Tracking: skiff vs upstream-master #19
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Christian Stewart <[email protected]>
Signed-off-by: Christian Stewart <[email protected]>
Img is a standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder. It uses the moby-buildkit solver internally. The commands/UX mirror the Docker CLI for workflow compatibility. Using the genuinetools- prefix due to the generic nature of the "img" name. Adds both host and target variants. fuse-overlayfs can be used as an unprivileged and rootless overlay filesystem backend. https://github.com/genuinetools/img Signed-off-by: Christian Stewart <[email protected]> --- TODO: https://patchwork.ozlabs.org/project/buildroot/patch/[email protected]/ - changes to patch to add libfuse3 as host package requested.
Daemonize is a command line utility to run a program as a Unix daemon. Signed-off-by: Christian Stewart <[email protected]> --- TODO: Changes requested for v2: https://patchwork.ozlabs.org/project/buildroot/patch/[email protected]/
Adds both host and target packages for buildah. Buildah is a tool that facilitates building OCI images. https://github.com/containers/buildah The buildah tree does not ship with a default policy.json file, and instead relies on packagers to provide one. A patch is added to create a basic barebones policy.json which is installed to /etc/containers/policy.json with a hook. Signed-off-by: Christian Stewart <[email protected]> --- v1 -> v2: - add package to developers - add host runc dependency for host package - add libgpgme runtime dependency v2 -> v3: - add policy.json to target: required by some commands - example: buildah pull docker.io/library/alpine - pull: tested on raspberry pi 4 v3 -> v4: - TODO: move policy.json to package dir - https://lists.buildroot.org/pipermail/buildroot/2022-January/634936.html - bump to version v1.32.1 - https://github.com/containers/buildah/releases/tag/v1.32.1 v4 -> v5: - bump to version 1.35.x Signed-off-by: Christian Stewart <[email protected]>
Add a symlink to the expected location for vpdma-1ba in the root of the firmware directory. Signed-off-by: Christian Stewart <[email protected]>
paralin
force-pushed
the
skiff
branch
3 times, most recently
from
0915eeb
to
7af4c59
Compare
paralin
force-pushed
the
skiff
branch
4 times, most recently
from
c5e35c6
to
ba56dae
Compare
Android bootimg utilities: mkbootimg and unpackbootimg. Signed-off-by: Christian Stewart <[email protected]> --- v1: CHANGES REQUESTED (Pending) https://patchwork.ozlabs.org/project/buildroot/patch/[email protected]/
paralin
force-pushed
the
skiff
branch
2 times, most recently
from
0d083d6
to
99d3e37
Compare
Signed-off-by: Christian Stewart <[email protected]>
Lack of an RNG source can block boot-up on headless systems with few hardware entropy sources. This patch allows rngd to start earlier than the current "basic.target" when systemd is used. Removing the dependency on "basic.target" and by extension, "sockets.target" will allow rngd to start before, for example, docker.sock - which can take some time to become ready without entropy. This is a cherry-pick of a peer project patch: https://patchwork.openembedded.org/patch/163303/ Signed-off-by: Christian Stewart <[email protected]>
paralin
force-pushed
the
skiff
branch
8 times, most recently
from
e7f02d7
to
ff57586
Compare
Changelog: https://curl.se/ch/8.11.0.html Fixes CVE-2024-9681: https://curl.se/docs/CVE-2024-9681.html Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
For the release note, see: http://www.simplesystems.org/libtiff/releases/v4.7.0.html This commit also adds the _SOURCE variable, to switch to the xz archive, which saves ~1.5MB. The _SITE url is also updated to switch to the https protocol. This commit also adds a comment in the hash file about pgp signature veritication. Fixes: - https://nvd.nist.gov/vuln/detail/CVE-2023-6277 - https://nvd.nist.gov/vuln/detail/CVE-2023-52356 - https://nvd.nist.gov/vuln/detail/CVE-2024-7006 Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
Release notes: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases CVE-2024-21853 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01101.html CVE-2024-23918 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01079.html CVE-2024-24968 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html CVE-2024-23984 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
For the change log, see [1]. The license hash file changed, due to the year update. See [2]. This commit also adds a comment in the hash file about the pgp signature file source and key id used for the verification. Fixes: - https://nvd.nist.gov/vuln/detail/CVE-2024-37370 - https://nvd.nist.gov/vuln/detail/CVE-2024-37371 [1] https://web.mit.edu/kerberos/www/krb5-1.21/ [2] krb5/krb5@fec2c44 Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
Fixes: http://autobuild.buildroot.net/results/52c/52c974e70f922e9d7efea4c538e4438a22faa846/ Signed-off-by: Bernd Kuhls <[email protected]> Co-authored-by: Peter Korsgaard <[email protected]> [https://lists.buildroot.org/pipermail/buildroot/2024-November/767661.html] Signed-off-by: Peter Korsgaard <[email protected]>
For release note, see: https://github.com/linux-nvme/libnvme/releases/tag/v1.11.1 Signed-off-by: Giulio Benetti <[email protected]> Reviewed-by: Vincent Jardin <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
Asaf has privately requested to be removed from the DEVELOPERS file as he will no longer be contributing to Buildroot in the forseeable future. Signed-off-by: Thomas Petazzoni <[email protected]>
I will lose access to my email next week, so hand it over to Leo Yu-Chi Liang. Signed-off-by: Yu Chien Peter Lin <[email protected]> Reviewed-by: Leo Yu-Chi Liang <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
host-skopeo fail to build, using the commands:
echo BR2_PACKAGE_HOST_SKOPEO=y >.config
make olddefconfig
make host-skopeo
This commit fixes the issue by selecting BR2_PACKAGE_HOST_GO
in the Config.in file.
Fixes:
make: *** No rule to make target 'host-', needed by '/buildroot/output/build/host-go-1.23.2/.stamp_configured'. Stop.
Reviewed-by: Yann E. MORIN <[email protected]>
Signed-off-by: Julien Olivain <[email protected]>
Commit 7b2a164 (package/go/go-bin: new host-go provider) broke the case for prompt-less, host-only go packages, as the main host-go symbol would not be selected. This very same use-case was initially broken when the first go-src provider was introduced with fa2536e (package/go: make host package a virtual package), and subsequently fixed in 99a5d51 (package/go: ensure there is a host-go provider), so 7b2a164 is causing a regression of a fixed regression. Fix that the very same way it was originally fixed. Signed-off-by: Yann E. MORIN <[email protected]> Cc: Yann E. MORIN <[email protected]> Cc: Thomas Perale <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
Release notes: https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/ Fixes CVE-2024-10976, CVE-2024-10977, CVE-2024-10978 & CVE-2024-10979. Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
Changelog: https://www.php.net/ChangeLog-8.php#PHP_8_3 Release notes: https://news-web.php.net/php.announce/444 Fixes CVE-2024-8929, CVE-2024-8932, CVE-2024-11233, CVE-2024-11234 & CVE-2024-11236. Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
For change log, see: https://github.com/storaged-project/libblockdev/blob/3.2.1/NEWS.rst Signed-off-by: Giulio Benetti <[email protected]> [Julien: add link to change log] Signed-off-by: Julien Olivain <[email protected]>
…x series Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
Host bmap-tools runs using host-python3, but did not select it, leading to the confusing situation that BR2_PACKAGE_HOST_PYTHON3=n even though it was built and working. Signed-off-by: Fiona Klute (WIWA) <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
{host-}python-sip may fail to install on fast machine, so disable
parallel install.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/8350440972 (TestPythonPyQt5)
http://autobuild.buildroot.org/results/8f2/8f24656f3a66d21f2d3c6d6b1adc6bb5f1c0c801 (2024-10-15)
http://autobuild.buildroot.org/results/6e6/6e6bbee714b10e0f04c9d17b7e0ecce057d21d2a (2022-07-15)
Signed-off-by: Romain Naour <[email protected]>
Signed-off-by: Peter Korsgaard <[email protected]>
…t systems Since the bump of util-linux to version 2.40.2 in Buildroot commit f14929c ("package/util-linux: update to 2.40.2"), the build will fail on systems that are not Y2038, such as uClibc configurations. In order to preserve the previous behavior, pass --disable-year2038. See the gnulib documentation for details [1]. Contrary to what the option name might suggest, it doesn't really disable Y2038 support, but only the check that the system is Y2038 compliant. So even with --disable-year2038, if the system is Y2038 compliant (uses a 64-bit arch, uses the musl C library, or uses the glibc C library with BR2_TIME_BITS_64=y), util-linux tools will be Y2038 compliant. "--disable-year2038" was already added to util-linux in commit 11ae90b "package/util-linux: allowing building even on non-Y2038 compliant systems". Fixes: https://autobuild.buildroot.org/results/630fc287deb1cf5a684f274058b918a5d7aef989 [1] https://www.gnu.org/software/gnulib/manual/html_node/Avoiding-the-year-2038-problem.html Reviewed-by: Vincent Jardin <[email protected]> Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Peter Korsgaard <[email protected]>
We migrated to Gitlab a while ago, so update the CHANGES links to point to that rather than git.buildroot.net. Automated with: sed -i 's|http://git.buildroot.net/buildroot/plain/CHANGES?id=\([^"]*\)|https://gitlab.com/buildroot.org/buildroot/-/blob/\1/CHANGES|g' \ docs/website/news.html Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Peter Korsgaard <[email protected]>
Fixes https://autobuild.buildroot.org/results/54a/54a165827f536be47cd45c98da3937a1e94a7c65/ Upstream is no longer accessible, so use s.b.n instead. Signed-off-by: Peter Korsgaard <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
The Config.in help string for BR2_FORTIFY_SOURCE_{2,3} mention
"_FORTIFY_SOURCES" (plural, with an extra "S"). The correct macro name
is "_FORTIFY_SOURCE" (without the "S"). See [1].
This commit fixes those typos.
[1] https://www.gnu.org/software/libc/manual/html_node/Source-Fortification.html
Signed-off-by: Julien Olivain <[email protected]>
Reviewed-by: Vincent Jardin <[email protected]>
Signed-off-by: Peter Korsgaard <[email protected]>
Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
Doxygen source archive download fails with a HTTP 404 Not Found error. The doxygen download page [1] mention that older versions can be downloaded on SourceForge at [2]. This commit fixes the issue by changing _SITE to this new URL. Fixes: https://autobuild.buildroot.org/results/253450bf374ce858fe12712059c435fc773d52f8 [1] https://www.doxygen.nl/download.html [2] https://sourceforge.net/projects/doxygen/files/ Signed-off-by: Julien Olivain <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
automated build + check-package + legal-info. Signed-off-by: Christian Stewart <[email protected]>
go1.23.3 (released 2024-11-06) includes fixes to the linker, the runtime, and the net/http, os, and syscall packages. https://go.dev/doc/devel/release#go1.23.minor Signed-off-by: Christian Stewart <[email protected]>
All Go compiler versions > 1.4.x (old) are written in Go, and require a existing compiled Go version to use to build from source. https://golang.org/doc/install/source#bootstrapFromSource The process for "bootstrapping" the Go compiler in Buildroot is: 1. Compile a C/C++ cross-compiler (gcc) as the host toolchain. 2. Build go-bootstrap-stage1 (which is Go 1.4.x and written in C) 3. Build go-bootstrap-stage2 (which is Go 1.19.x and written in Go) 4. Build go-bootstrap-stage3 (which is Go 1.21.x and written in Go) 5. Build go-src (written in Go) using go-bootstrap-stage3. go-bootstrap-stage1 does not work on 64-bit arm. The Go 1.4.x bootstrap compiler is compatible with x86, x86_64, and arm (32 bit) only. This patch adds a fallback to require a host Go compiler to build host-go-src when BR2_PACKAGE_HOST_GO_BOOTSTRAP_STAGE3_ARCH_SUPPORTS is not set. Recent changes added go-src with the intent of adding go-bin later. This commit changes go-src to depend on the host Go compiler to bootstrap go-src on architectures that cannot build go-bootstrap-stage1 (such as arm64). Signed-off-by: Christian Stewart <[email protected]> --- changes prior to inclusion in this series: - thanks Thomas for the review & suggestions - added NEEDS_HOST_GO boolean - added dependency checks to support/dependencies/dependencies.sh - removed unnecessary changes to go-bootstrap package - add dependency on toolchain if Cgo is enabled - updates for go1.20 - updates for go-bootstrap-stage{1,2} changes from v1 -> v2: - remove whitespace fix in bootstrap stage2 changes from v2 -> v3: - rebase changes from v7 -> v8: - rebase on go-src changes - Discussion related to adding go-src and go-bin: - https://patchwork.ozlabs.org/project/buildroot/patch/[email protected]/ changes from v8 -> v9: - fixed HOST_GO_... to HOST_GO_SRC... changes from v9 -> v10: - upstream merged go-bin rejecting this series - however, building on arm64 hosts still fails. - this patch restores the proposed behavior. Signed-off-by: Christian Stewart <[email protected]>
paralin
force-pushed
the
skiff
branch
2 times, most recently
from
e462409
to
7292f2d
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR tracks changes vs upstream-master.