aboutsummaryrefslogtreecommitdiffstats
path: root/tools
Commit message (Collapse)AuthorAgeFilesLines
* tools/cmake: update to 3.24.1Nick Hainke2022-08-201-3/+3
| | | | | | Update cmake to newest version. Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools/isl: update to 0.25Nick Hainke2022-08-201-2/+2
| | | | | | Update isl to latest version. Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools/xz: update to 5.2.6Nick Hainke2022-08-201-2/+2
| | | | | | | | This update contains a security fix to xzgrep (CVE-2022-1271, ZDI-CAN-16587). Release notes: https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;hb=HEAD Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools: mtd-utils: Update to version 2.1.4Hauke Mehrtens2022-08-133-12/+17
| | | | | | | | | Update to most recent version of mtd-utils and sync with version from package folder. Use a https download server instead of ftp. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* tools: elfutils: Update to version 0.187Hauke Mehrtens2022-08-131-2/+2
| | | | | | | Update to most recent version of elfutils and sync with version from package folder. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* tools: e2fsprogs: Update to version 1.46.5Hauke Mehrtens2022-08-132-3/+3
| | | | | | | Update to most recent version of e2fsprogs and sync with version from package folder. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mkimage: fix validation of legacy images with custom magicDaniel Golle2022-08-121-0/+9
| | | | | | | | | | All images generated by mkimage are now always validated. This change broke our downstream support for setting a custom value for IH_MAGIC (mkimage -M ...). Make sure also plain legacy kernel images with custom value set for IH_MAGIC validate correctly. Fixes: fa9895ee5b ("tools: mkimage: update to U-Boot release 2022.07") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* tools: mkimage: update to U-Boot release 2022.07Daniel Golle2022-08-114-34/+23
| | | | | | | | | | | | Removed patch 090-macos-arm64-builing-fix.patch as an equivalent solution was applied upstream: 3b142045e8 Support building on macOS/arm64 To not add new host dependencies (libuuid, gnuTLS) don't build the anyway unused mkeficapsule tool which would otherwise now be built by default. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* pkg-config: always use correct path for pkg-config.realLeonardo Mörlein2022-08-111-1/+1
| | | | | | | | | | | | | | | | | | Before this commit, it was assumed that pkg-config.real is in the PATH. While this was fine for the normal build workflow, this led to some issues if make TOPDIR="$(pwd)" -C "$pkgdir" compile was called manually. The command failed with Makefile:15: *** No libnl-tiny development libraries found!. Stop. make[1]: Leaving directory since pkg-config of the host system was used. After the commit, the package is built sucessfully. Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
* tools/libressl: disable assembly code for all hostsMichael Pratt2022-07-311-4/+1
| | | | | | | | | | | | | | | | | | | This SSL library is for hosts only and not shipped as a build product, therefore its performance quality (speed) is not critical. Assembly code is broken in LibreSSL for some x86_64 hosts (part of git history) and for some RISC host archs like armv7l, aarch64, powerpc, ppc64, etc... so let's just disable it for all hosts. For example, this fixes an instance on ARM hosts where the host Python 3 builds broken modules which link to LibreSSL, even with patches that enable LibreSSL support with the import error "unexpected reloc type 3". Ref: a395563f6 ("build: fix libressl build on x32 (amd64ilp32) host ") Suggested-by: Andre Heider <a.heider@gmail.com> Signed-off-by: Michael Pratt <mcpratt@pm.me>
* tools/libressl: ensure PIC-only object compilationMichael Pratt2022-07-311-1/+7
| | | | | | | | | | | | Line up configure arguments for cleaner git diff and editing and grepping. LibreSSL must be built with PIC, and has the flags for it already in CFLAGS. Add the configure option native to LibreSSL to use only PIC in objects, which further enforces that each object in the library has the PIC flag to prevent a mixture of PIC / non-PIC objects within it. Ref: 96a940308 ("tools: libressl: always build as PIC") Signed-off-by: Michael Pratt <mcpratt@pm.me>
* tools: bump 7z package to 22.01Sander Vanheule2022-07-311-3/+3
| | | | | | | | | | | | | | | | | | | | | Version 22.00 of 7z causes build failures on systems using GCC 12 with the following error: ../../../../C/LzmaEnc.c: In function 'LzmaEnc_CodeOneMemBlock': ../../../../C/LzmaEnc.c:2996:19: error: storing the address of local variable 'outStream' in '*p.rc.outStream' [-Werror=dangling-pointer=] 2996 | p->rc.outStream = &outStream.vt; | ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~ ../../../../C/LzmaEnc.c:2979:28: note: 'outStream' declared here 2979 | CLzmaEnc_SeqOutStreamBuf outStream; | ^~~~~~~~~ ../../../../C/LzmaEnc.c:2979:28: note: 'pp' declared here Upgrade to version 22.01 which contains the required fix. Fixes: 5fcc6f0f1942 ("tools: add 7z host package") Suggested-by: Tomasz Maciej Nowak <tmn505@gmail.com> Signed-off-by: Sander Vanheule <sander@svanheule.net>
* mtools: update to 4.0.40Nick Hainke2022-07-301-2/+2
| | | | | | | | | Changes: - Remove libbsd dependency - Better compatibility with legacy platforms such as AT&T UnixPC - Upgraded to autoconf 2.71 Signed-off-by: Nick Hainke <vincent@systemli.org>
* firmware-utils: update to git HEADDaniel Golle2022-07-281-3/+3
| | | | | | | 4f8d03d mkh3cimg: add image tool for H3C devices 2483fe7 mkh3cvfs: add filesystem tool for H3C devices Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* tools: add 7z host packageJan Hoffmann2022-07-282-0/+37
| | | | | | | | | | | | | | Add the 7zr command line tool, which is a version of the 7z application that only supports 7z archives. 7z is one of the two compression formats supported in H3C firmware images (the alternative would be ARJ). (Alternatively, the 7zr command line tool could also be built from a current version of the public-domain LZMA SDK. That would require repackaging the source package, as it is only provided in 7z format.) Signed-off-by: Jan Hoffmann <jan@3e8.eu>
* tools/libressl: bump to v3.5.3Andre Heider2022-07-201-2/+2
| | | | | | | | | | | This includes API additions required for u-boot v2022.07 and Python 3.10. https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.0-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.1-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.2-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.3-relnotes.txt Signed-off-by: Andre Heider <a.heider@gmail.com>
* automake: always use correct path for aclocal.realLeonardo Mörlein2022-07-141-1/+1
| | | | | | | | | | | | | | | | Before this commit, it was assumed that aclocal.real is in the PATH. While this was fine for the normal build workflow, this led to some issues if make TOPDIR="$(pwd)" -C "$pkgdir" compile was called manually. The command failed with: /home/.../openwrt/staging_dir/host/bin/aclocal: line 2: aclocal.real: command not found autoreconf: /home/.../openwrt/staging_dir/host/bin/aclocal failed with exit status: 127 After the commit, the package is built sucessfully. Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
* tools/coreutils: enable ginstall utilityFelix Fietkau2022-07-131-2/+3
| | | | | | | | | For some reason, current coreutils version installed on x86 macOS via homebrew have a bug, where at least the cc1 binary from gcc gets corrupted during install to the staging dir. Using the install utility from tools/coreutils fixes this Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firmware-utils: bump to git HEADSander Vanheule2022-06-271-2/+2
| | | | | | | | | | | | | The support-list partition for the EAP225-V3 board ID became larger than the allocated size, resulting in factory image generation for the EAP225-Outdoor v3 and EAP225 v3 to fail. The make directive Build/tplink-safeloader ignores this failure however, resulting in a seemingly successful build with empty factory images. Included changes: e609c5d75186 tplink-safeloader: drop unqualified EAP225-V3 IDs Signed-off-by: Sander Vanheule <sander@svanheule.net>
* tools/meson: update to 0.61.5Rosen Penev2022-06-271-2/+2
| | | | | | | Mostly backports by a Red Hat employee as 0.62 and newer demands Python 3.7+. Same reason 0.61 is kept here. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* firmware-utils: bump to git HEADSander Vanheule2022-06-261-2/+2
| | | | | | | | | Fixes the safeloader model identifiers for EAP225-Outdoor v1/v3 devices. 1e3d47292b2e tplink-safeloader: fix EAP225-Outdoor model IDs 9563fe8e78cb tplink-safeloader: add regionless EAP225-V3 IDs Signed-off-by: Sander Vanheule <sander@svanheule.net>
* tools/libressl: update to version 3.4.3Josef Schlehofer2022-06-191-2/+2
| | | | | | | | | | | | | | Release notes: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.3-relnotes.txt ``` It includes the following security fix: * A malicious certificate can cause an infinite loop. Reported by and fix from Tavis Ormandy and David Benjamin, Google. ``` Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* tools/ninja: update to 1.11.0Rosen Penev2022-06-132-1070/+3081
| | | | | | Updated patchset to latest. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/mkimage: increase tmpfile name length limitDaniel Golle2022-06-051-0/+11
| | | | | | | | mkimage limits the length of the file paths in can deal with to 256 characters. Turns out that in automated builds by asu we break this limit, so increase it to 1024 characters. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* firmware-utils: bump to git HEADSander Vanheule2022-05-271-2/+2
| | | | | | | | | | | | | | | | Fixes an out of bounds issue, adds support for TP-Link safeloader images with non-default partition names, and adds image generation support for: - TP-Link Archer A6 v2 (EU) - TP-Link EAP225 v4 - TP-Link EAP225-Outdoor v3 365458e00ed7 tplink-safeloader: join EAP225-V3 compatible devices 0277810d353d tplink-safeloader: fix chunked support-list prints a64f89c66318 tplink-safeloader: Patch to handle partitions with alternate names. 07f78f071075 firmware-utils: tplink-safeloader: add support for Archer A6 v2 (EU) 49ea62160d21 tplink-safeloader: fix alphabetical order Signed-off-by: Sander Vanheule <sander@svanheule.net>
* tools/elfutils: drop HOST_BUILD_DEPENDSStijn Tintel2022-05-191-2/+0
| | | | | | | | This is only effective for host build of normal packages, not tools. Fixes: ad79b9271949 ("elfutils: move host build to tools") Reported-by: Rosen Penev <rosenp@gmail.com> Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* tools/elfutils: only build required componentsStijn Tintel2022-05-191-0/+3
| | | | | | | | | | | | | | | | | | | | | | Building all of the components results in strip being installed in staging_dir/host/bin. This strip binary will take precedence over binutils strip that is installed in the toolchain directory. This will not work on host systems that do not have libdw installed, as we do not set HOST_LDFLAGS to override rpath to staging_dir/host/lib. However, rather than overriding rpath, we should just avoid using elfutils strip entirely. Override the SUBDIRS variable in the Makefile to only build and install the libraries we require for dwarves and frr. Fixes the following build failure in toolchain/gdb: strip: error while loading shared libraries: libdw.so.1: cannot open shared object file: No such file or directory Fixes: ad79b9271949 ("elfutils: move host build to tools") Reported-by: Dominick Grift <dominick.grift@defensec.nl> Reported-by: Lucian Cristian <lucian.cristian@gmail.com> Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* tools/elfutils: depend on m4Stijn Tintel2022-05-181-1/+1
| | | | | | | | Some buildbots fail to build elfutils due to m4 being missing. Add m4 as a dependency for elfutils to fix this. Fixes: ad79b9271949 ("elfutils: move host build to tools") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* tools/dwarves: add host packageTony Ambardar2022-05-182-0/+37
| | | | | | | | | | | | | | | | | | dwarves is a set of tools that use the debugging information inserted in ELF binaries by compilers such as GCC. Utilities in the dwarves suite include pahole, which can be used to find alignment holes in structs and classes, and also extracts other information such as CPU cacheline alignment, helping pack those structures to achieve more cache hits. These tools are also used to encode and read the BTF type information format used with the bpf syscall, making this a Linux build dependency when using kernel BTF information. Signed-off-by: Tony Ambardar <itugrok@yahoo.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [bump to 1.23, add elfutils dep, drop host lib usage, drop cmake release target, use RM macro] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* elfutils: move host build to toolsStijn Tintel2022-05-182-0/+35
| | | | | | | | | | | The upcoming dwarves host package requires elfutils. As dependencies for tools must exist in tools, we need to move elfutils host build there. As there is at least one package that depends on this, and there is no proper way to create such dependency in the build system, build it unconditionally when not building on macOS. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* firmware-utils: bump to git HEADSander Vanheule2022-04-271-3/+3
| | | | | | | | | Includes image support for new TP-Link devices: ddc3e00e314d tplink-safeloader: add TP-Link EAP265 HD support ceea1a7fe56e tplink-safeloader: add TP-Link Deco M4R v1 and v2 support Signed-off-by: Sander Vanheule <sander@svanheule.net>
* firmware-utils: bump to git HEADHauke Mehrtens2022-04-231-3/+3
| | | | | | 05fd700 tplink-safeloader: TP-Link RE650 v2 support Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mtools: update to version 4.0.39Daniel Golle2022-04-151-2/+2
| | | | | | | | | Improvements since the 4.0.38 release are: - Rename strtoi to strosi (string to signed int). The strtoi function on BSD does something else (returns an intmax, not an int) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* tools/meson: update to 0.61.4Rosen Penev2022-04-093-2/+4
| | | | | | | Override python to use the one in host instead of hostpkg. There's no need to use the latter. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/cmake: fix download urlleo chung2022-04-091-1/+1
| | | | | | fix the cmake.org download url Signed-off-by: leo chung <gewalalb@gmail.com>
* tools: SOURCE_DATE_EPOCH handling for mkfs.fatPaul Spooren2022-03-311-0/+157
| | | | | | | Backport upstream patch to have reproducible FAT signatures. This should enable reproducibility for x86 EFI images. Signed-off-by: Paul Spooren <mail@aparcar.org>
* tools/zlib: bump to latest stable release 1.2.12 (CVE-2018-25032)Petr Štetiar2022-03-282-348/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | List of changes since previous release from 2018 is quite long: * Fix crc32.c to compile local functions only if used. * Check for cc masquerading as gcc or clang in configure. * Remove destructive aspects of make distclean. * Separate out address sanitizing from warnings in configure. * Eliminate use of ULL constants. * Add fallthrough comments for gcc. * Clean up minizip to reduce warnings for testing. * Fix unztell64() in minizip to work past 4GB. (Daniël Hörchner) * minizip warning fix if MAXU32 already defined. (gvollant) * Replace black/white with allow/block. (theresa-m) * Fix indentation in minizip's zip.c. * Improve portability of contrib/minizip. * Correct typo in blast.c. * Change macro name in inflate.c to avoid collision in VxWorks. * Clarify gz* function interfaces, referring to parameter names. * Fix error in comment on the polynomial representation of a byte. * Fix memory leak on error in gzlog.c. * Avoid adding empty gzip member after gzflush with Z_FINISH. * Explicitly note that the 32-bit check values are 32 bits. * Use ARM crc32 instructions if the ARM architecture has them. * Add use of the ARMv8 crc32 instructions when requested. * Correct comment in crc32.c. * Don't bother computing check value after successful inflateSync(). * Use atomic test and set, if available, for dynamic CRC tables. * Speed up software CRC-32 computation by a factor of 1.5 to 3. * Add crc32_combine_gen() and crc32_combine_op() for fast combines. * Add tables for crc32_combine(), to speed it up by a factor of 200. * Fix the zran.c example to work on a multiple-member gzip file. * Add gznorm.c example, which normalizes gzip files. * Show all the codes for the maximum tables size in enough.c. * Clarify that prefix codes are counted in enough.c. * Use inline function instead of macro for index in enough.c. * Clean up code style in enough.c, update version. * Use a macro for the printf format of big_t in enough.c. * Use a structure to make globals in enough.c evident. * Assure that the number of bits for deflatePrime() is valid. * Fix a bug that can crash deflate on some input when using Z_FIXED. * Correct the initialization requirements for deflateInit2(). * Emphasize the need to continue decompressing gzip members. * Add legal disclaimer to README. * Fix deflateEnd() to not report an error at start of raw deflate. * Remove old assembler code in which bugs have manifested. * Make the names in functions declarations identical to definitions. * Avoid an undefined behavior of memcpy() in _tr_stored_block(). * Avoid undefined behaviors of memcpy() in gz*printf(). * Avoid an undefined behavior of memcpy() in gzappend(). * Avoid the use of ptrdiff_t. * Handle case where inflateSync used when header never processed. * Don't compute check value for raw inflate if asked to validate. * Add address checking in clang to -w option of configure. * Return an error if the gzputs string length can't fit in an int. * Small speedup to inflate [psumbera]. * Update use of errno for newer Windows CE versions. * Avoid some conversion warnings in gzread.c and gzwrite.c. * Have Makefile return non-zero error code on test failure. * Avoid a conversion error in gzseek when off_t type too small. * Fix CLEAR_HASH macro to be usable as a single statement. * Fix bug when window full in deflate_stored(). * Limit hash table inserts after switch from stored deflate. * Permit a deflateParams() parameter change as soon as possible. * Cygwin does not have _wopen(), so do not create gzopen_w() there. Removed 006-fix-compressor-crash-on-certain-inputs.patch which was hotfix for CVE-2018-25032 and is now included in this release. This release is not available on @SF (yet?) so the sources are now pulled from GitHub. Fixes: CVE-2018-25032 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* zlib: backport security fix for a reproducible crash in compressorPetr Štetiar2022-03-242-1/+344
| | | | | | | | | | | | | | Tavis has just reported, that he was recently trying to track down a reproducible crash in a compressor. Believe it or not, it really was a bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs. Tavis has reported it upstream, but it turns out the issue has been public since 2018, but the patch never made it into a release. As far as he knows, nobody ever assigned it a CVE. Suggested-by: Tavis Ormandy <taviso@gmail.com> References: https://www.openwall.com/lists/oss-security/2022/03/24/1 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* tools/ccache: update to 4.6Rosen Penev2022-03-131-2/+2
| | | | | | Full changelog: https://ccache.dev/releasenotes.html#_ccache_4_6 Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/fakeroot: update to 1.28Rosen Penev2022-03-132-3/+3
| | | | | | | | Refreshed patches. Upstream says there's only a bugfix for GNU Hurd. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/cmake: update to 3.22.3Rosen Penev2022-03-131-2/+2
| | | | | | Seems to be mostly pthread fixes. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/mtools: update to 4.0.38Rosen Penev2022-03-131-2/+2
| | | | | | No real changelog available. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/expat: enable DTDRosen Penev2022-03-131-1/+1
| | | | | | Fixes gdb usage, which depends on it. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/expat: update to 2.4.7Rosen Penev2022-03-131-2/+2
| | | | | | Mostly a bug fix to the bug fix to CVE-2022-25236 Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools: zip: make encrypted archives reproducibleSungbo Eo2022-03-091-0/+75
| | | | | | | | | | | Zip always try to generate new encryption header depending on execution time and process id, which is far from being reproducible. This commit changes the zip srand() seed to a predictable value to generate reproducible random bytes for the encryption header. This will compromise the goal of secure archive encryption, but it would not be a big problem for our purpose. Signed-off-by: Sungbo Eo <mans0n@gorani.run>
* tools: zip: fetch SOURCE_DATE_EPOCH directlySungbo Eo2022-03-092-145/+41
| | | | | | | | | Remove "--mtime" option introduced in commit 18c9faa03211 ("tools: zip: add option for reproducible archives") and instead fetch SOURCE_DATE_EPOCH environment variable directly in the code. Ref: https://sourceforge.net/p/infozip/patches/25/ Signed-off-by: Sungbo Eo <mans0n@gorani.run>
* tools/fakeroot: restore macos bugfix that was dropped during the last updateFelix Fietkau2022-03-051-0/+43
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tools/libressl: update to version 3.4.2Josef Schlehofer2022-03-011-2/+2
| | | | | | | | | | | | | | | Release notes: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt ``` It includes the following security fix * In some situations the X.509 verifier would discard an error on an unverified certificate chain, resulting in an authentication bypass. Thanks to Ilya Shipitsin and Timo Steinlein for reporting. ``` Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* tools/mkimage: update to 2022.01Huangbin Zhan2022-03-013-17/+30
| | | | | | | | | | | | - enable dot config - enable openwrt verbose - add bison as dependency to avoid failure ``` bison -oscripts/kconfig/zconf.tab.c -t -l scripts/kconfig/zconf.y bison: /builder/shared-workdir/build/staging_dir/host/share/bison/m4sugar/m4sugar.m4: cannot open: No such file or directory ``` Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
* tools/fakeroot: update to 1.27Rosen Penev2022-03-015-134/+17
| | | | | | | | | | Remove macOS stuff. Upstream has fixed it in the same way. Add SOL_TCP define. Taken from elsewhere in the code. Refreshed patches. Signed-off-by: Rosen Penev <rosenp@gmail.com>