From 33b3fea70245068030ef64b6d7c5b344d08ba9d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Wed, 19 Oct 2022 15:43:37 +0200 Subject: [PATCH 01/10] package-dumpinfo: add CPE information to package index MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Common Platform Enumeration (CPE) is a structured naming scheme for information technology systems, software, and packages. In order for the information to be processed further, it should also be available in package index files. Signed-off-by: Petr Štetiar --- include/package-dumpinfo.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/include/package-dumpinfo.mk b/include/package-dumpinfo.mk index 597452e4b9..afc325c1ed 100644 --- a/include/package-dumpinfo.mk +++ b/include/package-dumpinfo.mk @@ -36,6 +36,7 @@ $(if $(USERID),Require-User: $(USERID) )Source: $(PKG_SOURCE) $(if $(LICENSE),License: $(LICENSE) )$(if $(LICENSE_FILES),LicenseFiles: $(LICENSE_FILES) +)$(if $(PKG_CPE_ID),CPE-ID: $(PKG_CPE_ID) )Type: $(if $(Package/$(1)/targets),$(Package/$(1)/targets),$(if $(PKG_TARGETS),$(PKG_TARGETS),ipkg)) $(if $(KCONFIG),Kernel-Config: $(KCONFIG) )$(if $(BUILDONLY),Build-Only: $(BUILDONLY) From 8562c65ff8aae3899cdb190319709500b7651492 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Wed, 19 Oct 2022 15:46:45 +0200 Subject: [PATCH 02/10] package-metadata: add CPE information to JSON package manifests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Common Platform Enumeration (CPE) is a structured naming scheme for information technology systems, software, and packages. In order for the information to be processed further, it should also be available in JSON package manifests. Signed-off-by: Petr Štetiar --- scripts/metadata.pm | 1 + scripts/package-metadata.pl | 1 + 2 files changed, 2 insertions(+) diff --git a/scripts/metadata.pm b/scripts/metadata.pm index ee5a2945ca..e716f75d10 100644 --- a/scripts/metadata.pm +++ b/scripts/metadata.pm @@ -256,6 +256,7 @@ sub parse_package_metadata($) { /^Source: \s*(.+)\s*$/ and $pkg->{source} = $1; /^License: \s*(.+)\s*$/ and $pkg->{license} = $1; /^LicenseFiles: \s*(.+)\s*$/ and $pkg->{licensefiles} = $1; + /^CPE-ID: \s*(.+)\s*$/ and $pkg->{cpe_id} = $1; /^Default: \s*(.+)\s*$/ and $pkg->{default} = $1; /^Provides: \s*(.+)\s*$/ and do { my @vpkg = split /\s+/, $1; diff --git a/scripts/package-metadata.pl b/scripts/package-metadata.pl index 8d8a9fd306..e34b738c0f 100755 --- a/scripts/package-metadata.pl +++ b/scripts/package-metadata.pl @@ -611,6 +611,7 @@ ${json}{ "version":"$pkg->{version}", "category":"$pkg->{category}", "license":"$pkg->{license}", +"cpe_id":"$pkg->{cpe_id}", "maintainer": [$pkg_maintainer], "depends":[$pkg_deps]}, END_JSON From 649655f427932fe79b96a41f883c8054b1806191 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Thu, 26 Oct 2023 16:11:47 +0000 Subject: [PATCH 03/10] package-dumpinfo,metadata: add ABI version information to package index MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit There is no standard for ABI versioning, so its not possible to find out from `libext2fs2`, `libiwinfo20230701` or `libss2` package names if thats just package name or package name with ABI version included. To help with the decision, lets make ABI version aviable in package index. Signed-off-by: Petr Štetiar --- include/package-dumpinfo.mk | 1 + scripts/metadata.pm | 1 + 2 files changed, 2 insertions(+) diff --git a/include/package-dumpinfo.mk b/include/package-dumpinfo.mk index afc325c1ed..6baf10225d 100644 --- a/include/package-dumpinfo.mk +++ b/include/package-dumpinfo.mk @@ -37,6 +37,7 @@ $(if $(USERID),Require-User: $(USERID) $(if $(LICENSE),License: $(LICENSE) )$(if $(LICENSE_FILES),LicenseFiles: $(LICENSE_FILES) )$(if $(PKG_CPE_ID),CPE-ID: $(PKG_CPE_ID) +)$(if $(ABI_VERSION),ABI-Version: $(ABI_VERSION) )Type: $(if $(Package/$(1)/targets),$(Package/$(1)/targets),$(if $(PKG_TARGETS),$(PKG_TARGETS),ipkg)) $(if $(KCONFIG),Kernel-Config: $(KCONFIG) )$(if $(BUILDONLY),Build-Only: $(BUILDONLY) diff --git a/scripts/metadata.pm b/scripts/metadata.pm index e716f75d10..a00d19f185 100644 --- a/scripts/metadata.pm +++ b/scripts/metadata.pm @@ -257,6 +257,7 @@ sub parse_package_metadata($) { /^License: \s*(.+)\s*$/ and $pkg->{license} = $1; /^LicenseFiles: \s*(.+)\s*$/ and $pkg->{licensefiles} = $1; /^CPE-ID: \s*(.+)\s*$/ and $pkg->{cpe_id} = $1; + /^ABI-Version: \s*(.+)\s*$/ and $pkg->{abi_version} = $1; /^Default: \s*(.+)\s*$/ and $pkg->{default} = $1; /^Provides: \s*(.+)\s*$/ and do { my @vpkg = split /\s+/, $1; From d604a07225c5c82b942cd3374cc113ad676a2519 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Tue, 24 Oct 2023 08:27:13 +0000 Subject: [PATCH 04/10] build: add CycloneDX SBOM JSON support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit CycloneDX is an open source standard developed by the OWASP foundation. It supports a wide range of development ecosystems, a comprehensive set of use cases, and focuses on automation, ease of adoption, and progressive enhancement of SBOMs (Software Bill Of Materials) throughout build pipelines. So lets add support for CycloneDX SBOM for packages and images manifests. Signed-off-by: Petr Štetiar --- config/Config-build.in | 8 ++ include/image.mk | 5 + package/Makefile | 8 ++ scripts/metadata.pm | 40 +++++++- scripts/package-metadata.pl | 187 ++++++++++++++++++++++++++++++++++-- 5 files changed, 240 insertions(+), 8 deletions(-) diff --git a/config/Config-build.in b/config/Config-build.in index 5f9a1be858..ebfce8add4 100644 --- a/config/Config-build.in +++ b/config/Config-build.in @@ -26,6 +26,14 @@ menu "Global build settings" directory containing machine readable list of built profiles and resulting images. + config JSON_CYCLONEDX_SBOM + bool "Create CycloneDX SBOM JSON" + default BUILDBOT + help + Create a JSON files *.bom.cdx.json in the build + directory containing Software Bill Of Materials in CycloneDX + format. + config ALL_NONSHARED bool "Select all target specific packages by default" select ALL_KMODS diff --git a/include/image.mk b/include/image.mk index 8f0cbead10..764410fe18 100644 --- a/include/image.mk +++ b/include/image.mk @@ -277,6 +277,11 @@ endef define Image/Manifest $(call opkg,$(TARGET_DIR_ORIG)) list-installed > \ $(BIN_DIR)/$(IMG_PREFIX)$(if $(PROFILE_SANITIZED),-$(PROFILE_SANITIZED)).manifest + $(if $(CONFIG_JSON_CYCLONEDX_SBOM), \ + $(SCRIPT_DIR)/package-metadata.pl imgcyclonedxsbom \ + $(TMP_DIR)/.packageinfo \ + $(BIN_DIR)/$(IMG_PREFIX)$(if $(PROFILE_SANITIZED),-$(PROFILE_SANITIZED)).manifest > \ + $(BIN_DIR)/$(IMG_PREFIX)$(if $(PROFILE_SANITIZED),-$(PROFILE_SANITIZED)).bom.cdx.json) endef define Image/gzip-ext4-padded-squashfs diff --git a/package/Makefile b/package/Makefile index 4b8df7f484..8e72d4ec72 100644 --- a/package/Makefile +++ b/package/Makefile @@ -106,6 +106,14 @@ ifdef CONFIG_SIGNED_PACKAGES $(STAGING_DIR_HOST)/bin/usign -S -m Packages -s $(BUILD_KEY); \ ); done endif +ifdef CONFIG_JSON_CYCLONEDX_SBOM + @echo Creating CycloneDX package SBOMs... + @for d in $(PACKAGE_SUBDIRS); do ( \ + [ -d $$d ] && \ + cd $$d || continue; \ + $(SCRIPT_DIR)/package-metadata.pl pkgcyclonedxsbom Packages.manifest > Packages.bom.cdx.json || true; \ + ); done +endif $(curdir)/flags-install:= -j1 diff --git a/scripts/metadata.pm b/scripts/metadata.pm index a00d19f185..587ce7207d 100644 --- a/scripts/metadata.pm +++ b/scripts/metadata.pm @@ -2,7 +2,7 @@ package metadata; use base 'Exporter'; use strict; use warnings; -our @EXPORT = qw(%package %vpackage %srcpackage %category %overrides clear_packages parse_package_metadata parse_target_metadata get_multiline @ignore %usernames %groupnames); +our @EXPORT = qw(%package %vpackage %srcpackage %category %overrides clear_packages parse_package_metadata parse_package_manifest_metadata parse_target_metadata get_multiline @ignore %usernames %groupnames); our %package; our %vpackage; @@ -317,4 +317,42 @@ sub parse_package_metadata($) { return 1; } +sub parse_package_manifest_metadata($) { + my $file = shift; + my $pkg; + my %pkgs; + + open FILE, "<$file" or do { + warn "Cannot open '$file': $!\n"; + return undef; + }; + + while () { + chomp; + /^Package:\s*(.+?)\s*$/ and do { + $pkg = {}; + $pkg->{name} = $1; + $pkg->{depends} = []; + $pkgs{$1} = $pkg; + }; + /^Version:\s*(.+)\s*$/ and $pkg->{version} = $1; + /^Depends:\s*(.+)\s*$/ and $pkg->{depends} = [ split /\s+/, $1 ]; + /^Source:\s*(.+)\s*$/ and $pkg->{source} = $1; + /^SourceName:\s*(.+)\s*$/ and $pkg->{sourcename} = $1; + /^License:\s*(.+)\s*$/ and $pkg->{license} = $1; + /^LicenseFiles:\s*(.+)\s*$/ and $pkg->{licensefiles} = $1; + /^Section:\s*(.+)\s*$/ and $pkg->{section} = $1; + /^SourceDateEpoch: \s*(.+)\s*$/ and $pkg->{sourcedateepoch} = $1; + /^CPE-ID:\s*(.+)\s*$/ and $pkg->{cpe_id} = $1; + /^Architecture:\s*(.+)\s*$/ and $pkg->{architecture} = $1; + /^Installed-Size:\s*(.+)\s*$/ and $pkg->{installedsize} = $1; + /^Filename:\s*(.+)\s*$/ and $pkg->{filename} = $1; + /^Size:\s*(\d+)\s*$/ and $pkg->{size} = $1; + /^SHA256sum:\s*(.*)\s*$/ and $pkg->{sha256sum} = $1; + } + + close FILE; + return %pkgs; +} + 1; diff --git a/scripts/package-metadata.pl b/scripts/package-metadata.pl index e34b738c0f..9e0e6dd9e5 100755 --- a/scripts/package-metadata.pl +++ b/scripts/package-metadata.pl @@ -4,6 +4,8 @@ use lib "$FindBin::Bin"; use strict; use metadata; use Getopt::Long; +use Time::Piece; +use JSON::PP; my %board; @@ -622,6 +624,173 @@ END_JSON print "[$json]"; } +sub image_manifest_packages($) +{ + my %packages; + my $imgmanifest = shift; + + open FILE, "<$imgmanifest" or return; + while () { + /^(.+?) - (.+)$/ and $packages{$1} = $2; + } + close FILE; + + return %packages; +} + +sub dump_cyclonedxsbom_json { + my (@components) = @_; + + my $uuid = sprintf( + "%04x%04x-%04x-%04x-%04x-%04x%04x%04x", + rand(0xffff), rand(0xffff), rand(0xffff), + rand(0x0fff) | 0x4000, + rand(0x3fff) | 0x8000, + rand(0xffff), rand(0xffff), rand(0xffff) + ); + + my $cyclonedx = { + bomFormat => "CycloneDX", + specVersion => "1.4", + serialNumber => "urn:uuid:$uuid", + version => 1, + metadata => { + timestamp => gmtime->datetime, + }, + "components" => [@components], + }; + + return encode_json($cyclonedx); +} + +sub gen_image_cyclonedxsbom() { + my $pkginfo = shift @ARGV; + my $imgmanifest = shift @ARGV; + my @components; + my %image_packages; + + %image_packages = image_manifest_packages($imgmanifest); + %image_packages or exit 1; + parse_package_metadata($pkginfo) or exit 1; + + $package{"kernel"} = { + license => "GPL-2.0", + cpe_id => "cpe:/o:linux:linux_kernel", + name => "kernel", + }; + + my %abimap; + my @abipkgs = grep { defined $package{$_}->{abi_version} } keys %package; + foreach my $name (@abipkgs) { + my $pkg = $package{$name}; + my $abipkg = $name . $pkg->{abi_version}; + $abimap{$abipkg} = $name; + } + + foreach my $name (sort {uc($a) cmp uc($b)} keys %image_packages) { + my $pkg = $package{$name}; + if (!$pkg) { + $pkg = $package{$abimap{$name}}; + next if !$pkg; + } + + my @licenses; + my @license = split(/\s+/, $pkg->{license}); + foreach my $lic (@license) { + push @licenses, ( + { "license" => { "name" => $lic } } + ); + } + my $type; + if ($pkg->{category}) { + my $category = $pkg->{category}; + my %cat_type = ( + "Firmware" => "firmware", + "Libraries" => "library" + ); + + if ($cat_type{$category}) { + $type = $cat_type{$category}; + } else { + $type = "application"; + } + } + + my $version = $pkg->{version}; + if ($image_packages{$name}) { + $version = $image_packages{$name}; + } + $version =~ s/-\d+$// if $version; + if ($name =~ /^(kernel|kmod-)/ and $version =~ /^(\d+\.\d+\.\d+)/) { + $version = $1; + } + + push @components, { + name => $pkg->{name}, + version => $version, + @licenses > 0 ? (licenses => [ @licenses ]) : (), + $pkg->{cpe_id} ? (cpe => $pkg->{cpe_id}.":".$version) : (), + $type ? (type => $type) : (), + $version ? (version => $version) : (), + }; + } + + print dump_cyclonedxsbom_json(@components); +} + +sub gen_package_cyclonedxsbom() { + my $pkgmanifest = shift @ARGV; + my @components; + my %mpkgs; + + %mpkgs = parse_package_manifest_metadata($pkgmanifest); + %mpkgs or exit 1; + + foreach my $name (sort {uc($a) cmp uc($b)} keys %mpkgs) { + my $pkg = $mpkgs{$name}; + + my @licenses; + my @license = split(/\s+/, $pkg->{license}); + foreach my $lic (@license) { + push @licenses, ( + { "license" => { "name" => $lic } } + ); + } + + my $type; + if ($pkg->{section}) { + my $section = $pkg->{section}; + my %section_type = ( + "firmware" => "firmware", + "libs" => "library" + ); + + if ($section_type{$section}) { + $type = $section_type{$section}; + } else { + $type = "application"; + } + } + + my $version = $pkg->{version}; + $version =~ s/-\d+$// if $version; + if ($name =~ /^(kernel|kmod-)/ and $version =~ /^(\d+\.\d+\.\d+)/) { + $version = $1; + } + + push @components, { + name => $name, + version => $version, + @licenses > 0 ? (licenses => [ @licenses ]) : (), + $pkg->{cpe_id} ? (cpe => $pkg->{cpe_id}.":".$version) : (), + $type ? (type => $type) : (), + $version ? (version => $version) : (), + }; + } + + print dump_cyclonedxsbom_json(@components); +} + sub parse_command() { GetOptions("ignore=s", \@ignore); my $cmd = shift @ARGV; @@ -632,6 +801,8 @@ sub parse_command() { /^source$/ and return gen_package_source(); /^pkgaux$/ and return gen_package_auxiliary(); /^pkgmanifestjson$/ and return gen_package_manifest_json(); + /^imgcyclonedxsbom$/ and return gen_image_cyclonedxsbom(); + /^pkgcyclonedxsbom$/ and return gen_package_cyclonedxsbom(); /^license$/ and return gen_package_license(0); /^licensefull$/ and return gen_package_license(1); /^usergroup$/ and return gen_usergroup_list(); @@ -639,15 +810,17 @@ sub parse_command() { } die < [manifest] Image package manifest in CycloneDX SBOM JSON format + $0 pkgcyclonedxsbom Package manifest in CycloneDX SBOM JSON format + $0 license [file] Package license information $0 licensefull [file] Package license information (full list) - $0 usergroup [file] Package usergroup allocation list + $0 usergroup [file] Package usergroup allocation list $0 version_filter [patchver] [list...] Filter list of version tagged strings Options: From 6dca88aa4acd60229147628cb920d05a1136666d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Fri, 27 Oct 2023 07:37:52 +0000 Subject: [PATCH 05/10] hostapd: fix broken WPS on broadcom-wl and ath11k MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl/ath11k based adapters. The reason for it is hostapd tries to install additional IEs for scanning while the driver does not support this. The kernel indicates the maximum number of bytes for additional scan IEs using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and only add additional scan IEs in case the driver can accommodate these additional IEs. Bug: http://lists.infradead.org/pipermail/hostap/2022-January/040178.html Bug-Debian: https://bugs.debian.org/1004524 Bug-ArchLinux: https://bugs.archlinux.org/task/73495 Upstream-Status: Changes Requested [https://patchwork.ozlabs.org/project/hostap/patch/20220130192200.10883-1-mail@david-bauer.net] Reported-by: Étienne Morice Tested-by: Étienne Morice Signed-off-by: David Bauer Signed-off-by: Petr Štetiar --- ...-extra-ies-only-if-allowed-by-driver.patch | 62 +++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 package/network/services/hostapd/patches/992-nl80211-add-extra-ies-only-if-allowed-by-driver.patch diff --git a/package/network/services/hostapd/patches/992-nl80211-add-extra-ies-only-if-allowed-by-driver.patch b/package/network/services/hostapd/patches/992-nl80211-add-extra-ies-only-if-allowed-by-driver.patch new file mode 100644 index 0000000000..c7b595da57 --- /dev/null +++ b/package/network/services/hostapd/patches/992-nl80211-add-extra-ies-only-if-allowed-by-driver.patch @@ -0,0 +1,62 @@ +From: David Bauer +To: hostap@lists.infradead.org +Cc: =?utf-8?q?=C3=89tienne_Morice?= +Subject: [PATCH] nl80211: add extra-ies only if allowed by driver +Date: Sun, 30 Jan 2022 20:22:00 +0100 +Message-Id: <20220130192200.10883-1-mail@david-bauer.net> +List-Id: + +Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl +based adapters. The reason for it is hostapd tries to install additional +IEs for scanning while the driver does not support this. + +The kernel indicates the maximum number of bytes for additional scan IEs +using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and +only add additional scan IEs in case the driver can accommodate these +additional IEs. + +Reported-by: Étienne Morice +Tested-by: Étienne Morice +Signed-off-by: David Bauer +--- + src/drivers/driver.h | 3 +++ + src/drivers/driver_nl80211_capa.c | 4 ++++ + src/drivers/driver_nl80211_scan.c | 2 +- + 3 files changed, 8 insertions(+), 1 deletion(-) + +--- a/src/drivers/driver.h ++++ b/src/drivers/driver.h +@@ -2283,6 +2283,9 @@ struct wpa_driver_capa { + /** Maximum number of iterations in a single scan plan */ + u32 max_sched_scan_plan_iterations; + ++ /** Maximum number of extra IE bytes for scans */ ++ u16 max_scan_ie_len; ++ + /** Whether sched_scan (offloaded scanning) is supported */ + int sched_scan_supported; + +--- a/src/drivers/driver_nl80211_capa.c ++++ b/src/drivers/driver_nl80211_capa.c +@@ -949,6 +949,10 @@ static int wiphy_info_handler(struct nl_ + nla_get_u32(tb[NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS]); + } + ++ if (tb[NL80211_ATTR_MAX_SCAN_IE_LEN]) ++ capa->max_scan_ie_len = ++ nla_get_u16(tb[NL80211_ATTR_MAX_SCAN_IE_LEN]); ++ + if (tb[NL80211_ATTR_MAX_MATCH_SETS]) + capa->max_match_sets = + nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]); +--- a/src/drivers/driver_nl80211_scan.c ++++ b/src/drivers/driver_nl80211_scan.c +@@ -222,7 +222,7 @@ nl80211_scan_common(struct i802_bss *bss + wpa_printf(MSG_DEBUG, "nl80211: Passive scan requested"); + } + +- if (params->extra_ies) { ++ if (params->extra_ies && drv->capa.max_scan_ie_len >= params->extra_ies_len) { + wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs", + params->extra_ies, params->extra_ies_len); + if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len, From 280d9dd75874ef4c4e2407366eda987cda8efd25 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Thu, 19 Oct 2023 04:09:25 +0000 Subject: [PATCH 06/10] ci: add workflow for automated GitHub release MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Implement a GitHub Actions workflow for automated project releases. The workflow triggers on Git tags, ensuring that a GitHub release is created whenever a new tag is pushed. That new release is going to be created in draft and pre-release mode and needs to be manually promoted to the proper release, once its decided, that its good enough and prepared. This is a start of a streamlined and consistent release process for GitHub, reducing manual intervention. Acked-by: Christian Marangi Signed-off-by: Petr Štetiar --- .github/workflows/github-release.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/workflows/github-release.yml diff --git a/.github/workflows/github-release.yml b/.github/workflows/github-release.yml new file mode 100644 index 0000000000..55d01f85cb --- /dev/null +++ b/.github/workflows/github-release.yml @@ -0,0 +1,24 @@ +name: Create GitHub release + +permissions: + contents: write + +on: + push: + tags: + - "v*" + workflow_dispatch: + +jobs: + release: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Release + uses: softprops/action-gh-release@v1 + with: + draft: true + prerelease: true From 5364163e774a6887c3c9e5c87203d32e2db26928 Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Wed, 1 Nov 2023 17:44:43 +0100 Subject: [PATCH 07/10] tools/elfutils: add -fPIC to fix linker errors (#13841) Resolves issues with building PIE binaries that link against libdw or libelf Signed-off-by: Felix Fietkau --- tools/elfutils/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/elfutils/Makefile b/tools/elfutils/Makefile index 2605bc61cb..92eabc14dd 100644 --- a/tools/elfutils/Makefile +++ b/tools/elfutils/Makefile @@ -23,7 +23,7 @@ ifeq ($(HOST_OS),Darwin) HOST_CFLAGS += -I/opt/homebrew/include endif -HOST_CFLAGS += -Wno-error +HOST_CFLAGS += -Wno-error -fPIC HOST_CONFIGURE_ARGS += \ --without-libintl-prefix \ From 17a5f1c81f8b72c0f684ea05bd1acac6fa49d188 Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Wed, 1 Nov 2023 18:37:45 +0100 Subject: [PATCH 08/10] tools/elfutils: disable bzlib support It is not needed Signed-off-by: Felix Fietkau --- tools/elfutils/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/elfutils/Makefile b/tools/elfutils/Makefile index 92eabc14dd..a701827248 100644 --- a/tools/elfutils/Makefile +++ b/tools/elfutils/Makefile @@ -34,6 +34,7 @@ HOST_CONFIGURE_ARGS += \ --disable-shared \ --enable-static \ --without-lzma \ + --without-bzlib \ --without-zstd ifeq ($(HOST_OS),Darwin) From f95a8f876926969b3643f43cf08674cf153e22e8 Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Wed, 1 Nov 2023 19:20:16 +0100 Subject: [PATCH 09/10] tools/elfutils: fix missing _ in auxv info alias Fixes dwarves compile issue Signed-off-by: Felix Fietkau --- tools/elfutils/patches/100-portability.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/elfutils/patches/100-portability.patch b/tools/elfutils/patches/100-portability.patch index a0c7d74bb3..0d650549ee 100644 --- a/tools/elfutils/patches/100-portability.patch +++ b/tools/elfutils/patches/100-portability.patch @@ -291,7 +291,7 @@ case DW_TAG_rvalue_reference_type +#define auxv_info_alias(arch) \ -+ int EBLHOOK_1(arch, auxv_info) (GElf_Xword a_type, const char **name, const char **format) \ ++ int EBLHOOK_1(arch ## _, auxv_info) (GElf_Xword a_type, const char **name, const char **format) \ + { \ + return EBLHOOK(auxv_info)(a_type, name, format); \ + } From d62726b1e44f785d543e4625b19ca1f628adda6c Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Wed, 1 Nov 2023 22:10:46 +0100 Subject: [PATCH 10/10] urngd: update to version 2023-11-01 Fix compilation with glibc 44365eb Deactivate _FORTIFY_SOURCE in jitterentropy-base.c Signed-off-by: Hauke Mehrtens --- package/system/urngd/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package/system/urngd/Makefile b/package/system/urngd/Makefile index 818f06b210..477c5f2405 100644 --- a/package/system/urngd/Makefile +++ b/package/system/urngd/Makefile @@ -5,9 +5,9 @@ PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/urngd.git -PKG_SOURCE_DATE:=2023-07-25 -PKG_SOURCE_VERSION:=7aefb47be57df0467d97d539f7fe9e23e607a3b4 -PKG_MIRROR_HASH:=427d4228fd65cf4320b8c212e710b86bcbfcdd4239f4e67132b3b471f7437202 +PKG_SOURCE_DATE:=2023-11-01 +PKG_SOURCE_VERSION:=44365eb1e1165f2a44cb31f404b04cf85031718e +PKG_MIRROR_HASH:=743bdfacf1f1e779047a55fe8f388aaf31f6e55e8a4d0a00fcabffb68af2202e PKG_LICENSE:=GPL-2.0 BSD-3-Clause PKG_LICENSE_FILES:=