| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
| |
This also adds a config option GOLANG_BUILD_CACHE_DIR to customize the
location of the build cache directory.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
| |
This also adds a config option GOLANG_MOD_CACHE_WORLD_READABLE; if
enabled, chmod is run after a Go package build to make all
files/directories in the module cache world-readable.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
| |
1.15.1 includes a fix for CVE-2020-24553:
net/http/cgi,net/http/fcgi: Cross-Site Scripting (XSS) when Content-Type
is not specified
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
| |
This includes a fix for CVE-2020-16845 (encoding/binary: ReadUvarint and
ReadVarint can read an unlimited number of bytes from invalid inputs).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This adds a new Makefile variable, GO_PKG_TAGS, for Go packages. When
set, the value is passed as the parameter of the -tags option for 'go
install'.
This also updates syncthing to use this variable.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This evaluates the arguments passed to "go install" during Build/Compile
rather than when golang-package.mk is included.
This also changes build directory-related variables to be recursively
expanded, because PKG_BUILD_DIR depends on BUILD_VARIANT and so can
change during different runs of Build/Compile.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
| |
This also removes a (useless) test for PKG_GO_ZBOOTSTRAP_MODS (it is
always non-empty).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Because the first stage for building target Go is actually a host build,
the default platform options (GO386, GOARM, etc.) are detected from the
host. These values are written to a source file and kept when building
the second stage.
This modifies this source file to set the appropriate values for the
target platform, and reset values for other platforms to their
cross-compiling / most compatible defaults.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
| |
Doing both should make the compiler reproducible.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
| |
This should be more future-proof (presumably all future ARM FPUs will be
at least VFPv3).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The moves the setting of arguments for "go install" out of the shell
script in GoPackage/Build/Compile and into make.
This also adds the -buildid link flag for reproducible builds.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The variable is a list of shell variables; the new name is more in-line
with other parts the build system (CONFIGURE_VARS, MAKE_VARS, etc.).
GoPackage/Environment is kept (for now) in case other feeds are using
it.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Since RSTRIP is defined in rules.mk as a recursively expanded variable,
there is no need to define it again after setting STRIP in
golang-package.mk.
This also adds a note to the comment for GO_PKG_LDFLAGS to say that -s
and -w flags are not necessary.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The default bootstrap Go (Go 1.4) can only be compiled on a limited
number of platforms compared to newer versions of Go.
This adds a config option to use an external bootstrap Go, e.g.
installed through the build system's package manager or downloaded from
golang.org.
See: https://github.com/openwrt/packages/issues/11731
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Move more environment variables into GoPackage/Environment
* Split GoPackage/Environment into target and build sections
* Do not set GOROOT_FINAL for Go packages (setting it should only affect
the Go compiler and not Go packages)
* Set CGO_LDFLAGS to $(TARGET_LDFLAGS)
* Move GO_TARGET_* variables from golang-values.mk, and GO_VERSION_*
variables from golang-version.mk, into golang/Makefile
This also updates runc, containerd, and docker-ce to reflect the changes
in GoPackage/Environment.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Set GOENV=off when building Go compiler and packages, to ignore user's
environment configuration file
* Set GOCACHE when building host Go
* Unset GOTMPDIR, to use the buildroot temp directory instead of temp
directories in build_dir
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This update includes fixes for[1]:
* CVE-2020-7919 - doesn't appear to be published publicly yet
* CVE-2020-0601 - a Windows-related issue
[1]: https://github.com/golang/go/issues?q=milestone%3AGo1.13.7+label%3ACherryPickApproved
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The ASLR PIE option was changed to a tristate option
(openwrt/openwrt@19cbac7d264dfca1f75849de64beb98830fbb1e4). This updates
the Go compiler package and golang-package.mk to account for this
change.
This also adds warning messages for when the user has selected PIE but
Go does not have PIE support for the chosen target.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support to compile position-independent executables for
packages that use golang-package.mk.
Go packages will have PIE enabled if:
* Go supports PIE on the target platform;
* CONFIG_PKG_ASLR_PIE is selected; and
* PKG_ASLR_PIE (for the package) is not set to 0
Go 1.13 supports PIE for x86 and arm targets; mips support is in
progress[1].
[1]: https://github.com/golang/go/issues/21222#issuecomment-542064462
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
This fixes how GOARM is selected for arm platforms, based on support for
VFP/VFPv3 rather than CPU version.
Fixes #10967.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support to compile host and target Go as position-independent
executables.
Host Go will have PIE enabled if Go supports PIE on the host platform.
Target Go will have PIE enabled if Go supports PIE on the target
platform and CONFIG_PKG_ASLR_PIE is selected.
Go 1.13 supports PIE for x86 and arm targets; mips support is in
progress[1].
[1]: https://github.com/golang/go/issues/21222#issuecomment-542064462
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
| |
This replaces conditional functions with conditional directives to make
golang-values.mk more readable.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
| |
This adds calls to the strip function in golang-package.mk when using
variables expected to be set by Go packages.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
| |
The list is updated for Go 1.13.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
| |
The lists of variables are updated for Go 1.13.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This changes the formatting of environment variable unexports in
golang-values.mk to be more maintainable, and to document the sources of
variables.
There should be no change to the actual list of variables unexported.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
| |
go invokes the external linker by calling gcc, so -zxxx options in
TARGET_LDFLAGS (in golang-package.mk) need to be formatted as -Wl,z,xxx.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
go build/install supports multiple -ldflags arguments, but they are not
combined; for each package, the latest match on the command line is
used.[1]
Previously, the main executable would not be affected by the default
ldflags if GO_PKG_LDFLAGS or GO_PKG_LDFLAGS_X were set. (The default
ldflags instructs go to use the external linker.)
This fixes golang-package.mk so that the default ldflags take effect in
all cases.
[1]: https://golang.org/cmd/go/#hdr-Compile_packages_and_dependencies
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
| |
Fixes CVE-2019-17596
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
| |
Fixes CVE-2019-16276
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Go 1.13 added a new -trimpath option to the "go build" command[1] that
removes system paths from compiled executables. This replaces the
previous -trimpath flags.
There are still system paths in the compiled executable (for crti.o and
crtn.o, when cross-compiling); these appear to be stripped during the
packaging process.
[1]: https://golang.org/doc/go1.13#trimpath
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Xingwang Liao <kuoruan@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Includes fixes (in 1.12.8) for:
CVE-2019-14809 - https://nvd.nist.gov/vuln/detail/CVE-2019-14809
CVE-2019-9512 - https://nvd.nist.gov/vuln/detail/CVE-2019-9512
CVE-2019-9514 - https://nvd.nist.gov/vuln/detail/CVE-2019-9514
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
| |
by overwrite the GoPackage/Environment definition
Signed-off-by: Xingwang Liao <kuoruan@gmail.com>
|