Commit Graph

287 Commits

Author SHA1 Message Date
Yann E. MORIN
baa55a4e26 linux: disable -Werror when building host tools
gcc-12 is starting to trickle down to some distros, like Archlinux.
gcc-12 has new warnings, and detects more cases of issues, like new
UAF cases, which is causing build issues in code that was previously
building fine, as reported in #14826:

    In file included from sigchain.c:3:
    In function 'xrealloc',
        inlined from 'sigchain_push.isra' at sigchain.c:26:2:
    subcmd-util.h:56:23: error: pointer may be used after 'realloc' [-Werror=use-after-free]
       56 |                 ret = realloc(ptr, size);
          |                       ^~~~~~~~~~~~~~~~~~
    subcmd-util.h:52:21: note: call to 'realloc' here
       52 |         void *ret = realloc(ptr, size);
          |                     ^~~~~~~~~~~~~~~~~~
    subcmd-util.h:58:31: error: pointer may be used after 'realloc' [-Werror=use-after-free]
       58 |                         ret = realloc(ptr, 1);
          |                               ^~~~~~~~~~~~~~~
    subcmd-util.h:52:21: note: call to 'realloc' here
       52 |         void *ret = realloc(ptr, size);
          |                     ^~~~~~~~~~~~~~~~~~

In that case, the kernel has already fixed their code, which is part of
5.17:
    https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=52a9dab6d892763b2a8334a568bd4e2c1a6fde66

However, we can't easily carry that patch, because we don't know
whether the kernel the user uses already has the fix or not.

Instead, we can just tell the kernel to disable use of -Werror when
building host tools.

As a consequence, we can drop it from the perf-specific setting.

Fixes: #14826

Reported-by: Anders Pitman <buildroot@apitman.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-06-04 10:22:41 +02:00
Joel Stanley
62044e8675 linux: Fix powerpc64le defconfig selection
The default defconfig target for the 64 bit powerpc kernel is
ppc64_defconfig, the big endian configuration.

When building for powerpc64le users want the little endian kernel as
they can't boot LE userspace on a BE kernel.

Fix up the defconfig used in this case. This will avoid the following
autobuilder failure:

 VDSO32A arch/powerpc/kernel/vdso32/sigtramp.o
 cc1: error: ‘-m32’ not supported in this configuratioin
 make[4]: *** [arch/powerpc/kernel/vdso32/Makefile:49: arch/powerpc/kernel/vdso32/sigtramp.o] Error 1

 http://autobuild.buildroot.net/results/dd76d53bab56470c0b83e296872d7bb90f9e8296/

Note that the failure indicates the toolchain is configured to disable
the 32 bit target, causing the kernel to fail when building the 32 bit
VDSO. This is only a problem on the BE kernel as the LE kernel disables
CONFIG_COMPAT, aka 32 bit userspace support, by default.

Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-05-13 23:54:14 +02:00
Leger Charlie
666084f494 linux:linux.mk: Add "firmware-imx" dependency if needed
Since SDMA firmwares for imx[6,7,8] are now provided only by
firmware-imx package and not linux-firmware package [1]. If
CONFIG_EXTRA_FIRMWARE is set in the kernel config, the build will fail
if the imx firmware is not available.

[1] http://lists.busybox.net/pipermail/buildroot/2021-January/603807.html

Signed-off-by: Leger Charlie <c.leger@borea-dental.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-05-05 23:24:07 +02:00
Baruch Siach
8c4b55053e linux: add a comment about CONFIG_EXTRA_FIRMWARE requirement
Explain why the kernel needs firmware packages as build time
dependencies.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-05-05 22:59:26 +02:00
James Hilliard
84b1eacc32 linux/linux.mk: ensure custom kernel version is set
Validate that BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE is set when
required.

Fixes:
http://autobuild.buildroot.net/results/117/117c08e414776202446a9fdb96d084aa3c16af48

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-10 16:48:34 +02:00
Yann E. MORIN
9b41b54be0 linux: fix build with host-gcc 10+
Some older versions of linux, or custom versions (like forks for some
boards), fail to build with host-gcc 10+, because of redefined symbols:

      HOSTLD  scripts/dtc/dtc
    /usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition
    of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
    collect2: error: ld returned 1 exit status

Since this has been fixed in recent-ish versions, we can't use an
unconditionaly patch, so we must have a conditional patch. However, a
patch may not always apply to arbitrary Linux versions or forks.

Upstream just dropped that line altogether:
    https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e33a814e772cdc36436c8c188d8c42d019fda639

So, we use a little sed-grep combo to do the exact same change.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Tested-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-12 21:38:18 +01:00
Jörg Krause
de0f5ba17a linux: build after wireless-regdb if enabled for early loading support
To support building in the wireless regulatory database files (regulatory.db*)
into the kernel using the CONFIG_EXTRA_FIRMWARE option, we need to ensure that
the database files are installed before the Linux kernel is built.
The dependency is harmless if CONFIG_EXTRA_FIRMWARE isn't actually set.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-12 21:38:18 +01:00
Thomas De Schampheleire
0ecfdc0932 linux/linux.mk: correct LINUX_ARCH_PATH for sparc64
Buildroot uses variable LINUX_ARCH_PATH to refer to the arch-specific
directory in the Linux tree, which may not necessarily be arch/$(KERNEL_ARCH).

Buildroot already accounts for the case of KERNEL_ARCH=i386 and
KERNEL_ARCH=x86_64, but does not for KERNEL_ARCH=sparc64, in which case the
correct directory is arch/sparc.

Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-08 21:24:41 +01:00
Francis Laniel
2da2f359db linux: add BR2_LINUX_KERNEL_NEEDS_HOST_PAHOLE
CONFIG_DEBUG_BTF_INFO relies on pahole, so kernel DWARF are converted to BTF.
If CONFIG_DEBUG_BTF_INFO is set and BR2_LINUX_KERNEL_NEEDS_HOST_PAHOLE not,
an error message is shown and .config is not written.

Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-13 22:23:27 +01:00
Yann E. MORIN
e6b3913cfc package: use the generic _HELP_CMDS for kconfig-based packages
As Thomas put it:

    The <pkg>_HELP_CMDS variable allows packages using the
    kconfig-package infrastructure to display their specific
    targets related to the handling of their configuration.

    However, it was not consistently used and handled by the
    different packages.

So, this commit switches all the kconfig-based package to use the
generic help helper.

As a consequence:

  - all kconfig packages now advetise their kconfig-related actions,
    where some were previously missing: at91bootstrap3, linux-backports,
    swupdate, xvisor;

  - busybox advertises it does not support defconfig files;

  - the 'foo-savedfconfig' action is no longer advertised: it is to be
    considered an internal implementation detail.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-07-25 15:20:24 +02:00
Alexander Egorenkov
63de515853 linux: support uncompressed kernel on S390
Signed-off-by: Alexander Egorenkov <egorenar@linux.ibm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-03-28 22:49:28 +02:00
Peter Korsgaard
dacf9d78f2 linux: build after linux-firmware if enabled for early loading support
To support building in (a subset of) the linux-firmware files into the
kernel using the CONFIG_EXTRA_FIRMWARE option, we need to ensure that the
firmware files are installed before the Linux kernel is built, similar to
how it is done for intel-microcode.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-23 13:50:06 +01:00
Peter Korsgaard
96c26ce863 linux: add support for Image.gz kernel format
arm64 / riscv supports building a gzip compressed 'Image' format kernel,
which is sometimes useful. From arch/arm64/Makefile:

all:	Image.gz

Image: vmlinux
	$(Q)$(MAKE) $(build)=$(boot) $(boot)/$@

Image.%: Image
	$(Q)$(MAKE) $(build)=$(boot) $(boot)/$@

(and similar logic for riscv)

Future architectures may or may not copy this logic, so for robustness add
an explicit Image.gz format rather than copying both Image and Image.gz when
the Image format is used.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-23 21:27:13 +01:00
Fabrice Fontaine
4b6202f721 Replace LIBFOO_CPE_ID_NAME by LIBFOO_CPE_ID_PRODUCT
Replace LIBFOO_CPE_ID_NAME by LIBFOO_CPE_ID_PRODUCT to better "comply"
with the official "Well-Formed CPE Name Data Model" parameters:
 - https://csrc.nist.gov/publications/detail/nistir/7695/final
 - https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-21 22:43:24 +01:00
Thomas Petazzoni
792f92db2b linux, package: do not use <pkg>_NAME when defining CPE ID variables
As we discussed on the mailing list, using $(<pkg>_NAME) when defining
CPE ID variables feels a bit odd and needlessly complicated. Just use
the package name directly.

Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-15 08:02:08 +01:00
Thomas Petazzoni
5f5c3d6022 linux: indicate proper CPE prefix
The CPE type of the Linux kernel is special, it should be "o", unlike
all other packages that use "a". We therefore need to override
<pkg>_CPE_ID_PREFIX, so that the CPE ID of the linux package matches
with the CPE dictionary.

Reported-by: Matt Weber <matthew.weber@rockwellcollins.com>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-01-09 17:06:01 +01:00
Matt Weber
63332c33aa package: provide CPE ID details for numerous packages
This patch adds CPE ID information for a significant number of
packages.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-04 21:43:54 +01:00
Paul Cercueil
88a268354d linux: add support for ZSTD compression
Add support for creating self-extractible kernels compressed with ZSTD.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-03 22:26:44 +02:00
Paul Cercueil
532fe9fb57 linux: run depmod only if modules directory exists
If the modules directory that corresponds to the version of the kernel
being built has been deleted, don't try to run depmod, which will
obviously fail.

This can happen for instance when the modules are stripped from the main
root filesystem, and placed into a separate filesystem image, so that
the root filesystem and the kernel can be updated separately.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-08-29 16:56:30 +02:00
Yann E. MORIN
3f6a40e9fa linux: workaround make-4.1 bug
On Ubuntu 18.04, make-4.1 emits spurious, incorrect "entering/leaving"
messages, which end up in the LINUX_VERSION_PROBED variable:

    printf 'probed linux version: "%s"\n' "$(LINUX_VERSION_PROBED)"
    probed linux version: "make[1]: Entering directory '/home/buildroot'
    4.19.78-linux4sam-6.2
    make[1]: Leaving directory '/home/buildroot/output/build/linux-linux4sam_6.2'"

First, the messages are displayed even though we do explicitly pass
--no-print-directory -s.

Second, the entering and leaving messages are not about the same
directory!

This *only* occurs in the following conditions:

  - the user has the correct 0022 umask,
  - top-level parallel is used (with or without PPD),
  - initial -C is specified as well.

    $ umask 0022
    $ make -j16 -C $(pwd)
    [...]
    depmod: ERROR: Bad version passed make[1]:
    [...]

(yes, 'make[1]:' is the string depmod is trying, and fails, to parse as
a version string).

If any of the three conditions above is removed, the problem no longer
occurs. Here's a table of the MAKEFLAGS:

                |                   0002                         |          0022            |
    ----+-------+------------------------------------------------+--------------------------+
        | no-j  | --no-print-directory --                        |                          |
    noC |       +------------------------------------------------+--------------------------+
        | -j16  | -j --jobserver-fds=3,4 --no-print-directory -- | -j --jobserver-fds=3,4   |
    ----+-------+------------------------------------------------+--------------------------+
        | no-j  | --no-print-directory --                        | w                        |
    -C  |       +------------------------------------------------+--------------------------+
        | -j16  | -j --jobserver-fds=3,4 --no-print-directory -- | w -j --jobserver-fds=3,4 |
    ----+-------+------------------------------------------------+--------------------------+

    0002: umask == 0002
    0022: umask == 0022

    no-j: no -j flag
    -j16: -j16 flag

    noC: no -C flag
    -C : -C /path/of/buildroot/

Only the bottom-right-most case fails...

This behaviour goes against what is documented:

    https://www.gnu.org/software/make/manual/make.html#g_t_002dw-Option

    5.7.4 The ‘--print-directory’ Option
    [...]
    you do not need to specify this option because ‘make’ does it for
    you: ‘-w’ is turned on automatically when you use the ‘-C’ option,
    and in sub-makes. make will not automatically turn on ‘-w’ if you
    also use ‘-s’, which says to be silent, or if you use
    ‘--no-print-directory’ to explicitly disable it.

So this exactly describes our situation; yet 'w' is added to MAKEFLAGS.

Getting rid of the 'w' flag makes the build succeed again, so that's
what we do here (bleark, icky)...

Furthermore, the documented way to override MAKEFLAGS is to do so as a
make parameter:

    https://www.gnu.org/software/make/manual/make.html#Options_002fRecursion

    5.7.3 Communicating Options to a Sub-make
    [...]
    If you do not want to pass the other flags down, you must change the
    value of MAKEFLAGS, like this:

        subsystem:
            cd subdir && $(MAKE) MAKEFLAGS=

However, doing so does not fix the issue. So we resort to pass the
modified MAKEFLAGS via the environment (bleark, icky)...

Fixes: #13141

Reported-by: Laurent <laurent@neko-labs.eu>
Reported-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 22:09:52 +02:00
Yann E. MORIN
d8e3e93969 linux: rename config option
Commit a4eef9a395 (linux: introduce BR2_KERNEL_DTB_KEEP_DIRNAME)
introduced a new config option, but its name was not matching the
naming-scheme of the other config options.

Rename it.

We don't need legacy handling, because that config option was added very
recently and was never part of a release.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-06-07 09:27:08 +02:00
Michael Walle
a4eef9a395 linux: introduce BR2_KERNEL_DTB_KEEP_DIRNAME
In linux, newer architectures like ARM64 and RISC-V keep their device
tree sources organized by subdirectories. When these device trees are
installed by the kernel they will keep the directory names. But
buildroot strips the prefixes when installing them into /boot or the
images directory.
Sometimes the bootloader references the device tree by name (e.g.
u-boot has the environment variable 'fdtfile') which also includes
the prefix directory.
Make it possible to keep this prefix during installation, so we can
be compatible with other distributions and make it easier for the
user, because he doesn't have to change that environment variable.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-06-06 00:07:25 +02:00
Thomas Petazzoni
a6569f2b3d Merge branch 'next'
A few conflicts had to be resolved:

 - Version number and hash for mesa3d-headers/mesa3d
 - Patches added in qemu, and the qemu version number
 - The gnuconfig README.buildroot

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-06-02 21:59:52 +02:00
Yann E. MORIN
5587f366cd package/linux-tools/perf: bear the kernel options munging
perf by itself is not a standalone package; instead, it is part of a
bigger package, linux-tools.

Even though perf is the only one to need kernel .config fixups, we still
do it in a generic way, as it blends nicely in the existing variables,
which all use a loop over all the tools.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-31 23:08:44 +02:00
Yann E. MORIN
40e0bf4c0c linux: forcibly disable use of gcc plugins
The soon-to-be-released linux 5.7 has changed the way it detects the
ability of gcc to use plugins, when it dropped support for gcc 4.7 or
older [0].

To detect the ability to use gcc plugins, the kernel has to check
whether the host gcc is capable enough to build them.

When we call one of the configurator for the Linux kernel, we explicitly
pass a value of HOSTCC=$(HOSTCC_NOCCACHE), because there might be a
discrepancy between the ncurses headers and libraries as found by the
Linux kconfig build [1] [2].

But then, when we build the kernel, we pass another value to use [3]
HOSTCC="$(HOSTCC) $(HOST_CFLAGS) $(HOST_LDFLAGS)" which boils down to
roughly: gcc -I.../host/include -L.../host/lib -Wl,-rpath,.../host/lib
This is needed so that at build time, the kernel can build host tools
that link with our openssl et al.

So, the two HOSTCC we pass to the kernel may have different behaviours.
For example, on a machine where gmp is missing in the system, it is
available in $(O)/host/ when using an internal toolchain (and under a
few other conditions).

In that case, when configuring the kernel, it decides that the host
compiler can't build plugins, so the dependencies of CONFIG_GCC_PLUGINS
are not met, and that option is not present in the linux' .config file
(neither as "=y" nor as "is not set"). But then, when we build the
kernel, the host compiler suddenly becomes capable of building the
plugins, and the internal syncconfig run by the kernel will notice that
the dependencies of CONFIG_GCC_PLUGINS are now met, and that the user
shall decide on its value. And this blocks a build on an interactive
console (abbreviated):

    * Restart config...
    * GCC plugins
    GCC plugins (GCC_PLUGINS) [Y/n/?] (NEW) _

But most problematic is the behaviour when run in a shell that is not
interactiove (e.g. a CI job or such) (abbreviated):

    * Restart config...
    * GCC plugins
    GCC plugins (GCC_PLUGINS) [Y/n/?] (NEW)
    Error in reading or end of file.
      Generate some entropy during boot and runtime (GCC_PLUGIN_LATENT_ENTROPY) [N/y/?] (NEW)
    Error in reading or end of file.
      Randomize layout of sensitive kernel structures (GCC_PLUGIN_RANDSTRUCT) [N/y/?] (NEW)
    Error in reading or end of file.
    * Memory initialization
    Initialize kernel stack variables at function entry
    > 1. no automatic initialization (weakest) (INIT_STACK_NONE)
      2. zero-init structs marked for userspace (weak) (GCC_PLUGIN_STRUCTLEAK_USER) (NEW)
      3. zero-init structs passed by reference (strong) (GCC_PLUGIN_STRUCTLEAK_BYREF) (NEW)
      4. zero-init anything passed by reference (very strong) (GCC_PLUGIN_STRUCTLEAK_BYREF_ALL) (NEW)
    choice[1-4?]:
    Error in reading or end of file.
    Poison kernel stack before returning from syscalls (GCC_PLUGIN_STACKLEAK) [N/y/?] (NEW)
    Error in reading or end of file.
    Enable heap memory zeroing on allocation by default (INIT_ON_ALLOC_DEFAULT_ON) [N/y/?] n
    Enable heap memory zeroing on free by default (INIT_ON_FREE_DEFAULT_ON) [N/y/?] n

The most obvious and simple solution would be to unconditionally disable
gcc plugins altogether, in the KCONFIG_FIXUP hook. But that can't work
either, because after applying the fixups, we call olddefconfig (or the
likes) with the incapable HOSTCC, so the disabled option would be removed
anyway, and we'd be back to square one.

So, in addition to the above, we also forcibly hack the same call just
before actually building the kernel.

Note that the two are needed: the one in the fixups is needed for those
that have a system that already allows building gcc plugins, and the
second is needed in the other case, where the system does not allow it
but would work with our additional headers and libs in $(O)/host/. The
two ensure there is a very similar experience in the two situations.

Forcibly disabling the use of gcc plugins is not a regression on our
side: it has never been possible to do so so far. We're now making sure
that can't work by accident.

Reported-by: Ganesh <ganesh45in@gmail.com>,
Reported-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Michael Walle <michael.walle@kontron.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-31 22:41:57 +02:00
Thomas Petazzoni
7292a5a072 package/libapparmor: bear the kernel options munging
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
391c448acb package/kernel-module-imx-gpu-viv: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Gary Bisson <bisson.gary@gmail.com>
Cc: Refik Tuzakli <tuzakli.refik@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
49bf417618 package/libselinux: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Cc: Marcus Folkesson <marcus.folkesson@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Adam Duskett <aduskett@gmail.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
b294165e01 package/wireguard-linux-compat: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
0d8e61e827 package/xtables-addons: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
ee07995ac5 package/iptables: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
1b4a2bd8e4 package/sunxi-mali-mainline-driver: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
2bac81f0cb package/smack: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
94cb814511 package/systemd: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
df988d40e7 package/pcm-tools: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
b18824ffcb package/ktap: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Anders Darander <anders@chargestorm.se>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
af43d0aa34 package/intel-micro-code: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
ad42b7f6f0 package/audit: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
0aed4c2dae linux: allow packages to set kernel config options
Currently, the linux kernel will apply some fixups on its .config file,
based on whether some packages are enabled or not. That list of
conditional fixups is getting bigger and bigger with each new package
that needs such fixups, culminating with the pending firewalld one [0].

Furthermore, these fixups are not accessible to packages in br2-external
trees.

Add a new per-package variable, that packages may set to the commands to
run to fixup the kernel .config file, which is added at the end of the
linux' own fixups.

This opens the possibility to write things like;

    define FOO_LINUX_CONFIG_FIXUPS
        $(call KCONFIG_ENABLE_OPT,BLA)
    endef

Of course, it also opens the way to run arbitrary commands in there, but
any alternative that would be declarative only, such as a list of
options to enable or disable (as an example):

    FOO_LINUX_CONFIG_FIXUPS = +BAR -FOO +BUZ="value"

.. is not very nice either, and such lists fall flat when a value would
have a space.

For packages that we have in-tree, we can ensure they won't play foul
with their _LINUX_CONFIG_FIXUPS. For packages in br2-external trees,
there's nothing we can do; users already have the opportunity to hack
into the linux configure process by providing LINUX_PRE_CONFIGURE_HOOKS
or LINUX_POST_CONFIGURE_HOOKS anyway...

.. which brings the question of why we don't use that to implement the
per-package fixups. We don't, because _PRE or _POST_CONFIGURE_HOOKS are
run after we run 'make oldconfig' to sanitise the mangled .config.

[0] http://lists.busybox.net/pipermail/buildroot/2020-March/278683.html

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
d321c092d3 linux: don't specify .config to munge
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Angelo Compagnucci
67e576fab5 linux: enable AppArmor-related options if needed
Using AppArmor requires support in the kernel, so do for AppArmor what
we did for SElinux, and enabled the necessary options.

Note that a single LSM can be the default one, so as of today, SELinux
wins, by virtue of being the last to be enabled.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr:
  - don't force DEFAULT_SECURITY_APPARMOR, it does not exist in all
    kernel versions
  - move closer to SELinux
  - split into its own patch, write a commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
2020-04-20 09:53:05 +02:00
Thomas Petazzoni
19be97d497 linux: do not install images in subdirectories
The Linux kernel image is typically found in arch/ARCH/boot/, which is
why LINUX_IMAGE_PATH is defined as:

LINUX_IMAGE_PATH = $(LINUX_ARCH_PATH)/boot/$(LINUX_IMAGE_NAME)

However, on MIPS, some kernel image types are available from
arch/mips/boot/compressed, or even at the top-level directory. For
such cases, LINUX_IMAGE_NAME might be set (using
BR2_LINUX_KERNEL_IMAGE_NAME) to values such as:

  compressed/vmlinux.bin.z

or

  ../../../uzImage.bin

Except that the line:

  $(INSTALL) -m 0644 -D $(LINUX_IMAGE_PATH) $(1)/$(LINUX_IMAGE_NAME)

will lead to such images be installed in:

  $(TARGET_DIR)/boot/compressed/vmlinux.bin.z
  $(BINARIES_DIR)/compressed/vmlinux.bin.z

and:

  $(TARGET_DIR)/boot/../../../uzImage.bin
  $(BINARIES_DIR)/../../../uzImage.bin

which of course is completely bogus.

So let's install them under their name, not their full relative path
to arch/ARCH/boot/.

Reported-by: Paul Cercueil <paul@crapouillou.net>
Cc: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-04-03 00:23:49 +02:00
Carlos Santos
43f41a7bf8 linux: run depmod only if modules are enabled
If the kernel configuration CONFIG_MODULES disabled, there's no
/lib/modules/<version> directory, causing this:

depmod: ERROR: could not open directory [...]/target/lib/modules/4.19.8: No such file or directory
depmod: FATAL: could not search modules: No such file or directory
Makefile:745: recipe for target 'target-finalize' failed

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/483712831
https://gitlab.com/buildroot.org/buildroot/-/jobs/483712817
https://gitlab.com/buildroot.org/buildroot/-/jobs/483712814
https://gitlab.com/buildroot.org/buildroot/-/jobs/483712796
https://gitlab.com/buildroot.org/buildroot/-/jobs/483712729
https://gitlab.com/buildroot.org/buildroot/-/jobs/483712727
https://gitlab.com/buildroot.org/buildroot/-/jobs/483712698
https://gitlab.com/buildroot.org/buildroot/-/jobs/483712691
https://gitlab.com/buildroot.org/buildroot/-/jobs/483712660
https://gitlab.com/buildroot.org/buildroot/-/jobs/483712573
https://gitlab.com/buildroot.org/buildroot/-/jobs/483712574

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-03-25 07:29:36 +01:00
Carlos Santos
82e7656400 linux: Allow modprobe for out-of-tre modules
When a package installs a kernel module, it is currently not possible to
have it loaded with modprobe or when the kernel requests an alias for
it, as the module is not listed in /lib/modules/<kernel-version>/modules.dep
and the associated files.

So, we need to run depmod after all packages are installed, to register
any such out-of-tree module.

This means we should be able to let go of calling depmod at the time the
kernel is installed, but if we pass an invalid command, the kernel
whines:

      DEPMOD  5.4.27
    ./scripts/depmod.sh: 46: /dev/null: Permission denied
    make[2]: *** [Makefile:1326: _modinst_post] Error 126

This is because the kernel does not directly call to depmod, but uses a
wrapper that is not happy if depmod is not depmod.

Since the call to depmod does not cost much, we just keep it.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr:
  - keep calling depmod when installing kernel
  - expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-03-21 21:43:31 +01:00
Adam Duskett
326777c82f linux: add automatic selinux config selection
Enabling SELinux support in the kernel requires several options, many
of which are in different areas. These options are as follows:

  - CONFIG_AUDIT
  - CONFIG_DEFAULT_SECURITY_SELINUX
  - CONFIG_INET
  - CONFIG_NET
  - CONFIG_SECURITY
  - CONFIG_SECURITY_NETWORK
  - CONFIG_SECURITY_SELINUX

As such, if a user selects the libselinux package, it is much easier
to select these options for them, much like we already do with other
packages such as systemd or iptables.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-03-14 15:36:44 +01:00
Peter Korsgaard
953538b650 linux: use correct conditional for wireguard kernel config fixup
Commit de591c5c3a (package/wireguard-linux-compat: new package) split up
the wireguard package in wireguard-tools and wireguard-linux-compat, but
forgot to update the conditional in linux.mk, so the kernel config fixups
needed for wireguard are no longer applied.

Update the conditional to use the BR2_PACKAGE_WIREGUARD_LINUX_COMPAT symbol
instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-16 15:27:05 +01:00
Markus Mayer
af33b1c293 linux: license files hashes are only valid for latest known version
The content of COPYING changed between v4.16 and v4.17. Since kernels
before and after the change are supported, storing the hash for this
file will cause an error during "make legal-info" when a kernel with the
respective other hash is being used.

So, for the kernel, we do like we did for ATF: the license file is only
listed for the latest version.

In the process, add the missing license files referenced from COPYING
and align the fields to the new spacing convention.

Signed-off-by: Markus Mayer <mmayer@broadcom.com>
[yann.morin.1998@free.fr:
  - only list the licenses files for the latest version
  - restore the hash for COPYING
  - introduce hashes for the two new license files
  - expand commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-06 11:46:46 +01:00
Peter Korsgaard
f0b208f125 linux/linux.mk: use HOST_MAKE_ENV rather than TARGET_MAKE_ENV
While the kernel is built for the target, the build may need various host
libraries depending on config (and kernel version), so use HOST_MAKE_ENV
instead of TARGET_MAKE_ENV.

In particular, this ensures that our host-pkgconf will look for host
libraries and not target ones.

Fixes building scripts/dtc for Buildroot configurations enabling libyaml and
host-pkgconf for kernels after commit 067c650c45 (dtc: Use pkg-config to
locate libyaml).

With this enabled, we can drop the PKG_CONFIG_* variables for the
_NEEDS_HOST_LIBELF conditional, as those are included in HOST_MAKE_ENV.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-02-02 21:02:28 +01:00
Yann E. MORIN
a1feef1a0d package/linux: fix LINUX_PKGDIR with br2-external linux-extensions
When 'make' includes a new Makefile, it appends its path to the MAKEFILE_LIST
variable. From that variable, we construct a few set of derivative
variables:
    pkgdir = $(dir $(lastword $(MAKEFILE_LIST)))
    pkgname = $(lastword $(subst /, ,$(pkgdir)))

Essentially, pkgdir is the full directory where the package is located
(either relative to Buildroot's top directory for in-tree packages, or
absolute for packages in br2-external trees), while pkgname is the last
component of that directory.

pkgdir is in turn used to seed FOO_PKGDIR.

This all happens when we eventually call the package-generic infra,
later down in the file.

When they are parsed, the Makefiles for each linux-extensions are
appended to MAKEFILE_LIST, after the linux.mk one. But since they are
located in the same directory as the main linux.mk, the last component
of MAKEFILE_LIST, which is no longer the main linux.mk, will still yield
the correct values for the linux package.

This is a tough assumption we made there and then.

When we added the support for br2-external linux extensions, we where
very cautious to explicitly scan them from a directory named 'linux', so
that this would yield the correct package name.

And that worked well so far, until someone needed to build an older
kernel, for which our conditional patch is needed, and which just
failed:

    /bin/bash: [...]/buildroot-external-linux-test/linux//0001-timeconst.pl-Eliminate-Perl-warning.patch.conditional: No such file or directory

When we scan linux extensions from a br2-external tree, the last
component of MAKEFILE_LIST is no longer in the same directory as the
main linux.mk, and thus the assumption above falls to pieces...

Again, when we added support for linux extensions from br2-external,
although we cared about the package name (pkgname), we completely missed
out on the package directory, and the LINUX_PKGDIR variable.

We do not have a very clean way out of this mess, but we have a nice
dirty trick: Scan the linux extensions from a br2-external tree before we
scan the in-tree ones. That way, the last component of MAKEFILE_LIST is
back to one that is in the same directory as the main linux.mk, and
we're back on tracks.

This is still very fragile, though, but short of a complete overhaul on
how packages are parsed and evaluated, this is the best we can come in
short order.

Reported-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Heiko Thiery <heiko.thiery@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-01-25 12:00:50 +01:00
Alexey Brodkin
d7a771816d linux: Set MMU page size for ARC processors
ARC processors have configurable size of MMU page. This configuration
happens during ASIC design and couldn't be changed in final silicone
not to mention runtime changes.

Given PAGE_SIZE macro is used a lot throughout the Linux kernel sources
we just hardcode a required value during the kernel configuration.

We used to support different MMU page sizes for ARC in Buildroot for
quite some time now but so far we only tweaked uClibc on the matter.
That left us with the kernel configured with whatever was in used defconfig.

In most of real cases that's OK because typically we're building firmware
for a particular ASIC which is supposed to have a unique kernel defconfig.
But if we're dealing with FPGA-based boards or even simlators like
Synopsys DesignWare nSIM or QEMU it's possible to have dfferent MMU page
size configured in that target mostly for the sake of testing.

And so we're trying to solve 2 problems here:
 1. Make sure both user-space (via libc settings) and the Linux kernel
    are "on the same page", i.e. expect to use the same MMU page size.
 2. Simplify process of testing different page sizes.
    As now we first need to set page size in Buildroot and then in the
    kernel via "make linux-configure" or via Kconfig fragment.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
[yann.morin.1998@free.fr: simplify the conditions]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2019-12-22 21:55:36 +01:00