Commit Graph

1494 Commits

Author SHA1 Message Date
Thomas Weißschuh
30092019fe toolchain: gcc: update GCC 14 to 14.2.0
All patches automatically rebased.

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
Link: https://github.com/openwrt/openwrt/pull/16047
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-13 00:30:29 +02:00
Tony Ambardar
cc6a1e2abc
toolchain/musl: add support for renameat2()
Backport an upstream patch to support the renameat2 syscall, added in Linux
3.15 and supported by glibc since 2.28. It is commonly used in filesystem
or security contexts, and needed building upstream kernel bpf selftests.

Link:
https://inbox.vuxu.org/musl/20240421153640.379015-1-Tony.Ambardar@gmail.com/

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/15697
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-13 14:16:32 +02:00
Olcay Korkmaz
3b63abfbfc toolchain: gcc: update to 13.3
Release Notes:
https://gcc.gnu.org/pipermail/gcc/2024-May/243980.html

Remove upstreamed patches:
- patches-13.x/020-Include-safe-ctype.h-after-C-standard-headers-to-avo.patch
- patches-13.x/021-libcc1-fix-vector-include.patch
- patches-13.x/400-LoongArch-Fix-MUSL_DYNAMIC_LINKER.patch
- patches-13.x/401-LoongArch-Modify-MUSL_DYNAMIC_LINKER.patch

Refresh patches:
- patches-13.x/300-mips_Os_cpu_rtx_cost_model.patch
- patches-13.x/970-macos_arm64-building-fix.patch

Signed-off-by: Olcay Korkmaz <nuke_mania@hotmail.com>
2024-05-28 23:55:27 +02:00
Rui Salvaterra
c758d6427c toolchain: gcc: add support for GCC 14
Deleted (upstreamed):
- 020-Include-safe-ctype.h-after-C-standard-headers-to-avo.patch [1]
- 021-libcc1-fix-vector-include.patch [2]

All other patches automatically rebased.

Note that selecting GCC 14, as of now, *will* result in build failures. The
packages that fail to build will be fixed as they're found. Thus, GCC 13.x is
the default, for the time being.

[1] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=9970b576b7e4ae337af1268395ff221348c4b34a
[2] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=5213047b1d50af63dfabb5e5649821a6cb157e33

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2024-05-12 12:47:12 +01:00
Hauke Mehrtens
6b3195ae62 toolchain: glibc: Update glibc 2.38 to recent HEAD
23514c72b7 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246)
d0338312aa syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779)
d37c2b20a4 syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780)
30e546d76e x86_64: Optimize ffsll function code size.
18876c9ff5 S390: Fix building with --disable-mutli-arch [BZ #31196]
6f68075869 sparc: Fix broken memset for sparc32 [BZ #31068]
0e383d2d4e sparc64: Remove unwind information from signal return stubs [BZ#31244]
aac57faf54 sparc: Fix sparc64 memmove length comparison (BZ 31266)
0c5e5bace5 sparc: Remove unwind information from signal return stubs [BZ #31244]
b09073e631 arm: Remove wrong ldr from _dl_start_user (BZ 31339)
506e47da1d malloc: Use __get_nprocs on arena_get2 (BZ 30945)
ee4806e978 S390: Do not clobber r7 in clone [BZ #31402]
5753cda1ca linux: Use rseq area unconditionally in sched_getcpu (bug 31479)
0518bb0c16 LoongArch: Correct {__ieee754, _}_scalb -> {__ieee754, _}_scalbf
5456ff5d80 Add HWCAP2_MOPS from Linux 6.5 to AArch64 bits/hwcap.h
d8a2b56b4f AArch64: Add support for MOPS memcpy/memmove/memset
25b66e8c4a AArch64: Cleanup ifuncs
1521237c32 AArch64: Cleanup emag memset
156e44845f AArch64: Add memset_zva64
a08ff92294 AArch64: Remove Falkor memcpy
168ae58e6e aarch64: correct CFI in rawmemchr (bug 31113)
1bf17ce978 aarch64: fix check for SVE support in assembler
92da7c2cfe AArch64: Check kernel version for SVE ifuncs
20534f8176 powerpc: Fix ld.so address determination for PCREL mode (bug 31640)
e1135387de iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)
61484011e7 sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574)
78d9f91da6 login: Check default sizes of structs utmp, utmpx, lastlog
68bff88592 login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701)
decc9f504a nptl: Fix tst-cancel30 on kernels without ppoll_time64 support
29e20bd122 i386: ulp update for SSE2 --disable-multi-arch configurations
5968aebb86 CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)
541ea5172a CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678)
2ae9446c1b CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678)
71af8ca864 CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680)
e9f05fa1c6 elf: Also compile dl-misc.os with $(rtld-early-cflags)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-05-04 20:03:47 +02:00
Weijie Gao
7fcb82665e loongarch64: new target
Add target for Loongson LoongArch64-based boards.

LoongArch is a new RISC ISA developed by Loongson. It's a bit like
MIPS or RISC-V. LoongArch includes both 32-bit and 64-bit versions
(LoongArch32/LoongArch64).

Loongson 3A5000 and 3A6000 are the two existing CPUs of LoongArch64
and is used for PC products. It's BIOS supports ACPI and UEFI-only
boot. These CPUs supports SMP and SMT.

At present only LoongArch64 is supported by linux kernel.

Toolchain requirement:
binutils >= 2.40
gcc >= 13.1

For details, please check the following links:
https://lwn.net/Articles/861951/
https://loongson.github.io/LoongArch-Documentation/README-EN.html

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:14:16 +08:00
Weijie Gao
197d90dc31 toolchain/musl: fix loongarch64 ldso file name
GCC has changed musl dynamic linker name from
ld-musl-loongarch-lp64d.so.1 to ld-musl-loongarch64.so.1 recently [1].

This means there are two dynamic linker names will be used across different
ersions of GCC. But musl 1.2.5 only supports the new name while the GCC
we're currently using uses the old name.

To maintain compatibility with all versions of GCC, the musl is then patched
to generate two symbolic links to libc.so with both old and new names.

[1] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=8bccee51f0deac64b79cd9ad75df599422f4c8ff

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:12:56 +08:00
Weijie Gao
c5946c0724 toolchain/gcc: fix loongarch64 ldso file name
GCC has changed musl dynamic linker name from
ld-musl-loongarch-lp64d.so.1 to ld-musl-loongarch64.so.1 recently [1].

Meanwhile musl 1.2.5 only supports the new name. So it's better to follow
the new name.

[1] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=8bccee51f0deac64b79cd9ad75df599422f4c8ff

Signed-off-by: Weijie Gao <hackpascal@gmail.com>
2024-05-04 14:12:56 +08:00
Kazuki H
5ee2b6fe57
toolchain: glibc: update to glibc 2.38
This updates glibc to version 2.38.

Add --enable-crypt since the crypt function got disabled in 2.38, but we
still need it.
Also add the newly introduced --enable-fortify-source flag and hook it up
to the build system.

Switch to .zst archive while at it.

Signed-off-by: Kazuki H <kazukih0205@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14259
[ switch to .zst and fix mirror HASH ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-29 22:55:02 +02:00
Nick Hainke
c390c6c709 toolchain: binutils: switch to version 2.42 by default
Change the default binutils version to 2.42.

Tested-by: Jonathan Lancett <j.lancett@ntlworld.com>
Tested-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-04-29 00:41:47 +02:00
Fabrice Fontaine
e1ca08518e toolchain/nasm: fix PKG_CPE_ID
cpe:/a:nasm:netwide_assembler is the correct CPE ID for nasm:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️nasm:netwide_assembler

Fixes: bcf02c5d31 (toolchain: assign PKG_CPE_ID)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-04-27 12:08:41 +02:00
Christian Marangi
0e161968a7
toolchain/wrapper: fill and reference info.mk in staging_dir ext toolchain
Currently when external toolchain is used, a info.mk is created (with
to-be-filled values) but is never actually filled with real values and
is never actually used in rules.mk.

This info.mk is used down the code with special packages like libgcc to
reference info like gcc version and package special library.

To mimic what is done with internal toolchain, add the include in
rules.mk for info.mk also for external library and in fix
toolchain/wrapper to fill the staging_dir info.mk.

The logic is to check if the external toolchain provide an info.mk and
if it doesn't we at least fill the GCC_VERSION with the value set in the
.config file.

With this special library like libgcc correctly reference and have set the
GCC_VERSION variable.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-21 17:59:17 +02:00
Hannu Nyman
87d7fa8885 toolchain/musl: Update to 1.2.5
Update musl C library to 1.2.5

This release adds extension functions statx and preadv2/pwritev2,
with fallback implementations for older kernels, and adds two new
ports: loongarch64 and riscv32. Minor changes to the printf family
of functions have been made for conformance to new standards
interpretations/requirements. TLSDESC support for riscv64 has also
been added.

Bugs fixed include some DNS issues related to new TCP fallback
functionality, several rare race conditions, potentially incorrect
return value when glob aborts, and several signifiant arch-specific
bugs affecting TLSDESC on arm, riscv64 icache flushing, and
sh sigsetjmp and dlsym RTLD_NEXT.

1.2.5 release notes:

new features:
- statx function (linux extension; via syscall and fallback using fstatat)
- clone function is now usable and gives _Fork-like consistency in child
- statvfs now provides f_type result
- preadv2 and pwritev2 (linux extension) syscall wrappers
- riscv64 TLSDESC support

new ports:
- loongarch64
- riscv32

compatibility:
- DNS resolver can now handle answers with long CNAME chains
- string.h no longer provides (C23-incompat) non-prototype decl of basename
- fstatat statx backend now matches stat syscall non-automounting behavior
- mntent interfaces now handle escaped whitespace in paths/options

standards updates:
- printf %lc of nul wchar now produces output
- snprintf and swprintf no longer fail on n > INT_MAX
- ppoll is now exposed in default feature profile

bugs fixed:
- some long DNS answers were wrongly rejected despite new TCP support
- glob could wrongly return GLOB_NOMATCH if aborted before any matches
- multithreaded set*id could malfunction from thread sequencing logic bug
- certain use of threads after fork could deadlock thread-list lock
- posix_spawn child could deadlock in race with async parent death
- mbrtowc return value was wrong if argument n exceeded UINT_MAX
- 80-bit extended acoshl and powl got some corner cases wrong
- syslog incorrectly generated localized timestamps

arch-specific bugs fixed:
- arm (32-bit) TLSDESC malfunctioned due to addends being processed wrong
- riscv64 icache flush operation was non-functional
- sh sigsetjmp failed to properly restore call-saved register r8 on return
- sh dlsym RTLD_NEXT did not identify calling module correctly

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
[Removed patch adding basename hack again]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-14 17:38:09 +02:00
Robert Marko
12b2cb2ec3 config: fix CONFIG_GDB appearing in main menuconfig menu
I noticed that CONFIG_GDB was suddenly appearing in the main menuconfig
menu despite the fact that it should be visible only when TOOLCHAINOPTS
is selected and under a dedicated menu.

After some trial and error, it seems that this was caused by the recent
addition of GCC_USE_DEFAULT_VERSION, and after even more trial and error
it gets fixed as soon GCC_USE_DEFAULT_VERSION is placed after GCC_VERSION.

So, lets simply put GCC_USE_DEFAULT_VERSION after GCC_VERSION.

Fixes: 501ef81040 ("config: select KERNEL_WERROR if building with default GCC version")
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-09 19:30:41 +02:00
Daniel Golle
501ef81040 config: select KERNEL_WERROR if building with default GCC version
At the moment we have to manually follow the default GCC version
also in config/Config-kernel.in. This tends to be forgotten at GCC
version bumps (just happened when switching from version 12 to 13).
Instead, introduce a hidden Kconfig symbol which implies KERNEL_WERROR
in toolchain/gcc/Config.in where it is visible for developers changing
the default version.

Also remove the explicit default on BUILDBOT to avoid a circular
dependency and also because buildbots anyway implicitly always select
the default GCC version.

Reference: https://github.com/openwrt/openwrt/pull/15064
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-04-08 01:40:15 +01:00
Christian Marangi
108374a656
toolchain: binutils: backport patch to fix mipsel_24kc_24kf
Backport patch to fix mipsel_24kc_24kf. Patch has been merged in
binutils master and these are straight backports with minor rework.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-02 21:42:23 +02:00
Georgi Valkov
631014d9b0 toolchain/gcc: fix build errors on macOS with Xcode 15.3
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/c++/v1/__locale:550:5: error: '__abi_tag__' attribute only applies to structs, variables, functions, and namespaces
    _LIBCPP_INLINE_VISIBILITY
    ^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/c++/v1/__config:891:37: note: expanded from macro '_LIBCPP_INLINE_VISIBILITY'
 #  define _LIBCPP_INLINE_VISIBILITY _LIBCPP_HIDE_FROM_ABI
                                    ^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/c++/v1/__config:870:26: note: expanded from macro '_LIBCPP_HIDE_FROM_ABI'
          __attribute__((__abi_tag__(_LIBCPP_TOSTRING(_LIBCPP_ODR_SIGNATURE))))

Fixed using backport of upstream commits [1-2] as discussed here
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111632#c21

[1] Include safe-ctype.h after C++ standard headers, to avoid over-poisoning
https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=9970b576b7e4ae337af1268395ff221348c4b34a

[2] libcc1: fix <vector> include
https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=5213047b1d50af63dfabb5e5649821a6cb157e33

Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
2024-04-02 11:10:32 +02:00
Nick Hainke
8753022aea toolchain: gcc: switch default to 13
Use GCC 13 instead of GCC 12 by default.

All target kernels are building with GCC 13.
Most packages from the feed are building fine.

The root file systems is getting a little bit smaller for MIPS 32 BE
and aarch64.

With GCC 12 I got these sizes for lantiq/xrx200:
7,005,867 openwrt-lantiq-xrx200-tplink_tdw8970-initramfs-kernel.bin

With GCC 13 I got these sizes for lantiq/xrx200:
6,989,754 openwrt-lantiq-xrx200-tplink_tdw8970-initramfs-kernel.bin

With GCC 12 I got these sizes for armsr/armv8:
13,083,836 openwrt-armsr-armv8-generic-ext4-combined.img.gz
 4,900,240 openwrt-armsr-armv8-generic-ext4-rootfs.img.gz
20,142,592 openwrt-armsr-armv8-generic-kernel.bin

With GCC 13 I got these sizes for armsr/armv8:
13,068,966 openwrt-armsr-armv8-generic-ext4-combined.img.gz
 4,893,078 openwrt-armsr-armv8-generic-ext4-rootfs.img.gz
20,142,592 openwrt-armsr-armv8-generic-kernel.bin

Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-03-23 23:47:29 +01:00
Hauke Mehrtens
2ef5714277 toolchain: glibc: Update glibc 2.37 to recent HEAD
512e30fd56 Revert "elf: Remove unused l_text_end field from struct link_map"
55d3dfadf8 Revert "elf: Always call destructors in reverse constructor order (bug 30785)"
8e20aedfd7 Revert "elf: Move l_init_called_next to old place of l_text_end in link map"
5014fb12f4 elf: Fix wrong break removal from 8ee878592c
874d418697 elf: Fix TLS modid reuse generation assignment (BZ 29039)
8bd00f5b6d x86-64: Fix the dtv field load for x32 [BZ #31184]
d052665f35 x86-64: Fix the tcb field load for x32 [BZ #31185]
0ca9ba3a9e NEWS: Mention bug fixes for 29039/30745/30843
9b90e763db getaddrinfo: translate ENOMEM to EAI_MEMORY (bug 31163)
bd9f194c34 libio: Check remaining buffer size in _IO_wdo_write (bug 31183)
8b8a3f0aaf sunrpc: Fix netname build with older gcc
97a4292aa4 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246)
67062eccd9 syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779)
2b58cba076 syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780)
1d8bb622df i386: Use pthread_barrier for synchronization on tst-bz21269
32450f6e8d sysdeps: tst-bz21269: fix test parameter
f7e97cea20 sysdeps: tst-bz21269: handle ENOSYS & skip appropriately
d97929eadc sysdeps: tst-bz21269: fix -Wreturn-type
5bbe7e0da5 x86_64: Optimize ffsll function code size.
98ec3e004e sparc: Fix broken memset for sparc32 [BZ #31068]
2ce7abef67 sparc64: Remove unwind information from signal return stubs [BZ#31244]
18da90677c sparc: Fix sparc64 memmove length comparison (BZ 31266)
8b849f70b3 sparc: Remove unwind information from signal return stubs [BZ #31244]
eee7525d35 arm: Remove wrong ldr from _dl_start_user (BZ 31339)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-02-10 12:52:09 +01:00
Nick Hainke
07ea729761 toolchain: binutils: add support for version 2.42
Release Notes:
https://lists.gnu.org/archive/html/info-gnu/2024-01/msg00016.html

Signed-off-by: Nick Hainke <vincent@systemli.org>
2024-02-06 19:20:49 +01:00
Cedric DOURLENT
34fd41a997 toolchain: glibc: add --enable-stack-protector=all option for glibc
Add missing configurition for glibc based on CONFIG_PKG_CC_STACKPROTECTOR_ALL

Signed-off-by: Cedric DOURLENT <cedric.dourlent@softathome.com>
2024-01-19 21:28:53 +01:00
Felix Fietkau
2872ff7be1 toolchain/gdb: add pthread to CFLAGS/LDFLAGS for zstd
Works around a build issue when building on a host with an older glibc,
where it would fail to detect ELF support in libbfd

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-12-19 10:54:19 +01:00
Felix Fietkau
66dfbca262 toolchain/gdb: export ZSTD_CFLAGS/LIBS to fix build on non-linux systems
Avoids picking up libs and header files from musl

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-12-18 11:42:08 +01:00
Nick Hainke
f329eb8e7a toolchain/gdb: update to 14.1
Release Notes:
https://lists.gnu.org/archive/html/info-gnu/2023-12/msg00001.html

Refresh patch:
- 120-fix-compile-flag-mismatch.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-12-08 16:26:30 +01:00
Hannu Nyman
a7a94bc4f0 toolchain/gdb: update to 13.2
Update the toolchain gdb to version 13.2.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2023-11-10 08:39:38 +01:00
Christian Marangi
28420cd67b
scripts/ext-toolchain: implement external GCC version detection
Some package may needs to enable compatibility option based on the GCC
version.

Currently the GCC version is set based on the default value and doesn't
actually reflect the real value provided by the external toolchain if
used.

Fix this by correctly detecting the GCC version in the external
toolchain and set the correct value in CONFIG_GCC_VERSION.

A new option is added in menuconfig to manually set the GCC version if
needed.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-10-20 16:13:31 +02:00
Hauke Mehrtens
e66eed033f toolchain: glibc: Update glibc 2.37 to recent HEAD
This adds the following changes:
b4f76ecc9e Ignore MAP_VARIABLE in tst-mman-consts.py
f5d377c896 __check_pf: Add a cancellation cleanup handler [BZ #20975]
0e3e9dbb0e Document BZ #20975 fix
e2974d26ce io: Fix record locking contants on 32 bit arch with 64 bit default time_t (BZ#30477)
3593050c27 io: Fix F_GETLK, F_SETLK, and F_SETLKW for powerpc64
8dcb1a5181 hppa: xfail debug/tst-ssp-1 when have-ssp is yes (gcc-12 and later)
0930ff8eb3 realloc: Limit chunk reuse to only growing requests [BZ #30579]
3f4b4e2cdd elf: _dl_find_object may return 1 during early startup (bug 30515)
260d4b742b nptl: Fix tst-cancel30 on sparc64
58f7431fd7 sparc: Fix la_symbind for bind-now (BZ 23734)
1caf955269 x86: Increase `non_temporal_threshold` to roughly `sizeof_L3 / 4`
80a8c858a5 x86: Fix slight bug in `shared_per_thread` cache size calculation.
cc8243fb0b x86: Use `3/4*sizeof(per-thread-L3)` as low bound for NT threshold.
f94ff95e93 x86: Fix incorrect scope of setting `shared_per_thread` [BZ# 30745]
0d500bfdc0 hurd: Make exception subcode a long
be26b29262 io: Fix record locking contants for powerpc64 with __USE_FILE_OFFSET64
3d24d1903d elf: Do not run constructors for proxy objects
a7e34a6675 elf: Always call destructors in reverse constructor order (bug 30785)
bdb594afa5 elf: Remove unused l_text_end field from struct link_map
1a7cbe52c8 elf: Move l_init_called_next to old place of l_text_end in link map
b752934602 CVE-2023-4527: Stack read overflow with large TCP responses in no-aaaa mode
6529a7466c (HEAD) getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806)
79310b45af x86/dl-cacheinfo: remove unsused parameter from handle_amd
9d5c6e27ed x86: Fix for cache computation on AMD legacy cpus.
4473d1b87d Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843]
94ef701365 Document CVE-2023-4806 and CVE-2023-5156 in NEWS
2dfd8c77b5 i686: Regenerate ulps
b4e23c75ae tunables: Terminate if end of input is reached (CVE-2023-4911)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-10-08 14:05:12 +02:00
Alexander Couzens
bcf02c5d31
toolchain: assign PKG_CPE_ID
The PKG_CPE_ID links to NIST CPE version 2.2.
Assign PKG_CPE_ID to all remaining package which have a CPE ID.
Not every package has a CPE id.

Related: https://github.com/openwrt/packages/issues/8534
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2023-09-19 20:22:59 +02:00
Arne Zachlod
6631599344
toolchain: musl: add PKG_CPE_ID
Vulnerabilities of musl libc are tracked as
cpe:/a:musl-libc:musl

Signed-off-by: Arne Zachlod <arne@nerdkeller.org>
2023-09-14 22:39:20 +02:00
Linhui Liu
9194fcb1a4 toolchain/binutils: add support for version 2.41
Release notes:
https://sourceware.org/pipermail/binutils/2023-July/128719.html

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2023-08-09 15:33:38 +02:00
Nick Hainke
df47decd60 toolchain: gcc: updat to 13.2
Release Notes:
https://gcc.gnu.org/pipermail/gcc/2023-July/242148.html

Remove upstreamed patches:
- patches-13.x/001-rtl-optimization-109585-alias-analysis-typo.patch
- patches-13.x/700-RISCV-Inline-subword-atomic-ops.patch
- patches-13.x/701-riscv-linux-Don-t-add-latomic-with-pthread.patch

Refresh patches:
- patches-13.x/10-mbsd_multi.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-07-30 13:06:56 +02:00
Petr Štetiar
def41cf2ba
toolchain: kernel-headers: remove debugging env dump
Remove debugging `env` dump left over as build environments might
contain some sensitive information, which then might leak into the build
logs.

Fixes: 2105acbe28 ("kernel-headers: fix compile error caused by wrong host include path when the toolchain is already built")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-07-28 08:19:20 +02:00
Petr Štetiar
6b7f1ffbad
toolchain: kernel-headers: fix check target for external Git trees
Executing following command currently fails:

 $ make toolchain/kernel-headers/{download,check} V=sc FIXUP=1
 ...
 include/kernel-version.mk:11: *** Missing kernel version/hash file for . Please create include/kernel-.  Stop.

So lets fix it by adding the necessary missing KERNEL_PATCHVER variable.

That additional kernel-build.mk include is needed to add another set of
missing variables:

 $ make toolchain/kernel-headers/{download,check} V=sc FIXUP=1
 ...
 Makefile:115: *** ERROR: Unknown pack format for file tmp/dl/.  Stop.

Fixes: 0765466a42 ("kernel: split kernel version to dedicated files")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-07-28 08:19:19 +02:00
Matthias Van Parys
2425d6df12 fortify-headers: add __extension__ mark to strings.h
Add the __extension__ mark before #include_next in strings.h
to avoid a compiler error when -pedantic is enabled.
This has been done for all other headers in the past.

Signed-off-by: Matthias Van Parys <matthias.vanparys@softathome.com>
2023-07-12 20:24:56 +02:00
Jonas Gorski
c22931b653 kernel-headers: install isa-rev.h on mips to fix lzma-lader on linux 6.1
Since kernel 5.17+ the mips asm.h includes isa-rev.h, which itself was
added 4.17. Without it, lzma-loader will fail to build:

     make[3] -C target/linux compile
    make[5]: warning: jobserver unavailable: using -j1.  Add '+' to parent make rule.
    In file included from head.S:22:
    .../staging_dir/toolchain-mips_mips32_gcc-12.3.0_musl/include/asm/asm.h:22:10: fatal error: asm/isa-rev.h: No such file or directory
       22 | #include <asm/isa-rev.h>
          |          ^~~~~~~~~~~~~~~
    compilation terminated.
    make[6]: *** [Makefile:64: head.o] Error 1
    make[5]: *** [Makefile:345: compile] Error 2
    make[4]: *** [Makefile:24: compile] Error 2
    make[3]: *** [Makefile:11: compile] Error 2
        ERROR: target/linux failed to build.

So add the file to the files to install. We can do that unconditionally,
since the oldest supported kernel 5.15 already includes it, even it if
does not need it.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2023-07-06 21:03:11 +02:00
Andre Heider
3cae2db2d1
toolchain: add mold as additional linker
Install it as $tripple-ld.mold in order to use -fuse-ld=mold.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-07-04 20:25:41 +02:00
Tianling Shen
7b4a966de8 toolchain: gcc: backport inline subword atomic support for riscv
RISC-V has no support for subword atomic operations; code currently
generates libatomic library calls.

This patch changes the default behavior to fast inline subword atomic
calls that do not require libatomic.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-06-11 17:09:06 +02:00
Hauke Mehrtens
76f241ad57 toolchain: glibc: Fix build with autoconf 2.71
The glibc build was failing with this error message:
  aclocal.m4:6: error: Exactly version 2.69 of Autoconf is required but you have 2.71
  aclocal.m4:6: the top level

The autoconf run on glibc is not needed, just remove it.

Fixes: #12631
Fixes: 030447b8f4 ("tools/autoconf: bump to 2.71")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-05-18 18:55:27 +02:00
Hauke Mehrtens
2b51688f35 toolchain: glibc: Update glibc 2.37 to recent HEAD
This adds the following changes:
790e504a17 stdlib: Undo post review change to 16adc58e73f3 [BZ #27749]
590d0e089b elf: Restore ldconfig libc6 implicit soname logic [BZ #30125]
1d63573f81 stdio-common: tests: don't double-define _FORTIFY_SOURCE
97ad4c64b9 gshadow: Matching sgetsgent, sgetsgent_r ERANGE handling (bug 30151)
9cc2f41e52 x86_64: Fix asm constraints in feraiseexcept (bug 30305)
78ab913eab posix: Fix system blocks SIGCHLD erroneously [BZ #30163]
5d750495db gmon: Fix allocated buffer overflow (bug 29444)
d230623264 gmon: improve mcount overflow handling [BZ# 27576]
ff3a71ec1f gmon: fix memory corruption issues [BZ# 30101]
a908c18d47 gmon: Revert addition of tunables to preserve GLIBC_PRIVATE ABI
7c32cb7dd8 gmon: Revert addition of tunables to the manual

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-05-18 18:55:27 +02:00
Linhui Liu
fff878c5bc
toolchain/musl: update to 1.2.4
Release notes:

new features:
- large dns record lookups via tcp fallback
- new getaddrinfo EAI_NODATA result to distinguish NODATA/NxDomain
- support for new RELR compressed format for relative relocations
- sysconf keys for querying signal stack size requirements
- real vfork on riscv64

performance:
- mallocng no longer uses MADV_FREE (high performance cost, little gain)
- vdso clock_gettime is supported once again on 32-bit arm

compatibility:
- gethostbyname family now distinguishes NO_DATA from HOST_NOT_FOUND
- res_send now works with caller-provided edns0 queries
- arpa/nameser.h RR types list is now up-to-date
- previously-missing POSIX confstr keys have been added
- mntent interfaces now accept missing fields
- alt signal stack, if any, is now used for internal signals
- the LFS64 macros are no longer exposed without _LARGEFILE64_SOURCE
- memmem (POSIX-future) is now exposed in default feature profile
- pthread_atfork now admits calls from an application-provided malloc
- debugger tracking of shared libraries now works on MIPS PIE binaries
- sendmsg now supports up to SCM_MAX_FD fds in SCM_RIGHTS messages

bugs fixed:
- gethostbyname[2]_r wrongly returned nonzero (error) on negative result
- parallel v4/v6 address queries could fail on query id collisions
- spurious getaddrinfo/AI_ADDRCONFIG failures due to errno clobbering
- dns search domains ending in dot (including lone dot) broke lookups
- ipv6 servers in resolv.conf broke lookups on systems with v6 disabled
- systems with bindv6only failed to query both v4 and v6 nameservers
- res_mkquery mishandled consecutive final dots in name
- res_send could malfunction for very small answer buffer sizes
- resolver dns backend accepted answers with wrong (A vs AAAA) RR type
- getservbyport_r returned junk or ENOENT (vs ERANGE) on buffer size errors
- dns result parsing of malformed responses could process uninitialized data
- freopen didn't reset stream orientation (byte/wide) & encoding rule
- fwprintf didn't print most fields on open_wmemstream FILEs
- wide printf %lc ignored field width
- wide printf erroneously processed %n after encoding errors
- use of wide printf %9$ argument slot overflowed undersized buffer
- swprintf malfunctioned on nul character in output
- strverscmp ordered digit sequences vs nondigits incorrectly
- timer_create/SIGEV_THREAD failure leaked the thread
- semaphores were subject to missed-wake under certain usage patterns
- several possible rare deadlocks with lock handling at thread exit
- several possible rare deadlocks with aio and multithreaded fork
- dynamic linker relro processing was broken on archs w/variable pagesize
- async cancellation could run cancellation handlers in invalid context
- pthread_detach was wrongly a cancellation point in rare race code path
- use-after-close/double-close errors in mq_notify error paths
- mq_notify event thread wrongly ran with signals unmasked
- wcs{,n}cmp, wmemcmp returned wrong results when difference overflowed
- accept4, pipe2, and dup3 handled unknown flags wrong in fallback cases
- CPU_SETSIZE macro had wrong unit
- select fallback for pre-time64 kernels truncated timeout (vs clamping)

arch-specific bugs fixed:
- x32 new socketcalls took fallback path due to pointer sign extension
- x32 wait4 didn't fill rusage structure (time64 regression)
- x32 semtimedop mismatched timespec ABI with kernel (time64 regression)
- sigaction signal mask was bogus on or1k, microblaze, mips, and riscv
- powerpc-sf longjmp asm clobbered value argument
- or1k poll function passed timeout to syscall in wrong form

Removed upstreamed:
- 800-mips_pie_debug.patch
Manually rebased:
- 600-nftw-support-common-gnu-extension.patch

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2023-05-15 20:39:17 +02:00
Georgi Valkov
9145c4fbcb fortify-headers: fix build error when _REDIR_TIME64 is not defined
some targets do not define the _REDIR_TIME64 macro resulting in a
build error regression since ddfe5678a4
fix by checking if the macro is defined

[1] https://github.com/openwrt/openwrt/issues/12587

Fixes: #12587
Fixes: ddfe5678a4 ("fortify-headers: fix inconsistent time_t version of ppoll")
Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
2023-05-13 14:09:53 +02:00
Nick Hainke
5bd7f04806
toolchain: glibc: increase min kernel version to 5.15
The purpose of this is to remove all of the compatibility code that is
normally compiled into glibc for kernels < 5.15 from our build. Only
Linux kernels >= 5.15 will be supported.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-12 13:02:43 +02:00
Georgi Valkov
ddfe5678a4 fortify-headers: fix inconsistent time_t version of ppoll
Bug:
fortify/poll.h includes poll.h, which redirects ppoll to __ppoll_time64
if the _REDIR_TIME64 macro is 1. Then fortify/poll.h will #undef ppoll
and use the 32 bit version.

Fix: we should not do this when _REDIR_TIME64 is 1.

[1] https://forum.openwrt.org/t/idle-cpu-usage-of-usbmuxd/140331/15
[2] https://github.com/openwrt/openwrt/issues/12574

Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
2023-05-12 12:16:11 +02:00
Nick Hainke
8d2ab0fac6
toolchain: gcc: update to 12.3.0
Release notes:
https://gcc.gnu.org/gcc-12/changes.html

Refresh patches:
- 230-musl_libssp.patch
- 910-mbsd_multi.patch
- 920-specs_nonfatal_getenv.patch
- 970-macos_arm64-building-fix.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-12 12:11:20 +02:00
Nick Hainke
a6d689632c
toolchain: gcc: backport patch for gcc 13 fixing access path analysis
While improving access path analysis a typo happened. Now it can happen
that gcc misscompiles. The patch is fixing the issue. However, also
other gcc versions 10.2+ are affected. They also should be bumped or the
fix should be backported.

For more bug information have a look at:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109585

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-05 15:46:38 +02:00
Nick Hainke
29128b0bd4
toolchain: gcc: add support for GCC 13
Release Notes:
https://gcc.gnu.org/pipermail/gcc-announce/2023/000175.html

Manually Refreshed:
- 910-mbsd_multi.patch
- 970-macos_arm64-building-fix.patch

Automatically Refreshed:
- 010-documentation.patch
- 230-musl_libssp.patch
- 300-mips_Os_cpu_rtx_cost_model.patch
- 820-libgcc_pic.patch
- 840-armv4_pass_fix-v4bx_to_ld.patch
- 850-use_shared_libgcc.patch
- 870-ppc_no_crtsavres.patch
- 920-specs_nonfatal_getenv.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-05 15:46:37 +02:00
Nick Hainke
1e88a16248
toolchain: gcc: copy patches from 12.x to 13.x
This simplifies the gcc bump patch review.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-05 15:46:34 +02:00
Andre Heider
acc8c2d829
toolchain/gcc: enable zstd support
LTO object files will now be compressed using zstd.

Compressing debug sections with zstd will have to wait for GCC 13,
which adds support for -gz=zstd.

NOTE: wiping the ccache is strongly recommended, not doing so might
yield build error later on:
"lto1: internal compiler error: original not compressed with zstd"

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-03-17 02:08:25 +01:00
Andre Heider
c44c1e1a1f
toolchain/binutils: enable zstd support
Debug sections can now be compressed using zstd.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-03-17 02:08:25 +01:00
Hauke Mehrtens
f57a0709e8 toolchain/binutils: switch to version 2.40 by default
This was build tested with all core packages on all targets
successfully.

This was run tested on the following systems:
* lantiq/xrx200 musl
* x86/64 musl
* x86/64 glibc
* malta/be

The size of some of the initramfs images from lantiq/xrx increased by
240 bytes.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-03-01 23:44:57 +01:00