Set CCACHE_DIR to $(TOPDIR)/.ccache and CCACHE_BASEDIR to $(TOPDIR).
This allows to do clean and dirclean. Cache hit rate for test build
after dirclean is ~65%.
If CCACHE is enabled stats are printed out at the end of building process.
CCACHE_DIR config variable allows to override default, which could be useful
when sharing cache with many builds.
cacheclean make target allows to clean the cache.
Changes from v1:
- remove ccache directory using CCACHE_DIR variable
- remove ccache leftovers from sdk and toolchain make files
- introduce CONFIG_CCACHE_DIR variable
- introduce cacheclean make target
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Removes the standalone implementation of stack smashing protection
in gcc's libssp in favour of the native implementation available
in glibc and uclibc. Musl libc already uses its native ssp, so this
patch does not affect musl-based toolchains.
Stack smashing protection configuration options are now uniform
across all supported libc variants.
This also makes kernel-level stack smashing protection available
for x86_64 and i386 builds using non-musl libc.
Signed-off-by: Ian Cooper <iancooper@hotmail.com>
This patch adds support for the MikroTik RouterBOARD RB493G, ported
from the ar71xx target.
See https://routerboard.com/RB493G for details
Specification:
- SoC Qualcomm Atheros AR7161
- RAM: 256 MiB
- Storage: 128MiB NAND
- Ethernet: 9x 1000/100/10 Mbps
- USB 1x 2.0 / 1.0 type A
- PCIe: 3x Mini slot
- MicroSD slot
Working:
- Board/system detection
- Ethernet
- SPI
- NAND
- LEDs
- USB
- Sysupgrade
Enabled (but untested due to lack of hardware):
- PCIe - ath79_pci_irq struct has the slot/pin/IRQ mappings if needed
Installation methods:
- tftp boot initramfs image, scp then flash via "sysupgrade -n"
- nand boot existing OpenWrt, scp then flash via "sysupgrade -n"
Notes:
- initramfs image will not work if uncompressed image size over ~8.5Mb
- The "rb4xx" drivers have been enabled
Signed-off-by: Christopher Hill <ch6574@gmail.com>
JSON info files contain machine readable information of built profiles
and resulting images. These files were added in commit 881ed09ee6
("build: create JSON files containing image info").
They are useful for firmware wizards and script checking for
reproducibility.
Currently all JSON files are stored next to the built images, resulting
in up to 168 individual files for the ath79/generic target.
This patch refactors the JSON creation to store individual per image
(not per profile) files in $(BUILD_DIR)/json_info_files and create an
single overview file called `profiles.json` in the target directory.
Storing per image files and not per profile solves the problem of
parallel file writes. If a profiles sysupgrade and factory image are
finished at the same time both processes would write to the same JSON
file, resulting in randomly broken outputs.
Some target like x86/64 do not use the image code yet, resulting in
missing JSON files. If no JSON info files were created, no
`profiles.json` files is created as it would be empty anyway.
As before, this creation is enabled by default only if `BUILDBOT` is set.
Tested via buildroot & ImageBuilder on ath79/generic, imx6 and x86/64.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[json_info_files dir handling in Make, if case refactoring]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Add EFI platform bootable images for x86 platforms. These images can
also boot from legacy BIOS platform.
EFI System Partition need to be fat12/fat16/fat32 (not need to load
filesystem drivers), so the first partition of EFI images are not ext4
filesystem any more.
GPT partition table has an alternate partition table, we did not
generate it. This may cause problems when use these images as qemu disk
(kernel can not find rootfs), we pad enough sectors will be ok.
Signed-off-by: 李国 <uxgood.org@gmail.com>
[part_magic_* refactoring, removed genisoimage checks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This commit introduces few related changes which need to be done in
single commit to keep images buildable between git revisions. In result
it retains all previous image creation possibilities with slight name
change of generated images. Brief summary of the commit:
* Split up image generation recipe to smaller chunks to make it more
generic and reusable.
* Make iso images x86 specific and drop their definition as root
filesystem.
* Convert image creation process to generic code specified in image.mk.
* Make geode subtarget inherit features from the main target instead of
redefining them.
* For subtargets create device definitions with basic packages set.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rebased]
Signed-off-by: Paul Spooren <mail@aparcar.org>
1. KERNEL_CRASH_DUMP should depends on KERNEL_PROC_KCORE (kexec use it)
2. select crashkernel mem size by totalmem
mem <= 256M disable crashkernel by default
mem >= 4G use 256M for crashkernel
mem >= 8G use 512M for crashkernel
default use 128M
3. set BOOT_IMAGE in kdump.init
4. resolve a "Unhandled rela relocation: R_X86_64_PLT32" error
Tested on x86_64
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
With kernel 5.4 the upstream kernel supports deactivating the FPU
support on MIPS. Use this new upstream feature instead of our older
patch which was removed when porting the kernel patches to kernel 5.4.
This way both options are set which should work for older kernel
versions and also new ones.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
CONFIG_INCLUDE_CONFIG option is helpful for being able to rebuild the
exact same firmware as you see on a live OpenWRT instance, but it's
crucially missing feeds information, so we can't rebuild the exact same
package versions. This commit fixes this by adding the remaining feeds
(and version) buildinfo files to the image.
Signed-off-by: Xu Wang <xwang1498@gmx.com>
Make it possible to activate some additional kernel debug options.
This can be used to debug some problems in kernel drivers.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The adds an option to activate KCOV (Code coverage for fuzzing).
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The kernel kernel address sanitizer is able to detect some memory
bugs in the kernel like out of range array accesses.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The kernel Undefined Behavior Sanitizer is able to detect some memory
bugs in the kernel like out of range array accesses.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This change makes the names of Broadcom targets consistent by using
the common notation based on SoC/CPU ID (which is used internally
anyway), bcmXXXX instead of brcmXXXX.
This is even used for target TITLE in make menuconfig already,
only the short target name used brcm so far.
Despite, since subtargets range from bcm2708 to bcm2711, it seems
appropriate to use bcm27xx instead of bcm2708 (again, as already done
for BOARDNAME).
This also renames the packages brcm2708-userland and brcm2708-gpu-fw.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Álvaro Fernández Rojas <noltari@gmail.com>
This tristate choose allows to select to build only some applications
with PIE enabled. On MIPS binaries are getting about 30% bigger when PIE
is activated for the, which is a huge increase.
Network exposed applications like dnsmasq should then be build with PIE
enabled, but some applications which are normally not parsing data from
the network do not have it activated. The regular option should give a
good trade off between extra flash and RAM memory usage and security.
This changes the default from building no applications with PIE to build
some specifically marked applications with PIE enabled. This option is
only activated for targets with bigger flash and RAM to not consume
extra memory on the very small targets. On SDK builds the Regular option
should always be selected, because some tiny targets share the
applications with big targets and only the images for the tiny targets
should contain the none PIE applications, but the images for the normal
targets should use PIE. The shared packages should always use PIE when
it should be normally activated.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
Don't build with uClibc-ng. It's totally unsupported as several functions
are missing.
Make the musl libc support conditional.
Fix hash with make check FIXUP=1. Apparently I based the Makefile off of
libedit and forgot to fix the hash.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fixes: 856ea2bad3 ("libcxx: Add package")
Currently in OpenWrt, there are two libc++: libstdcpp and uClibc++. The
former is huge and the latter supports only C++98 with some basic support
for C++11. Those C++ versions seem to be specific to the compiler version
libcxx supports C++11 and above while being much smaller than libstdcpp.
On mt7621, these are the sizes of the ipks that I get:
libstdcpp: 460786
libcxx: 182881
uClibc++:67720
libcxx is faster than uClibc++ and is under active development as part of
the LLVM project while uClibc++ is effectively dead.
This PR modifies uclibc++.mk to expose the make menuconfig option. Further
cleanup is beyond the scope of this PR. What that means is, this is not
used by default.
A g++-libcxx wrapper based on the uClibc++ one was added. Works the same
way.
Compile tested with all packages that use uclibc++.mk in their Makefiles
under mipsel_24kc. kismet fails compilation but that package needs to be
cleaned up and updated.
Runtime tested with gddrescue, gdisk, dcwapd, bonnie++, and aircrack-ng
on a TP-Link Archer C7v2.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This separates the options for signature creation and verification
* SIGNED_PACKAGES create Packages.sig
* SIGNED_IMAGES add ucert signature to created images
* CHECK_SIGNATURE add verification capabilities to images
* INSTALL_LOCAL_KEY add local key-build to /etc/opkg/keys
Right now the buildbot.git contains some hacks to create images that
have signature verification capabilities while not storing private keys
on buildbot slaves. This commit allows to disable these steps for the
buildbots and only perform signing on the master.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Lets remove unused GCC_VERSION_4_8 symbol after the series of patches
which has switched to target gcc-8 by default.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[refactored into separate commit]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The JSON info files contain details about the created firmware images
per device and are stored next to the created images.
The JSON files are stored as "$(IMAGE_PREFIX).json" and contain some
device/image meta data as well as a list of created firmware images.
An example of openwrt-ramips-rt305x-aztech_hw550-3g.json
{
"id": "aztech_hw550-3g",
"image_prefix": "openwrt-ramips-rt305x-aztech_hw550-3g",
"images": [
{
"name": "openwrt-ramips-rt305x-aztech_hw550-3g-squashfs-sysupgrade.bin",
"sha256": "db2b34b0ec4a83d9bf612cf66fab0dc3722b191cb9bedf111e5627a4298baf20",
"type": "sysupgrade"
}
],
"metadata_version": 1,
"supported_devices": [
"aztech,hw550-3g",
"hw550-3g"
],
"target": "ramips/rt305x",
"titles": [
{
"model": "HW550-3G",
"vendor": "Aztech"
},
{
"model": "ALL0239-3G",
"vendor": "Allnet"
}
],
"version_commit": "r10920+123-0cc87b3bac",
"version_number": "SNAPSHOT"
}
Signed-off-by: Paul Spooren <mail@aparcar.org>
Add option BUILD_LOG_DIR to menuconfig to change log destination.
The mix-up of *DIR* and *FOLDER* is confusing however.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Change TARGET_ROOTFS_PARTSIZE from 128 to 104 MiB, so the whole image
(bootloader + boot + root) will fit on a 128MB CF card by default.
With these settings, the generated images (tested on x86-generic and
x86-64) have 126,353,408 bytes; the smallest CF card marketed as "128MB"
that I found a datasheet for (a Transcend TS128MCF80) has 126,959,616
bytes.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
KERNEL_DEVPTS_MULTIPLE_INSTANCES and KERNEL_POSIX_MQUEUE were
previously enabled by default only if KERNEL_LXC_MISC was selected.
KERNEL_LXC_MISC was enabled only if the SMALL_FLASH (anti-)feature
was not selected.
Now that KERNEL_LXC_MISC no longer exists, make sure that those
options are also only enabled by default for !SMALL_FLASH targets.
Fixes: 4f94a331 ("config: kernel: remove KERNEL_LXC_MISC")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Kernel features are neutral. The two cascaded features can also be
useful for other container related tools
It's also less error-prone if only kconfig symbols from the kernel are
prefixed KERNEL_
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
generate feeds.buildinfo and version.buildinfo in build dir after
containing the feed revisions (via ./scripts/feeds list -sf) as well as
the current revision of buildroot (via ./scripts/getver.sh).
With this information it should be possible to reproduce any build,
especially the release builds.
Usage would be to move feeds.buildinfo to feeds.conf and git checkout the
revision hash of version.buildinfo.
Content of feeds.buildinfo would look similar to this:
src-git routing https://git.openwrt.org/feed/routing.git^bf475d6
src-git telephony https://git.openwrt.org/feed/telephony.git^470eb8e
...
Content of version.buildinfo would look similar to this:
r10203+1-c12bd3a21b
Without the exact feed revision it is not possible to determine
installed package versions.
Also rename config.seed to config.buildinfo to follow the recommended
style of https://reproducible-builds.org/docs/recording/
Signed-off-by: Paul Spooren <mail@aparcar.org>
Introduce a new option CONFIG_SIGNATURE_CHECK which defaults to the value
of CONFIG_SIGNED_PACKAGES and thus is enabled by default.
This option is needed to support building target opkg with enabled
signature verification while having the signed package lists disabled.
Our buildbots currently disable package signing globally in the
buildroot and SDK to avoid the need to ship private signing keys to
the build workers and to prevent the triggering of random key generation
on the worker nodes since package signing happens off-line on the master
nodes.
As unintended side-effect, updated opkg packages will get built with
disabled signature verification, hence the need for a new override option.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The linux kernel is not reproducible because the build user
and domain is included into the kernel. Set the build user
to `builder` and build domain to buildhost.
It's also possible to build reproducible builds by setting
KERNEL_BUILD_USER KERNEL_BUILD_DOMAIN to static values.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
As we're now going to pad all images by default to 128MiB let's enable
compression of the images for armvirt and malta in order to save some
space and bandwidth.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
As we're now going to pad all images by default, lets decrease the
default rootfs partition size from 256MiB to 128MiB in order to save
some space.
I'm keeping it above 100MiB in order to keep current behavior, where
overlay filesystem is using F2FS.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
It's being used only in x86 target to produce combined images, where
it's mandatory to have padded images in order to produce working
squashfs combined images usable in QEMU.
Currently we're producing unusable x86 combined squashfs images
(18.06.1, 18.06.2 and snapshots) as we don't enable TARGET_IMAGES_PAD,
thus providing very small space for the overlay filesystem, leading to
the following with OpenWrt 18.06.1 r7258-5eb055306f images on x86 QEMU:
root@(none):/# mount | egrep 'root|overlay'
/dev/root on /rom type squashfs
/dev/loop0 on /overlay type ext4
overlayfs:/overlay on / type overlay
root@(none):/# df -h | egrep 'root|overlay|Size'
Filesystem Size Used Available Use% Mounted on
/dev/root 2.5M 2.5M 0 100% /rom
/dev/loop0 113.0K 8.0K 97.0K 8% /overlay
overlayfs:/overlay 113.0K 8.0K 97.0K 8% /
So we should rather ensure proper image padding in image generation code
and we shouldn't rely on config options in order to generate usable
images.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
enable kernel features needed for procd-ujail, procd-seccomp, lxc and
more on devices with big enough flash. Those packages are currently
useless in binary builds due to missing kernel features.
Enable the features on devices which can bare with the extra space
consumption.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Commit eae6cac6a3 ("lantiq: add support for AVM FRITZ!Box 7362 SL"), but
one needs an initramfs image to flash OpenWrt from stock firmware (as
described in the commit log). This patch has the initramfs image built
by default.
Thanks to blogic (for pointing to the FEATURES declaration in the target
Makefiles) and Musashino on the forum for suggesting
config/Config-images.in needed editing too. While at it, reorder the
TARGET_INITRAMFS_COMPRESSION_LZMA declarations alphabetically.
This patch will result in initramfs images for all lantiq subtargets
that have the ramdisk flag set. I tested on the falcon and ase
subtargets, which lack that flag, to confirm they don't produce any
initramfs images with this patch - which they do not.
Given the limited scope of the lantiq (sub)target(s), blogic indicated
this should be OK.
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[fixed the wrong reference to eae6cac6a3 commit]
If the target supports a newer kernel version that is not used by default
yet, it can be enabled with this option
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Upstream has renamed KPROBE_EVENT to KPROBE_EVENTS in the following
commit:
commit 6b0b7551428e4caae1e2c023a529465a9a9ae2d4
Author: Anton Blanchard <anton@samba.org>
Date: Thu Feb 16 17:00:50 2017 +1100
perf/core: Rename CONFIG_[UK]PROBE_EVENT to CONFIG_[UK]PROBE_EVENTS
We have uses of CONFIG_UPROBE_EVENT and CONFIG_KPROBE_EVENT as
well as CONFIG_UPROBE_EVENTS and CONFIG_KPROBE_EVENTS.
Consistently use the plurals.
So I'm adding this plural option in order to make kconfig happy and stop
asking about it if kernel is compiled with verbose logging:
Enable kprobes-based dynamic events (KPROBE_EVENTS) [Y/n/?] (NEW)
Signed-off-by: Petr Štetiar <ynezz@true.cz>
VBoxManage is not used and the image is created with proper permisions:
0f5d0f6 image: use internal qemu-img for vmdk and vdi images drop host
dependencies on qemu-utils and VirtualBox
Unreachable config symbols:
9e0759e x86: merge all geode based subtargets into one
No need to define those symbols since x86_64 is subtarget of x86:
196fb76 x86: make x86_64 a subtarget instead of a standalone target
Unreachable config symbols, so remove GRUB_ROOT:
371b382 x86: remove the xen_domu subtarget
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
When CGROUP block io is enabled a new symbol is exposed and needs to
be set or unset else kernel oldconfig hangs waiting for input during
normal OpenWrt builds. Therefore add sane defaults for this symbol
in that case. Also, the defaults brcm2708 are different than generic
defaults because the platform's defconfig enables BLK_DEV_THROTTLING
by default (in defconfig config from the patches used to match
upstream's kernel, not in OpenWrt config-4.xx).
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
[make KERNEL_BLK_DEV_THROTTLING_LOW depend on KERNEL_BLK_DEV_THROTTLING]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This patch adds the boot-part feature which enables the brcm2708
target move from the custom boot partition size config option to
the generic CONFIG_TARGET_KERNEL_PARTSIZE.
Note:
For people using custom images: Just like with
CONFIG_TARGET_ROOTFS_PARTSIZE changing the value
can cause sysupgrade to repartition the device!
Make sure to have a backup in this case.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This may be useful if you don't entirely trust your flash and want to be able
to check for corruptions.
Signed-off-by: Michal Hrusecky <Michal@Hrusecky.net>
This patch adds the boot-part feature to the apm82181 sata target.
This makes it possible to configure the boot partition size with
the generic CONFIG_TARGET_KERNEL_PARTSIZE symbol.
Please note: For people using custom images: Just like with
CONFIG_TARGET_ROOTFS_PARTSIZE changing the value can cause
sysupgrade to repartition the device!
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The configuration option was renamed with kernel 4.19 from
CONFIG_CC_STACKPROTECTOR to CONFIG_STACKPROTECTOR adapt the code to set
both options.
CONFIG_STACKPROTECTOR now sets the regular stack protector and
CONFIG_STACKPROTECTOR_STRONG activates the additional protection of more
functions.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The sdcard image generation uses CONFIG_TARGET_ROOTFS_PARTSIZE, which is
currently bound to TARGET_ROOTFS_EXT4FS on this target.
Since the rootfs is squashfs anyway, allow deselecting of the ext4fs
one.
Sort the target list alphabetically while here.
Signed-off-by: Andre Heider <a.heider@gmail.com>