Commit be9023ed43 ("build: fix opkg flags in rootfs") introduced a
call to 'awk' which removes the 'user' flag from all installed
packages in the opkg status file. While is is somehow desireable when
building images directly within the buildroot, when using the
ImageBuilder dropping the 'user' flag means loosing information about
a package being deliberately selected or just implicitely pulled as a
dependency. And that then break tools like 'auc' which request only
packages having the 'user' flag from the asu server, resulting in
broken images being delivered to users.
Restore the original behavior in case of an image being created using
the ImageBuilder.
Fixes: be9023ed43 ("build: fix opkg flags in rootfs")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Building a package in the build system or the SDK results in different
values for the `SOURCE` property, it's either `packages/<package name>`
or `feeds/base/<package name>`. The reason is that the SDK handles
`openwrt.git` as an external feed called while the build system contains
the *base* packages directly.
Since packages created with either method are (ideally) the same (bit
for bit), align the content of SOURCE. To do so this commit creates a
symlink from `feeds/base` to `$(TOPDIR)/package` and adopts the SOURCE
when building from inside the build system.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Let ubinize-image append the ubinized image to the existing image
instead of replacing it.
Fixes: 6c17d71973 ("scripts: ubinize-image.sh: support static volumes, make size optional")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
By default opkg sets the "user" flag when a package is installed,
which resulted in most packages in the rootfs having this flag
set incorrectly. This patch removes the "user" flag from all
installed packages when preparing the rootfs image.
Fixes: #14427
Signed-off-by: Justin Klaassen <justin@tidylabs.app>
Make sure ubinize-image.sh also works with more simple POSIX Shell and
allow creating complete custom images to be used as ARTIFACT/foo.img
and thereby allow including uImage.FIT, TF-A FIP and what ever else
is required on a specific board.
Fixes: 6c17d71973 ("scripts: ubinize-image.sh: support static volumes, make size optional")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
In order to support devices having TF-A FIP image or UBI-aware U-Boot
SPL we need to include a static volume for the bootloader.
Introduce support for adding additional static volumes by prefixing
the filename with ':', eg.
UBINIZE_PARTS := fip:=$(STAGING_DIR_IMAGE)/u-boot.fip
Also add support for rootfs-in-uImage.FIT setups which don't require a
rootfs partition and make the (3rd) size parameter in UBINIZE_PARTS
optional (see example above without declared size).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This reverts commit 131e41614d.
Sadly it makes menuconfig fail with
tmp/.config-package.in:171: glob failed: No files found "feeds/base/utils/busybox/Config.in"
make: *** [/usr/src/openwrt/include/toplevel.mk:136: menuconfig] Error 1
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Building a package in the build system or the SDK results in different
values for the `SOURCE` property, it's either `packages/<package name>`
or `feeds/base/<package name>`. The reason is that the SDK handles
`openwrt.git` as an external feed called while the build system contains
the *base* packages directly.
Since packages created with either method are (ideally) the same (bit
for bit), align the content of SOURCE. To do so this commit creates a
symlink from `feeds/base` to `$(TOPDIR)/package` and adopts the SOURCE
when building from inside the build system.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Add support for compiling DTS for the selected target. This can be
useful for testing if the DTS correctly compile and doesn't produce any
error.
This adds a new make target. To compile only DTS use:
make target/linux/dtb
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The GCC option -fstack-protector-all is a security feature used to protect against stack-smashing attacks.
This option enhances the stack-smashing protection provided by -fstack-protector-strong.
-fstack-protector-all option applies stack protection to all functions, regardless of their characteristics.
While this offers the most comprehensive protection against stack-smashing attacks, it can significantly impact
the performance of the program because every function call includes additional checks for stack integrity.
This option can incur a performance penalty because of the extra checks added to every function call,
but it significantly enhances security, making it harder for attackers to exploit buffer overflows to execute arbitrary code.
It's particularly useful in scenarios where security is paramount and performance trade-offs are acceptable.
Signed-off-by: Cedric DOURLENT <cedric.dourlent@softathome.com>
Using PKG_URL one may set the URL for all sub packages, which is usually
shared anyway. Future packages should only use PKG_URL instead of adding
it per sub-package.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The manifest should provide as much information as possible about the
package, including the project URL. With this commit the URL is stored
as it's own attribute instead of at the end of the description.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Previous commits installed non-elf files into /lib/modules/$VER/.
COLLECT_KERNEL_DEBUG tries to strip all files and these two files
break the build.
Fix it by copying only kernel modules for debug info collection.
Fixes: e1d8e57614 ("kernel: include modinfo for built-in modules")
Fixes: 29f6da4340 ("kernel: include built-in module list")
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
Partially revert changes to verbose logging that break the 'check' target
dependencies and trigger many runtime warnings like:
/home/kodidev/openwrt-project/include/toplevel.mk:213: *** mixed implicit and normal rules: deprecated syntax
Fixes: e4a43cda0 ("build: allow var.% targets to bypass the prepare steps")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
In order to pass a status message at runtime,
which is usually listing subtargets
of a Makefile target or an error message,
from a child invocation of Make (submake)
through the parent process to the terminal,
the file descriptors 8 and 9 are opened to be used
by the functions MESSAGE and ERROR_MESSAGE.
However, there are situations where those functions
can be called while not in a submake or a subshell
or a child process which results in a shell error:
/bin/bash: 8: Bad file descriptor
Commit aee3594ffc
("verbose.mk: print ERROR messages in non-verbose")
has exposed this issue to more cases, but it is not the root cause.
To solve this, use the exit code of the first printf attempt
to the alternative file descriptors in order to tell whether
the standard file descriptors need to be used instead.
In order to get rid of the "Bad file descriptor" error, stderr is
redirected to null after grouping the two printf alternatives
into one command to combine outputs.
For ERROR_MESSAGE, the real message is redirected to stderr
after redirecting the error from the attempted printing to null.
For MESSAGE, without redirection, the Make function "shell"
will absorb the actual message from stdout and input the value into the Makefile,
therefore the dummy variable "_NULL", previously used merely for causing
a call to the MESSAGE function to trigger without writing target rules,
now has and a real value when defined, so rename it to "_MESSAGE"
as a placeholder for the real message when the output should be stdout.
When "_MESSAGE" has a value, use Make function "info" to
finally bring it from the Makefile to the terminal.
This also fixes what is likely a typo, in that
while file descriptor 9 is meant to redirect to stderr
for use in error messages like in the function ERROR_MESSAGE,
that function has printf redirecting to file descriptor 8 instead.
Fixes: a4c8d4e37 ("build: make the color of the 'configuration out of sync' warning red")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
These targets are used to input variable values from the Make
context into other things like python scripts, so log messages
should be silenced and build prerequisites should be skipped.
The same thing is done for the other variable print target "val.%".
While at it, combine identical target rules into one definition.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Many NAND devices use a build recipe with "append-ubi | check-size" to
ensure factory images don't exceed the target flash partition size.
However, UBI reserves space for bad block handling and other operational
overhead, and thus 'check-size' can overestimate the space available by
several MB. In practice, this means a failed check is definitely a failure,
while a passing check is only probably a pass.
Improve the situation by teaching 'Build/append-ubi' to check image sizes
while accounting for UBI reserved blocks. Add new device variable NAND_SIZE
and use with existing IMAGE_SIZE to derate the available space. Each UBI
device reserves 20 PEBs per 1024 PEBs of the entire NAND device for bad
blocks, plus an additional 4 PEBs overhead.
Many devices can transparently enable this check by setting NAND_SIZE based
on their flash storage, and may then remove any unneeded 'check-size'.
Link: http://www.linux-mtd.infradead.org/doc/ubi.html#L_overhead
Suggested-by: Shiji Yang <yangshiji66@qq.com>
Suggested-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Current factory image sizes for Linksys devices are 256-byte aligned. This
is not an issue writing factory images from the OpenWrt or Linksys GUIs,
but can lead to failures using a TFTP client from the Linksys bootloader:
NAND write: device 1 offset 0x2800000, size 0xc00100
Attempt to write to non page aligned data
NAND write to offset 2800000 failed -22
0 bytes written: ERROR
Simplify Linksys footer creation by migrating to a makefile build recipe,
and pre-pad the footer (with 0xFF) to ensure the final image is $(PAGESIZE)
aligned. Finally, remove the old linksys-image.sh script no longer needed.
Linksys footer details are given below for future reference. The 256-byte
footer is appended to factory images and tested by both the Linksys
Upgrader (observed in EA6350v3) and OpenWrt sysupgrade.
Footer format:
.LINKSYS. Checked by Linksys upgrader before continuing. (9 bytes)
<VERSION> Upgrade version number, unchecked so arbitrary. (8 bytes)
<TYPE> Model of device, space padded (0x20). (15 bytes)
<CRC> CRC checksum of factory image to flash. (8 bytes)
<padding> Padding ('0' + 0x20 * 7) (8 bytes)
<signature> Signature of signer, unchecked so arbitrary. (16 bytes)
<padding> Padding with nulls (0x00) (192 bytes)
Link: https://github.com/openwrt/openwrt/pull/11405#issuecomment-1358510123
Link: https://github.com/openwrt/openwrt/pull/11405#issuecomment-1587517739
Reported-by: Stijn Segers <foss@volatilesystems.org>
Reported-by: Wyatt Martin <wawowl@gmail.com>
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Add the make function 'exp_units' for helping evaluate k/m/g size units in
expressions, and use this to consistently replace many ad hoc substitutions
like '$(subst k,* 1024,$(subst m, * 1024k,$(IMAGE_SIZE)))' in makefiles.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Some patched u-boots may have problems with parallel build.
Do not enforce parallel build here so one can set PKG_BUILD_PARALLEL:=0
in the specific u-boot Makefile also before including the u-boot.mk.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
This reverts commit 7ceb76ca3a.
Python 3.12 removes the distutils package and is therefore not
compatible. We have to check downstream what relies on distutils before
adding actual support for Python 3.12. Sorry for the noise.
With this in-place, the macOS CI job fails and turns things red, revert
for now.
Signed-off-by: Paul Spooren <mail@aparcar.org>