If GPG signing is aborted, e.g., by pressing CTRL-C, an empty .sig file
remained in PUBLIC_DIR because the file was created by the Bash
redirection. By using '--output $@', gpg maintains the .sig file.
If a content.mk file wrongly refers to a non-existing directory in a
call of the 'port_dir' function, the 'content_env_missing_ports.mk' gets
stuck while invoking 'cat' without argument, which makes such mistakes
difficult to diagnose. This patch adds a sanity check for the existence
of the port hash file at the specified location before attempting to
'cat' the hash-file content.
By default, bender will not report any serial findings anymore, if not
explicitly asked for with the 'serial' option. Without this option, an
invalid ioport is reported, so that neither the kernel nor Genode core
will make serial output.
This patch equips the publish tool to handle system images.
System images reside at <depot-user/image/. The directory contains an
index file that contains the meta information of the available images
in XML form, e.g.,
<index>
<image name="sculpt-pinephone-2023-01-19" board="pinephone">
<info text="initial version"/>
</image>
</index>
To publish a new version of the index:
./tool/depot/publish <depot-user>/image/index
Each system image comes in two forms, a bootable disk image and an
archive of the boot directory. The bootable disk image can be used to
install a new system from scratch by copying the image directly ot a
block device. It contains raw block data. The archive of the boot
directory contains the content needed for an on-target system update to
this version. Within the depot, this archive a directory - named after
the image - that contains the designated content of the boot directory
on target. Depending on the board, it may contain only a single file
loaded by the boot loader (e.g., uImage), or several boot modules, or
even the boot-loader configuration.
To publish both forms:
./tool/depot/publish <depot-user>/image/<image-name>
This results in the following - accompanied by their respective .sig
files - in the public directory:
<depot-user>/image/<image-name>.img.gz (disk image)
<depot-user>/image/<image-name>.tar.xz (boot archive)
<depot-user>/image/<image-name>.zip (disk image)
The .zip file contains the .img file. It is provided for users who
download the image on a system with no support for .gz.
Fixes#4735
Issue #4744
This patch adjusts the run/image/disk plugin to search for resize2fs in
/usr/sbin, which is not included in the PATH variable on Debian by
default.
Issue #4746
The argument is superfluous because only run/image/uboot evaluated it
anyway, and the argument is always boot/image.elf. With this change, the
official semantics of run_image become: "replace the boot/image.elf file
by platform-specific file(s) at boot/ that can actually be booted".
Issue #4730
The semantic of .NOPARALLEL has changed in GNU Make 4.4
Quote:
New feature: .NOTPARALLEL accepts prerequisites If the .NOTPARALLEL
special target has prerequisites then all prerequisites of those targets
will be run serially (as if .WAIT was specified between each
prerequisite).
This means that only prerequisites are made sequential. Before
everything within a Makefile would be done in sequential order.
Therefore, we had to add the *.hash target (appears multiple times) to
the .NOPARALLEL prerequisites.
issue #4725
This networking scenario is useful for analysing and optimizing the
interplay of the VFS, libc, TCP/IP, and the NIC router. It downloads a
file via fetchurl from lighttpd, both of which are hosted on a virtual
network.
Issue #4697
Both modules were quite similar except the the name of the FIT image
(image.itb) and the mkimage command line. FIT images are now produced by
the following RUN_OPT.
RUN_OPT += --include image/uboot --image-uboot-fit
Issue #4693
By making the use of gzip's '--best' option configurable and disabling it
by default, this patch noticably reduces the built-test cycle from 15 to
10 seconds when integrating the Sculpt system image for the PinePhone.
Fixes#4693
With "grub2: update to newer grub2 2.06 version" a regression slipped in
which makes the ISO not bootable on real hardware. The commit reverts to
the previous behaviour, to load the GRUB2 modules after boot later one by
one in the ISO format case.
Fixes#4647
An installed lighttpd HTTP server can now optionally be started to serve
the boot image with the follow run options.
--load-ipxe-lighttpd run lighttpd automatically (default: off)
--load-ipxe-lighttpd-port <port> TCP port to run lighttpd on (default: 8080)
The updated Bender version is configurable regarding the mode in which to run
the Intel HWP plugin. This can now be controlled via the new run option
'--bender-intel-hwp-mode' (only when running on NOVA). The option knows 4 valid
values 'off', 'performance', 'balanced', and 'power_saving'. When running on
NOVA, the default value applied by the run tool is 'performance'. when running
on any other kernel, the default value of Bender ('off') is used. Therefore,
when not setting the new '--bender-intel-hwp-mode' flag, the behavior is the
same as before this commit.
Fixes#4224
This patch make the use of the result of the 'build_artifacts' function
as input for 'build_boot_image' more robust. Since 'build_artifacts'
obtains binary names from the progress.log, the names of core,
ld.lib.so, and the timer correspond to the kernel-specific names.
However, 'build_boot_image' expects the kernel-agnostic names as
arguments. Kernel-specific files need special treatment when integrated
in the boot image: the kernel-specific file is copied and renamed to the
kernel-agnostic name. Without this patch, the kernel-specific file is
copied as is (e.g., ld-nova.lib.so). So the name of the ROM module is
wrong. This patch resets the kernel-specific names to the generic names
so that the special-case handling comes into effect.
This patch adds special handling for lib/<libname> arguments to the
build system, which supersedes the former LIB=<libname> mechanism.
Whereas the old mechanism was limited to a single library, the new
convention allows multiple library arguments, similar to regular
targets. The change brings the two immediate benefits.
First, the streamlining of library and target arguments allows for the
building of libraries via the 'build' command of the run tool.
Second, it alleviates the need for pseudo target.mk files for building
shared libraries that have no direct dependencies, in particular VFS
plugins.
Since this change eases the explicit creation of shared libraries
from run scripts, we may reconsider the automatic implicit building
of shared libraries driven by targets. E.g., while developing a Qt
application, a run script could import the Qt libraries from the
depot and combine those with the developed (fresh built) target without
triggering the build of the Qt libraries in the build directory.
When issueing 'make' without arguments, all targets are built. This
patch applies this behavior to libraries as well, thereby removing the
need for the base/src/lib/target.mk pseudo target as used by the CI
tools to build all libraries.
Note that target.mk files located under src/lib/ are no longer
reachable. Therefore, all run scripts that used to trigger the
build of a shared library via a pseudo target must be adapted.
E.g., 'build lib/vfs/tap' must be replaced by 'build lib/vfs_tap'.
With this patch, the LIB=<libname> option is no longer supported.
Fixes#4599
Instead of having a generic "virt_qemu" board use "virt_qemu_<arch>" in
order to have a clean distinction between boards. Current supported
boards are "virt_qemu_arm_v7a", "virt_qemu_arm_v8a", and
"virt_qemu_riscv".
issue #4034
A userland component that ports the Linux WireGuard kernel module (originally
from kernel version 5.14.21) and integrates it via a NIC session (public
network side) and an Uplink session (private network side). The
WireGuard-specific device configuration is done through the component
configuration. The port is done using lx_emul, lx_kit and the virt_linux
targets. The commit adds also 4 corresponding run scripts of which 3 are fully
automated of which 1 is added to the autopilot.
:Warning:
Although in principal functioning, the WireGuard port has not been exposed to a
sufficient amount of real-world testing, so far. Therefore, we strongly
recommend not to use it in any security-critical scenarios! There is no
guarantee that the port meets any of the security goals pursued by the
WireGuard protocol or other WireGuard implementations!
Ref #4397
Normally, the APIs listed in 'used_apis' files do not carry a version
but implictly refer to the current version. This patch allows for
specifiying an concrete version. This is a useful feature in the context
of the Goa tool.
By replacing the formerly hard-coded $(GENODE_DIR)/tool/depot/ by the
variable DEPOT_TOOL_DIR, the depot tools can be hosted outside the
Genode source tree, i.e., as part of the Goa tool.
Some devices do not answer connection attempts timely, which leads
amtterm to time out (after 60s). Using multiple attempts in 500 ms
intervals results in timely connection and complete boot logs.
Issue #4429