mtk-20170518/scripts, branch v17.01.6 MTK 20170518 : Mediatek SDK based on OpenWRT Barrier Breaker scripts: bundle-libraries: fix logic flaw 2018-08-30T11:11:42+00:00 Jo-Philipp Wich jo@mein.io 2018-08-29T11:16:34+00:00 9d3825a0279a9c70fb16179731f212abf961693e Previous refactoring of the script moved the LDSO detection into a file-not-exists condition, causing onyl the very first executable to get bundled. Solve the problem by unconditionally checking for LDSO again. Fixes: 9030a78a71 ("scripts: bundle-libraries: prevent loading host locales") Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 5ebcd32997b6d10abcd29c8795a598fdcaf4521d) 
Previous refactoring of the script moved the LDSO detection into a
file-not-exists condition, causing onyl the very first executable to
get bundled.

Solve the problem by unconditionally checking for LDSO again.

Fixes: 9030a78a71 ("scripts: bundle-libraries: prevent loading host locales")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5ebcd32997b6d10abcd29c8795a598fdcaf4521d)
scripts: bundle-libraries: prevent loading host locales (FS#1803) 2018-08-30T11:11:42+00:00 Jo-Philipp Wich jo@mein.io 2018-08-25T12:46:57+00:00 6e8f1c387892b845fddf052fb8e612d4f26ffdd3 Binary patch the bundled glibc library to inhibit loading of host locale archives in order to avoid triggering internal libc assertions when invoking shipped, bundled executables. The problem has been solved with upstream Glibc commit 0062ace229 ("Gracefully handle incompatible locale data") but we still need to deal with older Glibc binaries for some time to come. Fixes FS#1803 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 9030a78a716b0a2eeed4510d4a314393262255c2) 
Binary patch the bundled glibc library to inhibit loading of host locale
archives in order to avoid triggering internal libc assertions when
invoking shipped, bundled executables.

The problem has been solved with upstream Glibc commit
0062ace229 ("Gracefully handle incompatible locale data") but we still
need to deal with older Glibc binaries for some time to come.

Fixes FS#1803
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9030a78a716b0a2eeed4510d4a314393262255c2)
scripts: bundle-libraries: fix build on OS X (FS#1493) 2018-07-19T07:12:25+00:00 Jo-Philipp Wich jo@mein.io 2018-04-26T14:04:37+00:00 91c94008161ec90e0ce78c61e9c26cf7f13f8c3a This allegedly fixes compilation of the library bundler preload library on Apple OS X. The resulting executables have not been runtime tested due to a lack of suitable test hardware. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 746c590882b96d5ed4d4115e4bdab4c838af7806) 
This allegedly fixes compilation of the library bundler preload library on
Apple OS X. The resulting executables have not been runtime tested due to a
lack of suitable test hardware.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 746c590882b96d5ed4d4115e4bdab4c838af7806)
build: bundle-libraries.sh: patch bundled ld.so 2018-07-19T07:12:22+00:00 Jo-Philipp Wich jo@mein.io 2018-01-25T16:12:29+00:00 54c0ef6ff5217cab1deef4ef816ddd63ec837ad3 Remove references to /etc/, /lib/ and /usr/ from the bundled ld.so interpreter using simple binary patching. This is needed to prevent loading host system libraries such as libnss_compat.so.2 on foreign systems, which may result in ld.so inconsistency assertions. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit a9a43f3d791da40893832616e79bbeed198a1ddb) 
Remove references to /etc/, /lib/ and /usr/ from the bundled ld.so
interpreter using simple binary patching.

This is needed to prevent loading host system libraries such as
libnss_compat.so.2 on foreign systems, which may result in ld.so
inconsistency assertions.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit a9a43f3d791da40893832616e79bbeed198a1ddb)
scripts/dowload.pl: use glob to expand target dir 2017-12-13T15:29:22+00:00 Zoltan Gyarmati mr.zoltan.gyarmati@gmail.com 2017-08-26T13:14:20+00:00 b69ea02a00758a2bcd3981cfb48cc629ff15cfe3 If CONFIG_DOWNLOAD_FOLDER is set to for example "~/dl", the download script fails to create the .hash and .dl files with the following errors: Cannot create file ~/dl/dropbear-2017.75.tar.bz2.dl: No such file or directory sh: 1: cannot create ~/dl/dropbear-2017.75.tar.bz2.hash: Directory nonexistent If the tarball already exists in the ~/dl dir, it's properly found and used, so this issue only affects the download.pl script. This patch calls glob() on the target dir parameter, which will expand `~`. Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com> (cherry picked from commit 0a761fe8ef346c6f0a78097938b083e2d078b0e2) 
If CONFIG_DOWNLOAD_FOLDER is set to for example "~/dl", the download
script fails to create the .hash and .dl files with the following
errors:
 Cannot create file ~/dl/dropbear-2017.75.tar.bz2.dl: No such file or directory
 sh: 1: cannot create ~/dl/dropbear-2017.75.tar.bz2.hash: Directory nonexistent

If the tarball already exists in the ~/dl dir, it's properly found and
used, so this issue only affects the download.pl script.
 This patch calls glob() on the target dir parameter, which will expand `~`.

Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
(cherry picked from commit 0a761fe8ef346c6f0a78097938b083e2d078b0e2)
scripts/package-metadata.pl: inhibit compile deps on missing build types 2017-12-13T15:23:39+00:00 Jo-Philipp Wich jo@mein.io 2017-07-26T22:18:12+00:00 b616aa6db7a9952c182ab49d7942fb67c09803d5 When a package declares a PKG_BUILD_DEPENDENCY or HOST_BUILD_DEPENDENCY on a not existing build type, the metadata script will emit a reference to an unresolvable build target in tmp/.packagedeps, causing the make process to fail hard in a way not catchable by the IGNORE_ERRORS mechanism. In a situation where a package "test-a" declares a build dependency "PKG_BUILD_DEPENDS:=test-b/host" while the Makefile of "test-b" does not implement a HostBuild, make fails with an unrecoverable error in the form: make[1]: Entering directory '...' make[1]: *** No rule to make target 'package/test-b/host/compile', needed by 'package/test-a/compile'. Stop. make[1]: Leaving directory '...' .../toplevel.mk:200: recipe for target 'package/test-a/compile' failed make: *** [package/test-a/compile] Error 2 Extend the metadata generation script to catch such unresolved references and emit a visable warning upon detection. After this change, the script will emit a warning similar to: WARNING: Makefile "package/test-a/Makefile" has a build dependency on "test-b/host" but "package/test-b/Makefile" does not implement a "host" build type Fixes a global build cluster outage which occured after the "python-cffi" feed package removed its HostBuild which the "python-cryptography" package build-depended on. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit bf5d32af2a675f7577b388b5eef2a11e6ce042eb) 
When a package declares a PKG_BUILD_DEPENDENCY or HOST_BUILD_DEPENDENCY on
a not existing build type, the metadata script will emit a reference to an
unresolvable build target in tmp/.packagedeps, causing the make process to
fail hard in a way not catchable by the IGNORE_ERRORS mechanism.

In a situation where a package "test-a" declares a build dependency
"PKG_BUILD_DEPENDS:=test-b/host" while the Makefile of "test-b" does not
implement a HostBuild, make fails with an unrecoverable error in the form:

    make[1]: Entering directory '...'
    make[1]: *** No rule to make target 'package/test-b/host/compile',
                 needed by 'package/test-a/compile'.  Stop.
    make[1]: Leaving directory '...'
    .../toplevel.mk:200: recipe for target 'package/test-a/compile' failed
    make: *** [package/test-a/compile] Error 2

Extend the metadata generation script to catch such unresolved references
and emit a visable warning upon detection.

After this change, the script will emit a warning similar to:

    WARNING: Makefile "package/test-a/Makefile" has a build dependency on
    "test-b/host" but "package/test-b/Makefile" does not implement a
    "host" build type

Fixes a global build cluster outage which occured after the "python-cffi"
feed package removed its HostBuild which the "python-cryptography" package
build-depended on.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit bf5d32af2a675f7577b388b5eef2a11e6ce042eb)
build: bundle-libraries.sh: do not override argv[0] in inner exec calls 2017-12-13T15:23:39+00:00 Jo-Philipp Wich jo@mein.io 2017-07-24T11:33:33+00:00 2e1a87a3e11b6928b128fcf72570178a250ba072 Only mangle argv[0] of the first executed process and leave the argument vector of subsequent invocations as-is to allow child programs to properly discover resources relative to their binary locations. Fixes "cc1" discovery when executing the host gcc through the bundled "ccache" executable. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 9e64874fb2508e49e52898c238d817bd152bf2c2) 
Only mangle argv[0] of the first executed process and leave the argument
vector of subsequent invocations as-is to allow child programs to properly
discover resources relative to their binary locations.

Fixes "cc1" discovery when executing the host gcc through the bundled
"ccache" executable.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9e64874fb2508e49e52898c238d817bd152bf2c2)
scripts/download.pl: Adjust URLs 2017-12-13T15:23:39+00:00 Daniel Engberg daniel.engberg.lists@pyret.net 2017-06-25T16:14:33+00:00 89c4f47caa20bba9361882b7c2bd729eb9b030ed Internet2 isn't considered a trusted issuer meaning that https links to rit.edu will fail. The host mirror.csclub.uwaterloo.ca has a trusted SSL cert and peering is good so it can replace rit.edu without performance issues. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> [Jo-Philipp Wich: rewrapped commit message] Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 99c429512622566ee2bbde69fa8efb0f2bcda33e) 
Internet2 isn't considered a trusted issuer meaning that https links to
rit.edu will fail.

The host mirror.csclub.uwaterloo.ca has a trusted SSL cert and peering
is good so it can replace rit.edu without performance issues.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
[Jo-Philipp Wich: rewrapped commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 99c429512622566ee2bbde69fa8efb0f2bcda33e)
build: fix invocation of bundled ld.so in SDK and Imagebuilder 2017-12-13T15:23:39+00:00 Jo-Philipp Wich jo@mein.io 2017-07-16T21:43:19+00:00 338968a17060373e979edd2f53d218cde1bd76b3 Commit 72d751cba9 "build: rework library bundling" introduced a new helper binary "runas" whose sole purpose was mangling the argv vector passed to the actual called ELF image so that the renamed executable could obtain the proper name from argv[0]. This approach, however totally defeated the purpose of calling bundled ELF executables through the shipped ld.so loader since the execv() invocation performed by "runas" would cause the kernel the interprete the final program image through the system ELF loader again. To solve the problem, use an alternative approach of shipping a shared object "runas.so" which uses an ELF ".init_array" function pointer to obtain the argv[] vector of the to-be-executed main() function and mangle it in-place. The actual argv[0] value to use is communicated out-of-band using an environment variable "RUNAS_ARG0" by the shell wrapper script. The wrapper script also takes care of setting LD_PRELOAD to instruct the shipped ELF loader to preload the actual ELF program image with the "runas.so" helper library. Fixes FS#909. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit ef1cafa736679eb035d405bcdf903fd1fb329865) 
Commit 72d751cba9 "build: rework library bundling" introduced a new helper
binary "runas" whose sole purpose was mangling the argv vector passed to
the actual called ELF image so that the renamed executable could obtain the
proper name from argv[0].

This approach, however totally defeated the purpose of calling bundled ELF
executables through the shipped ld.so loader since the execv() invocation
performed by "runas" would cause the kernel the interprete the final program
image through the system ELF loader again.

To solve the problem, use an alternative approach of shipping a shared object
"runas.so" which uses an ELF ".init_array" function pointer to obtain the
argv[] vector of the to-be-executed main() function and mangle it in-place.

The actual argv[0] value to use is communicated out-of-band using an
environment variable "RUNAS_ARG0" by the shell wrapper script. The wrapper
script also takes care of setting LD_PRELOAD to instruct the shipped ELF
loader to preload the actual ELF program image with the "runas.so" helper
library.

Fixes FS#909.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit ef1cafa736679eb035d405bcdf903fd1fb329865)
scripts/download.pl: print the command used to download files 2017-12-13T14:42:08+00:00 Felix Fietkau nbd@nbd.name 2017-05-09T13:20:42+00:00 ef43c04c34f23433fea6744eb96b1dfbb1cc4c0d Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit cbe0a7ecc0b76f4d97d87ca59a0ff8074b8946f4) 
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit cbe0a7ecc0b76f4d97d87ca59a0ff8074b8946f4)