02 Nov, 2020
1 commit
-
Building 5.10-rc1 in a setgid directory failed with the following
error:dpkg-deb: error: control directory has bad permissions 2755 (must be
>=0755 and
Signed-off-by: Sven Joachim
Signed-off-by: Masahiro Yamada
14 Oct, 2020
2 commits
-
Hard-code the names of linux-headers and debug packages in the
control file.The kernel package is different for ARCH=um. Change the code
for better readability.Signed-off-by: Masahiro Yamada
-
Since commit 269a535ca931 ("modpost: generate vmlinux.symvers and
reuse it for the second modpost"), with CONFIG_MODULES disabled,
"make deb-pkg" (or "make bindeb-pkg") fails with:find: ‘Module.symvers’: No such file or directory
If CONFIG_MODULES is disabled, it doesn't really make sense to build
the linux-headers package.Fixes: 269a535ca931 ("modpost: generate vmlinux.symvers and reuse it for the second modpost")
Reported-by: Josh Triplett
Signed-off-by: Masahiro Yamada
09 Oct, 2020
3 commits
-
These have been required by the Debian policy for a while, even though
the tooling can detect and workaround their omission, but are a hard
requirement when using rootless builds.[masahiro:
The following Debian policy is particularly important for rootless builds:
"Both binary-* targets should depend on the build target, or on the
appropriate build-arch or build-indep target, so that the package is
built if it has not been already."
]Signed-off-by: Guillem Jover
Signed-off-by: Masahiro Yamada -
This makes it possible to build the Debian packages without requiring
(pseudo-)root privileges, when the build drivers support this mode
of operation.See-Also: /usr/share/doc/dpkg/rootless-builds.txt.gz
Signed-off-by: Guillem Jover
Signed-off-by: Masahiro Yamada -
We should not be encoding the timestamp, otherwise we end up generating
unreproducible files that cascade into unreproducible packages.Signed-off-by: Guillem Jover
Signed-off-by: Masahiro Yamada
24 Sep, 2020
1 commit
-
There was a request to preprocess the module linker script like we
do for the vmlinux one. (https://lkml.org/lkml/2020/8/21/512)The difference between vmlinux.lds and module.lds is that the latter
is needed for external module builds, thus must be cleaned up by
'make mrproper' instead of 'make clean'. Also, it must be created
by 'make modules_prepare'.You cannot put it in arch/$(SRCARCH)/kernel/, which is cleaned up by
'make clean'. I moved arch/$(SRCARCH)/kernel/module.lds to
arch/$(SRCARCH)/include/asm/module.lds.h, which is included from
scripts/module.lds.S.scripts/module.lds is fine because 'make clean' keeps all the
build artifacts under scripts/.You can add arch-specific sections in .
Signed-off-by: Masahiro Yamada
Tested-by: Jessica Yu
Acked-by: Will Deacon
Acked-by: Geert Uytterhoeven
Acked-by: Palmer Dabbelt
Reviewed-by: Kees Cook
Acked-by: Jessica Yu
10 Aug, 2020
1 commit
-
Rationale:
Reduces attack surface on kernel devs opening the links for MITM
as HTTPS traffic is much harder to manipulate.Deterministic algorithm:
For each file:
If not .svg:
For each line:
If doesn't contain `\bxmlns\b`:
For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`:
If both the HTTP and HTTPS versions
return 200 OK and serve the same content:
Replace HTTP with HTTPS.Signed-off-by: Alexander A. Klimov
Signed-off-by: Masahiro Yamada
07 Jul, 2020
1 commit
-
Make 'make tar-pkg' install dtbs.
Signed-off-by: Domenico Andreoli
Signed-off-by: Masahiro Yamada
11 Jun, 2020
1 commit
-
Redefine GZIP, BZIP2, LZOP variables as KGZIP, KBZIP2, KLZOP resp.
GZIP, BZIP2, LZOP env variables are reserved by the tools. The original
attempt to redefine them internally doesn't work in makefiles/scripts
intercall scenarios, e.g., "make GZIP=gzip bindeb-pkg" and results in
broken builds. There can be other broken build commands because of this,
so the universal solution is to use non-reserved env variables for the
compression tools.Fixes: 8dfb61dcbace ("kbuild: add variables for compression tools")
Signed-off-by: Denis Efremov
Tested-by: Guenter Roeck
Signed-off-by: Masahiro Yamada
06 Jun, 2020
1 commit
-
Allow user to use alternative implementations of compression tools,
such as pigz, pbzip2, pxz. For example, multi-threaded tools to
speed up the build:
$ make GZIP=pigz BZIP2=pbzip2Variables _GZIP, _BZIP2, _LZOP are used internally because original env
vars are reserved by the tools. The use of GZIP in gzip tool is obsolete
since 2015. However, alternative implementations (e.g., pigz) still rely
on it. BZIP2, BZIP, LZOP vars are not obsolescent.The credit goes to @grsecurity.
As a sidenote, for multi-threaded lzma, xz compression one can use:
$ export XZ_OPT="--threads=0"Signed-off-by: Denis Efremov
Signed-off-by: Masahiro Yamada
30 Mar, 2020
1 commit
-
Creating a Debian package without CONFIG_DEBUG_INFO produces
a warning that no debug package was created.This patch excludes the debug package from the control file,
if no debug package is created by this configuration.Signed-off-by: Reinhard Karcher
Signed-off-by: Masahiro Yamada
29 Jan, 2020
7 commits
-
Deploy user-space headers (linux-libc-dev package) in a separate
function for readability.Signed-off-by: Masahiro Yamada
-
Deploy kernel headers (linux-headers package) in a separate function
for readability.Signed-off-by: Masahiro Yamada
-
The kernel build has already been done before builddeb is invoked.
Signed-off-by: Masahiro Yamada
-
The commands surrounded by ( ... ) is run in a sub-shell, but you do
not have to spawn a sub-shell for every single line.Use just one ( ... ) for creating debian/hdrsrcfiles.
For tar, use -C option instead.
Signed-off-by: Masahiro Yamada
-
This script works only when it is invoked in the $objtree, that is,
it is already relying on $objtree is '.'Signed-off-by: Masahiro Yamada
-
The temporary directory names, debian/hdrtmp (linux-headers package)
vs debian/headertmp (linux-libc-dev package), are confusing.Matching the directory name to the package name is clearer, IMHO.
Signed-off-by: Masahiro Yamada
-
- We do not need tools/objtool/fixdep or tools/objtool/sync-check.sh
for building external modules. Including tools/objtool/objtool is
enough.- gcc-common.h is a check-in file. I do not see any point to search
for it in objtree.Signed-off-by: Masahiro Yamada
21 Jan, 2020
1 commit
-
Select deb compression using KDEB_COMPRESS make variable. This allows to
use gzip compression for local or test builds, and that's way faster
than now-default xz compression.Signed-off-by: Michał Mirosław
Signed-off-by: Masahiro Yamada
14 Jan, 2020
1 commit
-
Remove a bunch of files not used during external module builds:
- foreign architecture headers
- subtree Makefiles
- Kconfig files
- perl scriptsOn amd64 system this looses a third of the resulting .deb size.
Signed-off-by: Michał Mirosław
Signed-off-by: Masahiro Yamada
03 Jan, 2020
1 commit
-
Cross compiling the x86 kernel on a non-x86 build machine produces
the following error when CONFIG_UNWINDER_ORC is enabled, regardless
of whether libelf-dev is installed or not.dpkg-checkbuilddeps: error: Unmet build dependencies: libelf-dev
dpkg-buildpackage: warning: build dependencies/conflicts unsatisfied; aborting
dpkg-buildpackage: warning: (Use -d flag to override.)Since this is a build time dependency for a build tool, we need to
depend on the native version of libelf-dev so add the appropriate
annotation.Signed-off-by: Ard Biesheuvel
Signed-off-by: Masahiro Yamada
17 Dec, 2019
1 commit
-
We've missed the dependency to rsync, so build fails on
minimal containers.Fixes: 59b2bd05f5f4 ("kbuild: add 'headers' target to build up uapi headers in usr/include")
Signed-off-by: Enrico Weigelt, metux IT consult
Signed-off-by: Masahiro Yamada
11 Nov, 2019
1 commit
-
Add a 'dir-pkg' target which just creates the same directory structures
as in tar-pkg, but doesn't package anything.
Useful when the user wants to copy the kernel tree on a machine using
ssh, rsync or whatever.Signed-off-by: Matteo Croce
Signed-off-by: Masahiro Yamada
25 Aug, 2019
3 commits
-
scripts/package/Makefile does not use $(obj) or $(src) at all.
It actually generates files and directories in the top of $(objtree).
I do not see much sense in descending into scripts/package/.Signed-off-by: Masahiro Yamada
-
These are not real targets. Adding them to PHONY is preferred.
Signed-off-by: Masahiro Yamada
-
I am not a big fan of the $(objtree)/ hack for clean-files/clean-dirs.
These are created in the top of $(objtree), so let's clean them up
from the top Makefile.Signed-off-by: Masahiro Yamada
18 Jul, 2019
1 commit
-
While descending directories, Kbuild produces objects for modules,
but do not link final *.ko files; it is done in the modpost.To keep track of modules, Kbuild creates a *.mod file in $(MODVERDIR)
for every module it is building. Some post-processing steps read the
necessary information from *.mod files. This avoids descending into
directories again. This mechanism was introduced in 2003 or so.Later, commit 551559e13af1 ("kbuild: implement modules.order") added
modules.order. So, we can simply read it out to know all the modules
with directory paths. This is easier than parsing the first line of
*.mod files.$(MODVERDIR) has a flat directory structure, that is, *.mod files
are named only with base names. This is based on the assumption that
the module name is unique across the tree. This assumption is really
fragile.Stephen Rothwell reported a race condition caused by a module name
conflict:https://lkml.org/lkml/2019/5/13/991
In parallel building, two different threads could write to the same
$(MODVERDIR)/*.mod simultaneously.Non-unique module names are the source of all kind of troubles, hence
commit 3a48a91901c5 ("kbuild: check uniqueness of module names")
introduced a new checker script.However, it is still fragile in the build system point of view because
this race happens before scripts/modules-check.sh is invoked. If it
happens again, the modpost will emit unclear error messages.To fix this issue completely, create *.mod with full directory path
so that two threads never attempt to write to the same file.$(MODVERDIR) is no longer needed.
Since modules with directory paths are listed in modules.order, Kbuild
is still able to find *.mod files without additional descending.I also killed cmd_secanalysis; scripts/mod/sumversion.c computes MD4 hash
for modules with MODULE_VERSION(). When CONFIG_DEBUG_SECTION_MISMATCH=y,
it occurs not only in the modpost stage, but also during directory
descending, where sumversion.c may parse stale *.mod files. It would emit
'No such file or directory' warning when an object consisting a module is
renamed, or when a single-obj module is turned into a multi-obj module or
vice versa.Signed-off-by: Masahiro Yamada
Acked-by: Nicolas Pitre
17 Jul, 2019
1 commit
-
Debian-based distributions place libc header files in a machine
specific directory (/usr/include/) instead of
/usr/include/asm to support installation of the linux-libc-dev
package from multiple architectures. Move headers installed by
"make headers_install" accordingly using Debian's tuple from
dpkg-architecture (stored in debian/arch).Signed-off-by: Cedric Hombourger
Signed-off-by: Masahiro Yamada
09 Jul, 2019
1 commit
-
header-test-y does not work with headers in sub-directories.
For example, you may want to write a Makefile, like this:
include/linux/Kbuild:
header-test-y += mtd/nand.h
This entry will create a wrapper include/linux/mtd/nand.hdrtest.c
with the following content:#include "mtd/nand.h"
To make this work, we need to add $(srctree)/include/linux to the
header search path. It would be tedious to add ccflags-y.Instead, we could change the *.hdrtest.c rule to wrap:
#include "nand.h"
This works for in-tree build since #include "..." searches in the
relative path from the header with this directive. For O=... build,
we need to add $(srctree)/include/linux/mtd to the header search path,
which will be even more tedious.After all, I thought it would be handier to compile headers directly
without creating wrappers.I added a new build rule to compile %.h into %.h.s
The target is %.h.s instead of %.h.o because it is slightly faster.
Also, as for GCC, an empty assembly is smaller than an empty object.I wrote the build rule:
$(CC) $(c_flags) -S -o $@ -x c /dev/null -include $<
instead of:
$(CC) $(c_flags) -S -o $@ -x c $<
Both work fine with GCC, but the latter is bad for Clang.
This comes down to the difference in the -Wunused-function policy.
GCC does not warn about unused 'static inline' functions at all.
Clang does not warn about the ones in included headers, but does
about the ones in the source. So, we should handle headers as
headers, not as source files.In fact, this has been hidden since commit abb2ea7dfd82 ("compiler,
clang: suppress warning for unused static inline functions"), but we
should not rely on that.Signed-off-by: Masahiro Yamada
Acked-by: Jani Nikula
Tested-by: Jani Nikula
15 Jun, 2019
1 commit
-
It is absolutely fine to add extra sanity checks in package scripts,
but it is not necessary to do so.This is already covered by the daily compile-testing (0day bot etc.)
because headers_check is run as a part of the normal build process
when CONFIG_HEADERS_CHECK=y.Replace it with the newly-added "make headers".
Signed-off-by: Masahiro Yamada
05 Jun, 2019
1 commit
-
The buildtar script might want to invoke a make, so tell the parent
make to pass the jobserver token pipe to the subcommand by prefixing
the command with a +.This addresses the issue seen here:
/bin/sh ../scripts/package/buildtar tar-pkg
make[3]: warning: jobserver unavailable: using -j1. Add '+' to parent make rule.See https://www.gnu.org/software/make/manual/html_node/Job-Slots.html
for more information.Signed-off-by: Trevor Bourget
Signed-off-by: Masahiro Yamada
21 May, 2019
1 commit
-
Add SPDX license identifiers to all Make/Kconfig files which:
- Have no license information of any form
These files fall under the project license, GPL v2 only. The resulting SPDX
license identifier is:GPL-2.0-only
Signed-off-by: Thomas Gleixner
Signed-off-by: Greg Kroah-Hartman
17 Mar, 2019
1 commit
-
* The man page for dpkg-source(1) notes:
> -b, --build directory [format-specific-parameters]
> Build a source package (--build since dpkg 1.17.14).
>
>
> dpkg-source will build the source package with the first
> format found in this ordered list: the format indicated
> with the --format command line option, the format
> indicated in debian/source/format, “1.0”. The fallback
> to “1.0” is deprecated and will be removed at some point
> in the future, you should always document the desired
> source format in debian/source/format. See section
> SOURCE PACKAGE FORMATS for an extensive description of
> the various source package formats.Thus it would be more foolproof to explicitly use 1.0 (as we always
did) than to rely on dpkg-source's defaults.* In a similar vein, debian/rules is not made executable by mkdebian,
and dpkg-source warns about that but still silently fixes the file.
Let's be explicit once again.Signed-off-by: Arseny Maslennikov
Signed-off-by: Masahiro Yamada
14 Mar, 2019
4 commits
-
This will be a little more efficient since unset CONFIG options are
stripped away from auto.conf, and we can hard-code the path to auto.conf
since it is never overridden.include/config/kernel.release is generated before %pkg is run.
So, it is guaranteed auto.conf is up-to-date.Signed-off-by: Masahiro Yamada
-
I think is_enabled() and if_enable_echo() in scripts/package/mkdebian
are useful.builddeb also has many repetitive greps over the kernel config, so I
borrowed the idea to clean it up.Signed-off-by: Masahiro Yamada
-
This might be a kind of bike-shed, but I personally prefer grep'able
code.I often do 'git grep CONFIG_FOO' instead of 'git grep FOO' when I
want to know where that CONFIG option is used.This makes code longer, but I hope this is acceptable level.
Signed-off-by: Masahiro Yamada
-
bison/flex is now needed always for building for kconfig. Some build
dependencies depend on kernel configuration, enable them as needed:- libelf-dev when UNWINDER_ORC is set
- libssl-dev for SYSTEM_TRUSTED_KEYRINGSince the libssl-dev is needed for extract_cert binary, denote with
:native to install the libssl-dev for the build machines architecture,
rather than for the architecture of the kernel being built.Tested-by: Manivannan Sadhasivam
Signed-off-by: Riku Voipio
Reviewed-by: Ben Hutchings
Acked-by: maximilian attems
[masahiro.yamada: change 'flex' to 'flex | flex:native' ]
Signed-off-by: Masahiro Yamada
28 Feb, 2019
1 commit
-
DPKG_FLAGS variable lets user to add more flags to dpkg-buildpackage
command in deb-pkg and bindeb-pkg.Signed-off-by: Kacper Kołodziej
Signed-off-by: Masahiro Yamada
20 Feb, 2019
1 commit
-
'$(MAKE) KBUILD_SRC=' changes the working directory back and forth
between objtree and srctree.It is better to recurse to the top-level Makefile directly.
Signed-off-by: Masahiro Yamada