1
0
forked from brl/citadel

initial commit

This commit is contained in:
brl 2017-12-04 16:33:20 -05:00
commit 5ee483428c
25 changed files with 6115 additions and 0 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
build/

15
README.md Normal file
View File

@ -0,0 +1,15 @@
## Very basic build instructions
$ source setup-build-env
$ bitbake citadel-image-minimal
## Git subtrees included
$ git subtree add --prefix poky git://git.yoctoproject.org/poky.git master --squash
$ git subtree add --prefix meta-intel git://git.yoctoproject.org/meta-intel.git master --squash
$ git gc && git prune
* `https://www.atlassian.com/blog/git/alternatives-to-git-submodule-git-subtree`
* `https://legacy-developer.atlassian.com/blog/2015/05/the-power-of-git-subtree/`

View File

@ -0,0 +1,13 @@
# POKY_BBLAYERS_CONF_VERSION is increased each time build/conf/bblayers.conf
# changes incompatibly
POKY_BBLAYERS_CONF_VERSION = "2"
BBPATH = "${TOPDIR}"
BBFILES ?= ""
BBLAYERS ?= " \
##OEROOT##/meta \
##OEROOT##/../meta-intel \
##OEROOT##/../meta-citadel \
##OEROOT##/../meta-citadel-distro \
"

View File

@ -0,0 +1,39 @@
DISTRO = "citadel-distro"
DISTRO_NAME = "Subgraph OS Citadel"
DISTRO_VERSION = "1.0"
CITADEL_DEFAULT_DISTRO_FEATURES = "largefile systemd"
DISTRO_FEATURES ?= "${DISTRO_FEATURES_DEFAULT} ${DISTRO_FEATURES_LIBC} ${CITADEL_DEFAULT_DISTRO_FEATURES}"
#
# Use systemd for system initialization
#
VIRTUAL-RUNTIME_init_manager = "systemd"
VIRTUAL-RUNTIME_initscripts = ""
VIRTUAL-RUNTIME_initscripts = "systemd-compat-units"
DISTRO_FEATURES_BACKFILL_CONSIDERED += "sysvinit"
PREFERRED_PROVIDER_virtual/kernel = "linux-citadel"
PACKAGE_CLASSES ?= "package_deb"
INITRAMFS_IMAGE_BUNDLE = "1"
INITRAMFS_IMAGE = "citadel-initramfs"
NOISO = "1"
EFI_PROVIDER = "systemd-boot"
IMAGE_FSTYPES = "wic"
IMAGE_FEATURES = "read-only-rootfs"
GLIBC_SPLIT_LC_PACKAGES = "0"
IMAGE_LINGUAS = "en-us"
BUILD_REPRODUCIBLE_BINARIES = "1"
IMAGE_CLASSES += "qemuboot"
QB_NET = "none"
QB_MEM = "-m 1024"
QB_DEFAULT_FSTYPE = "wic"
require conf/distro/include/security_flags.inc

View File

@ -0,0 +1,18 @@
# We have a conf and classes directory, add to BBPATH
BBPATH =. "${LAYERDIR}:"
# We have recipes-* directories, add to BBFILES
BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \
${LAYERDIR}/recipes-*/*/*.bbappend"
BBFILE_COLLECTIONS += "citadeldist"
BBFILE_PATTERN_citadeldist = "^${LAYERDIR}/"
BBFILE_PRIORITY_citadeldist = "5"
LAYERSERIES_COMPAT_citadeldist = "rocko"
# This should only be incremented on significant changes that will
# cause compatibility issues with other layers
LAYERVERSION_citadel = "1"
REQUIRED_POKY_BBLAYERS_CONF_VERSION = "2"

View File

@ -0,0 +1,199 @@
#
# This file is your local configuration file and is where all local user settings
# are placed. The comments in this file give some guide to the options a new user
# to the system might want to change but pretty much any configuration option can
# be set in this file. More adventurous users can look at local.conf.extended
# which contains other examples of configuration which can be placed in this file
# but new users likely won't need any of them initially.
#
# Lines starting with the '#' character are commented out and in some cases the
# default values are provided as comments to show people example syntax. Enabling
# the option is a question of removing the # character and making any change to the
# variable as required.
# Distro configuration:
#
# meta-citadel-distro/conf/distro/citadel-distro.conf
#
DISTRO ?= "citadel-distro"
# Machine configuration:
#
# meta-intel/conf/machine/intel-corei7-64.conf
#
MACHINE ?= "intel-corei7-64"
#
#
# Where to place downloads
#
# During a first build the system will download many different source code tarballs
# from various upstream projects. This can take a while, particularly if your network
# connection is slow. These are all stored in DL_DIR. When wiping and rebuilding you
# can preserve this directory to speed up this part of subsequent builds. This directory
# is safe to share between multiple builds on the same machine too.
#
# The default is a downloads directory under TOPDIR which is the build directory.
#
# DL_DIR ?= "${TOPDIR}/downloads"
#
# Where to place shared-state files
#
# BitBake has the capability to accelerate builds based on previously built output.
# This is done using "shared state" files which can be thought of as cache objects
# and this option determines where those files are placed.
#
# You can wipe out TMPDIR leaving this directory intact and the build would regenerate
# from these files if no changes were made to the configuration. If changes were made
# to the configuration, only shared state files where the state was still valid would
# be used (done using checksums).
#
# The default is a sstate-cache directory under TOPDIR.
#
# SSTATE_DIR ?= "${TOPDIR}/sstate-cache"
#
# Where to place the build output
#
# This option specifies where the bulk of the building work should be done and
# where BitBake should place its temporary files and output. Keep in mind that
# this includes the extraction and compilation of many applications and the toolchain
# which can use Gigabytes of hard disk space.
#
# The default is a tmp directory under TOPDIR.
#
#TMPDIR = "${TOPDIR}/tmp"
#
# SDK target architecture
#
# This variable specifies the architecture to build SDK items for and means
# you can build the SDK packages for architectures other than the machine you are
# running the build on (i.e. building i686 packages on an x86_64 host).
# Supported values are i686 and x86_64
#SDKMACHINE ?= "i686"
#
# Extra image configuration defaults
#
# The EXTRA_IMAGE_FEATURES variable allows extra packages to be added to the generated
# images. Some of these options are added to certain image types automatically. The
# variable can contain the following options:
# "dbg-pkgs" - add -dbg packages for all installed packages
# (adds symbol information for debugging/profiling)
# "dev-pkgs" - add -dev packages for all installed packages
# (useful if you want to develop against libs in the image)
# "ptest-pkgs" - add -ptest packages for all ptest-enabled packages
# (useful if you want to run the package test suites)
# "tools-sdk" - add development tools (gcc, make, pkgconfig etc.)
# "tools-debug" - add debugging tools (gdb, strace)
# "eclipse-debug" - add Eclipse remote debugging support
# "tools-profile" - add profiling tools (oprofile, lttng, valgrind)
# "tools-testapps" - add useful testing tools (ts_print, aplay, arecord etc.)
# "debug-tweaks" - make an image suitable for development
# e.g. ssh root access has a blank password
# There are other application targets that can be used here too, see
# meta/classes/image.bbclass and meta/classes/core-image.bbclass for more details.
# We default to enabling the debugging tweaks.
EXTRA_IMAGE_FEATURES ?= "debug-tweaks"
#
# Additional image features
#
# The following is a list of additional classes to use when building images which
# enable extra features. Some available options which can be included in this variable
# are:
# - 'buildstats' collect build statistics
# - 'image-mklibs' to reduce shared library files size for an image
# - 'image-prelink' in order to prelink the filesystem image
# NOTE: if listing mklibs & prelink both, then make sure mklibs is before prelink
# NOTE: mklibs also needs to be explicitly enabled for a given image, see local.conf.extended
USER_CLASSES ?= "buildstats"
#
# Runtime testing of images
#
# The build system can test booting virtual machine images under qemu (an emulator)
# after any root filesystems are created and run tests against those images. To
# enable this uncomment this line. See classes/testimage(-auto).bbclass for
# further details.
#TEST_IMAGE = "1"
#
# Interactive shell configuration
#
# Under certain circumstances the system may need input from you and to do this it
# can launch an interactive shell. It needs to do this since the build is
# multithreaded and needs to be able to handle the case where more than one parallel
# process may require the user's attention. The default is iterate over the available
# terminal types to find one that works.
#
# Examples of the occasions this may happen are when resolving patches which cannot
# be applied, to use the devshell or the kernel menuconfig
#
# Supported values are auto, gnome, xfce, rxvt, screen, konsole (KDE 3.x only), none
# Note: currently, Konsole support only works for KDE 3.x due to the way
# newer Konsole versions behave
#OE_TERMINAL = "auto"
# By default disable interactive patch resolution (tasks will just fail instead):
PATCHRESOLVE = "noop"
#
# Disk Space Monitoring during the build
#
# Monitor the disk space during the build. If there is less that 1GB of space or less
# than 100K inodes in any key build location (TMPDIR, DL_DIR, SSTATE_DIR), gracefully
# shutdown the build. If there is less that 100MB or 1K inodes, perform a hard abort
# of the build. The reason for this is that running completely out of space can corrupt
# files and damages the build in ways which may not be easily recoverable.
# It's necesary to monitor /tmp, if there is no space left the build will fail
# with very exotic errors.
BB_DISKMON_DIRS = "\
STOPTASKS,${TMPDIR},1G,100K \
STOPTASKS,${DL_DIR},1G,100K \
STOPTASKS,${SSTATE_DIR},1G,100K \
STOPTASKS,/tmp,100M,100K \
ABORT,${TMPDIR},100M,1K \
ABORT,${DL_DIR},100M,1K \
ABORT,${SSTATE_DIR},100M,1K \
ABORT,/tmp,10M,1K"
#
# Shared-state files from other locations
#
# As mentioned above, shared state files are prebuilt cache data objects which can
# used to accelerate build time. This variable can be used to configure the system
# to search other mirror locations for these objects before it builds the data itself.
#
# This can be a filesystem directory, or a remote url such as http or ftp. These
# would contain the sstate-cache results from previous builds (possibly from other
# machines). This variable works like fetcher MIRRORS/PREMIRRORS and points to the
# cache locations to check for the shared objects.
# NOTE: if the mirror uses the same structure as SSTATE_DIR, you need to add PATH
# at the end as shown in the examples below. This will be substituted with the
# correct path within the directory structure.
#SSTATE_MIRRORS ?= "\
#file://.* http://someserver.tld/share/sstate/PATH;downloadfilename=PATH \n \
#file://.* file:///some/local/dir/sstate/PATH"
#
# Qemu configuration
#
# By default qemu will build with a builtin VNC server where graphical output can be
# seen. The two lines below enable the SDL backend too. By default libsdl-native will
# be built, if you want to use your host's libSDL instead of the minimal libsdl built
# by libsdl-native then uncomment the ASSUME_PROVIDED line below.
PACKAGECONFIG_append_pn-qemu-native = " sdl"
PACKAGECONFIG_append_pn-nativesdk-qemu = " sdl"
#ASSUME_PROVIDED += "libsdl-native"
# CONF_VERSION is increased each time build/conf/ changes incompatibly and is used to
# track the version of this file when it was generated. This can safely be ignored if
# this doesn't mean anything to you.
CONF_VERSION = "1"
INHERIT+="toaster buildhistory"

View File

@ -0,0 +1 @@
hostname="citadel"

View File

@ -0,0 +1,17 @@
DESCRIPTION = "Subgraph OS Citadel minimal image builder"
LICENSE = "MIT"
IMAGE_FEATURES_append = " empty-root-password"
IMAGE_INSTALL = "\
packagegroup-core-boot \
packagegroup-core-full-cmdline-utils \
"
ROOT_PASSWORD ?= "citadel"
inherit core-image
WKS_FILE="citadel-image-minimal.wks"
DEPENDS += "linux-citadel"

View File

@ -0,0 +1,17 @@
DESCRIPTION = "Image for rootfs"
PACKAGE_INSTALL = "initramfs-framework-base initramfs-module-udev initramfs-module-setup-live ${VIRTUAL-RUNTIME_base-utils} udev base-passwd ${ROOTFS_BOOTSTRAP_INSTALL} linux-firmware-i915 kernel-modules"
IMAGE_FEATURES = ""
export IMAGE_BASENAME = "citadel-initramfs"
IMAGE_LINGUAS = ""
LICENSE = "MIT"
INITRAMFS_MAXSIZE = "512000"
IMAGE_FSTYPES = "${INITRAMFS_FSTYPES}"
inherit core-image
IMAGE_ROOTFS_SIZE = "8192"
IMAGE_ROOTFS_EXTRA_SPACE = "0"

View File

@ -0,0 +1,3 @@
part /boot --source bootimg-efi --sourceparams="loader=systemd-boot" --size=128 --fstype=vfat --label boot --active --align 1024 --use-uuid
part / --source rootfs --fstype=ext4 --label rootfs --align 1024 --use-uuid
bootloader --ptable gpt --timeout=5 --append="console=ttyS0,115200 console=tty0"

0
meta-citadel/README Normal file
View File

View File

@ -0,0 +1,18 @@
# We have a conf and classes directory, add to BBPATH
BBPATH =. "${LAYERDIR}:"
# We have recipes-* directories, add to BBFILES
BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \
${LAYERDIR}/recipes-*/*/*.bbappend"
BBFILE_COLLECTIONS += "citadel"
BBFILE_PATTERN_citadel = "^${LAYERDIR}/"
BBFILE_PRIORITY_citadel = "5"
LAYERSERIES_COMPAT_citadel = "rocko"
# This should only be incremented on significant changes that will
# cause compatibility issues with other layers
LAYERVERSION_citadel = "1"
REQUIRED_POKY_BBLAYERS_CONF_VERSION = "2"

View File

@ -0,0 +1,25 @@
SUMMARY = "Checksec tool"
DESCRIPTION = "The checksec.sh script is designed to test what standard Linux OS and PaX security features are being used."
SECTION = "security"
LICENSE = "BSD-3-Clause"
HOMEPAGE="http://www.trapkit.de/tools/checksec.html"
LIC_FILES_CHKSUM = "file://checksec-${PV}.sh;beginline=3;endline=34;md5=6dab14470bfdf12634b866dbdd7a04b0"
SRC_URI = "http://www.trapkit.de/tools/checksec.sh;downloadfilename=checksec-${PV}.sh"
SRC_URI[md5sum] = "57cc3fbbbe48e8ebd4672c569954374d"
SRC_URI[sha256sum] = "05822cd8668589038d20650faa0e56f740911d8ad06f7005b3d12a5c76591b90"
S = "${WORKDIR}"
do_install() {
install -d ${D}${bindir}
install -m 0755 ${WORKDIR}/checksec-${PV}.sh ${D}${bindir}/checksec.sh
sed -i 's/\r//' ${D}${bindir}/checksec.sh
}
RDEPENDS_${PN} = "bash binutils"
BBCLASSEXTEND = "native"

View File

@ -0,0 +1,16 @@
# headers needed to compile gcc plugins, needed for grsec gcc plugins during kernel build
do_install_append () {
cp ${S}/include/libiberty.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
cp ${S}/gcc/mem-stats-traits.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
cp ${S}/gcc/hash-traits.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
cp ${S}/gcc/hash-map-traits.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
cp ${S}/gcc/mem-stats.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
cp ${S}/gcc/memory-block.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
cp ${S}/gcc/config/i386/linux64.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/config/i386
cp ${S}/gcc/brig-builtins.def ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
cp ${S}/gcc/expr.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
cp ${S}/gcc/tree-vrp.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
cp ${S}/gcc/builtins.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
cp ${S}/gcc/backend.h ${D}${libdir}/gcc/${TARGET_SYS}/${BINV}/plugin/include/
}

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,186 @@
diff -uprN a/scripts/gcc-plugins/checker_plugin.c b/scripts/gcc-plugins/checker_plugin.c
--- a/scripts/gcc-plugins/checker_plugin.c 2017-12-03 13:20:42.743986199 -0500
+++ b/scripts/gcc-plugins/checker_plugin.c 2017-12-03 13:33:14.506519393 -0500
@@ -457,7 +457,7 @@ __visible int plugin_init(struct plugin_
// PASS_INFO(context, "ssa", 1, PASS_POS_INSERT_AFTER);
PASS_INFO(context, "phiprop", 1, PASS_POS_INSERT_AFTER);
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/colorize_plugin.c b/scripts/gcc-plugins/colorize_plugin.c
--- a/scripts/gcc-plugins/colorize_plugin.c 2017-12-03 13:20:42.743986199 -0500
+++ b/scripts/gcc-plugins/colorize_plugin.c 2017-12-03 13:33:43.865657576 -0500
@@ -121,7 +121,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(colorize_rearm, "*free_lang_data", 1, PASS_POS_INSERT_AFTER);
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/constify_plugin.c b/scripts/gcc-plugins/constify_plugin.c
--- a/scripts/gcc-plugins/constify_plugin.c 2017-12-03 13:20:42.744986204 -0500
+++ b/scripts/gcc-plugins/constify_plugin.c 2017-12-03 13:31:56.239151019 -0500
@@ -546,7 +546,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(check_local_variables, "ssa", 1, PASS_POS_INSERT_BEFORE);
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/cyc_complexity_plugin.c b/scripts/gcc-plugins/cyc_complexity_plugin.c
--- a/scripts/gcc-plugins/cyc_complexity_plugin.c 2017-12-03 13:20:42.744986204 -0500
+++ b/scripts/gcc-plugins/cyc_complexity_plugin.c 2017-12-03 13:34:33.724892242 -0500
@@ -55,7 +55,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(cyc_complexity, "ssa", 1, PASS_POS_INSERT_AFTER);
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/gcc-common.h b/scripts/gcc-plugins/gcc-common.h
--- a/scripts/gcc-plugins/gcc-common.h 2017-12-03 13:20:42.745986209 -0500
+++ b/scripts/gcc-plugins/gcc-common.h 2017-12-03 13:29:54.228576760 -0500
@@ -189,6 +189,26 @@ static inline tree build_const_char_stri
return cstr;
}
+static inline bool plugin_version_check_buildhack(struct plugin_gcc_version *gcc_version,
+ struct plugin_gcc_version *plugin_version)
+{
+
+ if (!gcc_version || !plugin_version)
+ return false;
+
+ if (strcmp (gcc_version->basever, plugin_version->basever))
+ return false;
+ if (strcmp (gcc_version->datestamp, plugin_version->datestamp))
+ return false;
+ if (strcmp (gcc_version->devphase, plugin_version->devphase))
+ return false;
+ if (strcmp (gcc_version->revision, plugin_version->revision))
+ return false;
+ // if (strcmp (gcc_version->configuration_arguments, plugin_version->configuration_arguments))
+ // return false;
+ return true;
+}
+
static inline void error_gcc_version(struct plugin_gcc_version *version)
{
error(G_("incompatible gcc/plugin versions: need '%s' '%s' '%s' '%s' but have '%s' '%s' '%s' '%s'\n'%s':\n'%s'"),
diff -uprN a/scripts/gcc-plugins/initify_plugin.c b/scripts/gcc-plugins/initify_plugin.c
--- a/scripts/gcc-plugins/initify_plugin.c 2017-12-03 13:20:42.744986204 -0500
+++ b/scripts/gcc-plugins/initify_plugin.c 2017-12-03 13:32:44.566378477 -0500
@@ -1819,7 +1819,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(initify, "inline", 1, PASS_POS_INSERT_AFTER);
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/kallocstat_plugin.c b/scripts/gcc-plugins/kallocstat_plugin.c
--- a/scripts/gcc-plugins/kallocstat_plugin.c 2017-12-03 13:20:42.744986204 -0500
+++ b/scripts/gcc-plugins/kallocstat_plugin.c 2017-12-03 13:33:57.240720527 -0500
@@ -119,7 +119,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(kallocstat, "ssa", 1, PASS_POS_INSERT_AFTER);
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/kernexec_plugin.c b/scripts/gcc-plugins/kernexec_plugin.c
--- a/scripts/gcc-plugins/kernexec_plugin.c 2017-12-03 13:20:42.744986204 -0500
+++ b/scripts/gcc-plugins/kernexec_plugin.c 2017-12-03 13:34:23.499844120 -0500
@@ -360,7 +360,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(kernexec_fptr, "pre", 1, PASS_POS_INSERT_AFTER);
PASS_INFO(kernexec_retaddr, "pro_and_epilogue", 1, PASS_POS_INSERT_AFTER);
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/latent_entropy_plugin.c b/scripts/gcc-plugins/latent_entropy_plugin.c
--- a/scripts/gcc-plugins/latent_entropy_plugin.c 2017-12-03 13:20:42.745986209 -0500
+++ b/scripts/gcc-plugins/latent_entropy_plugin.c 2017-12-03 13:34:09.419777850 -0500
@@ -584,7 +584,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(latent_entropy, "optimized", 1, PASS_POS_INSERT_BEFORE);
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/randomize_layout_plugin.c b/scripts/gcc-plugins/randomize_layout_plugin.c
--- a/scripts/gcc-plugins/randomize_layout_plugin.c 2017-12-03 13:20:42.745986209 -0500
+++ b/scripts/gcc-plugins/randomize_layout_plugin.c 2017-12-03 13:32:55.752431126 -0500
@@ -894,7 +894,7 @@ __visible int plugin_init(struct plugin_
find_bad_casts_pass_info.ref_pass_instance_number = 1;
find_bad_casts_pass_info.pos_op = PASS_POS_INSERT_AFTER;
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error(G_("incompatible gcc/plugin versions"));
return 1;
}
diff -uprN a/scripts/gcc-plugins/sancov_plugin.c b/scripts/gcc-plugins/sancov_plugin.c
--- a/scripts/gcc-plugins/sancov_plugin.c 2017-12-03 13:20:42.745986209 -0500
+++ b/scripts/gcc-plugins/sancov_plugin.c 2017-12-03 13:33:29.458589768 -0500
@@ -114,7 +114,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(sancov, "nrv", 1, PASS_POS_INSERT_BEFORE);
#endif
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/size_overflow_plugin/size_overflow_plugin.c b/scripts/gcc-plugins/size_overflow_plugin/size_overflow_plugin.c
--- a/scripts/gcc-plugins/size_overflow_plugin/size_overflow_plugin.c 2017-12-03 13:20:42.755986255 -0500
+++ b/scripts/gcc-plugins/size_overflow_plugin/size_overflow_plugin.c 2017-12-03 13:32:32.419321305 -0500
@@ -242,7 +242,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(disable_ubsan_si_overflow, "ubsan", 1, PASS_POS_REPLACE);
#endif
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/stackleak_plugin.c b/scripts/gcc-plugins/stackleak_plugin.c
--- a/scripts/gcc-plugins/stackleak_plugin.c 2017-12-03 13:20:42.745986209 -0500
+++ b/scripts/gcc-plugins/stackleak_plugin.c 2017-12-03 13:32:13.267231164 -0500
@@ -304,7 +304,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(stackleak_tree_instrument, "optimized", 1, PASS_POS_INSERT_BEFORE);
PASS_INFO(stackleak_final, "final", 1, PASS_POS_INSERT_BEFORE);
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}
diff -uprN a/scripts/gcc-plugins/structleak_plugin.c b/scripts/gcc-plugins/structleak_plugin.c
--- a/scripts/gcc-plugins/structleak_plugin.c 2017-12-03 13:20:42.745986209 -0500
+++ b/scripts/gcc-plugins/structleak_plugin.c 2017-12-03 13:31:29.704026128 -0500
@@ -206,7 +206,7 @@ __visible int plugin_init(struct plugin_
PASS_INFO(structleak, "early_optimizations", 1, PASS_POS_INSERT_BEFORE);
- if (!plugin_default_version_check(version, &gcc_version)) {
+ if (!plugin_version_check_buildhack(version, &gcc_version)) {
error_gcc_version(version);
return 1;
}

View File

@ -0,0 +1,39 @@
DESCRIPTION = "Citadel linux kernel"
SECTION = "kernel"
LICENSE = "GPLv2"
inherit kernel
LIC_FILES_CHKSUM = "file://COPYING;md5=d7810fab7487fb0aad327b76f1be7cd7"
LINUX_VERSION ?= "${PV}"
LINUX_VERSION_EXTENSION_append = "-citadel"
SRC_URI = "https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-${LINUX_VERSION}.tar.xz;name=kernel"
SRC_URI += "https://github.com/minipli/linux-unofficial_grsec/releases/download/v${LINUX_VERSION}-unofficial_grsec/v${LINUX_VERSION}-unofficial_grsec-${PATCH_DATE_TAG}.diff;name=patch"
SRC_URI += " \
file://defconfig \
file://ignore-sysroot-for-plugin-build.patch \
"
S = "${WORKDIR}/linux-${LINUX_VERSION}"
do_deploy_append() {
rm ${DEPLOYDIR}/bzImage
ln -sf bzImage-initramfs${KERNEL_IMAGE_BASE_NAME}.bin ${DEPLOYDIR}/bzImage
}
#
# https://github.com/96boards/meta-96boards/issues/81#issuecomment-311256044
# https://github.com/96boards/meta-96boards/blob/master/recipes-kernel/linux/linux-96boards_4.4.bb
#
# coreutils for /usr/bin/seq which pax size overflow gcc plugin uses
DEPENDS += "openssl-native coreutils-native"
HOST_EXTRACFLAGS += "-I${STAGING_INCDIR_NATIVE}"
COMPATIBLE_MACHINE = "(intel-corei7-64)"

View File

@ -0,0 +1,10 @@
require linux-citadel.inc
SRC_URI[kernel.md5sum] = "60e1a229fb5ffc2a82462ed9400ce3d0"
SRC_URI[kernel.sha256sum] = "24ba70877549a3cf25dc5f12efd260d3e957bce64c087de98baf8968ee514895"
PATCH_DATE_TAG = "20171124142753"
SRC_URI[patch.md5sum] = "3c1521b8ada079fbbca372d5191fa351"
SRC_URI[patch.sha256sum] = "f25398621854074f1a286d97fd39224462c054b568c7ae8181765340a439faf9"

View File

@ -0,0 +1,66 @@
SUMMARY = "Plymouth is a project from Fedora providing a flicker-free graphical boot process."
DESCRIPTION = "Plymouth is an application that runs very early in the boot process \
(even before the root filesystem is mounted!) that provides a \
graphical boot animation while the boot process happens in the background. \
"
HOMEPAGE = "http://www.freedesktop.org/wiki/Software/Plymouth"
SECTION = "base"
LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
DEPENDS = "libcap libpng cairo dbus udev"
PROVIDES = "virtual/psplash"
RPROVIDES_${PN} = "virtual-psplash virtual-psplash-support"
SRC_URI = "http://www.freedesktop.org/software/plymouth/releases/${BPN}-${PV}.tar.bz2"
SRC_URI[md5sum] = "ff420994deb7ea203df678df92e7ab7d"
SRC_URI[sha256sum] = "2f0ce82042cf9c7eadd2517a1f74c8a85fa8699781d9f294a06eade29fbed57f"
EXTRA_OECONF += " --enable-shared --disable-static --disable-gtk --disable-documentation \
--with-logo=${LOGO} \
${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--enable-systemd-integration --with-system-root-install', '', d)} \
"
PACKAGECONFIG ??= "pango initrd"
PACKAGECONFIG_append_x86 = " drm"
PACKAGECONFIG_append_x86-64 = " drm"
PACKAGECONFIG[drm] = "--enable-drm,--disable-drm,libdrm"
PACKAGECONFIG[pango] = "--enable-pango,--disable-pango,pango"
PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+"
PACKAGECONFIG[initrd] = ",,,"
LOGO ??= "${datadir}/plymouth/bizcom.png"
inherit autotools pkgconfig systemd
do_install_append() {
install -d ${D}${systemd_unitdir}/system
install -m 644 ${B}/systemd-units/*.service ${D}${systemd_unitdir}/system
install -m 644 ${B}/systemd-units/systemd-ask-password-plymouth.path ${D}${systemd_unitdir}/system
# Remove /var/run from package as plymouth will populate it on startup
rm -fr "${D}${localstatedir}/run"
if ! ${@bb.utils.contains('PACKAGECONFIG', 'initrd', 'true', 'false', d)}; then
rm -rf "${D}${libexecdir}"
fi
}
PACKAGES =. "${@bb.utils.contains('PACKAGECONFIG', 'initrd', '${PN}-initrd ', '', d)}"
PACKAGES =+ "${PN}-set-default-theme"
FILES_${PN}-initrd = "${libexecdir}/plymouth/*"
FILES_${PN}-set-default-theme = "${sbindir}/plymouth-set-default-theme"
FILES_${PN} += "${systemd_unitdir}/system/*"
FILES_${PN}-dbg += "${libdir}/plymouth/renderers/.debug"
RDEPENDS_${PN}-initrd = "bash dracut"
RDEPENDS_${PN}-set-default-theme = "bash"
SYSTEMD_SERVICE_${PN} = "plymouth-start.service"

View File

@ -0,0 +1,21 @@
SUMMARY = "A recursive directory listing command"
HOMEPAGE = "http://mama.indstate.edu/users/ice/tree/"
SECTION = "console/utils"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://LICENSE;md5=393a5ca445f6965873eca0259a17f833"
SRC_URI = "ftp://mama.indstate.edu/linux/${BPN}/${BP}.tgz"
SRC_URI[md5sum] = "abe3e03e469c542d8e157cdd93f4d8a6"
SRC_URI[sha256sum] = "6957c20e82561ac4231638996e74f4cfa4e6faabc5a2f511f0b4e3940e8f7b12"
# tree's default CFLAGS for Linux
CFLAGS += "-Wall -DLINUX -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
EXTRA_OEMAKE = "CC='${CC}' CFLAGS='${CFLAGS}' LDFLAGS='${LDFLAGS}'"
do_configure[noexec] = "1"
do_install() {
install -d ${D}${bindir}
install -m 0755 ${S}/${BPN} ${D}${bindir}/
}

View File

@ -0,0 +1,27 @@
Upstream-Status: pending
Don't check 'sys/acl.h' if acl support disabled for vim/vim-tiny.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
================================================
diff --git a/src/configure.ac b/src/configure.ac
index fb965e5..d734064 100644
--- a/src/configure.ac
+++ b/src/configure.ac
@@ -2511,7 +2511,7 @@ AC_CHECK_HEADERS(stdarg.h stdint.h stdlib.h string.h \
sys/systeminfo.h locale.h sys/stream.h termios.h \
libc.h sys/statfs.h poll.h sys/poll.h pwd.h \
utime.h sys/param.h libintl.h libgen.h \
- util/debug.h util/msg18n.h frame.h sys/acl.h \
+ util/debug.h util/msg18n.h frame.h \
sys/access.h sys/sysinfo.h wchar.h wctype.h)
dnl sys/ptem.h depends on sys/stream.h on Solaris
@@ -3112,6 +3112,7 @@ AC_ARG_ENABLE(acl,
, [enable_acl="yes"])
if test "$enable_acl" = "yes"; then
AC_MSG_RESULT(no)
+AC_CHECK_HEADERS(sys/acl.h)
AC_CHECK_LIB(posix1e, acl_get_file, [LIBS="$LIBS -lposix1e"],
AC_CHECK_LIB(acl, acl_get_file, [LIBS="$LIBS -lacl"
AC_CHECK_LIB(attr, fgetxattr, LIBS="$LIBS -lattr",,)],,),)

View File

@ -0,0 +1,38 @@
vim: add knob whether elf.h are checked
Previously, it still was checked when there was no elf library in sysroots directory.
Add knob to decide whether elf.h are checked or not.
Upstream-status: Pending
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
---
src/configure.ac | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/configure.ac b/src/configure.ac
index d734064..f504fa6 100644
--- a/src/configure.ac
+++ b/src/configure.ac
@@ -2483,11 +2483,18 @@ AC_TRY_COMPILE([#include <stdio.h>], [int x __attribute__((unused));],
AC_MSG_RESULT(no))
dnl Checks for header files.
+AC_MSG_CHECKING(whether or not to look for elf.h)
+AC_ARG_ENABLE(elf-check,
+ [ --enable-elf-check If elfutils, check for elf.h [default=no]],
+ , enable_elf_check="no")
+AC_MSG_RESULT($enable_elf_check)
+if test "x$enable_elf_check" != "xno"; then
AC_CHECK_HEADER(elf.h, HAS_ELF=1)
dnl AC_CHECK_HEADER(dwarf.h, SVR4=1)
if test "$HAS_ELF" = 1; then
AC_CHECK_LIB(elf, main)
fi
+fi
AC_HEADER_DIRENT
--
1.7.9.5

View File

@ -0,0 +1,13 @@
require vim_${PV}.bb
SUMMARY += " (with tiny features)"
PACKAGECONFIG += "tiny"
do_install() {
install -d ${D}/${bindir}
install -m 0755 ${S}/vim ${D}/${bindir}/vim.tiny
}
ALTERNATIVE_PRIORITY = "90"
ALTERNATIVE_TARGET = "${bindir}/vim.tiny"

View File

@ -0,0 +1,112 @@
SUMMARY = "Vi IMproved - enhanced vi editor"
SECTION = "console/utils"
DEPENDS = "ncurses gettext-native"
# vimdiff doesn't like busybox diff
RSUGGESTS_${PN} = "diffutils"
LICENSE = "vim"
LIC_FILES_CHKSUM = "file://../runtime/doc/uganda.txt;md5=eea32ac1424bba14096736a494ae9045"
SRC_URI = "git://github.com/vim/vim.git \
file://disable_acl_header_check.patch;patchdir=.. \
file://vim-add-knob-whether-elf.h-are-checked.patch;patchdir=.. \
"
SRCREV = "3f9a1ff141412e9e85f7dff47d02946cb9be9228"
S = "${WORKDIR}/git/src"
VIMDIR = "vim${@d.getVar('PV').split('.')[0]}${@d.getVar('PV').split('.')[1]}"
inherit autotools update-alternatives
inherit autotools-brokensep
# vim configure.in contains functions which got 'dropped' by autotools.bbclass
do_configure () {
rm -f auto/*
touch auto/config.mk
aclocal
autoconf
oe_runconf
touch auto/configure
touch auto/config.mk auto/config.h
}
#Available PACKAGECONFIG options are gtkgui, acl, x11, tiny
PACKAGECONFIG ??= ""
PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)}"
PACKAGECONFIG[gtkgui] = "--enable-gtk2-test --enable-gui=gtk2,--enable-gui=no,gtk+,"
PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl,"
PACKAGECONFIG[x11] = "--with-x,--without-x,xt,"
PACKAGECONFIG[tiny] = "--with-features=tiny,--with-features=big,,"
PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,"
PACKAGECONFIG[elfutils] = "--enable-elf-check,,elfutils,"
EXTRA_OECONF = " \
--disable-gpm \
--disable-gtktest \
--disable-xim \
--disable-netbeans \
--with-tlib=ncurses \
ac_cv_small_wchar_t=no \
vim_cv_getcwd_broken=no \
vim_cv_memmove_handles_overlap=yes \
vim_cv_stat_ignores_slash=no \
vim_cv_terminfo=yes \
vim_cv_tgent=non-zero \
vim_cv_toupper_broken=no \
vim_cv_tty_group=world \
STRIP=/bin/true \
"
do_install() {
autotools_do_install
# Work around file-rdeps picking up csh, awk, perl or python as a dep
chmod -x ${D}${datadir}/${BPN}/${VIMDIR}/tools/vim132
chmod -x ${D}${datadir}/${BPN}/${VIMDIR}/tools/mve.awk
chmod -x ${D}${datadir}/${BPN}/${VIMDIR}/tools/*.pl
chmod -x ${D}${datadir}/${BPN}/${VIMDIR}/tools/*.py
# Install example vimrc from runtime files
install -m 0644 ../runtime/vimrc_example.vim ${D}/${datadir}/${BPN}/vimrc
# we use --with-features=big as default
mv ${D}${bindir}/${BPN} ${D}${bindir}/${BPN}.${BPN}
}
PARALLEL_MAKEINST = ""
PACKAGES =+ "${PN}-common ${PN}-syntax ${PN}-help ${PN}-tutor ${PN}-vimrc ${PN}-tools"
FILES_${PN}-syntax = "${datadir}/${BPN}/${VIMDIR}/syntax"
FILES_${PN}-help = "${datadir}/${BPN}/${VIMDIR}/doc"
FILES_${PN}-tutor = "${datadir}/${BPN}/${VIMDIR}/tutor ${bindir}/${BPN}tutor"
FILES_${PN}-vimrc = "${datadir}/${BPN}/vimrc"
FILES_${PN}-data = "${datadir}/${BPN}"
FILES_${PN}-tools = "${datadir}/${BPN}/${VIMDIR}/tools"
FILES_${PN}-common = " \
${datadir}/${BPN}/${VIMDIR}/*.vim \
${datadir}/${BPN}/${VIMDIR}/autoload \
${datadir}/${BPN}/${VIMDIR}/colors \
${datadir}/${BPN}/${VIMDIR}/compiler \
${datadir}/${BPN}/${VIMDIR}/ftplugin \
${datadir}/${BPN}/${VIMDIR}/indent \
${datadir}/${BPN}/${VIMDIR}/keymap \
${datadir}/${BPN}/${VIMDIR}/lang \
${datadir}/${BPN}/${VIMDIR}/macros \
${datadir}/${BPN}/${VIMDIR}/plugin \
${datadir}/${BPN}/${VIMDIR}/print \
${datadir}/${BPN}/${VIMDIR}/spell \
${datadir}/icons \
"
RDEPENDS_${BPN} = "ncurses-terminfo-base"
# Recommend that runtime data is installed along with vim
RRECOMMENDS_${BPN} = "${PN}-syntax ${PN}-help ${PN}-tutor ${PN}-vimrc ${PN}-common"
ALTERNATIVE_${PN} = "vi vim"
ALTERNATIVE_TARGET = "${bindir}/${BPN}.${BPN}"
ALTERNATIVE_LINK_NAME[vi] = "${base_bindir}/vi"
ALTERNATIVE_LINK_NAME[vim] = "${bindir}/vim"
ALTERNATIVE_PRIORITY = "100"
BBCLASSEXTEND = "native"

18
setup-build-env Normal file
View File

@ -0,0 +1,18 @@
#!/bin/sh
if [ -n "$BASH_SOURCE" ]; then
THIS_SCRIPT=$BASH_SOURCE
elif [ -n "$ZSH_NAME" ]; then
THIS_SCRIPT=$0
else
THIS_SCRIPT="$(pwd)/setup-build-env"
fi
if [ -z "$ZSH_NAME" ] && [ "$0" = "$THIS_SCRIPT" ]; then
echo "Error: This script needs to be sourced. Please run as '. $THIS_SCRIPT'"
exit 1
fi
TEMPLATECONF=../meta-citadel-distro/conf
. poky/oe-init-build-env