Bump buildroot to 2020.11-rc1 (#985)

* Update buildroot-patches for 2020.11-rc1 buildroot

* Update buildroot to 2020.11-rc1

Signed-off-by: Stefan Agner <stefan@agner.ch>

* Don't rely on sfdisk --list-free output

The --list-free (-F) argument does not allow machine readable mode. And
it seems that the output format changes over time (different spacing,
using size postfixes instead of raw blocks).

Use sfdisk json output and calculate free partition space ourselfs. This
works for 2.35 and 2.36 and is more robust since we rely on output which
is meant for scripts to parse.

* Migrate defconfigs for Buildroot 2020.11-rc1

In particular, rename BR2_TARGET_UBOOT_BOOT_SCRIPT(_SOURCE) to
BR2_PACKAGE_HOST_UBOOT_TOOLS_BOOT_SCRIPT(_SOURCE).

* Rebase/remove systemd patches for systemd 246

* Drop apparmor/libapparmor from buildroot-external

* hassos-persists: use /run as directory for lockfiles

The U-Boot tools use /var/lock by default which is not created any more
by systemd by default (it is under tmpfiles legacy.conf, which we no
longer install).

* Disable systemd-update-done.service

The service is not suited for pure read-only systems. In particular the
service needs to be able to write a file in /etc and /var. Remove the
service. Note: This is a static service and cannot be removed using
systemd-preset.

* Disable apparmor.service for now

The service loads all default profiles. Some might actually cause
problems. E.g. the profile for ping seems not to match our setup for
/etc/resolv.conf:
[85503.634653] audit: type=1400 audit(1605286002.684:236): apparmor="DENIED" operation="open" profile="ping" name="/run/resolv.conf" pid=27585 comm="ping" requested_mask="r" denied_mask="r" fsuid=0 ouid=0

buildroot/package/libfribidi/0001-Truncate-isolate_level-to-FRIBIDI_BIDI_MAX_EXPLICIT_.patch

@@ -1,30 +0,0 @@
-From 034c6e9a1d296286305f4cfd1e0072b879f52568 Mon Sep 17 00:00:00 2001
-From: Dov Grobgeld <dov.grobgeld@gmail.com>
-Date: Thu, 24 Oct 2019 09:37:29 +0300
-Subject: [PATCH] Truncate isolate_level to FRIBIDI_BIDI_MAX_EXPLICIT_LEVEL
-
-CVE-2019-18397
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- lib/fribidi-bidi.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/lib/fribidi-bidi.c b/lib/fribidi-bidi.c
-index 6c84392..d384878 100644
---- a/lib/fribidi-bidi.c
-+++ b/lib/fribidi-bidi.c
-@@ -747,7 +747,9 @@ fribidi_get_par_embedding_levels_ex (
-             }
- 
- 	  RL_LEVEL (pp) = level;
--          RL_ISOLATE_LEVEL (pp) = isolate_level++;
-+          RL_ISOLATE_LEVEL (pp) = isolate_level;
-+          if (isolate_level < FRIBIDI_BIDI_MAX_EXPLICIT_LEVEL-1)
-+              isolate_level++;
-           base_level_per_iso_level[isolate_level] = new_level;
- 
- 	  if (!FRIBIDI_IS_NEUTRAL (override))
--- 
-2.20.1
-

buildroot/package/libfribidi/libfribidi.hash

@@ -1,3 +1,3 @@
 # Locally computed
-sha256 5ab5f21e9f2fc57b4b40f8ea8f14dba78a5cc46d9cf94bc5e00a58e6886a935d  fribidi-1.0.7.tar.bz2
-sha256 32434afcc8666ba060e111d715bfdb6c2d5dd8a35fa4d3ab8ad67d8f850d2f2b  COPYING
+sha256  7f1c687c7831499bcacae5e8675945a39bacbad16ecaa945e9454a32df653c01  fribidi-1.0.10.tar.xz
+sha256  32434afcc8666ba060e111d715bfdb6c2d5dd8a35fa4d3ab8ad67d8f850d2f2b  COPYING

buildroot/package/libfribidi/libfribidi.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBFRIBIDI_VERSION = 1.0.7
-LIBFRIBIDI_SOURCE = fribidi-$(LIBFRIBIDI_VERSION).tar.bz2
+LIBFRIBIDI_VERSION = 1.0.10
+LIBFRIBIDI_SOURCE = fribidi-$(LIBFRIBIDI_VERSION).tar.xz
 LIBFRIBIDI_SITE = https://github.com/fribidi/fribidi/releases/download/v$(LIBFRIBIDI_VERSION)
 LIBFRIBIDI_LICENSE = LGPL-2.1+
 LIBFRIBIDI_LICENSE_FILES = COPYING