Peter Korsgaard [Thu, 2 Nov 2017 10:45:19 +0000 (11:45 +0100)]
luajit: only available on x86(-64) hosts
The -m32 compiler flag is used for 32bit builds and host-luajit has
limited architecture support. Building for a 32-bit target on a 32-bit
host should always work, but we haven't tested that and it's very
unlikely that someone needs it. So just limit to x86(-64) hosts.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout: clarify that it might work on 32-bit hosts for a 32-bit target] Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Matt Weber [Wed, 18 Oct 2017 16:55:23 +0000 (11:55 -0500)]
python-config.sh: don't reassign ${prefix}
When prefix is set to a path like /usr during crossbuild
the sed operations end up executing twice, once for the prefix
reassignment and another for includedir if it is set as a string
including the ${prefix} variable. This results in an issue
when the build directory is under /usr.
This patch updates the remaining location which uses the prefix
variable to also sed and update to use the real path.
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[Arnout: refer to autobuild failures that still exist] Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Yann E. MORIN [Sun, 5 Nov 2017 09:14:56 +0000 (10:14 +0100)]
core/reproducible: do not override SOURCE_DATE_EPOCH
SOURCE_DATE_EPOCH is currently forcibly set (to either the git commit
date, or the last release date).
However, the spec mandates that it should not be modified if already
set: https://reproducible-builds.org/specs/source-date-epoch/
Build systems MUST NOT overwrite this variable for child
processes to consume if it is already present.
Abide by the rule, and only set it if not already set.
This will allow users to pass it from an upper-layer buildsystem (e.g. a
jenkins or gitlab-ci job, for example), when they have a reson to do so.
Reported-by: Peter Korsgaard <peter@korsgaard.com> Reported-by: Einar Jón Gunnarsson <tolvupostur@gmail.com> Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Peter Korsgaard <peter@korsgaard.com> Cc: Einar Jón Gunnarsson <tolvupostur@gmail.com> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Cc: Arnout Vandecappelle <arnout@mind.be> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Sam Voss [Wed, 1 Nov 2017 16:22:56 +0000 (11:22 -0500)]
package/libssh2: Add selectable crypto libraries
Currently, the selection of the backend is based on a priority order,
which is not always desirable: not all features are available for all
backends, as reported upstream:
https://github.com/libssh2/libssh2/issues/213
In that particular case, the problem is that libgcrypt is unable to
read encrypted certificates created with openssl, but it is likely
that other incompatibilities exist as well.
As such, allow a user to select the backend most appropriate to their
use-case.
Note that this changes the defaults: previously, if openssl was already
selected and we additionally select libssh2, openssl would be used as
a backend. Now, mbedtls is the default so if the user doesn't change
it, mbedtls will be used.
Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
[Arnout: remove now-unneeded comment in .mk file] Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Joseph Kogut [Fri, 3 Nov 2017 22:25:33 +0000 (15:25 -0700)]
python-websockets: new package
[Peter: add license hash, fix Config.in, correct license as pointed out by
Yegor] Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Evgeniy Didin [Wed, 1 Nov 2017 14:04:31 +0000 (17:04 +0300)]
toolchain: Bump ARC tools to arc-2017.09 release
This commit finally bumps ARC tools to the most recent arc-2017.09 release version.
ARC GNU tools of version arc-2017.09 bring some quite significant changes like:
* Binutils v2.29 with additional ARC patches
* GCC 7.1.1 with additional ARC patches
* glibc 2.26 with additional ARC patches
More information on this release could be found here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2017.09-release
Signed-off-by: Evgeniy Didin <didin@synopsys.com> Cc: Alexey Brodkin <abrodkin@synopsys.com> Cc: arc-buildroot@synopsys.com Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Andrey Smirnov [Fri, 3 Nov 2017 00:47:57 +0000 (17:47 -0700)]
package/python-toml: bump to version 0.9.3
Bump package to version 0.9.3 and change _SETUP_TYPE to
'setuptools', since its setup.py now uses 'setuptools' by default and
switches to 'distutils' only as a fallback[1]
Cc: Paul Cercueil <paul.cercueil@analog.com> Signed-off-by: Samuel Martin <s.martin49@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Due to this, the fiber module gets compiled even if
BR2_PACKAGE_BOOST_FIBER is disabled, causing build failures when NPTL
is not available (the fiber library needs NPTL threads).
Signed-off-by: Adam Duskett <aduskett@gmail.com> Tested-by: Matt Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Now that ARC supports glibc, stress-ng can be built. Unfortunately,
like NIOS2, it doesn't implement FE_INVALID and a bunch of other
<fenv.h> definitions, so let's prevent stress-ng from being built on
ARC.
lua-sdl2 CMakeLists.txt files did not explicitly indicate that it's a
C-only project, and therefore CMake by default tries to find a C++
compiler, causing a build failure when none was available.
This commit fixes that by adding a patch that adjusts the project()
definitions in CMakeLists.txt.
Matt Weber [Wed, 1 Nov 2017 17:18:49 +0000 (12:18 -0500)]
uboot-tools: disable pylibfdt
The current U-Boot build system assumes that if swig is installed on
the host system, it should build pylibfdt, without checking if other
dependencies are available. This causes a number of build failures.
This commit fixes that by using concepts from the future upstream fix
(post 2017.11), which sets up a kconfig variable for pylibfdt and
conditionally enables the swig wrapper creation (default=n).
This patch only affects uboot-tools, in which we never need
pylibfdt. The logic in the uboot package, with its
BR2_TARGET_UBOOT_NEEDS_PYLIBFDT option, remains unchanged.
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Tested-by: Jan Kundrát <jan.kundrat@cesnet.cz> Reviewed-by: Jan Kundrát <jan.kundrat@cesnet.cz>
[Thomas: improved commit log.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> Tested-by: Samuel Martin <s.martin49@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Baruch Siach [Thu, 2 Nov 2017 13:17:56 +0000 (15:17 +0200)]
azure-iot-sdk-c: use github for homepage
Many Buildroot users can not read Dutch. Although there is an English
version of this page, the github page looks more suitable as a link for
the software package itself, and the readme.md file is pretty
informative.
Cc: André Hentschel <nerv@dawncrow.de> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Petr Vorel [Thu, 2 Nov 2017 20:14:08 +0000 (21:14 +0100)]
package/modem-manager: Bump to version 1.6.10
Signed-off-by: Petr Vorel <pvorel@suse.cz> Signed-off-by: Petr Vorel <petr.vorel@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Samuel Martin [Wed, 1 Nov 2017 20:11:37 +0000 (21:11 +0100)]
package/ussp-push: removed deprecated/no longer needed deps on openobex-bluez
Commit 49a9fb0f13789298e65f21405502a9106e2c7382 removed the
BR2_PACKAGE_OPENOBEX_BLUEZ option, because BlueZ support is now
unconditionally included in OpenOBEX. Therefore, selecting this legacy
option no longer makes sense, and in fact triggers the legacy handling
for no reason.
Cc: Bernd Kuhls <bernd.kuhls@t-online.de> Reported-by: Romain Naour <romain.naour@gmail.com> Signed-off-by: Samuel Martin <s.martin49@gmail.com>
[Thomas: tweak commit log.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit adds a patch that fixes the libssh2 AC_CHECK_LIB() check,
and makes sure it is taken into account by doing an autoconf in the
package. We can't autoreconf as the package doesn't autoreconf
properly, so we do a manual autoconf.
Based on prior work from Baruch Siach and Max Filippov.
Matt Weber [Tue, 31 Oct 2017 06:18:34 +0000 (01:18 -0500)]
argp-standalone: fix build with gcc 7.x
Back in commit a662ff7e79630ca0875dd8529fe54db27a275007
("package/argp-standalone: Fix build with c99 compilers"), we fixed
the build of argp-standalone with compilers defaulting to C99 inline
semantics, i.e starting from gcc 5.x.
This was done as part of a patch that used "inline" instead of "extern
inline". However, using "inline" once again broke the build with gcc
7.x. To fix this, revert back to using just "extern inline" (hence
removing a patch of patch 0003-fix_build_with_c99_compilers.patch) and
instead use -fgnu89-inline in the CFLAGS.
See https://gcc.gnu.org/gcc-5/porting_to.html for more details.
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[Thomas: also drop the patch of
0003-fix_build_with_c99_compilers.patch that is no longer needed.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Sam Voss [Tue, 31 Oct 2017 17:56:30 +0000 (12:56 -0500)]
package/libssh2: update to newest version
Update libssh2 to use the newest version from git. This caused a
transition from released version number to hash as it has not been
version rev'd in over a year (see issue
https://github.com/libssh2/libssh2/issues/220 for bump request).
This brings in changes to the autoconf to correctly pick the crypto
library.
Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Mon, 30 Oct 2017 21:53:09 +0000 (22:53 +0100)]
quagga: add upstream security fix for CVE-2017-16227
>From the advisory:
http://www.openwall.com/lists/oss-security/2017/10/30/4
It was discovered that the bgpd daemon in the Quagga routing suite does
not properly calculate the length of multi-segment AS_PATH UPDATE
messages, causing bgpd to drop a session and potentially resulting in
loss of network connectivity.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The configure script checks for getpagesize() and sets HAVE_GETPAGESIZE in
config.h, but bsd-getpagesize.c forgot to include includes.h (which
indirectly includes config.h) so the checks always fails, causing linker
issues when linking statically on systems with getpagesize().
Carlos Santos [Tue, 31 Oct 2017 10:47:51 +0000 (08:47 -0200)]
util-linux: security bump to version 2.31
Fix CVE-2016-2779: runuser in util-linux allows local users to escape to
the parent session via a crafted TIOCSTI ioctl call, which pushes
characters to the terminal's input buffer.
The new experimental "su --pty" feature has been implemented to fix this
issue. The feature is not enabled by default and the new command line
option --pty is necessary.
Add rfkill, a command for enabling and disabling wireless devices. This
implementation is based upon, and backward compatible with, the original
rfkill from Johannes Berg and Marcel Holtmann, currently provided by the
standalone "rfkill" package.
Add uuidparse, a command to analyze and print information about UUID's.
The "reset" script is not part of utill-linux anymore. Add a legacy
config telling the user to use either BusyBox or the ncurses program.
Drop the ncursesw patch, allready applied upstream. AUTORECONF is not
required anymore.
Signed-off-by: Carlos Santos <casantos@datacom.ind.br> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bug fix release:
- correctly handle signal interrupts when polling in gpiod_simple_event_loop()
- fix the linking order when building with static libraries
- pass the correct consumer string to gpiod_simple_get_value_multiple() in
gpioget
- fix a line test case: don't use open-drain or open-source flags for input
mode
- fix the flags passed to ar in order to supress a build warning
- set the last error code in gpiod_chip_open_by_label() to ENOENT if a chip
can't be found
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Maksim Salau [Tue, 31 Oct 2017 07:51:04 +0000 (10:51 +0300)]
swupdate: Fix SHA256 hash verification
swupdate 2017.07 has a bug which makes hash verification faulty.
The commit adds a patch to fix the issue. The fix has already been
pushed to upstream and is a copy of the commit dba95dcd3739c604a81ffa2df2545e7a4cd430cf in the swupdate repo [1].
[1] https://github.com/sbabic/swupdate
Signed-off-by: Maksim Salau <msalau@iotecha.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Antoine Tenart [Mon, 30 Oct 2017 14:44:30 +0000 (15:44 +0100)]
package/cryptodev-linux: bump to the latest version (0a54e38)
The build of the cryptodev-linux version used in Buildroot is currently
broken for kernels >= 4.13. A fix was pushed upstream:
https://github.com/cryptodev-linux/cryptodev-linux/commit/f0d69774afb27ffc62bf353465fba145e70cb85a
This patch bumps the cryptodev-linux package version to use the latest
available one, which includes the commit fixing the build for recent
kernels.
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Peter Korsgaard [Fri, 27 Oct 2017 11:47:16 +0000 (13:47 +0200)]
lvm2: make basic package available under musl
The basic lvm2 package (libdevmapper / dmsetup) does build under musl, only the
standard (full) installation doesn't.
Many setups only need the basic package, so move the !musl dependencies down
to the sub options and adjust the reverse dependencies (cryptsetup/dmraid)
to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Thomas: adjust Config.in comments and dependencies.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fabrice Fontaine [Sun, 29 Oct 2017 16:12:55 +0000 (17:12 +0100)]
boinc: new package
Open-source software for volunteer computing and grid computing.
Use the idle time on your computer to cure diseases, study global
warming, discover pulsars, and do many other types of scientific
research.
https://boinc.berkeley.edu
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Bernd:
- bumped to version 7.8.3
- removed patches which where applied upstream
- added myself to DEVELOPERS as well] Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Yann E. MORIN [Sun, 29 Oct 2017 17:00:41 +0000 (18:00 +0100)]
package/libbsd: not available for ARC
libbsd has explicit, hard-coded checks about the architectures it can
work on, and ARC is not one of those.
We did not notice so far, because we only recently added support for
glibc on ARC (and only for a single variant) in 0633eb58a291 (toolchain:
add glibc support for ARCv2).
Baruch Siach [Sun, 29 Oct 2017 14:33:49 +0000 (16:33 +0200)]
socat: bump down to version 1.7.3.2
Upstream socat2 branch seems to be dead. Last commit is from January
2016 . Over the last few years socat2 received only fixes cherry picked
from the master 1.x branch. Most major general purpose distros only
package socat 1.x.
Drop the threads dependency; not needed for 1.x.
Mention the OpenSSL exception in the license. Add hashes for license
files.
Correct the autoconf comment. The tarball configure script is recent
enough. But since we patch configure.in and Makefile.in we still need to
autoconf.
All patches we carry for socat2 are also needed for socat 1.x.
Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Yann E. MORIN [Sun, 29 Oct 2017 09:52:48 +0000 (10:52 +0100)]
package/glibc: switch to using the maintenance branch
glibc upstream has ruled against doing regular point-releases, but they
do have a lot of interesting and important fixes for regressions and
security.
Backporting each patch, or cherry-picking individual patches is off
limits for us, so we just switch to using the currently-latest HEAD of
the maintenance branch instead.
The version number is obtained with:
$ git describe --match 'glibc-*' --abbrev=40 origin/release/2.26/master
The alternative options were:
- download the tarball from the git tree
--> does not work; not an option
- download the 2.26 tarball, and bundle the individual patches in
Buildroot
--> maintenance of patches is a burden; not an option
- download the 2.26 tarball, maintain the list of patches to download from
the git tree
--> not an option for the same reason
So we end up just doing a git clone. The git tree is today about ten
times the size of the tarball, so a rough estimate makes it at about ten
times the download time.
Also upstream doesn't officially provide an https download location [1].
There is one but it's not reliable, sometimes the connection time out and
end-up with a corrupted git repo:
fatal: unable to access 'https://sourceware.org/git/glibc.git/': Failed to connect to sourceware.org port 443: Connection timed out
So switch to using a git mirror from github which is updated once a day [2].
This allow at the same time to clone the git repository faster.
Note: The glibc 2.26 patches are not kept for the arc toolchain since they
are fixing an issue with the new float128 support introduced in x86, x86_64
and powerpc64le.