Age | Commit message (Collapse) | Author | Files | Lines |
|
- Update to gcc-12.2, and cherry-pick a fix in grub for risc-v
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Given that we can use Kconfig logic directly to see if we have a program
available on the host or not, change from passing NO_SDL to instead
controlling CONFIG_SANDBOX_SDL in Kconfig directly. Introduce
CONFIG_HOST_HAS_SDL as the way to test for sdl2-config and default
CONFIG_SANDBOX_SDL on if we have that, or not.
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
We have a number of jobs that will have git complain about needing to
set safe.directory and this being untrue as a fatal error, but then
complete. Set this flag correctly now as it should be used, and may
prevent a future failure.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Add a new flag to buildman so that we will in turn pass
BINMAN_ALLOW_MISSING=1 to 'make'. Make use of this flag in CI.
Allow the settings file to control this.
Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This includes python3-pyelftools so we can drop it from one of the tests
directly.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
For building riscv32 targets we should use the riscv32 toolchain.
Add it to the Docker image.
Drop the riscv toolchain-alias as we do not need it in future.
While in here, update to the latest "jammy" tag.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Rick Chen <rick@andestech.com>
[trini: Update to latest jammy tag]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Check that sandbox builds and runs tests OK with LTO disabled.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
- We now have a new enough sbsigntools in the distro, stop building.
- Use the 20220801 tag for Jammy.
- Move to pygit2 1.9.2 (current version) as the old one doesn't build on
"Jammy".
- Add the working directory to the list of safe directories for git.
- Move to pytest 6.2.5 to address other issues.
- This move exposed a number of minor issues in the existing scripts we
used within CI to perform the jobs themselves. The most notable changes
here involve using 'set +e / set -e' to enforce when we should or should
not make non-zero buildman status be a fatal error.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
At this point given the number of PowerPC platforms we have, a single
job to build them all fits within the time limit we have in Azure.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
These boards have been orphaned for some time and are behind on various
DM migrations. Remove them.
Cc: Priyanka Jain <priyanka.jain@nxp.com>
Cc: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
As per https://github.com/actions/virtual-environments/issues/5583 the
macOS-10.15 image is being deprecated. Move us up to macOS-12.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
As per https://github.com/actions/runner-images/issues/6002 the Ubuntu
18.04 image is deprecated and will be removed by December 1, 2022.
Move to the Ubuntu 22.04 image as our base for launching our containers
from.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Use the equivalent buildman functionality to check maintainer info.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
The AST2600 has a Qemu model that allows testing. Create a SPI NOR image
containing the combined SPL and u-boot FIT image.
Reviewed-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Joel Stanley <joel@jms.id.au>
|
|
In order to prevent build regressions with ASAN, add the builds to CI.
The longer term objective will be to enabled test targets with ASAN
enabled, but there are too many at the moment.
Signed-off-by: Andrew Scull <ascull@google.com>
|
|
Based on reading https://www.msys2.org/docs/ci/ and "Other Systems"
rework how we update MSYS2 to the current version. We run it once, to
perform nothing other than being the first run, then we run pacman
twice.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Add tests for VPL into the mix. For now this just runs the help test and
a few SPL ones.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
As removal of nds32 has been ack'd for the Linux kernel, remove support
here as well.
Cc: Rick Chen <rick@andestech.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Rick Chen <rick@andestech.com>
|
|
To make addressing the problem of migrated symbols being present in
board config header files, update the CI test to them print what symbols
are causing it to fail. Also report all failures in the tree, rather
than stopping at the first failing file.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
We need to check for config header files that #undef migrated symbols as
well.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
For consistency in runs, we need to always use the same pylint version.
Pin to 2.12.2 as this is what we have been using so far.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
When calling comm to compare the CONFIG symbols a defconfig uses with
the symbols that have been migrated, we need to suppress all output as
the summary line will have everything we need. Failure to do this leads
to the test blowing up, but in non-fatal ways.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Add a check that new Python code does not regress the pylint score for
any module.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The existing options, "--fit" and "--raw," are only used to put a proper
GUID in a capsule header, where GUID identifies a particular FMP (Firmware
Management Protocol) driver which then would handle the firmware binary in
a capsule. In fact, mkeficapsule does the exact same job in creating
a capsule file whatever the firmware binary type is.
To prepare for the future extension, the command syntax will be a bit
modified to allow users to specify arbitrary GUID for their own FMP driver.
OLD:
[--fit <image> | --raw <image>] <capsule file>
NEW:
[--fit | --raw | --guid <guid-string>] <image> <capsule file>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
With this enhancement, mkeficapsule will be able to sign a capsule
file when it is created. A signature added will be used later
in the verification at FMP's SetImage() call.
To do that, we need specify additional command parameters:
-monotonic-cout <count> : monotonic count
-private-key <private key file> : private key file
-certificate <certificate file> : certificate file
Only when all of those parameters are given, a signature will be added
to a capsule file.
Users are expected to maintain and increment the monotonic count at
every time of the update for each firmware image.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
We need to install libgnutls-devel package to build the host tool,
mkeficapsule, and as of now, there seems to be a depencency conflict
in the current msys2 installer;
:: installing libp11-kit (0.24.1-1) breaks dependency \
'libp11-kit=0.23.22' required by p11-kit
To resolve this conflict, however, the initial "pacman -Syyuu" in
'tools_only_windows' job is not enough. Another "pacman -Su" will
enforce all the out-of-date packages being upgraded.
(Probably the first "-Syyuu" can be changed to "-Syu".)
See the installation steps in
https://www.msys2.org/
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
- Latest focal tag
- Add libgnutls to image
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Coreboot supports U-Boot as a payload and this recently got a bit of a
facelist. Add a test for this.
For now this uses a binary build of coreboot (v4.15). Future work could
potentially build it from source, but we need to figure out the
toolchain problems first, since coreboot uses its own toolchain. It
turns out that this is tricky, because coreboot fails to build with a
vanilla gcc.
This needs some changes to the hooks scripts as well. An example build
is at https://source.denx.de/u-boot/custodians/u-boot-dm/-/jobs/359687
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
Bring us to the focal-20220105 tag and rebuild our images on top of
this.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Follow what we do in GitLab CI where we break the jobs up in to stages
such that if earlier and often quicker sanity tests fail we don't run
everything else.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Now that all symbols that exist in Kconfig no longer also have boards
setting them in the board config.h file, add a CI test to catch new
instances of this, and fail.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
As per https://github.com/actions/virtual-environments/issues/4312 the
Windows-2016 environments are scheduled for deprecation and removal in
early 2022. Move to windows-2019 now to avoid this (Visual Studio 2019
is included here, hence the tag naming scheme change).
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
|
Instead of fetching an arm toolchain to use, run the test with the one
that's already in the container image.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
|
|
- Switch sources and CI scripts to install and use LLVM-13
- Update to latest "focal" tag.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Rebuild our current docker image so that ca-certificates will be updated
and Let's Encrypt issued certificates will work again.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
vexpress_ca9x4 is seemingly the only board except for qemu_arm which
is able to run U-Boot correctly, using the `-M vexpress-a9` option to
QEMU. Building for qemu_arm and running qemu-system-arm with the `-M
virt` argument has a number of downsides, most importantly that it
only supports virtio storage drivers. This significantly reduces its
usefulness in testing memory card and Flash solutions, especially when
the tested images are from a third party source.
So therefore we reintroduce the vexpress_ca9x4 board in this commit,
with the explicit goal of using it with QEMU.
A number of differences to note from the original:
* Since the board was apparently unmaintained, I have now set myself
as the maintainer.
* The board has been converted to use the driver model, which was the
reason it was removed in the first place.
* The vexpress_ca15_tc2 and vexpress_ca5x2 boards, which were removed
in the same commit, are not necessary for the QEMU use case, and
have been omitted.
* An `mmc0` alias was introduced in the dts file. The mmc is not
detected correctly without this, now that it's based on the device
tree instead of the board's init function.
* A couple of other nodes were removed because they were problematic
when trying to run the UEFI bootmgr. Once again, the primary use
case here is QEMU, and these nodes are not needed for that to work.
* Unnecessary board init code has been removed, thanks to driver model
and device tree.
* `CONFIG_OF_EMBED` has been enabled. I know this goes against
recommended practice, but there doesn't seem to be any other way to
pass the dtb to U-Boot in the QEMU scenario. Using the -dtb argument
does not work, I suppose because U-Boot doesn't use the same
mechanics as the kernel when it's booting.
* Load addresses have been changed to fit QEMU use case.
People wanting to get a more detailed, yet somewhat isolated, diff
between this and the original, can run this command:
git diff c6c26a05b89f25a06e7562f8c2071b60fd0c9eac~1 -- \
$( git diff-tree --diff-filter=A -r --name-only HEAD~1 HEAD)
(Make sure to either check out this commit first, or replace HEAD with
the commit ID of this commit)
Signed-off-by: Kristian Amlie <kristian.amlie@northern.tech>
|
|
- Current Ubuntu/Focal tag
- QEMU 6.1.0
- genimage tool added
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
This adds CI tests for SiFive Unleashed board.
QEMU supports booting exact the same images as used on the real
hardware out of the box, that U-Boot SPL loads U-Boot proper
from either an SD card or the SPI NOR flash, hence we can easily
set up CI to cover these 2 boot flows of SiFive Unleashed board.
With this, now we can have regression testing of mmc-spi-slot and
sifive spi drivers, as well as mmc and spi-nor subsystems.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
These boards have been removed. Drop the config file and other references.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The current stable release of LLVM is 12, update to that. While at it,
fix that we had not correctly upgraded to LLVM 11 previously.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
The aarch64 catch-all job is starting to get close to or exceed the time
limit for jobs. Move the i.MX8 boards to their own job to fix this.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
With the spear family of platforms gone, remove references to them from
the build jobs.
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
This board has not been converted to CONFIG_DM_PCI by the deadline and is
also missing conversion to CONFIG_DM. Remove it. This is also the last
of the ARCH_MPC8641/MPC8610 platforms, so remove that support as well.
Cc: Paul Gortmaker <paul.gortmaker@windriver.com>
Cc: Priyanka Jain <priyanka.jain@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
- Move to gcc-11.1.0 builds from kernel.org for supported platforms and
LLVM-11 for those tests.
- As Heinrich has noted, the RISC-V platform specification has a profile
OS-A for running rich operating systems like Linux and BSD. This profile
requires 64bit and UEFI conforming to the EBBR. Only the 'embedded'
profile may use 32bit. Given this, drop grub for 32bit RISC-V as it no
longer compiles with gcc-11.1 and upstream is unlikely to fix it:
https://www.mail-archive.com/grub-devel@gnu.org/msg30736.html
- Update to grub-2.06 release to address other issues of building with
gcc-11.1.
- Update to newer Xtensa (gcc-9.2.0) and ARC (gcc-10.2) toolchains
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Rick Chen <rick@andestech.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
|
Move us up to being based on Ubuntu 20.04 "focal" and the latest tag
from Ubuntu for this release. For this, we make sure that "python" is
now python3 but still include python2.7 for the rx51 qemu build as that
is very old and does not support python3.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
The filesystem test setup needs to prepare disk images for its tests,
with either guestmount or loop mounts. The former requires access to the
host fuse device (added in a previous patch), the latter requires access
to host loop devices. Both mounts also need additional privileges since
docker's default configuration prevents the containers from mounting
filesystems (for host security).
Add any available loop devices to the container and try to add as few
privileges as possible to run these tests, which narrow down to adding
SYS_ADMIN capability and disabling apparmor confinement. However, this
much still seems to be insecure enough to let malicious container
processes escape as root on the host system [1].
[1] https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/
Since the mentioned tests are marked to run only on the sandbox board,
add these additional devices and privileges only when testing with that.
An alternative to using mounts is modifying the filesystem tests to use
virt-make-fs (like some EFI tests do), but it fails to generate a
partitionless FAT filesystem image on Debian systems. Other more
feasible alternatives are using guestfish or directly using libguestfs
Python bindings to create and populate the images, but switching the
test setups to these is nontrivial and is left as future work.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
|
|
The EFI secure boot and capsule test setups need to prepare disk images
for their tests using virt-make-fs, which requires access to the host
fuse device. This is not exposed to the docker container by default and
has to be added explicitly. Add it.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
|
|
MSYS2 Windows build started to fail since yesterday (Jun 21):
checking keyring...
checking package integrity...
error: gcc-libs: signature from "David Macek <david.macek.0@gmail.com>" is unknown trust
:: File /var/cache/pacman/pkg/gcc-libs-10.2.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
error: gcc: signature from "David Macek <david.macek.0@gmail.com>" is unknown trust
:: File /var/cache/pacman/pkg/gcc-10.2.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
Switching to the latest installer (version 20210604) seems to fix it.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Tested-by: Tom Rini <trini@konsulko.com>
|