2.3.0 YES OK
mipsel_malta 4.3 2.3.0 YES OK
mips_malta 4.3 2.3.0 YES OK
ppc_g3beige 4.3 2.3.0 YES OK
ppc_mpc8544ds 4.3 2.3.0 YES OK
ppc_virtex_ml507 4.3 2.3.0 NO OK
ppc64_pseries 4.3 2.3.0 YES OK
sh4 4.3 2.3.0 YES OK
sh4eb 4.3 2.3.0 NO(1) OK
sparc_ss10 4.3 2.3.0 YES OK
sparc64_sun4u 4.3 2.3.0 YES OK
sparc_sun4u 4.3 2.3.0 YES OK
x86 4.2.6 2.3.0 YES OK(3)
x86_64 4.3 2.3.0 YES OK
xtensa_lx60 4.3 2.3.0 YES OK
(1) - Supposed to work but broken, probably Qemu emulation issue
(2) - In like 1/3 runs it fails to start properly
(3) - linux 4.3.0 doesn't like uclibc-based toolchains (net issues)
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This was causing unexpected HTTP requests by the setup.py script for
python-protobuf. These "dependencies" aren't actually required for a successful
build, and are not staged into the target install directory.
Signed-off-by: Steven Noonan <steven@uplinklabs.net> Tested-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thomas Petazzoni [Wed, 11 Nov 2015 14:55:07 +0000 (15:55 +0100)]
ffmpeg: mark as not available on nios2
ffmpeg was already marked as not available for the NIOS2 Sourcery
toolchains, but it could still be built with the internal toolchain
backend or a custom external toolchain.
However, an inspection of the latest glibc source code indicates that
FE_INVALID, FE_OVERFLOW and FE_UNDERFLOW and indeed not available in
the nios2 variant of <fenv.h>.
Consequently, this patch makes ffmpeg not available on nios2, which
allows to simplify a bit the dependencies.
It propagates this dependency to:
- minidlna (and at the same time makes sure the minidlna comment is
not displayed on nios2, which wasn't properly taken into account
until now)
- mpd
- opencv
- opencv3
- squeezelite
- tovid
Even if it selects ffmpeg, Kodi does not need an update since Kodi is
only available on a limited number of architectures (which don't
include nios2, obviously). Other packages only make use of ffmpeg when
available.
Yann E. MORIN [Tue, 10 Nov 2015 21:36:30 +0000 (22:36 +0100)]
package/skeleton: ensure custom skeleton uses merged /usr if needed
When using systemd, the policy in Buildroot is to use a merged /usr
(see c5bd8af6, "system: add options for /bin /sbin and /lib to be
symlinks into /usr" for more info). So, we apply a few tricks in some
packages to account for the merged /usr case.
However, when using a custom skeleton, we have no say in how that
skeleton is organised, so it may well have a split /usr. In that case,
our little tricks might not work as expected.
So, when the user uses a custom skeleton and wants systemd as an init
system, we must check that the custom skeleton is setup with a merged
/usr.
We do that by checking that each pair of {/lib,/usr/lib} {/bin,/usr/bin}
and {/sbin,/usr/sbin} have the same inode numbers, i.e. /lib must have
the same inode number as /usr/lib (and so on...). When a pair does not
share the same inode number, this is not a merged /usr and we abort.
We implement that check with make constructs, so it is done very early
in the build process, and we can abort early if need be.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com> Cc: Peter Korsgaard <jacmet@uclibc.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Tue, 10 Nov 2015 21:36:29 +0000 (22:36 +0100)]
package/skeleton: don't handle merged /usr for custom skeleton
In case the user wants to use a custom skeleton, we should not try to
handle the symlinks (resp. mkdir) to handle merged (resp. split) /usr.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com> Cc: Peter Korsgaard <jacmet@uclibc.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Tue, 10 Nov 2015 21:36:28 +0000 (22:36 +0100)]
package/skeleton: qstrip path before using it
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The license is wrong, it's GPLv3+ rather than GPLv2+ now.
Also there's a specific clause for libintl that makes it LGPLv2.1+, see
gettext-runtime/COPYING.
Signed-off-by: Gustavo Zacarias <gustavo.zacarias@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The SSP support checks of the Ruby configure script do not do a full
link, and therefore don't properly detect if SSP support is fully
functional or not, which causes some build failures if the compiler
supports -fstack-protector but the C library does not provide the SSP
implementation.
To avoid this, we explicitly tell ruby if SSP support is available or
not.
In commit 53bf889cdca77979814bc6b74170e2f104fc3b70 ("ruby: should not
use dl_iterate_phdr() on Blackfin") we added
ac_cv_func_dl_iterate_phdr=no to RUBY_CONF_ENV when building on the
Blackfin architecture.
However, while doing so, we overwrote the previous value of
RUBY_CONF_ENV, which was defined to have custom CFLAGS:
RUBY_CONF_ENV = CFLAGS="$(RUBY_CFLAGS)"
This has no visible effect because the custom CFLAGS are only used on
SuperH/SuperH 64, while the overwrite of RUBY_CONF_ENV takes place on
Blackfin.
However, it doesn't look very pretty, and future additions to
RUBY_CONF_ENV may break this subtle behavior.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 9 Nov 2015 22:20:48 +0000 (23:20 +0100)]
dhcp: S80dhcp-server: also source /etc/default/dhcpd.conf for INTERFACES
Similar to how we do it for dhcpd.service. The file should really have been
named /etc/default/dhcpd instead, but changing it now would break existing
systemd setups so leave it as it is.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2015-7181 - A use-after-poison flaw was found in the way NSS parsed
certain ASN.1 structures. An attacker could use this flaw to cause NSS
to crash or execute arbitrary code with the permissions of the user
running an application compiled against the NSS library.
CVE-2015-7182 - A heap-based buffer overflow flaw was found in the way
NSS parsed certain ASN.1 structures. An attacker could use this flaw to
cause NSS to crash or execute arbitrary code with the permissions of the
user running an application compiled against the NSS library.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>