| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
Version 1.6.0 includes a fix for building on hosts with gcc 10.
This ports PTXdist commit 7990fbf116f66f82796b (2020-05-24, Michael
Olbrich: "host-dtc: update default version to 1.6.0").
Link: https://lkml.org/lkml/2020/4/1/1206
Link: https://git.pengutronix.de/cgit/ptxdist/commit/?id=7990fbf116f66f82796b
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
|
| |
Update to the most recent kernel version and do an oldconfig with
default values.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
| |
Migrate to the most current PTXdist version with default settings.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to the latest toolchain, which was released this week.
Updating to GCC 10 prompts for new kernel options:
| CONFIG_ARM64_PTR_AUTH:
|
| Pointer authentication (part of the ARMv8.3 Extensions) provides
| instructions for signing and authenticating pointers against secret
| keys, which can be used to mitigate Return Oriented Programming (ROP)
| and other attacks.
|
| This option enables these instructions at EL0 (i.e. for userspace).
| Choosing this option will cause the kernel to initialise secret keys
| for each process at exec() time, with these keys being
| context-switched along with the process.
|
| If the compiler supports the -mbranch-protection or
| -msign-return-address flag (e.g. GCC 7 or later), then this option
| will also cause the kernel itself to be compiled with return address
| protection. In this case, and if the target hardware is known to
| support pointer authentication, then CONFIG_STACKPROTECTOR can be
| disabled with minimal loss of protection.
|
| The feature is detected at runtime. If the feature is not present in
| hardware it will not be advertised to userspace/KVM guest nor will it
| be enabled. However, KVM guest also require VHE mode and hence
| CONFIG_ARM64_VHE=y option to use this feature.
|
| If the feature is present on the boot CPU but not on a late CPU, then
| the late CPU will be parked. Also, if the boot CPU does not have
| address auth and the late CPU has then the late CPU will still boot
| but with the feature disabled. On such a system, this option should
| not be selected.
|
| This feature works with FUNCTION_GRAPH_TRACER option only if
| DYNAMIC_FTRACE_WITH_REGS is enabled.
| CONFIG_ARM64_BTI_KERNEL:
|
| Build the kernel with Branch Target Identification annotations
| and enable enforcement of this for kernel code. When this option
| is enabled and the system supports BTI all kernel code including
| modular code must have BTI enabled.
Use their default values for enhanced security.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
| |
Enable i.MX8M boards recently added to the platform.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This updates the Kernel to Linux-5.8
The configuration has been started from "make defconfig" with the
following modifications:
- all architectures except mvebu and i.MX disabled
- modified until reason has nothing more to mourn about
- enabled Realtek Phy (needed for i.MX8MP-EVK)
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
A new ptxdist version is out.
We set PTXCONF_KERNEL_CONFIG_BASE_VERSION=y in all platforms, as
DistroKit is a base layer for other BSPs.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist version is out, update.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist version is out, so we update our configs.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist version is out, update DistroKit.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
With this release, the TF-A rule went upstream in revised form, so it's
dropped as part of the migration.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
[adapted to current next]
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new kernel is out, update all platforms.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
|
| |
HOTPLUG_CPU and CPU_ISOLATION were enabled by accident, disable.
Patch inspired by 'reason'.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist version is out, update the configs.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Trusted Firmware-A (TF-A) is a reference implementation of secure world
software for Arm A-Profile architectures (Armv8-A and Armv7-A).
TF-A is used as first-stage bootloader on the STM32MP1. We'll use
barebox for second-stage only for now, thus add a rule for TF-A.
Tested-by: Michael Tretter <m.tretter@pengutronix.de>
Signed-off-by: Rouven Czerwinski <rouven@czerwinskis.de>
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
[oldconfiged rpi an v8a platforms while applying]
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
Link: https://www.mail-archive.com/ptxdist@pengutronix.de/msg15828.html
|
|
|
|
|
|
| |
A new ptxdist version is out, update the configs.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new kernel is out, so let's update DistroKit.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
2019.09.1 is out, use it.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist version is out, update the configs.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
| |
Linux 5.4 is out, update the kernel on all platforms.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist version is out, use it.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
There is a new ptxdist version, so we update DistroKit to use it.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
|
| |
Linux 5.3 is out, so we update the kernel to the new version.
The config is oldconfiged with defaults.
Signed-off-by: Björn Esser <b.esser@pengutronix.de>
|
|
|
|
|
|
| |
A new OSELAS.Toolchain is out, with gcc-9.2.1 and glibc-2.30.
Signed-off-by: Björn Esser <b.esser@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist version is out, use it.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist version is out, so we migrate Distrokit.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
systemd requires UTS_NS, so enable it in the kernel.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
Keep all new features on their default values for now.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
| |
We have a new version; update.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist version has been released, update.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist version has been released, update.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
This fixes an errors in systemd.get, which only happened when that
systemd tarball was not already downloaded previously:
ptxdist: error: Wrong md5sum for 'systemd' (.../src/systemd-241-7-ga09c170122cf.tar.gz)
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
| |
The platform supports this hardening option, enable it.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
|
|
|
|
| |
The kernelconfig shows changes when doing a 'ptxdist oldconfig kernel',
which were introduced previously in commit 7cb2beb67.
Fixes: 7cb2beb67b21adbf3a5e ("platform-v8a: fix reason checks")
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This setting was introduced in PTXdist 2019.03.0:
Generate code to prevent stack clash style attacks. When this
option is enabled, the compiler will only allocate one page of
stack space at a time and each page is accessed immediately after
allocation. Thus, it prevents allocations from jumping over any
stack guard page provided by the operating system.
Make use of it to get more secure binaries with gcc-8's new
-fstack-clash-protection option.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
| |
Update to OSELAS.Toolchain-2018.12, which has gcc 8.2.1 and glibc 2.28.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
| |
Use the default config values.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
| |
A new ptxdist release is availabe, update to 2019.02.0.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
|
|
|
|
|
|
| |
Fix all the reason checks reported for platform-v8a.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
|