# Need to set CB_OUTPUT_FILE before board .config included so # that target overrides in x230/x430-flash (eg) are properly handled GIT_HASH := $(shell git rev-parse HEAD) GIT_STATUS := $(shell \ if git diff --exit-code >/dev/null ; then \ echo clean ; \ else \ echo dirty ; \ fi) HEADS_GIT_VERSION := $(shell git describe --abbrev=7 --tags --dirty) # Override BRAND_NAME to set the name displayed in the UI, filenames, versions, etc. BRAND_NAME ?= Heads all: -include .config modules-y := pwd := $(shell pwd) config := $(pwd)/config # These are dynamic, must not expand right here build = $(pwd)/build/$(CONFIG_TARGET_ARCH) packages = $(pwd)/packages/$(CONFIG_TARGET_ARCH) INSTALL = $(pwd)/install/$(CONFIG_TARGET_ARCH) log_dir = $(build)/log board_build = $(build)/$(BOARD) # Estimated memory required per job in GB (e.g., 1GB for gcc) MEM_PER_JOB_GB ?= 1 # Controls how many parallel jobs are invoked in subshells CPUS ?= $(shell nproc) AVAILABLE_MEM_GB ?= $(shell cat /proc/meminfo | grep MemAvailable | awk '{print int($$2 / 1024)}') # Calculate the maximum number of jobs based on available memory MAX_JOBS_MEM := $(shell echo $$(( $(AVAILABLE_MEM_GB) / $(MEM_PER_JOB_GB) ))) # Use the minimum of the system's CPUs and the calculated max jobs based on memory CPUS := $(shell echo $$(($(CPUS) < $(MAX_JOBS_MEM) ? $(CPUS) : $(MAX_JOBS_MEM)))) # Load average can be adjusted to be higher than CPUS to allow for some CPU overcommit # Multiply by 3 and then divide by 2 to achieve the effect of multiplying by 1.5 using integer arithmetic LOADAVG ?= $(shell echo $$(( ($(CPUS) * 3) / 2 ))) # Construct MAKE_JOBS with dynamic CPU count and load average MAKE_JOBS := -j$(CPUS) --load-average=$(LOADAVG) # Add other flags as needed to be more adaptive to CIs # Print out the settings and compare system values with actual ones used $(info ----------------------------------------------------------------------) $(info !!!!!! BUILD SYSTEM INFO !!!!!!) $(info System CPUS: $(shell nproc)) $(info System Available Memory: $(AVAILABLE_MEM_GB) GB) $(info System Load Average: $(shell uptime | awk '{print $$10}')) $(info ----------------------------------------------------------------------) $(info Used **CPUS**: $(CPUS)) $(info Used **LOADAVG**: $(LOADAVG)) $(info Used **AVAILABLE_MEM_GB**: $(AVAILABLE_MEM_GB) GB) $(info ----------------------------------------------------------------------) $(info **MAKE_JOBS**: $(MAKE_JOBS)) $(info ) $(info Variables available for override (use 'make VAR_NAME=value'):) $(info **CPUS** (default: number of processors, e.g., 'make CPUS=4')) $(info **LOADAVG** (default: 1.5 times CPUS, e.g., 'make LOADAVG=54')) $(info **AVAILABLE_MEM_GB** (default: memory available on the system in GB, e.g., 'make AVAILABLE_MEM_GB=4')) $(info **MEM_PER_JOB_GB** (default: 1GB per job, e.g., 'make MEM_PER_JOB_GB=2')) $(info ----------------------------------------------------------------------) $(info !!!!!! Build starts !!!!!!) # Timestamps should be in ISO format DATE=`date --rfc-3339=seconds` BOARD ?= qemu-coreboot-fbwhiptail-tpm1 CONFIG := $(pwd)/boards/$(BOARD)/$(BOARD).config ifneq "y" "$(shell [ -r '$(CONFIG)' ] && echo y)" $(error $(CONFIG): board configuration does not exist) endif # By default, we are building for x86, up to a board to change this variable CONFIG_TARGET_ARCH := x86 # Legacy flash boards have to be handled specifically for some functionality # (e.g. they don't generate upgrade packages, lack bash, etc.) Use this to # guard behavior that is specific to legacy flash boards only. Don't use it for # behavior that might be needed for other boards, use specific configs instead. CONFIG_LEGACY_FLASH := n include $(CONFIG) # Include site-local/config only if it exists, downstreams can set configs for # all boards, including overriding values specified by boards. site-local is # not a part of the upstream distribution but is for downstreams to insert # customizations at well-defined points, like in coreboot: # https://doc.coreboot.org/tutorial/managing_local_additions.html -include $(pwd)/site-local/config CB_OUTPUT_BASENAME := $(shell echo $(BRAND_NAME) | tr A-Z a-z)-$(BOARD)-$(HEADS_GIT_VERSION) CB_OUTPUT_FILE := $(CB_OUTPUT_BASENAME).rom CB_OUTPUT_FILE_GPG_INJ := $(CB_OUTPUT_BASENAME)-gpg-injected.rom CB_BOOTBLOCK_FILE := $(CB_OUTPUT_BASENAME).bootblock CB_UPDATE_PKG_FILE := $(CB_OUTPUT_BASENAME).zip LB_OUTPUT_FILE := linuxboot-$(BOARD)-$(HEADS_GIT_VERSION).rom # Unless otherwise specified, we are building for heads CONFIG_HEADS ?= y # Unless otherwise specified, we are building bash to have non-interactive shell for scripts (arrays and bashisms) CONFIG_BASH ?= y # USB keyboards can be ignored, optionally supported, or required. # # To optionally support USB keyboards, export CONFIG_SUPPORT_USB_KEYBOARD=y. To # default the setting to 'on', also export CONFIG_USER_USB_KEYBOARD=y. # # To require USB keyboard support (not user-configurable, for boards with no # built-in keyboard), export CONFIG_USB_KEYBOARD_REQUIRED=y. ifeq "$(CONFIG_USB_KEYBOARD_REQUIRED)" "y" # CONFIG_USB_KEYBOARD_REQUIRED implies CONFIG_SUPPORT_USB_KEYBOARD. export CONFIG_SUPPORT_USB_KEYBOARD=y endif # Determine arch part for a host triplet ifeq "$(CONFIG_TARGET_ARCH)" "x86" MUSL_ARCH := x86_64 else ifeq "$(CONFIG_TARGET_ARCH)" "ppc64" MUSL_ARCH := powerpc64le else $(error "Unexpected value of $$(CONFIG_TARGET_ARCH): $(CONFIG_TARGET_ARCH)") endif ifneq "$(BOARD_TARGETS)" "" include $(foreach TARGET,$(BOARD_TARGETS),targets/$(TARGET).mk) endif # Create directories if they don't already exist BUILD_LOG := $(shell mkdir -p "$(log_dir)") PACKAGES := $(shell mkdir -p "$(packages)") # record the build date / git hashes and other files here HASHES := $(board_build)/hashes.txt SIZES := $(board_build)/sizes.txt # Create the board output directory if it doesn't already exist BOARD_LOG := $(shell \ mkdir -p "$(board_build)" ; \ echo "$(DATE) $(GIT_HASH) $(GIT_STATUS)" > "$(HASHES)" ; \ echo "$(DATE) $(GIT_HASH) $(GIT_STATUS)" > "$(SIZES)" ; \ ) ifeq "y" "$(CONFIG_LINUX_BUNDLED)" # Create empty initrd for initial kernel "without" initrd. $(shell cpio -o < /dev/null > $(board_build)/initrd.cpio) endif # If V is set in the environment, do not redirect the tee # command to /dev/null. ifeq "$V" "" VERBOSE_REDIRECT := > /dev/null # Not verbose, so we only show the header define do = @echo "$(DATE) $1 $(2:$(pwd)/%=%)" @$3 endef else # Verbose, so we display what we are doing define do = @echo "$(DATE) $1 $(2:$(pwd)/%=%)" $3 endef endif # Create a temporary directory for the initrd initrd_dir := $(BOARD) initrd_tmp_dir := $(shell mktemp -d) initrd_lib_dir := $(initrd_tmp_dir)/lib initrd_bin_dir := $(initrd_tmp_dir)/bin modules-y += initrd $(shell mkdir -p "$(initrd_lib_dir)" "$(initrd_bin_dir)") # We are running our own version of make, # proceed with the build. # Force pipelines to fail if any of the commands in the pipe fail SHELL := /usr/bin/env bash .SHELLFLAGS := -o pipefail -c # Include the musl-cross module early so that $(CROSS) will # be defined prior to any other module. include modules/musl-cross musl_dep := musl-cross target := $(shell echo $(CROSS) | grep -Eoe '([^/]*?)-linux-musl') arch := $(subst -linux-musl, , $(target)) heads_cc := $(CROSS)gcc \ -fdebug-prefix-map=$(pwd)=heads \ -gno-record-gcc-switches \ -D__MUSL__ \ --sysroot $(INSTALL) \ -isystem $(INSTALL)/include \ -L$(INSTALL)/lib \ # Cross-compiling with pkg-config requires clearing PKG_CONFIG_PATH and setting # both PKG_CONFIG_LIBDIR and PKG_CONFIG_SYSROOT_DIR. # https://autotools.info/pkgconfig/cross-compiling.html CROSS_TOOLS_NOCC := \ AR="$(CROSS)ar" \ LD="$(CROSS)ld" \ STRIP="$(CROSS)strip" \ NM="$(CROSS)nm" \ OBJCOPY="$(CROSS)objcopy" \ OBJDUMP="$(CROSS)objdump" \ PKG_CONFIG_PATH= \ PKG_CONFIG_LIBDIR="$(INSTALL)/lib/pkgconfig" \ PKG_CONFIG_SYSROOT_DIR="$(INSTALL)" \ CROSS_TOOLS := \ CC="$(heads_cc)" \ $(CROSS_TOOLS_NOCC) \ # Targets to build payload only .PHONY: payload payload: $(build)/$(BOARD)/bzImage $(build)/$(initrd_dir)/initrd.cpio.xz ifeq ($(CONFIG_COREBOOT), y) # Legacy flash boards don't generate an update package, the only purpose of # those boards is to be flashed over vendor firmware via an exploit. ifneq ($(CONFIG_LEGACY_FLASH), y) # talos-2 builds its own update package, which is not integrated with the ZIP # method currently ifneq ($(BOARD), talos-2) # Coreboot targets create an update package that can be applied with integrity # verification before flashing (see flash-gui.sh). The ZIP package format # allows other metadata that might be needed to added in the future without # breaking backward compatibility. $(board_build)/$(CB_UPDATE_PKG_FILE): $(board_build)/$(CB_OUTPUT_FILE) rm -rf "$(board_build)/update_pkg" mkdir -p "$(board_build)/update_pkg" cp "$<" "$(board_build)/update_pkg/" cd "$(board_build)/update_pkg" && sha256sum "$(CB_OUTPUT_FILE)" >sha256sum.txt cd "$(board_build)/update_pkg" && zip -9 "$@" "$(CB_OUTPUT_FILE)" sha256sum.txt all: $(board_build)/$(CB_OUTPUT_FILE) $(board_build)/$(CB_UPDATE_PKG_FILE) endif endif ifneq ($(CONFIG_COREBOOT_BOOTBLOCK),) all: $(board_build)/$(CB_BOOTBLOCK_FILE) endif else ifeq ($(CONFIG_LINUXBOOT), y) all: $(board_build)/$(LB_OUTPUT_FILE) else $(error "$(BOARD): neither CONFIG_COREBOOT nor CONFIG_LINUXBOOT is set?") endif all payload: @sha256sum $< | tee -a "$(HASHES)" @stat -c "%8s:%n" $< | tee -a "$(SIZES)" # Disable all built in rules .INTERMEDIATE: .SUFFIXES: FORCE: # Copies config while replacing predefined placeholders with actual values define install_config = sed -e 's!@BOARD_BUILD_DIR@!$(board_build)!g' \ -e 's!@BLOB_DIR@!$(pwd)/blobs!g' \ -e 's!@BRAND_DIR@!$(pwd)/branding/$(BRAND_NAME)!g' \ -e 's!@BRAND_NAME@!$(BRAND_NAME)!g' \ "$1" > "$2" endef # Make helpers to operate on lists of things # Prefix is "smart" and doesn't add the prefix for absolute file paths define prefix = $(foreach _, $2, $(if $(patsubst /%,,$_),$1$_,$_)) endef define map = $(foreach _,$2,$(eval $(call $1,$_))) endef # Bring in all of the module definitions; # these are the external pieces that will be downloaded and built # as part of creating the Heads firmware image. include modules/* define bins = $(foreach m,$1,$(call prefix,$(build)/$($m_dir)/,$($m_output))) endef define libs = $(foreach m,$1,$(call prefix,$(build)/$($m_dir)/,$($m_libraries))) endef define outputs = $(foreach m,$1,\ $(call bins,$m)\ $(call libs,$m)\ ) endef # # Build a cpio from a directory # define do-cpio = $(call do,CPIO ,$1,\ ( cd "$2"; \ find . \ | cpio \ --quiet \ -H newc \ -o \ ) \ | ./bin/cpio-clean \ > "$1.tmp" \ ) @if ! cmp --quiet "$1.tmp" "$1" ; then \ mv "$1.tmp" "$1" ; \ else \ echo "$(DATE) UNCHANGED $(1:$(pwd)/%=%)" ; \ rm "$1.tmp" ; \ fi @sha256sum "$1" | tee -a "$(HASHES)" @stat -c "%8s:%n" "$1" | tee -a "$(SIZES)" $(call do,HASHES , $1,\ ( cd "$2"; \ echo "-----" ; \ find . -type f -print0 \ | xargs -0 sha256sum ; \ echo "-----" ; \ ) >> "$(HASHES)" \ ) $(call do,SIZES , $1,\ ( cd "$2"; \ echo "-----" ; \ find . -type f -print0 \ | xargs -0 stat -c "%8s:%n" ; \ echo "-----" ; \ ) >> "$(SIZES)" \ ) endef define do-copy = $(call do,INSTALL ,$1 => $2,\ if cmp --quiet "$1" "$2" ; then \ echo "$(DATE) UNCHANGED $(1:$(pwd)/%=%)" ; \ fi ; \ cp -a --remove-destination "$1" "$2" ; \ ) @sha256sum "$(2:$(pwd)/%=%)" @stat -c "%8s:%n" "$(2:$(pwd)/%=%)" endef # # Generate the targets for a module. # # Special variables like $@ must be written as $$@ to avoid # expansion during the first evaluation. # define define_module = # if they have not defined a separate base dir, define it # as the same as their build dir. $(eval $1_base_dir = $(or $($1_base_dir),$($1_dir))) # Dynamically defined modules must tell us what module file defined them $(eval $1_module_file = $(or $($1_module_file),$1)) ifneq ("$($1_repo)","") $(eval $1_patch_name = $1$(if $($1_patch_version),-$($1_patch_version),)) # First time: # Checkout the tree instead and create the canary file with repo and # revision so that we know that the files are all present and their # version. # # Other times: # If .canary contains the same repo and revision combination, do nothing. # Otherwise, pull a new revision and checkout with update of submodules # # No signature hashes are checked in this case, since we don't have a # stable version to compare against. # # XXX: "git clean -dffx" is a hack for coreboot during commit switching, need # module-specific cleanup action to get rid of it. $(build)/$($1_base_dir)/.canary: FORCE if [ ! -e "$$@" ]; then \ git clone $($1_repo) "$(build)/$($1_base_dir)"; \ git -C "$(build)/$($1_base_dir)" reset --hard $($1_commit_hash) && git submodule update --init --checkout; \ echo -n '$($1_repo)|$($1_commit_hash)' > "$$@"; \ elif [ "$$$$(cat "$$@")" != '$($1_repo)|$($1_commit_hash)' ]; then \ echo "Switching $1 to $($1_repo) at $($1_commit_hash)" && \ git -C "$(build)/$($1_base_dir)" reset --hard HEAD^ && \ echo "git fetch $($1_repo) $($1_commit_hash) --recurse-submodules=no" && \ git -C "$(build)/$($1_base_dir)" fetch $($1_repo) $($1_commit_hash) --recurse-submodules=no && \ echo "git reset --hard $($1_commit_hash)" && \ git -C "$(build)/$($1_base_dir)" reset --hard $($1_commit_hash) && \ echo "git clean" && \ git -C "$(build)/$($1_base_dir)" clean -df && \ git -C "$(build)/$($1_base_dir)" clean -dffx payloads util/cbmem && \ echo "git submodule sync" && \ git -C "$(build)/$($1_base_dir)" submodule sync && \ echo "git submodule update" && \ git -C "$(build)/$($1_base_dir)" submodule update --init --checkout && \ echo -n '$($1_repo)|$($1_commit_hash)' > "$$@"; \ fi if [ ! -e "$(build)/$($1_base_dir)/.patched" ]; then \ if [ -r patches/$($1_patch_name).patch ]; then \ ( git apply --verbose --reject --binary --directory build/$(CONFIG_TARGET_ARCH)/$($1_base_dir) ) \ < patches/$($1_patch_name).patch \ || exit 1 ; \ fi && \ if [ -d patches/$($1_patch_name) ] && \ [ -r patches/$($1_patch_name) ] ; then \ for patch in patches/$($1_patch_name)/*.patch ; do \ echo "Applying patch file : $$$$patch " ; \ ( git apply --verbose --reject --binary --directory build/$(CONFIG_TARGET_ARCH)/$($1_base_dir) ) \ < $$$$patch \ || exit 1 ; \ done ; \ fi && \ touch "$(build)/$($1_base_dir)/.patched"; \ fi else # Versioned modules (each version a separate module) don't need to include # the version a second time. (The '-' separator is also omitted then.) # $1_patch_version can still be defined manually. $(eval $1_patch_version ?= $(if $(filter %-$($1_version),$1),,$($1_version))) $(eval $1_patch_name = $1$(if $($1_patch_version),-,)$($1_patch_version)) # Fetch and verify the source tar file # wget creates it early, so we have to cleanup if it fails $(packages)/$($1_tar): $(call do,WGET,$($1_url),\ WGET="$(WGET)" bin/fetch_source_archive.sh "$($1_url)" "$$@" "$($1_hash)" ) # Target to fetch all packages, for seeding mirrors packages: $(packages)/$($1_tar) # Unpack the tar file and touch the canary so that we know # that the files are all present $(build)/$($1_base_dir)/.canary: $(packages)/$($1_tar) mkdir -p "$$(dir $$@)" tar -xf "$(packages)/$($1_tar)" $(or $($1_tar_opt),--strip 1) -C "$$(dir $$@)" if [ -r patches/$($1_patch_name).patch ]; then \ ( git apply --verbose --reject --binary --directory build/$(CONFIG_TARGET_ARCH)/$($1_base_dir) ) \ < patches/$($1_patch_name).patch \ || exit 1 ; \ fi if [ -d patches/$($1_patch_name) ] && \ [ -r patches/$($1_patch_name) ] ; then \ for patch in patches/$($1_patch_name)/*.patch ; do \ echo "Applying patch file : $$$$patch " ; \ ( git apply --verbose --reject --binary --directory build/$(CONFIG_TARGET_ARCH)/$($1_base_dir) ) \ < $$$$patch \ || exit 1 ; \ done ; \ fi @touch "$$@" endif # Allow the module to override the destination configuration file # via a relative path. Linux uses this to have a per-board build. $(eval $1_config_file_path := $(build)/$($1_dir)/$(or $($1_config_file),.config)) ifeq "$($1_config)" "" # There is no official .config file $($1_config_file_path): $(build)/$($1_base_dir)/.canary @mkdir -p $$(dir $$@) @touch "$$@" else # Copy the stored config file into the unpacked directory $($1_config_file_path): $($1_config) $(build)/$($1_base_dir)/.canary @mkdir -p $$(dir $$@) $(call do-copy,$($1_config),$$@) endif # The first time we have to wait for all the dependencies to be built # before we can configure the target. Once the dep has been built, # we only depend on it for a rebuild. $(eval $1_config_wait := $(foreach d,$($1_depends),\ $(shell [ -r $(build)/$($d_dir)/.build ] || echo $d))) # Use the module's configure variable to build itself # this has to wait for the dependencies to be built since # cross compilers and libraries might be messed up $(dir $($1_config_file_path)).configured: \ $(build)/$($1_base_dir)/.canary \ $(foreach d,$($1_config_wait),$(build)/$($d_dir)/.build) \ $($1_config_file_path) \ modules/$($1_module_file) @echo "$(DATE) CONFIG $1" @( \ cd "$(build)/$($1_dir)" ; \ echo "$($1_configure)"; \ $($1_configure) \ ) \ < /dev/null \ 2>&1 \ | tee "$(log_dir)/$1.configure.log" \ $(VERBOSE_REDIRECT) @touch "$$@" # Short hand for our module build target $1: \ $(build)/$($1_dir)/.build \ $(call outputs,$1) \ # Target for all of the outputs, which depend on their dependent modules # being built, as well as this module being configured $(call outputs,$1): $(build)/$($1_dir)/.build # If any of the outputs are missing, we should force a rebuild # of the entire module $(eval $1.force = $(shell \ stat $(call outputs,$1) >/dev/null 2>/dev/null || echo FORCE \ )) $(build)/$($1_dir)/.build: $($1.force) \ $(foreach d,$($1_depends),$(build)/$($d_dir)/.build) \ $(dir $($1_config_file_path)).configured \ @echo "$(DATE) MAKE $1" +@( \ echo "$(MAKE) \ -C \"$(build)/$($1_dir)\" \ $($1_target)" ; \ $(MAKE) \ -C "$(build)/$($1_dir)" \ $($1_target) \ ) \ < /dev/null \ 2>&1 \ | tee "$(log_dir)/$1.log" \ $(VERBOSE_REDIRECT) \ || ( \ echo "tail $(log_dir)/$1.log"; \ echo "-----"; \ tail -20 "$(log_dir)/$1.log"; \ exit 1; \ ) $(call do,DONE,$1,\ touch $(build)/$($1_dir)/.build \ ) $1.clean: -$(RM) "$(build)/$($1_dir)/.configured" -$(MAKE) -C "$(build)/$($1_dir)" clean endef $(call map, define_module, $(modules-y)) # hack to force musl-cross to be built before musl #$(build)/$(musl_dir)/.configured: $(build)/$(musl-cross_dir)/../../crossgcc/x86_64-linux-musl/bin/x86_64-musl-linux-gcc # # Install a file into the initrd, if it changed from # the destination file. # define install = @-mkdir -p "$(dir $2)" $(call do,INSTALL,$2,cp -a --remove-destination "$1" "$2") endef # # Files that should be copied into the initrd # THis should probably be done in a more scalable manner # define initrd_bin_add = $(initrd_bin_dir)/$(notdir $1): $1 $(call do,INSTALL-BIN,$$(<:$(pwd)/%=%),cp -a --remove-destination "$$<" "$$@") @$(CROSS)strip --preserve-dates "$$@" 2>&-; true initrd_bins += $(initrd_bin_dir)/$(notdir $1) endef define initrd_lib_add = $(initrd_lib_dir)/$(notdir $1): $1 $(call do,INSTALL-LIB,$(1:$(pwd)/%=%),\ $(CROSS)strip --preserve-dates -o "$$@" "$$<") initrd_libs += $(initrd_lib_dir)/$(notdir $1) endef # Only some modules have binaries that we install # Shouldn't this be specified in the module file? #bin_modules-$(CONFIG_MUSL) += musl-cross bin_modules-$(CONFIG_KEXEC) += kexec bin_modules-$(CONFIG_TPMTOTP) += tpmtotp bin_modules-$(CONFIG_PCIUTILS) += pciutils bin_modules-$(CONFIG_FLASHROM) += flashrom bin_modules-$(CONFIG_CRYPTSETUP) += cryptsetup bin_modules-$(CONFIG_CRYPTSETUP2) += cryptsetup2 bin_modules-$(CONFIG_GPG) += gpg bin_modules-$(CONFIG_GPG2) += gpg2 bin_modules-$(CONFIG_PINENTRY) += pinentry bin_modules-$(CONFIG_LVM2) += lvm2 bin_modules-$(CONFIG_DROPBEAR) += dropbear bin_modules-$(CONFIG_FLASHTOOLS) += flashtools bin_modules-$(CONFIG_NEWT) += newt bin_modules-$(CONFIG_CAIRO) += cairo bin_modules-$(CONFIG_FBWHIPTAIL) += fbwhiptail bin_modules-$(CONFIG_HOTPKEY) += hotp-verification bin_modules-$(CONFIG_MSRTOOLS) += msrtools bin_modules-$(CONFIG_NKSTORECLI) += nkstorecli bin_modules-$(CONFIG_UTIL_LINUX) += util-linux bin_modules-$(CONFIG_OPENSSL) += openssl bin_modules-$(CONFIG_TPM2_TOOLS) += tpm2-tools bin_modules-$(CONFIG_BASH) += bash bin_modules-$(CONFIG_POWERPC_UTILS) += powerpc-utils bin_modules-$(CONFIG_IO386) += io386 bin_modules-$(CONFIG_IOPORT) += ioport bin_modules-$(CONFIG_KBD) += kbd bin_modules-$(CONFIG_ZSTD) += zstd bin_modules-$(CONFIG_E2FSPROGS) += e2fsprogs bin_modules-$(CONFIG_EXFATPROGS) += exfatprogs bin_modules-$(CONFIG_IOTOOLS) += iotools $(foreach m, $(bin_modules-y), \ $(call map,initrd_bin_add,$(call bins,$m)) \ ) # Install the libraries for every module that we have built $(foreach m, $(modules-y), \ $(call map,initrd_lib_add,$(call libs,$m)) \ ) # # hack to build cbmem from coreboot # this must be built *AFTER* musl, but since coreboot depends on other things # that depend on musl it should be ok. # COREBOOT_UTIL_DIR=$(build)/$(coreboot_base_dir)/util ifeq ($(CONFIG_COREBOOT),y) $(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/cbmem/cbmem)) #$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/superiotool/superiotool)) #$(eval $(call initrd_bin_add,$(COREBOOT_UTIL_DIR)/inteltool/inteltool)) endif $(COREBOOT_UTIL_DIR)/cbmem/cbmem \ $(COREBOOT_UTIL_DIR)/superiotool/superiotool \ $(COREBOOT_UTIL_DIR)/inteltool/inteltool \ : $(build)/$(coreboot_base_dir)/.canary musl-cross +$(call do,MAKE,$(notdir $@),\ $(MAKE) -C "$(dir $@)" $(CROSS_TOOLS) \ ) # superio depends on zlib and pciutils $(COREBOOT_UTIL_DIR)/superiotool/superiotool: \ $(build)/$(zlib_dir)/.build \ $(build)/$(pciutils_dir)/.build \ # # initrd image creation # # The initrd is constructed from various bits and pieces # The cpio-clean program is used ensure that the files # always have the same timestamp and appear in the same order. # # The blobs/dev.cpio is also included in the Linux kernel # and has a reproducible version of /dev/console. # # The xz parameters are copied from the Linux kernel build scripts. # Without them the kernel will not decompress the initrd. # # The padding is to ensure that if anyone wants to cat another # file onto the initrd then the kernel will be able to find it. # initrd-y += $(pwd)/blobs/dev.cpio initrd-y += $(build)/$(initrd_dir)/modules.cpio initrd-y += $(build)/$(initrd_dir)/tools.cpio initrd-y += $(build)/$(initrd_dir)/board.cpio initrd-$(CONFIG_HEADS) += $(build)/$(initrd_dir)/heads.cpio #$(build)/$(initrd_dir)/.build: $(build)/$(initrd_dir)/initrd.cpio.xz $(build)/$(initrd_dir)/initrd.cpio.xz: $(initrd-y) $(call do,CPIO-XZ ,$@,\ $(pwd)/bin/cpio-clean \ $^ \ | xz \ --check=crc32 \ --lzma2=dict=1MiB \ -9 \ | dd bs=512 conv=sync status=none > "$@.tmp" \ ) @if ! cmp --quiet "$@.tmp" "$@" ; then \ mv "$@.tmp" "$@" ; \ else \ echo "$(DATE) UNCHANGED $(@:$(pwd)/%=%)" ; \ rm "$@.tmp" ; \ fi @sha256sum "$(@:$(pwd)/%=%)" | tee -a "$(HASHES)" @stat -c "%8s:%n" "$(@:$(pwd)/%=%)" | tee -a "$(SIZES)" # # At the moment PowerPC can only load initrd bundled with the kernel. # bundle-$(CONFIG_LINUX_BUNDLED) += $(board_build)/$(LINUX_IMAGE_FILE).bundled all: $(bundle-y) # The board.cpio is built from the board's initrd/ directory. It contains # board-specific support scripts. ifeq ($(wildcard $(pwd)/boards/$(BOARD)/initrd),) $(build)/$(initrd_dir)/board.cpio: cpio -H newc -o "$@" else $(build)/$(initrd_dir)/board.cpio: FORCE $(call do-cpio,$@,$(pwd)/boards/$(BOARD)/initrd) endif # # The heads.cpio is built from the initrd directory in the # Heads tree. # $(build)/$(initrd_dir)/heads.cpio: FORCE $(call do-cpio,$@,$(pwd)/initrd) # # The tools initrd is made from all of the things that we've # created during the submodule build. # $(build)/$(initrd_dir)/tools.cpio: \ $(initrd_bins) \ $(initrd_libs) \ $(initrd_tmp_dir)/etc/config \ $(call do-cpio,$@,$(initrd_tmp_dir)) @$(RM) -rf "$(initrd_tmp_dir)" $(initrd_tmp_dir)/etc/config: FORCE @mkdir -p $(dir $@) $(call do,INSTALL,$(CONFIG), \ export \ | grep ' CONFIG_' \ | sed -e 's/^declare -x /export /' \ -e 's/\\\"//g' \ > $@ \ ) $(call do,HASH,$(GIT_HASH) $(GIT_STATUS) $(BOARD), \ echo export GIT_HASH=\'$(GIT_HASH)\' \ >> $@ ; \ echo export GIT_STATUS=$(GIT_STATUS) \ >> $@ ; \ echo export CONFIG_BOARD=$(BOARD) \ >> $@ ; \ echo export CONFIG_BRAND_NAME=$(BRAND_NAME) \ >> $@ ; \ ) # Ensure that the initrd depends on all of the modules that produce # binaries for it $(build)/$(initrd_dir)/tools.cpio: $(foreach d,$(bin_modules-y),$(build)/$($d_dir)/.build) # List of all modules, excluding the slow to-build modules modules-slow := musl musl-cross kernel_headers module_dirs := $(foreach m,$(filter-out $(modules-slow),$(modules-y)),$($m_dir)) echo_modules: echo $(module_dirs) modules.clean: for dir in $(module_dirs) \ ; do \ $(MAKE) -C "build/${CONFIG_TARGET_ARCH}/$$dir" clean ; \ rm -f "build/${CONFIG_TARGET_ARCH}/$$dir/.configured" ; \ done board.move_untested_to_tested: @echo "NEW_BOARD variable will remove UNTESTED_ prefix from $(BOARD)" @NEW_BOARD=$$(echo $(BOARD) | sed 's/^UNTESTED_//'); \ echo "Renaming boards/$$BOARD/$$BOARD.config to boards/$$BOARD/$$NEW_BOARD.config"; \ mv boards/$$BOARD/$$BOARD.config boards/$$BOARD/$$NEW_BOARD.config; \ echo "Renaming boards/$$BOARD to boards/$$NEW_BOARD"; \ rm -rf boards/$$NEW_BOARD; \ mv boards/$$BOARD boards/$$NEW_BOARD; \ echo "Replacing $$BOARD with $$NEW_BOARD in .circleci/config.yml"; \ sed -i "s/$$BOARD/$$NEW_BOARD/g" .circleci/config.yml board.move_untested_to_unmaintained: @echo "NEW_BOARD variable will move from UNTESTED_ to UNMAINTAINED_ from $(BOARD)" @NEW_BOARD=$$(echo $(BOARD) | sed 's/^UNTESTED_/UNMAINTAINED_/g'); \ echo "Renaming boards/$$BOARD/$$BOARD.config to boards/$$BOARD/$$NEW_BOARD.config"; \ mkdir -p unmaintained_boards; \ mv boards/$$BOARD/$$BOARD.config unmaintained_boards/$$BOARD/$$NEW_BOARD.config; \ echo "Renaming boards/$$BOARD to unmaintainted_boards/$$NEW_BOARD"; \ rm -rf boards/$$NEW_BOARD; \ mv boards/$$BOARD unmaintained_boards/$$NEW_BOARD; \ echo "Replacing $$BOARD with $$NEW_BOARD in .circleci/config.yml. Delete manually entries"; \ sed -i "s/$$BOARD/$$NEW_BOARD/g" .circleci/config.yml board.move_tested_to_untested: @echo "NEW_BOARD variable will add UNTESTED_ prefix to $(BOARD)" @NEW_BOARD=UNTESTED_$(BOARD); \ rm -rf boards/$${NEW_BOARD}; \ echo "Renaming boards/$(BOARD)/$(BOARD).config to boards/$(BOARD)/$${NEW_BOARD}.config"; \ mv boards/$(BOARD)/$(BOARD).config boards/$(BOARD)/$${NEW_BOARD}.config; \ echo "Renaming boards/$(BOARD) to boards/$${NEW_BOARD}"; \ mv boards/$(BOARD) boards/$${NEW_BOARD}; \ echo "Replacing $(BOARD) with $${NEW_BOARD} in .circleci/config.yml"; \ sed -i "s/$(BOARD)/$${NEW_BOARD}/g" .circleci/config.yml # Inject a GPG key into the image - this is most useful when testing in qemu, # since we can't reflash the firmware in qemu to update the keychain. Instead, # inject the public key ahead of time. Specify the location of the key with # PUBKEY_ASC. inject_gpg: $(board_build)/$(CB_OUTPUT_FILE_GPG_INJ) $(board_build)/$(CB_OUTPUT_BASENAME)-gpg-injected.rom: $(board_build)/$(CB_OUTPUT_FILE) cp "$(board_build)/$(CB_OUTPUT_FILE)" \ "$(board_build)/$(CB_OUTPUT_FILE_GPG_INJ)" ./bin/inject_gpg_key.sh --cbfstool "$(build)/$(coreboot_dir)/cbfstool" \ "$(board_build)/$(CB_OUTPUT_FILE_GPG_INJ)" "$(PUBKEY_ASC)" real.clean: for dir in \ $(module_dirs) \ $(kernel_headers) \ ; do \ if [ ! -z "$$dir" ]; then \ rm -rf "build/${CONFIG_TARGET_ARCH}/$$dir"; \ fi; \ done cd install && rm -rf -- * real.gitclean: #Use git ignore file as a base to wipe everything not in tree. Keeps coreboot forks downloaded since detected as git repos, wipes the rest. git clean -fxd real.gitclean_keep_packages: #Same as above but keep the packages downloaded to save bandwidth git clean -fxd -e "packages" real.remove_canary_files-extract_patch_rebuild_what_changed: #Another approach is to remove the "canary" files # This forces Heads to restart building a board config by checking packages integrity, extracting them, redoing patching on files and rebuilding what needs to be rebuilt # reinstalling what is needed under ./install as well which is what we normally want on a development cycle. #Limitations: if for whatever reason, a patch creates a file in an extracted package dir, this approach will fail without further manual actions # This is not so bad though: git patch apply tells you exactly which file couldn't be created as expected. Just delete those files and relaunch the build and it will succeed. #This approach economizes a lot of time since most of the build artifacts do not need to be rebuilt since the dates of the files should be the same as when you originally built them. # So only a minimal time is needed to rebuild, and this is also good for your SSD. #**** USE THIS APPROACH FIRST *** find ./build/ -type f -name ".canary" | xargs rm || echo "All .carnary files already deleted" find ./install/*/* | xargs rm -rf || echo "All install/ARCH/* dirs and files already deleted" echo "you can now call make BOARD=desired_board, and if any patch fails to apply because file exists; just rm that build/path_to_file and continue testing!"