On some systems where the system compiler enables `-Wformat-security
-Werror=format-security` options by default, building libcpp fails
because the code passes a variable directly as a format string.
This change addresses this problem by patching the affected code.
Tested with the default compiler of Nixpkgs unstable, GCC 9.3.0 with the
options described above enabled by default.
Signed-off-by: Masanori Ogino <mogino@acm.org>
Change-Id: Ibf3c9e79ce10cd400c9f7ea40dd6de1ab81b50e2
Reviewed-on: https://review.coreboot.org/c/coreboot/+/45311
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
While GMP supports fat builds on x86 that adapt to the CPU's
capabilities, by default it builds for the CPU of the builder.
Running that binary on an older CPU then can fail.
Change-Id: Iafdc2eb696189b9e2c5ead316f310d98c949ef74
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/45044
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Unlike Linux kernel which has a static shadow region layout, we have
multiple stages in coreboot and thus require a different shadow offset
address. Unfortunately, GCC currently only supports adding a static
shadow offset at compile time using -fasan-shadow-offset flag.
For this reason, we enable GCC to determine asan shadow offset address
at runtime using a callback function named __asan_shadow_offset().
This supersedes the need to specify this address at compile time. GCC
then makes use of this shadow offset to protect stack buffers by
inserting red zones around them.
Some other benefits of having this GCC patch are:
a. We can place the shadow region in a separate linker section with
all its advantages like automatic fit insurance. This ensures if
a platform doesn't have enough memory space to hold shadow region,
the build will fail. (However, if we use a fixed shadow offset on a
platform that actually doesn't have enough memory, it may still
build without any errors.)
b. We don't modify the memory layout compared to the current one, as
we are placing the shadow region at the end of the space already
occupied by the program.
c. We can be much more flexible later if needed (thinking of other
stages like bootblock).
d. Since we are appending the shadow buffer to the region already
occupied, we make efficient use of the limited memory available
which is highly beneficial when using cache as ram.
Further, we have made sure that if you compile you tree with ASan
enabled but missed this patch, it will end up in the following
compilation error:
"invalid --param name 'asan-use-shadow-offset-callback'"
So, you cannot accidentally enable the feature without having your
compiler patched.
Change-Id: I401631938532a406a6d41e77c6c9716b6b2bf48d
Signed-off-by: Harshit Sharma <harshitsharmajs@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42794
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Using "MAKEINFO = @MAKEINFO@", it fails to compile, so
binutils-2.35_no-makeinfo.patch will change that to "MAKEINFO = true"
Change-Id: I0ad01e5da34c96fee6a9b1a63897a9fb28471c75
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38666
Reviewed-by: Christian Walter <christian.walter@9elements.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
gmp_freebsd-configure.patch is integrated in upstream so we don't need
it anymore.
Changes: https://gmplib.org/gmp6.2
Change-Id: I8404872f1b65e9173c1fcbd24d7da7bdd7937503
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38465
Reviewed-by: Christian Walter <christian.walter@9elements.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Idwer Vollering <vidwer@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Building cbfstool requires at least 4.9 due to optimizer bugs in gcc
3.x to 4.8.x, so let's not work around ancient compilers in our tree
but ensure that users get a newer compiler.
Closes: https://ticket.coreboot.org/issues/240
Change-Id: I4e0f80e2790514e6a1b5d5de1a373f365df1569c
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/43143
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Update fixes build issues with host GCC 10.
Other changes:
https://acpica.org/node/177https://acpica.org/node/178https://acpica.org/node/179https://acpica.org/node/181
acpinames utility removed:
"Removed support for the acpinames utility. The acpinames was a simple
utility used to populate and display the ACPI namespace without executing
any AML code. However, ACPICA now supports executable opcodes outside of
control methods. This means that executable AML opcodes such as If and
Store opcodes need to be executed during table load. Therefore, acpinames
would need to be updated to match the same behavior as the acpiexec
utility and since acpiexec can already dump the entire namespace (via the
'namespace' command), we no longer have the need to maintain acpinames."
Change-Id: Ibd995561ca53458b04f87cee5693850c0d90d3d6
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38907
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
In its current state, it draws more dependencies in than it solves
which makes it useless.
Change-Id: I08f592731c3da2ac19e1f93682256f559a067fc4
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38483
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
The GCC 10 GNAT toolchain uses a new exception handler ABI, so older
GNAT cannot be built with GCC 10. This patch backports the new
exception handler in libgnat to make GNAT able to be built.
The libgnat patch doesn't remove the old exception handler, so it can
still be built with older compilers.
The cross toolchain can now be built with GCC 10.1.0 in Arch Linux
(with the latest IASL in CB:38907 that can be built in Arch), and the
toolchain can build a working coreboot image with libgfxinit for HP
EliteBook 2560p.
The original and patched crossgcc built with Debian 10.4 GCC 8.3.0,
and the patched crossgcc built with Arch GCC 10.1.0 generate identical
coreboot images with `make BUILD_TIMELESS=1`.
Change-Id: I757158056bf4698d3c68715e026c226615bc70a1
Signed-off-by: Iru Cai <mytbk920423@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42158
Reviewed-by: Nico Huber <nico.h@gmx.de>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Stefan thinks they don't add value.
Command used:
sed -i -e '/file is part of /d' $(git grep "file is part of " |egrep ":( */\*.*\*/\$|#|;#|-- | *\* )" | cut -d: -f1 |grep -v crossgcc |grep -v gcov | grep -v /elf.h |grep -v nvramtool)
The exceptions are for:
- crossgcc (patch file)
- gcov (imported from gcc)
- elf.h (imported from GNU's libc)
- nvramtool (more complicated header)
The removed lines are:
- fmt.Fprintln(f, "/* This file is part of the coreboot project. */")
-# This file is part of a set of unofficial pre-commit hooks available
-/* This file is part of coreboot */
-# This file is part of msrtool.
-/* This file is part of msrtool. */
- * This file is part of ncurses, designed to be appended after curses.h.in
-/* This file is part of pgtblgen. */
- * This file is part of the coreboot project.
- /* This file is part of the coreboot project. */
-# This file is part of the coreboot project.
-# This file is part of the coreboot project.
-## This file is part of the coreboot project.
--- This file is part of the coreboot project.
-/* This file is part of the coreboot project */
-/* This file is part of the coreboot project. */
-;## This file is part of the coreboot project.
-# This file is part of the coreboot project. It originated in the
- * This file is part of the coreinfo project.
-## This file is part of the coreinfo project.
- * This file is part of the depthcharge project.
-/* This file is part of the depthcharge project. */
-/* This file is part of the ectool project. */
- * This file is part of the GNU C Library.
- * This file is part of the libpayload project.
-## This file is part of the libpayload project.
-/* This file is part of the Linux kernel. */
-## This file is part of the superiotool project.
-/* This file is part of the superiotool project */
-/* This file is part of uio_usbdebug */
Change-Id: I82d872b3b337388c93d5f5bf704e9ee9e53ab3a9
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41194
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
We have the git history which is a more reliable librarian.
Change-Id: Idbcc5ceeb33804204e56d62491cb58146f7c9f37
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41175
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: ron minnich <rminnich@gmail.com>
Revert the upgrade as it breaks at least the devicetree parser on
aarch64, tested on qemu aarch64 target.
This reverts commit dfd3f21174.
Change-Id: I65607817188db21533014caa6d15be9a2004d498
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39571
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
The latest debian builder image doesn't compile GDB correctly. Disable
the build test until I can get it working again.
Signed-off-by: Martin Roth <martin@coreboot.org>
Change-Id: I7852a39ed40a7364d24d0bbf014fd25058491083
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39575
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
nds32 and GNAT bad constant patches are integrated in upstream
so we don't need them anymore.
Change-Id: Id6f65548764654ae5539ac3c835853ea2fa1c5e0
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32564
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Jett Rink <jettrink@chromium.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This reverts commit 547de69de7.
Merged out of order before CB:36317. The conflicting use of
_ADR and _HID needs to be properly addressed before we can
bump the IASL version.
Change-Id: Iacbc9877a8ff2324eba4789d65df8545b8a25413
Signed-off-by: Nico Huber <nico.huber@secunet.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37713
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The MIPS architecture port has been added 5+ years ago in order to
support a Chrome OS project that ended up going nowhere. No other board
has used it since and nobody is still willing or has the expertise and
hardware to maintain it. We have decided that it has become too much of
a mainenance burden and the chance of anyone ever reviving it seems too
slim at this point. This patch eliminates all MIPS code and
MIPS-specific hacks.
Change-Id: I5e49451cd055bbab0a15dcae5f53e0172e6e2ebe
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34919
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
New changes in the latest binutils 2.32 lead to assembler errors causes
ipxe build failure. IPXE uses the divide test which requires /dev/null as
input as well as the output file name.
This patch facilitates the /dev/null as an exception to the current
changes in binutils package while building crossgcc for coreboot leads to
successful build of ipxe and further tests to pass based on /dev/null and
applies automatically during the crossgcc rebuild.
Also, this can be reverted once binutils/ipxe provides an updated release
in this respect.
Fixes: https://ticket.coreboot.org/issues/204
Change-Id: I9f664829b8c42420c0b2ab1f2316150f86ac0b1a
Signed-off-by: Himanshu Sahdev <himanshusah@hcl.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35098
Reviewed-by: Martin Roth <martinroth@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Ubuntu 19.04 will fail looking for aclocal-1.15 if the scripts
are not regenerated because 19.04 ships with 1.16.
There are not enough eyes to roll when working with GNU autotools.
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Signed-off-by: Martin Roth <martin@coreboot.org>
Change-Id: I4aa9f520499930ffc984ab0b0144c9c6b2e544a0
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35522
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Bring this over from the HEADS repo.
Signed-off-by: Martin Roth <martin@coreboot.org>
Change-Id: I36dc9860f4c4a2675fd3fa24fa3e534215ceb43e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35724
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Tianocore payload uses nasm. Supply it in the coreboot toolchain
instead of relying on system version.
Signed-off-by: Martin Roth <martinroth@chromium.org>
Change-Id: I086cbe6c46f7c09b2a7a83e177b32fd1bdf99266
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33024
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
GNAT had a constant initialized at runtime which led to trouble
with compilers that decided to place it into an actual constant
section (e.g. GCC 9). Usually, this would be handled gracefully
if the Ada compiler knew about the runtime initialization. How-
ever, as the initialization was done by taking the address of
the variable, the compiler had no clue.
Change-Id: I73ce4cadc612c814ed2e22b44f429af2ad3db288
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34147
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>