update buildroot to 2017.02.11

2018-05-22 15:35:47 +02:00
parent 4bf1f5e091
commit a3c10bd762
9257 changed files with 433426 additions and 1701 deletions
--- a/bsp/buildroot-2017.02.11/package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
+++ b/bsp/buildroot-2017.02.11/package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
@@ -0,0 +1,78 @@
+From 1252dc1d1f465b8ab6b36ff7252e395e66a040cf Mon Sep 17 00:00:00 2001
+From: Simon McVittie <smcv@debian.org>
+Date: Fri, 21 Jul 2017 10:46:39 +0100
+Subject: [PATCH 1/2] config-loader-expat: Tell Expat not to defend against
+ hash collisions
+
+By default, Expat uses cryptographic-quality random numbers as a salt for
+its hash algorithm, and since 2.2.1 it gets them from the getrandom
+syscall on Linux. That syscall refuses to return any entropy until the
+kernel's CSPRNG (random pool) has been initialized. Unfortunately, this
+can take as long as 40 seconds on embedded devices with few entropy
+sources, which is too long: if the system dbus-daemon blocks for that
+length of time, important D-Bus clients like systemd and systemd-logind
+time out and fail to connect to it.
+
+We're parsing small configuration files here, and we trust them
+completely, so we don't need to defend against hash collisions: nobody
+is going to be crafting them to cause pathological performance.
+
+Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101858
+Signed-off-by: Simon McVittie <smcv@debian.org>
+Tested-by: Christopher Hewitt <hewitt@ieee.org>
+Reviewed-by: Philip Withnall <withnall@endlessm.com>
+
+Upstream commit 1252dc1d1f465b8ab6b36ff7252e395e66a040cf
+Signed-off-by: Marcus Hoffmann <m.hoffmann@cartelsol.com>
+---
+ bus/config-loader-expat.c | 14 ++++++++++++++
+ configure.ac              |  8 ++++++++
+ 2 files changed, 22 insertions(+)
+
+diff --git a/bus/config-loader-expat.c b/bus/config-loader-expat.c
+index b571fda3..27cbe2d0 100644
+--- a/bus/config-loader-expat.c
+++ b/bus/config-loader-expat.c
+@@ -203,6 +203,20 @@ bus_config_load (const DBusString      *file,
+       goto failed;
+     }
+ 
+  /* We do not need protection against hash collisions (CVE-2012-0876)
+   * because we are only parsing trusted XML; and if we let Expat block
+   * waiting for the CSPRNG to be initialized, as it does by default to
+   * defeat CVE-2012-0876, it can cause timeouts during early boot on
+   * entropy-starved embedded devices.
+   *
+   * TODO: When Expat gets a more explicit API for this than
+   * XML_SetHashSalt, check for that too, and use it preferentially.
+   * https://github.com/libexpat/libexpat/issues/91 */
+#if defined(HAVE_XML_SETHASHSALT)
+  /* Any nonzero number will do. https://xkcd.com/221/ */
+  XML_SetHashSalt (expat, 4);
+#endif
+
+   if (!_dbus_string_get_dirname (file, &dirname))
+     {
+       dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+diff --git a/configure.ac b/configure.ac
+index 52da11fb..c4022ed7 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -938,6 +938,14 @@ XML_CFLAGS=
+ AC_SUBST([XML_CFLAGS])
+ AC_SUBST([XML_LIBS])
+ 
+save_cflags="$CFLAGS"
+save_libs="$LIBS"
+CFLAGS="$CFLAGS $XML_CFLAGS"
+LIBS="$LIBS $XML_LIBS"
+AC_CHECK_FUNCS([XML_SetHashSalt])
+CFLAGS="$save_cflags"
+LIBS="$save_libs"
+
+ # Thread lib detection
+ AC_ARG_VAR([THREAD_LIBS])
+ save_libs="$LIBS"
+-- 
+2.11.0
+
--- a/bsp/buildroot-2017.02.11/package/dbus/Config.in
+++ b/bsp/buildroot-2017.02.11/package/dbus/Config.in
@@ -0,0 +1,14 @@
+config BR2_PACKAGE_DBUS
+	bool "dbus"
+	depends on BR2_TOOLCHAIN_HAS_THREADS
+	# uses fork()
+	depends on BR2_USE_MMU
+	select BR2_PACKAGE_EXPAT
+	help
+	  The D-Bus message bus system.
+
+	  http://www.freedesktop.org/wiki/Software/dbus
+
+comment "dbus needs a toolchain w/ threads"
+	depends on BR2_USE_MMU
+	depends on !BR2_TOOLCHAIN_HAS_THREADS
--- a/bsp/buildroot-2017.02.11/package/dbus/S30dbus
+++ b/bsp/buildroot-2017.02.11/package/dbus/S30dbus
@@ -0,0 +1,74 @@
+#!/bin/sh
+#
+# messagebus:   The D-BUS systemwide message bus
+#
+# chkconfig: 345 97 03
+# description:  This is a daemon which broadcasts notifications of system events \
+#               and other messages. See http://www.freedesktop.org/software/dbus/
+#
+# processname: dbus-daemon
+# pidfile: /var/run/messagebus.pid
+#
+
+# Sanity checks.
+[ -x /usr/bin/dbus-daemon ] || exit 0
+
+# Create needed directories.
+[ -d /var/run/dbus ] || mkdir -p /var/run/dbus
+[ -d /var/lock/subsys ] || mkdir -p /var/lock/subsys
+[ -d /tmp/dbus ] || mkdir -p /tmp/dbus
+
+RETVAL=0
+
+start() {
+    printf "Starting system message bus: "
+
+    dbus-uuidgen --ensure
+    dbus-daemon --system
+    RETVAL=$?
+    echo "done"
+    [ $RETVAL -eq 0 ] && touch /var/lock/subsys/dbus-daemon
+}
+
+stop() {
+    printf "Stopping system message bus: "
+
+    ## we don't want to kill all the per-user $processname, we want
+    ## to use the pid file *only*; because we use the fake nonexistent 
+    ## program name "$servicename" that should be safe-ish
+    killall dbus-daemon
+    RETVAL=$?
+    echo "done"
+    if [ $RETVAL -eq 0 ]; then
+        rm -f /var/lock/subsys/dbus-daemon
+        rm -f /var/run/messagebus.pid
+    fi
+}
+
+# See how we were called.
+case "$1" in
+    start)
+        start
+        ;;
+    stop)
+        stop
+        ;;
+    restart)
+        stop
+        start
+        ;;
+    condrestart)
+        if [ -f /var/lock/subsys/$servicename ]; then
+            stop
+            start
+        fi
+        ;;
+    reload)
+        echo "Message bus can't reload its configuration, you have to restart it"
+        RETVAL=$?
+        ;;
+    *)
+        echo "Usage: $0 {start|stop|restart|condrestart|reload}"
+        ;;
+esac
+exit $RETVAL
--- a/bsp/buildroot-2017.02.11/package/dbus/dbus.hash
+++ b/bsp/buildroot-2017.02.11/package/dbus/dbus.hash
@@ -0,0 +1,2 @@
+# Locally calculated after checking pgp signature
+sha256	a7b0ba6ea3e8d0e08afec5e3030d0245614268276620c536726f8fa6e5c43388  dbus-1.10.16.tar.gz
--- a/bsp/buildroot-2017.02.11/package/dbus/dbus.mk
+++ b/bsp/buildroot-2017.02.11/package/dbus/dbus.mk
@@ -0,0 +1,131 @@
+################################################################################
+#
+# dbus
+#
+################################################################################
+
+DBUS_VERSION = 1.10.16
+DBUS_SITE = http://dbus.freedesktop.org/releases/dbus
+DBUS_LICENSE = AFLv2.1 or GPLv2+ (library, tools), GPLv2+ (tools)
+# 0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
+DBUS_AUTORECONF = YES
+DBUS_LICENSE_FILES = COPYING
+DBUS_INSTALL_STAGING = YES
+
+define DBUS_PERMISSIONS
+	/usr/libexec/dbus-daemon-launch-helper f 4755 0 0 - - - - -
+endef
+
+define DBUS_USERS
+	dbus -1 dbus -1 * /var/run/dbus - dbus DBus messagebus user
+endef
+
+DBUS_DEPENDENCIES = host-pkgconf expat
+
+DBUS_CONF_ENV = ac_cv_have_abstract_sockets=yes
+DBUS_CONF_OPTS = \
+	--with-dbus-user=dbus \
+	--disable-tests \
+	--disable-asserts \
+	--enable-abstract-sockets \
+	--disable-selinux \
+	--disable-xml-docs \
+	--disable-doxygen-docs \
+	--disable-dnotify \
+	--with-xml=expat \
+	--with-system-socket=/var/run/dbus/system_bus_socket \
+	--with-system-pid-file=/var/run/messagebus.pid \
+	--with-init-scripts=none
+
+ifeq ($(BR2_STATIC_LIBS),y)
+DBUS_CONF_OPTS += LIBS='-pthread'
+endif
+
+ifeq ($(BR2_microblaze),y)
+# microblaze toolchain doesn't provide inotify_rm_* but does have sys/inotify.h
+DBUS_CONF_OPTS += --disable-inotify
+endif
+
+ifeq ($(BR2_PACKAGE_LIBSELINUX),y)
+DBUS_CONF_OPTS += --enable-selinux
+DBUS_DEPENDENCIES += libselinux
+else
+DBUS_CONF_OPTS += --disable-selinux
+endif
+
+ifeq ($(BR2_PACKAGE_AUDIT)$(BR2_PACKAGE_LIBCAP_NG),yy)
+DBUS_CONF_OPTS += --enable-libaudit
+DBUS_DEPENDENCIES += audit libcap-ng
+else
+DBUS_CONF_OPTS += --disable-libaudit
+endif
+
+ifeq ($(BR2_PACKAGE_XLIB_LIBX11),y)
+DBUS_CONF_OPTS += --with-x
+DBUS_DEPENDENCIES += xlib_libX11
+ifeq ($(BR2_PACKAGE_XLIB_LIBSM),y)
+DBUS_DEPENDENCIES += xlib_libSM
+endif
+else
+DBUS_CONF_OPTS += --without-x
+endif
+
+ifeq ($(BR2_INIT_SYSTEMD),y)
+DBUS_CONF_OPTS += \
+	--enable-systemd \
+	--with-systemdsystemunitdir=/usr/lib/systemd/system
+DBUS_DEPENDENCIES += systemd
+else
+DBUS_CONF_OPTS += --disable-systemd
+endif
+
+# fix rebuild (dbus makefile errors out if /var/lib/dbus is a symlink)
+define DBUS_REMOVE_VAR_LIB_DBUS
+	rm -rf $(TARGET_DIR)/var/lib/dbus
+endef
+
+DBUS_PRE_INSTALL_TARGET_HOOKS += DBUS_REMOVE_VAR_LIB_DBUS
+
+define DBUS_REMOVE_DEVFILES
+	rm -rf $(TARGET_DIR)/usr/lib/dbus-1.0
+endef
+
+DBUS_POST_INSTALL_TARGET_HOOKS += DBUS_REMOVE_DEVFILES
+
+define DBUS_INSTALL_INIT_SYSV
+	$(INSTALL) -m 0755 -D package/dbus/S30dbus \
+		$(TARGET_DIR)/etc/init.d/S30dbus
+
+	mkdir -p $(TARGET_DIR)/var/lib
+	rm -rf $(TARGET_DIR)/var/lib/dbus
+	ln -sf /tmp/dbus $(TARGET_DIR)/var/lib/dbus
+endef
+
+define DBUS_INSTALL_INIT_SYSTEMD
+	mkdir -p $(TARGET_DIR)/var/lib/dbus
+	ln -sf /etc/machine-id $(TARGET_DIR)/var/lib/dbus/machine-id
+endef
+
+HOST_DBUS_DEPENDENCIES = host-pkgconf host-expat
+HOST_DBUS_CONF_OPTS = \
+	--with-dbus-user=dbus \
+	--disable-tests \
+	--disable-asserts \
+	--enable-abstract-sockets \
+	--disable-selinux \
+	--disable-xml-docs \
+	--disable-doxygen-docs \
+	--enable-dnotify \
+	--without-x \
+	--with-xml=expat
+
+# dbus for the host
+DBUS_HOST_INTROSPECT = $(HOST_DBUS_DIR)/introspect.xml
+
+HOST_DBUS_GEN_INTROSPECT = \
+	$(HOST_DIR)/usr/bin/dbus-daemon --introspect > $(DBUS_HOST_INTROSPECT)
+
+HOST_DBUS_POST_INSTALL_HOOKS += HOST_DBUS_GEN_INTROSPECT
+
+$(eval $(autotools-package))
+$(eval $(host-autotools-package))