* Adds a new component server/nic_uplink that forwards packets unmodified
between one Uplink session at one side and potentially multiple Nic sessions
at the other side.
* Adds a new run script nic_uplink.run that does a basic test with multiple
Nic clients on this component and adds it to the autopilot list.
* Adds a new depot recipe src/nic_uplink for this component.
* Adds a new depot recipe pkg/pc_nic for deploying the pc_nic_driver together
with a nic_uplink server. This allows for raw access to the network connected
to the Nic of the system in contrast to the commonly used routed and NAT'd
access via NIC router. That said, it enables the use of network protocols
not yet supported by the NIC router at the cost of less protection.
Ref #4966
The depot_remove component can delete PKG archives with
automatically resolving dependencies and deleting archives that are not
required on the system anymore.
Issue genodelabs#4866
If this file is called from a Makefile via
! $(shell <path>/tool/ports/current qt5-host)
'shell' will return
"Entering directory '' <path-to-libc> Leaving directory '' Stop.",
and thus, producing multiple targets in the 'tool_chain_qt5' case.
issue #4725
The new monitor component at os/src/monitor is the designated successor
of the gdb_monitor. This initial version, however, implements only the
subset needed to inspect the memory of the monitored component(s).
In contrast to the gdb_monitor, the new component supports the monitoring
of multiple components, leveraging the sandbox API. It can therefore be
used as a drop-in replacement for the init component. Like the gdb_monitor,
the new monitor speaks the GDB protocol over Genode's terminal session.
But the protocol implementation does not re-use any gdbserver code,
sidestepping the complexities of POSIX.
There exist two run scripts illustrating the new component. The
os/run/monitor.run script exercises memory inspection via the 'm' command
by letting a test program monitor itself. The os/run/monitor_gdb.run
script allows for the interactive use of GDB to interact with monitored
components.
Issue #4917
With the update to sel4 and the gcc 12, assembly instructions are generated
and used, like POPCNT. The instruction is available on our native hardware,
but not emulated by the default cpu model necessarily, which leads to
undefined opcode exceptions (Qemu 4.2.1 && seL4). Additionally, the features
of the default Qemu cpu model may vary between Qemu releases and makes it
harder to correlate effects.
"-cpu phenom" does not support all CPU instructions necessary with
gcc 12 toolchain update issuing more SSSE3, e.g. pshufb.
Additionally, remove good/bad Qemu version check of outdated versions.
Issue genodelabs/genode-world#329
Downloading non-existent archives from 'depot.genode.org' leads to
files in the 'public' directory containing the 404 error website
delivered by the HTTP server. Specifying the '--fail' option results
in curl generating an exit-code that leads to the appropriate action
by the tool, e.g.:
Error: failed to download 'https://depot.genode.org/user/pkg/x/version.tar.xz'
Issue #4865.
If GPG signing is aborted, e.g., by pressing CTRL-C, an empty .sig file
remained in PUBLIC_DIR because the file was created by the Bash
redirection. By using '--output $@', gpg maintains the .sig file.
If a content.mk file wrongly refers to a non-existing directory in a
call of the 'port_dir' function, the 'content_env_missing_ports.mk' gets
stuck while invoking 'cat' without argument, which makes such mistakes
difficult to diagnose. This patch adds a sanity check for the existence
of the port hash file at the specified location before attempting to
'cat' the hash-file content.
By default, bender will not report any serial findings anymore, if not
explicitly asked for with the 'serial' option. Without this option, an
invalid ioport is reported, so that neither the kernel nor Genode core
will make serial output.
This patch equips the publish tool to handle system images.
System images reside at <depot-user/image/. The directory contains an
index file that contains the meta information of the available images
in XML form, e.g.,
<index>
<image name="sculpt-pinephone-2023-01-19" board="pinephone">
<info text="initial version"/>
</image>
</index>
To publish a new version of the index:
./tool/depot/publish <depot-user>/image/index
Each system image comes in two forms, a bootable disk image and an
archive of the boot directory. The bootable disk image can be used to
install a new system from scratch by copying the image directly ot a
block device. It contains raw block data. The archive of the boot
directory contains the content needed for an on-target system update to
this version. Within the depot, this archive a directory - named after
the image - that contains the designated content of the boot directory
on target. Depending on the board, it may contain only a single file
loaded by the boot loader (e.g., uImage), or several boot modules, or
even the boot-loader configuration.
To publish both forms:
./tool/depot/publish <depot-user>/image/<image-name>
This results in the following - accompanied by their respective .sig
files - in the public directory:
<depot-user>/image/<image-name>.img.gz (disk image)
<depot-user>/image/<image-name>.tar.xz (boot archive)
<depot-user>/image/<image-name>.zip (disk image)
The .zip file contains the .img file. It is provided for users who
download the image on a system with no support for .gz.
Fixes#4735
Issue #4744
This patch adjusts the run/image/disk plugin to search for resize2fs in
/usr/sbin, which is not included in the PATH variable on Debian by
default.
Issue #4746
The argument is superfluous because only run/image/uboot evaluated it
anyway, and the argument is always boot/image.elf. With this change, the
official semantics of run_image become: "replace the boot/image.elf file
by platform-specific file(s) at boot/ that can actually be booted".
Issue #4730
The semantic of .NOPARALLEL has changed in GNU Make 4.4
Quote:
New feature: .NOTPARALLEL accepts prerequisites If the .NOTPARALLEL
special target has prerequisites then all prerequisites of those targets
will be run serially (as if .WAIT was specified between each
prerequisite).
This means that only prerequisites are made sequential. Before
everything within a Makefile would be done in sequential order.
Therefore, we had to add the *.hash target (appears multiple times) to
the .NOPARALLEL prerequisites.
issue #4725
This networking scenario is useful for analysing and optimizing the
interplay of the VFS, libc, TCP/IP, and the NIC router. It downloads a
file via fetchurl from lighttpd, both of which are hosted on a virtual
network.
Issue #4697
Both modules were quite similar except the the name of the FIT image
(image.itb) and the mkimage command line. FIT images are now produced by
the following RUN_OPT.
RUN_OPT += --include image/uboot --image-uboot-fit
Issue #4693
By making the use of gzip's '--best' option configurable and disabling it
by default, this patch noticably reduces the built-test cycle from 15 to
10 seconds when integrating the Sculpt system image for the PinePhone.
Fixes#4693
With "grub2: update to newer grub2 2.06 version" a regression slipped in
which makes the ISO not bootable on real hardware. The commit reverts to
the previous behaviour, to load the GRUB2 modules after boot later one by
one in the ISO format case.
Fixes#4647
An installed lighttpd HTTP server can now optionally be started to serve
the boot image with the follow run options.
--load-ipxe-lighttpd run lighttpd automatically (default: off)
--load-ipxe-lighttpd-port <port> TCP port to run lighttpd on (default: 8080)
The updated Bender version is configurable regarding the mode in which to run
the Intel HWP plugin. This can now be controlled via the new run option
'--bender-intel-hwp-mode' (only when running on NOVA). The option knows 4 valid
values 'off', 'performance', 'balanced', and 'power_saving'. When running on
NOVA, the default value applied by the run tool is 'performance'. when running
on any other kernel, the default value of Bender ('off') is used. Therefore,
when not setting the new '--bender-intel-hwp-mode' flag, the behavior is the
same as before this commit.
Fixes#4224
This patch make the use of the result of the 'build_artifacts' function
as input for 'build_boot_image' more robust. Since 'build_artifacts'
obtains binary names from the progress.log, the names of core,
ld.lib.so, and the timer correspond to the kernel-specific names.
However, 'build_boot_image' expects the kernel-agnostic names as
arguments. Kernel-specific files need special treatment when integrated
in the boot image: the kernel-specific file is copied and renamed to the
kernel-agnostic name. Without this patch, the kernel-specific file is
copied as is (e.g., ld-nova.lib.so). So the name of the ROM module is
wrong. This patch resets the kernel-specific names to the generic names
so that the special-case handling comes into effect.
This patch adds special handling for lib/<libname> arguments to the
build system, which supersedes the former LIB=<libname> mechanism.
Whereas the old mechanism was limited to a single library, the new
convention allows multiple library arguments, similar to regular
targets. The change brings the two immediate benefits.
First, the streamlining of library and target arguments allows for the
building of libraries via the 'build' command of the run tool.
Second, it alleviates the need for pseudo target.mk files for building
shared libraries that have no direct dependencies, in particular VFS
plugins.
Since this change eases the explicit creation of shared libraries
from run scripts, we may reconsider the automatic implicit building
of shared libraries driven by targets. E.g., while developing a Qt
application, a run script could import the Qt libraries from the
depot and combine those with the developed (fresh built) target without
triggering the build of the Qt libraries in the build directory.
When issueing 'make' without arguments, all targets are built. This
patch applies this behavior to libraries as well, thereby removing the
need for the base/src/lib/target.mk pseudo target as used by the CI
tools to build all libraries.
Note that target.mk files located under src/lib/ are no longer
reachable. Therefore, all run scripts that used to trigger the
build of a shared library via a pseudo target must be adapted.
E.g., 'build lib/vfs/tap' must be replaced by 'build lib/vfs_tap'.
With this patch, the LIB=<libname> option is no longer supported.
Fixes#4599
Instead of having a generic "virt_qemu" board use "virt_qemu_<arch>" in
order to have a clean distinction between boards. Current supported
boards are "virt_qemu_arm_v7a", "virt_qemu_arm_v8a", and
"virt_qemu_riscv".
issue #4034
A userland component that ports the Linux WireGuard kernel module (originally
from kernel version 5.14.21) and integrates it via a NIC session (public
network side) and an Uplink session (private network side). The
WireGuard-specific device configuration is done through the component
configuration. The port is done using lx_emul, lx_kit and the virt_linux
targets. The commit adds also 4 corresponding run scripts of which 3 are fully
automated of which 1 is added to the autopilot.
:Warning:
Although in principal functioning, the WireGuard port has not been exposed to a
sufficient amount of real-world testing, so far. Therefore, we strongly
recommend not to use it in any security-critical scenarios! There is no
guarantee that the port meets any of the security goals pursued by the
WireGuard protocol or other WireGuard implementations!
Ref #4397
Normally, the APIs listed in 'used_apis' files do not carry a version
but implictly refer to the current version. This patch allows for
specifiying an concrete version. This is a useful feature in the context
of the Goa tool.
By replacing the formerly hard-coded $(GENODE_DIR)/tool/depot/ by the
variable DEPOT_TOOL_DIR, the depot tools can be hosted outside the
Genode source tree, i.e., as part of the Goa tool.
Some devices do not answer connection attempts timely, which leads
amtterm to time out (after 60s). Using multiple attempts in 500 ms
intervals results in timely connection and complete boot logs.
Issue #4429
.SHELLFLAGS is extended by option pipefail to make pipes fail if any pipe
element fails. As .SHELLFLAGS is exported into sub-make instances it
must be unexported before calling third-party build systems recursively.
This is a follow-up fix for "mk/ld.mk: trigger kernel-dependent
ld.lib.so build", which alleviates the need to specify the KERNEL at the
build-system command line. Thanks to Piotr Tworek for reporting.
Issue #4320
This patch works around 'tar' erroring out when faced with an empty list
of files:
tar: Cowardly refusing to create an empty archive
This can happen when using sculpt.run for a scenario with only a runtime
but no deploy or launcher configuration.
Issue #4369
With the kernel-specific build of the dynamic linker triggered
automatically at the build stage, the artificial build step at the
boot-dir stage can be skipped.
Issue #4320
The new function 'build_artifacts' returns a list of artifacts created
by the Genode build system. The list can be supplied as argument to
the 'build_boot_image' function.
Note that the list covers only program targets and shared libraries.
Other artifacts created as side effects of custom rules are not covered.
Fixes#4368
This patch prevents the run tool from issuing 'make' in the build
directory if no build targets are specified, which prompts the build
system to build everything.
If only versioned archives are supplied to a depot function like
'create_tar_from_depot_binaries', the depot/create tool is called
with zero arguments, resulting in a help message. The patch detects
this case and skips the call.
Since unifying the build directories accross architectures, the special
case of the 'linux' platform is no longer needed. Linux can be targeted
from regular CPU-architecture-specific build directories via:
KERNEL=linux BOARD=linux
Fixes#4366
This change keeps the version-controlled 'pubkey' and 'download' files
separate from files generated via depot/create or downloaded via
depot/download. So one can remove the entire depot/ directory without
interfering with git.
Furthermore, depot keys can now be hosted in supplemental repositories
independent from Genode's main repository.
Fixes#4364
This patch discharges the dependency of Makefile.in from Makefile.am
files whenever both files are present in a downloaded archive.
Being based on make, the trigger of running automake is based on the
timestamps for the extracted archive content. However, since we reset
the timestamps (via 'tar -m') at extraction time, no assumptions about
the timestamp relations between the extracted files can be made. In the
event automake is triggered, we are faced with the tool dependency from
a specific automake version on the host.
The patch enforces the unconditional use the 'Makefile.in' version
supplied by the archive.
Fixes#4350
