[Buildroot] [PATCH 0/5] misc. patches from Nokia

[Buildroot] [PATCH 0/5] misc. patches from Nokia

[Thomas De Schampheleire]

Hi,

As promised earlier this year, here is a first set of patches from our local
tree. More will come later.

They are grouped in one series, but only the two dropbear patches actually
are linked.

Best regards,
Thomas

--

Alfredo Alvarez Fernandez (1):
  pigz: new package

Jan Heylen (1):
  linux: automatically set CONFIG_PERF_EVENTS when perf is enabled

Thomas De Schampheleire (3):
  host zstd: additionally build binary and make selectable
  dropbear: add option to disable CBC mode ciphers
  dropbear: add option to disable weak HMAC algorithms

 linux/linux.mk                |  2 ++
 package/Config.in             |  1 +
 package/Config.in.host        |  1 +
 package/dropbear/Config.in    | 14 ++++++++++++++
 package/dropbear/dropbear.mk  | 17 +++++++++++++++++
 package/linux-tools/Config.in |  8 +++++---
 package/pigz/Config.in        | 14 ++++++++++++++
 package/pigz/pigz.hash        |  2 ++
 package/pigz/pigz.mk          | 21 +++++++++++++++++++++
 package/zstd/Config.in.host   |  8 ++++++++
 package/zstd/zstd.mk          |  4 ++++
 11 files changed, 89 insertions(+), 3 deletions(-)
 create mode 100644 package/pigz/Config.in
 create mode 100644 package/pigz/pigz.hash
 create mode 100644 package/pigz/pigz.mk
 create mode 100644 package/zstd/Config.in.host

-- 
2.16.4

[Buildroot] [PATCH 1/5] linux: automatically set CONFIG_PERF_EVENTS when perf is enabled

[Thomas De Schampheleire]

From: Jan Heylen <jan.heylen@nokia.com>

Perf profiling cannot be used if CONFIG_PERF_EVENTS is not enabled in the
kernel configuration. Similar to other tools, like ktap, we can enable the
right options automatically.

Signed-off-by: Jan Heylen <jan.heylen@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
---
 linux/linux.mk                | 2 ++
 package/linux-tools/Config.in | 8 +++++---
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/linux/linux.mk b/linux/linux.mk
index 6b5f5344ed..7f4c916671 100644
--- a/linux/linux.mk
+++ b/linux/linux.mk
@@ -292,6 +292,8 @@ define LINUX_KCONFIG_FIXUP_CMDS
 		$(call KCONFIG_ENABLE_OPT,CONFIG_ENABLE_DEFAULT_TRACERS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_PERF_EVENTS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_FUNCTION_TRACER,$(@D)/.config))
+	$(if $(BR2_PACKAGE_LINUX_TOOLS_PERF),
+		$(call KCONFIG_ENABLE_OPT,CONFIG_PERF_EVENTS,$(@D)/.config))
 	$(if $(BR2_PACKAGE_SYSTEMD),
 		$(call KCONFIG_ENABLE_OPT,CONFIG_CGROUPS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_INOTIFY_USER,$(@D)/.config)
diff --git a/package/linux-tools/Config.in b/package/linux-tools/Config.in
index 2527c90257..349dc6bf0d 100644
--- a/package/linux-tools/Config.in
+++ b/package/linux-tools/Config.in
@@ -47,9 +47,11 @@ config BR2_PACKAGE_LINUX_TOOLS_PERF
 	  code), single CPU or severals threads.
 
 	  This will build and install the userspace 'perf'
-	  command. It is up to the user to ensure that the kernel
-	  configuration has all the suitable options enabled to allow a
-	  proper operation of 'perf'.
+	  command.
+
+	  Your kernel must have CONFIG_PERF_EVENTS enabled to use perf
+	  profiling. Buildroot automatically enables this in the kernel
+	  configuration.
 
 	  https://perf.wiki.kernel.org/
 
-- 
2.16.4

[Buildroot] [PATCH 2/5] pigz: new package

[Thomas De Schampheleire]

From: Alfredo Alvarez Fernandez <alfredo.alvarez_fernandez@nokia.com>

A parallel implementation of gzip for modern
multi-processor, multi-core machines.

Signed-off-by: Alfredo Alvarez Fernandez <alfredo.alvarez_fernandez@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
---
 package/Config.in      |  1 +
 package/pigz/Config.in | 14 ++++++++++++++
 package/pigz/pigz.hash |  2 ++
 package/pigz/pigz.mk   | 21 +++++++++++++++++++++
 4 files changed, 38 insertions(+)
 create mode 100644 package/pigz/Config.in
 create mode 100644 package/pigz/pigz.hash
 create mode 100644 package/pigz/pigz.mk

diff --git a/package/Config.in b/package/Config.in
index e94a6a8c12..20fe5ad8ff 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -70,6 +70,7 @@ menu "Compressors and decompressors"
 	source "package/lzip/Config.in"
 	source "package/lzop/Config.in"
 	source "package/p7zip/Config.in"
+	source "package/pigz/Config.in"
 	source "package/pixz/Config.in"
 	source "package/unrar/Config.in"
 	source "package/unzip/Config.in"
diff --git a/package/pigz/Config.in b/package/pigz/Config.in
new file mode 100644
index 0000000000..af229060cf
--- /dev/null
+++ b/package/pigz/Config.in
@@ -0,0 +1,14 @@
+config BR2_PACKAGE_PIGZ
+	bool "pigz"
+	depends on BR2_TOOLCHAIN_HAS_THREADS
+	select BR2_PACKAGE_ZLIB
+	help
+	  pigz, which stands for parallel implementation of gzip, is a
+	  fully functional replacement for gzip that exploits multiple
+	  processors and multiple cores to the hilt when compressing
+	  data.
+
+	  http://www.zlib.net/pigz/
+
+comment "pigz needs a toolchain w/ threads"
+	depends on !BR2_TOOLCHAIN_HAS_THREADS
diff --git a/package/pigz/pigz.hash b/package/pigz/pigz.hash
new file mode 100644
index 0000000000..510db9affa
--- /dev/null
+++ b/package/pigz/pigz.hash
@@ -0,0 +1,2 @@
+# From https://zlib.net/pigz/
+sha256  a4f816222a7b4269bd232680590b579ccc72591f1bb5adafcd7208ca77e14f73  pigz-2.4.tar.gz
diff --git a/package/pigz/pigz.mk b/package/pigz/pigz.mk
new file mode 100644
index 0000000000..82f3049519
--- /dev/null
+++ b/package/pigz/pigz.mk
@@ -0,0 +1,21 @@
+################################################################################
+#
+# pigz
+#
+################################################################################
+
+PIGZ_VERSION = 2.4
+PIGZ_SITE = http://www.zlib.net/pigz
+PIGZ_DEPENDENCIES = zlib
+PIGZ_LICENSE = Zlib
+PIGZ_LICENSE_FILES = README
+
+define PIGZ_BUILD_CMDS
+	$(TARGET_MAKE_ENV) $(MAKE) $(TARGET_CONFIGURE_OPTS) -C $(@D)
+endef
+
+define PIGZ_INSTALL_TARGET_CMDS
+	$(INSTALL) -D -m 0755 $(@D)/pigz $(TARGET_DIR)/usr/bin/pigz
+endef
+
+$(eval $(generic-package))
-- 
2.16.4

[Buildroot] [PATCH 3/5] host zstd: additionally build binary and make selectable

[Thomas De Schampheleire]

The zstd (de)compression tool may be used in post-image scripts to compress
certain elements of the final image.

In order to allow that, make host-zstd selectable in the 'Host utilities'
menu, and build the binary in addition to the library.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
---
 package/Config.in.host      | 1 +
 package/zstd/Config.in.host | 8 ++++++++
 package/zstd/zstd.mk        | 4 ++++
 3 files changed, 13 insertions(+)
 create mode 100644 package/zstd/Config.in.host

diff --git a/package/Config.in.host b/package/Config.in.host
index 38543e7390..7838ffc219 100644
--- a/package/Config.in.host
+++ b/package/Config.in.host
@@ -62,5 +62,6 @@ menu "Host utilities"
 	source "package/vboot-utils/Config.in.host"
 	source "package/xorriso/Config.in.host"
 	source "package/zip/Config.in.host"
+	source "package/zstd/Config.in.host"
 
 endmenu
diff --git a/package/zstd/Config.in.host b/package/zstd/Config.in.host
new file mode 100644
index 0000000000..05751f8fbf
--- /dev/null
+++ b/package/zstd/Config.in.host
@@ -0,0 +1,8 @@
+config BR2_PACKAGE_HOST_ZSTD
+	bool "host zstd"
+	help
+	  Zstandard, or zstd as short version, is a fast lossless
+	  compression algorithm, targeting real-time compression
+	  scenarios at zlib-level and better compression ratios
+
+	  https://facebook.github.io/zstd
diff --git a/package/zstd/zstd.mk b/package/zstd/zstd.mk
index 4915cee07d..0b613a6da4 100644
--- a/package/zstd/zstd.mk
+++ b/package/zstd/zstd.mk
@@ -72,11 +72,15 @@ endef
 define HOST_ZSTD_BUILD_CMDS
 	$(HOST_MAKE_ENV) $(HOST_CONFIGURE_OPTS) $(MAKE) \
 		-C $(@D)/lib
+	$(HOST_MAKE_ENV) $(HOST_CONFIGURE_OPTS) $(MAKE) \
+		-C $(@D) zstd
 endef
 
 define HOST_ZSTD_INSTALL_CMDS
 	$(HOST_MAKE_ENV) $(HOST_CONFIGURE_OPTS) $(MAKE) \
 		DESTDIR=$(HOST_DIR) PREFIX=/usr -C $(@D)/lib install
+	$(HOST_MAKE_ENV) $(HOST_CONFIGURE_OPTS) $(MAKE) \
+		DESTDIR=$(HOST_DIR) PREFIX=/usr -C $(@D)/programs install
 endef
 
 $(eval $(generic-package))
-- 
2.16.4

[Buildroot] [PATCH 4/5] dropbear: add option to disable CBC mode ciphers

[Thomas De Schampheleire]

CBC mode ciphers are considered insecure. Add an option to disable it.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
---
 package/dropbear/Config.in   | 7 +++++++
 package/dropbear/dropbear.mk | 8 ++++++++
 2 files changed, 15 insertions(+)

diff --git a/package/dropbear/Config.in b/package/dropbear/Config.in
index 5d6b83b6d1..d92420ac81 100644
--- a/package/dropbear/Config.in
+++ b/package/dropbear/Config.in
@@ -35,6 +35,13 @@ config BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS
 	  on systems without working DNS, as connections otherwise
 	  stall until DNS times out.
 
+config BR2_PACKAGE_DROPBEAR_DISABLE_CBC
+	bool "disable CBC mode ciphers"
+	help
+	  Cipher Block Chaining (CBC) may allow an attacker to recover
+	  plaintext messages from the ciphertext. For higher security, it is
+	  recommended to disable it (and thus enable this option).
+
 config BR2_PACKAGE_DROPBEAR_SMALL
 	bool "optimize for size"
 	default y
diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
index bb902bc7ce..dc233aab53 100644
--- a/package/dropbear/dropbear.mk
+++ b/package/dropbear/dropbear.mk
@@ -71,6 +71,10 @@ define DROPBEAR_DISABLE_STANDALONE
 	echo '#define NON_INETD_MODE 0'                 >> $(@D)/localoptions.h
 endef
 
+define DROPBEAR_DISABLE_CBC_CIPHERS
+	echo '#define DROPBEAR_ENABLE_CBC_MODE 0'       >> $(@D)/localoptions.h
+endef
+
 define DROPBEAR_INSTALL_INIT_SYSTEMD
 	$(INSTALL) -D -m 644 package/dropbear/dropbear.service \
 		$(TARGET_DIR)/usr/lib/systemd/system/dropbear.service
@@ -92,6 +96,10 @@ ifeq ($(BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS),)
 DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_ENABLE_REVERSE_DNS
 endif
 
+ifeq ($(BR2_PACKAGE_DROPBEAR_DISABLE_CBC),y)
+DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_DISABLE_CBC_CIPHERS
+endif
+
 ifeq ($(BR2_PACKAGE_DROPBEAR_SMALL),y)
 DROPBEAR_CONF_OPTS += --disable-zlib --enable-bundled-libtom
 else
-- 
2.16.4

[Buildroot] [PATCH 5/5] dropbear: add option to disable weak HMAC algorithms

[Thomas De Schampheleire]

sha1-96 and md5 HMAC algorithms are considered insecure.
Add an option to disable them.

Note that the md5 HMAC algorithm seems to be disabled by default in current
dropbear, but the upstream commit in which that was done
(750ec4ec4cbed4cf5e2f3c7b9de95c90d9ebd68d - "Convert #ifdef to #if, other
build changes") does not explicitly state this change as a goal. To make
sure it is not reverted in the future, explicitly disable the algorithm.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
---
 package/dropbear/Config.in   | 7 +++++++
 package/dropbear/dropbear.mk | 9 +++++++++
 2 files changed, 16 insertions(+)

diff --git a/package/dropbear/Config.in b/package/dropbear/Config.in
index d92420ac81..bb7d914c06 100644
--- a/package/dropbear/Config.in
+++ b/package/dropbear/Config.in
@@ -42,6 +42,13 @@ config BR2_PACKAGE_DROPBEAR_DISABLE_CBC
 	  plaintext messages from the ciphertext. For higher security, it is
 	  recommended to disable it (and thus enable this option).
 
+config BR2_PACKAGE_DROPBEAR_DISABLE_WEAK_HMAC
+	bool "disable weak HMAC algorithms"
+	help
+	  Disable support for following weak HMAC algorithms:
+	  - sha1-96 HMAC
+	  - md5 HMAC
+
 config BR2_PACKAGE_DROPBEAR_SMALL
 	bool "optimize for size"
 	default y
diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
index dc233aab53..17e937444f 100644
--- a/package/dropbear/dropbear.mk
+++ b/package/dropbear/dropbear.mk
@@ -75,6 +75,11 @@ define DROPBEAR_DISABLE_CBC_CIPHERS
 	echo '#define DROPBEAR_ENABLE_CBC_MODE 0'       >> $(@D)/localoptions.h
 endef
 
+define DROPBEAR_DISABLE_WEAK_HMAC_ALGORITHMS
+	echo '#define DROPBEAR_SHA1_96_HMAC 0'          >> $(@D)/localoptions.h
+	echo '#define DROPBEAR_MD5_HMAC 0'              >> $(@D)/localoptions.h
+endef
+
 define DROPBEAR_INSTALL_INIT_SYSTEMD
 	$(INSTALL) -D -m 644 package/dropbear/dropbear.service \
 		$(TARGET_DIR)/usr/lib/systemd/system/dropbear.service
@@ -100,6 +105,10 @@ ifeq ($(BR2_PACKAGE_DROPBEAR_DISABLE_CBC),y)
 DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_DISABLE_CBC_CIPHERS
 endif
 
+ifeq ($(BR2_PACKAGE_DROPBEAR_DISABLE_WEAK_HMAC),y)
+DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_DISABLE_WEAK_HMAC_ALGORITHMS
+endif
+
 ifeq ($(BR2_PACKAGE_DROPBEAR_SMALL),y)
 DROPBEAR_CONF_OPTS += --disable-zlib --enable-bundled-libtom
 else
-- 
2.16.4

[Buildroot] [PATCH 4/5] dropbear: add option to disable CBC mode ciphers

[Baruch Siach]

Hi Thomas,

On Wed, Jul 04, 2018 at 09:07:38AM +0200, Thomas De Schampheleire wrote:
> CBC mode ciphers are considered insecure. Add an option to disable it.

We have a patch from Stefan S?rensen to disable all weak algorithms by 
default:

  http://patchwork.ozlabs.org/patch/938595/

I prefer Stefan's patch over this and the next patch.

Stefan's patch doesn't deal with the MD5 HMAC as the next patch does. But I 
find it highly unlikely that upstream would enable MD5 by default ever again. 
Upstream commit 34ee32607598 adds this code in sysoptions.h:

/* might be needed for compatibility with very old implementations */
#ifndef DROPBEAR_MD5_HMAC
#define DROPBEAR_MD5_HMAC 0
#endif

default_options.h doesn't mention MD5 at all.

baruch

> Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
> ---
>  package/dropbear/Config.in   | 7 +++++++
>  package/dropbear/dropbear.mk | 8 ++++++++
>  2 files changed, 15 insertions(+)
> 
> diff --git a/package/dropbear/Config.in b/package/dropbear/Config.in
> index 5d6b83b6d1..d92420ac81 100644
> --- a/package/dropbear/Config.in
> +++ b/package/dropbear/Config.in
> @@ -35,6 +35,13 @@ config BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS
>  	  on systems without working DNS, as connections otherwise
>  	  stall until DNS times out.
>  
> +config BR2_PACKAGE_DROPBEAR_DISABLE_CBC
> +	bool "disable CBC mode ciphers"
> +	help
> +	  Cipher Block Chaining (CBC) may allow an attacker to recover
> +	  plaintext messages from the ciphertext. For higher security, it is
> +	  recommended to disable it (and thus enable this option).
> +
>  config BR2_PACKAGE_DROPBEAR_SMALL
>  	bool "optimize for size"
>  	default y
> diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
> index bb902bc7ce..dc233aab53 100644
> --- a/package/dropbear/dropbear.mk
> +++ b/package/dropbear/dropbear.mk
> @@ -71,6 +71,10 @@ define DROPBEAR_DISABLE_STANDALONE
>  	echo '#define NON_INETD_MODE 0'                 >> $(@D)/localoptions.h
>  endef
>  
> +define DROPBEAR_DISABLE_CBC_CIPHERS
> +	echo '#define DROPBEAR_ENABLE_CBC_MODE 0'       >> $(@D)/localoptions.h
> +endef
> +
>  define DROPBEAR_INSTALL_INIT_SYSTEMD
>  	$(INSTALL) -D -m 644 package/dropbear/dropbear.service \
>  		$(TARGET_DIR)/usr/lib/systemd/system/dropbear.service
> @@ -92,6 +96,10 @@ ifeq ($(BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS),)
>  DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_ENABLE_REVERSE_DNS
>  endif
>  
> +ifeq ($(BR2_PACKAGE_DROPBEAR_DISABLE_CBC),y)
> +DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_DISABLE_CBC_CIPHERS
> +endif
> +
>  ifeq ($(BR2_PACKAGE_DROPBEAR_SMALL),y)
>  DROPBEAR_CONF_OPTS += --disable-zlib --enable-bundled-libtom
>  else
> -- 
> 2.16.4
> 

-- 
     http://baruch.siach.name/blog/                  ~. .~   Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
   - baruch at tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -

[Buildroot] [PATCH 4/5] dropbear: add option to disable CBC mode ciphers

[Thomas De Schampheleire]

Hi Baruch,

On Wed, Jul 04, 2018 at 10:30:58AM +0300, Baruch Siach wrote:
> Hi Thomas,
> 
> On Wed, Jul 04, 2018 at 09:07:38AM +0200, Thomas De Schampheleire wrote:
> > CBC mode ciphers are considered insecure. Add an option to disable it.
> 
> We have a patch from Stefan S?rensen to disable all weak algorithms by 
> default:
> 
>   http://patchwork.ozlabs.org/patch/938595/
> 
> I prefer Stefan's patch over this and the next patch.
> 
> Stefan's patch doesn't deal with the MD5 HMAC as the next patch does. But I 
> find it highly unlikely that upstream would enable MD5 by default ever again. 
> Upstream commit 34ee32607598 adds this code in sysoptions.h:
> 
> /* might be needed for compatibility with very old implementations */
> #ifndef DROPBEAR_MD5_HMAC
> #define DROPBEAR_MD5_HMAC 0
> #endif
> 
> default_options.h doesn't mention MD5 at all.


Thanks for this info. I'm perfectly fine with Stefan's patch instead of these
two.

/Thomas

[Buildroot] [PATCH 2/5] pigz: new package

[Thomas Petazzoni]

Hello,

On Wed,  4 Jul 2018 09:07:36 +0200, Thomas De Schampheleire wrote:
> From: Alfredo Alvarez Fernandez <alfredo.alvarez_fernandez@nokia.com>
> 
> A parallel implementation of gzip for modern
> multi-processor, multi-core machines.
> 
> Signed-off-by: Alfredo Alvarez Fernandez <alfredo.alvarez_fernandez@nokia.com>
> Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
> ---
>  package/Config.in      |  1 +
>  package/pigz/Config.in | 14 ++++++++++++++
>  package/pigz/pigz.hash |  2 ++
>  package/pigz/pigz.mk   | 21 +++++++++++++++++++++

Missing entry to the DEVELOPERS file.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 4/5] dropbear: add option to disable CBC mode ciphers

[Thomas Petazzoni]

Hello,

On Wed,  4 Jul 2018 09:07:38 +0200, Thomas De Schampheleire wrote:
> CBC mode ciphers are considered insecure. Add an option to disable it.
> 
> Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>

Following the discussion with Baruch, I have marked this patch and
PATCH 5/5 as Rejected in patchwork.

Thanks,

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 1/5] linux: automatically set CONFIG_PERF_EVENTS when perf is enabled

[Thomas Petazzoni]

Hello,

On Wed,  4 Jul 2018 09:07:35 +0200, Thomas De Schampheleire wrote:
> From: Jan Heylen <jan.heylen@nokia.com>
> 
> Perf profiling cannot be used if CONFIG_PERF_EVENTS is not enabled in the
> kernel configuration. Similar to other tools, like ktap, we can enable the
> right options automatically.
> 
> Signed-off-by: Jan Heylen <jan.heylen@nokia.com>
> Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
> ---
>  linux/linux.mk                | 2 ++
>  package/linux-tools/Config.in | 8 +++++---
>  2 files changed, 7 insertions(+), 3 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 3/5] host zstd: additionally build binary and make selectable

[Thomas Petazzoni]

Hello,

On Wed,  4 Jul 2018 09:07:37 +0200, Thomas De Schampheleire wrote:
> The zstd (de)compression tool may be used in post-image scripts to compress
> certain elements of the final image.
> 
> In order to allow that, make host-zstd selectable in the 'Host utilities'
> menu, and build the binary in addition to the library.
> 
> Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
> ---
>  package/Config.in.host      | 1 +
>  package/zstd/Config.in.host | 8 ++++++++
>  package/zstd/zstd.mk        | 4 ++++
>  3 files changed, 13 insertions(+)
>  create mode 100644 package/zstd/Config.in.host

I've tweaked a bit the commit title and applied.

Note that it could have been two separate commits, as the "and" in the
commit title suggests :-)

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 2/5] pigz: new package

[Thomas Petazzoni]

Hello,

On Wed,  4 Jul 2018 09:07:36 +0200, Thomas De Schampheleire wrote:
> From: Alfredo Alvarez Fernandez <alfredo.alvarez_fernandez@nokia.com>
> 
> A parallel implementation of gzip for modern
> multi-processor, multi-core machines.
> 
> Signed-off-by: Alfredo Alvarez Fernandez <alfredo.alvarez_fernandez@nokia.com>
> Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
> ---
>  package/Config.in      |  1 +
>  package/pigz/Config.in | 14 ++++++++++++++
>  package/pigz/pigz.hash |  2 ++
>  package/pigz/pigz.mk   | 21 +++++++++++++++++++++
>  4 files changed, 38 insertions(+)
>  create mode 100644 package/pigz/Config.in
>  create mode 100644 package/pigz/pigz.hash
>  create mode 100644 package/pigz/pigz.mk

I've applied, with the following changes:

    [Thomas: add entry to DEVELOPERS file, add hash for license file.]

Thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 2/5] pigz: new package

[Thomas De Schampheleire]

2018-07-04 22:30 GMT+02:00 Thomas Petazzoni <thomas.petazzoni@bootlin.com>:
> Hello,
>
> On Wed,  4 Jul 2018 09:07:36 +0200, Thomas De Schampheleire wrote:
>> From: Alfredo Alvarez Fernandez <alfredo.alvarez_fernandez@nokia.com>
>>
>> A parallel implementation of gzip for modern
>> multi-processor, multi-core machines.
>>
>> Signed-off-by: Alfredo Alvarez Fernandez <alfredo.alvarez_fernandez@nokia.com>
>> Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
>> ---
>>  package/Config.in      |  1 +
>>  package/pigz/Config.in | 14 ++++++++++++++
>>  package/pigz/pigz.hash |  2 ++
>>  package/pigz/pigz.mk   | 21 +++++++++++++++++++++
>>  4 files changed, 38 insertions(+)
>>  create mode 100644 package/pigz/Config.in
>>  create mode 100644 package/pigz/pigz.hash
>>  create mode 100644 package/pigz/pigz.mk
>
> I've applied, with the following changes:
>
>     [Thomas: add entry to DEVELOPERS file, add hash for license file.]
>

Oops, I hadn't seen that you already applied these changes and I just sent a v2.

As I added one new change related to a more stable download URL for
pigz, I'll rebase and send v3.
Please ignore the v2, sorry for the noise.

/Thomas