Changes introduced in commit d604a07225 ("build: add CycloneDX SBOM
JSON support") broke ImageBuilder:
Cannot open '/openwrt-imagebuilder-ath79-generic.Linux-x86_64/tmp/.packageinfo': No such file or directory
So lets fix it by wrapping the BOM generation behind condition of IB
feature check.
Fixes: #13881
Fixes: d604a07225 ("build: add CycloneDX SBOM JSON support")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c4259a6586)
CycloneDX is an open source standard developed by the OWASP foundation.
It supports a wide range of development ecosystems, a comprehensive set
of use cases, and focuses on automation, ease of adoption, and
progressive enhancement of SBOMs (Software Bill Of Materials) throughout
build pipelines.
So lets add support for CycloneDX SBOM for packages and images
manifests.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit d604a07225)
There is no standard for ABI versioning, so its not possible to find out
from `libext2fs2`, `libiwinfo20230701` or `libss2` package names if
thats just package name or package name with ABI version included. To
help with the decision, lets make ABI version aviable in package index.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 649655f427)
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.
In order for the information to be processed further, it should also be
available in package index files.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 33b3fea702)
Now that most cases do the same thing in SetupHostCommand, merge them
together into one. To allow moving the generic symlink check, invert the
check and let it check for relative links by matching on link targets
that do not start with a slash.
This then allows us to also drop the absolute link case, shortening the
case statement further.
This reorders the check to
* if it is not a symlink, do not change it
* if it is a symlink and it points to the found command, do not change it
* if it is a symlink with a relative path, do not change it
* else, update/replace it
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit 3210aa8e0a)
To avoid replacing host built binaries with symlinks again, a check for
an appropriate stamp was added in 729909c07f ("prereq-build: do not
replace binaries with symlinks"). Unfortunately the stamp directory does
not exist in the SDK, so the fix was ineffective there.
This caused the packages builders to e.g. use the host tar again, which
in turn made the tarballs created different since it may lack
reproducibility fixes, or implement these differently, causing spurious
hash failures on source repository based packages.
Fix this by dropping the stamp dir check, and just check that the file
is usable.
Fixes: 729909c07f ("prereq-build: do not replace binaries with symlinks")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit c1ef10c8d8)
1. Add new symbols to generic config
2. Bump kernel
Changelog: https://lore.kernel.org/stable/2023080818-groin-gradient-a031@gregkh/
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
[Refreshed on top of OpenWrt 23.05]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit daed3322d3)
These fields are used for EAX12 and EX6250v2 series, and perhaps other
devices. Compatibility is preserved with the WAX202 and WAX206.
In addition, adds the related vars to DEVICE_VARS so that the variables
work correctly with multiple devices.
References in GPL source:
https://www.downloads.netgear.com/files/GPL/EAX12_EAX11v2_EAX15v2_GPL_V1.0.3.34_src.tar.gz
* tools/imgencoder/src/gj_enc.c
Contains code that generates the encrypted image.
Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
(cherry picked from commit 0a1ebccc87)
If a kernel package was defined where all KCONFIG symbols were dynamic,
and versioned, no FILES would be installed, as the foreach evaluation was
providing the value of the variable defined by the KCONFIG symbol name
including the version test
Fix this by calling the version_filter function on the list of KCONFIG
variable names run through by foreach
Example, kernel 6.1:
KCONFIG:=CONFIG_OLD@lt6.1 CONFIG_NEW@ge6.1
filter-out any KCONFIG settings forced by package:
CONFIG_OLD@lt6.1 CONFIG_NEW@ge6.1
there are dynamic settings, so for each of them,
get the value of the make variable defined by symbol name:
CONFIG_OLD@lt6.1 is not set
CONFIG_NEW@ge6.1 is not set
versus
CONFIG_OLD is not set
CONFIG_NEW=m
test if any of these are m, or y
if yes, install files, otherwise, nothing to install
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
(cherry picked from commit b3448b3fdb)
Make it possible to easily customize U-Boot config options via new
`UBOOT_CUSTOMIZE_CONFIG` variable, so we don't need to patch config
files or override config step with shell hackery.
This generic approach uses `config` CLI to tweak the .config as needed,
for example:
UBOOT_CUSTOMIZE_CONFIG := \
--enable CMD_EFIDEBUG \
--enable CMD_BOOTMENU \
--enable AUTOBOOT \
--enable AUTOBOOT_MENU_SHOW \
--disable AUTOBOOT_KEYED \
--disable AUTOBOOT_USE_MENUKEY \
--disable BOOTMENU_DISABLE_UBOOT_CONSOLE \
--set-val BOOTDELAY 2
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 186b97590b)
Some individual build items install a group of programs
instead of a program matching the name of the build item.
Add support for installing stampfiles for each of the
programs installed by that build item,
which will allow more control and awareness
of what is installed by the rest of the build system,
if, for example, prereq symlink checks are looking
for the same program which is built already.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 84f7a45e9e)
Some programs installed to staging_dir/host/bin
also install some symlinks to itself
for an alternative name.
Some of those new symlinks are overwriting
symlinks that were installed by prereq stage.
If prereq stage were to somehow be run again,
it should not be overwriting symlinks
that point to programs that are already built.
To filter that out, catch all symlinks
after first catching all symlinks
that have an absolute target
after all other cases in the case statement,
make sure it is not broken, and if so exit successfully.
Suggested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit b890e2fbf9)
Some programs, like bash and patch, are checked by prereq stage
and have a symlink installed, but then is later built from source.
Now that the prereq-build checks are not successful
just by finding the file alone, it is possible for
a new symlink to overwrite the installed binary.
If a normal file is found in staging_dir/host/bin,
let the check look for the associated stampfile, and if found,
skip creation of a symlink and exit successfully.
Suggested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 729909c07f)
In the recipe SetupHostCommand for checking
and creating symlinks, $PATH was only overridden
for one of several commands.
This causes the symlinks to be included
in the paths to pick a program from
when the check was repeated, because
staging_dir/host/bin was included in $PATH,
but only *sometimes*.
When the check ran again, the command succeded
with a $PATH including the symlink,
(eval "$$$$$$$$cmd")
while the path to the program was evaluated
with a $PATH NOT including the symlink,
(bin=...)
causing the symlink to be relinked incorrectly,
instead of passing as exactly the same.
Coincidentally, this was only a problem
if the symlink targeted the alternative
program with a different name.
By overriding the value of $PATH at the invocation of Make,
it will apply to the entire environment of the checks.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 665fe2f818)
Add a variable that stores the original value of $PATH
in the host system's shell, before Make alters it.
This can be useful for when it is necessary
to ignore symlinks and programs made by the build system.
Define this new variable before all instances of
'export PATH:=' or similar.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit d87a8aa148)
When the split was done, the case for testing kernel version wasn't
handled and only the to-be-compiled kernel version details files was
included. This cause the kernel Linux-Testing-Version output from
makefile target DUMP to report only the kernel version without the minor
version (example 6.1 instead of 6.1.29).
This value is expected with the full kernel version and this cause the
dump-target-info.pl script to not correctly identify if a target have a
testing kernel for the kernels calls.
Fix this regression by correctly including the kernel details files if
the target declare support for a testing kernel version.
Fixes: 0765466a42 ("kernel: split kernel version to dedicated files")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 595608eb3f)
Handle compiling device tree overlay blobs separate to allow for
overlays being compiled with different parameters, mostly to safe
space.
Allow defining DEVICE_DTC_FLAGS and DEVICE_DTCO_FLAGS as per-device
parameters to be passed to dtc. Previously some boards directly used
DTC_FLAGS in their build recipe which then also affected other boards.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 56f409c4e4)
Instead of generating full config nodes incl. kernel, generate minimal
config nodes for device tree overlays to be applied to the main config.
In this way, multiple device tree overlays can be applied more easily.
While at it change filenames to upstream style, ie. use dtso and dtbo
suffix for device tree overlays.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 6b01d40bfe)
A package may run git as part of its build process, and if the package
source code is not from a git checkout, then git may traverse up the
directory tree to find buildroot's repository directory (.git).
For instance, Poetry Core, a Python build backend, will read the
contents of .gitignore for paths to exclude when creating a Python
package. If it finds buildroot's .gitignore file, then Poetry Core will
exclude all of the package's files[1].
This exports GIT_CEILING_DIRECTORIES for both package and host builds so
that git will not traverse beyond $(BUILD_DIR)/$(BUILD_DIR_HOST).
[1]: https://github.com/python-poetry/poetry/issues/5547
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit f597f34f3a)