summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* OpenSSL: fully disable CPU feature detection.jmb/openssl-asmJohn-Mark Bell2015-11-281-11/+2
| | | | | | | | | | | | | | | | | | | | | It is unsafe to detect and use NEON or VFP instructions at runtime in a binary built using default compiler options. This is because the UnixLib runtime will only create and manage floating point contexts if -mfloat-abi is set to "softfp" at build time (which may occur automagically based on other compiler switches such as -mfpu). This is further complicated by the need to build a VFP-capable binary or else UnixLib will enable its FPA support code instead. Neither is desirable as FPA emulation will just be slower than soft float and VFP will restrict the binary to ARMv6 or later (and, even then, only certain CPUs) which would disappoint all the users still running RiscPCs, A9Homes, or Iyonixes. So disable this feature detection, until we can make UnixLib enable support code based on runtime, rather than (or, in addition to) compile-time, tests.
* OpenSSL: fix ARMv3 patch for GCM hashing.John-Mark Bell2015-11-131-21/+20
| | | | | | | I'd misread the code before and missed that some register aliases map to the same register. Upshot being, we were trampling over all kinds of things -- it's surprising that the worst outcome was a TLS handshake failure, and not violent crashes.
* OpenSSL: enable asm optimisations on RISC OSJohn-Mark Bell2015-11-133-2/+145
|
* OpenSSL: use more sensible defaultsJohn-Mark Bell2015-11-131-1/+7
|
* RISC OS: fix up tooling for GCCSDK 4.7.4r2John-Mark Bell2015-11-135-31/+10
| | | | | | | | | | | | * Makefile: Update to reflect upstream tree structure * recipes/patches/gcc4/binutils-plugins.p, recipes/patches/gcc4/gmp-force-build.p: Refresh context * recipes/patches/gcc4/python2.5.p: Drop: Python 2.5 is ancient * recipes/patches/gcc4/riscos.md.p: Drop: merged upstream
* allow building of libjpeg turbo and use it on RISC OSVincent Sanders2015-11-121-7/+30
|
* Update curl to 7.45 to fix several CVEVincent Sanders2015-11-121-1/+1
|
* Update RISC OS GCCSDK to 4.7.4v2 releaseVincent Sanders2015-11-121-2/+2
| | | | | This is required to address an issue with poll returning bad fd errors which cause netsurf fetches to fail.
* Update openurl.library download locationChris Young2015-08-311-5/+7
|
* Update to SDK 53.29Chris Young2015-08-311-5/+5
|
* RISC OS: add patch to fix stack corruptionJohn-Mark Bell2015-08-141-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Given a function such as this: void foo(void) { register unsigned int sp __asm__("sp"); _exit(sp); } GCCSDK 4.7.4 release 1 will generate the following output when the optimiser is enabled (it doesn't matter which optimisation level is chosen, so long as it's >0): mov ip, sp stmfd sp!, {fp, ip, lr, pc} cmp sp, sl bllt __rt_stkovf_split_small mov r0, sp bl _exit If this function is called from a parent that has caused the current stack chunk to be fully utilised (i.e. SP on entry to foo is less than SL), then the stack chunk extender will be called. __rt_stkovf_split_small will replace the return address of the current stack frame with the address of the stack chunk cleanup function (that foo is effectively noreturn doesn't matter here). The real return address is squirreled away in a field at the base of the new stack chunk, and will be retrieved by the cleanup code. In the function prologue emitted above, however, the frame pointer is not updated before the stack check is performed. The result is that the *parent* function's stack frame will be modified instead. This causes much badness as the parent function is using a completely different stack chunk and so, when it returns to its parent, we will very likely branch through zero (if the parent's stack chunk is the initial chunk) or return to some unexpected place further up the call stack, most likely with the wrong result values (if the parent's stack chunk is not the initial chunk) To fix this, we mark rt_stkovf_v5_clobbered as using r11 (fp), in much the same way as rt_stkovf already does. This prevents the peephole optimiser optimising out the frame pointer update. This results in this much more sensible output: mov ip, sp stmfd sp!, {fp, ip, lr, pc} sub fp, ip, #4 cmp sp, sl bllt __rt_stkovf_split_small mov r0, sp bl _exit This ensures that the correct stack frame is modified by __rt_stkovf_split_small. Note that, in this particular case, foo does not return, so the stack chunk cleaning won't happen. This isn't really a problem, as the only real ways out of functions which do not return are process exit, or longjmp which, in the UnixLib implementation, explicitly cleans up stack chunks before returning control to the location specified in the jmp_buf.
* Upgrade to OpenSSL 1.0.1pRob Kendrick2015-07-131-1/+1
|
* Cause cares to be built statically on mingw32Vincent Sanders2015-04-261-1/+2
|
* Fixup libcurl static build for i686-w64-mingw32Vincent Sanders2015-04-261-0/+1
|
* Fix mingw libgnurx building for static librariesVincent Sanders2015-04-265-4/+120
| | | | | | This uses the Fedora mingw-libgnurx package approach to make the autofoo in the gnurx library less broken allowing teh generation of static libraries.
* Update libfreetype to version 2.5.5Vincent Sanders2015-04-261-1/+1
| | | | Fixes several security issues and render problems with some font file types.
* Update libcurl to 7.42.0 versionVincent Sanders2015-04-261-1/+1
| | | | This edition of libcurl fixes several CVE so our toolchains should use it.
* Update to libpng 1.6.17Michael Drake2015-03-311-1/+1
|
* update amiga patches to new curl versionVincent Sanders2015-03-192-10/+10
|
* Fix up context in OpenSSL patchesJohn-Mark Bell2015-03-194-8/+8
|
* Refresh patches for OpenSSL 1.0.1mJohn-Mark Bell2015-03-195-27/+26
|
* Update to OpenSSL 1.0.1mRob Kendrick2015-03-191-1/+1
|
* Make the SDK environment only use the first instance of the tools it findsVincent Sanders2015-03-111-4/+4
|
* update 32bit mingw target for windows toolchain buildVincent Sanders2015-03-112-33/+34
|
* Update mingw toolchain build to latest versionsVincent Sanders2015-03-111-28/+27
|
* update libcurl to latest version with fixed CVEVincent Sanders2015-03-101-1/+1
|
* Update pinned GCCSDK revision to include recent fixes, importantly gmplib ↵Rob Kendrick2015-03-041-1/+1
| | | | download URL
* Fix connection timeout when built for AmigaOS3/clib2Chris Young2015-01-191-0/+11
|
* Build m68k-amigaos curl against SSL and ZChris Young2015-01-161-2/+2
|
* Fix ppc-amigaos openssl patch for openssl 1.0.1kVincent Sanders2015-01-151-1/+1
|
* Update Openssl to 1.0.1k to fix multiple CVEVincent Sanders2015-01-151-1/+1
|
* Update libpng to version 1.6.16Michael Drake2015-01-141-1/+1
| | | | | | | | | Versions of libpng from 1.6.9 through to 1.6.15 have an integer-overflow vulnerability in png_combine_row() when decoding very wide interlaced images, which can allow an attacker to overwrite an arbitrary amount of memory with attacker-controlled data. This bug is fixed in version 1.6.16.
* Fixup remaining SDK build issues for m68k-amigaos toolchain.Chris Young2015-01-112-2/+17
| | | | Curl binary still doesn't work, but everything else seems OK.
* Fix OpenSSL build for the m68k-unknown-amigaos toolchainChris Young2015-01-113-1/+41
|
* Link crt0.o to ncrt0.o to amke the compiler workChris Young2015-01-111-0/+1
|
* Fix iconv buildChris Young2015-01-111-0/+1
|
* Fix clib2 getopt() compilationChris Young2015-01-111-0/+79
|
* Use gcc 3.4.6 for m68k-amigaos-toolchainChris Young2015-01-1150-2228/+4841
| | | | | | | | | | | | | | | | | | | | | | | | This changes to using the 3.4 series gcc with patches from github:cahirwpz/m68k-amigaos-toolchain and some other modifications to make it compile. clib2 is currently failing to build with this compiler with the following errors: Compiling unistd_getopt.c [large_data_020:c] /tmp/ccrQcqYy.s: Assembler messages: /tmp/ccrQcqYy.s:36: Error: parse error -- statement `cmpl (sp.0),d0' ignored /tmp/ccrQcqYy.s:58: Error: parse error -- statement `movel (sp.0),a0' ignored /tmp/ccrQcqYy.s:86: Error: parse error -- statement `addql #1,(sp.0)' ignored /tmp/ccrQcqYy.s:89: Error: parse error -- statement `movel (sp.0),a0' ignored /tmp/ccrQcqYy.s:94: Error: parse error -- statement `movel d0,(sp.0)' ignored /tmp/ccrQcqYy.s:104: Error: parse error -- statement `addl (sp.0),a0' ignored /tmp/ccrQcqYy.s:129: Error: parse error -- statement `movel d0,(sp.0)' ignored /tmp/ccrQcqYy.s:139: Error: parse error -- statement `movel d0,(sp.0)' ignored /tmp/ccrQcqYy.s:143: Error: parse error -- statement `addql #1,(sp.0)' ignored /tmp/ccrQcqYy.s:146: Error: parse error -- statement `movel (sp.0),a0' ignored /tmp/ccrQcqYy.s:150: Error: parse error -- statement `movel d0,(sp.0)' ignored make[2]: *** [large_data_020/libc_objs/unistd_getopt.o] Error 1
* Move the slightly conflicting patches into per-target locations to stop the ↵Chris Young2015-01-012-0/+0
| | | | patcher complaining.
* Patch libcurl enough to make it compile for m68k-amigaos/clib2Chris Young2014-12-204-0/+50
| | | | NB: this does not result in a working curl binary, so libcurl probably doesn't work either.
* Get binutils from the 2.14 branch and update gcc to 4.5.4. Add extra curl args.Chris Young2014-12-202-2/+3
|
* Fix usage of autoconf and stop prompting for cvs passwordVincent Sanders2014-12-201-9/+19
|
* add required gmp patch to get it compiling on the CI systemVincent Sanders2014-12-202-8/+24
|
* clib2 doesn't have malloc.h and libpbl doesn't appear to need it with newlib ↵Chris Young2014-12-191-0/+154
| | | | either.
* Fix libiconv m68k-amigaos buildChris Young2014-12-194-1/+196
|
* Update openurl repo locationChris Young2014-12-191-2/+2
|
* Fix m68k binutils buildChris Young2014-12-193-0/+313
|
* Fix some outdated linksChris Young2014-12-161-2/+2
|
* update mintlib versionVincent Sanders2014-12-101-2/+1
|
* Update libpng to version 1.6.15Michael Drake2014-12-101-1/+1
| | | | | | | | Virtually all libpng versions up to and including 1.6.14, have an out-of-bounds memory access in png_user_version_check(). It is unclear whether this could lead to an actual exploit. The bug is fixed in version 1.6.15.
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-20 04:59:11 +0000