diff --git a/.circleci/config.yml b/.circleci/config.yml index d0bff577..303e1121 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -45,6 +45,7 @@ jobs: docker: - image: debian:11 resource_class: large + working_directory: ~/heads steps: - run: name: Install dependencies @@ -53,7 +54,6 @@ jobs: apt update apt install -y build-essential zlib1g-dev uuid-dev libdigest-sha-perl libelf-dev bc bzip2 bison flex git gnupg gawk iasl m4 nasm patch python python2 python3 wget gnat cpio ccache pkg-config cmake libusb-1.0-0-dev autoconf texinfo ncurses-dev doxygen graphviz udev libudev1 libudev-dev automake libtool rsync innoextract sudo imagemagick libncurses5-dev - checkout - - run: name: git reset command: | @@ -120,6 +120,7 @@ jobs: docker: - image: debian:11 resource_class: large + working_directory: ~/heads parameters: arch: type: string @@ -138,15 +139,16 @@ jobs: - persist_to_workspace: root: ~/ paths: - - project/packages/<> - - project/build/<> - - project/crossgcc/<> - - project/install/<> + - heads/packages/<> + - heads/build/<> + - heads/crossgcc/<> + - heads/install/<> build: docker: - image: debian:11 resource_class: large + working_directory: ~/heads parameters: arch: type: string @@ -167,6 +169,7 @@ jobs: docker: - image: debian:11 resource_class: large + working_directory: ~/heads steps: - attach_workspace: at: ~/ @@ -236,13 +239,12 @@ workflows: # since kernel is 6.x and coreboot is git is unshared # We use nitropad's coreboot's fork crossgcc # No need to wait further for other board's cache. - # We reuse built modules from x230-hotp-maximized cache only - build_and_persist: name: nitropad-nv41 target: nitropad-nv41 subcommand: "" requires: - - x230-hotp-maximized + - prep_env # coreboot-git Talos II (PPC) - build_and_persist: @@ -527,3 +529,4 @@ workflows: # path: build/UNMAINTAINED_qemu-linuxboot/linuxboot.rom # - store-artifacts: # path: build/UNMAINTAINED_qemu-linuxboot/hashes.txt + diff --git a/modules/tpm2-tools b/modules/tpm2-tools index 98711195..7407dae0 100644 --- a/modules/tpm2-tools +++ b/modules/tpm2-tools @@ -18,7 +18,18 @@ tpm2-tools_url := https://github.com/tpm2-software/tpm2-tools/releases/download/ tpm2-tools_hash := c0b402f6a7b3456e8eb2445211e2d41c46c7e769e05fe4d8909ff64119f7a630 # we have ESYS 3.0, but it doesn't figure that out on its own -tpm2-tools_configure := ./bootstrap && ./configure \ +tpm2-tools_configure := \ + ./bootstrap \ + && sed -i 's/hardcode_direct=yes/hardcode_direct=no/g' configure \ + && sed -i 's/hardcode_libdir_flag_spec=.*/hardcode_libdir_flag_spec=" "/' configure \ + && sed -i 's/hardcode_minus_L=yes/hardcode_minus_L=no/g' configure \ + && sed -i 's/hardcode_automatic=yes/hardcode_automatic=no/g' configure \ + && sed -i 's/hardcode_runpath_var=yes/hardcode_runpath_var=no/g' configure \ + && sed -i 's/hardcode_into_libs=yes/hardcode_into_libs=no/g' configure \ + && sed -i 's/hardcode_direct_absolute=yes/hardcode_direct_absolute=no/g' configure \ + && sed -i 's/inherit_rpath=yes/inherit_rpath=no/g' configure \ + && sed -i "s/VERSION='.*'/VERSION='reproducible_build'/g" configure \ + && ./configure \ $(CROSS_TOOLS) \ --host $(MUSL_ARCH)-elf-linux \ --prefix "/" \ diff --git a/modules/tpm2-tss b/modules/tpm2-tss index 0fad79ef..eb5af1b4 100644 --- a/modules/tpm2-tss +++ b/modules/tpm2-tss @@ -8,6 +8,20 @@ tpm2-tss_url := https://github.com/tpm2-software/tpm2-tss/releases/download/$(tp tpm2-tss_hash := 48305e4144dcf6d10f3b25b7bccf0189fd2d1186feafd8cd68c6b17ecf0d7912 tpm2-tss_configure := aclocal && automake --add-missing && autoreconf -fi \ + && sed -i 's/hardcode_direct=yes/hardcode_direct=no/g' configure \ + && sed -i 's/hardcode_libdir_flag_spec=.*/hardcode_libdir_flag_spec=" "/' configure \ + && sed -i 's/hardcode_minus_L=yes/hardcode_minus_L=no/g' configure \ + && sed -i 's/hardcode_direct_absolute=yes/hardcode_direct_absolute=no/g' configure \ + && sed -i 's/hardcode_into_libs=yes/hardcode_into_libs=no/g' configure \ + && sed -i 's/hardcode_libdir_flag_spec_CXX=.*/hardcode_libdir_flag_spec_CXX=" "/' configure \ + && sed -i 's/hardcode_automatic=yes/hardcode_automatic=no/g' configure \ + && sed -i 's/hardcode_runpath_var=yes/hardcode_runpath_var=no/g' configure \ + && sed -i 's/hardcode_direct_CXX=yes/hardcode_direct_CXX=no/g' configure \ + && sed -i 's/hardcode_direct_absolute_CXX=yes/hardcode_direct_absolute_CXX=no/g' configure \ + && sed -i 's/hardcode_minus_L_CXX=yes/hardcode_minus_L_CXX=no/g' configure \ + && sed -i 's/hardcode_automatic_CXX=yes/hardcode_automatic_CXX=no/g' configure \ + && sed -i 's/inherit_rpath=yes/inherit_rpath=no/g' configure \ + && sed -i 's/inherit_rpath_CXX=yes/inherit_rpath_CXX=no/g' configure \ && ./configure \ $(CROSS_TOOLS) \ --host $(MUSL_ARCH)-elf-linux \ diff --git a/patches/openssl-3.0.8.patch b/patches/openssl-3.0.8.patch new file mode 100644 index 00000000..db4e79e4 --- /dev/null +++ b/patches/openssl-3.0.8.patch @@ -0,0 +1,35 @@ +--- ./util/mkbuildinf.pl.orig 2023-02-07 08:43:33.000000000 -0500 ++++ ./util/mkbuildinf.pl 2024-03-27 14:36:49.974651246 -0400 +@@ -12,7 +12,7 @@ + my ($cflags, $platform) = @ARGV; + $cflags = "compiler: $cflags"; + +-my $date = gmtime($ENV{'SOURCE_DATE_EPOCH'} || time()) . " UTC"; ++my $date = gmtime($ENV{'SOURCE_DATE_EPOCH'} || '0') . " UTC"; + + print <<"END_OUTPUT"; + /* +@@ -36,21 +36,7 @@ + * literal + */ + static const char compiler_flags[] = { +-END_OUTPUT +- +-my $ctr = 0; +-foreach my $c (split //, $cflags) { +- $c =~ s|([\\'])|\\$1|; +- # Max 16 characters per line +- if (($ctr++ % 16) == 0) { +- if ($ctr != 1) { +- print "\n"; +- } +- print " "; +- } +- print "'$c',"; +-} +-print <<"END_OUTPUT"; +-'\\0' ++ 'r','e','p','r','o','d','u','c','i','b','l','e',' ','b','u','i', ++ 'l','d','\\0' + }; + END_OUTPUT