The patch supports both, a download-specific UNZIP_OPT(download) and a
general UNZIP_OPT that can be defined across downloads.
UNZIP_OPT(download) overrides UNZIP_OPT.
Note, the `--strip-components=1` argument is not required for unzip.
Issue #1357
tool/ports/shortcut
create symbolic link from 'contrib/<port-name>-<hash>' to
contrib/<port-name>
tool/ports/current
print current contrib directory of port
Fixes#1345.
When building Genode for VEA9X4 as micro-hypervisor protected by the ARM
TrustZone hardware we ran into limitations regarding our basic daily
testing routines. The most significant is that, when speaking about RAM
partitioning, the only available options are to configure the whole SRAM
to be secure and the whole DDR-RAM to be non-secure or vice versa. The
SRAM however provides only 32 MB which isn't enough for both a
representative non-secure guest OS or a secure Genode that is still
capable of passing our basic tests. This initiated our decision to
remove the VEA9X4 TrustZone-support.
Fixes#1351
Some downloads are available via HTTPS only, but wget < 3.14 does not
support server-name identification, which is used by some sites. So, we
disable certificate checking in wget and check the validity of the
download via SIG or SHA.
Fixes#1334.
Due to commit "run: relax IP power plug recognition + serial EOF",
when piping the serial command through 'tr', some characters might
get buffered, thereby preventing some run scripts to finish correctly.
This commit removes the 'tr' hack. Instead, to circumvent the 'expect'
problem, which kills under special conditions spawned childs used to
obtain serial line content, whenever EOF of the serial command is
recognized during the boot phase, the child process gets re-spawned.
* To communicate with IP power plug devices from Koukaam, to remote
control power supply of test boards, don't parse minor versions, but
support different IP power plugs
* TCL's expect may report an EOF when reading from the spawned serial
terminal, especially when using 'socat' to stream serial over TCP/IP,
although the spawned child is still running and delivering content.
This problem is clearly not dependent on the characters send, but
possibly due to strange pipe signals. When piping the serial output
through 'tr' the problem vanishs.
The older SOAP EOI protocol is not supported with AMT version 9+. By default
the wsman tool will be used if installed.
RUN_OPT examples to enforce amtool or wsman:
--target amt --amt-tool wsman
--target amt --amt-tool amttool
Fixes#1251
Until now, the rumpkernel based tools were installed with all symbols
included. This accounts for about 200MiB used space on 64Bit system.
Stripping the binaries prior to installation brings the space
requirements down to 20MiB.
Fixes#1245.
The clean rule is used to delete already built binaries as well as to
clean-up any left-overs from previous build attempts. If there was
no previous attempt just return true to prevent make from complaining.
Fixes#1245.
This provides bootable disk images for x86 platforms via
! RUN_OPT="--target disk"
The resulting disk image contains one ext2 partition with binaries from
the GRUB2 boot loader and the run scenario. The default disk size fits
all binaries, but is configurable via
! --disk-size <size in MiB>
in RUN_OPT.
The feature depends on an grub2-head.img, which is part of the commit,
but may also be generated by executing tool/create_grub2. The script
generates a disk image prepared for one partition, which contains files
for GRUB2. All image preparation steps that need superuser privileges
are conducted by this script.
The final step of writing the entire image to a disk must be executed
later by
sudo dd if=<image file> of=<device> bs=8M conv=fsync
Fixes#1203.
The build config for core is now provided through libraries to enable
implicit config composition through specifiers and thereby avoid
consideration of inappropriate targets.
fix#1199
Until now, the HW platform support for the TrustZone features of the
i.MX53 boards could only be used, when adding a "trustzone" SPEC variable
manually. This commit adds a create_builddir target for HW i.MX53 with
TrustZone features enabled, fo convenience reasons.
- Log elapsed time per test in summary
- Command-line switch `--time-stamp` prefixes log output lines with
current time stamp (requires ts utility from Debian package _moreutils_)
Fixes#1156.
By adding: "--target jtag \
--jtag-debugger <debugger configuration> \
--jtag-board <board configuration>" to the RUN_OPTs
this commits enables the run-tool to load and execute an ELF image
via JTAG to the target platform.
Fixes#1191
Using 'upvar' instead of 'global' in the 'append_if' and 'lappend_if'
functions makes it possible to use these functions with local variables
of the calling function.
Fixes#1137.
The rumpkernel based tools are intended to be used by executing
'tool/rump'. Since it covers the most common use cases for these
tools, this script is comparatively extensive, hence giving a short
tutorial seems reasonable:
* Format a disk image with Ext2:
To format a disk image with the Ext2 file system, first prepare the
actual image by executing dd:
! dd if=/dev/zero of=/path/to/disk_image bs=1M count=128
Second, use 'tool/rump' to format the disk image:
! rump -f -F ext2fs /path/to/disk_image
Afterwards the just created file system may be populated with the
content of another directory by executing
! rump -F ext2fs -p /path/to/another_dir /path/to/disk_image
The content of the file system image can be listed by executing
! rump -F ext2fs -l /path/to/disk_image
* Create a encrypted disk image:
Creating a cryptographic disk image based on cgd(4) is done by
executing the following command:
! rump -c /path/to/disk_image
This will generate a key that may be used to decrypt the image
later on. Since this command will _only_ generate a key and NOT
initialize the disk image, it is highly advised to prepare the disk
image by using '/dev/urandom' instead of '/dev/zero' (only new blocks
that will be written to the disk image are encrypted). In addition
while generating the key a temporary configuration file will be
created. Although this file has proper permissions, it may leak the
generated key if it is created on persistent storage. To specify a more
secure directory the '-t' option should be used:
! rump -c -t /path/to/secure/directory /path/to/disk_image
Decrypting the disk image requires the key generated in the previous
step:
! rump -c -k <key> /path/to/disk_image
For now this key has to specified as command line argument. This is
an issue if the shell, which is used, is maintaing a history of
executed commands.
For completness sake let us put all examples together by creating a
encrypted Ext2 image that will contain all files of Genode's _demo_
scenario:
! dd if=/dev/urandom of=/tmp/demo.img bs=1M count=16
! $(GENODE_DIR)/tool/rump -c -t /ramfs -F ext2fs /tmp/demo.img > \
! /ramfs/key # key is printed out to stdout
! $(GENODE_DIR)/tool/rump -c -t /ramfs -F ext2fs -k <key> \
! -p $(BUILD_DIR)/var/run/demo /tmp/demo.img
To check if the image was populated succesfully, execute the
following:
! $(GENODE_DIR)/tool/rump -c -t /ramfs -F ext2fs -k <key> -l \
! /tmp/demo.img
The rumpkernel tools are used within the Genode OS Framework tool chain
for preparing and populating disk images as well as creating cgd(4)
based cryptographic disk devices.
Execute 'tool/tool_chain_rump build' to build the tools and afterwards
'tool/tool_chain_rump install' to install the binaries. The default
install location is _/usr/local/genode-rump_.
The new 'select_from_ports' function allows a target description file to
query the path to an installed port. All ports are stored in a central
location specified as CONTRIB_DIR. By default, CONTRIB_DIR is defined
as '<genode-dir>/contrib'. Ports of 3rd-party source code are managed
using the tools at '<genode-dir>/tool/ports/'.
Issue #1082