4df8479e6b Add NEWS entry for CVE-2018-11236
a5bc5ec967 Add references to CVE-2018-11236, CVE-2017-18269
58ad5f8a64 Add a test case for [BZ #23196]
6b4362f2cb Don't write beyond destination in __mempcpy_avx512_no_vzeroupper (bug 23196)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
uClibc-ng 1.0.28 does not provide PF_VSOCK/AF_VSOCK definitions,
which causes iproute2 v4.16.0 compile errors.
In commit 57f2f80383b5 ("bits/socket.h: add missing defines")
necessary defines were included and iproute2 builds fine.
This commit now is part of uClibc-ng 1.0.30.
Lets update uClibc-ng to latest 1.0.30 version.
Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Cc: John Crispin <john@phrozen.org>
Fixes FS#1498. "gccgo -static" can fail for missing linker flag
-lgcc_eh caused by patch 850-use_shared_libgcc.patch
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Commit 15e9639159 removed support for
binutils version 2.28 but did not remove it as selectable item
from Binutils Version; let's remove this leftover as well.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Commit f4d9d7a removed support for version specific patches; but it also
broke applying of patches in the patches glibc dir.
Fix the issue by setting PATCH_DIR to $(PATH_PREFIX)/patches similar as
musl/common.mk.
Signed-off-by: Xinxing Hu <xinxing.huchn@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Newer GCC versions are reported to improve code size on various ARM
devices, which is why newer u-boot versions require them now.
There have also been user reports of data corruption issues fixed on
MIPS by updating from GCC 5 to GCC 7.
This update was previously held up by these two MIPS compile issues,
which have since been fixed:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83496https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84790
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This updates musl from a commit between 1.1.18 and 1.1.19 to the final
release of the version 1.1.19.
This mostly fixes bugs in musl.
The size of the uncompressed binary is increased by about 4 KB.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
With forced PIE and SSP support I ran into this assertion failure.
backport two patches to fix this problem from the binutils 2.28 branch.
This fix is already included in binutils 2.28.1 and 2.29.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Configure variable SSP_SUPPORT is ambiguous for packages (tor, openssh,
avahi, freeswitch). It means 'toolchain supporting SSP', but for toolchain
and depends it means 'build gcc with libssp'.
Musl no longer uses libssp (1877bc9d8f), it has internal support, so
SSP_SUPPORT was disabled leading some package to not use SSP.
No information why Glibc and uClibc use libssp, but they may also provide
their own SSP support. uClibc used it own with commit 933b588e25 but it was
reverted in f3cacb9e84 without details.
Create an new configure GCC_LIBSSP and automatically enable SSP_SUPPORT
if either USE_MUSL or GCC_LIBSSP.
Signed-off-by: Julien Dusser <julien.dusser@free.fr>
GCC supports starting version 5 --enable-default-ssp and starting version 6
--enable-default-pie.
It produces hardened binaries by default without dealing with package
compilation flags.
Signed-off-by: Julien Dusser <julien.dusser@free.fr>
When using an external git clone for the kernel repo,
the build would fail because the build won't download
[via git] the kernel tarball.
This is because the `toolchain/kernel-headers` assumes
that the kernel would get downloaded via normal HTTP.
The reason for this is the `HostBuild` rule, which
calls the `Download/default` rule.
To use the `Download/default` we just need to conditionally
adjust some PKG_ vars.
We can safely use `LINUX_VERSION` as it was already adjusted
in the `kernel-version.mk` to avoid collisions with other tarballs.
Fixes:
https://bugs.openwrt.org/index.php?do=details&task_id=503
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This commit finally bumps ARC tools to the most recent arc-2017.09 release version.
ARC GNU tools of version arc-2017.09 bring some quite significant changes like:
* Binutils v2.29 with additional ARC patches
* GCC 7.1.1 with additional ARC patches
More information on this release could be found here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2017.09-release
Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
CC: Alexey Brodkin <abrodkin@synopsys.com>
CC: John Crispin <john@phrozen.org>
Autorebuild is disabled for the toolchain to avoid build-order issues.
However, rebuilding musl is safe, so exclude it from that restriction.
Avoids the need for manual cleaning on kernel header <-> libc API
changes like the ones introduced recently
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This replaces the current patches used to make the kernel headers
compatible with musl with the version which was accepted upstream. This
is included in upstream kernel 4.15.
This was compile tested with iproute2 build on all supported kernel
versions with musl and one one with glibc.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Changes:
72656157 fix fgetwc when decoding a character that crosses buffer boundary
a223dbd2 add reverse iconv mappings for JIS-based encodings
105eff9d generalize iconv framework for 8-bit codepages
a71b46cf fix malloc state corruption when ldso rejects loading a second libc
d060edf6 reformat cjk iconv tables to be diff-friendly, match tool output
c21051e9 prevent fork's errno from being clobbered by atfork handlers
a39f20bf add iso-2022-jp support (decoding only) to iconv
5b546faa add iconv framework for decoding stateful encodings
0df5b39a simplify/optimize iconv utf-8 case
9eb6dd51 handle ascii range individually in each iconv case
bff59d13 move iconv_close to its own translation unit
79f49eff refactor iconv conversion descriptor encoding/decoding
30fdda6c fix getaddrinfo error code for non-numeric service with AI_NUMERICSERV
67b29947 fix mismatched type of __pthread_tsd_run_dtors weak definition
13935337 s390x: use generic ioctl.h
4dc44ce8 microblaze: add statx syscall from linux v4.13
ffd048a0 aarch64: add extra_context struct from linux v4.13
6651ef1f add new tcp.h socket options from linux v4.13
14ced228 add new fcntl.h macros from linux v4.13
754f66af ioctl TIOCGPTPEER from linux v4.13
c35a8bf4 add SO_ getsockopt options from linux v4.13
5daaed6a s390x: add syscall number for s390_guarded_storage from linux v4.12
2dc6760f i386: add arch_prctl syscall number from linux v4.12
840d45be aarch64: add new HWCAP_* flags from linux v4.12
4c811227 add ARPHDR_VSOCKMON from linux v4.12
54f04d99 add new SO_ socket options from linux v4.12
9864f60e add statx syscall numbers from linux v4.11
c519658c add TCP_NLA_* enums from linux v4.11
ee3ae782 add TCP_FASTOPEN_CONNECT tcp socket option from linux v4.11
3eb82f73 add ETH_P_IBOE from linux v4.11
bd1560f6 update aarch64 hwcap.h for linux v4.11
cee73f0c add kexec_file_load syscall number on powerpc from linux v4.10
8f569557 add microblaze syscall numbers from linux v4.10
d8004030 add TFD_TIMER_CANCEL_ON_SET that timerfd.h was missing
f5638c22 add ETH_MIN_MTU and ETH_MAX_MTU from linux v4.10
01369691 add IP_RECVFRAGSIZE and IPV6_RECVFRAGSIZE from linux v4.10
5c596ed8 add SCM_TIMESTAMPING_OPT_STATS and related TCP_ enums from linux v4.10
6fc6ca1a adjust posix_spawn dup2 action behavior to match future requirements
Cc: Syrone Wong <wong.syrone@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The build system already defines KERNEL_CROSS which defaults to TARGET_CROSS.
Make use of this variable for kernel makefiles.
Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
Neither uClibc nor musl currently have working support for powerpc64 in
big endian mode. Thus, default to using glibc for this architecture.
Signed-off-by: Florian Larysch <fl@n621.de>
The powerpc64 feature flag was introduced with the PS3 support, which
has been removed for quite a while and is now unused. Remove it and the
special biarch handling it triggered during the toolchain build.
Signed-off-by: Florian Larysch <fl@n621.de>
This is the final bugfix release in the gcc-5 series.
Compile and run tested on macOS 10.13 (Xcode 9), mvebu/ar71xx.
Removed redundant patch for macOS (backported upstream by yours truly)
Signed-off-by: Ryan Mounce <ryan@mounce.com.au>