Bump buildroot to 2020.11-rc1 (#985)

* Update buildroot-patches for 2020.11-rc1 buildroot * Update buildroot to 2020.11-rc1 Signed-off-by: Stefan Agner <stefan@agner.ch> * Don't rely on sfdisk --list-free output The --list-free (-F) argument does not allow machine readable mode. And it seems that the output format changes over time (different spacing, using size postfixes instead of raw blocks). Use sfdisk json output and calculate free partition space ourselfs. This works for 2.35 and 2.36 and is more robust since we rely on output which is meant for scripts to parse. * Migrate defconfigs for Buildroot 2020.11-rc1 In particular, rename BR2_TARGET_UBOOT_BOOT_SCRIPT(_SOURCE) to BR2_PACKAGE_HOST_UBOOT_TOOLS_BOOT_SCRIPT(_SOURCE). * Rebase/remove systemd patches for systemd 246 * Drop apparmor/libapparmor from buildroot-external * hassos-persists: use /run as directory for lockfiles The U-Boot tools use /var/lock by default which is not created any more by systemd by default (it is under tmpfiles legacy.conf, which we no longer install). * Disable systemd-update-done.service The service is not suited for pure read-only systems. In particular the service needs to be able to write a file in /etc and /var. Remove the service. Note: This is a static service and cannot be removed using systemd-preset. * Disable apparmor.service for now The service loads all default profiles. Some might actually cause problems. E.g. the profile for ping seems not to match our setup for /etc/resolv.conf: [85503.634653] audit: type=1400 audit(1605286002.684:236): apparmor="DENIED" operation="open" profile="ping" name="/run/resolv.conf" pid=27585 comm="ping" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
2020-11-13 18:25:44 +01:00
parent 25a0dd3082
commit a0871be6c0
4024 changed files with 68095 additions and 47900 deletions
--- a/buildroot/package/libcap/0001-build-system-fixes-for-cross-compilation.patch
+++ b/buildroot/package/libcap/0001-build-system-fixes-for-cross-compilation.patch
@@ -1,53 +0,0 @@
-From d8d70559a279706c206761dfaf665d2197934123 Mon Sep 17 00:00:00 2001
-From: Gustavo Zacarias <gustavo@zacarias.com.ar>
-Date: Sun, 6 Mar 2016 22:52:02 +0100
-Subject: [PATCH] build-system: fixes for cross-compilation
-
-Avoid the libcap buildsys forcing CC/CFLAGS/LDFLAGS/AR/RANLIB
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
-[yann.morin.1998@free.fr: dont chmod +x the shared lib]
-Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
-
-diff --git a/Make.Rules b/Make.Rules
-index 8347b26..8a07a3f 100644
--- a/Make.Rules
-+++ b/Make.Rules
-@@ -48,26 +48,26 @@ MINOR=25
- KERNEL_HEADERS := $(topdir)/libcap/include/uapi
- IPATH += -fPIC -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include
- 
-CC := gcc
-CFLAGS := -O2 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
-BUILD_CC := $(CC)
-BUILD_CFLAGS := $(CFLAGS) $(IPATH)
-AR := ar
-RANLIB := ranlib
-+CC ?= gcc
-+CFLAGS ?= -O2 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
-+BUILD_CC ?= $(CC)
-+BUILD_CFLAGS ?= $(CFLAGS) $(IPATH)
-+AR ?= ar
-+RANLIB ?= ranlib
- DEBUG = -g #-DDEBUG
- WARNINGS=-Wall -Wwrite-strings \
-         -Wpointer-arith -Wcast-qual -Wcast-align \
-         -Wstrict-prototypes -Wmissing-prototypes \
-         -Wnested-externs -Winline -Wshadow
- LD=$(CC) -Wl,-x -shared
-LDFLAGS := #-g
-+LDFLAGS ?= #-g
- BUILD_GPERF := $(shell which gperf >/dev/null 2>/dev/null && echo yes)
- 
- SYSTEM_HEADERS = /usr/include
- INCS=$(topdir)/libcap/include/sys/capability.h
- LDFLAGS += -L$(topdir)/libcap
- CFLAGS += -Dlinux $(WARNINGS) $(DEBUG)
-PAM_CAP := $(shell if [ -f /usr/include/security/pam_modules.h ]; then echo yes ; else echo no ; fi)
-+PAM_CAP = no
- INDENT := $(shell if [ -n "$$(which indent 2>/dev/null)" ]; then echo "| indent -kr" ; fi)
- DYNAMIC := $(shell if [ ! -d "$(topdir)/.git" ]; then echo yes; fi)
- 
-- 
-1.9.1
-
--- a/buildroot/package/libcap/0002-libcap-split-install-into-install-shared-install-sta.patch
+++ b/buildroot/package/libcap/0002-libcap-split-install-into-install-shared-install-sta.patch
@@ -1,48 +0,0 @@
-From af21635665ab568f3333ff9fe8b474f4950e5acb Mon Sep 17 00:00:00 2001
-From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-Date: Sun, 6 Mar 2016 22:53:24 +0100
-Subject: [PATCH] libcap: split install into install-shared/install-static
-
-In order to support static only builds, split the install target into
-install-shared and install-static targets.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-[yann.morin.1998@free.fr: install the .pc file in the common rule]
-Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
-
-diff --git a/libcap/Makefile b/libcap/Makefile
-index d189777..44ddb27 100644
--- a/libcap/Makefile
-+++ b/libcap/Makefile
-@@ -62,19 +62,25 @@ $(MINLIBNAME): $(OBJS)
- cap_text.o: cap_text.c $(USE_GPERF_OUTPUT) $(INCLS)
- 	$(CC) $(CFLAGS) $(IPATH) $(INCLUDE_GPERF_OUTPUT) -c $< -o $@
- 
-install: all
-+install: install-shared install-static
-+
-+install-common:
- 	mkdir -p -m 0755 $(FAKEROOT)$(INCDIR)/sys
- 	install -m 0644 include/sys/capability.h $(FAKEROOT)$(INCDIR)/sys
-+	mkdir -p -m 0755 $(FAKEROOT)$(PKGCONFIGDIR)
-+	install -m 0644 libcap.pc $(FAKEROOT)$(PKGCONFIGDIR)/libcap.pc
-+
-+install-static: $(STALIBNAME) install-common
- 	mkdir -p -m 0755 $(FAKEROOT)$(LIBDIR)
- 	install -m 0644 $(STALIBNAME) $(FAKEROOT)$(LIBDIR)/$(STALIBNAME)
-+
-+install-shared: $(MINLIBNAME) install-common
- 	install -m 0644 $(MINLIBNAME) $(FAKEROOT)$(LIBDIR)/$(MINLIBNAME)
- 	ln -sf $(MINLIBNAME) $(FAKEROOT)$(LIBDIR)/$(MAJLIBNAME)
- 	ln -sf $(MAJLIBNAME) $(FAKEROOT)$(LIBDIR)/$(LIBNAME)
- ifeq ($(FAKEROOT),)
- 	-/sbin/ldconfig
- endif
-	mkdir -p -m 0755 $(FAKEROOT)$(PKGCONFIGDIR)
-	install -m 0644 libcap.pc $(FAKEROOT)$(PKGCONFIGDIR)/libcap.pc
- 
- clean:
- 	$(LOCALCLEAN)
-- 
-1.9.1
-
--- a/buildroot/package/libcap/0003-libcap-cap_file.c-fix-build-with-old-kernel-headers.patch
+++ b/buildroot/package/libcap/0003-libcap-cap_file.c-fix-build-with-old-kernel-headers.patch
@@ -1,51 +0,0 @@
-From ace694e9574eb38e07cfe0db235434eb40003f47 Mon Sep 17 00:00:00 2001
-From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-Date: Mon, 14 Mar 2016 22:39:15 +0100
-Subject: [PATCH] libcap/cap_file.c: fix build with old kernel headers
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
---
- libcap/cap_file.c | 27 +++++++++++++++++++++++++++
- 1 file changed, 27 insertions(+)
-
-diff --git a/libcap/cap_file.c b/libcap/cap_file.c
-index 40756ea..e3d54dd 100644
--- a/libcap/cap_file.c
-+++ b/libcap/cap_file.c
-@@ -23,6 +23,33 @@ extern int fsetxattr(int, const char *, const void *, size_t, int);
- extern int removexattr(const char *, const char *);
- extern int fremovexattr(int, const char *);
- 
-+
-+/*
-+ * Old kernels (before 2.6.36) were defining XATTR_NAME_CAPS in
-+ * <linux/capability.h>, but using XATTR_SECURITY_PREFIX and
-+ * XATTR_CAPS_SUFFIX which were defined in the kernel-only part of
-+ * <linux/xattr.h>.
-+ *
-+ * In kernel 2.6.36 (commit af4f136056c984b0aa67feed7d3170b958370b2f),
-+ * the XATTR_NAME_CAPS definition was moved to the kernel-only part of
-+ * <linux/xattr.h>. It's only in kernel 3.0 (commit
-+ * 1dbe39424a43e56a6c9aed12661192af51dcdb9f) that <linux/xattr.h> was
-+ * fixed to expose XATTR_NAME_CAPS and the related definitions to
-+ * userspace.
-+ *
-+ * In order to cope with kernels < 3.0, we define here the appropriate
-+ * values, which we assume haven't changed over history.
-+ */
-+#ifndef XATTR_CAPS_SUFFIX
-+#define XATTR_CAPS_SUFFIX "capability"
-+#endif
-+#ifndef XATTR_SECURITY_PREFIX
-+#define XATTR_SECURITY_PREFIX "security."
-+#endif
-+#ifndef XATTR_NAME_CAPS
-+#define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX
-+#endif
-+
- #include "libcap.h"
- 
- #ifdef VFS_CAP_U32
-- 
-2.6.4
-
--- a/buildroot/package/libcap/Config.in
+++ b/buildroot/package/libcap/Config.in
@@ -1,5 +1,6 @@
 config BR2_PACKAGE_LIBCAP
 	bool "libcap"
+	depends on BR2_USE_MMU # fork()
 	help
 	  This library implements the user-space interfaces to the
 	  POSIX 1003.1e capabilities available in Linux kernels. These
@@ -12,7 +13,6 @@ if BR2_PACKAGE_LIBCAP

 config BR2_PACKAGE_LIBCAP_TOOLS
 	bool "install tools"
-	depends on BR2_USE_MMU
 	help
 	  Install setcap, getcap, getpcaps and capsh tools.

--- a/buildroot/package/libcap/libcap.hash
+++ b/buildroot/package/libcap/libcap.hash
@@ -1,5 +1,5 @@
 # https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/sha256sums.asc
-sha256	dac1792d0118bee6aae6ba7fb93ff1602c6a9bda812fd63916eee1435b9c486a  libcap-2.27.tar.xz
+sha256  d66639f765c0e10557666b00f519caf0bd07a95f867dddaee131cd284fac3286  libcap-2.45.tar.xz

 # Hash for license file:
-sha256	088cabde4662b4121258d298b0b2967bc1abffa134457ed9bc4a359685ab92bc  License
+sha256  088cabde4662b4121258d298b0b2967bc1abffa134457ed9bc4a359685ab92bc  License
--- a/buildroot/package/libcap/libcap.mk
+++ b/buildroot/package/libcap/libcap.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-LIBCAP_VERSION = 2.27
+LIBCAP_VERSION = 2.45
 LIBCAP_SITE = https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2
 LIBCAP_SOURCE = libcap-$(LIBCAP_VERSION).tar.xz
 LIBCAP_LICENSE = GPL-2.0 or BSD-3-Clause
@@ -15,59 +15,50 @@ LIBCAP_INSTALL_STAGING = YES

 HOST_LIBCAP_DEPENDENCIES = host-gperf

-ifeq ($(BR2_STATIC_LIBS),y)
-LIBCAP_MAKE_TARGET = libcap.a libcap.pc
-LIBCAP_MAKE_INSTALL_TARGET = install-static
-else ifeq ($(BR2_SHARED_LIBS),y)
-LIBCAP_MAKE_TARGET = all
-LIBCAP_MAKE_INSTALL_TARGET = install-shared
-else
-LIBCAP_MAKE_TARGET = all
-LIBCAP_MAKE_INSTALL_TARGET = install
-endif
-
 LIBCAP_MAKE_FLAGS = \
+	CROSS_COMPILE="$(TARGET_CROSS)" \
 	BUILD_CC="$(HOSTCC)" \
-	BUILD_CFLAGS="$(HOST_CFLAGS)"
+	BUILD_CFLAGS="$(HOST_CFLAGS)" \
+	SHARED=$(if $(BR2_STATIC_LIBS),,yes) \
+	PTHREADS=$(if $(BR2_TOOLCHAIN_HAS_THREADS),yes,)
+
+LIBCAP_MAKE_DIRS = libcap

 ifeq ($(BR2_PACKAGE_LIBCAP_TOOLS),y)
-define LIBCAP_BUILD_TOOLS_CMDS
-	$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D)/progs \
-		$(LIBCAP_MAKE_FLAGS)
-endef
-
-define LIBCAP_INSTALL_TOOLS_CMDS
-	$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D)/progs \
-		RAISE_SETFCAP=no prefix=/usr \
-		DESTDIR=$(TARGET_DIR) $(LIBCAP_MAKE_FLAGS) install
-endef
+LIBCAP_MAKE_DIRS += progs
 endif

 define LIBCAP_BUILD_CMDS
-	$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D)/libcap \
-		$(LIBCAP_MAKE_FLAGS) $(LIBCAP_MAKE_TARGET)
-	$(LIBCAP_BUILD_TOOLS_CMDS)
+	$(foreach d,$(LIBCAP_MAKE_DIRS), \
+		$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D)/$(d) \
+			$(LIBCAP_MAKE_FLAGS) all
+	)
 endef

 define LIBCAP_INSTALL_STAGING_CMDS
-	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D)/libcap $(LIBCAP_MAKE_FLAGS) \
-		DESTDIR=$(STAGING_DIR) prefix=/usr lib=lib $(LIBCAP_MAKE_INSTALL_TARGET)
+	$(foreach d,$(LIBCAP_MAKE_DIRS), \
+		$(TARGET_MAKE_ENV) $(MAKE) -C $(@D)/$(d) $(LIBCAP_MAKE_FLAGS) \
+			DESTDIR=$(STAGING_DIR) prefix=/usr lib=lib install
+	)
 endef

 define LIBCAP_INSTALL_TARGET_CMDS
-	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D)/libcap $(LIBCAP_MAKE_FLAGS) \
-		DESTDIR=$(TARGET_DIR) prefix=/usr lib=lib $(LIBCAP_MAKE_INSTALL_TARGET)
-	$(LIBCAP_INSTALL_TOOLS_CMDS)
+	$(foreach d,$(LIBCAP_MAKE_DIRS), \
+		$(TARGET_MAKE_ENV) $(MAKE) -C $(@D)/$(d) $(LIBCAP_MAKE_FLAGS) \
+			DESTDIR=$(TARGET_DIR) prefix=/usr lib=lib install
+	)
 endef

 define HOST_LIBCAP_BUILD_CMDS
 	$(HOST_MAKE_ENV) $(HOST_CONFIGURE_OPTS) $(MAKE) -C $(@D)\
-		RAISE_SETFCAP=no
+		DYNAMIC=yes \
+		RAISE_SETFCAP=no GOLANG=no
 endef

 define HOST_LIBCAP_INSTALL_CMDS
 	$(HOST_MAKE_ENV) $(MAKE) -C $(@D) prefix=$(HOST_DIR) \
-		RAISE_SETFCAP=no lib=lib install
+		DYNAMIC=yes \
+		RAISE_SETFCAP=no GOLANG=no lib=lib install
 endef

 $(eval $(generic-package))