Philipp Deppenwiese (zaolin.daisuki@googlemail.com) just uploaded a new patch set to gerrit, which you can find at https://review.coreboot.org/15170
-gerrit
commit d81bf32775236f82ababcbd29a5a1988c970cffc Author: Philipp Deppenwiese zaolin@das-labor.org Date: Mon Jun 13 17:01:07 2016 -0700
util/crossgcc: Toolchain verified sources
Currently there is no toolchain verification in coreboot. This patchset extends the existing buildgcc script in the following way:
Before download or unpack operations the checksum of all used packages are checked against the trustworthy checksums in util/crossgcc/sum.
With the option -g checksum can be automatically generated for updated packages as long they support gpg. Only the maintainers can commit checksum changes to the coreboot repository. Some libraries don't offer this possiblity and on update maintainers need to check the sources by themself adding checksums manually!
The checksum algorithm changed from sha1 to sha384. If you ask yourself why we don't use sha256 or sha512 for the checksum verification. You should take a look at following wiki article. https://en.wikipedia.org/wiki/Length_extension_attack
Also the url changed from http to https for security reasons where it was possible to do that.
Change-Id: Id45097fc7e8435fadce4bda75769592af2730b0c Signed-off-by: Philipp Deppenwiese zaolin@das-labor.org --- util/crossgcc/buildgcc | 215 +++++++++++++++++---- util/crossgcc/gpg.keyring | Bin 0 -> 222182 bytes util/crossgcc/sum/Python-3.5.1.tar.xz.cksum | 2 +- .../sum/acpica-unix2-20160831.tar.gz.cksum | 2 +- util/crossgcc/sum/binutils-2.26.1.tar.bz2.cksum | 2 +- util/crossgcc/sum/cfe-3.8.0.src.tar.xz.cksum | 2 +- .../sum/clang-tools-extra-3.8.0.src.tar.xz.cksum | 2 +- .../sum/compiler-rt-3.8.0.src.tar.xz.cksum | 2 +- util/crossgcc/sum/expat-2.1.1.tar.bz2.cksum | 2 +- util/crossgcc/sum/gcc-5.3.0.tar.bz2.cksum | 2 +- util/crossgcc/sum/gdb-7.11.tar.xz.cksum | 2 +- util/crossgcc/sum/gmp-6.1.0.tar.xz.cksum | 2 +- util/crossgcc/sum/libelf-0.8.13.tar.gz.cksum | 2 +- util/crossgcc/sum/llvm-3.8.0.src.tar.xz.cksum | 2 +- util/crossgcc/sum/make-4.2.1.tar.bz2.cksum | 2 +- util/crossgcc/sum/mpc-1.0.3.tar.gz.cksum | 2 +- util/crossgcc/sum/mpfr-3.1.4.tar.xz.cksum | 2 +- util/lint/lint-stable-003-whitespace | 2 +- 18 files changed, 190 insertions(+), 57 deletions(-)
diff --git a/util/crossgcc/buildgcc b/util/crossgcc/buildgcc index 4883754..a571483 100755 --- a/util/crossgcc/buildgcc +++ b/util/crossgcc/buildgcc @@ -5,6 +5,7 @@ # Stefan Reinauer stefan.reinauer@coresystems.de # # Copyright (C) 2011 by Sage Electronic Engineering +# Copyright (C) 2016 by Philipp Deppenwiese # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -18,9 +19,9 @@
cd $(dirname $0)
-CROSSGCC_DATE="August 31st, 2016" -CROSSGCC_VERSION="1.43" -CROSSGCC_COMMIT=$( git describe ) +CROSSGCC_DATE="November 07th, 2016" +CROSSGCC_VERSION="1.44" +CROSSGCC_COMMIT=$(git describe)
# default settings PACKAGE=GCC @@ -32,6 +33,7 @@ DESTDIR= SAVETEMPS=0 SKIPPYTHON=1 BOOTSTRAP=0 +GENERATE_CHECKSUMS=0
# GCC toolchain version numbers GMP_VERSION=6.1.0 @@ -49,6 +51,8 @@ EXPAT_VERSION=2.1.1 CLANG_VERSION=3.8.0 MAKE_VERSION=4.2.1
+GPG_KEYRING=$(pwd)/gpg.keyring + # GCC toolchain archive locations # These are sanitized by the jenkins toolchain test builder, so if # a completely new URL is added here, it probably needs to be added @@ -99,6 +103,8 @@ red='\033[0;31m' RED='\033[1;31m' green='\033[0;32m' GREEN='\033[1;32m' +yellow='\033[0;33m' +YELLOW='\033[1;33m' blue='\033[0;34m' BLUE='\033[1;34m' cyan='\033[0;36m' @@ -260,49 +266,158 @@ check_cc() { fi }
-check_sum() { - test -z "$CHECKSUM" || \ - test "$(cat sum/$1.cksum 2>/dev/null | sed -e 's@.*([0-9a-f]{40,}).*@\1@')" = \ - "$($CHECKSUM tarballs/$1 2>/dev/null | sed -e 's@.*([0-9a-f]{40,}).*@\1@')" +verify_signature() { + SIGNATURE_FILE="$1" + SOURCE_FILE="$2" + + if [ ! -f "${GPG_KEYRING}" ]; then + printf "\n * ${RED}The gpg keyring can't be found.${NC}\n" + return 1 + fi + + if [ ! -f "tarballs/${SIGNATURE_FILE}" ]; then + printf "\n * ${RED}No signature file found for package: ${SOURCE_FILE} !! PLEASE CHECK MANUALLY WHAT YOU DOWNLOADED, ABORTING CHECKSUM CREATION.${NC}\n" + return 1 + fi + + if [ ! -f "tarballs/${SOURCE_FILE}" ]; then + printf "\n * ${RED}Source file couldn't be downloaded.${NC}\n" + return 1 + fi + + GPG_OUTPUT=$(${GPG} --no-default-keyring --keyring ${GPG_KEYRING} --status-fd 1 --verify "tarballs/${SIGNATURE_FILE}" "tarballs/${SOURCE_FILE}" 2>&1) + if [ "${?}" = "0" ] ; then + printf "\n * ${GREEN}Signature is good and verified!${NC}" + return 0 + fi + + printf "\n * ${RED}Failed to verify signature of package.${NC}\n" + printf "\n * ${RED}Error: ${GPG_OUTPUT} ${NC}\n" + return 1 }
-compute_sum() { - test ! -f sum/$1.cksum && test -f tarballs/$1 && \ - (test -z "$CHECKSUM" || $CHECKSUM tarballs/$1 > sum/$1.cksum ) && \ - printf "(checksum created. ${RED}Note. Please upload sum/$1.cksum if the corresponding archive is upgraded.)${NC}" +calculate_checksum() { + SOURCE_FILE=$1 + + test ! -f sum/"$SOURCE_FILE".cksum && test -f tarballs/"$SOURCE_FILE" && \ + (test -z "$CHECKSUM" || "$CHECKSUM" tarballs/"$SOURCE_FILE" > sum/"$SOURCE_FILE".cksum ) && \ + printf "\n * Checksum created. ${CYAN}Note. Please upload sum/"$SOURCE_FILE".cksum if the corresponding archive is upgraded.${NC}" +} + +verify_checksum() { + STATIC_HASH=$(${AWK} '{ print $1 }' <sum/$1.cksum) + FILE_HASH=$(${OPENSSL} sha384 -in tarballs/$1 | awk '{ print $2 }') + + if [ "${STATIC_HASH}" != "${FILE_HASH}" ]; then + printf "\n${RED}Failed to verify checksum of package ${1}.${NC}\n" + exit 1 + fi + + printf "\n * ${GREEN}Checksum 0x${FILE_HASH} verified.${NC}\n" +} + +validate_url() { + CHECK_URL=$(wget -S --spider $1 2>&1 | grep 'HTTP/1.1 200 OK') + if [ "${?}" = "0" ] ; then + return 1 + else + return 0 + fi }
download_showing_percentage() { - url=$1 - printf " ..${red} 0%%" - wget --no-check-certificate $url 2>&1 | while read line; do - echo $line | grep -o "[0-9]+%" | awk '{printf("\b\b\b\b%4s", $1)}' - done - printf "${NC}" + NO_WARNING="$2" + URL=$1 + printf " ..${YELLOW} 0%%${NC}" + + if ! validate_url ${URL}; then + wget ${URL} 2>&1 | while read line; do + printf "${YELLOW}" + echo $line | grep -o "[0-9]+%" | awk '{printf("\b\b\b\b%4s", $1)}' + printf "${NC}" + done + if [ ${?} != "0" ]; then + printf "\n${YELLOW} * ${URL} is not valid.${NC}" + return 1 + fi + elif [ "$NO_WARNING" = "0" ]; then + printf "\n${YELLOW} * ${URL} is not valid.${NC}" + return 1 + fi + + return 0 }
download() { package=$1 archive="$(eval echo $$package"_ARCHIVE")"
- FILE=$(basename $archive) - printf " * $FILE " + SOURCE_FILE=$(basename ${archive})
- if test -f tarballs/$FILE && check_sum $FILE ; then + if test -f tarballs/${SOURCE_FILE} ; then printf "(cached)" else + rm -f tarballs/${SOURCE_FILE}* + cd tarballs || exit 1 + + printf " * ${SOURCE_FILE} " printf "(downloading from $archive)" - rm -f tarballs/$FILE - cd tarballs - download_showing_percentage $archive + download_showing_percentage ${archive} 0 + cd .. - compute_sum $FILE fi
- if [ ! -f tarballs/$FILE ]; then - printf "\n${RED}Failed to download $FILE.${NC}\n" + if [ ! -f tarballs/${SOURCE_FILE} ]; then + printf "\n${RED} * Failed to download ${SOURCE_FILE}.${NC}\n" exit 1 fi + + printf "\n" +} + +generate_checksums() { + package=$1 + archive="$(eval echo $$package"_ARCHIVE")" + SOURCE_FILE=$(basename ${archive}) + SIGNATURE_FILE="dummy" + + rm -f tarballs/${SOURCE_FILE}* + rm -f sum/${SOURCE_FILE}.cksum* + cd tarballs || exit 1 + + printf " * ${SOURCE_FILE} " + printf "(downloading from ${archive})" + download_showing_percentage ${archive} 0 + + printf "\n * ${SOURCE_FILE} " + printf "(downloading signature file ${archive}.sig)" + + download_showing_percentage "${archive}.sig" 0 + if [ "${?}" = "0" ] ; then + SIGNATURE_FILE=$(basename ${archive}.sig) + fi + + printf "\n * ${SOURCE_FILE} " + printf "(downloading signature file ${archive}.asc)" + + download_showing_percentage "${archive}.asc" 0 + if [ "${?}" = "0" ] ; then + SIGNATURE_FILE=$(basename ${archive}.asc) + fi + + cd .. + + verify_signature ${SIGNATURE_FILE} ${SOURCE_FILE} + if [ "${?}" = "0" ] ; then + calculate_checksum ${SOURCE_FILE} + verify_checksum ${SOURCE_FILE} ${archive} + fi + + if [ ! -f tarballs/${SOURCE_FILE} ]; then + printf "\n${RED}Failed to download ${SOURCE_FILE}.${NC}\n" + exit 1 + fi + printf "\n" }
@@ -310,6 +425,10 @@ unpack_and_patch() { package=$1 archive="$(eval echo $$package"_ARCHIVE")" dir="$(eval echo $$package"_DIR")" + FILE="$(basename $archive)" + + verify_checksum ${FILE} ${archive} + test -d ${dir} && test -f ${dir}/.unpack_success || ( printf " * $(basename $archive)\n" FLAGS=zxf @@ -430,7 +549,7 @@ cleanup()
myhelp() { - printf "Usage: $0 [-V] [-c] [-p <platform>] [-d <target directory>] [-D <dest dir>] [-C] [-G] [-S]\n" + printf "Usage: $0 [-V] [-c] [-p <platform>] [-d <target directory>] [-D <dest dir>] [-C] [-G] [-S] [-g]\n" printf " $0 [-V|--version]\n" printf " $0 [-h|--help]\n\n"
@@ -460,7 +579,9 @@ myhelp() printf "GDB specific options:\n" printf " [-p|--platform <platform>] target platform to build cross compiler for\n" printf " (defaults to $TARGETARCH)\n" - printf " [-S|--scripting] build scripting support for GDB\n\n" + printf " [-S|--scripting] build scripting support for GDB\n" + printf " [-g|--generate-checksums] re-generates the checksum for all packages and\n" + printf " verifies them with the help of gpg signatures\n\n" printf "Platforms for GCC & GDB:\n" printf " x86_64 i386-elf i386-mingw32 mipsel-elf riscv-elf arm aarch64\n" printf " powerpc64le-linux-gnu nds32le-elf\n\n" @@ -477,6 +598,7 @@ myversion() cat << EOF Copyright (C) 2008-2010 by coresystems GmbH Copyright (C) 2011 by Sage Electronic Engineering +Copyright (C) 2016 by Philipp Deppenwiese
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -745,12 +867,12 @@ getopt - > /dev/null 2>/dev/null || gcc -o getopt getopt.c getoptbrand="$(getopt -V | sed -e '1!d' -e 's,^(......).*,\1,')" if [ "${getoptbrand}" = "getopt" ]; then # Detected GNU getopt that supports long options. - args=$(getopt -l version,help,clean,directory:,bootstrap,platform:,languages:,package:,jobs:,destdir:,savetemps,scripting,ccache,supported:,urls,nocolor -o Vhcd:bp:l:P:j:D:tSys:un -- "$@") + args=$(getopt -l version,help,clean,directory:,bootstrap,platform:,languages:,package:,jobs:,destdir:,savetemps,scripting,ccache,supported:,generate_checksums,urls,nocolor -o Vhcd:bp:l:P:j:D:tSys:gun -- "$@") getopt_ret=$? eval set -- "$args" else # Detected non-GNU getopt - args=$(getopt Vhcd:bp:l:P:j:D:tSys:un $*) + args=$(getopt Vhcd:bp:l:P:j:D:tSys:gun $*) getopt_ret=$? set -- $args fi @@ -778,7 +900,8 @@ while true ; do -s|--supported) shift; PRINTSTABLE="$1"; shift;; -u|--urls) shift; printf "%s\n" "$ALL_ARCHIVES"; exit 0;; -n|--nocolor) shift; \ - unset red RED green GREEN blue BLUE cyan CYAN NC;; + unset red RED green GREEN blue BLUE cyan CYAN yellow YELLOW NC;; + -g|--generate-checksums) shift; GENERATE_CHECKSUMS=1;; --) shift; break;; *) break;; esac @@ -850,15 +973,16 @@ esac
# Find all the required tools:
-TAR=$(searchtool tar) || exit $? -PATCH=$(searchtool patch) || exit $? -MAKE=$(searchtool make) || exit $? -SHA1SUM=$(searchtool sha1sum) -#SHA512SUM=$(searchtool sha512sum) -#MD5SUM=$(searchtool md5sum) -CHECKSUM=$SHA1SUM -LBZIP2=$(searchtool lbzip2 "" nofail) -PIGZ=$(searchtool pigz "" nofail) +TAR=$(searchtool tar "tar" nofail) +PATCH=$(searchtool patch "patch" nofail) +MAKE=$(searchtool make "make" nofail) +SHA384SUM=$(searchtool sha384sum "sha384sum" nofail) +CHECKSUM=$SHA384SUM +LBZIP2=$(searchtool lbzip2 "bzip2" nofail) +PIGZ=$(searchtool pigz "pigz" nofail) +GPG=$(searchtool gpg "GnuPG" nofail) +OPENSSL=$(searchtool openssl "OpenSSL" nofail) +AWK=$(searchtool awk "awk" nofail)
searchtool m4 > /dev/null searchtool bison > /dev/null @@ -940,6 +1064,15 @@ if [ "$USECCACHE" = 1 ]; then CC="ccache $CC" fi
+if [ "$GENERATE_CHECKSUMS" = 1 ]; then + mkdir -p tarballs + for P in $PACKAGES; do + generate_checksums $P + done + + exit 0 +fi + # Prepare target directory for building GCC # (dependencies must be in the PATH) mkdir -p $DESTDIR$TARGETDIR/bin @@ -971,7 +1104,7 @@ printf "Packages built ... ${green}ok${NC}\n" # for reproducibility PROGNAME=$(basename "$0") rm -f "$DESTDIR$TARGETDIR/share/$PROGNAME-*" -cp "$PROGNAME" "$DESTDIR$TARGETDIR/share/$PROGNAME-$CROSSGCC_VERSION-$CROSGCC_COMMIT" +cp "$PROGNAME" "$DESTDIR$TARGETDIR/share/$PROGNAME-$CROSSGCC_VERSION-$CROSSGCC_COMMIT"
cleanup
diff --git a/util/crossgcc/gpg.keyring b/util/crossgcc/gpg.keyring new file mode 100644 index 0000000..8cbce7e Binary files /dev/null and b/util/crossgcc/gpg.keyring differ diff --git a/util/crossgcc/sum/Python-3.5.1.tar.xz.cksum b/util/crossgcc/sum/Python-3.5.1.tar.xz.cksum index 58affb0..5093e22 100644 --- a/util/crossgcc/sum/Python-3.5.1.tar.xz.cksum +++ b/util/crossgcc/sum/Python-3.5.1.tar.xz.cksum @@ -1 +1 @@ -0186da436db76776196612b98bb9c2f76acfe90e tarballs/Python-3.5.1.tar.xz +9aca49d2cde4760035f4fff23e8a446f6451e8effb6e6fab3f259645a631593acb2ce3412aadf810f103f3f6b561abe7 tarballs/Python-3.5.1.tar.xz diff --git a/util/crossgcc/sum/acpica-unix2-20160831.tar.gz.cksum b/util/crossgcc/sum/acpica-unix2-20160831.tar.gz.cksum index d7e538b..077d55e 100644 --- a/util/crossgcc/sum/acpica-unix2-20160831.tar.gz.cksum +++ b/util/crossgcc/sum/acpica-unix2-20160831.tar.gz.cksum @@ -1 +1 @@ -7e7449f15a195fefd72b65b1671df18e4dccf665 tarballs/acpica-unix2-20160831.tar.gz +171f914bbfc71a69011494cd3484bc87e5ce6b28558699585c8719c250094140357793ead18d2432573a61a1ea5afc6c tarballs/acpica-unix2-20160831.tar.gz diff --git a/util/crossgcc/sum/binutils-2.26.1.tar.bz2.cksum b/util/crossgcc/sum/binutils-2.26.1.tar.bz2.cksum index 4bd0bce..85535bb 100644 --- a/util/crossgcc/sum/binutils-2.26.1.tar.bz2.cksum +++ b/util/crossgcc/sum/binutils-2.26.1.tar.bz2.cksum @@ -1 +1 @@ -624cd377e3a8eef3db83a56ce289a60f556b3ec2 tarballs/binutils-2.26.1.tar.bz2 +30cc8be8c230d69b966b80268223b823b3d301c83472317a4b6ff3aa9dd528a31cb1af33640097854e0e34743b1339b7 tarballs/binutils-2.26.1.tar.bz2 diff --git a/util/crossgcc/sum/cfe-3.8.0.src.tar.xz.cksum b/util/crossgcc/sum/cfe-3.8.0.src.tar.xz.cksum index 7ba8c8c..b278aac 100644 --- a/util/crossgcc/sum/cfe-3.8.0.src.tar.xz.cksum +++ b/util/crossgcc/sum/cfe-3.8.0.src.tar.xz.cksum @@ -1 +1 @@ -2230ef962f2df3c13ec93f5b04b0e3cdff94b2ce tarballs/cfe-3.8.0.src.tar.xz +3edbe3cafc58ad6fc3d3a133156a656ea7756e8a36176b29bba63434d6f073cef63241cc6df8337fcab3832dd5b5c485 tarballs/cfe-3.8.0.src.tar.xz diff --git a/util/crossgcc/sum/clang-tools-extra-3.8.0.src.tar.xz.cksum b/util/crossgcc/sum/clang-tools-extra-3.8.0.src.tar.xz.cksum index e9d8d72..dd5c566 100644 --- a/util/crossgcc/sum/clang-tools-extra-3.8.0.src.tar.xz.cksum +++ b/util/crossgcc/sum/clang-tools-extra-3.8.0.src.tar.xz.cksum @@ -1 +1 @@ -a99d8b6fc5e593c4671424b327779318a1856acf tarballs/clang-tools-extra-3.8.0.src.tar.xz +abd447239f09295f8592225bb7e07ba57cedc3d19a4972b45cd7d70a2db82106d1874a5be03656f8209a0e8a1308fb31 tarballs/clang-tools-extra-3.8.0.src.tar.xz diff --git a/util/crossgcc/sum/compiler-rt-3.8.0.src.tar.xz.cksum b/util/crossgcc/sum/compiler-rt-3.8.0.src.tar.xz.cksum index 081705d..9239365 100644 --- a/util/crossgcc/sum/compiler-rt-3.8.0.src.tar.xz.cksum +++ b/util/crossgcc/sum/compiler-rt-3.8.0.src.tar.xz.cksum @@ -1 +1 @@ -480ea09e369dac6de1f3759b27fa19417b26b69e tarballs/compiler-rt-3.8.0.src.tar.xz +4560d512f3c3a0dbcc5c29ab7754b07d91ffa1ddc1c06a5215f3d325bc3f138ebf483e2a37abb10fc36cd125e6bf559e tarballs/compiler-rt-3.8.0.src.tar.xz diff --git a/util/crossgcc/sum/expat-2.1.1.tar.bz2.cksum b/util/crossgcc/sum/expat-2.1.1.tar.bz2.cksum index 882e501..11800c1 100644 --- a/util/crossgcc/sum/expat-2.1.1.tar.bz2.cksum +++ b/util/crossgcc/sum/expat-2.1.1.tar.bz2.cksum @@ -1 +1 @@ -ff91419882ac52151050dad0ee8190645fbeee08 tarballs/expat-2.1.1.tar.bz2 +816e8ca9ac57b6aac76e9979d11714313246492a49c228bb0a16d349174be45cd780d760524eb45acf12ff371e8b96a3 tarballs/expat-2.1.1.tar.bz2 diff --git a/util/crossgcc/sum/gcc-5.3.0.tar.bz2.cksum b/util/crossgcc/sum/gcc-5.3.0.tar.bz2.cksum index bb05e39..2b81f5e 100644 --- a/util/crossgcc/sum/gcc-5.3.0.tar.bz2.cksum +++ b/util/crossgcc/sum/gcc-5.3.0.tar.bz2.cksum @@ -1 +1 @@ -0612270b103941da08376df4d0ef4e5662a2e9eb tarballs/gcc-5.3.0.tar.bz2 +4184972f66dc929686c30936cf8f5085829d8584118ebc3e2ec53a40754afbefc351cfd2c211c09dd3b6eb4ab4759820 tarballs/gcc-5.3.0.tar.bz2 diff --git a/util/crossgcc/sum/gdb-7.11.tar.xz.cksum b/util/crossgcc/sum/gdb-7.11.tar.xz.cksum index ffe5a1c..9cc5d91 100644 --- a/util/crossgcc/sum/gdb-7.11.tar.xz.cksum +++ b/util/crossgcc/sum/gdb-7.11.tar.xz.cksum @@ -1 +1 @@ -466208d771d97d3dfcf965d5c835a669cff8d847 tarballs/gdb-7.11.tar.xz +82f89ef35ea1916d5faa67b7fefa2ac3627894d245c43fb4e20828274566cbbb5d7f83899baad77a3cf7fe9fec6f8c7b tarballs/gdb-7.11.tar.xz diff --git a/util/crossgcc/sum/gmp-6.1.0.tar.xz.cksum b/util/crossgcc/sum/gmp-6.1.0.tar.xz.cksum index 348b80f..7e00489 100644 --- a/util/crossgcc/sum/gmp-6.1.0.tar.xz.cksum +++ b/util/crossgcc/sum/gmp-6.1.0.tar.xz.cksum @@ -1 +1 @@ -99d691607613e749aa5d7c0c2a89aeab38fec070 tarballs/gmp-6.1.0.tar.xz +ec69b394cbcf887ab0717473b04bb70ce30102abf24869eca5acb781de405d3a5670fabb776ba68cfe6e117631522d9f tarballs/gmp-6.1.0.tar.xz diff --git a/util/crossgcc/sum/libelf-0.8.13.tar.gz.cksum b/util/crossgcc/sum/libelf-0.8.13.tar.gz.cksum index daa27c6..0d3f568 100644 --- a/util/crossgcc/sum/libelf-0.8.13.tar.gz.cksum +++ b/util/crossgcc/sum/libelf-0.8.13.tar.gz.cksum @@ -1 +1 @@ -c1d6ac5f182d19dd685c4dfd74eedbfe3992425d tarballs/libelf-0.8.13.tar.gz +07fc0b1a40ba3d2b003899df199d1043bb5d44cf7d913e6460c985582e5275b634edb6af6779255d770010fd7d09580e tarballs/libelf-0.8.13.tar.gz diff --git a/util/crossgcc/sum/llvm-3.8.0.src.tar.xz.cksum b/util/crossgcc/sum/llvm-3.8.0.src.tar.xz.cksum index 2f0af53..547ad8f 100644 --- a/util/crossgcc/sum/llvm-3.8.0.src.tar.xz.cksum +++ b/util/crossgcc/sum/llvm-3.8.0.src.tar.xz.cksum @@ -1 +1 @@ -723ac918979255706434a05f5af34b71c49c9971 tarballs/llvm-3.8.0.src.tar.xz +5d5a012e4d494a4534fcec7643ad28bab7467b96029b6d497e1d523357ae7c9e8bd86400dc90e261d791d6391a369b30 tarballs/llvm-3.8.0.src.tar.xz diff --git a/util/crossgcc/sum/make-4.2.1.tar.bz2.cksum b/util/crossgcc/sum/make-4.2.1.tar.bz2.cksum index 34af72c..00e3b39 100644 --- a/util/crossgcc/sum/make-4.2.1.tar.bz2.cksum +++ b/util/crossgcc/sum/make-4.2.1.tar.bz2.cksum @@ -1 +1 @@ -7d9d11eb36cfb752da1fb11bb3e521d2a3cc8830 tarballs/make-4.2.1.tar.bz2 +07fed67f907c8139cd27d606069ce20f219ccf1d047d2ebb2a2b3242d4332957a64b7ff8c3b5db4b28dcbbfdb2ad1e01 tarballs/make-4.2.1.tar.bz2 diff --git a/util/crossgcc/sum/mpc-1.0.3.tar.gz.cksum b/util/crossgcc/sum/mpc-1.0.3.tar.gz.cksum index c7ca1ac..70ee62f 100644 --- a/util/crossgcc/sum/mpc-1.0.3.tar.gz.cksum +++ b/util/crossgcc/sum/mpc-1.0.3.tar.gz.cksum @@ -1 +1 @@ -b8be66396c726fdc36ebb0f692ed8a8cca3bcc66 tarballs/mpc-1.0.3.tar.gz +dceeb2566d6145fa771641d22de3bef866fa601fe1fa964bc680a275919080bd12bc1abab4f68cecdbaef71d295b7397 tarballs/mpc-1.0.3.tar.gz diff --git a/util/crossgcc/sum/mpfr-3.1.4.tar.xz.cksum b/util/crossgcc/sum/mpfr-3.1.4.tar.xz.cksum index 90f90eb..54cd485 100644 --- a/util/crossgcc/sum/mpfr-3.1.4.tar.xz.cksum +++ b/util/crossgcc/sum/mpfr-3.1.4.tar.xz.cksum @@ -1 +1 @@ -cedc0055d55b6ee4cd17e1e6119ed412520ff81a tarballs/mpfr-3.1.4.tar.xz +30a2807378f578544538810b24bb65d44268015e5d2390d8ae6383fe3939b3bba1e85279789400a226b365010de4bbcd tarballs/mpfr-3.1.4.tar.xz diff --git a/util/lint/lint-stable-003-whitespace b/util/lint/lint-stable-003-whitespace index 3dbd473..144cda1 100755 --- a/util/lint/lint-stable-003-whitespace +++ b/util/lint/lint-stable-003-whitespace @@ -15,5 +15,5 @@ # DESCR: Check for superfluous whitespace in the tree
LC_ALL=C export LC_ALL -grep -l "[[:space:]][[:space:]]*$" `git ls-files src util |egrep -v "(^3rdparty|^src/vendorcode/|^util/kconfig/|^util/nvidia/cbootimage$|<COPYING>|<LICENSE>|<README>|_shipped$|.patch$|.bin$|.hex$|.jpg$)"` | \ +grep -l "[[:space:]][[:space:]]*$" `git ls-files src util |egrep -v "(^3rdparty|^src/vendorcode/|^util/kconfig/|^util/nvidia/cbootimage$|<COPYING>|<LICENSE>|<README>|_shipped$|.keyring$|.patch$|.bin$|.hex$|.jpg$)"` | \ sed -e "s,^.*$,File & has lines ending with whitespace.,"