The PKG_CPE_ID links to NIST CPE version 2.2.
Assign PKG_CPE_ID to all remaining package which have a CPE ID.
Not every package has a CPE id.
Related: https://github.com/openwrt/packages/issues/8534
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Currently the check target fails if the kernel Git tree is used:
$ make toolchain/kernel-headers/{download,check}
make[2]: Entering directory 'toolchain/kernel-headers'
Makefile:105: *** ERROR: Unknown pack format for file openwrt/tmp/dl/. Stop.
make[2]: Leaving directory 'toolchain/kernel-headers'
toolchain/Makefile💯 recipe for target 'toolchain/kernel-headers/check' failed
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit bb7ba6b6a8)
The wcsnrtombs function in all musl libc versions up through 1.2.1 has
been found to have multiple bugs in handling of destination buffer
size when limiting the input character count, which can lead to
infinite loop with no forward progress (no overflow) or writing past
the end of the destination buffera.
This function is not used internally in musl and is not widely used,
but does appear in some applications. The non-input-limiting form
wcsrtombs is not affected.
All users of musl 1.2.1 and prior versions should apply the attached
patch, which replaces the overly complex and erroneous implementation.
The upcoming 1.2.2 release will adopt this new implementation.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 4d4ef1058c)
This backports the patch for GCC PR target/89587 (gcc's rs6000
configuration unconditionally sets MULTIARCH_DIRNAME, even when
multiarch is disabled).
This currently affects apm821xx and may cause issues when
cross-compiling packages, e.g. Python 3[1].
This includes patches for GCC 8 (with the changelog diff removed);
this change is already included in GCC 9.2 and 7.5.
[1]: https://github.com/openwrt/packages/issues/10552
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
[Removed patch for GCC 7.4.0, GCC 7.5.0 already contains this]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c102f702e7)
This fixes gcc build error within clang 11.0, it tweaks the version
string from LLVM to clang.
Signed-off-by: Yorkie Liu <yorkiefixer@gmail.com>
(cherry picked from commit 65a561fd09)
bef0b1cb31 libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203]
4d5cfeb510 rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126) [BZ #25204]
92f04eedb5 mips: Force RWX stack for hard-float builds that can run on pre-4.8 kernels
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Problem found by AddressSanitizer[1]:
Latest `grep` (git commit 1019e6e) compiled with asan may cause a
heap-buffer-overflow when `-i` is specified.
./grep -i '\(\(\)*.\)*\(\)\(\)\1' /bin/chvt
=================================================================
==16206==ERROR: AddressSanitizer: heap-buffer-overflow on address
1. https://debbugs.gnu.org/34140
Ref: https://sourceware.org/bugzilla/show_bug.cgi?id=24114
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
[commit title and description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
5b4f7382af Add undef to fix test failure.
9456483fb2 Improve performance of memmem
373f8b06a3 Improve performance of strstr
4ec1b9e913 Fix strstr bug with huge needles (bug 23637)
ecd6271ed8 Speedup first memmem match
bba6b9288f Simplify and speedup strstr/strcasestr first match
7a4da6ef7a Improve strstr performance
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
5f0d2e0491 [AArch64] Add ifunc support for Ares
e6b7252040 aarch64,falkor: Use vector registers for memcpy
c74b884f70 aarch64,falkor: Ignore prefetcher tagging for smaller copies
0fc5934ebd aarch64/strncmp: Use lsr instead of mov+lsr
e0a0bd3acc aarch64/strncmp: Unbreak builds with old binutils
638caf3000 aarch64: Improve strncmp for mutually misaligned inputs
d5f45a29ff aarch64/strcmp: fix misaligned loop jump target
7f690fafad aarch64: Improve strcmp unaligned performance
40df047b3b aarch64: Fix branch target to loop16
062139f233 aarch64: Optimized memcmp for medium to large sizes
f3e2add213 aarch64: Use the L() macro for labels in memcmp
22bd3ab40e posix: Fix large mmap64 offset for mips64n32 (BZ#24699)
bdd16894aa aarch64: handle STO_AARCH64_VARIANT_PCS
0b48caab9a aarch64: add STO_AARCH64_VARIANT_PCS and DT_AARCH64_VARIANT_PCS
949da7f2fd io: Remove copy_file_range emulation [BZ #24744]
f056ac8363 libio: do not attempt to free wide buffers of legacy streams [BZ #24228]
5f90e009b1 NEWS: add entries for bugs 22964, 24180, and 24531
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This updates the GCC to the next minor release which fixes +213 bugs.
Tested on ARMv6, ARMv7, MIPS R2, x86
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3:
PR c++/20020 (GDB segfault on printing objects)
PR gdb/24454 (nat/x86-linux-dregs.c failed assertion)
PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned)
PR symtab/24545 (Symbol loading performance regression with cc1)
PR gdb/24592 (amd64->i386 linux syscall restart problem)
PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException')
PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background)
PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries)
This corrective release also brings the following testsuite fixes and
enhancements:
PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests)
PR testsuite/25016 (Test-case failures for -pie)
GDB 8.3 includes the following changes and enhancements:
* Support for new native configurations (also available as a target configuration):
- RISC-V GNU/Linux (riscv*-*-linux*)
- RISC-V FreeBSD (riscv*-*-freebsd*)
* Support for new target configurations:
- CSKY ELF (csky*-*-elf)
- CSKY GNU/Linux (csky*-*-linux)
- NXP S12Z ELF (s12z-*-elf)
- OpenRISC GNU/Linux (or1k*-*-linux*)
* Native Windows debugging is only supported on Windows XP or later.
* The Python API in GDB now requires Python 2.6 or later.
* GDB now supports terminal styling for the CLI and TUI.
Source highlighting is also supported by building GDB with GNU
Highlight.
* Experimental support for compilation and injection of C++ source
code into the inferior (requires GCC 7.1 or higher, built with
libcp1.so).
* GDB and GDBserver now support IPv6 connections.
* Target description support on RISC-V targets.
* Various enhancements to several commands:
- "frame", "select-frame" and "info frame" commands
- "info functions", "info types", "info variables"
- "info thread"
- "info proc"
- System call alias catchpoint support on FreeBSD
- "target remote" support for Unix Domain sockets.
* Support for displaying all files opened by a process
* DWARF index cache: GDB can now automatically save indices of DWARF
symbols on disk to speed up further loading of the same binaries.
* Various GDB/MI enhancements.
* GDBserver on PowerPC GNU/Linux now supports access to the PPR,
DSCR, TAR, EBB/PMU, and HTM registers.
* Ada task switching support when debugging programs built with
the Ravenscar profile added to aarch64-elf.
* GDB in batch mode now exits with status 1 if the last executed
command failed.
* Support for building GDB with GCC's Undefined Behavior Sanitizer.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 942f020bf4d0f49e4c5586a59ddf21c00e9d8bbe)
1.1.24 release notes
new features:
- GLOB_TILDE extension to glob
- non-stub catgets localization API, using netbsd binary catalog format
- posix_spawn file actions for [f]chdir (extension, pending future standard)
- secure_getenv function (extension)
- copy_file_range syscall wrapper (Linux extension)
- header-level support for new linux features in 5.2
performance:
- new fast path for lrint (generic C version) on 32-bit archs
major internal changes:
- functions involving time are overhauled to be time64-ready in 32-bit archs
- x32 uses the new time64 code paths to replace nasty hacks in syscall glue
compatibility & conformance:
- support for powerpc[64] unaligned relocation types
- powerpc[64] and sh sys/user.h no longer clash with kernel asm/ptrace.h
- select no longer modifies timeout on failure (or at all)
- mips64 stat results are no longer limited to 32-bit time range
- optreset (BSD extension) now has a public declaration
- support for clang inconsistencies in wchar_t type vs some 32-bit archs
- mips r6 syscall asm no longer has invalid lo/hi register clobbers
- vestigial asm declarations of __tls_get_new are removed (broke some tooling)
- riscv64 mcontext_t mismatch glibc's member naming is corrected
bugs fixed:
- glob failed to match broken symlinks consistently
- invalid use of interposed calloc to allocate initial TLS
- various dlsym symbol resolution logic errors
- semctl with SEM_STAT_ANY didn't work
- pthread_create with explicit scheduling was subject to priority inversion
- pthread_create failure path had data race for thread count
- timer_create with SIGEV_THREAD notification had data race getting timer id
- wide printf family failed to support l modifier for float formats
arch-specific bugs fixed:
- x87 floating point stack imbalance in math asm (i386-only CVE-2019-14697)
- x32 clock_adjtime, getrusage, wait3, wait4 produced junk (struct mismatches)
- lseek broken on x32 and mipsn32 with large file offsets
- riscv64 atomics weren't compiler barriers
- riscv64 atomics had broken asm constraints (missing earlyclobber flag)
- arm clone() was broken when compiled as thumb if start function returned
- mipsr6 setjmp/longjmp did not preserve fpu register state correctly
Refreshed all patches.
Removed upstreamed.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
GCC needs the kernel headers to compile.
Some GCC file includes asm/unistd.h which is provided by the kernel headers.
Normally the kernel headers build is very fast and ready before the gcc uses
it, but if it clones the kernel from a slow git repository it takes longer
and then it could be that the gcc already wants to use the kernel headers
before they are available. This patch fixes this problem by adding the
missing dependency.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
(cherry picked from commit b20156ba70)
musl libc through 1.1.23 has an x87 floating-point stack adjustment
imbalance, related to the math/i386/ directory. In some cases, use of
this library could introduce out-of-bounds writes that are not present
in an application's source code.
This problem only affects x86 and no other architectures.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c262daf308)
This happens only the second time a library is loaded by dlopen().
After lib1 is loaded, dlsym(lib1,"undef1") correctly resolves the undef
symbol from lib1 dependencies. After the second library is loaded,
dlsym(lib2,"undef1") was returning the address of "undef1" in lib2
instead of searching lib2 dependencies.
Using upstream fix which now uses the same logic for relocation time
and dlsym.
Fixesopenwrt/packages#9297
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 0d0617ff14)
new features:
- riscv64 port
- configure now allows customizing AR and RANLIB vars
- header-level support for new linux features in 5.1
major internal changes:
- removed extern __syscall; syscall header code is now fully self-contained
performance:
- new math library implementation for log/exp/pow
- aarch64 dynamic tlsdesc function is streamlined
compatibility & conformance:
- O_TTY_INIT is now defined
- sys/types.h no longer pollutes namespace with sys/sysmacros.h in any profile
- powerpc asm is now compatible with clang internal assembler
changes for new POSIX interpretations:
- fgetwc now sets stream error indicator on encoding errors
- fmemopen no longer rejects 0 size
bugs fixed:
- static TLS for shared libraries was allocated wrong on "Variant I" archs
- crash in dladdr reading through uninitialized pointer on non-match
- sigaltstack wrongly errored out on invalid ss_size when doing SS_DISABLE
- getdents function misbehaved with buffer length larger than INT_MAX
- set*id could deadlock after fork from multithreaded process
arch-specfic bugs fixed:
- s390x SO_PEERSEC definition was wrong
- passing of 64-bit syscall arguments was broken on microblaze
- posix_fadvise was broken on mips due to missing 7-arg syscall support
- vrregset_t layout and member naming was wrong on powerpc64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This seems to have been omitted over-time.
Using the default Host/Configure seems to work fine.
The last patches to have touched this in a major way were ~10 years ago:
33a0eb3613 ("cosmetic & coherency fixes")
7eb1589875 ("build system refactoring in preparation for allowing
packages to do host-build steps")
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
new features:
- priority-inheritance mutexes
- membarrier syscall, pre-registration to use it, fallback emulation
- header-level support for new linux features in 4.19, 4.20, 5.0
major internal changes:
- complete, async-safe view of all existent threads as global list
- robust __synccall based on new thread list
- new dynamic TLS is installed synchronously at dlopen
- TLSDESC resolver functions no longer make bad ABI assumptions to call C
- resolved shared library dependencies are now recorded
compatibility & conformance:
- dependency-order shared library constructor execution
- sigaltstack no longer rejects SS_AUTODISARM, future flags
- FILE is now a complete (dummy) type in pre-C11 feature profiles
- setvbuf reports failure on invalid arguments
- TSVTX is exposed unconditionally in tar.h
- multithreaded set*id() no longer depends on /proc
- key slot reuse after pthread_key_delete no longer depends on /proc
bugs fixed:
- failures in multithreaded set*id() with concurrent thread creation/exit
- interposed free was called from invalid/inconsistent contexts
- freeaddrinfo performed invalid free of some partial results lists
- dlsym dependency order search had false negatives and false positives
- dn_skipname gave wrong results for labels with 8-bit content
- dcngettext clobbered errno, often breaking printing of error messages
- sscanf read past end of buffer under certain conditions (1.1.21 regression)
- pthread_key_create spuriously failed under race condition (1.1.21 regression)
- fdopendir wrongly succeeded with O_PATH file descriptors
- gets behaved incorrectly in presence of null bytes
- namespace violations in c11 tsd and mutex function dependencies
- incorrect prototype for makecontext (unimplemented)
arch-specfic bugs fixed:
- s390x had wrong values for POSIX_FADV_DONTNEED/_NOREUSE
Extensively tested on dozens of devices, covering most popular architectures.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Dainis Jonitis <dainis.jonitis@ubnt.com>
Signed-off-by: Roman Yeryomin <roman@advem.lv>
This problem exposed when compiling glibc, but applicable across the
board. gcc compiles runtime libraries for all supported architectures,
unless otherwise specified, and later selects applicable library based
-m[arch,cpu,*] options, thus these options should not be passed to gcc
as they break the compilation process.
Signed-off-by: Boris Krasnovskiy <borkra@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[modified so it only touches ARM - I'm too chicken, changed authors email]
Set the toolchain's ARM CPU and FPU architectures by utilizing' gcc's
--with-cpu / --with-fpu configure options that: "Specify which cpu
variant the compiler should generate code for by default. cpu will
be used as the default value of the -mcpu= switch."
This will resolve the following kernel compilation failures under
gcc 8.x on ARM because the kernel wants to set (possibly conflicting)
optimization flags.
.../ccyVnmrs.s:204: Error: selected processor does not support `dmb ish' in ARM mode
.../ccyVnmrs.s:215: Error: architectural extension `mp' is not allowed for the current base architecture
.../ccyVnmrs.s:216: Error: selected processor does not support `pldw [r4]' in ARM mode
Because this is a big change, the .config and toolchain need to be
refreshed (as in removed and regenerated).
Reported-by: Ansuel Smith <ansuelsmth@gmail.com>
Reported-by: Daniel Engberg <daniel.engberg.lists@pyret.net> [#1203]
Signed-off-by: Boris Krasnovskiy <borkra@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [extended commit message,
removed now-deprecated CPU_CFLAGS, changed author to gmail address]
Use GCC 8.3.0 by default for ARC targets
Includes a fix by Evgeniy Didin which fixes GCC version selection if
DEVEL isn't set
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
9f44fa22cb Add compiler barriers around modifications of the robust mutex list for pthread_mutex_trylock. [BZ #24180]
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
<https://www.openwall.com/lists/musl/2019/01/21/8>
"This release makes improvements with respect to default thread stack
size, including increasing the default from 80k to 128k, increasing
the default guard size from 4k to 8k, and allowing the default to be
increased via ELF headers so that programs that need larger stacks can
be build without source-level changes, using just LDFLAGS.
Insufficient stack size for AIO threads on kernels that don't honor
the constant MINSIGSTKSZ is also fixed.
The glob core has been rewritten to fix inability to see past
searchable-but-unreadable path components, and to avoid excessive
stack usage and unnecessary syscalls. The tsearch AVL tree
implementation has also been rewritten for better size and
performance. The math library adds more native single-instruction
implementations for arm, s390x, powerpc, and x86_64.
Various bugs are fixed, including several possible deadlocks, one of
which was a new regression in 1.1.20."
detailed release notes can be found in the WHATSNEW file:
<http://git.musl-libc.org/cgit/musl/tree/WHATSNEW#n1989>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Commit e61061a088 added support for hardening
options in the toolchain. However this breaks the gcc5.5.0 compilation in
case FORTIFY_SOURCE is set different from FORTIFY_SOURCE_NONE as reported
in [1].
Fix this by backporting the upstream patch which fixes this in later gcc versions
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?format=multiple&id=61164
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Instead of silently downgrading any non-MD5 crypt() request to DES,
cleanly fail with return NULL and errno = ENOSYS. This allows callers
to notice the missing support instead of the unwanted silent fallback
to DES.
Also add a menuconfig toolchain option to optionally disable the crypt
size hack completely. This can be probably made dependant on SMALL_FLASH
or a similar feature indicator in a future commit.
Ref: https://github.com/openwrt/openwrt/pull/1331
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
68c2930a56 NEWS: add entries for bugs 23275, 23861, and 23907
766e8fb932 intl: Do not return NULL on asprintf failure in gettext [BZ #24018]
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
3981fc3453 malloc: Always call memcpy in _int_realloc [BZ #24027]
f6d0e8c36f Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bug 23861)
2794474c65 powerpc: Add missing CFI register information (bug #23614)
d8ca7a0c71 Fix _dl_profile_fixup data-dependency issue (Bug 23690)
f1e211096b inet/tst-if_index-long: New test case for CVE-2018-19591 [BZ #23927]
4e9f34e54f support: Implement <support/descriptors.h> to track file descriptors
e75481a7a7 support: Close original descriptors in support_capture_subprocess
0f79dc0be3 support_quote_string: Do not use str parameter name
6b2dd53aa0 support: Implement support_quote_string
50477165b9 malloc: Add another test for tcache double free check.
4b246928bd malloc: tcache double free check
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>