Changes introduced in commit d604a07225c5 ("build: add CycloneDX SBOM
JSON support") broke ImageBuilder:
Cannot open '/openwrt-imagebuilder-ath79-generic.Linux-x86_64/tmp/.packageinfo': No such file or directory
So lets fix it by wrapping the BOM generation behind condition of IB
feature check.
Fixes: #13881
Fixes: d604a07225c5 ("build: add CycloneDX SBOM JSON support")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c4259a658673cc1a02ed17bfa8e94de17de00ad2)
CycloneDX is an open source standard developed by the OWASP foundation.
It supports a wide range of development ecosystems, a comprehensive set
of use cases, and focuses on automation, ease of adoption, and
progressive enhancement of SBOMs (Software Bill Of Materials) throughout
build pipelines.
So lets add support for CycloneDX SBOM for packages and images
manifests.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit d604a07225c5c82b942cd3374cc113ad676a2519)
There is no standard for ABI versioning, so its not possible to find out
from `libext2fs2`, `libiwinfo20230701` or `libss2` package names if
thats just package name or package name with ABI version included. To
help with the decision, lets make ABI version aviable in package index.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 649655f427932fe79b96a41f883c8054b1806191)
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.
In order for the information to be processed further, it should also be
available in package index files.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 33b3fea70245068030ef64b6d7c5b344d08ba9d8)
Now that most cases do the same thing in SetupHostCommand, merge them
together into one. To allow moving the generic symlink check, invert the
check and let it check for relative links by matching on link targets
that do not start with a slash.
This then allows us to also drop the absolute link case, shortening the
case statement further.
This reorders the check to
* if it is not a symlink, do not change it
* if it is a symlink and it points to the found command, do not change it
* if it is a symlink with a relative path, do not change it
* else, update/replace it
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit 3210aa8e0a113cc4354628b08b608c5c8f792941)
To avoid replacing host built binaries with symlinks again, a check for
an appropriate stamp was added in 729909c07f ("prereq-build: do not
replace binaries with symlinks"). Unfortunately the stamp directory does
not exist in the SDK, so the fix was ineffective there.
This caused the packages builders to e.g. use the host tar again, which
in turn made the tarballs created different since it may lack
reproducibility fixes, or implement these differently, causing spurious
hash failures on source repository based packages.
Fix this by dropping the stamp dir check, and just check that the file
is usable.
Fixes: 729909c07f ("prereq-build: do not replace binaries with symlinks")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit c1ef10c8d873254ce7c1f3019d821c4a87227474)
1. Add new symbols to generic config
2. Bump kernel
Changelog: https://lore.kernel.org/stable/2023080818-groin-gradient-a031@gregkh/
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
[Refreshed on top of OpenWrt 23.05]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit daed3322d347cae5fa538907b5f1fa5d5cfc08c6)
These fields are used for EAX12 and EX6250v2 series, and perhaps other
devices. Compatibility is preserved with the WAX202 and WAX206.
In addition, adds the related vars to DEVICE_VARS so that the variables
work correctly with multiple devices.
References in GPL source:
https://www.downloads.netgear.com/files/GPL/EAX12_EAX11v2_EAX15v2_GPL_V1.0.3.34_src.tar.gz
* tools/imgencoder/src/gj_enc.c
Contains code that generates the encrypted image.
Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
(cherry picked from commit 0a1ebccc8702cadc50bc096f1e185472f3927786)
If a kernel package was defined where all KCONFIG symbols were dynamic,
and versioned, no FILES would be installed, as the foreach evaluation was
providing the value of the variable defined by the KCONFIG symbol name
including the version test
Fix this by calling the version_filter function on the list of KCONFIG
variable names run through by foreach
Example, kernel 6.1:
KCONFIG:=CONFIG_OLD@lt6.1 CONFIG_NEW@ge6.1
filter-out any KCONFIG settings forced by package:
CONFIG_OLD@lt6.1 CONFIG_NEW@ge6.1
there are dynamic settings, so for each of them,
get the value of the make variable defined by symbol name:
CONFIG_OLD@lt6.1 is not set
CONFIG_NEW@ge6.1 is not set
versus
CONFIG_OLD is not set
CONFIG_NEW=m
test if any of these are m, or y
if yes, install files, otherwise, nothing to install
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
(cherry picked from commit b3448b3fdb59d25dce05991dc8f322c1020b090b)
Make it possible to easily customize U-Boot config options via new
`UBOOT_CUSTOMIZE_CONFIG` variable, so we don't need to patch config
files or override config step with shell hackery.
This generic approach uses `config` CLI to tweak the .config as needed,
for example:
UBOOT_CUSTOMIZE_CONFIG := \
--enable CMD_EFIDEBUG \
--enable CMD_BOOTMENU \
--enable AUTOBOOT \
--enable AUTOBOOT_MENU_SHOW \
--disable AUTOBOOT_KEYED \
--disable AUTOBOOT_USE_MENUKEY \
--disable BOOTMENU_DISABLE_UBOOT_CONSOLE \
--set-val BOOTDELAY 2
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 186b97590b9b2f47abc535c9df0687e00e60f78e)
Some individual build items install a group of programs
instead of a program matching the name of the build item.
Add support for installing stampfiles for each of the
programs installed by that build item,
which will allow more control and awareness
of what is installed by the rest of the build system,
if, for example, prereq symlink checks are looking
for the same program which is built already.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 84f7a45e9e83339d84bcc15f06259b1064cb961a)
Some programs installed to staging_dir/host/bin
also install some symlinks to itself
for an alternative name.
Some of those new symlinks are overwriting
symlinks that were installed by prereq stage.
If prereq stage were to somehow be run again,
it should not be overwriting symlinks
that point to programs that are already built.
To filter that out, catch all symlinks
after first catching all symlinks
that have an absolute target
after all other cases in the case statement,
make sure it is not broken, and if so exit successfully.
Suggested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit b890e2fbf9211648ad4a74f3e8b47bbf04a3cc7a)
Some programs, like bash and patch, are checked by prereq stage
and have a symlink installed, but then is later built from source.
Now that the prereq-build checks are not successful
just by finding the file alone, it is possible for
a new symlink to overwrite the installed binary.
If a normal file is found in staging_dir/host/bin,
let the check look for the associated stampfile, and if found,
skip creation of a symlink and exit successfully.
Suggested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 729909c07fae4201591e51895833112cb88485e1)
In the recipe SetupHostCommand for checking
and creating symlinks, $PATH was only overridden
for one of several commands.
This causes the symlinks to be included
in the paths to pick a program from
when the check was repeated, because
staging_dir/host/bin was included in $PATH,
but only *sometimes*.
When the check ran again, the command succeded
with a $PATH including the symlink,
(eval "$$$$$$$$cmd")
while the path to the program was evaluated
with a $PATH NOT including the symlink,
(bin=...)
causing the symlink to be relinked incorrectly,
instead of passing as exactly the same.
Coincidentally, this was only a problem
if the symlink targeted the alternative
program with a different name.
By overriding the value of $PATH at the invocation of Make,
it will apply to the entire environment of the checks.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 665fe2f818300f0b84c8c458fc49ae58ff8853aa)
