Commit Graph

837 Commits

Author SHA1 Message Date
Michael Walle
8e517479d8 {linux, linux-headers}: add version 5.9
Signed-off-by: Michael Walle <michael@walle.cc>
Tested-by: Bilal Wasim <bilal.wasim@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-10-12 22:36:28 +02:00
Peter Korsgaard
4dbae8ed2c {linux, linux-headers}: bump 4.19.x / 5.{4, 8}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-10-12 08:31:31 +02:00
Yann E. MORIN
4ca9edaad2 package/kmod: add option for host variant
Curently, host-kmod has no option to enable it, because only
the kernel depends on it, and this is unconditional (because
we can't know if modules will be enabled in the kernel config).

But we're soon to add options to enable various features of
kmod, so we'll need a place where to show those features.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Cc: Lucian Buga <lucianbuga@gmail.com>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-10-06 21:43:35 +02:00
Peter Korsgaard
a6e8e8fae7 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 8}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-10-03 08:52:39 +02:00
Alexander Egorenkov
e641b78033 linux: add bzImage support for IBM s390x and Z arch
Signed-off-by: Alexander Egorenkov <egorenar@linux.ibm.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-09-24 22:05:09 +02:00
Peter Korsgaard
d25b9ead1e {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.4.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-09-06 09:53:23 +02:00
Peter Korsgaard
6f5937334d package/linux-headers: drop 5.7 headers
The 5.7.x series is now EOL, so drop it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-09-06 09:52:30 +02:00
Peter Korsgaard
775b81b270 {linux, linux-headers}: add version 5.8
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-05 22:02:16 +02:00
Paul Cercueil
88a268354d linux: add support for ZSTD compression
Add support for creating self-extractible kernels compressed with ZSTD.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-03 22:26:44 +02:00
Paul Cercueil
532fe9fb57 linux: run depmod only if modules directory exists
If the modules directory that corresponds to the version of the kernel
being built has been deleted, don't try to run depmod, which will
obviously fail.

This can happen for instance when the modules are stripped from the main
root filesystem, and placed into a separate filesystem image, so that
the root filesystem and the kernel can be updated separately.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-08-29 16:56:30 +02:00
Peter Korsgaard
3cf6d708e1 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 7}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 22:35:15 +02:00
Yann E. MORIN
3f6a40e9fa linux: workaround make-4.1 bug
On Ubuntu 18.04, make-4.1 emits spurious, incorrect "entering/leaving"
messages, which end up in the LINUX_VERSION_PROBED variable:

    printf 'probed linux version: "%s"\n' "$(LINUX_VERSION_PROBED)"
    probed linux version: "make[1]: Entering directory '/home/buildroot'
    4.19.78-linux4sam-6.2
    make[1]: Leaving directory '/home/buildroot/output/build/linux-linux4sam_6.2'"

First, the messages are displayed even though we do explicitly pass
--no-print-directory -s.

Second, the entering and leaving messages are not about the same
directory!

This *only* occurs in the following conditions:

  - the user has the correct 0022 umask,
  - top-level parallel is used (with or without PPD),
  - initial -C is specified as well.

    $ umask 0022
    $ make -j16 -C $(pwd)
    [...]
    depmod: ERROR: Bad version passed make[1]:
    [...]

(yes, 'make[1]:' is the string depmod is trying, and fails, to parse as
a version string).

If any of the three conditions above is removed, the problem no longer
occurs. Here's a table of the MAKEFLAGS:

                |                   0002                         |          0022            |
    ----+-------+------------------------------------------------+--------------------------+
        | no-j  | --no-print-directory --                        |                          |
    noC |       +------------------------------------------------+--------------------------+
        | -j16  | -j --jobserver-fds=3,4 --no-print-directory -- | -j --jobserver-fds=3,4   |
    ----+-------+------------------------------------------------+--------------------------+
        | no-j  | --no-print-directory --                        | w                        |
    -C  |       +------------------------------------------------+--------------------------+
        | -j16  | -j --jobserver-fds=3,4 --no-print-directory -- | w -j --jobserver-fds=3,4 |
    ----+-------+------------------------------------------------+--------------------------+

    0002: umask == 0002
    0022: umask == 0022

    no-j: no -j flag
    -j16: -j16 flag

    noC: no -C flag
    -C : -C /path/of/buildroot/

Only the bottom-right-most case fails...

This behaviour goes against what is documented:

    https://www.gnu.org/software/make/manual/make.html#g_t_002dw-Option

    5.7.4 The ‘--print-directory’ Option
    [...]
    you do not need to specify this option because ‘make’ does it for
    you: ‘-w’ is turned on automatically when you use the ‘-C’ option,
    and in sub-makes. make will not automatically turn on ‘-w’ if you
    also use ‘-s’, which says to be silent, or if you use
    ‘--no-print-directory’ to explicitly disable it.

So this exactly describes our situation; yet 'w' is added to MAKEFLAGS.

Getting rid of the 'w' flag makes the build succeed again, so that's
what we do here (bleark, icky)...

Furthermore, the documented way to override MAKEFLAGS is to do so as a
make parameter:

    https://www.gnu.org/software/make/manual/make.html#Options_002fRecursion

    5.7.3 Communicating Options to a Sub-make
    [...]
    If you do not want to pass the other flags down, you must change the
    value of MAKEFLAGS, like this:

        subsystem:
            cd subdir && $(MAKE) MAKEFLAGS=

However, doing so does not fix the issue. So we resort to pass the
modified MAKEFLAGS via the environment (bleark, icky)...

Fixes: #13141

Reported-by: Laurent <laurent@neko-labs.eu>
Reported-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 22:09:52 +02:00
Peter Korsgaard
7a3711132a {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 7}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-24 11:28:20 +02:00
Peter Korsgaard
38f4587997 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 7}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-31 09:06:47 +02:00
Peter Korsgaard
6699d69d7e package/linux-headers: drop support for 5.6.x headers
The 5.6.x series is now EOL so remove the option and add legacy
handling for it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-31 09:06:44 +02:00
Peter Korsgaard
04c5da18ba package/linux-headers: drop support for 5.5.x headers
The 5.5.x series is now EOL so remove the option and add legacy
handling for it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-31 09:06:40 +02:00
Angelo Compagnucci
c009545716 linux: bump CIP RT kernel to version 4.19.132-cip30-rt12
This patch bumps Linux CIP RT to version 4.19.132-cip30-rt12

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-25 23:14:17 +02:00
Angelo Compagnucci
50d243cda9 linux: bump CIP kernel to version 4.19.132-cip30
This patch bumps Linux CIP to version 4.19.132-cip30

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-25 23:14:13 +02:00
Yann E. MORIN
f289b1b36f legacy: drop options removed more than 5 years ago now
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-06-22 07:17:05 +02:00
Joris Offouga
8db0c3472b {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 6, 7}.x series
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-06-07 21:58:04 +02:00
Yann E. MORIN
d8e3e93969 linux: rename config option
Commit a4eef9a395 (linux: introduce BR2_KERNEL_DTB_KEEP_DIRNAME)
introduced a new config option, but its name was not matching the
naming-scheme of the other config options.

Rename it.

We don't need legacy handling, because that config option was added very
recently and was never part of a release.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-06-07 09:27:08 +02:00
Michael Walle
a4eef9a395 linux: introduce BR2_KERNEL_DTB_KEEP_DIRNAME
In linux, newer architectures like ARM64 and RISC-V keep their device
tree sources organized by subdirectories. When these device trees are
installed by the kernel they will keep the directory names. But
buildroot strips the prefixes when installing them into /boot or the
images directory.
Sometimes the bootloader references the device tree by name (e.g.
u-boot has the environment variable 'fdtfile') which also includes
the prefix directory.
Make it possible to keep this prefix during installation, so we can
be compatible with other distributions and make it easier for the
user, because he doesn't have to change that environment variable.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-06-06 00:07:25 +02:00
Michael Walle
7592cc4ad2 {linux, linux-headers}: add version 5.7
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-06-05 22:52:21 +02:00
Thomas Petazzoni
a6569f2b3d Merge branch 'next'
A few conflicts had to be resolved:

 - Version number and hash for mesa3d-headers/mesa3d
 - Patches added in qemu, and the qemu version number
 - The gnuconfig README.buildroot

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-06-02 21:59:52 +02:00
Peter Korsgaard
e0f5cc8f66 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 6}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-06-01 22:50:19 +02:00
Yann E. MORIN
5587f366cd package/linux-tools/perf: bear the kernel options munging
perf by itself is not a standalone package; instead, it is part of a
bigger package, linux-tools.

Even though perf is the only one to need kernel .config fixups, we still
do it in a generic way, as it blends nicely in the existing variables,
which all use a loop over all the tools.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-31 23:08:44 +02:00
Yann E. MORIN
40e0bf4c0c linux: forcibly disable use of gcc plugins
The soon-to-be-released linux 5.7 has changed the way it detects the
ability of gcc to use plugins, when it dropped support for gcc 4.7 or
older [0].

To detect the ability to use gcc plugins, the kernel has to check
whether the host gcc is capable enough to build them.

When we call one of the configurator for the Linux kernel, we explicitly
pass a value of HOSTCC=$(HOSTCC_NOCCACHE), because there might be a
discrepancy between the ncurses headers and libraries as found by the
Linux kconfig build [1] [2].

But then, when we build the kernel, we pass another value to use [3]
HOSTCC="$(HOSTCC) $(HOST_CFLAGS) $(HOST_LDFLAGS)" which boils down to
roughly: gcc -I.../host/include -L.../host/lib -Wl,-rpath,.../host/lib
This is needed so that at build time, the kernel can build host tools
that link with our openssl et al.

So, the two HOSTCC we pass to the kernel may have different behaviours.
For example, on a machine where gmp is missing in the system, it is
available in $(O)/host/ when using an internal toolchain (and under a
few other conditions).

In that case, when configuring the kernel, it decides that the host
compiler can't build plugins, so the dependencies of CONFIG_GCC_PLUGINS
are not met, and that option is not present in the linux' .config file
(neither as "=y" nor as "is not set"). But then, when we build the
kernel, the host compiler suddenly becomes capable of building the
plugins, and the internal syncconfig run by the kernel will notice that
the dependencies of CONFIG_GCC_PLUGINS are now met, and that the user
shall decide on its value. And this blocks a build on an interactive
console (abbreviated):

    * Restart config...
    * GCC plugins
    GCC plugins (GCC_PLUGINS) [Y/n/?] (NEW) _

But most problematic is the behaviour when run in a shell that is not
interactiove (e.g. a CI job or such) (abbreviated):

    * Restart config...
    * GCC plugins
    GCC plugins (GCC_PLUGINS) [Y/n/?] (NEW)
    Error in reading or end of file.
      Generate some entropy during boot and runtime (GCC_PLUGIN_LATENT_ENTROPY) [N/y/?] (NEW)
    Error in reading or end of file.
      Randomize layout of sensitive kernel structures (GCC_PLUGIN_RANDSTRUCT) [N/y/?] (NEW)
    Error in reading or end of file.
    * Memory initialization
    Initialize kernel stack variables at function entry
    > 1. no automatic initialization (weakest) (INIT_STACK_NONE)
      2. zero-init structs marked for userspace (weak) (GCC_PLUGIN_STRUCTLEAK_USER) (NEW)
      3. zero-init structs passed by reference (strong) (GCC_PLUGIN_STRUCTLEAK_BYREF) (NEW)
      4. zero-init anything passed by reference (very strong) (GCC_PLUGIN_STRUCTLEAK_BYREF_ALL) (NEW)
    choice[1-4?]:
    Error in reading or end of file.
    Poison kernel stack before returning from syscalls (GCC_PLUGIN_STACKLEAK) [N/y/?] (NEW)
    Error in reading or end of file.
    Enable heap memory zeroing on allocation by default (INIT_ON_ALLOC_DEFAULT_ON) [N/y/?] n
    Enable heap memory zeroing on free by default (INIT_ON_FREE_DEFAULT_ON) [N/y/?] n

The most obvious and simple solution would be to unconditionally disable
gcc plugins altogether, in the KCONFIG_FIXUP hook. But that can't work
either, because after applying the fixups, we call olddefconfig (or the
likes) with the incapable HOSTCC, so the disabled option would be removed
anyway, and we'd be back to square one.

So, in addition to the above, we also forcibly hack the same call just
before actually building the kernel.

Note that the two are needed: the one in the fixups is needed for those
that have a system that already allows building gcc plugins, and the
second is needed in the other case, where the system does not allow it
but would work with our additional headers and libs in $(O)/host/. The
two ensure there is a very similar experience in the two situations.

Forcibly disabling the use of gcc plugins is not a regression on our
side: it has never been possible to do so so far. We're now making sure
that can't work by accident.

Reported-by: Ganesh <ganesh45in@gmail.com>,
Reported-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Michael Walle <michael.walle@kontron.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-31 22:41:57 +02:00
Yegor Yefremov
bec3cab834 linux: fix COPYING file hash
In version 5.6 a minor change was made to this file, stating tht "[a]ll
contributions to the Linux Kernel are subject to this COPYING file",
and hence the hash changed.

We can update the hash, because the licensing information is only
accounted for the "latest" version, so the hash change will not impact
older kernel versions as the user would have to switch to a non-latest
kernel.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-27 18:34:38 +02:00
Peter Korsgaard
8a12ddaa29 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 6}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-05-26 12:01:10 +02:00
Peter Korsgaard
7616ce3e46 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 6}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-05-11 09:24:56 +02:00
Angelo Compagnucci
fb8186d53e linux: bump CIP, CIP RT hashes
Bumping the hashes for CIP and CIP RT.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-05-10 22:59:12 +02:00
Angelo Compagnucci
2452aa182d linux: bump CIP RT kernel to version 4.19.115-cip24-rt9
This patch bumps Linux CIP RT version to 4.19.115-cip24-rt9.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-09 16:58:41 +02:00
Angelo Compagnucci
1b53b94690 linux: bump CIP kernel to version 4.19.118-cip25
This patch bumps Linux CIP version to v4.19.118-cip25.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-09 16:58:37 +02:00
Thomas Petazzoni
7292a5a072 package/libapparmor: bear the kernel options munging
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
391c448acb package/kernel-module-imx-gpu-viv: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Gary Bisson <bisson.gary@gmail.com>
Cc: Refik Tuzakli <tuzakli.refik@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
49bf417618 package/libselinux: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Cc: Marcus Folkesson <marcus.folkesson@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Adam Duskett <aduskett@gmail.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
b294165e01 package/wireguard-linux-compat: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
0d8e61e827 package/xtables-addons: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
ee07995ac5 package/iptables: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
1b4a2bd8e4 package/sunxi-mali-mainline-driver: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:29 +02:00
Yann E. MORIN
2bac81f0cb package/smack: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
94cb814511 package/systemd: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
df988d40e7 package/pcm-tools: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
b18824ffcb package/ktap: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Anders Darander <anders@chargestorm.se>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
af43d0aa34 package/intel-micro-code: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
ad42b7f6f0 package/audit: bear the kernel options munging
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
0aed4c2dae linux: allow packages to set kernel config options
Currently, the linux kernel will apply some fixups on its .config file,
based on whether some packages are enabled or not. That list of
conditional fixups is getting bigger and bigger with each new package
that needs such fixups, culminating with the pending firewalld one [0].

Furthermore, these fixups are not accessible to packages in br2-external
trees.

Add a new per-package variable, that packages may set to the commands to
run to fixup the kernel .config file, which is added at the end of the
linux' own fixups.

This opens the possibility to write things like;

    define FOO_LINUX_CONFIG_FIXUPS
        $(call KCONFIG_ENABLE_OPT,BLA)
    endef

Of course, it also opens the way to run arbitrary commands in there, but
any alternative that would be declarative only, such as a list of
options to enable or disable (as an example):

    FOO_LINUX_CONFIG_FIXUPS = +BAR -FOO +BUZ="value"

.. is not very nice either, and such lists fall flat when a value would
have a space.

For packages that we have in-tree, we can ensure they won't play foul
with their _LINUX_CONFIG_FIXUPS. For packages in br2-external trees,
there's nothing we can do; users already have the opportunity to hack
into the linux configure process by providing LINUX_PRE_CONFIGURE_HOOKS
or LINUX_POST_CONFIGURE_HOOKS anyway...

.. which brings the question of why we don't use that to implement the
per-package fixups. We don't, because _PRE or _POST_CONFIGURE_HOOKS are
run after we run 'make oldconfig' to sanitise the mangled .config.

[0] http://lists.busybox.net/pipermail/buildroot/2020-March/278683.html

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Yann E. MORIN
d321c092d3 linux: don't specify .config to munge
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-01 15:50:28 +02:00
Peter Korsgaard
72a6e50da9 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 5, 6}.x series
Notice: 5.5.x is now EOL, so should be dropped at the next version bump.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-04-23 21:42:27 +02:00
Angelo Compagnucci
67e576fab5 linux: enable AppArmor-related options if needed
Using AppArmor requires support in the kernel, so do for AppArmor what
we did for SElinux, and enabled the necessary options.

Note that a single LSM can be the default one, so as of today, SELinux
wins, by virtue of being the last to be enabled.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr:
  - don't force DEFAULT_SECURITY_APPARMOR, it does not exist in all
    kernel versions
  - move closer to SELinux
  - split into its own patch, write a commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
2020-04-20 09:53:05 +02:00