From: Giulio Benetti <giulio.benetti@benettiengineering.com>
To: buildroot@buildroot.org
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>,
James Hilliard <james.hilliard1@gmail.com>
Subject: [Buildroot] [PATCH v3] packge/swupdate: bump to version 2025.12
Date: Fri, 27 Mar 2026 15:16:59 +0100 [thread overview]
Message-ID: <20260327141659.1109640-1-giulio.benetti@benettiengineering.com> (raw)
In-Reply-To: <CADvTj4qihD1uocWibJpjL1SypAEGea-vCFWfnG7_znv4xhXykA@mail.gmail.com>
* backport locally patch [1] to fix build failure due to missing crypto
backend
* libconfig is required by default[2] so let's select it
* align swupdate.config to the most basic one with openssl crypto
backend enabled by default
* drop HAVE_LIBCRYPTO since it's not used anymore by swupdate even if
present
* add libgpgme support
[1]: https://github.com/sbabic/swupdate/commit/10334fb21796b75f3a1208a3d5a98a307712218b
[2]: https://github.com/sbabic/swupdate/commit/4b9a71476c886be1a6affe21d6a0334b254a04e1
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
---
...no-crypto-configuration-link-failure.patch | 67 +++++++++++++++++++
package/swupdate/Config.in | 6 +-
package/swupdate/swupdate.config | 2 -
package/swupdate/swupdate.hash | 2 +-
package/swupdate/swupdate.mk | 20 +++---
5 files changed, 81 insertions(+), 16 deletions(-)
create mode 100644 package/swupdate/0001-build-fix-no-crypto-configuration-link-failure.patch
diff --git a/package/swupdate/0001-build-fix-no-crypto-configuration-link-failure.patch b/package/swupdate/0001-build-fix-no-crypto-configuration-link-failure.patch
new file mode 100644
index 0000000000..15f33aa3ab
--- /dev/null
+++ b/package/swupdate/0001-build-fix-no-crypto-configuration-link-failure.patch
@@ -0,0 +1,67 @@
+From 4e7c2f6c4b978efae69d777705de84411a01c147 Mon Sep 17 00:00:00 2001
+From: James Hilliard <james.hilliard1@gmail.com>
+Date: Tue, 24 Mar 2026 14:23:58 -0600
+Subject: [PATCH] build: fix no-crypto configuration link failure
+
+When no crypto backend is selected, the crypto directory contributes
+no objects, so this kbuild variant does not generate
+crypto/built-in.o.
+
+The top-level build still linked that file unconditionally, causing
+the final link to fail.
+
+Introduce a hidden SWUPDATE_CRYPTO helper selected by the Kconfig
+options that actually populate crypto/, and only descend into the
+crypto directory when that helper is enabled.
+
+Upstream: https://github.com/sbabic/swupdate/commit/10334fb21796b75f3a1208a3d5a98a307712218b
+Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
+Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
+---
+ Makefile | 3 ++-
+ crypto/Kconfig | 5 +++++
+ 2 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index aa9604aa..759fd191 100644
+--- a/Makefile
++++ b/Makefile
+@@ -369,7 +369,8 @@ include $(srctree)/Makefile.flags
+ # This allow a user to issue only 'make' to build a kernel including modules
+ # Defaults to vmlinux, but the arch makefile usually adds further targets
+
+-objs-y := core handlers crypto bootloader suricatta
++objs-y := core handlers bootloader suricatta
++objs-$(CONFIG_SWUPDATE_CRYPTO) += crypto
+ libs-y := corelib mongoose parser fs containers
+ bindings-y := bindings
+ tools-y := tools
+diff --git a/crypto/Kconfig b/crypto/Kconfig
+index 4b9db821..cc953542 100644
+--- a/crypto/Kconfig
++++ b/crypto/Kconfig
+@@ -23,9 +23,13 @@ menu "Crypto libraries"
+ depends on HAVE_GPGME
+ endmenu
+
++config SWUPDATE_CRYPTO
++ bool
++
+ config HASH_VERIFY
+ bool "Allow to add sha256 hash to each image"
+ depends on SSL_IMPL_OPENSSL || SSL_IMPL_WOLFSSL || SSL_IMPL_MBEDTLS
++ select SWUPDATE_CRYPTO
+ help
+ Allow to add a sha256 hash to an artifact.
+ This is automatically set in case of Signed Image
+@@ -83,6 +87,7 @@ menu "Encryption"
+ config ENCRYPTED_IMAGES
+ bool "Images can be encrypted with a symmetric key"
+ depends on SSL_IMPL_OPENSSL || SSL_IMPL_WOLFSSL || SSL_IMPL_MBEDTLS
++ select SWUPDATE_CRYPTO
+ comment "Image encryption needs an SSL implementation"
+ depends on !SSL_IMPL_OPENSSL && !SSL_IMPL_WOLFSSL && !SSL_IMPL_MBEDTLS
+
+--
+2.47.3
+
diff --git a/package/swupdate/Config.in b/package/swupdate/Config.in
index 3708df0881..112e53a127 100644
--- a/package/swupdate/Config.in
+++ b/package/swupdate/Config.in
@@ -5,6 +5,7 @@ config BR2_PACKAGE_SWUPDATE
depends on BR2_USE_MMU # fork()
depends on BR2_TOOLCHAIN_HAS_SYNC_4 # json-c
select BR2_PACKAGE_JSON_C
+ select BR2_PACKAGE_LIBCONFIG
select BR2_PACKAGE_LIBUBOOTENV
help
swupdate provides a reliable way to update the software on
@@ -25,8 +26,9 @@ config BR2_PACKAGE_SWUPDATE
want to have Lua support.
* Select BR2_PACKAGE_LIBCURL if you want to use the download
feature.
- * Select BR2_PACKAGE_OPENSSL or BR2_PACKAGE_MBEDTLS if you
- want to add encryption support.
+ * Select at least one of these crypto backends:
+ BR2_PACKAGE_OPENSSL or BR2_PACKAGE_MBEDTLS or
+ BR2_PACKAGE_WOLFSSL or BR2_PACKAGE_LIBGPGME.
* Select BR2_PACKAGE_MTD if you want to use swupdate with
UBI partitions.
* Select BR2_PACKAGE_ZLIB if you want to deal with gzip
diff --git a/package/swupdate/swupdate.config b/package/swupdate/swupdate.config
index a6b7a74948..0f672805be 100644
--- a/package/swupdate/swupdate.config
+++ b/package/swupdate/swupdate.config
@@ -2,7 +2,6 @@
# Automatically generated file; DO NOT EDIT.
# Swupdate Configuration
#
-CONFIG_HAVE_DOT_CONFIG=y
#
# Swupdate Settings
@@ -24,7 +23,6 @@ CONFIG_SW_VERSIONS_FILE="/etc/sw-versions"
#
CONFIG_SOCKET_CTRL_PATH="/tmp/sockinstctrl"
CONFIG_SOCKET_PROGRESS_PATH="/tmp/swupdateprog"
-CONFIG_SOCKET_REMOTE_HANDLER_DIRECTORY="/tmp/"
#
# MTD support needs libmtd
diff --git a/package/swupdate/swupdate.hash b/package/swupdate/swupdate.hash
index bc911d1820..b3f43648f8 100644
--- a/package/swupdate/swupdate.hash
+++ b/package/swupdate/swupdate.hash
@@ -1,5 +1,5 @@
# Locally calculated
-sha256 678b47fd2419727c4d0abf5c9f3bc0dc4b67e95951132bd1c8f5603e88947779 swupdate-2025.05.tar.gz
+sha256 8517f3730eeb66e20e651b881dd4b9c10ca9ae05e3883db59b5df18ab1eaa533 swupdate-2025.12.tar.gz
sha256 4cf04ed34ff0ebbf5c71345b56e6af5093fc17206364cca0ebbae92ef3940683 LICENSES/BSD-1-Clause.txt
sha256 e27a3e87706b3aa5ff2e50eaafe2e6ed5397fbf2d7679eaf444a6d000518a3a6 LICENSES/BSD-3-Clause.txt
sha256 0558101984550fa84d1d13c2af11d116c20079d2be58711e8d99cadce7009192 LICENSES/CC0-1.0.txt
diff --git a/package/swupdate/swupdate.mk b/package/swupdate/swupdate.mk
index 05329d13b8..b2778d2aec 100644
--- a/package/swupdate/swupdate.mk
+++ b/package/swupdate/swupdate.mk
@@ -4,7 +4,7 @@
#
################################################################################
-SWUPDATE_VERSION = 2025.05
+SWUPDATE_VERSION = 2025.12
SWUPDATE_SITE = $(call github,sbabic,swupdate,$(SWUPDATE_VERSION))
SWUPDATE_LICENSE = GPL-2.0, GPL-2.0+, LGPL-2.1+, MIT, ISC, BSD-1-Clause, BSD-3-Clause, CC0-1.0, CC-BY-SA-4.0, OFL-1.1
SWUPDATE_LICENSE_FILES = LICENSES/BSD-1-Clause.txt \
@@ -18,7 +18,7 @@ SWUPDATE_LICENSE_FILES = LICENSES/BSD-1-Clause.txt \
LICENSES/MIT.txt \
LICENSES/OFL-1.1.txt
SWUPDATE_INSTALL_STAGING = YES
-SWUPDATE_DEPENDENCIES = json-c libubootenv
+SWUPDATE_DEPENDENCIES = json-c libconfig libubootenv
# swupdate uses $CROSS-cc instead of $CROSS-gcc, which is not
# available in all external toolchains, and use CC for linking. Ensure
@@ -51,13 +51,6 @@ else
SWUPDATE_MAKE_ENV += HAVE_LIBBLKID=n
endif
-ifeq ($(BR2_PACKAGE_LIBCONFIG),y)
-SWUPDATE_DEPENDENCIES += libconfig
-SWUPDATE_MAKE_ENV += HAVE_LIBCONFIG=y
-else
-SWUPDATE_MAKE_ENV += HAVE_LIBCONFIG=n
-endif
-
ifeq ($(BR2_PACKAGE_LIBCURL),y)
SWUPDATE_DEPENDENCIES += libcurl
SWUPDATE_MAKE_ENV += HAVE_LIBCURL=y
@@ -82,6 +75,13 @@ else
SWUPDATE_MAKE_ENV += HAVE_LIBGPIOD=n
endif
+ifeq ($(BR2_PACKAGE_LIBGPGME),y)
+SWUPDATE_DEPENDENCIES += libgpgme
+SWUPDATE_MAKE_ENV += HAVE_GPGME=y
+else
+SWUPDATE_MAKE_ENV += HAVE_GPGME=n
+endif
+
ifeq ($(BR2_PACKAGE_LIBURIPARSER),y)
SWUPDATE_DEPENDENCIES += liburiparser
SWUPDATE_MAKE_ENV += HAVE_URIPARSER=y
@@ -126,10 +126,8 @@ endif
ifeq ($(BR2_PACKAGE_OPENSSL),y)
SWUPDATE_DEPENDENCIES += openssl
SWUPDATE_MAKE_ENV += HAVE_LIBSSL=y
-SWUPDATE_MAKE_ENV += HAVE_LIBCRYPTO=y
else
SWUPDATE_MAKE_ENV += HAVE_LIBSSL=n
-SWUPDATE_MAKE_ENV += HAVE_LIBCRYPTO=n
endif
ifeq ($(BR2_PACKAGE_P11_KIT),y)
--
2.47.3
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2026-03-27 14:17 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-24 13:34 [Buildroot] [PATCH v2] packge/swupdate: bump to version 2025.12 Giulio Benetti
2026-03-24 13:39 ` Giulio Benetti
2026-03-26 18:25 ` James Hilliard
2026-03-27 14:16 ` Giulio Benetti [this message]
2026-03-27 14:21 ` [Buildroot] [PATCH v3] " Giulio Benetti
2026-03-27 14:25 ` [Buildroot] [PATCH v2] " Giulio Benetti
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260327141659.1109640-1-giulio.benetti@benettiengineering.com \
--to=giulio.benetti@benettiengineering.com \
--cc=buildroot@buildroot.org \
--cc=james.hilliard1@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox