* rules: fix broken commitcount on alpine system
To generate commitcount we use grep --max-count. This is not present on
alpine grep and cause wrong generation. Use -m as it's just the short
version of --max-count and more portable.
Fixes: #11200
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* image-commands.mk: Be consistent in command invocation
Most/all other tools use the staging dir prefix, gzip should as well.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Acked-by: Christian Marangi <ansuelsmth@gmail.com>
* image: fix device profile specific COMPILE targets
Commit a01d23e75 ("image: always rebuild kernel loaders")
is a step in the right direction, but exposed some issues
and regressions in the makefile.
Some of the files made by device specific COMPILE targets
start with an "append" command (i.e. >> instead of > redirection)
and if the file already exists, the target file is the
input to itself before the first recipe-specified input.
Fixes: a01d23e75 ("image: always rebuild kernel loaders")
Fixes: a7fb589e8 ("image: always rebuild kernel loaders")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
* trusted-firmware-a.mk: use correct CPE ID
There are 2 different CPE IDs on the NVD website:
cpe:/a:arm:trusted_firmware-a
cpe:/o:arm:arm_trusted_firmware
The ID as currently used in trusted-firmware-a.mk does not exist. The
CPE ID using the arm_trusted_firmware product name only lists a few
records for versions 2.2 and 2.3 on the NVD site. The CPE ID using the
trusted_firmware-a product name lists many more records, and actually
has a CVE linked to it. Therefore, use the CPE ID using the
trusted_firmware-a product name.
Fixes: 104d60fe94ce ("trusted-firmware-a.mk: add PKG_CPE_ID")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* fritz-tools: fritz_tffs_nand: exclude oob code when disabled
Skip unnecessary stuff if checking the oob data is disabled.
Signed-off-by: Andre Heider <a.heider@gmail.com>
* fritz-tools: fritz_tffs_nand: get rid of struct tffs_sectors
This doesn't help and "[0]" gets in the way of bounds checks.
Signed-off-by: Andre Heider <a.heider@gmail.com>
* fritz-tools: fritz_tffs_nand: cache already read sector ids
This speeds up the tool significantly, especially when using the "-a"
argument.
Signed-off-by: Andre Heider <a.heider@gmail.com>
* iproute2: add missing libbpf dependency
This patch adds libbpf to the dependencies of tc-mod-iptables.
The package tc-mod-iptables is missing libbpf as a dependency,
which leads to the build failure described in bug #9491
LIBBPF_FORCE=on set, but couldn't find a usable libbpf
The build dependency is already automatically added because some other
packages from iproute2 depend on libbpf, but bpftools has multiple build
variants. With multiple build variants none gets build by default and
the build system will not build bpftools before iproute2.
Fixes: #9491
Signed-off-by: Kien Truong <duckientruong@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iproute2: update to 6.0.0
Release Notes:
https://lore.kernel.org/netdev/20221004082610.56b04719@hermes.local/t/
Remove upstreamed patch:
- 010-ipstats-Add-param.h-for-musl.patch
Refreshed:
- 140-keep_libmnl_optional.patch
- 145-keep_libelf_optional.patch
- 150-keep_libcap_optional.patch
- 155-keep_tirpc_optional.patch
- 170-ip_tiny.patch
- 190-fix-nls-rpath-link.patch
- 200-drop_libbsd_dependency.patch
- 300-selinux-configurable.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
* iproute2: update to 6.1.0
Announcement:
https://lore.kernel.org/netdev/20221214094130.7b11ec2e@hermes.local/T/#t
Refresh patch:
- 170-ip_tiny.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools/xz: update to 5.2.10
Update to latest version.
Signed-off-by: Nick Hainke <vincent@systemli.org>
* Revert "Revert "tools/upx: remove (#10622)""
This reverts commit d3e16f203a.
* kernel: Make use of KERNEL_MAKE
Make use of KERNEL_MAKE in kernel packages were easily possible.
This moves some more code to common places and reduces the number of
lines.
It is defined like this:
KERNEL_MAKE = $(MAKE) $(KERNEL_MAKEOPTS)
KERNEL_MAKEOPTS = -C $(LINUX_DIR) $(KERNEL_MAKE_FLAGS)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* toolchain: gcc: backport patches to fix build with glibc 2.36
glibc 2.36 changed the definition of enum fsconfig_command, it now
collides with the same definition from sys/mount.h. Remove the include
of linux/fs.h This still compiled with musl too.
This backports a patch which is already in the stable branch of GCC 11
and GCC 12.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* toolchain: glibc: Update to glibc 2.36
This updates to glibc to version 2.36.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* tools/llvm: update to 15.0.6
Release Notes:
https://discourse.llvm.org/t/llvm-15-0-0-release/65099https://discourse.llvm.org/t/llvm-15-0-1-released/65380https://discourse.llvm.org/t/llvm-15-0-2-released/65695https://discourse.llvm.org/t/llvm-15-0-3-released/66036https://discourse.llvm.org/t/llvm-15-0-4-released/66337https://discourse.llvm.org/t/llvm-15-0-5-release/66616https://discourse.llvm.org/t/llvm-15-0-6-released/66899
Remove HOST_BUILD_PARALLEL as it's default now.
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Kien Truong <duckientruong@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Co-authored-by: Christian Marangi <ansuelsmth@gmail.com>
Co-authored-by: Olliver Schinagl <oliver@schinagl.nl>
Co-authored-by: Michael Pratt <mcpratt@pm.me>
Co-authored-by: Stijn Tintel <stijn@linux-ipv6.be>
Co-authored-by: Andre Heider <a.heider@gmail.com>
Co-authored-by: Kien Truong <duckientruong@gmail.com>
Co-authored-by: Nick Hainke <vincent@systemli.org>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
* firmware-utils: bump to git HEAD
Adds support for building TP-Link CPE605v1 factory images
bd856eff4850 tplink-safeloader: add TP-Link CPE605 v1 Support
Signed-off-by: Sander Vanheule <sander@svanheule.net>
* firmware-utils: fix archive checksum
PKG_SOURCE_DATE was modified after updating PKG_MIRROR_HASH, causing the
latter to change. This results in a warning during builds and rejected
downloads.
Fixes: 232879a7b7f8 ("firmware-utils: bump to git HEAD")
Signed-off-by: Sander Vanheule <sander@svanheule.net>
* libtracefs: update to 1.6.2
378a9dd libtracefs: version 1.6.2
e6daa60 libtracefs: Add unit test to test mounting of tracefs_{tracing,debug}_dir()
32acbbf libtracefs: Have tracefs_{tracing,debug}_dir() mount {tracefs,debugfs} if not mounted
Signed-off-by: Nick Hainke <vincent@systemli.org>
* ethtool: add PKG_CPE_ID
Add CPE ID for tracking CVEs.
Signed-off-by: Nick Hainke <vincent@systemli.org>
* ethtool: update to 6.0
Release Notes:
https://lwn.net/Articles/910841/
Signed-off-by: Nick Hainke <vincent@systemli.org>
* strace: update to 6.1
Release Notes:
https://github.com/strace/strace/releases/tag/v6.1
Signed-off-by: Nick Hainke <vincent@systemli.org>
* trace-cmd: update to v3.1.5
Update to latest release.
Signed-off-by: Nick Hainke <vincent@systemli.org>
* libtraceevent: update to 1.7.0
Update to latest release.
Signed-off-by: Nick Hainke <vincent@systemli.org>
* libtracefs: update to 1.6.3
Update to latest release.
Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools/bash: update to 5.2.15
Update to the latest released version.
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
* tools/ccache: update to 4.7.4
Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_7_3https://ccache.dev/releasenotes.html#_ccache_4_7_4
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
* tools/libressl: update to 3.7.0
Release notes:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.0-relnotes.txthttps://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.1-relnotes.txthttps://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.7.0-relnotes.txt
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
* tools/mpc: update to 1.3.1
Version 1.3.1 new features:
Bug fix: It is again possible to include mpc.h without including stdio.h.
Version 1.3.0 new features:
New function: mpc_agm
New rounding modes "away from zero", indicated by the letter "A" and corresponding to MPFR_RNDA on the designated real or imaginary part.
New experimental ball arithmetic.
New experimental function: mpc_eta_fund
Bug fixes:
mpc_asin for asin(z) with small |Re(z)| and tiny |Im(z)|
mpc_pow_fr: sign of zero part of result when the base has up to sign the same real and imaginary part, and the exponent is an even positive integer
mpc_fma: the returned int value was incorrect in some cases (indicating whether the rounded real/imaginary parts were smaller/equal/greater than the exact values), but the computed complex value was correct.
Remove the unmaintained Makefile.vc; build files for Visual Studio are maintained independently by Brian Gladman.
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
* tools/patchelf: update to 0.17.0
Update to the latest released version.
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Co-authored-by: Sander Vanheule <sander@svanheule.net>
Co-authored-by: Nick Hainke <vincent@systemli.org>
Co-authored-by: Linhui Liu <liulinhui36@gmail.com>
If the absolute path a symlink is pointing to is 128 bytes long sed
failed with an error message like this: "<path>/sedstbU8O: Not a directory"
This fixes a problem building python seen in the build bot.
This patch is on its way into upstream sed.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
upx is already in package/lean/upx
save a bit of compilation time.
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Both mirrors provided in the Makefile only serve gzipped tarballs.
Fixes: #10871
Fixes: 9edfe7dd13d9 ("source: Switch to xz for packages and tools where possible")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Co-authored-by: Stijn Tintel <stijn@linux-ipv6.be>
* package: sync with upstream
Removed: package/libs/libselinux/bcm27xx-userland (Already in package/utils/bcm27xx-userland)
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
* uclibc++: remove
No package here depends on it. Furthermore, uClibc++ is a fairly buggy
C++ library and seems to be relatively inactive upstream.
It also lacks proper support for modern C++11 features.
The main benefit of it is size: 66.6 KB vs 287.3 KB on mips24kc. Static
linking and LTO can help bring the size down of packages that need it.
Added warning message to uclibc++.mk
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
* target: sync with upstream
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
* toolchain: gcc: Remove gcc 10.x support
This compiler is old and was never used by default in OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ucode: update to latest Git HEAD
46d93c9 tests: fixup testcases
4c654df types: adjust double printing format
eac2add compiler: fix bytecode for logical assignments of properties
3903b18 fs: add `realpath()` function
8366102 math: add isnan() function
eef83d3 tests: relax sleep() test
394e901 lib: uc_json(): accept trailing whitespace when parsing strings
1867c8b uloop: terminate parent uloop in task child processes
d2cc003 uci: auto-load package in `ctx.foreach()` and `ctx.get_first()`
6c5ee53 compiler: ensure that arrow functions with block bodies return no value
fdc9b6a compiler: fix `??=`, `||=` and `&&=` logical assignment semantics
88dcca7 add cmake to install requires for debian
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: update to latest Git HEAD
700a925 fw4: prevent null access when no ipsets are defined
6443ec7 config: drop input traffic by default
119ee1a ruleset: drop ctstate invalid traffic for masq-enabled zones
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ustream-ssl: update to Git version 2022-12-07
9217ab4 ustream-openssl: Disable renegotiation in TLSv1.2 and earlier
2ce1d48 ci: fix building with i.MX6 SDK
584f1f6 ustream-openssl: wolfSSL: provide detailed information in debug builds
aa8c48e cmake: add a possibility to set library version
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* tools/mpfr: import patch fixing macro bug
Co-authored-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Co-authored-by: Rosen Penev <rosenp@gmail.com>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
Co-authored-by: Jo-Philipp Wich <jo@mein.io>
Co-authored-by: Nick Hainke <vincent@systemli.org>
This fixes CVE-2022-1304:
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5.
This issue leads to a segmentation fault and possibly arbitrary code
execution via a specially crafted filesystem.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
When compiling OpenWRT on a compressed btrfs volume the build fails in
libtool.
The file `libltdl/config/ltmain.m4sh` from `libtool-2.4.2.tar.xz` is
missing write permissions, therefore patch falls back to copying the
file and patching that. During this patch tries to preserve all file
attribute on the new copy.
However the attribute `btrfs.compression` is privileged and btrfs return
EACCES.
While patch ignores multiple other error codes during the copy of xattr
copy it is not prepared for EACCES and aborts.
EACCES should be ignored the same way as the other errors.
Build log:
```
...
Applying ./patches/000-relocatable.patch using plaintext:
patching file libltdl/config/general.m4sh
patching file libtoolize.in
patching file libtoolize.m4sh
patching file libltdl/m4/libtool.m4
Applying ./patches/100-libdir-fixes.patch using plaintext:
patching file libltdl/config/ltmain.m4sh
File libltdl/config/ltmain.sh is read-only; trying to patch anyway
patching file libltdl/config/ltmain.sh
patch: setting attribute btrfs.compression for btrfs.compression: Permission denied
Patch failed! Please fix ./patches/100-libdir-fixes.patch!
```
Link: https://lists.gnu.org/archive/html/bug-patch/2022-11/msg00000.html
Co-authored-by: Thomas Weißschuh <thomas@t-8ch.de>
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
* tools/xz: update to 5.2.8
Update to latest release.
Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools/sed: update to 4.9
Release Notes:
https://lists.gnu.org/archive/html/info-gnu/2022-11/msg00001.html
Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools/bash: update to 5.2.9
Update to latest release.
Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools/llvm: update to 15.0.0
Release Notes:
https://discourse.llvm.org/t/llvm-15-0-0-release/65099
Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Nick Hainke <vincent@systemli.org>
Co-authored-by: Nick Hainke <vincent@systemli.org>
Patches for mtk_image supporting newer SoCs have been dropped in the
process of updating mkimage to U-Boot 2022.10. While it is true that
the patches have been merged upstream a while ago, they were not merged
in time to be part of the U-Boot 2022.10 release.
See also commit 537b423d9f ("uboot-mediatek: update to U-Boot 2022.10")
which explicitly mentions that.
Fixes: 6e245777bd ("tools/mkimage: update to 2022.10")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
this is in the codebase because of libsigc++, which is not in the codebase anymore.
Neither in base nor in packages. It doesn't seem to be needed by
anything else either. GNOME packages have transitioned to using meson,
which does not use m4 files.
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Release Notes:
https://lwn.net/Articles/905738/
Switch to https "fedorapeople.org"-mirror. Use $(AUTORELEASE).
Signed-off-by: Nick Hainke <vincent@systemli.org>
Changes:
Fixed ibase extension causing problems for read()
Fixed parallel make problem.
Remove the "003-bc-fix-hang.patch" because the hang is fixed upstream.
Signed-off-by: Nick Hainke <vincent@systemli.org>
List of changes since previous release from 2018 is quite long:
* Fix crc32.c to compile local functions only if used.
* Check for cc masquerading as gcc or clang in configure.
* Remove destructive aspects of make distclean.
* Separate out address sanitizing from warnings in configure.
* Eliminate use of ULL constants.
* Add fallthrough comments for gcc.
* Clean up minizip to reduce warnings for testing.
* Fix unztell64() in minizip to work past 4GB. (Daniël Hörchner)
* minizip warning fix if MAXU32 already defined. (gvollant)
* Replace black/white with allow/block. (theresa-m)
* Fix indentation in minizip's zip.c.
* Improve portability of contrib/minizip.
* Correct typo in blast.c.
* Change macro name in inflate.c to avoid collision in VxWorks.
* Clarify gz* function interfaces, referring to parameter names.
* Fix error in comment on the polynomial representation of a byte.
* Fix memory leak on error in gzlog.c.
* Avoid adding empty gzip member after gzflush with Z_FINISH.
* Explicitly note that the 32-bit check values are 32 bits.
* Use ARM crc32 instructions if the ARM architecture has them.
* Add use of the ARMv8 crc32 instructions when requested.
* Correct comment in crc32.c.
* Don't bother computing check value after successful inflateSync().
* Use atomic test and set, if available, for dynamic CRC tables.
* Speed up software CRC-32 computation by a factor of 1.5 to 3.
* Add crc32_combine_gen() and crc32_combine_op() for fast combines.
* Add tables for crc32_combine(), to speed it up by a factor of 200.
* Fix the zran.c example to work on a multiple-member gzip file.
* Add gznorm.c example, which normalizes gzip files.
* Show all the codes for the maximum tables size in enough.c.
* Clarify that prefix codes are counted in enough.c.
* Use inline function instead of macro for index in enough.c.
* Clean up code style in enough.c, update version.
* Use a macro for the printf format of big_t in enough.c.
* Use a structure to make globals in enough.c evident.
* Assure that the number of bits for deflatePrime() is valid.
* Fix a bug that can crash deflate on some input when using Z_FIXED.
* Correct the initialization requirements for deflateInit2().
* Emphasize the need to continue decompressing gzip members.
* Add legal disclaimer to README.
* Fix deflateEnd() to not report an error at start of raw deflate.
* Remove old assembler code in which bugs have manifested.
* Make the names in functions declarations identical to definitions.
* Avoid an undefined behavior of memcpy() in _tr_stored_block().
* Avoid undefined behaviors of memcpy() in gz*printf().
* Avoid an undefined behavior of memcpy() in gzappend().
* Avoid the use of ptrdiff_t.
* Handle case where inflateSync used when header never processed.
* Don't compute check value for raw inflate if asked to validate.
* Add address checking in clang to -w option of configure.
* Return an error if the gzputs string length can't fit in an int.
* Small speedup to inflate [psumbera].
* Update use of errno for newer Windows CE versions.
* Avoid some conversion warnings in gzread.c and gzwrite.c.
* Have Makefile return non-zero error code on test failure.
* Avoid a conversion error in gzseek when off_t type too small.
* Fix CLEAR_HASH macro to be usable as a single statement.
* Fix bug when window full in deflate_stored().
* Limit hash table inserts after switch from stored deflate.
* Permit a deflateParams() parameter change as soon as possible.
* Cygwin does not have _wopen(), so do not create gzopen_w() there.
Removed 006-fix-compressor-crash-on-certain-inputs.patch which was
hotfix for CVE-2018-25032 and is now included in this release.
This release is not available on @SF (yet?) so the sources are now
pulled from GitHub.
Fixes: CVE-2018-25032
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Before this commit, it was assumed that pkg-config.real is in the PATH. While
this was fine for the normal build workflow, this led to some issues if
make TOPDIR="$(pwd)" -C "$pkgdir" compile
was called manually. The command failed with
Makefile:15: *** No libnl-tiny development libraries found!. Stop.
make[1]: Leaving directory
since pkg-config of the host system was used.
After the commit, the package is built sucessfully.
Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
Update to most recent version of mtd-utils and sync with version from
package folder.
Use a https download server instead of ftp.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
