Fails to link otherwise
ld: cannot find -lhiredis: No such file or directory
collect2: error: ld returned 1 exit status
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ispellaff2myspell: A program to convert ispell affix tables to myspell format
pulls perl into the images
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
We already depend on sqlite, but the objectstore backend using it is not
enabled by default. Add the necessary configure option.
The db backend is more robust when accessing the objectstore from many
parallel processes (such as during kernel module signing).
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
SoftHSMv2 actually only uses the sqlite library. With the check for the
sqlite3 binary, building with the DB backend would mean depending on
sqlite-native.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This helps in overcoming a problem when using scons with ccache enabled.
When commands get longer, then it resorts to using response files to do
the operations e.g. @/tmp/tmp96j6icra.lnk when this response file is
inboked by compiler it works ok, however, this does not when ccache is
used to invoke the complilation. We see errors e.g.
ccache @/tmp/tmppsyij_0v.lnk
ccache: error: execute_noreturn of @/tmp/tmppsyij_0v.lnk failed: No such file or directory
Using MAXLINELENGTH setting ensures that we can use ARG_MAX to extend
the length of commandline and hence avoid using response files. This
issue is also reported in mongodb [1]
[1] https://jira.mongodb.org/browse/SERVER-38389
Signed-off-by: Khem Raj <raj.khem@gmail.com>
configure uses AC_PREPROC_IFELSE to check for certain errors from getaddrinfo()
it user search operation in a preprocessed file
UNIQUEVALS=`sort $ERRVALFILE | uniq | wc -l | awk '{ print $1 }'`
However, line numbers are generated into the preprocesser files and they
get sorted higher than numbers
gaierrval:
# 130 "conftest.c" 3 4
-3
-P ensures that line numbers are not generated into preprocessed files,
so these checks can succeed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It uses python3-config during build to grok the python specific
includedirs, therefore its important to ensure that target specific
python3-config is used, otherwise currently it defaults to native
python3-config which ends up adding native python3 include paths
which might work out ok but is exposed when target is 32bit + lfs
enabled, the headers don't match between native and target python
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It uses python3-config during build to grok the python specific
includedirs, therefore its important to ensure that target specific
python3-config is used, otherwise currently it defaults to native
python3-config which ends up adding native python3 include paths
which might work out ok but is exposed when target is 32bit + lfs
enabled, the headers don't match between native and target python
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It uses python3-config during build to grok the python specific
includedirs, therefore its important to ensure that target specific
python3-config is used, otherwise currently it defaults to native
python3-config which ends up adding native python3 include paths
which might work out ok but is exposed when target is 32bit + lfs
enabled, the headers don't match between native and target python
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It uses python3-config during build to grok the python specific
includedirs, therefore its important to ensure that target specific
python3-config is used, otherwise currently it defaults to native
python3-config which ends up adding native python3 include paths
which might work out ok but is exposed when target is 32bit + lfs
enabled, the headers don't match between native and target python
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This avoid unnessary provider conflict with pipewire-native to
provide modules
NOTE: Multiple providers are available for runtime pipewire-modules-protocol-native (pipewire, pipewire-native)
Consider defining a PREFERRED_RPROVIDER entry to match pipewire-modules-protocol-native
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Switch to using meson
- Fix build with gcc13
- Use packageconfig for enabling python support and static libs
Signed-off-by: Khem Raj <raj.khem@gmail.com>
They are not implemented for all arches e.g. RISCV on gcc 13 yet
Fixes
riscv64-yoe-linux/gcc/riscv64-yoe-linux/13.0.1/ld: lib/libPocoFoundation.so.94: unde
fined reference to `__atomic_exchange_1'
Signed-off-by: Khem Raj <raj.khem@gmail.com>
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
An adversary with access to precise enough information about memory
accesses (typically, an untrusted operating system attacking a secure
enclave) can recover an RSA private key after observing the victim
performing a single private-key operation, if the window size
(MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
There is a potential heap-based buffer overflow and heap-based buffer
over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-46392https://nvd.nist.gov/vuln/detail/CVE-2022-46393
Upstream patches:
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
