This is a bug-fix release that fixes a couple memory leaks and bugs in
python bindings discovered in the v1.1 release.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
arm64 systems support SMBIOS, so update the dmidecode config
to allow building dmidecode for arm64.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e4eaf7311dfffff7fd753f24ce2d01a6f5188292)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Added license hash, updated project URL, old site is dead.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 54917abdd74158298fd848a58117c796c641a130)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/d1a/d1a7a97ba4d95276d34234757ef51c2b25373104/
Similar to commit 3c6958423f6f (qt5: bump latest version to 5.10.1), the
5.9.x (and 5.8.x) versions of qt5serialport doesn't have the 'v' in the
license file names, as slightly different formatting/content, so adjust the
_LICENSE_FILES and hashes to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump U-Boot to 2018.05 version and kernel to 4.17.8.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ef26ffddded912570ca3893271e2900aa8b27866)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
gcc-8 started warning about function aliases that have a non-matching
prototype. This seems rather useful in general, but it causes tons of
warnings in the Linux kernel, where we rely on abusing those aliases
for system call entry points, in order to sanitze the arguments passed
from user space in registers.
See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82435
Disable the attribute-alias warning introduced by gcc-8 by adding
-Wno-attribute-alias to KCFLAGS.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add optional build of rfcomm which requires readline.
Update license hash as authorship has been updated in the license file.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the output directory is nested under a long path name, calling the
gdbus-codegen, glib-genmarshal, or glib-mkenums scripts throws the
error:
> '/usr/bin/env: /...: No such file or directory'
This is because libglib2 uses the absolute path to the python
interpreter for its shebang statements, and shebangs have a max length
of 127 chars[1]. A long absolute path will be cut off and appear as a
missing file.
Since the host Python is present in the $PATH passed to all packages, we
can copy the workaround from Yocto and just use the python interpreter
in $PATH[2]. However, 'python' is used instead of 'python3' as the
scripts are compatible with both.
[1] https://linux.die.net/man/2/execve
[2] http://cgit.openembedded.org/openembedded-core/commit/?id=eef7883587acc933d6f34b559ec03ff84d18573b
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
Signed-off-by: David Owens <david.owens@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3ab5dfb548a840debe6e4e767ea2ea10e9c6e93a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Starting from kernel version 4.15, Linux supports loading
regulatory.db and regulatory.db.p7s files directly from /lib/firmware,
without the need of crda. If the kernel can't load those files it'll
fallback to using crda, but the direct way is preferred.
This patch copies those those files under /lib/firmware. The use of
crda shouldn't be necessary with kernels of 4.15 or later.
Signed-off-by: Christoph Engelbert <me@noctarius.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 39e4b467487084b866c1ae35a3e2f74867ba2404)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The bind configure.in now checks for "${with_zlib}/include/zlib.h".
Remove the redundant "include/".
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ba3c7e806d3ebeb1fa66fe7ba0ee9a70447b49b0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-5738: When recursion is enabled but the allow-recursion
and allow-query-cache ACLs are not specified, they should be limited to
local networks, but they were inadvertently set to match the default
allow-query, thus allowing remote queries.
Update license file hash; copyright year update.
Add reference to tarball signature key.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b36577a2669310c1b1a6722e012a1049e3793d1d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Host GDB suffers a serious problem: pressing backspace (or ^W ^U or any other
"delete" key) results in a plain space being printed instead, making the
command prompt almost completely unusable.
That's because it's using host-ncurses, which embeds a path for the terminfo
database into the library itself. That path ends up being something like
/home/hollisb/buildroot.git/output/host/share/terminfo, which obviously doesn't
generally exist other hosts. ('relocate-sdk.sh' cannot and does not edit
binaries like libncurses.so.6, so doesn't resolve this problem.)
/usr/share/terminfo is a far better path to use, since it almost certainly
exists on the host. Theoretically, it could be from a different ncurses version
with incompatible terminfo database format, but this doesn't seem to be a
problem in practice. (Future patches could address the theoretical problem if
it actually appears in real life.)
This change allows buildroot's host gdb, which uses ncurses 6.x, to work on
RHEL5, RHEL6, and RHEL7, which all provide terminfo from ncurses 5.x.
Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b35ad5d0b45e5288f4019aeaa06b87ef0f2ef016)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 2017 MinnowBoard Turbot skews no longer use the Realtek 8169
Ethernet chip. The Turbot D0 uses The Intel I211, the Turbot Dual
Ethernet has an I210 (quad-core) or I211 (dual-core).
Add CONFIG_IGB to the Linux config but keep the Realtek 8169 support
to avoid breaking older boards
Tested on Turbot D0, lspci -k shows the igb driver is used:
03:00.0 Class 0200: 8086:1539 igb
Signed-off-by: Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 02b7fbf8fc4321d5d7aab4bdc85f759060e016d7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-0500: curl might overflow a heap based memory buffer when
sending data over SMTP and using a reduced read buffer.
Drop upstream patch.
Add reference to tarball signature key.
Drop CRYPTO_lock seed. Removed from configure script since 7.45.
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bf79731153d2739580954161547225acb60f65e8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, the stdout is consigned to oblivion, while the stderr is not
redirected at all. So, when the configuration under test redefines a
symbol, like is the case when testing busybox for example, there is an
ugly warning.
So, just redirect both stdout and stderr to the logfile.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 2664022787eb396125b5696a2d42c460ef54d359)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* chacha20poly1305: use slow crypto on -rt kernels on arm too
Leftover from the last commit of the previous snapshot that we forgot to
handle.
* tools: getentropy requires macOS 10.12
Small build time fixup for old versions of macOS.
* queueing: remove useless spinlocks on sc
* queueing: re-enable preemption periodically to lower latency
* simd: encapsulate fpu amortization into nice functions
* simd: no need to restore fpu state when no preemption
This will improve general system latency on preempt-enabled systems, like
desktops.
* dns-hatchet: apply resolv.conf's selinux context to new resolv.conf
Fixes wg-quick's dns hatchet on CentOS.
* qemu: bump default kernel
By bumping to 4.17.2, we actually uncovered a bug in the SLUB allocator, which
upstream is now fixing: https://lkml.org/lkml/2018/6/18/1407
* noise: take locks for ss precomputation
* netlink: maintain static_identity lock over entire private key update
Minor locking correctness fixes and optimizations.
* noise: wait for crng before taking locks
We now make sure that an outgoing packet which needs a potentially unseeded
rng won't block a call to wg(8), which takes similar locks for retrieving
data.
* receive: drop handshake packets if rng is not initialized
If the rng is unseeded, we drop incoming handshake packets, so that it's not
possible for an attacker to fill the handshake queue thereby provoking
cookies.
* ratelimiter: mitigate reference underflow
* ratelimiter: do not allow concurrent init and uninit
Minor correctness and hardening fixes, which don't fix anything particular in
WireGuard, but might be useful if our ratelimiter is ever used elsewhere.
* compat: use stabler lkml links
* poly1305: add missing string.h header
Minor fixups.
* receive: don't toggle bh
The last snapshot caused a big performance regression, which we partially
revert here. This general matter, though, will be revisited in the future,
perhaps by switching to NAPI.
* main: test poly1305 before chacha20poly1305
* poly1305: give linker the correct constant data section size
While the default bfd linker did the right thing, gold would sometimes merge
section incorrectly because of an incorrect section length field, resulting in
wrong calculations.
* simd: add missing header
Fixes a compile error on a few odd kernels.
* global: fix a few typos
* manpages: eliminate whitespace at the end of the line
* tools: fix misspelling of strchrnul in comment
Cosmetic fixups.
* global: use ktime boottime instead of jiffies
* global: use fast boottime instead of normal boottime
* compat: more robust ktime backport
We now use the equivalent of clock_gettime(CLOCK_BOOTTIME) for doing age
checks on time-limited objects, such as ephemeral keys, so that on systems
where we don't clear before sleep (like Android), we make sure to invalidate
the objects after the proper amount of time, taking into account time spent
asleep.
* wg-quick: android: prevent outgoing handshake packets from being dropped
Recent android phones block outgoing packets using iptables while the system
is asleep. This makes sense for most services, but not for a tunnel device
itself, so we work around this by inserting our own iptables rule.
* device: print daddr not saddr in missing peer error
* receive: style
Debug messages now make sense again.
* wg-quick: android: support excluding applications
Android now supports excluding certain apps (uids) from the tunnel.
* selftest: ratelimiter: improve chance of success via retry
* qemu: bump default kernel version
* qemu: decide debug kernel based on KERNEL_VERSION
Some improvements to our testing infrastructure.
* receive: use NAPI on the receive path
This is a big change that should both improve preemption latency (by not
disabling it unconditionally) and vastly improve rx performance on most
systems by using NAPI. The main purpose of this snapshot is to test out this
technique.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 150fa57ed0765e20a7199fa9743e56689d44d5d6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When json-c is enabled but libcurl is disabled, clamav tries to build
the clamsubmit program, which fails with:
CC clamsubmit.o
clamsubmit.c:6:23: fatal error: curl/curl.h: No such file or directory
#include <curl/curl.h>
This is due to an incorrect curl-config detection logic, leading to
/bin/curl-config being present making the configure script believe
that curl is available, even when --without-libcurl is explicitly
passed.
This commit adds a patch, submitted upstream, which fixes this
problem.
Fixes:
http://autobuild.buildroot.net/results/c43d2ebd8ab30016969d642dbd71c297dc5f6bab/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 037572ee56ce7b18110eb45ddf507623cba726aa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ClamAV is using Git upstream
(https://github.com/Cisco-Talos/clamav-devel), so it makes sense to
use Git-formatted patches.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit eb4b00129ccea673f48c8872ea0a6947f1f904e4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Increase the filesystem size for raspberrypi3 by setting
BR2_TARGET_ROOTFS_EXT2_SIZE to "120M". The filesystem for
raspberrypi3_64 has the same size. The size is so large because the
kernel config enables many many modules.
Fixes:
Copying files into the device: __populate_fs: Could not allocate block in ext2 filesystem while writing file "services"
mkfs.ext4: Could not allocate block in ext2 filesystem while populating file system
This error is not reproducible, it seems to depend on e.g. directory
ordering.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit e26a71d1a96aefcc6a63051207b26ea4282afb10)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We need to install polkit before systemd if we want to enable
polkit integration, because systemd will not install polkit
policy files unless it finds polkit-gobject-1.
Signed-off-by: Asgeir Bjarni Ingvarsson <asgeir@appdynamic.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 0fe0c50d3683be4975a4551ac183707692b11215)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The original site www.liblogging.org has been taken down because of the
new European data protection regulation (GDPR), to which it was not
compliant.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 9d1d513c65a17003f695a8aeea9d686f28456a44)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add -static to the link command line to have libgcc resolve libc
symbols. This overrides the default -Wl,-rpath,/usr/lib, which is
useless for static build anyway.
Fixes:
http://autobuild.buildroot.net/results/25d580bee6f609f6b28ebd6cc96d180179901b0e/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b99dbdfac946751deb05e6e0c1f4c44659e15524)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Perf profiling cannot be used if CONFIG_PERF_EVENTS is not enabled in the
kernel configuration. Similar to other tools, like ktap, we can enable the
right options automatically.
Signed-off-by: Jan Heylen <jan.heylen@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 63d76c6f2f04c836af24098e26f2befe1e8e4cc4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Includes fixes to sendmail and wget.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
