Historically it's possible to leave the `SUBTARGETS` undefined and
automatically fallback to a "generic" subtarget. This however breaks
various downstream scripts which may have expectations around filenames:
While some targets with an explicit generic subtarget contain `generic`
in the filenames of artifacts, implicit "subtargets" don't.
Right now this breaks the CI[1], possibly also scripts using the ImageBuilders.
This commit removes all code that support implicit handling of
subtargets and instead requires every target to define "SUBTARGETS".
[1]: https://github.com/openwrt/openwrt/actions/runs/8592821105/job/23548273630
Signed-off-by: Paul Spooren <mail@aparcar.org>
The compression is faster to (un)pack files, make use of it.
Also add a new build prerequirement, the `zstd` to (un)pack files.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[ improve commit title ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This fix a long lasting bug/inconsistency with rawgit method and
dl_github_archive script.
The dl_github_archive script works by using the github generated tar.gz
instead of cloning and checkout and the tar.gz is generated by using git
archive command that parse and apply .gitattributes rules.
rawgit command never handled .gitattributes and instead made a simple git
clone and checkout causing the inconsistency.
To fix the inconsistency, add extra steps to call git archive command
and generate an intermediate tar to apply .gitattributes rules.
Also for git log format, Github shorthash length is 8 instead of the
default 7, also apply this locally for each cloned repo to produce
consistent tar.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The recovery image is reqired for D-Link M30 as well. So I moved it to include/image-commands.mk to be able to use it for MT7622 and filogic devices.
Signed-off-by: Roland Reinl <reinlroland+github@gmail.com>
Host packages typically are statically linked to avoid rpath issues and
to avoid libraries not being found as a result. With target packages,
both libraries make the most sense as InstallDev typically installs
both, giving packages flexibility. Default this behavior.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Different from OPKG, APK uses a deterministic version schema which chips
the version into chunks and compares them individually. This enforces a
certain schema which was previously entirely flexible.
- Releases are added at the very and end prefixed with an `r` like
`1.2.3-r3`.
- Hashes are prefixed with a `~` like `1.2.3~abc123`.
- Dates become semantic versions, like `2024.04.01`
- Extra tags are possible like `_git`, `_alpha` and more.
For full details see the APK test list:
https://gitlab.alpinelinux.org/alpine/apk-tools/-/blob/master/test/version.data
Signed-off-by: Paul Spooren <mail@aparcar.org>
hostpkg python from packages feed can be picked when do a incremental
build because hostpkg has higher priority in PATH. It may lead build
faliure as it's heavily trimmed (e.g. lacks necessary modules).
For uboot which uses binman and intree dtc, this is forced as hostpkg
python will never provide those modules by default.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
This reverts commit c42b915af0.
Now that rpcd uses the 'Auto-Installed' field to differentiate between
deliberately and implicitely installed packages we can remove the
hotfix.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Commit be9023ed43 ("build: fix opkg flags in rootfs") introduced a
call to 'awk' which removes the 'user' flag from all installed
packages in the opkg status file. While is is somehow desireable when
building images directly within the buildroot, when using the
ImageBuilder dropping the 'user' flag means loosing information about
a package being deliberately selected or just implicitely pulled as a
dependency. And that then break tools like 'auc' which request only
packages having the 'user' flag from the asu server, resulting in
broken images being delivered to users.
Restore the original behavior in case of an image being created using
the ImageBuilder.
Fixes: be9023ed43 ("build: fix opkg flags in rootfs")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Building a package in the build system or the SDK results in different
values for the `SOURCE` property, it's either `packages/<package name>`
or `feeds/base/<package name>`. The reason is that the SDK handles
`openwrt.git` as an external feed called while the build system contains
the *base* packages directly.
Since packages created with either method are (ideally) the same (bit
for bit), align the content of SOURCE. To do so this commit creates a
symlink from `feeds/base` to `$(TOPDIR)/package` and adopts the SOURCE
when building from inside the build system.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Let ubinize-image append the ubinized image to the existing image
instead of replacing it.
Fixes: 6c17d71973 ("scripts: ubinize-image.sh: support static volumes, make size optional")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
By default opkg sets the "user" flag when a package is installed,
which resulted in most packages in the rootfs having this flag
set incorrectly. This patch removes the "user" flag from all
installed packages when preparing the rootfs image.
Fixes: #14427
Signed-off-by: Justin Klaassen <justin@tidylabs.app>
Make sure ubinize-image.sh also works with more simple POSIX Shell and
allow creating complete custom images to be used as ARTIFACT/foo.img
and thereby allow including uImage.FIT, TF-A FIP and what ever else
is required on a specific board.
Fixes: 6c17d71973 ("scripts: ubinize-image.sh: support static volumes, make size optional")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
In order to support devices having TF-A FIP image or UBI-aware U-Boot
SPL we need to include a static volume for the bootloader.
Introduce support for adding additional static volumes by prefixing
the filename with ':', eg.
UBINIZE_PARTS := fip:=$(STAGING_DIR_IMAGE)/u-boot.fip
Also add support for rootfs-in-uImage.FIT setups which don't require a
rootfs partition and make the (3rd) size parameter in UBINIZE_PARTS
optional (see example above without declared size).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This reverts commit 131e41614d.
Sadly it makes menuconfig fail with
tmp/.config-package.in:171: glob failed: No files found "feeds/base/utils/busybox/Config.in"
make: *** [/usr/src/openwrt/include/toplevel.mk:136: menuconfig] Error 1
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Building a package in the build system or the SDK results in different
values for the `SOURCE` property, it's either `packages/<package name>`
or `feeds/base/<package name>`. The reason is that the SDK handles
`openwrt.git` as an external feed called while the build system contains
the *base* packages directly.
Since packages created with either method are (ideally) the same (bit
for bit), align the content of SOURCE. To do so this commit creates a
symlink from `feeds/base` to `$(TOPDIR)/package` and adopts the SOURCE
when building from inside the build system.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Add support for compiling DTS for the selected target. This can be
useful for testing if the DTS correctly compile and doesn't produce any
error.
This adds a new make target. To compile only DTS use:
make target/linux/dtb
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The GCC option -fstack-protector-all is a security feature used to protect against stack-smashing attacks.
This option enhances the stack-smashing protection provided by -fstack-protector-strong.
-fstack-protector-all option applies stack protection to all functions, regardless of their characteristics.
While this offers the most comprehensive protection against stack-smashing attacks, it can significantly impact
the performance of the program because every function call includes additional checks for stack integrity.
This option can incur a performance penalty because of the extra checks added to every function call,
but it significantly enhances security, making it harder for attackers to exploit buffer overflows to execute arbitrary code.
It's particularly useful in scenarios where security is paramount and performance trade-offs are acceptable.
Signed-off-by: Cedric DOURLENT <cedric.dourlent@softathome.com>
Using PKG_URL one may set the URL for all sub packages, which is usually
shared anyway. Future packages should only use PKG_URL instead of adding
it per sub-package.
Signed-off-by: Paul Spooren <mail@aparcar.org>