Tracking: skiff vs upstream-master #19
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Christian Stewart <[email protected]>
Signed-off-by: Christian Stewart <[email protected]>
Img is a standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder. It uses the moby-buildkit solver internally. The commands/UX mirror the Docker CLI for workflow compatibility. Using the genuinetools- prefix due to the generic nature of the "img" name. Adds both host and target variants. fuse-overlayfs can be used as an unprivileged and rootless overlay filesystem backend. https://github.com/genuinetools/img Signed-off-by: Christian Stewart <[email protected]> --- TODO: https://patchwork.ozlabs.org/project/buildroot/patch/[email protected]/ - changes to patch to add libfuse3 as host package requested.
Daemonize is a command line utility to run a program as a Unix daemon. Signed-off-by: Christian Stewart <[email protected]> --- TODO: Changes requested for v2: https://patchwork.ozlabs.org/project/buildroot/patch/[email protected]/
Adds both host and target packages for buildah. Buildah is a tool that facilitates building OCI images. https://github.com/containers/buildah The buildah tree does not ship with a default policy.json file, and instead relies on packagers to provide one. A patch is added to create a basic barebones policy.json which is installed to /etc/containers/policy.json with a hook. Signed-off-by: Christian Stewart <[email protected]> --- v1 -> v2: - add package to developers - add host runc dependency for host package - add libgpgme runtime dependency v2 -> v3: - add policy.json to target: required by some commands - example: buildah pull docker.io/library/alpine - pull: tested on raspberry pi 4 v3 -> v4: - TODO: move policy.json to package dir - https://lists.buildroot.org/pipermail/buildroot/2022-January/634936.html - bump to version v1.32.1 - https://github.com/containers/buildah/releases/tag/v1.32.1 v4 -> v5: - bump to version 1.35.x Signed-off-by: Christian Stewart <[email protected]>
Add a symlink to the expected location for vpdma-1ba in the root of the firmware directory. Signed-off-by: Christian Stewart <[email protected]>
paralin
force-pushed
the
skiff
branch
3 times, most recently
from
0915eeb to
7af4c59
Compare
paralin
force-pushed
the
skiff
branch
4 times, most recently
from
c5e35c6 to
ba56dae
Compare
paralin
force-pushed
the
skiff
branch
3 times, most recently
from
0d083d6 to
99d3e37
Compare
Signed-off-by: Christian Stewart <[email protected]>
Lack of an RNG source can block boot-up on headless systems with few hardware entropy sources. This patch allows rngd to start earlier than the current "basic.target" when systemd is used. Removing the dependency on "basic.target" and by extension, "sockets.target" will allow rngd to start before, for example, docker.sock - which can take some time to become ready without entropy. This is a cherry-pick of a peer project patch: https://patchwork.openembedded.org/patch/163303/ Signed-off-by: Christian Stewart <[email protected]>
paralin
force-pushed
the
skiff
branch
9 times, most recently
from
ff57586 to
75f485c
Compare
Signed-off-by: Colin Foster <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
The .stamp_patched rule currently uses shell loops and conditions to iterate over the patches in the package directory and BR2_GLOBAL_PATCH_DIRS and to select between the versioned and unversioned directory. We want to add the patch list to show-info as well, so we need a way to do this entirely in Make functions. Introduce the function pkg-patches-dirs in pkg-utils which copies this functionality in make syntax, and use it in the .stamp_patched rule. As an extra simplification, only consider the version directory if PKG_VERSION actually exists. Otherwise, we would use the directory with a slash appended for packages without version. Why this does work, it just looks weird for no reason. Furthermore, introduce the function pkg-patch-hash-dirs which simply enumerates the package directory and the package subdirectories of BR2_GLOBAL_PATCH_DIRS. This function is used for _HASH_FILES as well. Ideally, we should be able to factor our the handling of the version subdirectory between the patches and hashes as well. Unfortunately, they are treated subtly different: patches don't use the base directory if the version directory exists, while hashes do use the base directory. We don't want to change this behaviour. Signed-off-by: Thomas Perale <[email protected]> Co-authored-by: Matthias Swiggers <[email protected]> [Arnout: - split into a separate patch; - don't fully factor with _HASH_FILES because version is treaded differently; - introduce pkg-patch-hash-dirs; - retain the RAWNAME comment, but move it to pkg-patch-hash-dirs; - use foreach instead of shell loop, and $(seq) instead of exit 1; - rewrite to retain original behaviour of only using versioned dir. ] Signed-off-by: Arnout Vandecappelle <[email protected]>
This commit adds support for listing the patches path or url applied to a
package when calling `show-info`.
To avoid making `show-info` dependant on having to download and patch the
packages there is a known limitation with the patch listing of `show-info`:
* If a package applies patches in the pre/post hook, they won't be listed
(for instance: `android-tool`, `libmad`, `gcc-initial`, `gcc-final`,
`linux-header`, ...).
* Patches defined in the `<pkg-name>_PATCH` variable will be listed as
an URL instead of listing the content with a path. For individual
patches this is probably OK, but it's not so ideal if it's a tarball
containing patches
Signed-off-by: Thomas Perale <[email protected]>
Co-authored-by: Matthias Swiggers <[email protected]>
Signed-off-by: Arnout Vandecappelle <[email protected]>
…DX-style SBOM
There is a growing need to generate software bill of materials (SBOM) from
buildroot configurations. Right now there are different solutions available
for buildroot users `show-info`, `legal-info` and `pkg-stats`.
They all generate similar information but in a format that is specific
to buildroot.
CycloneDX is a SBOM specification that can be consumed by different services.
This patch introduces a Python script, that converts the JSON output of the
show-info Makefile target to a CycloneDX-style SBOM.
The script output contains the following information.
- A list of all packages, or "components" with information about
version, cpe (if available), applied patches.
- By default virtual packages are not listed in the SBOM.
- Additional information is added to the component 'properties' to
specify wheter the component is present on the target or the host
under the `BR_TYPE` property name.
- An overview of the licenses applicable to each package. If possible,
the names of these licenses have been matched to known SPDX license
identifiers.
- Per package, a list of (recursive) dependencies on other packages.
- A list of ignored CVE and their associated component.
More information on CycloneDX at https://cyclonedx.org/.
Usage:
make show-info | utils/generate-cyclonedx.py | jq '.'
Example output:
```
{
"bomFormat": "CycloneDX",
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"specVersion": "1.6",
"components": [
{
"bom-ref": "busybox",
"type": "library",
"name": "busybox",
"version": "1.36.1",
"licenses": [
{
"license": {
"id": "GPL-2.0"
}
},
...
],
"cpe": "cpe:2.3:a:busybox:busybox:1.36.1:*:*:*:*:*:*:*",
"pedigree": {
"patches": [
{
"type": "unofficial",
"diff": {
"text": {
"content": "..."
}
}
}
]
}
"properties": [
{
"name": "BR_TYPE",
"value": "target"
}
]
},
...
],
"dependencies": [
{
"ref": "busybox",
"dependsOn": [
"host-skeleton",
"skeleton",
"skeleton-init-sysv",
"skeleton-init-common",
...
}
...
],
"vulnerabilities": [
{
"id": "CVE-2022-28391",
"analysis": {
"state": "in_triage",
"detail": "The CVE 'CVE-2022-28391' has been marked as ignored by Buildroot"
},
"affects": [
{
"ref": "busybox"
}
]
},
...
],
"metadata": {
"component": {
"bom-ref": "buildroot",
"name": "buildroot",
"type": "firmware",
"version": "2024.02-4744-gafea667f00-dirty"
}
}
}
```
Signed-off-by: Thomas Perale <[email protected]>
Co-authored-by: Matthias Swiggers <[email protected]>
Reviewed-by: Vincent Jardin <[email protected]>
[Arnout:
- alphabetically order imports;
- use endswith instead if 'in' to check suffix;
- add usage to help text;
- remove .py suffix.
]
Signed-off-by: Arnout Vandecappelle <[email protected]>
https://github.com/cesanta/mongoose/releases/tag/7.17 Signed-off-by: Giulio Benetti <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
For release note, see: https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v3.0.13 - Drop 0001-configure.ac-drop-usage-of-git-at-configure-time.patch The package originally had to be reconfigured to patch in uclinux support. The fix has been merged upstream [1]. We no longer need to reconfigure the package so we can drop this patch. [1] owasp-modsecurity/ModSecurity#2235 Signed-off-by: Frank Vanbever <[email protected]> [Julien: - add link to release note - update .checkpackageignore to fix check-package errors ] Signed-off-by: Julien Olivain <[email protected]>
Currently, only the -static extldflags may be set in the golang-package infra. However, in some cases, it might be necessary to pass other flags, either because they are needed on a specific architecture, or a specific C library; packages may also have a need to pass arbitrary linker flags when they use CGO linking. For example, on AArch64, go forcibly uses ld.gold, but it is not available in all toolchains, and ld.bfd works nowadays (following patch); another case is musl, where PIE is not supported with go. Introduce FOO_EXTLDFLAGS, which we use to set those flags, and that packages can set to pass such flags. Migrate the current setting of -static to use that new variable. Signed-off-by: Yann E. MORIN <[email protected]> Tested-by: Nathaniel Roach <[email protected]> Signed-off-by: Fiona Klute (WIWA) <[email protected]> Reviewed-by: Yann E. MORIN <[email protected]> Reviewed-by: Christian Stewart <[email protected]> Signed-off-by: Romain Naour <[email protected]>
Go forces use of the Gold linker on aarch64 due to a bug in BFD that is fixed in Binutils >= 2.41 (that includes all versions provided by Buildroot). Forcing Gold will break with toolchains that don't provide it (like the Buildroot toolchains), so override the flag and use BFD. This override should be removed if Go stops forcing Gold, and may have to be adapted if the set of available linkers changes (e.g. with a future Binutils update). See: golang/go#22040 Fixes: http://autobuild.buildroot.org/results/a59/a59bc999e9620ff6b9d97138a2de898aadc07529 Signed-off-by: Fiona Klute (WIWA) <[email protected]> Reviewed-by: Yann E. MORIN <[email protected]> [Romain: add autobuild reference] Signed-off-by: Romain Naour <[email protected]>
Disable PIE on musl to fix "read-only segment has dynamic relocations" errors during linking [1] that appeared after major version bump to v2. [1] golang/go#17847 Fixes: 9c2e146 Signed-off-by: Fiona Klute (WIWA) <[email protected]> Reviewed-by: Yann E. MORIN <[email protected]> Signed-off-by: Romain Naour <[email protected]>
…MKIMAGE The BR2_PACKAGE_HOST_IMX_MKIMAGE is only needed when the NXP U-Boot version is used. polyhex_debix_model_a_defconfig uses mainline U-Boot, which builds flash.bin directly, without using the NXP imx-mkimage tool. Remove such unneeded package. Signed-off-by: Fabio Estevam <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
Add a new defconfig for the imx8mp-evk board that uses upstream components, such as: - Linux Kernel: Upstream version 6.12.16 - U-boot: Upstream version 2025.01 - ATF: Upstream version 2.12 Based on bcc7993 ("configs/polyhex_debix_model_a_defconfig: new defconfig") from Gilles Talis. Signed-off-by: Fabio Estevam <[email protected]> [Julien: - replace linux-headers.hash with a symlink to linux.hash - update kernel hash to 6.12.16 to match defconfig version ] Signed-off-by: Julien Olivain <[email protected]>
Buildroot commit 553c55e added this package with a typo in the configure option to disable ffmpeg support. Signed-off-by: Bernd Kuhls <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
Release notes: https://github.com/timescale/timescaledb/blob/2.18.2/CHANGELOG.md Signed-off-by: Scott Fan <[email protected]> Reviewed-by: Maxim Kochetkov <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
See here for a changelog: https://www.zabbix.com/rn/rn7.2.3 Signed-off-by: Waldemar Brodkorb <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
Starting from this version newer releases are only available at a new dedicated repository, so the site is updated accordingly. Hash files no longer exist in the new repo, so remove the related comment. It turns out that install-sh has been available in the tarball since version 0.19, so remove JBIG2DEC_AUTORECONF. Signed-off-by: Raphaël Mélotte <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
Changelog: https://github.com/postgis/postgis/blob/3.5.2/NEWS Signed-off-by: Maxim Kochetkov <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
In commit dbab39e (support/scripts/generate-cyclonedx.py: add script to generate CycloneDX-style SBOM), the script was renamed while applying thr patch, but the entry in DEVELOPERS was not updated accordingly: $ ./utils/docker-run ./utils/get-developers -v WARNING: 'utils/generate-cyclonedx.py' doesn't match any file, line 3179 Fix that. Signed-off-by: Yann E. MORIN <[email protected]> Cc: Arnout Vandecappelle (Essensium/Mind) <[email protected]> Cc: Thomas Perale <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
This patch adds basic support for the new FriendlyARM NanoPi R3S board: - https://www.friendlyelec.com/index.php?route=product/product&product_id=303 - https://wiki.friendlyelec.com/wiki/index.php/NanoPi_R3S Hardware Spec: - CPU: Rockchip RK3566, Quad-core Cortex-A55 - RAM: 2GB LPDDR4X - Ethernet: one Native Gigabit Ethernet, and one PCIe Gigabit Ethernet - USB3.0 Host: Type-A x1 - Storage: MicroSD Slot x 1, and on-board 32GB eMMC - Debug Serial Port: 3.3V TTL, 3-pin 2.54mm pitch connector, 1500000 bauds - LED: LED x 3 - RTC: One low-power RTC, support backup battery input - Buttons: 1x User button, 1x MASK button for eMMC flashing via USB-C - Display: 1x MIPI-DSI 30-Pin FPC connector BSP includes the following components: - mainline ATF v2.12 - mainline U-Boot v2025.04-rc2 - mainline Linux kernel v6.13.4 Note: this defconfig is using U-Boot v2025.04-rc2 because the NanoPi R3S support was added in upstream commit [1] first included in v2025.04-rc1. [1] https://source.denx.de/u-boot/u-boot/-/commit/bf4a33e725ae02cae064a03ea90c45779780f323 Signed-off-by: Sergey Kuzminov <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
Since the following commit: buildroot/buildroot@b07030a The following host configs are included with $$(HOST_CONFIGURE_OPTS) CFLAGS="$$(HOST_CFLAGS)" LDFLAGS="$$(HOST_LDFLAGS)" As they are redundant, we can remove them from the autotools infrastructure. Signed-off-by: Neal Frager <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
Architecture using soft float don't support the math FE_* exceptions.
This commit adds a patch to conditionnally build the FE_* exception
handling.
Fixes:
https://autobuild.buildroot.org/results/88d/88d764dd12bdbdbe633ebc703c461ebe95b75693/
Signed-off-by: Thomas Bonnefille <[email protected]>
Signed-off-by: Julien Olivain <[email protected]>
See [1] for changelog. [1] https://github.com/bluetooth-devices/dbus-fast/blob/main/CHANGELOG.md Signed-off-by: Marcin Niestroj <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
../test/test-crbug1004254.c:28:10: fatal error: pthread.h: No such file or directory
28 | #include <pthread.h>
| ^~~~~~~~~~~
Commit cef7358 "package/fontconfig: fix compilation on targets without pthread support"
fixed compilation for targets without pthread support, but that was apparently nog enough.
Back then, I tested all the targets by using `./utils/test-pkg -p fontconfig -a`,
but somehow these targets didn't enable the fontconfig tests, so I didn't see this
compile failure. Fix it now by explicitly disabling the fontconfig tests.
Fixes:
- https://autobuild.buildroot.org/results/5f0/5f0c716c20788ba49a3a9f185251ded373a764cd/build-end.log
Signed-off-by: Thomas Devoogdt <[email protected]>
[Julien: reword commit log title]
Signed-off-by: Julien Olivain <[email protected]>
Utility to manage outputs of a Wayland compositor. Signed-off-by: Sébastien Szymanski <[email protected]> [Fiona: - fix build with uClibc - update to 0.5.0 with move to gitlab.freedesktop.org ] Signed-off-by: Fiona Klute (WIWA) <[email protected]> [Julien: reorder DEVELOPERS entries alphabetically] Signed-off-by: Julien Olivain <[email protected]>
Add a new defconfig for the imx8mn-ddr4-evk board that uses upstream components, such as: - Linux Kernel: Upstream version 6.12.16 - U-boot: Upstream version 2025.01 - ATF: Upstream version 2.12 Signed-off-by: Fabio Estevam <[email protected]> Tested-by: Julien Olivain <[email protected]> [Julien: Tested on board 700-31407 REV A5] Signed-off-by: Julien Olivain <[email protected]>
Add a new defconfig for the imx8mm-evk board that uses upstream components, such as: - Linux Kernel: Upstream version 6.12.16 - U-boot: Upstream version 2025.01 - ATF: Upstream version 2.12 Signed-off-by: Fabio Estevam <[email protected]> Tested-by: Julien Olivain <[email protected]> [Julien: Tested on board 700-31407 REV A1] Signed-off-by: Julien Olivain <[email protected]>
Release notes: https://arma.sourceforge.net/docs.html#changelog Signed-off-by: Dario Binacchi <[email protected]> Signed-off-by: Julien Olivain <[email protected]>
automated build + check-package + legal-info. Signed-off-by: Christian Stewart <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR tracks changes vs upstream-master.