In 2010 commit 32d319e6f "gst-plugins-base: ensure <stdint.h> is used"
introduced a typo (missing backslash) that made the code ineffective.
It can be confirmed by looking at the output of:
$ make printvars | grep '^GST_PLUGINS_BASE_CONF_ENV\|^FT2_CONFIG'
FT2_CONFIG=/bin/false ac_cv_header_stdint_t="stdint.h"
GST_PLUGINS_BASE_CONF_ENV=
Add the missing backslash to fix the code.
While at it, fix the indentation to use one tab instead of two.
The (end of the) diff of config.log confirms the code is still needed
when the host has freetype-config installed:
@@ -1674,10 +1674,8 @@
configure:21882: checking for emmintrin.h
configure:21882: result: no
configure:21894: checking for stdint types
-configure:21917: /tmp/gst/output/host/usr/bin/i686-pc-linux-gnu-gcc -std=gnu99 -c conftest.c >&5
-configure:21917: $? = 0
configure:21961: result: stdint.h (shortcircuit)
-configure:22348: result: make use of stdint.h in _stdint.h (assuming C99 compatible system)
+configure:22348: result: make use of stdint.h in _stdint.h
configure:22359: checking for localtime_r
configure:22359: /tmp/gst/output/host/usr/bin/i686-pc-linux-gnu-gcc -std=gnu99 -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c >&5
configure:22359: $? = 0
@@ -2468,8 +2466,7 @@
Package 'freetype2', required by 'world', not found
configure:31257: result: no
configure:31298: checking for freetype-config
-configure:31316: found /usr/bin/freetype-config
-configure:31329: result: /usr/bin/freetype-config
+configure:31329: result: /bin/false
configure:31339: checking for FreeType - version >= 2.0.9
configure:31427: result: yes
configure:32250: creating ./config.status
@@ -2789,7 +2786,7 @@
ac_cv_objext='o'
ac_cv_path_EGREP='/bin/grep -E'
ac_cv_path_FGREP='/bin/grep -F'
-ac_cv_path_FT2_CONFIG='/usr/bin/freetype-config'
+ac_cv_path_FT2_CONFIG='/bin/false'
ac_cv_path_GMSGFMT='/tmp/gst/output/host/usr/bin/msgfmt'
ac_cv_path_GREP='/bin/grep'
ac_cv_path_MSGFMT='/tmp/gst/output/host/usr/bin/msgfmt'
@@ -2818,7 +2815,6 @@
ac_cv_prog_cxx_g='yes'
ac_cv_prog_make_make_set='yes'
ac_cv_stdint_message='using gnu compiler i686-pc-linux-gnu-gcc (Sourcery CodeBench Lite 2012.09-62) 4.7.2'
-ac_cv_stdint_result='(assuming C99 compatible system)'
ac_cv_sys_file_offset_bits='no'
ac_cv_sys_largefile_CC='no'
ac_cv_sys_largefile_source='no'
@@ -2965,9 +2961,9 @@
EXEEXT=''
FFLAGS=' -Os '
FGREP='/bin/grep -F'
-FT2_CFLAGS='-I/usr/include/freetype2'
-FT2_CONFIG='/usr/bin/freetype-config'
-FT2_LIBS='-lfreetype'
+FT2_CFLAGS=''
+FT2_CONFIG='/bin/false'
+FT2_LIBS=''
GCOV=''
GCOV_CFLAGS=''
GCOV_LIBS=''
Detected by check-package.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In the default xserver_xorg-server version 1.19.x, the AIGLX option
is no longer available (cfr. commit ec502ea8e4). In fact, AIGLX is
always enabled. So remove this option.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Now we have changed the default ext2/3/4 filesystem size from automatic
to 60MB, the minnowboard_max graphical demo config doesn't fit anymore.
So increase it to double.
The exact number doesn't matter much, it has to be somewhat smaller
than 128MiB, so let's take a round number of 120000K.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
passdb/userdb dict: Don't double-expand %variables in keys. If dict
was used as the authentication passdb, using specially crafted
%variables in the username could be used to cause DoS (CVE-2017-2669)
Full ChangeLog 2.2.29 (including CVE fix):
https://www.dovecot.org/list/dovecot-news/2017-April/000341.html
Full ChangeLog 2.2.29.1 (some fixes forgotten in the 2.2.29 release):
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas:
- group the host commands together and the target commands together
- use --prefix=$(HOST_DIR)/usr for host configuration, and do not
override PREFIX= at host install time
- use DESTDIR=$(TARGET_DIR) instead of overriding PREFIX= at target
install time.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Wolfgang Grandegger <wg@grandegger.com>
[Thomas: use SPDX license codes.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
A similar fix was committed to ffmpeg in the past:
https://git.buildroot.net/buildroot/commit/package/ffmpeg?id=bfb8df2ad9b164b421d25294c6882c8b61dc59a5
which will be reverted with another patch.
Mplayer contains ffmpeg 3.0, with current ffmpeg 3.2.4 the bug is gone,
the difference between both revisions is too big in order to find a
real fix for the problem.
Special cflags, added by
https://git.buildroot.net/buildroot/commit/package/multimedia/mplayer?id=fd38100e1189d19cad87a64c52df2c773eb47e40
are no longer needed now so remove them as well.
Testing these defconfigs did not produce compile errors with current
ffmpeg but with mplayer:
Adam Duskett [Thu, 2 Feb 2017 22:45:05 +0000 (17:45 -0500)]
policycoreutils: add option to build audit2allow
This python utility scans the logs for messages logged when the system
denied permission for operations, and generates a snippet of policy
rules which, if loaded into policy, might have allowed those operations
to succeed. However, this utility only generates Type Enforcement (TE)
allow rules.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com> Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
[Thomas: adjust Config.in to propagate the dependencies of sepolgen,
checkpolicy and python3.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Adam Duskett [Thu, 2 Feb 2017 22:45:04 +0000 (17:45 -0500)]
libselinux: allow compiling python wrapper module for target
libselinux currently does not compile its python wrapper module for
the target. This is needed for audit2allow to function properly, and
therefore this patch adjusts libselinux.mk to install the python
wrapper module is python or python3 are enabled.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com> Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
[Thomas:
- Remove useless empty lines, as noted by Matt Weber
- Move code related to python bindings before builds/install
commands, since those commands will use variables defined by the
python bindings logic.
- Instead of enabling the python bindings when
BR2_PACKAGE_POLICYCOREUTILS_AUDIT2ALLOW is set, enable the python
bindings when python is available. We generally try to avoid
looking at options of other packages to decide what to install.
- Introduce LIBSELINUX_MAKE_TARGETS and
LIBSELINUX_MAKE_INSTALL_TARGETS variable, in order to avoid
duplicate the make/make install commands.
- As suggested by Matt Weber, remove LIBSELINUX_PYTHONLIBDIR
definitions, and don't pass PYLIBVER and PYTHONLIBDIR in MAKE_OPTS.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Adam Duskett [Thu, 2 Feb 2017 22:45:03 +0000 (17:45 -0500)]
checkpolicy: allow compiling for target
checkpolicy is currently a host-only package, however it is a
dependency of audit2allow. This patch allows for checkpolicy to be
compiled for the target.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com> Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
[Thomas:
- remove LIBSELINUX_INSTALL_STAGING = YES, doing it in
checkpolicy.mk is wrong, and libselinux is already installed to
staging
- add "select BR2_PACKAGE_LIBSELINUX" in Config.in, and propagate the
necessary dependencies
- add host-flex in dependencies, since it is also needed (in addition
to target flex).] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Adam Duskett [Thu, 2 Feb 2017 22:45:02 +0000 (17:45 -0500)]
sepolgen: allow compiling for target
Sepolgen is currently a host-only package, however it is a dependency
of audit2allow. This patch allows for sepolgen to be compiled for the
target.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com> Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
[Thomas:
- fix formatting of Config.in file
- add missing dependencies inherited from the fact that the package
selects python3.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
When libnl is selected, libpcap links with it. Since libpcap doesn't
provide a .pc file and arp-scan doesn't use its libpcap-config script,
we must provide the additional options explicilty.
Warn when a variable is defined in a .mk file and it don't start with
the package name.
This function generates false warnings and the maintenance of the
whitelist can be an extra burden, but it catches some typos really hard
to see:
- POPLER_CONF_OPTS [1]
- BALELD_LICENSE [2]
- DRDB_UTILS_DEPENDENCIES [3]
- PERL_LIBWWW_LICENSE_FILES [4]
- AVRDUDR_LICENSE_FILES [5]
- GST1_PLUGINS_ULGY_HAS_GPL_LICENSE [6]
- ON2_8170_LICENSE [7]
- LIBFDTI_CONF_OPTS [8][9]
- IPSEC_DEPENDENCIES [10]
Warn when help text is larger than 72 columns, see [1].
Warn for wrongly indented attributes, see [1].
Warn when the convention of attributes order is not followed, see [2].
Explicitly state that one tab counts for 8 columns in package
description, leaving 62 characters to the text itself.
Update the text and the example in the two places where the Config.in
format is described.
Also mention a newline is expected between the help text itself and the
upstream URL.
This blob can help developers to understand the expected formatting.
Also, it can be referenced by reviewers.
Warn when there are obvious indentation errors:
- the number of expect tabs is not yet checked since it is more complex
to achieve;
- the content inside define ... endef should be indented with tab(s),
see [1];
- line just after a backslash should be indented with tab(s), see [2];
- other lines should not be indented, see [3];
- ignore empty lines and comments.
Warn when there is no well-formatted header in the file:
- 80 hashes at lines 1 and 5;
- 1 hash at lines 2 and 4;
- empty line at line 6;
- see [4];
- ignore files that only include other mk files.
Warn when there are more than one space before backslash, see [5].
Warn when there is a trailing backslash [6].
Warn for flags set to default value YES or NO, see [7], [8], [9].
Warn when the name of the patch file does not start with number (apply
order), see [1].
Warn when the patch was generated using git format-patch without -N, see
[2].
Warn when the patch file has no SoB, see [3].
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com> Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Check each hash entry (see [1]) and warn when:
- it does not have three fields;
- its type is unknown;
- its length does not match its type;
- the name of the file contains a directory component.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com> Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Create 3 new check functions to warn when:
- there are consecutive empty lines in the file, see [1];
- the last line of the file is empty, see [2];
- there are lines with trailing whitespace, see [3].
Apply these functions to Config.*, *.mk and *.hash, but not for *.patch
files since they can contain any of these and still be valid.
Create the infra to check the style of new packages before submitting.
The overall function of the script is described inside a txt file.
It is designed to process the actual files and NOT the patch files
generated by git format-patch.
Also add the first check function, to warn if a file (Config.*, *.mk,
*.hash, *.patch) has no newline at the last line of the file, see [1].
Basic usage for simple packages:
support/scripts/check-package -vvv package/newpackage/*
Basic usage for packages with subdirs:
support/scripts/check-package -vvv $(find package/newpackage/ -type f)
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com> Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Until now, the host toolchain was used to build syslinux, as it was
not possible to build a 32-bit syslinux with a x86-64 toolchain.
However, syslinux requires gnu-efi, and gnu-efi is built using the
target toolchain. Mixing different toolchains doesn't work well, so
this commit changes the syslinux package to use the target toolchain
for syslinux as well. This is made possible by patches
0003-Fix-ldlinux.elf-Not-enough-room-for-program-headers-.patch and
0004-memdisk-Force-ld-output-format-to-32-bits.patch.
Since syslinux also contains some utilities that have to run on the
host, those have to continue being built with the host toolchain,
which requires patch 0005-utils-Use-the-host-toolchain-to-build.patch.
Patch 0006-lzo-Use-the-host-toolchain-for-prepcore.patch is about
building prepcore, another utility with the host toolchain as it is
required at build-time.
This was tested using a Buildroot's built x86_64 toolchain, and
checked that the output binaries are 32-bits. It was tested as well if
they actually boot on hardware.
Signed-off-by: Benoît Allard <benoit.allard@greenbone.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
configs/beaglebone_qt5: increase size of ext4 filesystem image
In commit c6bca8cef0310bc649240b451989457ce94a8358, the
auto-calculation logic of the ext4 filesystem size was removed. The
default size of 60MB is too small for the beaglebone_qt5_defconfig,
should it should be increased.
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com> Suggested-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The patch 0001-include-linux-nfs.h-directly-in-rpc_sub.patch was Git
formatted, except that a Upstream status statement was added above the
patch, which makes it unapplicable by "git am". So fix this by putting
the Upstream status statement where it should be.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We need to avoid failing of copy of custom dts using cp -f <>
command. So, just qstrip the variable as is done for other
configuration options.
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com> Tested-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- This version requires a patch (sent upstream) to remove -lanl from
all Linux builds as this library is only needed for adns support
- sha512 must be computed locally as eclipse.org does not give it for
this version
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Eric Le Bihan [Sun, 2 Apr 2017 17:54:18 +0000 (19:54 +0200)]
jemalloc: bump version to 4.5.0
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
[Thomas: use release tarball, which avoids the need for autoreconf.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In 2010 commit 32d319e6f "gst-plugins-base: ensure <stdint.h> is used"
introduced a typo (missing backslash) that made the code ineffective.
In 2013 commit f8e7fdcd3 "gst1-plugins-base: add gstreamer1 base
plugins" copied the code.
It can be confirmed by looking at the output of:
$ make printvars | grep '^GST1_PLUGINS_BASE_CONF_ENV\|^FT2_CONFIG'
FT2_CONFIG=/bin/false ac_cv_header_stdint_t="stdint.h"
GST1_PLUGINS_BASE_CONF_ENV=
Direct use of freetype was dropped in version 1.7.2 by upstream [1], so
remove the code instead of fixing it.
Found using [2]:
check-package --include-only Indent $(find * -type f)
and manually removed.
Commit ba6bac138331cea449592f877e558f84176a70bf made a change in copying of
the dynamic loader, with the goal of reducing toolchain-specific fixups.
Any ld*.so file found in the toolchain's lib directory would be copied to
the staging/lib directory.
For the toolchains that previously needed fixup, this new behavior is fine.
The reason they needed fixup was that the normal copy action did not include
any dynamic loader.
However, for certain other toolchains this new behavior actually breaks
things: regardless of ARCH_LIB_DIR, which may be lib64 instead of lib, the
dynamic loader from lib is copied _over_ any previously correct dynamic
loader.
This has been witnessed with the CodeSourcery x86_64 and
CodeSourcery MIPS64 toolchains. In both cases, a 32-bit dynamic loader was
copied to staging/lib, while a 64-bit version was expected.
Fix the problem by only performing this explicit dynamic loader copy if no
dynamic loader is found in staging/lib.
support/test-pkg: print number of toolchains and progress
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Our patch adding nios2 support to libnspr uses the built-in compiler
define "nios2". However, this doesn't work with C++11, where only the
__nios2__ define is available. Since __nios2__ is always available,
use that instead:
Patch 0001-nios2.patch is therefore changed to use __nios2__ (the rest
of the change noise is due to using quilt to format the patch). Patch
0002-microblaze.patch is simply updated to apply correctly on top of
the modified 0001-nios2.patch.
This fixes the build of the poppler library on nios2. It is built with
-std=c++11, and includes nspr headers (through nss), causing a build
issue.
toolchain: copy_toolchain_lib_root: copy symlinks instead of recreating them
copy_toolchain_lib_root handles symlinks by recreating them, disregarding
the original destination and assuming the destination is in the same
directory as the link itself.
When a library link points to the real library file in another directory,
for example:
usr/lib/octeon2/libcrypt.so -> ../../../lib32/octeon2/libcrypt.so.1
then the link created by copy_toolchain_lib_root is broken.
It is more robust to copy the symlink to keep the destination intact. The
destination path should be present, possibly through other symbolic links.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The input to copy_toolchain_lib_root is not one library, not a list of
libraries, but a library name pattern with glob wildcards.
This pattern is then passed to 'find' to get the actual list of libraries
matching the pattern. Reflect this using an appropriate variable name.
Note: if the root of the buildroot tree contains a file matching one of
these library patterns, the copying of libraries from staging to target will
not be correct. It is not impossible to fix that, e.g. using 'set -f', but
maybe it's not worth it.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>