Commit Graph

1987 Commits

Author SHA1 Message Date
Linhui Liu
c4b5239b63 tools/xz: update to 5.4.0
Release notes:
    https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;hb=HEAD

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2023-01-07 17:17:04 +01:00
Linhui Liu
4501f6f77c tools/llvm: update to 15.0.6
Release Notes:
	https://discourse.llvm.org/t/llvm-15-0-0-release/65099
	https://discourse.llvm.org/t/llvm-15-0-1-released/65380
	https://discourse.llvm.org/t/llvm-15-0-2-released/65695
	https://discourse.llvm.org/t/llvm-15-0-3-released/66036
	https://discourse.llvm.org/t/llvm-15-0-4-released/66337
	https://discourse.llvm.org/t/llvm-15-0-5-release/66616
	https://discourse.llvm.org/t/llvm-15-0-6-released/66899

Remove HOST_BUILD_PARALLEL as it's default now.

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2023-01-06 18:05:47 +01:00
Markus Stockhausen
a51ca085bf tools: Add gzip-libdeflate advanced compressor
Several devices provide U-Boot versions with only gzip compressed kernel
support (e.g. Realtek switches). This compression method produces larger
images than lzma. To save space on flash and avoid going the hard way with
lzma-loader we can make use of enhanced gzip tool based on libdeflate
compression library from https://github.com/ebiggers/libdeflate. It
keeps 100% deflate/gzip compatibility while improving compression ratio.
The image can be unpacked by the default inflate routines inside U-Boot.

Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
[Switched to v1.15 and made it work with cmake]
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Reviewed-by: Rosen Penev <rosenp@gmail.com>
Reviewed-by: Sander Vanheule <sander@svanheule.net>
2023-01-02 10:15:37 +01:00
Olliver Schinagl
ae614fb397
tools: Improve diffability/maintainability
There's no purpose to squish multiple tools into a single line (and
spread those out over multiple lines). It might look 'nice' in certain
conditions, but it's annoying to maintain.

For example, but not limited to:
* adding/removing tools, causes hard to read diffs
* Duplicates are harder to spot
* Sorting can not be (easily?) automated

With this proposed change, the above annoyances go away. Inserting a new
tool can be done with a single line-change-diff, sorting can be done by
any editor (in vi, select, :sort for example) and dupes are much easier
to spot.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
2022-12-24 11:54:10 +01:00
Nick Hainke
a0bf926a46 tools/xz: update to 5.2.10
Update to latest version.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-12-19 23:25:35 +01:00
Linhui Liu
1e0709ea39 tools/patchelf: update to 0.17.0
Update to the latest released version.

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2022-12-18 23:19:23 +01:00
Hauke Mehrtens
963c77158c tools/sed: Fix handling of symlinks of 128 chars
If the absolute path a symlink is pointing to is 128 bytes long sed
failed with an error message like this: "<path>/sedstbU8O: Not a directory"

This fixes a problem building python seen in the build bot.

This patch is on its way into upstream sed.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-12-18 21:40:58 +01:00
Linhui Liu
ee0cade014 tools/libressl: update to 3.7.0
Release notes:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.0-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.1-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.7.0-relnotes.txt

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2022-12-18 16:34:47 +01:00
Linhui Liu
fc47874ef4 tools/bash: update to 5.2.15
Update to the latest released version.

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2022-12-17 20:26:51 +01:00
Linhui Liu
4609228432 tools/mpc: update to 1.3.1
Version 1.3.1 new features:
	Bug fix: It is again possible to include mpc.h without including stdio.h.
Version 1.3.0 new features:
    New function: mpc_agm
    New rounding modes "away from zero", indicated by the letter "A" and corresponding to MPFR_RNDA on the designated real or imaginary part.
    New experimental ball arithmetic.
    New experimental function: mpc_eta_fund
    Bug fixes:
        mpc_asin for asin(z) with small |Re(z)| and tiny |Im(z)|
        mpc_pow_fr: sign of zero part of result when the base has up to sign the same real and imaginary part, and the exponent is an even positive integer
        mpc_fma: the returned int value was incorrect in some cases (indicating whether the rounded real/imaginary parts were smaller/equal/greater than the exact values), but the computed complex value was correct.
    Remove the unmaintained Makefile.vc; build files for Visual Studio are maintained independently by Brian Gladman.

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2022-12-17 17:46:32 +01:00
Linhui Liu
4e88a00950 tools/ccache: update to 4.7.4
Release Notes:
    https://ccache.dev/releasenotes.html#_ccache_4_7_3
    https://ccache.dev/releasenotes.html#_ccache_4_7_4

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2022-12-17 20:49:15 +08:00
Sander Vanheule
fef55d5ffd firmware-utils: fix archive checksum
PKG_SOURCE_DATE was modified after updating PKG_MIRROR_HASH, causing the
latter to change. This results in a warning during builds and rejected
downloads.

Fixes: 232879a7b7 ("firmware-utils: bump to git HEAD")
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-12-15 17:47:05 +01:00
Sander Vanheule
232879a7b7 firmware-utils: bump to git HEAD
Adds support for building TP-Link CPE605v1 factory images

    bd856eff4850 tplink-safeloader: add TP-Link CPE605 v1 Support

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-12-15 14:24:25 +01:00
Stijn Tintel
bd911b4538 tools/dosfstools: fix PKG_SOURCE
Both mirrors provided in the Makefile only serve gzipped tarballs.

Fixes: #10871
Fixes: 9edfe7dd13 ("source: Switch to xz for packages and tools where possible")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-12-14 20:29:36 +02:00
Hannu Nyman
f72be4524d tools/cmake: update to 3.25.1
Update cmake to version 3.25.1

* refresh patches

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2022-12-06 23:10:40 +01:00
Hauke Mehrtens
60e335b76e e2fsprogs: Fix CVE-2022-1304
This fixes CVE-2022-1304:
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5.
This issue leads to a segmentation fault and possibly arbitrary code
execution via a specially crafted filesystem.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-12-06 23:09:00 +01:00
Nick Hainke
d010e36a0d tools/xz: update to 5.2.9
Update to latest release.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-12-03 20:40:36 +01:00
Nick Hainke
6bac7bbf46 tools/mpfr: update to 4.1.1
Changes:
- Bug fixes
- Improved manual formatting

Refresh patches:
- 001-only_src.patch

Import patch fixing macro bug:
- 002-Fix-mpfr_custom_get_kind-macro-bug.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-11-27 00:52:06 +01:00
Nick Hainke
9a542930cd tools/bash: update to 5.2.9
Update to latest release.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-11-26 17:04:33 +01:00
Thomas Weißschuh
0d375de10d tools/patch: apply patch for EACCES on xattr copy
When compiling OpenWRT on a compressed btrfs volume the build fails in
libtool.
The file `libltdl/config/ltmain.m4sh` from `libtool-2.4.2.tar.xz` is
missing write permissions, therefore patch falls back to copying the
file and patching that. During this patch tries to preserve all file
attribute on the new copy.
However the attribute `btrfs.compression` is privileged and btrfs return
EACCES.
While patch ignores multiple other error codes during the copy of xattr
copy it is not prepared for EACCES and aborts.

EACCES should be ignored the same way as the other errors.

Build log:
```
...
Applying ./patches/000-relocatable.patch using plaintext:
patching file libltdl/config/general.m4sh
patching file libtoolize.in
patching file libtoolize.m4sh
patching file libltdl/m4/libtool.m4

Applying ./patches/100-libdir-fixes.patch using plaintext:
patching file libltdl/config/ltmain.m4sh
File libltdl/config/ltmain.sh is read-only; trying to patch anyway
patching file libltdl/config/ltmain.sh
patch: setting attribute btrfs.compression for btrfs.compression: Permission denied
Patch failed!  Please fix ./patches/100-libdir-fixes.patch!
```

Link: https://lists.gnu.org/archive/html/bug-patch/2022-11/msg00000.html
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
2022-11-20 18:44:43 +01:00
Nick Hainke
64373d2a12 tools/sed: update to 4.9
Release Notes:
https://lists.gnu.org/archive/html/info-gnu/2022-11/msg00001.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-11-18 19:52:54 +01:00
Nick Hainke
511d02a758 tools/xz: update to 5.2.8
Update to latest release.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-11-16 23:30:11 +01:00
Felix Fietkau
a06e023b4e mac80211: remove old legacy legacy drivers
Get rid of drivers that are either limited to 802.11b/g or don't even support
cfg80211/mac80211. Most of these are either limited to boards that we don't even
support anymore because of firmware size, or were only used for custom hacks by
a really small number of users in the past.
Let's get rid of those to reduce the maintenance effort and the number of useless
packages

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-11-09 20:44:28 +01:00
Nick Hainke
52167feff8 tools/fakeroot: update to 1.30.1
Release Notes:
https://tracker.debian.org/news/1381350/accepted-fakeroot-1301-1-source-into-unstable/

Refresh patches:
- 600-macOS.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-11-05 14:07:46 +00:00
Nick Hainke
e0e7e349fa tools/elfutils: update to 1.88
Release Notes:
https://sourceware.org/pipermail/elfutils-devel/2022q4/005561.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-11-05 14:07:46 +00:00
Nick Hainke
17dd18d993 tools/mtd-utils: update to 2.1.5
Release Notes:
https://lore.kernel.org/buildroot/c0992bbb-9487-9a51-ea9f-39cf074b61ec@sigma-star.at/

Refresh patches:
- 130-lzma_jffs2.patch
- 320-mkfs.jffs2-SOURCE_DATE_EPOCH.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-11-05 14:07:46 +00:00
Nick Hainke
f06e995c13 tools/mtools: update to 4.0.42
Release Notes:
https://lists.gnu.org/archive/html/info-mtools/2022-10/msg00000.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-11-05 14:07:46 +00:00
Raihaan Shouhell
7fd764dc52 tools/ccache: update to 4.7.2
Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_7_2

Signed-off-by: Raihaan Shouhell <raihaanhimself@gmail.com>
2022-10-31 22:00:15 +01:00
Raihaan Shouhell
c1c4a5e007 tools/ccache: update to 4.7.1
Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_7_1

Signed-off-by: Raihaan Shouhell <raihaanhimself@gmail.com>
2022-10-31 22:00:15 +01:00
Raihaan Shouhell
06e34a05f9 tools/ccache: update to 4.7
Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_7

Signed-off-by: Raihaan Shouhell <raihaanhimself@gmail.com>
2022-10-31 22:00:15 +01:00
Nick Hainke
23a456aef1 expat: update to 2.5.0
Fixes CVE-2022-43680.

Changes:
https://github.com/libexpat/libexpat/blob/R_2_5_0/expat/Changes

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-31 21:27:48 +01:00
Daniel Golle
e3706bf497
tools/mkimage: bring back removed patches
Patches for mtk_image supporting newer SoCs have been dropped in the
process of updating mkimage to U-Boot 2022.10. While it is true that
the patches have been merged upstream a while ago, they were not merged
in time to be part of the U-Boot 2022.10 release.
See also commit 537b423d9f ("uboot-mediatek: update to U-Boot 2022.10")
which explicitly mentions that.

Fixes: 6e245777bd ("tools/mkimage: update to 2022.10")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-10-23 16:29:59 +01:00
Hauke Mehrtens
2c603ecb55 tools/genext2fs: Add dependency to libtool
This fixes the following build error:
  ./autogen.sh: line 13: aclocal: command not found

Fixes: b6d29af947 ("tools/genext2fs: update to 1.5.0")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-10-23 01:45:52 +02:00
Nick Hainke
b6d29af947 tools/genext2fs: update to 1.5.0
Update to latest version.

Remove patches:
- 100-c99_scanf.patch
- 200-autoconf.patch
- 300-blocksize-creator.patch
- 400-byteswap_fix.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-22 22:53:24 +02:00
Nick Hainke
f21394c4d1 tools/genext2fs: switch to codeload.github.com
As written on the genext2fs.sourceforge.net page:
"If you want bugfixes and nicer features though, you will have to grab
the source from github and build it yourself."

This commit switches the download from sourceforge to
codeload.github.com.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-22 22:53:24 +02:00
Nick Hainke
7179b06898 tools/dwarves: update to 1.24
Release Notes:
https://lwn.net/Articles/905738/

Switch to https "fedorapeople.org"-mirror. Use $(AUTORELEASE).

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-22 22:53:24 +02:00
Nick Hainke
d213f27339 tools/bash: update to 5.2
Release Notes:
https://lists.gnu.org/archive/html/bug-bash/2022-09/msg00056.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-22 22:53:24 +02:00
Nick Hainke
d1386dd32a tools/zlib: update to 1.2.13
Switch to "https github.com" for downloading source files.

Release Announcements:
https://github.com/madler/zlib/releases/tag/v1.2.13

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-22 22:53:24 +02:00
Nick Hainke
a8bbce498e tools/bc: update to 1.07.1
Changes:
  Fixed ibase extension causing problems for read()
  Fixed parallel make problem.

Remove the "003-bc-fix-hang.patch" because the hang is fixed upstream.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-22 22:50:37 +02:00
Nick Hainke
1699ace3a4 tools/mtools: update to 4.0.41
Release Notes:
https://lists.gnu.org/archive/html/info-gnu/2022-09/msg00011.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-22 22:50:37 +02:00
Nick Hainke
ef51c0150a tools/xz: update to 5.2.7
Update to latest version.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-22 22:50:37 +02:00
Nick Hainke
6e245777bd tools/mkimage: update to 2022.10
Remove upstreamed patches:
- 020-tools-mtk_image-split-gfh-header-verification-into-a.patch
- 021-tools-mtk_image-split-the-code-of-generating-NAND-he.patch
- 022-tools-mtk_image-add-support-for-nand-headers-used-by.patch

Refreshed manually:
- 030-allow-to-use-different-magic.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-22 22:50:36 +02:00
Rosen Penev
3268f7b9fa
tools: remove implicit dependencies
Small cleanup.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-10-20 00:33:25 +02:00
Rosen Penev
a63805b25f
tools: add Host/Uninstall where possible
This cleans staging_dir when calling tool/x/clean.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-10-20 00:33:22 +02:00
Daniel Cousens
3bd04767ba
build: prefer HTTPS if available (for packages)
Changes PKG_SOURCE_URL's for arptables, bsdiff, dnsmasq,
fortify-headers, ipset, ipset-dns, libaudit, libpcap, libressl,
lua, lua5.3, tcpdump and valgrind, to HTTPS

Signed-off-by: Daniel Cousens <github@dcousens.com>
2022-10-05 17:37:07 +02:00
Nick Hainke
39c8beae32 tools/cmake: update to 3.24.2
Release Notes:
https://www.kitware.com/cmake-3-24-2-is-available-for-download/

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-02 20:21:55 +02:00
Nick Hainke
107f82292b tools/expat: switch to tar.xz to save bandwidth
The tar.xz download is a bit smaller. Use this download to save traffic.

Suggested-by: hardfalcon
Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-02 16:16:07 +02:00
Nick Hainke
1b3a524e1d tools/expat: update to 2.4.9
Fixes CVE-2022-40674.

Release Notes:
https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-10-02 16:16:07 +02:00
Rosen Penev
875e17774b tools/meson: backport WSL2 fix
For some reason, Microsoft's Plan9 driver returns IOError on missing
file.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-10-02 16:05:32 +02:00
Christian Marangi
ebabdff401
tools: add option BUILD_ALL_HOST_TOOLS to compile all host tools
Add option to compile all host tools even if not needed.
This can be useful to prepare a universal precompiled host tools
archive to use in another buildroot and speedup compilation.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-30 22:26:54 +02:00
Rosen Penev
0e3d51ccae tools/cmake: fix compilation with host libzstd-dev
cmake's find_package looks at host paths first for some reason. Switch
to using pkgconfig for the search, matching other modules.

Fixes: 3848cf458e ("tools/cmake: Build without some included libs")
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-30 13:12:42 -07:00
Rosen Penev
3848cf458e
tools/cmake: Build without some included libs
Saves a little bit of time when compiling cmake.

Added patches to fix searching liblzma and zlib. The issue is that
because pkgconfig is not used, the system libraries get used.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-29 19:33:17 +02:00
Rosen Penev
89df3589e6
tools/expat: build with autotools again
Allows to set expat as a dependency to cmake and save on compilation
time.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-29 19:33:17 +02:00
Rosen Penev
d602e7a969
tools/zlib: switch to configure script
A future commit will make tools/cmake use this.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-29 19:33:13 +02:00
Rosen Penev
b71affaf8b tools: fix firmware-utils depends
When firmware-utils was converted to use cmake, the dependency was not
updated.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-27 15:35:41 -07:00
Christian Marangi
6e90cb60e4
Revert "tools/zstd: build libraries as static"
This reverts commit e3989094b8.
Require more testing as it does cause compilation error.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-27 23:17:51 +02:00
Rosen Penev
e3989094b8
tools/zstd: build libraries as static
Enables to get rid of rpath hack for all users.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-09-27 21:28:49 +02:00
Nick Hainke
83ea2e11b4
ccache: update to 4.6.3
Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_3

Refresh patch:
- 100-honour-copts.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-27 18:22:31 +02:00
Nick Hainke
ac61cf596c
tools/ccache: update to 4.6.2
Release notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_2

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-27 18:22:30 +02:00
Nick Hainke
2e87e24e43
tools/ccache: update to 4.6.1
Release notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_1

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-27 18:22:27 +02:00
Michael Pratt
1e726ba015 tools/cmake: fix download url with make variables
Use a make variable pattern for the url
so that only one version number needs to be changed
when version is bumped.

Signed-off-by: Michael Pratt <mcpratt@pm.me>
2022-09-19 17:30:16 -04:00
Ilya Katsnelson
21dfd7289b
tools/bc: use more compatible shebang
Update the existing patch to use a shebang that works on systems that
don't have a /bin/bash, e.g. NixOS or GuixSD.

Signed-off-by: Ilya Katsnelson <me@0upti.me>
2022-09-14 00:06:15 +02:00
Daniel Golle
b4d8114770 firmware-utils: update to git HEAD
0c92b20 iptime-crc32: add support for A6004MX

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-09-12 01:43:49 +01:00
Hauke Mehrtens
600741bf2e firmware-utils: update to git HEAD
71e1db6 tplink-safeloader: add TP-Link Deco S4 v2 support

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-09-11 21:54:00 +02:00
Daniel Golle
a99707d14c Revert "tools/meson: update to 0.63.1"
This reverts commit da95084d34.
It was pulled by accident.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-09-07 04:47:04 +01:00
Nick Hainke
8ad03a2cd7 tools/llvm: update to 14.0.6
Update to latest version.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-07 04:22:40 +01:00
Nick Hainke
da95084d34 tools/meson: update to 0.63.1
Release Notes:
- 0.62.0 https://mesonbuild.com/Release-notes-for-0-62-0.html
- 0.63.0 https://mesonbuild.com/Release-notes-for-0-63-0.html
- (other notes are not available)

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-07 04:22:40 +01:00
Nick Hainke
f94b67d893 tools/fakeroot: update to 1.29
Release Notes:
8dd9e34a2e

Refresh patches:
- 400-alpine-libc.musl-fix.patch
- 600-macOS.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-07 04:22:40 +01:00
Nick Hainke
46dc7e63c4 tools/expat: update to 2.4.8
Release Notes:
https://github.com/libexpat/libexpat/blob/R_2_4_8/expat/Changes

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-07 04:22:39 +01:00
Nick Hainke
7b8f2dc6ec tools/bc: update to 1.07
Update to latest version. Replace mirror with @GNU/bc.

Manually refresh:
- 001-no_doc.patch

Add patch found here:
26f275502d
as 002-fix-libmath.patch to fix compilation.

Add another patch found here:
55b26eda94
as 003-bc-fix-hang.patch to prevent a hang when building the kernel.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-07 04:22:39 +01:00
Nick Hainke
534e72ea0f tools/pkgconf: update to 1.9.3
Release Notes:
https://github.com/pkgconf/pkgconf/blob/pkgconf-1.9.3/NEWS

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-07 04:22:39 +01:00
Nick Hainke
e12504a4d0 tools/cmake: refresh patches
Previous commit forgot to refresh the patches.
This commit refreshes the patches:
- 120-curl-fix-libressl-linking.patch
- 130-bootstrap_parallel_make_flag.patch

Fixes: 3b2f19271c ("tools/cmake: update to 3.24.1")

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-07 04:22:39 +01:00
Nick Hainke
3f6d66d984 tools/bc: add PKG_CPE_ID
Add CPE ID for tracking CVEs.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-09-06 16:35:02 +01:00
Petr Štetiar
88c9056a70 tools: remove xxd package
It shouldn't be needed anymore as we've now `scripts/xxdi.pl`, which
should be self contained and fully compatible `xxd -i` replacement.

Fixes: #10555
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-09-06 08:04:53 +02:00
Daniel Golle
8686a9a085 tools: mkimage: Add support for MediaTek MT798x
Import pending patches for mtk_image to support BootROM headers of
newer MediaTek SoCs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-08-28 19:01:55 +01:00
Nick Hainke
3b2f19271c tools/cmake: update to 3.24.1
Update cmake to newest version.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-08-20 23:26:36 +02:00
Nick Hainke
ce3e467d61 tools/isl: update to 0.25
Update isl to latest version.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-08-20 23:25:52 +02:00
Nick Hainke
20f8101a26 tools/xz: update to 5.2.6
This update contains a security fix to xzgrep (CVE-2022-1271,
ZDI-CAN-16587). Release notes:
https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;hb=HEAD

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-08-20 23:25:32 +02:00
Hauke Mehrtens
67efb6a661 tools: mtd-utils: Update to version 2.1.4
Update to most recent version of mtd-utils and sync with version from
package folder.

Use a https download server instead of ftp.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-08-13 14:05:29 +02:00
Hauke Mehrtens
3efe595df9 tools: elfutils: Update to version 0.187
Update to most recent version of elfutils and sync with version from
package folder.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-08-13 14:05:29 +02:00
Hauke Mehrtens
d73e11b9c8 tools: e2fsprogs: Update to version 1.46.5
Update to most recent version of e2fsprogs and sync with version from
package folder.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-08-13 14:05:29 +02:00
Daniel Golle
68cd4dc3ed mkimage: fix validation of legacy images with custom magic
All images generated by mkimage are now always validated.
This change broke our downstream support for setting a custom value for
IH_MAGIC (mkimage -M ...). Make sure also plain legacy kernel images
with custom value set for IH_MAGIC validate correctly.

Fixes: fa9895ee5b ("tools: mkimage: update to U-Boot release 2022.07")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-08-12 12:02:41 +02:00
Daniel Golle
fa9895ee5b tools: mkimage: update to U-Boot release 2022.07
Removed patch 090-macos-arm64-builing-fix.patch as an equivalent
solution was applied upstream:
 3b142045e8 Support building on macOS/arm64

To not add new host dependencies (libuuid, gnuTLS) don't build the
anyway unused mkeficapsule tool which would otherwise now be built
by default.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-08-11 17:11:54 +02:00
Leonardo Mörlein
37c0d15a8e pkg-config: always use correct path for pkg-config.real
Before this commit, it was assumed that pkg-config.real is in the PATH. While
this was fine for the normal build workflow, this led to some issues if

    make TOPDIR="$(pwd)" -C "$pkgdir" compile

was called manually. The command failed with

    Makefile:15: *** No libnl-tiny development libraries found!.  Stop.
    make[1]: Leaving directory

since pkg-config of the host system was used.

After the commit, the package is built sucessfully.

Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
2022-08-11 12:47:31 +02:00
Michael Pratt
7012f2e18f tools/libressl: disable assembly code for all hosts
This SSL library is for hosts only
and not shipped as a build product,
therefore its performance quality (speed) is not critical.

Assembly code is broken in LibreSSL for some x86_64 hosts (part of git history)
and for some RISC host archs like armv7l, aarch64, powerpc, ppc64, etc...
so let's just disable it for all hosts.

For example, this fixes an instance on ARM hosts
where the host Python 3 builds broken modules which link to LibreSSL,
even with patches that enable LibreSSL support
with the import error "unexpected reloc type 3".

Ref: a395563f6 ("build: fix libressl build on x32 (amd64ilp32) host ")
Suggested-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
2022-07-31 18:46:23 +02:00
Michael Pratt
b2e2deeb8d tools/libressl: ensure PIC-only object compilation
Line up configure arguments for cleaner git diff and editing and grepping.

LibreSSL must be built with PIC, and has the flags for it already in CFLAGS.
Add the configure option native to LibreSSL to use only PIC in objects,
which further enforces that each object in the library has the PIC flag
to prevent a mixture of PIC / non-PIC objects within it.

Ref: 96a940308 ("tools: libressl: always build as PIC")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
2022-07-31 18:46:23 +02:00
Sander Vanheule
1011904199 tools: bump 7z package to 22.01
Version 22.00 of 7z causes build failures on systems using GCC 12 with
the following error:

    ../../../../C/LzmaEnc.c: In function 'LzmaEnc_CodeOneMemBlock':
    ../../../../C/LzmaEnc.c:2996:19: error: storing the address of local
    variable 'outStream' in '*p.rc.outStream' [-Werror=dangling-pointer=]
     2996 |   p->rc.outStream = &outStream.vt;
          |   ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~
    ../../../../C/LzmaEnc.c:2979:28: note: 'outStream' declared here
     2979 |   CLzmaEnc_SeqOutStreamBuf outStream;
          |                            ^~~~~~~~~
    ../../../../C/LzmaEnc.c:2979:28: note: 'pp' declared here

Upgrade to version 22.01 which contains the required fix.

Fixes: 5fcc6f0f19 ("tools: add 7z host package")
Suggested-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-07-31 15:29:39 +02:00
Nick Hainke
4538638022 mtools: update to 4.0.40
Changes:
- Remove libbsd dependency
- Better compatibility with legacy platforms such as AT&T UnixPC
- Upgraded to autoconf 2.71

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-30 23:50:44 +02:00
Daniel Golle
aeaa02afac firmware-utils: update to git HEAD
4f8d03d mkh3cimg: add image tool for H3C devices
 2483fe7 mkh3cvfs: add filesystem tool for H3C devices

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-28 16:44:50 +02:00
Jan Hoffmann
5fcc6f0f19 tools: add 7z host package
Add the 7zr command line tool, which is a version of the 7z application
that only supports 7z archives.

7z is one of the two compression formats supported in H3C firmware
images (the alternative would be ARJ).

(Alternatively, the 7zr command line tool could also be built from a
current version of the public-domain LZMA SDK. That would require
repackaging the source package, as it is only provided in 7z format.)

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2022-07-28 14:08:56 +02:00
Andre Heider
5451b03b7c tools/libressl: bump to v3.5.3
This includes API additions required for u-boot v2022.07 and Python 3.10.

https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.0-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.1-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.2-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.3-relnotes.txt

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-07-20 13:02:57 +02:00
Leonardo Mörlein
ffd9bd7b9b
automake: always use correct path for aclocal.real
Before this commit, it was assumed that aclocal.real is in the PATH. While
this was fine for the normal build workflow, this led to some issues if

    make TOPDIR="$(pwd)" -C "$pkgdir" compile

was called manually. The command failed with:

    /home/.../openwrt/staging_dir/host/bin/aclocal: line 2: aclocal.real: command not found
    autoreconf: /home/.../openwrt/staging_dir/host/bin/aclocal failed with exit status: 127

After the commit, the package is built sucessfully.

Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
2022-07-14 12:57:12 +02:00
Felix Fietkau
9dc86d1962 tools/coreutils: enable ginstall utility
For some reason, current coreutils version installed on x86 macOS via homebrew
have a bug, where at least the cc1 binary from gcc gets corrupted during install
to the staging dir.
Using the install utility from tools/coreutils fixes this

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-07-13 17:57:34 +02:00
Sander Vanheule
6445415809 firmware-utils: bump to git HEAD
The support-list partition for the EAP225-V3 board ID became larger than
the allocated size, resulting in factory image generation for the
EAP225-Outdoor v3 and EAP225 v3 to fail. The make directive
Build/tplink-safeloader ignores this failure however, resulting in a
seemingly successful build with empty factory images.

Included changes:
    e609c5d75186 tplink-safeloader: drop unqualified EAP225-V3 IDs

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-27 21:56:20 +02:00
Rosen Penev
d60cfa5a9e tools/meson: update to 0.61.5
Mostly backports by a Red Hat employee as 0.62 and newer demands Python
3.7+. Same reason 0.61 is kept here.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-06-27 00:57:15 +02:00
Sander Vanheule
326e109f24 firmware-utils: bump to git HEAD
Fixes the safeloader model identifiers for EAP225-Outdoor v1/v3 devices.

1e3d47292b2e tplink-safeloader: fix EAP225-Outdoor model IDs
9563fe8e78cb tplink-safeloader: add regionless EAP225-V3 IDs

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-06-26 16:58:05 +02:00
Josef Schlehofer
25534d5cc2 tools/libressl: update to version 3.4.3
Release notes:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.3-relnotes.txt

```
It includes the following security fix:

    * A malicious certificate can cause an infinite loop.
      Reported by and fix from Tavis Ormandy and David Benjamin, Google.
```

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-06-19 12:31:02 +02:00
Rosen Penev
a7be143646 tools/ninja: update to 1.11.0
Updated patchset to latest.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-06-13 19:50:25 +02:00
Daniel Golle
3fbf9689b6
tools/mkimage: increase tmpfile name length limit
mkimage limits the length of the file paths in can deal with to 256
characters. Turns out that in automated builds by asu we break this
limit, so increase it to 1024 characters.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-06-05 11:32:58 +01:00
Sander Vanheule
acca36f71f firmware-utils: bump to git HEAD
Fixes an out of bounds issue, adds support for TP-Link safeloader images
with non-default partition names, and adds image generation support for:
  - TP-Link Archer A6 v2 (EU)
  - TP-Link EAP225 v4
  - TP-Link EAP225-Outdoor v3

365458e00ed7 tplink-safeloader: join EAP225-V3 compatible devices
0277810d353d tplink-safeloader: fix chunked support-list prints
a64f89c66318 tplink-safeloader: Patch to handle partitions with alternate names.
07f78f071075 firmware-utils: tplink-safeloader: add support for Archer A6 v2 (EU)
49ea62160d21 tplink-safeloader: fix alphabetical order

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-05-27 10:20:03 +02:00
Stijn Tintel
6eec1a5225 tools/elfutils: drop HOST_BUILD_DEPENDS
This is only effective for host build of normal packages, not tools.

Fixes: ad79b92719 ("elfutils: move host build to tools")
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-05-19 02:37:25 +03:00
Stijn Tintel
f64bd4b6ce tools/elfutils: only build required components
Building all of the components results in strip being installed in
staging_dir/host/bin. This strip binary will take precedence over
binutils strip that is installed in the toolchain directory.

This will not work on host systems that do not have libdw installed, as
we do not set HOST_LDFLAGS to override rpath to staging_dir/host/lib.
However, rather than overriding rpath, we should just avoid using
elfutils strip entirely.

Override the SUBDIRS variable in the Makefile to only build and install
the libraries we require for dwarves and frr.

Fixes the following build failure in toolchain/gdb:
strip: error while loading shared libraries: libdw.so.1: cannot open shared object file: No such file or directory

Fixes: ad79b92719 ("elfutils: move host build to tools")
Reported-by: Dominick Grift <dominick.grift@defensec.nl>
Reported-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-05-19 02:36:48 +03:00
Stijn Tintel
16e9ccd5fa tools/elfutils: depend on m4
Some buildbots fail to build elfutils due to m4 being missing. Add m4 as
a dependency for elfutils to fix this.

Fixes: ad79b92719 ("elfutils: move host build to tools")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-05-18 16:17:35 +03:00
Tony Ambardar
02850d7c9c tools/dwarves: add host package
dwarves is a set of tools that use the debugging information inserted in
ELF binaries by compilers such as GCC. Utilities in the dwarves suite
include pahole, which can be used to find alignment holes in structs and
classes, and also extracts other information such as CPU cacheline
alignment, helping pack those structures to achieve more cache hits.

These tools are also used to encode and read the BTF type information
format used with the bpf syscall, making this a Linux build dependency
when using kernel BTF information.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
[bump to 1.23, add elfutils dep, drop host lib usage, drop cmake release
target, use RM macro]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-05-18 13:32:06 +03:00
Stijn Tintel
ad79b92719 elfutils: move host build to tools
The upcoming dwarves host package requires elfutils. As dependencies for
tools must exist in tools, we need to move elfutils host build there.

As there is at least one package that depends on this, and there is no
proper way to create such dependency in the build system, build it
unconditionally when not building on macOS.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-05-18 13:32:06 +03:00
Sander Vanheule
0f207ade12 firmware-utils: bump to git HEAD
Includes image support for new TP-Link devices:

  ddc3e00e314d tplink-safeloader: add TP-Link EAP265 HD support
  ceea1a7fe56e tplink-safeloader: add TP-Link Deco M4R v1 and v2 support

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2022-04-27 20:29:37 +02:00
Hauke Mehrtens
36790ca694 firmware-utils: bump to git HEAD
05fd700 tplink-safeloader: TP-Link RE650 v2 support

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-04-23 21:58:46 +02:00
Daniel Golle
08ebc3881d
mtools: update to version 4.0.39
Improvements since the 4.0.38 release are:
 - Rename strtoi to strosi (string to signed int). The strtoi
   function on BSD does something else (returns an intmax, not
   an int)

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-15 01:18:28 +01:00
Rosen Penev
19f3fcc884 tools/meson: update to 0.61.4
Override python to use the one in host instead of hostpkg. There's no
need to use the latter.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-04-09 15:56:04 +02:00
leo chung
56f091d467 tools/cmake: fix download url
fix the cmake.org download url

Signed-off-by: leo chung <gewalalb@gmail.com>
2022-04-09 15:56:04 +02:00
Paul Spooren
5959c46456 tools: SOURCE_DATE_EPOCH handling for mkfs.fat
Backport upstream patch to have reproducible FAT signatures.
This should enable reproducibility for x86 EFI images.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2022-03-31 00:56:34 +01:00
Petr Štetiar
9d8f620679 tools/zlib: bump to latest stable release 1.2.12 (CVE-2018-25032)
List of changes since previous release from 2018 is quite long:

 * Fix crc32.c to compile local functions only if used.
 * Check for cc masquerading as gcc or clang in configure.
 * Remove destructive aspects of make distclean.
 * Separate out address sanitizing from warnings in configure.
 * Eliminate use of ULL constants.
 * Add fallthrough comments for gcc.
 * Clean up minizip to reduce warnings for testing.
 * Fix unztell64() in minizip to work past 4GB. (Daniël Hörchner)
 * minizip warning fix if MAXU32 already defined. (gvollant)
 * Replace black/white with allow/block. (theresa-m)
 * Fix indentation in minizip's zip.c.
 * Improve portability of contrib/minizip.
 * Correct typo in blast.c.
 * Change macro name in inflate.c to avoid collision in VxWorks.
 * Clarify gz* function interfaces, referring to parameter names.
 * Fix error in comment on the polynomial representation of a byte.
 * Fix memory leak on error in gzlog.c.
 * Avoid adding empty gzip member after gzflush with Z_FINISH.
 * Explicitly note that the 32-bit check values are 32 bits.
 * Use ARM crc32 instructions if the ARM architecture has them.
 * Add use of the ARMv8 crc32 instructions when requested.
 * Correct comment in crc32.c.
 * Don't bother computing check value after successful inflateSync().
 * Use atomic test and set, if available, for dynamic CRC tables.
 * Speed up software CRC-32 computation by a factor of 1.5 to 3.
 * Add crc32_combine_gen() and crc32_combine_op() for fast combines.
 * Add tables for crc32_combine(), to speed it up by a factor of 200.
 * Fix the zran.c example to work on a multiple-member gzip file.
 * Add gznorm.c example, which normalizes gzip files.
 * Show all the codes for the maximum tables size in enough.c.
 * Clarify that prefix codes are counted in enough.c.
 * Use inline function instead of macro for index in enough.c.
 * Clean up code style in enough.c, update version.
 * Use a macro for the printf format of big_t in enough.c.
 * Use a structure to make globals in enough.c evident.
 * Assure that the number of bits for deflatePrime() is valid.
 * Fix a bug that can crash deflate on some input when using Z_FIXED.
 * Correct the initialization requirements for deflateInit2().
 * Emphasize the need to continue decompressing gzip members.
 * Add legal disclaimer to README.
 * Fix deflateEnd() to not report an error at start of raw deflate.
 * Remove old assembler code in which bugs have manifested.
 * Make the names in functions declarations identical to definitions.
 * Avoid an undefined behavior of memcpy() in _tr_stored_block().
 * Avoid undefined behaviors of memcpy() in gz*printf().
 * Avoid an undefined behavior of memcpy() in gzappend().
 * Avoid the use of ptrdiff_t.
 * Handle case where inflateSync used when header never processed.
 * Don't compute check value for raw inflate if asked to validate.
 * Add address checking in clang to -w option of configure.
 * Return an error if the gzputs string length can't fit in an int.
 * Small speedup to inflate [psumbera].
 * Update use of errno for newer Windows CE versions.
 * Avoid some conversion warnings in gzread.c and gzwrite.c.
 * Have Makefile return non-zero error code on test failure.
 * Avoid a conversion error in gzseek when off_t type too small.
 * Fix CLEAR_HASH macro to be usable as a single statement.
 * Fix bug when window full in deflate_stored().
 * Limit hash table inserts after switch from stored deflate.
 * Permit a deflateParams() parameter change as soon as possible.
 * Cygwin does not have _wopen(), so do not create gzopen_w() there.

Removed 006-fix-compressor-crash-on-certain-inputs.patch which was
hotfix for CVE-2018-25032 and is now included in this release.

This release is not available on @SF (yet?) so the sources are now
pulled from GitHub.

Fixes: CVE-2018-25032
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-03-28 09:27:56 +02:00
Petr Štetiar
b3aa2909a7 zlib: backport security fix for a reproducible crash in compressor
Tavis has just reported, that he was recently trying to track down a
reproducible crash in a compressor. Believe it or not, it really was a
bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.

Tavis has reported it upstream, but it turns out the issue has been
public since 2018, but the patch never made it into a release. As far as
he knows, nobody ever assigned it a CVE.

Suggested-by: Tavis Ormandy <taviso@gmail.com>
References: https://www.openwall.com/lists/oss-security/2022/03/24/1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-03-24 08:15:24 +01:00
Rosen Penev
9c290ad498 tools/ccache: update to 4.6
Full changelog: https://ccache.dev/releasenotes.html#_ccache_4_6

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-13 19:24:13 +01:00
Rosen Penev
9a44bc78b4 tools/fakeroot: update to 1.28
Refreshed patches.

Upstream says there's only a bugfix for GNU Hurd.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-13 19:24:13 +01:00
Rosen Penev
f88a6da020 tools/cmake: update to 3.22.3
Seems to be mostly pthread fixes.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-13 19:24:13 +01:00
Rosen Penev
7f92046dff tools/mtools: update to 4.0.38
No real changelog available.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-13 19:24:13 +01:00
Rosen Penev
cca5367f27 tools/expat: enable DTD
Fixes gdb usage, which depends on it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-13 10:10:30 +01:00
Rosen Penev
3150e8bf3e tools/expat: update to 2.4.7
Mostly a bug fix to the bug fix to CVE-2022-25236

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-13 10:10:30 +01:00
Sungbo Eo
4f3a565f5d tools: zip: make encrypted archives reproducible
Zip always try to generate new encryption header depending on execution
time and process id, which is far from being reproducible. This commit
changes the zip srand() seed to a predictable value to generate
reproducible random bytes for the encryption header. This will compromise
the goal of secure archive encryption, but it would not be a big problem
for our purpose.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-03-09 15:38:23 +09:00
Sungbo Eo
39d06472eb tools: zip: fetch SOURCE_DATE_EPOCH directly
Remove "--mtime" option introduced in commit 18c9faa032 ("tools: zip:
add option for reproducible archives") and instead fetch SOURCE_DATE_EPOCH
environment variable directly in the code.

Ref: https://sourceforge.net/p/infozip/patches/25/
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-03-09 15:38:23 +09:00
Felix Fietkau
545cabee9e tools/fakeroot: restore macos bugfix that was dropped during the last update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-05 16:58:58 +01:00
Josef Schlehofer
495c4f4e19 tools/libressl: update to version 3.4.2
Release notes:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt

```
It includes the following security fix

  * In some situations the X.509 verifier would discard an error on an
    unverified certificate chain, resulting in an authentication bypass.
    Thanks to Ilya Shipitsin and Timo Steinlein for reporting.
```

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-03-01 00:08:08 +01:00
Huangbin Zhan
4a19cf3bc7 tools/mkimage: update to 2022.01
- enable dot config
- enable openwrt verbose
- add bison as dependency to avoid failure
```
  bison -oscripts/kconfig/zconf.tab.c -t -l scripts/kconfig/zconf.y
bison: /builder/shared-workdir/build/staging_dir/host/share/bison/m4sugar/m4sugar.m4: cannot open: No such file or directory
```

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
40f91f6a2f tools/fakeroot: update to 1.27
Remove macOS stuff. Upstream has fixed it in the same way.

Add SOL_TCP define. Taken from elsewhere in the code.

Refreshed patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
4e13229dd1 tools/expat: update to 2.4.6
Switched to CMake for faster compilation and greater parallel
friendliness.

Added CMake options from the packages feed.

This release fixes various CVEs.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
c8fdca4f6f tools/findutils: update to 4.9.0
Add compilation fix for Ubuntu 20.04. Provided by upstream maintainer:

https://github.com/openwrt/packages/issues/17912#issuecomment-1046726426

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
94dd68ff73 tools/zstd: update to 1.5.2
Switched to building with meson as it's faster and does not need a
dependency on cmake, which takes a long time to build.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
2d5f03205a tools/ccache: add cmake dependency
This will be needed for the next commit as ccache's cmake dependency is
satisfied by zstd currenly.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
03f55708cb tools/cmake: update to 3.22.2
Mostly random Python 3.10 fixes.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
63e530a519 tools/mtools: update to 4.0.37
No changelog is available.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
c8b7065f61 tools/mklibs: update to 0.1.45
Refresh 2to3 patch. Upstream partially did this against some older
python version. This is still needed.

Refreshed other patches to be python3 safe.

Remove uClibc patches as only musl is present now.

Refresh others.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Stijn Tintel
0dc3566a3b firmware-utils: bump to git HEAD
002cfaf firmware-utils: fix compilation with macOS

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-02-28 13:12:00 +02:00
Stijn Tintel
73dfc9e7d9 firmware-utils: bump to git HEAD
706e9cc tplink-safeloader: support for Archer A6 v3 JP
  497726b firmware-utils: support checksum for AVM fritzbox wasp SOCs
  2ca6462 iptime-crc32: add support for AX8004M
  57d0e31 tplink-safeloader: TP-Link EAP615-Wall v1 support
  8a8da19 tplink-safeloader: add TL-WPA8631P v3 support
  eea4ee7 tplink-safeloader: add TP-Link Archer A9 v6 support

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-02-27 12:01:22 +02:00
Rosen Penev
628970a195 tools/meson: update to 0.61.2
Seems to be minor bugfixes with Cygwin and Windows.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-02-26 13:44:14 +01:00
Rosen Penev
68a20d8631 tools/quilt: update to 0.67
- Call pager with original LANG environment variable
  - Consistently complain early if no series file is found
  - Fix handling of symbolic links by several commands
  - Tighten the patch format parsing
  - Reuse the shell (performance)
  - Document the series file format further
  - Document that quilt loads /etc/quilt.quiltrc
  - configure: Make stat configurable
  - series: Minor optimizations
  - setup: Don't obey the settings of any englobing .pc
  - setup: Default to fast mode
  - quilt.el: Fix documentation of quilt-pc-directory
  - quilt.el: Load /etc/quilt.quiltrc if ~/.quiltrc doesn't exist
  - quilt.el: Fix quilt-editable when QUILT_PATCHES_PREFIX is set

Refresh patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[add changelog]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2022-02-25 14:12:39 +01:00
Paul Spooren
1e2549045c tools: use https for bc mirrors
All mirrors offer encrypted downloads, use it.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2022-02-24 15:36:28 +01:00
Rosen Penev
0d25db7f17 tools/cmake: add MAKE config variable
Makes sure that Ninja from staging_dir is used and nowhere else.

Reported by reproducible builds project. Builds have been failing ever
since tools/cmake started using Ninja.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-02-11 12:04:09 +01:00
Jo-Philipp Wich
af79853c73 Revert "tools/zstd: update to 1.5.2"
This reverts commit 8de901ccf7.

Apparently this update breaks tools building.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-02-07 09:03:19 +01:00
Rosen Penev
8de901ccf7 tools/zstd: update to 1.5.2
Switched to building with meson as it's faster and does not need a
dependency on cmake, which takes a long time to build.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-02-07 00:03:27 +01:00
Rosen Penev
fb6cf22866 tools/meson: update to 0.61.1
Changelog:

backend_startup_project
Add a man page backend to refman
extract_objects() supports generated sources
Python 3.6 support will be dropped in the next release
Warning if check kwarg of run_command is missing
meson rewrite can modify extra_files
meson rewrite target <target> info outputs target's extra_files
Visual Studio 2022 backend
Support for CMake <3.14 is now deprecated for CMake subprojects
Added support for sccache
install_symlink function

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-02-03 23:16:00 +01:00
Sungbo Eo
536a8021c3 firmware-utils: bump to git HEAD
0c15cad iptime-naspkg: add image header tool for ipTIME NAS series
872c87c iptime-crc32: add image header tool for new ipTIME models

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2022-01-29 23:49:39 +09:00
Daniel Golle
ebeb003470
firmware-utils: update to git HEAD of 2022-01-28
6c95945 ptgen: add Chromium OS kernel partition support
 8e7274e cros-vbutil: add Chrome OS vboot kernel-signing utility

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-01-28 13:00:25 +00:00
Felix Fietkau
3869ccbcc8 tools: build bash on macOS and use it for ipkg-build
On macOS, system binaries silently drop the environment variables for injecting
extra shared libraries (used by fakeroot). This is done for security reasons.
Work around this by building bash from source, so that it gets an ad-hoc signature
and does not have these restrictions

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-01-27 13:38:48 +01:00
Felix Fietkau
1d4750fd50 tools/coreutils: build chown
On ARM macOS, injecting extra shared libraries does not work for system
binaries. This causes fakeroot to fail for chown calls

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-01-27 13:38:48 +01:00
Felix Fietkau
53ebacacf9 tools/fakeroot: fix unresolved symbols on arm64 macOS
The $INODE64 symbol variants are not present, since the base system
always uses 64-bit file offsets

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-01-27 13:38:48 +01:00
Hauke Mehrtens
f1d4c77766 firmware-utils: update to latest master
d885b49 tplink-safeloader: support Archer C6v3.0 (BR)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-01-16 21:56:51 +01:00
Matthias Schiffer
9e15dea36e
firmware-utils: update to latest master
84dbf8ee49f5 tplink-safeloader: fix Archer A7v5 factory flashing from vendor fw > v1.1.x

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2022-01-14 23:13:23 +01:00
Josef Schlehofer
4b587f2561 tools/cmake: update to version 3.22.1
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2021-12-31 15:38:56 +01:00
Huangbin Zhan
b6385a3668 tools/mkimage: update to 2021.10
Changelog:

 - upstream now needs OpenSSL in order to be able to sign FITs. See:
commit cb9faa6f98ae ("tools: Use a single target-independent config to enable OpenSSL")

 - removes upstream patches.

Link: cb9faa6f98
Tested-by: Sergey V. Lobanov <sergey@lobanov.in>
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-12-27 13:51:41 +01:00