diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2cffc5532a3..5b6e8bfd924 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,8 +17,6 @@ on: - '**.tpl' # Sample config files and OpenAPI docs - '**.yaml' - # Other files that don't affect the build - - 'packages/os/eni-max-pods' concurrency: group: ${{ github.ref }} @@ -61,23 +59,12 @@ jobs: - uses: actions/checkout@v4 - name: Preflight step to set up the runner uses: ./.github/actions/setup-node - - if: contains(matrix.variant, 'nvidia') - run: | - cat <<-EOF > Licenses.toml - [nvidia] - spdx-id = "LICENSE-LicenseRef-NVIDIA-Customer" - licenses = [ - { path = "NVIDIA", license-url = "https://www.nvidia.com/en-us/drivers/nvidia-license/" } - ] - EOF - run: rustup component add rustfmt - run: cargo make -e BUILDSYS_VARIANT=${{ matrix.variant }} unit-tests - run: cargo make -e BUILDSYS_VARIANT=${{ matrix.variant }} check-fmt - # Avoid running Go lint check via `cargo make check-lints` since there's a separate golangci-lint workflow - run: cargo make -e BUILDSYS_VARIANT=${{ matrix.variant }} check-clippy - run: cargo make -e BUILDSYS_VARIANT=${{ matrix.variant }} check-shell - run: | cargo make -e BUILDSYS_VARIANT=${{ matrix.variant }} \ -e BUILDSYS_ARCH=${{ matrix.arch }} \ - -e BUILDSYS_JOBS=12 \ - -e BUILDSYS_UPSTREAM_LICENSE_FETCH="${{ contains(matrix.variant, 'nvidia') }}" + -e BUILDSYS_JOBS=12 diff --git a/.github/workflows/golangci-lint.yaml b/.github/workflows/golangci-lint.yaml deleted file mode 100644 index 107d9da9b5c..00000000000 --- a/.github/workflows/golangci-lint.yaml +++ /dev/null @@ -1,30 +0,0 @@ -name: golangci-lint -on: - pull_request: - branches: [develop] - # Only run this workflow if Go files or this workflow have been modified - paths: - - '**.go' - - '*/go.mod' - - '*/go.sum' - - '.github/workflows/golangci-lint.yaml' - -jobs: - golangci-lint: - name: lint - runs-on: ubuntu-latest - steps: - - uses: actions/setup-go@v5 - with: - go-version: 1.21 - - uses: actions/checkout@v4 - - name: lint-host-ctr - uses: golangci/golangci-lint-action@v6 - with: - version: latest - working-directory: sources/host-ctr - - name: lint-ecs-gpu-init - uses: golangci/golangci-lint-action@v6 - with: - version: latest - working-directory: sources/ecs-gpu-init diff --git a/Cargo.lock b/Cargo.lock new file mode 100644 index 00000000000..ac65bdf3c98 --- /dev/null +++ b/Cargo.lock @@ -0,0 +1,285 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "aws-dev" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-ecs-1" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-ecs-1-nvidia" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-ecs-2" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-ecs-2-nvidia" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_23" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_23-nvidia" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_24" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_24-nvidia" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_25" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_25-nvidia" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_26" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_26-nvidia" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_27" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_27-nvidia" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_28" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_28-nvidia" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_29" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_29-nvidia" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_30" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "aws-k8s-1_30-nvidia" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "metal-dev" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "metal-k8s-1_27" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "metal-k8s-1_28" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "metal-k8s-1_29" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "settings-defaults" +version = "0.1.0" + +[[package]] +name = "settings-migrations" +version = "0.1.0" + +[[package]] +name = "settings-plugins" +version = "0.1.0" + +[[package]] +name = "vmware-dev" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "vmware-k8s-1_27" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "vmware-k8s-1_28" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "vmware-k8s-1_29" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] + +[[package]] +name = "vmware-k8s-1_30" +version = "0.1.0" +dependencies = [ + "settings-defaults", + "settings-migrations", + "settings-plugins", +] diff --git a/Cargo.toml b/Cargo.toml new file mode 100644 index 00000000000..25028a36995 --- /dev/null +++ b/Cargo.toml @@ -0,0 +1,44 @@ +[workspace] +resolver = "1" +members = [ + "packages/settings-defaults", + "packages/settings-plugins", + + "variants/aws-dev", + "variants/aws-ecs-1", + "variants/aws-ecs-2", + "variants/aws-ecs-1-nvidia", + "variants/aws-ecs-2-nvidia", + "variants/aws-k8s-1.23", + "variants/aws-k8s-1.23-nvidia", + "variants/aws-k8s-1.24", + "variants/aws-k8s-1.24-nvidia", + "variants/aws-k8s-1.25", + "variants/aws-k8s-1.25-nvidia", + "variants/aws-k8s-1.26", + "variants/aws-k8s-1.26-nvidia", + "variants/aws-k8s-1.27", + "variants/aws-k8s-1.28", + "variants/aws-k8s-1.29", + "variants/aws-k8s-1.30", + "variants/aws-k8s-1.27-nvidia", + "variants/aws-k8s-1.28-nvidia", + "variants/aws-k8s-1.29-nvidia", + "variants/aws-k8s-1.30-nvidia", + "variants/metal-dev", + "variants/metal-k8s-1.27", + "variants/metal-k8s-1.28", + "variants/metal-k8s-1.29", + "variants/vmware-dev", + "variants/vmware-k8s-1.27", + "variants/vmware-k8s-1.28", + "variants/vmware-k8s-1.29", + "variants/vmware-k8s-1.30", +] + +[profile.dev] +debug = false +opt-level = 'z' + +[profile.dev.build-override] +opt-level = 'z' diff --git a/GLOSSARY.md b/GLOSSARY.md deleted file mode 100644 index dd08bfca384..00000000000 --- a/GLOSSARY.md +++ /dev/null @@ -1,47 +0,0 @@ -## Bottlerocket terms - -* [**block-party**](sources/updater/block-party): A library that helps retrieve information about Linux block devices. -* [**bork**](sources/api/bork): A setting generator called by sundog to generate the random seed for updog, determining where the host falls in the update order. -* [**buildsys**](tools/buildsys): A build tool that runs package and image builds inside containers. - cargo-make starts the build of each package, each of which calls buildsys, which in turn starts a Docker-based build using the SDK image. -* [**corndog**](sources/api/corndog): A program that sets kernel sysctl values based on API settings. -* [**early-boot-config**](sources/api/early-boot-config): A program run at boot to read platform-specific data, such as EC2 user data, and send requested configuration to the API. -* **gptprio:** A structure of bits in GPT partition headers that specifies priority, tries remaining, and whether the partition booted successfully before. - signpost sets these and GRUB uses them to determine which partition set to boot. -* [**ghostdog**](sources/ghostdog): A program used to manage ephemeral disks. -* **host containers**: Containers that run in a separate instance of containerd than "user" containers spawned by an orchestrator (e.g. Kubernetes). - Used for system maintenance and connectivity. -* [**host-ctr**](sources/host-ctr): The program started by `host-containers@.service` for each host container. - Its job is to start the specified host container on the “host” instance of containerd, which is separate from the “user” instance of containerd used for Kubernetes pods. -* [**logdog**](sources/logdog): A program that one can use to collect logs when things go wrong. -* [**metricdog**](sources/metricdog): A program that sends anonymous health pings. -* [**model**](sources/models): The API system has a data model defined for each variant, and this model is used by other programs to serialize and deserialize requests while maintaining safety around data types. -* [**netdog**](sources/api/netdog): A program called by wicked to retrieve and write out network configuration from DHCP. -* [**pluto**](sources/api/pluto): A setting generator called by sundog to find networking settings required by Kubernetes. -* [**schnauzer**](sources/api/schnauzer): A setting generator called by sundog to build setting values that contain template variables referencing other settings. -* **setting generator**: A binary that generates the default value of a setting. -* [**shibaken**](sources/api/shibaken): A setting generator called by sundog to populate the admin container's user-data with public keys from IMDS, when running in AWS. -* [**signpost**](sources/updater/signpost): A program used to manipulate the GPT header of the OS disk; fields in the header are used by GRUB to determine the partition set we should boot from. -* [**storewolf**](sources/api/storewolf): A program that sets up the data store for the API upon boot. -* [**sundog**](sources/api/sundog): A program run during boot that generates any settings that depend on runtime system information. - It finds settings that need generation by way of metadata in the API, and calls helper programs specified by that metadata. -* [**thar-be-settings**](sources/api/thar-be-settings): A program that writes out system configuration files, replacing template variables with settings from the API. -* [**updog**](sources/updater/updog): An update client that interfaces with a specified TUF updates repository to upgrade or downgrade Bottlerocket hosts to different image versions. -* [**prairiedog**](sources/api/prairiedog): A program that handles various boot related operations. -* [**shimpei**](sources/shimpei): An OCI compatible shim wrapper around `oci-add-hooks`. Its sole purpose is to call `oci-add-hooks` with the additional `--hook-config-path` and `--runtime-path` parameters that can't be provided by containerd. - -## Non-Bottlerocket terms - -* **k8s**: [Kubernetes](https://kubernetes.io/), a container orchestration system. -* [**CNI**](https://github.com/containernetworking/cni): Container Network Interface, a standard for writing plugins to configure network interfaces in containers. -* **IMDS**: [Amazon EC2's Instance Metadata Service](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). - Used to retrieve user and platform configuration on an EC2 instance. -* [**sonobuoy**](https://github.com/vmware-tanzu/sonobuoy): A diagnostic tool and runs Kubernetes conformance tests for Kubernetes clusters. -* **SSM**: [AWS Systems Manager](https://aws.amazon.com/systems-manager/). - The [SSM agent](https://docs.aws.amazon.com/systems-manager/latest/userguide/prereqs-ssm-agent.html) can be used for secure remote management. -* [**tough**](https://crates.io/crates/tough): a Rust implementation of The Update Framework (TUF). -* [**tuftool**](https://crates.io/crates/tuftool): a command line program for interacting with a TUF repo. -* **TUF**: [The Update Framework](https://theupdateframework.io/). - A framework that helps developers maintain the security of software update systems. -* [**wicked**](https://github.com/openSUSE/wicked): A network interface framework and management system. -* [**oci-add-hooks**](https://github.com/awslabs/oci-add-hooks): An OCI runtime that injects the OCI `prestart`, `poststart`, and `poststop` hooks into a container `config.json` before passing along to an OCI compatible runtime. diff --git a/Makefile.toml b/Makefile.toml index 0349d7cc5c4..0e6c16fd62b 100644 --- a/Makefile.toml +++ b/Makefile.toml @@ -1,5 +1,6 @@ [config] skip_core_tasks = true +default_to_workspace = false [env] BUILDSYS_ROOT_DIR = "${CARGO_MAKE_WORKING_DIRECTORY}" @@ -7,7 +8,7 @@ BUILDSYS_ROOT_DIR = "${CARGO_MAKE_WORKING_DIRECTORY}" # For binary installation, this should be a released version (prefixed with a v, # for example v0.1.0). For the git sourcecode installation method, this can be # any git rev, e.g. a tag, sha, or branch name. -TWOLITER_VERSION = "v0.2.0" +TWOLITER_VERSION = "v0.4.1" # For binary installation, this is the GitHub repository that has binary release artifacts attached # to it, for example https://github.com/bottlerocket-os/twoliter. For git sourcecode installation, @@ -129,7 +130,7 @@ BUILDSYS_JOBS = "8" CARGO_HOME = "${BUILDSYS_ROOT_DIR}/.cargo" # This needs to end with pkg/mod so that we can mount the parent of pkg/mod as GOPATH. GO_MOD_CACHE = "${BUILDSYS_ROOT_DIR}/.gomodcache/pkg/mod" -GO_MODULES = "ecs-gpu-init host-ctr" +GO_MODULES = "" DOCKER_BUILDKIT = "1" # This is the filename suffix for operations that write out AMI information to @@ -334,6 +335,16 @@ run_task = "run-twoliter" [tasks.fetch-vendored] run_task = "run-twoliter" +[tasks.fetch-external-kits] +dependencies = ["install-twoliter"] +command = "${TWOLITER}" +args = [ + "--log-level=${TWOLITER_LOG_LEVEL}", + "fetch", + "--project-path=${TWOLITER_PROJECT}", + "--arch=${BUILDSYS_ARCH}", +] + [tasks.unit-tests] run_task = "run-twoliter" @@ -386,9 +397,11 @@ run_task = "run-twoliter" # Builds a package including its build-time and runtime dependency packages. [tasks.build-package] +dependencies = ["fetch-external-kits"] run_task = "run-twoliter" [tasks.build-variant] +dependencies = ["fetch-external-kits"] run_task = "run-twoliter" [tasks.repack-variant] @@ -410,6 +423,7 @@ run_task = "run-twoliter" run_task = "run-twoliter" [tasks.build] +dependencies = ["fetch-external-kits"] run_task = "run-twoliter" [tasks.tuftool] diff --git a/Twoliter.lock b/Twoliter.lock new file mode 100644 index 00000000000..be101ebf24f --- /dev/null +++ b/Twoliter.lock @@ -0,0 +1,17 @@ +schema-version = 1 +release-version = "1.21.0" +digest = "3RiFnOqLalBlo5k2Avahn2m0tQRwEWC6cGIzuAvC+yg=" + +[sdk] +name = "bottlerocket-sdk" +version = "0.42.0" +vendor = "bottlerocket" +source = "public.ecr.aws/bottlerocket/bottlerocket-sdk:v0.42.0" +digest = "+Cu8yFgnaFYG5ZQ0eZWRndXxHTLEAR58EhZITbJinLI=" + +[[kit]] +name = "bottlerocket-core-kit" +version = "2.0.0" +vendor = "bottlerocket" +source = "public.ecr.aws/bottlerocket/bottlerocket-core-kit:v2.0.0" +digest = "dC/FAJ0K43AugHYTsCeMw/+bjgi1X5zXnpHsbfDnF9Y=" diff --git a/Twoliter.toml b/Twoliter.toml index 0f93e4c7d78..eb06720bee4 100644 --- a/Twoliter.toml +++ b/Twoliter.toml @@ -4,7 +4,15 @@ release-version = "1.21.0" [vendor.bottlerocket] registry = "public.ecr.aws/bottlerocket" +[vendor.agarrcia] +registry = "public.ecr.aws/bottlerocket-agarrcia" + [sdk] name = "bottlerocket-sdk" -version = "0.41.0" +version = "0.42.0" +vendor = "bottlerocket" + +[[kit]] +name = "bottlerocket-core-kit" +version = "2.0.0" vendor = "bottlerocket" diff --git a/packages/README.md b/packages/README.md deleted file mode 100644 index a13300c462e..00000000000 --- a/packages/README.md +++ /dev/null @@ -1,290 +0,0 @@ -# Bottlerocket Packages - -This document describes how packages are built for Bottlerocket. - -In the [Background](#background) section, we discuss the general approach, the specific technologies in use, and the rationale behind it all. - -In the [Development](#development) section, we provide a short guide for adding a new package. - -## Background - -Like any Linux distribution, Bottlerocket builds on a foundation of open source software, from the Linux kernel through the GNU C Library and more. -Unlike most distributions, it is not designed to be self-hosting. -We want to package and maintain only the software that we eventually ship, and not the software needed to build that software. - -Bottlerocket makes extensive use of *cross compilation* as a result. -Cross compilation involves at least two conceptually distinct systems: the *host* and the *target*. -The *host* is another Linux distribution that provides the toolchain and other tools needed to build a modern Linux userspace. -This includes `perl`, `python`, `make`, and `meson`. -The *target* is Bottlerocket. -It includes only the packages found in this directory. - -Because Bottlerocket uses image-based updates, it does not need a package manager - yet the packages are defined in RPM spec files and built using RPM. -Why? - -The separation of responsibilities between host and target outlined above is not quite enough to achieve the goal of a minimal footprint. -Many of the packages we build contain both the shared libraries we need at runtime as well as the headers we need to build other software for our target. -RPM offers a familiar mechanism for separating the artifacts from a build into different packages. -For example, libseccomp is split into a `libseccomp` package for runtime use, and a `libseccomp-devel` package for building other packages. - -With RPM it is idiomatic to define macros to standardize the invocation of scripts like `configure` and tools like `make`. -Since we are cross-compiling, many more environment variables must be set and arguments passed to ensure that builds use the target's toolchain and dependencies rather than the host's. -The spec files make extensive use of project-specific macros for this reason. - -Macros also provide a way to ensure policy objectives are applied across all packages. -Examples include stripping debug symbols, collecting software license information, and running security checks. - -A key aspect of building RPMs - or any software - is providing a consistent and clean build environment. -Otherwise, a prior build on the same host can change the result in surprising ways. -[mock](https://rpm-software-management.github.io/mock/) is often used for this, either directly or by services such as [Koji](https://fedoraproject.org/wiki/Koji). - -Bottlerocket uses Docker and containers to accomplish this instead. -Every package build starts from a container with the [Bottlerocket SDK](https://github.com/bottlerocket-os/bottlerocket-sdk) and zero or more other packages installed as dependencies. -Any source archives and patches needed for the build are copied in, and the binary RPMs are copied out once the build is complete. - -## Development - -Say we want to package `libwoof`, the C library that provides the reference implementation for the *WOOF* framework. - -### Structure -This listing shows the directory structure of our sample package. - -``` -packages/libwoof/ -├── Cargo.toml -├── libwoof.spec -``` - -Each package has a `Cargo.toml` file that lists its build dependencies, runtime dependencies, and metadata such as external files and the expected hashes. - -It also refers to a `build.rs` [build script](https://doc.rust-lang.org/cargo/reference/build-scripts.html) which tells Cargo to invoke our [buildsys](https://github.com/bottlerocket-os/twoliter/tree/develop/tools/buildsys) tool. -The RPM packages we want are built as a side effect of Cargo running the script. - -It points to `/dev/null` for the actual crate, since Cargo expects some Rust code to build, and is happy with an empty file. - -Finally, it includes a `spec` file that defines the RPM. - -### Cargo.toml - -Our sample package has the following manifest. - -```toml -[package] -name = "libwoof" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -url = "http://downloads.sourceforge.net/libwoof/libwoof-1.0.0.tar.xz" -sha512 = "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } -libseccomp = { path = "../libseccomp" } - -# RPM Requires -[dependencies] -# None -``` - -Be sure to include `publish = false` for all packages, as these are not standard crates and should never appear on [crates.io](https://crates.io/). - -#### Metadata - -The [package.metadata](https://doc.rust-lang.org/cargo/reference/manifest.html#the-metadata-table-optional) table is ignored by Cargo and interpreted by our `buildsys` tool. - -It contains an `external-files` list which provides upstream URLs and expected hashes. -These files are, by default, only fetched from our upstream source mirror, using the URL template `https://cache.bottlerocket.aws/{file}/{sha512}/{file}`. -(If `file` is not defined, the text after the last `/` character in `url` is used.) - -If your source is not yet available in the upstream source mirror, you can run `cargo make` with `-e BUILDSYS_UPSTREAM_SOURCE_FALLBACK=true`. -If you download the external source tarball to the package's directory (here, `packages/libwoof`), cargo make will use the tarball it finds there. - -#### Metadata: go dependency resolution - -Go packages may handle their dependencies by either: -- **vendoring:** the author runs `go mod vendor` at the appropriate places in their file hierarchy (basically, any directory with a `go.mod` file) and commits the resulting `vendor` directory to git (and thus to any tarball you receive). - There is nothing more you need to do if this is the case; the source code comes complete with all of its dependencies. -- **non-vendoring:** the author does not include the `vendor` directory created by `go mod vendor`. - In most environments, this will work; go will fetch dependencies automatically (and cache them). - In the Bottlerocket build environment, this will not work. - The build runs in an isolated container, and there is no way for go to fetch these files at build time. - -For a **non-vendoring** package, the Bottlerocket package build tooling can create the vendor directories and plug them in to your tree for you. -To do this, include: - -``` -bundle-modules = [ "go" ] -``` - -in your `[[package.metadata.build-package.external-files]]` section. -For a package with its only go.mod at the root of the source tree, this will create a tarball -named `bundled-tarballname.tar.gz` (where you are building from a tarball named `tarballname.tar.gz`). - -If you have multiple go.mod files, you can repeat the `[[package.metadata.build-package.external-files]]` once for each go.mod. -For this more complex scenario, you need a few extra lines: - -``` -bundle-root-path = "libwoof-1.0.0/cmd" -bundle-output-path = "bundled-cmd.tar.gz" -bundle-modules = [ "go" ] -``` - -The `bundle-root-path` variable is the full directory name where the go.mod file resides and `bundle-output-path` sets the name of the tarball to be generated. - -In each case, the resulting tarballs can be applied at the root of the source tree and will create a `vendor` directory in parallel with the `go.mod` -that generated it. -You will include and unpack these files in the `.spec` file. - -#### Dependencies - -We use the [dependencies] and [build-dependencies] sections of `Cargo.toml` to ensure additional packages are built. - -Some packages depend on building other packages first because they're used directly by the build process. -These are expressed in RPM spec with `BuildRequires:`. - -We use the `build-dependencies` section to ensure `BuildRequires:` packages are built before buildsys is invoked for the current package. -We can omit a package from `build-dependencies` if the Bottlerocket SDK provides it. - -Some packages depend on other packages being available when they're installed because they're used dynamically at runtime. -These are expressed in RPM spec with `Requires:`. - -We use the `dependencies` section to ensure packages needed at runtime are built. -We could specify these in `build-dependencies`, but we prefer to separate them to indicate that they are not needed for the current package build. - -We express `Requires:` packages in the `dependencies` section with the following exceptions: -- We omit a `Requires:` package if it is provided by the Bottlerocket SDK. -- We omit a `Requires:` package if it is defined within the same RPM spec file that `Requires:` it. -- We may omit a `Requires:` package if we know it will be built by some other requirement and we want to optimize certain developer workflows. - -In this case, `libwoof` depends on `glibc` and `libseccomp` at build-time. -We want those libraries to be built first, and for this one to be rebuilt when they are modified so we add these to the `build-dependencies`. -`libwoof` does not declare any runtime dependencies, so the `dependencies` section is empty. - -[dependencies]: https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html -[build-dependencies]: https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html#build-dependencies - -### build.rs - -We reuse the same build script for all packages. - -```rust -use std::process::{exit, Command}; - -fn main() -> Result<(), std::io::Error> { - let ret = Command::new("buildsys").arg("build-package").status()?; - if !ret.success() { - exit(1); - } - Ok(()) -} -``` - -If you need a build script with different behavior, the recommended approach is to modify the `buildsys` tool. -The `package.metadata` table can be extended with declarative elements that enable the new feature. - -### spec - -Spec files will vary widely across packages, and a full guide to RPM packaging is out of scope here. - -``` -Name: %{_cross_os}libwoof -Version: 1.0.0 -Release: 1%{?dist} -Summary: Library for woof -License: Apache-2.0 OR MIT -URL: http://sourceforge.net/projects/libwoof/ -Source0: http://downloads.sourceforge.net/libwoof/libwoof-1.0.0.tar.xz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libseccomp-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for woof -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libwoof-%{version} -p1 - -%build -%cross_configure - -%make_build - -%install -%make_install - -%files -%license LICENSE -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/libwoof -%{_cross_includedir}/libwoof/*.h -%{_cross_pkgconfigdir}/*.pc - -%changelog -``` - -Macros start with `%`. -If the macro is specific to Bottlerocket, it will include the `cross` token. -The definitions for most of these can be found in [macros](https://github.com/bottlerocket-os/bottlerocket-sdk/tree/develop/macros). -The definition for `%{_cross_variant}` is the Bottlerocket variant being built. - -When developing a package on an RPM-based system, you can expand the macros with a command like this. -```shell -$ PKG=libwoof -$ rpmspec \ - --macros "/usr/lib/rpm/macros:macros/$(uname -m):macros/shared:macros/rust:macros/cargo" \ - --define "_sourcedir packages/${PKG}" \ - --parse packages/${PKG}/${PKG}.spec -``` - -#### go mod dependencies - -If you created `bundled-xxx.tar.gz` files using `Cargo.toml`, the spec file should include them as sources, and unpack them as -part of `%prep`. -The `Source` lines will come after the `Source0` line describing the source tarball, and look something like: - -``` -Source1: bundled-v0.5.0.tar.gz -Source2: bundled-cmd.tar.gz -``` - -Then in `%prep` after unpacking your main tarball you would have: - -``` -%setup -T -D -n libwoof-1.0.0 -b 1 -q -%setup -T -D -n libwoof-1.0.0 -b 2 -q -``` - -The options are `-T` do not unpack source 0 (because we already unpacked it), `-D` also do **not** delete the directory before unpacking, `-n` to -name the build directory, `-b` to choose a source to unpack (we defined `Source1` and `Source2` above), and `-q` be quiet about it. - -### Next Steps - -The variants workspace's `Cargo.lock` may be affected by adding a package. - -1. `cd` into the `variants` directory at the root of the repository. -2. Include the new package inside the `Cargo.toml` file of the variant you want to modify. -3. Run `cargo generate-lockfile` to refresh `Cargo.lock`. - -To build your package, run the following command in the top-level Bottlerocket directory. - -```shell -cargo make -e PACKAGE=libwoof build-package -``` - -This will build your package and its dependencies. diff --git a/packages/acpid/0001-Remove-shell-dependency-by-only-shutting-down.patch b/packages/acpid/0001-Remove-shell-dependency-by-only-shutting-down.patch deleted file mode 100644 index 092ff4c12c7..00000000000 --- a/packages/acpid/0001-Remove-shell-dependency-by-only-shutting-down.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 1a6c5126697cb171eae3922d822ae90b18176e1f Mon Sep 17 00:00:00 2001 -From: iliana destroyer of worlds -Date: Fri, 18 Oct 2019 22:56:45 +0000 -Subject: [PATCH] Remove shell dependency by only shutting down - -Bottlerocket doesn't have a shell, so this is a hack to get what we want -(shutdown behavior on power button press) without rearchitecting acpid. ---- - event.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/event.c b/event.c -index 6c67062..defdc42 100644 ---- a/event.c -+++ b/event.c -@@ -687,7 +687,7 @@ do_cmd_rule(struct rule *rule, const char *event) - fprintf(stdout, "BEGIN HANDLER MESSAGES\n"); - } - umask(0077); -- execl("/bin/sh", "/bin/sh", "-c", action, NULL); -+ execl("/sbin/shutdown", "/sbin/shutdown", "-h", "now", "Power button pressed", NULL); - /* should not get here */ - acpid_log(LOG_ERR, "execl(): %s", strerror(errno)); - _exit(EXIT_FAILURE); --- -2.20.1 - diff --git a/packages/acpid/Cargo.toml b/packages/acpid/Cargo.toml deleted file mode 100644 index 60243405cc7..00000000000 --- a/packages/acpid/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "acpid" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://downloads.sourceforge.net/acpid2" - -[[package.metadata.build-package.external-files]] -url = "https://downloads.sourceforge.net/acpid2/acpid-2.0.34.tar.xz" -sha512 = "2bf92295b55bb44fe83074b3e0c1ae639f63edaeea84b2184ae95b38852be40f380d5413110b8c0fcb2efc2ec01bf4764e1dcb97022fc724bebbfc35c0b63c81" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/acpid/acpid.service b/packages/acpid/acpid.service deleted file mode 100644 index ffaf58a5de5..00000000000 --- a/packages/acpid/acpid.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=ACPI event daemon - -[Service] -Type=forking -ExecStart=/usr/sbin/acpid -c /usr/lib/acpid/events -Restart=always -RestartSec=5 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/acpid/acpid.spec b/packages/acpid/acpid.spec deleted file mode 100644 index 83ed3590a6d..00000000000 --- a/packages/acpid/acpid.spec +++ /dev/null @@ -1,43 +0,0 @@ -Name: %{_cross_os}acpid -Version: 2.0.34 -Release: 1%{?dist} -Summary: ACPI event daemon -License: GPL-2.0-or-later -URL: http://sourceforge.net/projects/acpid2/ -Source0: https://downloads.sourceforge.net/acpid2/acpid-%{version}.tar.xz -Source1: acpid.service -Source2: power.conf -Patch1: 0001-Remove-shell-dependency-by-only-shutting-down.patch -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%prep -%autosetup -n acpid-%{version} -p1 - -%build -%cross_configure -%make_build - -%install -%make_install - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_libdir}/acpid/events -install -p -m 0644 %{S:2} %{buildroot}%{_cross_libdir}/acpid/events/power - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_sbindir}/acpid -%{_cross_unitdir}/acpid.service -%{_cross_libdir}/acpid/ -%exclude %{_cross_bindir}/acpi_listen -%exclude %{_cross_sbindir}/kacpimon -%exclude %{_cross_docdir} -%exclude %{_cross_mandir} - -%changelog diff --git a/packages/acpid/power.conf b/packages/acpid/power.conf deleted file mode 100644 index ca22c14e884..00000000000 --- a/packages/acpid/power.conf +++ /dev/null @@ -1,2 +0,0 @@ -event=button/power -action=/sbin/shutdown -h now "Power button pressed" diff --git a/packages/amazon-ssm-agent/Cargo.toml b/packages/amazon-ssm-agent/Cargo.toml deleted file mode 100644 index b5f9b6c172c..00000000000 --- a/packages/amazon-ssm-agent/Cargo.toml +++ /dev/null @@ -1,16 +0,0 @@ -[package] -name = "amazon-ssm-agent" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/aws/amazon-ssm-agent/archive/3.3.418.0/amazon-ssm-agent-3.3.418.0.tar.gz" -sha512 = "b614803911b5f248dff6882f58da7a37d0d0397ea531f1f9cf30f52762ff2e80a7f0e7bf45b23fdfaecb4106a1acdbbc3b343c16940b5807bea3f953ef8e0e05" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/amazon-ssm-agent/amazon-ssm-agent.spec b/packages/amazon-ssm-agent/amazon-ssm-agent.spec deleted file mode 100644 index 7d47425b6c3..00000000000 --- a/packages/amazon-ssm-agent/amazon-ssm-agent.spec +++ /dev/null @@ -1,92 +0,0 @@ -%global goproject github.com/aws -%global gorepo amazon-ssm-agent -%global goimport %{goproject}/%{gorepo} - -Name: %{_cross_os}amazon-ssm-agent -Version: 3.3.418.0 -Release: 1%{?dist} -Summary: An agent to enable remote management of EC2 instances -License: Apache-2.0 -URL: https://github.com/aws/amazon-ssm-agent -Source0: %{gorepo}-%{version}.tar.gz -Source1000: clarify.toml - -BuildRequires: %{_cross_os}glibc-devel -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Remote management agent binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Remote management agent binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%setup -n %{gorepo}-%{version} - -%build -%set_cross_go_flags_static - -go build -ldflags "${GOLDFLAGS}" -o amazon-ssm-agent \ - ./core/agent.go ./core/agent_unix.go ./core/agent_parser.go - -gofips build -ldflags "${GOLDFLAGS}" -o fips/amazon-ssm-agent \ - ./core/agent.go ./core/agent_unix.go ./core/agent_parser.go - -go build -ldflags "${GOLDFLAGS}" -o ssm-agent-worker \ - ./agent/agent.go ./agent/agent_unix.go ./agent/agent_parser.go - -gofips build -ldflags "${GOLDFLAGS}" -o fips/ssm-agent-worker \ - ./agent/agent.go ./agent/agent_unix.go ./agent/agent_parser.go - -go build -ldflags "${GOLDFLAGS}" -o ssm-session-worker \ - ./agent/framework/processor/executer/outofproc/sessionworker/main.go - -gofips build -ldflags "${GOLDFLAGS}" -o fips/ssm-session-worker \ - ./agent/framework/processor/executer/outofproc/sessionworker/main.go - -%install -# Install the SSM agent under 'libexecdir', since it is meant to be used by other programs -install -d %{buildroot}{%{_cross_libexecdir},%{_cross_fips_libexecdir}}/amazon-ssm-agent/bin/%{version} -for b in amazon-ssm-agent ssm-agent-worker ssm-session-worker; do - install -p -m 0755 ${b} %{buildroot}%{_cross_libexecdir}/amazon-ssm-agent/bin/%{version} - install -p -m 0755 fips/${b} %{buildroot}%{_cross_fips_libexecdir}/amazon-ssm-agent/bin/%{version} -done - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -ln -sf %{version} %{buildroot}%{_cross_libexecdir}/amazon-ssm-agent/bin/latest -ln -sf %{version} %{buildroot}%{_cross_fips_libexecdir}/amazon-ssm-agent/bin/latest - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} - -%files bin -%dir %{_cross_libexecdir}/amazon-ssm-agent -%{_cross_libexecdir}/amazon-ssm-agent/bin/%{version}/amazon-ssm-agent -%{_cross_libexecdir}/amazon-ssm-agent/bin/%{version}/ssm-agent-worker -%{_cross_libexecdir}/amazon-ssm-agent/bin/%{version}/ssm-session-worker -%{_cross_libexecdir}/amazon-ssm-agent/bin/latest - -%files fips-bin -%dir %{_cross_fips_libexecdir}/amazon-ssm-agent -%{_cross_fips_libexecdir}/amazon-ssm-agent/bin/%{version}/amazon-ssm-agent -%{_cross_fips_libexecdir}/amazon-ssm-agent/bin/%{version}/ssm-agent-worker -%{_cross_fips_libexecdir}/amazon-ssm-agent/bin/%{version}/ssm-session-worker -%{_cross_fips_libexecdir}/amazon-ssm-agent/bin/latest diff --git a/packages/amazon-ssm-agent/clarify.toml b/packages/amazon-ssm-agent/clarify.toml deleted file mode 100644 index 4c2bef9a655..00000000000 --- a/packages/amazon-ssm-agent/clarify.toml +++ /dev/null @@ -1,6 +0,0 @@ -[clarify."github.com/cloudflare/circl"] -expression = "BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xc5e27124 }, -] - diff --git a/packages/aws-iam-authenticator/.gitignore b/packages/aws-iam-authenticator/.gitignore deleted file mode 100644 index 48aea47e0b0..00000000000 --- a/packages/aws-iam-authenticator/.gitignore +++ /dev/null @@ -1 +0,0 @@ -aws-iam-authenticator-0.5.3-Update-vendored-go-dependencies.patch diff --git a/packages/aws-iam-authenticator/Cargo.toml b/packages/aws-iam-authenticator/Cargo.toml deleted file mode 100644 index d1eb4a41eb7..00000000000 --- a/packages/aws-iam-authenticator/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "aws-iam-authenticator" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/kubernetes-sigs/aws-iam-authenticator/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/kubernetes-sigs/aws-iam-authenticator/archive/v0.6.14/aws-iam-authenticator-0.6.14.tar.gz" -sha512 = "26a6b394fbe767910f605a356032338a4ec254b81cd470796e3137e3595fef338bd213dee8d956c8d23e16f5508741e78664cd0f8b1acd97321d2fb5b7b723af" -bundle-modules = [ "go" ] - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/aws-iam-authenticator/aws-iam-authenticator.spec b/packages/aws-iam-authenticator/aws-iam-authenticator.spec deleted file mode 100644 index 8ec1718bade..00000000000 --- a/packages/aws-iam-authenticator/aws-iam-authenticator.spec +++ /dev/null @@ -1,74 +0,0 @@ -%global goproject github.com/kubernetes-sigs -%global gorepo aws-iam-authenticator -%global goimport %{goproject}/%{gorepo} - -%global gover 0.6.14 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: AWS IAM authenticator -License: Apache-2.0 -URL: https://%{goimport} -Source0: https://%{goimport}/archive/v%{gover}/%{gorepo}-%{gover}.tar.gz -Source1: bundled-aws-iam-authenticator-%{gover}.tar.gz -Source1000: clarify.toml - -BuildRequires: git -BuildRequires: %{_cross_os}glibc-devel -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: AWS IAM authenticator binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: AWS IAM authenticator binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%setup -n %{gorepo}-%{gover} -q -%setup -T -D -n %{gorepo}-%{version} -b 1 - -%build -%set_cross_go_flags -go build -ldflags="${GOLDFLAGS}" -o aws-iam-authenticator ./cmd/aws-iam-authenticator -gofips build -ldflags="${GOLDFLAGS}" -o fips/aws-iam-authenticator ./cmd/aws-iam-authenticator - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 aws-iam-authenticator %{buildroot}%{_cross_bindir} - -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 fips/aws-iam-authenticator %{buildroot}%{_cross_fips_bindir} - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} - -%files bin -%{_cross_bindir}/aws-iam-authenticator - -%files fips-bin -%{_cross_fips_bindir}/aws-iam-authenticator - -%changelog diff --git a/packages/aws-iam-authenticator/clarify.toml b/packages/aws-iam-authenticator/clarify.toml deleted file mode 100644 index 3fa231bd3ec..00000000000 --- a/packages/aws-iam-authenticator/clarify.toml +++ /dev/null @@ -1,5 +0,0 @@ -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] diff --git a/packages/aws-signing-helper/Cargo.toml b/packages/aws-signing-helper/Cargo.toml deleted file mode 100644 index 70e1ec77211..00000000000 --- a/packages/aws-signing-helper/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "aws-signing-helper" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/aws/rolesanywhere-credential-helper/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/aws/rolesanywhere-credential-helper/archive/v1.1.1/rolesanywhere-credential-helper-v1.1.1.tar.gz" -sha512 = "c60d62f8e946955d181577d1e2e5fe2ecb7a82ef0c4cc29fa98b6136b93e9bac9a91cffe3a98c063d7a3f07a956b02e1dd5a92160648b26bbee90aec52a15dca" -bundle-modules = [ "go" ] - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/aws-signing-helper/aws-signing-helper.spec b/packages/aws-signing-helper/aws-signing-helper.spec deleted file mode 100644 index b485b83264d..00000000000 --- a/packages/aws-signing-helper/aws-signing-helper.spec +++ /dev/null @@ -1,76 +0,0 @@ -%global goproject github.com/aws -%global gorepo rolesanywhere-credential-helper -%global goimport %{goproject}/%{gorepo} - -%global gover 1.1.1 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}aws-signing-helper -Version: %{rpmver} -Release: 1%{?dist} -Summary: AWS signing helper for IAM Roles Anywhere support -License: Apache-2.0 -URL: https://github.com/aws/rolesanywhere-credential-helper - -Source: rolesanywhere-credential-helper-v%{gover}.tar.gz -Source1: bundled-rolesanywhere-credential-helper-v%{gover}.tar.gz - -BuildRequires: %{_cross_os}glibc-devel -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: AWS signing helper binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: AWS signing helper binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%setup -n %{gorepo}-%{gover} -q -%setup -T -D -n %{gorepo}-%{gover} -b 1 -q - -%build -%set_cross_go_flags - -go build -ldflags "-X 'main.Version=${gover}' ${GOLDFLAGS}" -o aws-signing-helper main.go -gofips build -ldflags "-X 'main.Version=${gover}' ${GOLDFLAGS}" -o fips/aws-signing-helper main.go - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 aws-signing-helper %{buildroot}%{_cross_bindir}/aws_signing_helper -ln -sf aws_signing_helper %{buildroot}%{_cross_bindir}/aws-signing-helper - -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 fips/aws-signing-helper %{buildroot}%{_cross_fips_bindir}/aws_signing_helper -ln -sf aws_signing_helper %{buildroot}%{_cross_fips_bindir}/aws-signing-helper - -%cross_scan_attribution go-vendor vendor - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} - -%files bin -%{_cross_bindir}/aws_signing_helper -%{_cross_bindir}/aws-signing-helper - -%files fips-bin -%{_cross_fips_bindir}/aws_signing_helper -%{_cross_fips_bindir}/aws-signing-helper diff --git a/packages/bash/Cargo.toml b/packages/bash/Cargo.toml deleted file mode 100644 index 0af8bbeb933..00000000000 --- a/packages/bash/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "bash" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://ftp.gnu.org/gnu/bash" - -[[package.metadata.build-package.external-files]] -url = "https://ftp.gnu.org/gnu/bash/bash-5.2.21.tar.gz" -sha512 = "68af0b6b04b6825a3cb294ed8e1061d14d51d786aa7fb1c88d2848257409122f308ef4b8006ed401e2897aabe2adf6837074cea6f3a0523077308e45f49319fd" - -[build-dependencies] -glibc = { path = "../glibc" } -libncurses = { path = "../libncurses" } -readline = { path = "../readline" } diff --git a/packages/bash/bash-4.4-no-loadable-builtins.patch b/packages/bash/bash-4.4-no-loadable-builtins.patch deleted file mode 100644 index b03459d56d3..00000000000 --- a/packages/bash/bash-4.4-no-loadable-builtins.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff --git a/Makefile.in b/Makefile.in -index a1f9483..24c646a 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -800,7 +800,6 @@ install: .made installdirs - infodir=$(infodir) htmldir=$(htmldir) DESTDIR=$(DESTDIR) $@ ) - -( cd $(DEFDIR) ; $(MAKE) $(MFLAGS) DESTDIR=$(DESTDIR) $@ ) - -( cd $(PO_DIR) ; $(MAKE) $(MFLAGS) DESTDIR=$(DESTDIR) $@ ) -- -( cd $(LOADABLES_DIR) && $(MAKE) $(MFLAGS) DESTDIR=$(DESTDIR) $@ ) - - install-strip: - $(MAKE) $(MFLAGS) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s' \ --- -2.9.3 - diff --git a/packages/bash/bash-5.0-patch-1.patch b/packages/bash/bash-5.0-patch-1.patch deleted file mode 100644 index 254fd9ee092..00000000000 --- a/packages/bash/bash-5.0-patch-1.patch +++ /dev/null @@ -1,150 +0,0 @@ -From 4d2e315490b778707b3a3afdfc514d5083a97a11 Mon Sep 17 00:00:00 2001 -From: Chet Ramey -Date: Fri, 18 Jan 2019 15:12:37 -0500 -Subject: [PATCH] Bash-5.0 patch 1: fix pathname expansion of directory names - containing backslashes - ---- - bashline.c | 62 +++++++++++++++++++++++++++++++++++++++++--- - lib/glob/glob_loop.c | 6 ----- - patchlevel.h | 2 +- - 3 files changed, 60 insertions(+), 10 deletions(-) - -diff --git a/bashline.c b/bashline.c -index 2846aabf..75e79f1a 100644 ---- a/bashline.c -+++ b/bashline.c -@@ -231,6 +231,7 @@ static int bash_possible_variable_completions __P((int, int)); - static int bash_complete_command __P((int, int)); - static int bash_possible_command_completions __P((int, int)); - -+static int completion_glob_pattern __P((char *)); - static char *glob_complete_word __P((const char *, int)); - static int bash_glob_completion_internal __P((int)); - static int bash_glob_complete_word __P((int, int)); -@@ -1741,7 +1742,7 @@ bash_default_completion (text, start, end, qc, compflags) - - /* This could be a globbing pattern, so try to expand it using pathname - expansion. */ -- if (!matches && glob_pattern_p (text)) -+ if (!matches && completion_glob_pattern ((char *)text)) - { - matches = rl_completion_matches (text, glob_complete_word); - /* A glob expression that matches more than one filename is problematic. -@@ -1850,7 +1851,7 @@ command_word_completion_function (hint_text, state) - glob_matches = (char **)NULL; - } - -- globpat = glob_pattern_p (hint_text); -+ globpat = completion_glob_pattern ((char *)hint_text); - - /* If this is an absolute program name, do not check it against - aliases, reserved words, functions or builtins. We must check -@@ -3713,6 +3714,61 @@ bash_complete_command_internal (what_to_do) - return bash_specific_completion (what_to_do, command_word_completion_function); - } - -+static int -+completion_glob_pattern (string) -+ char *string; -+{ -+ register int c; -+ char *send; -+ int open; -+ -+ DECLARE_MBSTATE; -+ -+ open = 0; -+ send = string + strlen (string); -+ -+ while (c = *string++) -+ { -+ switch (c) -+ { -+ case '?': -+ case '*': -+ return (1); -+ -+ case '[': -+ open++; -+ continue; -+ -+ case ']': -+ if (open) -+ return (1); -+ continue; -+ -+ case '+': -+ case '@': -+ case '!': -+ if (*string == '(') /*)*/ -+ return (1); -+ continue; -+ -+ case '\\': -+ if (*string == 0) -+ return (0); -+ } -+ -+ /* Advance one fewer byte than an entire multibyte character to -+ account for the auto-increment in the loop above. */ -+#ifdef HANDLE_MULTIBYTE -+ string--; -+ ADVANCE_CHAR_P (string, send - string); -+ string++; -+#else -+ ADVANCE_CHAR_P (string, send - string); -+#endif -+ } -+ return (0); -+} -+ - static char *globtext; - static char *globorig; - -@@ -3877,7 +3933,7 @@ bash_vi_complete (count, key) - t = substring (rl_line_buffer, p, rl_point); - } - -- if (t && glob_pattern_p (t) == 0) -+ if (t && completion_glob_pattern (t) == 0) - rl_explicit_arg = 1; /* XXX - force glob_complete_word to append `*' */ - FREE (t); - -diff --git a/lib/glob/glob_loop.c b/lib/glob/glob_loop.c -index 5f319cc2..7d6ae211 100644 ---- a/lib/glob/glob_loop.c -+++ b/lib/glob/glob_loop.c -@@ -54,17 +54,11 @@ INTERNAL_GLOB_PATTERN_P (pattern) - continue; - - case L('\\'): --#if 0 - /* Don't let the pattern end in a backslash (GMATCH returns no match - if the pattern ends in a backslash anyway), but otherwise return 1, - since the matching engine uses backslash as an escape character - and it can be removed. */ - return (*p != L('\0')); --#else -- /* The pattern may not end with a backslash. */ -- if (*p++ == L('\0')) -- return 0; --#endif - } - - return 0; -diff --git a/patchlevel.h b/patchlevel.h -index 1cd7c96c..40db1a32 100644 ---- a/patchlevel.h -+++ b/patchlevel.h -@@ -25,6 +25,6 @@ - regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh - looks for to find the patch level (for the sccs version string). */ - --#define PATCHLEVEL 0 -+#define PATCHLEVEL 1 - - #endif /* _PATCHLEVEL_H_ */ --- -2.17.2 - diff --git a/packages/bash/bash-5.0-patch-2.patch b/packages/bash/bash-5.0-patch-2.patch deleted file mode 100644 index b9858ae18f2..00000000000 --- a/packages/bash/bash-5.0-patch-2.patch +++ /dev/null @@ -1,96 +0,0 @@ -From ddf3f643cb9b9a2ca8e6d996c605e4332204874c Mon Sep 17 00:00:00 2001 -From: Chet Ramey -Date: Fri, 18 Jan 2019 15:13:57 -0500 -Subject: [PATCH] Bash-5.0 patch 2: fix expansion of aliases whose value ends - with an unquoted tab - ---- - parse.y | 5 ++++- - parser.h | 1 + - patchlevel.h | 2 +- - y.tab.c | 5 ++++- - 4 files changed, 10 insertions(+), 3 deletions(-) - -diff --git a/parse.y b/parse.y -index 3ff87bcc..07e6e3e4 100644 ---- a/parse.y -+++ b/parse.y -@@ -2557,12 +2557,14 @@ next_alias_char: - if (uc == 0 && pushed_string_list && pushed_string_list->flags != PSH_SOURCE && - pushed_string_list->flags != PSH_DPAREN && - (parser_state & PST_COMMENT) == 0 && -+ (parser_state & PST_ENDALIAS) == 0 && /* only once */ - shell_input_line_index > 0 && -- shell_input_line[shell_input_line_index-1] != ' ' && -+ shellblank (shell_input_line[shell_input_line_index-1]) == 0 && - shell_input_line[shell_input_line_index-1] != '\n' && - shellmeta (shell_input_line[shell_input_line_index-1]) == 0 && - (current_delimiter (dstack) != '\'' && current_delimiter (dstack) != '"')) - { -+ parser_state |= PST_ENDALIAS; - return ' '; /* END_ALIAS */ - } - #endif -@@ -2571,6 +2573,7 @@ pop_alias: - /* This case works for PSH_DPAREN as well */ - if (uc == 0 && pushed_string_list && pushed_string_list->flags != PSH_SOURCE) - { -+ parser_state &= ~PST_ENDALIAS; - pop_string (); - uc = shell_input_line[shell_input_line_index]; - if (uc) -diff --git a/parser.h b/parser.h -index 54dd2c88..6d08915d 100644 ---- a/parser.h -+++ b/parser.h -@@ -47,6 +47,7 @@ - #define PST_REPARSE 0x040000 /* re-parsing in parse_string_to_word_list */ - #define PST_REDIRLIST 0x080000 /* parsing a list of redirections preceding a simple command name */ - #define PST_COMMENT 0x100000 /* parsing a shell comment; used by aliases */ -+#define PST_ENDALIAS 0x200000 /* just finished expanding and consuming an alias */ - - /* Definition of the delimiter stack. Needed by parse.y and bashhist.c. */ - struct dstack { -diff --git a/patchlevel.h b/patchlevel.h -index 40db1a32..a988d852 100644 ---- a/patchlevel.h -+++ b/patchlevel.h -@@ -25,6 +25,6 @@ - regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh - looks for to find the patch level (for the sccs version string). */ - --#define PATCHLEVEL 1 -+#define PATCHLEVEL 2 - - #endif /* _PATCHLEVEL_H_ */ -diff --git a/y.tab.c b/y.tab.c -index 1abe2c50..7efce3c8 100644 ---- a/y.tab.c -+++ b/y.tab.c -@@ -4873,12 +4873,14 @@ next_alias_char: - if (uc == 0 && pushed_string_list && pushed_string_list->flags != PSH_SOURCE && - pushed_string_list->flags != PSH_DPAREN && - (parser_state & PST_COMMENT) == 0 && -+ (parser_state & PST_ENDALIAS) == 0 && /* only once */ - shell_input_line_index > 0 && -- shell_input_line[shell_input_line_index-1] != ' ' && -+ shellblank (shell_input_line[shell_input_line_index-1]) == 0 && - shell_input_line[shell_input_line_index-1] != '\n' && - shellmeta (shell_input_line[shell_input_line_index-1]) == 0 && - (current_delimiter (dstack) != '\'' && current_delimiter (dstack) != '"')) - { -+ parser_state |= PST_ENDALIAS; - return ' '; /* END_ALIAS */ - } - #endif -@@ -4887,6 +4889,7 @@ pop_alias: - /* This case works for PSH_DPAREN as well */ - if (uc == 0 && pushed_string_list && pushed_string_list->flags != PSH_SOURCE) - { -+ parser_state &= ~PST_ENDALIAS; - pop_string (); - uc = shell_input_line[shell_input_line_index]; - if (uc) --- -2.17.2 - diff --git a/packages/bash/bash.spec b/packages/bash/bash.spec deleted file mode 100644 index 1585b209414..00000000000 --- a/packages/bash/bash.spec +++ /dev/null @@ -1,96 +0,0 @@ -Name: %{_cross_os}bash -Version: 5.2.21 -Release: 1%{?dist} -Summary: The GNU Bourne Again shell -License: GPL-3.0-or-later -URL: https://www.gnu.org/software/bash -Source0: https://ftp.gnu.org/gnu/bash/bash-%{version}.tar.gz - -# Disable loadable builtin examples -Patch127: bash-4.4-no-loadable-builtins.patch - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libncurses-devel -BuildRequires: %{_cross_os}readline-devel -Requires: %{_cross_os}libncurses -Requires: %{_cross_os}readline - -%description -%{summary}. - -%package devel -Summary: Files for development using the GNU Bourne Again shell -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n bash-%{version} -p1 - -echo %{version} > _distribution -echo %{release} > _patchlevel - -# force refreshing the generated files -rm y.tab.* - -%build -( -export \ - ac_cv_rl_prefix="%{_cross_sysroot}" \ - ac_cv_rl_version="8.0" \ - bash_cv_decl_under_sys_siglist=yes \ - bash_cv_dup2_broken=no \ - bash_cv_func_ctype_nonascii=yes \ - bash_cv_func_sbrk=yes \ - bash_cv_func_sigsetjmp=present \ - bash_cv_func_strcoll_broken=no \ - bash_cv_func_snprintf=yes \ - bash_cv_func_vsnprintf=yes \ - bash_cv_fnmatch_equiv_fallback=yes \ - bash_cv_getcwd_malloc=yes \ - bash_cv_getenv_redef=yes \ - bash_cv_job_control_missing=present \ - bash_cv_must_reinstall_sighandlers=no \ - bash_cv_opendir_not_robust=no \ - bash_cv_pgrp_pipe=yes \ - bash_cv_printf_a_format=yes \ - bash_cv_sys_named_pipes=present \ - bash_cv_sys_siglist=yes \ - bash_cv_ulimit_maxfds=yes \ - bash_cv_under_sys_siglist=yes \ - bash_cv_unusable_rtsigs=no \ - bash_cv_wcontinued_broken=no \ - bash_cv_wexitstatus_offset=8 ; -%cross_configure \ - --with-bash-malloc=no \ - --with-installed-readline -) - -make "CPPFLAGS=-D_GNU_SOURCE -DRECYCLES_PIDS -DDEFAULT_PATH_VALUE='\"/usr/local/bin:/usr/bin\"'" %{?_smp_mflags} - -%install -%make_install install-headers -ln -s bash %{buildroot}%{_cross_bindir}/sh - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_bindir}/bash -%{_cross_bindir}/sh -%exclude %{_cross_bindir}/bashbug -%exclude %{_cross_datadir}/doc/* -%exclude %{_cross_datadir}/locale/* -%exclude %{_cross_infodir}/* -%exclude %{_cross_mandir}/* - -%files devel -%dir %{_cross_includedir}/bash -%dir %{_cross_includedir}/bash/builtins -%dir %{_cross_includedir}/bash/include -%{_cross_includedir}/bash/*.h -%{_cross_includedir}/bash/builtins/*.h -%{_cross_includedir}/bash/include/*.h -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/binutils/Cargo.toml b/packages/binutils/Cargo.toml deleted file mode 100644 index a273f16c280..00000000000 --- a/packages/binutils/Cargo.toml +++ /dev/null @@ -1,17 +0,0 @@ -[package] -name = "binutils" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -url = "https://mirrors.kernel.org/gnu/binutils/binutils-2.38.tar.xz" -sha512 = "8bf0b0d193c9c010e0518ee2b2e5a830898af206510992483b427477ed178396cd210235e85fd7bd99a96fc6d5eedbeccbd48317a10f752b7336ada8b2bb826d" - -[build-dependencies] -glibc = { path = "../glibc" } -libz = { path = "../libz" } diff --git a/packages/binutils/binutils.spec b/packages/binutils/binutils.spec deleted file mode 100644 index 809e5c0655d..00000000000 --- a/packages/binutils/binutils.spec +++ /dev/null @@ -1,68 +0,0 @@ -Name: %{_cross_os}binutils -Version: 2.38 -Release: 1%{?dist} -Summary: Tools for working with binaries -URL: https://sourceware.org/binutils -License: GPL-2.0-or-later AND LGPL-2.0-or-later AND GPL-3.0-or-later -Source0: https://ftp.gnu.org/gnu/binutils/binutils-%{version}.tar.xz -Requires: %{_cross_os}libz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libz-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using tools for working with binaries -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n binutils-%{version} -p1 - -%build -# Fail if the SDK version is different than the one provided in the image -[ %{version} = $(%{_cross_target}-ld -v | awk '{print $NF}') ] || exit 1 - -%cross_configure \ - --disable-gold \ - --disable-gdb \ - --with-system-zlib \ - --without-gnu-as \ - --disable-static -%make_build MAKEINFO=true tooldir=%{_cross_prefix} - -%install -%make_install MAKEINFO=true tooldir=%{_cross_prefix} - -%files -%license COPYING COPYING3.LIB COPYING3 -%{_cross_attribution_file} -%{_cross_bindir}/ld -%{_cross_bindir}/strip -%dir %{_cross_libdir}/bfd-plugins -%{_cross_libdir}/bfd-plugins/libdep.so -%exclude %{_cross_infodir} -%exclude %{_cross_mandir} -%exclude %{_cross_localedir} -%exclude %{_cross_libdir}/ldscripts -%exclude %{_cross_libdir}/lib*.la -%exclude %{_cross_bindir}/addr2line -%exclude %{_cross_bindir}/ar -%exclude %{_cross_bindir}/c++filt -%exclude %{_cross_bindir}/elfedit -%exclude %{_cross_bindir}/gprof -%exclude %{_cross_bindir}/ld.bfd -%exclude %{_cross_bindir}/nm -%exclude %{_cross_bindir}/objcopy -%exclude %{_cross_bindir}/objdump -%exclude %{_cross_bindir}/ranlib -%exclude %{_cross_bindir}/readelf -%exclude %{_cross_bindir}/size -%exclude %{_cross_bindir}/strings - -%files devel -%{_cross_libdir}/*.a -%{_cross_includedir}/*.h diff --git a/packages/chrony/Cargo.toml b/packages/chrony/Cargo.toml deleted file mode 100644 index 0c8ad01592b..00000000000 --- a/packages/chrony/Cargo.toml +++ /dev/null @@ -1,23 +0,0 @@ -[package] -name = "chrony" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://download.tuxfamily.org/chrony" - -[[package.metadata.build-package.external-files]] -url = "https://download.tuxfamily.org/chrony/chrony-4.5.tar.gz" -sha512 = "58a449e23186da799064b16ab16f799c1673296984b152b43e87c620d86e272c55365e83439d410fc89e4e0ba0befd7d5c625eac78a6665813b7ea75444f71b5" - -[build-dependencies] -glibc = { path = "../glibc" } -libcap = { path = "../libcap" } -libseccomp = { path = "../libseccomp" } -libncurses = { path = "../libncurses" } -readline = { path = "../readline" } diff --git a/packages/chrony/chrony-conf b/packages/chrony/chrony-conf deleted file mode 100644 index 0cb10625641..00000000000 --- a/packages/chrony/chrony-conf +++ /dev/null @@ -1,12 +0,0 @@ -[required-extensions] -ntp = "v1" -+++ -{{#each settings.ntp.time-servers}} -pool {{this}}{{#each ../settings.ntp.options}} {{this}}{{/each}} -{{/each}} -driftfile /var/lib/chrony/drift -makestep 1.0 3 -dumponexit -dumpdir /var/lib/chrony -user chrony -rtcsync diff --git a/packages/chrony/chrony-sysusers.conf b/packages/chrony/chrony-sysusers.conf deleted file mode 100644 index a96868ed26d..00000000000 --- a/packages/chrony/chrony-sysusers.conf +++ /dev/null @@ -1 +0,0 @@ -u chrony - "chrony user" diff --git a/packages/chrony/chrony-tmpfiles.conf b/packages/chrony/chrony-tmpfiles.conf deleted file mode 100644 index 5fac2470a74..00000000000 --- a/packages/chrony/chrony-tmpfiles.conf +++ /dev/null @@ -1,2 +0,0 @@ -d /var/lib/chrony 0700 chrony chrony - -Z /var/lib/chrony 0700 chrony chrony - diff --git a/packages/chrony/chrony.spec b/packages/chrony/chrony.spec deleted file mode 100644 index 149dd60ee6f..00000000000 --- a/packages/chrony/chrony.spec +++ /dev/null @@ -1,72 +0,0 @@ -Name: %{_cross_os}chrony -Version: 4.5 -Release: 1%{?dist} -Summary: A versatile implementation of the Network Time Protocol -License: GPL-2.0-only -URL: https://chrony.tuxfamily.org -Source0: https://download.tuxfamily.org/chrony/chrony-%{version}.tar.gz -Source1: chronyd.service -Source2: chrony-conf -Source3: chrony-sysusers.conf -Source4: chrony-tmpfiles.conf - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libcap-devel -BuildRequires: %{_cross_os}libncurses-devel -BuildRequires: %{_cross_os}libseccomp-devel -BuildRequires: %{_cross_os}readline-devel -Requires: %{_cross_os}libcap -Requires: %{_cross_os}libseccomp - -%description -%{summary}. - -%package tools -Summary: Command-line interface for chrony daemon -Requires: %{_cross_os}chrony -Requires: %{_cross_os}libncurses -Requires: %{_cross_os}readline - -%description tools -%{summary}. - -%prep -%autosetup -n chrony-%{version} -p1 - -%build -# chrony uses a custom hand-rolled configure script -%set_cross_build_flags \ -CC=%{_cross_target}-gcc \ -./configure \ - --prefix="%{_cross_prefix}" \ - --enable-scfilter - -%make_build - -%install -%make_install - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{buildroot}%{_cross_unitdir}/chronyd.service -install -d %{buildroot}%{_cross_templatedir} -install -p -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/chrony-conf -install -d %{buildroot}%{_cross_sysusersdir} -install -p -m 0644 %{S:3} %{buildroot}%{_cross_sysusersdir}/chrony.conf -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:4} %{buildroot}%{_cross_tmpfilesdir}/chrony.conf - -%files -%license COPYING -%{_cross_attribution_file} -%dir %{_cross_templatedir} -%{_cross_sbindir}/chronyd -%{_cross_templatedir}/chrony-conf -%{_cross_unitdir}/chronyd.service -%{_cross_sysusersdir}/chrony.conf -%{_cross_tmpfilesdir}/chrony.conf -%exclude %{_cross_mandir} - -%files tools -%{_cross_bindir}/chronyc - -%changelog diff --git a/packages/chrony/chronyd.service b/packages/chrony/chronyd.service deleted file mode 100644 index d0787a09708..00000000000 --- a/packages/chrony/chronyd.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=A versatile implementation of the Network Time Protocol -Documentation=https://chrony.tuxfamily.org -After=network-online.target preconfigured.target -Wants=network-online.target preconfigured.target - -[Service] -Type=simple -ExecStart=/usr/sbin/chronyd -d -F -1 - -[Install] -WantedBy=configured.target diff --git a/packages/cni-plugins/Cargo.toml b/packages/cni-plugins/Cargo.toml deleted file mode 100644 index 757414c04dc..00000000000 --- a/packages/cni-plugins/Cargo.toml +++ /dev/null @@ -1,25 +0,0 @@ -[package] -name = "cni-plugins" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/containernetworking/plugins/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/containernetworking/plugins/archive/v1.4.0/plugins-1.4.0.tar.gz" -sha512 = "d812663fb58cfa2bfe35dd70940586d47f11feddd35a86ea7639197b022f9c0e0f487679e2e968eebf1f80b8b1d9cfbd0fe99d80590ae60a8128fa393d713e0b" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -# `iptables` is only needed at runtime, and is pulled in by `release`. -# iptables = { path = "../iptables" } diff --git a/packages/cni-plugins/cni-plugins-tmpfiles.conf b/packages/cni-plugins/cni-plugins-tmpfiles.conf deleted file mode 100644 index c6dcc309ec4..00000000000 --- a/packages/cni-plugins/cni-plugins-tmpfiles.conf +++ /dev/null @@ -1 +0,0 @@ -R! /var/lib/cni/results diff --git a/packages/cni-plugins/cni-plugins.spec b/packages/cni-plugins/cni-plugins.spec deleted file mode 100644 index f90d75daa44..00000000000 --- a/packages/cni-plugins/cni-plugins.spec +++ /dev/null @@ -1,113 +0,0 @@ -%global goproject github.com/containernetworking -%global gorepo plugins -%global goimport %{goproject}/%{gorepo} - -%global gover 1.4.0 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}cni-%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Plugins for container networking -License: Apache-2.0 -URL: https://%{goimport} -Source0: https://%{goimport}/archive/v%{gover}/%{gorepo}-%{gover}.tar.gz -Source1: cni-plugins-tmpfiles.conf -BuildRequires: git -BuildRequires: %{_cross_os}glibc-devel -Requires: %{_cross_os}iptables -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Plugins for container networking binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Plugins for container networking binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%autosetup -Sgit -n %{gorepo}-%{gover} -p1 -%cross_go_setup %{gorepo}-%{gover} %{goproject} %{goimport} - -%build -%cross_go_configure %{goimport} -for d in $(find plugins -mindepth 2 -maxdepth 2 -type d ! -name windows) ; do - go build -ldflags="${GOLDFLAGS}" -o "bin/${d##*/}" %{goimport}/${d} - gofips build -ldflags="${GOLDFLAGS}" -o "fips/bin/${d##*/}" %{goimport}/${d} -done - -%install -install -d %{buildroot}%{_cross_libexecdir}/cni/bin -install -p -m 0755 bin/* %{buildroot}%{_cross_libexecdir}/cni/bin - -install -d %{buildroot}%{_cross_fips_libexecdir}/cni/bin -install -p -m 0755 fips/bin/* %{buildroot}%{_cross_fips_libexecdir}/cni/bin - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:1} %{buildroot}%{_cross_tmpfilesdir}/cni-plugins.conf - -%cross_scan_attribution go-vendor vendor - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_tmpfilesdir}/cni-plugins.conf - -%files bin -%{_cross_libexecdir}/cni/bin/loopback -%{_cross_libexecdir}/cni/bin/bandwidth -%{_cross_libexecdir}/cni/bin/bridge -%{_cross_libexecdir}/cni/bin/dhcp -%{_cross_libexecdir}/cni/bin/dummy -%{_cross_libexecdir}/cni/bin/firewall -%{_cross_libexecdir}/cni/bin/host-device -%{_cross_libexecdir}/cni/bin/host-local -%{_cross_libexecdir}/cni/bin/ipvlan -%{_cross_libexecdir}/cni/bin/macvlan -%{_cross_libexecdir}/cni/bin/portmap -%{_cross_libexecdir}/cni/bin/ptp -%{_cross_libexecdir}/cni/bin/sbr -%{_cross_libexecdir}/cni/bin/static -%{_cross_libexecdir}/cni/bin/tap -%{_cross_libexecdir}/cni/bin/tuning -%{_cross_libexecdir}/cni/bin/vlan -%{_cross_libexecdir}/cni/bin/vrf - -%files fips-bin -%{_cross_fips_libexecdir}/cni/bin/loopback -%{_cross_fips_libexecdir}/cni/bin/bandwidth -%{_cross_fips_libexecdir}/cni/bin/bridge -%{_cross_fips_libexecdir}/cni/bin/dhcp -%{_cross_fips_libexecdir}/cni/bin/dummy -%{_cross_fips_libexecdir}/cni/bin/firewall -%{_cross_fips_libexecdir}/cni/bin/host-device -%{_cross_fips_libexecdir}/cni/bin/host-local -%{_cross_fips_libexecdir}/cni/bin/ipvlan -%{_cross_fips_libexecdir}/cni/bin/macvlan -%{_cross_fips_libexecdir}/cni/bin/portmap -%{_cross_fips_libexecdir}/cni/bin/ptp -%{_cross_fips_libexecdir}/cni/bin/sbr -%{_cross_fips_libexecdir}/cni/bin/static -%{_cross_fips_libexecdir}/cni/bin/tap -%{_cross_fips_libexecdir}/cni/bin/tuning -%{_cross_fips_libexecdir}/cni/bin/vlan -%{_cross_fips_libexecdir}/cni/bin/vrf - -%changelog diff --git a/packages/cni/Cargo.toml b/packages/cni/Cargo.toml deleted file mode 100644 index 19dbf2a2d1e..00000000000 --- a/packages/cni/Cargo.toml +++ /dev/null @@ -1,26 +0,0 @@ -[package] -name = "cni" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/containernetworking/cni/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/containernetworking/cni/archive/v1.1.2/cni-1.1.2.tar.gz" -sha512 = "dc4795fb03b8dc9d116692e0dd0feb1b57a481ed7414c8dc376a892725b0b3d9dd8b04b2be09073b95c8c9eec2c0165d0353f6be643647f4c4de0114b9dd5930" -bundle-modules = [ "go" ] - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -# `iptables` is only needed at runtime, and is pulled in by `release`. -# iptables = { path = "../iptables" } diff --git a/packages/cni/cni.spec b/packages/cni/cni.spec deleted file mode 100644 index 8b156091de5..00000000000 --- a/packages/cni/cni.spec +++ /dev/null @@ -1,46 +0,0 @@ -%global goproject github.com/containernetworking -%global gorepo cni -%global goimport %{goproject}/%{gorepo} - -%global gover 1.1.2 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Plugins for container networking -License: Apache-2.0 -URL: https://%{goimport} -Source0: https://%{goimport}/archive/v%{gover}/%{gorepo}-%{gover}.tar.gz -Source1: bundled-%{gorepo}-%{gover}.tar.gz -BuildRequires: git -BuildRequires: %{_cross_os}glibc-devel -Requires: %{_cross_os}iptables - -%description -%{summary}. - -%prep -%setup -n %{gorepo}-%{gover} -q -%setup -T -D -n %{gorepo}-%{gover} -b 1 -q - -%build -%set_cross_go_flags - -go build -ldflags="${GOLDFLAGS}" -o "bin/cnitool" %{goimport}/cnitool - -%install -install -d %{buildroot}%{_cross_libexecdir}/cni/bin -install -p -m 0755 bin/cnitool %{buildroot}%{_cross_libexecdir}/cni/bin - -%cross_scan_attribution go-vendor vendor - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_libexecdir}/cni/bin/cnitool - -%changelog diff --git a/packages/conntrack-tools/0001-disable-RPC-helper.patch b/packages/conntrack-tools/0001-disable-RPC-helper.patch deleted file mode 100644 index b98d1d4388f..00000000000 --- a/packages/conntrack-tools/0001-disable-RPC-helper.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 5a76b5fa1b631191adbec7919f58e067dd6c2896 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Tue, 19 Mar 2024 14:17:52 +0000 -Subject: [PATCH] disable RPC helper - -We do not intend to run the daemon to synchronize firewall rules or -to collect statistics, so we do not need its protocol helpers. - -The RPC helper would require us to package libtirpc, which we want -to avoid for now since we have no other need for it. - -Signed-off-by: Ben Cressey ---- - configure.ac | 2 -- - src/helpers/Makefile.am | 5 ----- - 2 files changed, 7 deletions(-) - -diff --git a/configure.ac b/configure.ac -index da852b1..973a9d5 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -49,8 +49,6 @@ AC_ARG_ENABLE([systemd], - AS_HELP_STRING([--enable-systemd], [Build systemd support]), - [enable_systemd="$enableval"], [enable_systemd="no"]) - --AC_CHECK_HEADER([rpc/rpc_msg.h], [AC_SUBST([LIBTIRPC_CFLAGS],'')], [PKG_CHECK_MODULES([LIBTIRPC], [libtirpc])]) -- - PKG_CHECK_MODULES([LIBNFNETLINK], [libnfnetlink >= 1.0.1]) - PKG_CHECK_MODULES([LIBMNL], [libmnl >= 1.0.3]) - PKG_CHECK_MODULES([LIBNETFILTER_CONNTRACK], [libnetfilter_conntrack >= 1.0.9]) -diff --git a/src/helpers/Makefile.am b/src/helpers/Makefile.am -index e458ab4..47f1d46 100644 ---- a/src/helpers/Makefile.am -+++ b/src/helpers/Makefile.am -@@ -4,7 +4,6 @@ pkglib_LTLIBRARIES = ct_helper_amanda.la \ - ct_helper_dhcpv6.la \ - ct_helper_ftp.la \ - ct_helper_mdns.la \ -- ct_helper_rpc.la \ - ct_helper_tftp.la \ - ct_helper_tns.la \ - ct_helper_sane.la \ -@@ -30,10 +29,6 @@ ct_helper_mdns_la_SOURCES = mdns.c - ct_helper_mdns_la_LDFLAGS = $(HELPER_LDFLAGS) - ct_helper_mdns_la_CFLAGS = $(HELPER_CFLAGS) - --ct_helper_rpc_la_SOURCES = rpc.c --ct_helper_rpc_la_LDFLAGS = $(HELPER_LDFLAGS) --ct_helper_rpc_la_CFLAGS = $(HELPER_CFLAGS) $(LIBTIRPC_CFLAGS) -- - ct_helper_tftp_la_SOURCES = tftp.c - ct_helper_tftp_la_LDFLAGS = $(HELPER_LDFLAGS) - ct_helper_tftp_la_CFLAGS = $(HELPER_CFLAGS) --- -2.40.1 - diff --git a/packages/conntrack-tools/Cargo.toml b/packages/conntrack-tools/Cargo.toml deleted file mode 100644 index 8ed9028c72c..00000000000 --- a/packages/conntrack-tools/Cargo.toml +++ /dev/null @@ -1,25 +0,0 @@ -[package] -name = "conntrack-tools" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://www.netfilter.org/projects/conntrack-tools/files" - -[[package.metadata.build-package.external-files]] -url = "https://www.netfilter.org/projects/conntrack-tools/files/conntrack-tools-1.4.8.tar.xz" -sha512 = "95d8f6f068c1342ad7e767537e722272a4f5bd8b46b952713ade053a1043aa9ababbe5ce658ede9c77b6de5221b97ad8833777caffd69b67dd70a99f2b45afdf" - -[build-dependencies] -glibc = { path = "../glibc" } -libmnl = { path = "../libmnl" } -libnetfilter_conntrack = { path = "../libnetfilter_conntrack" } -libnetfilter_cthelper = { path = "../libnetfilter_cthelper" } -libnetfilter_cttimeout = { path = "../libnetfilter_cttimeout" } -libnetfilter_queue = { path = "../libnetfilter_queue" } -libnfnetlink = { path = "../libnfnetlink" } diff --git a/packages/conntrack-tools/conntrack-tools.spec b/packages/conntrack-tools/conntrack-tools.spec deleted file mode 100644 index 2d8846c4400..00000000000 --- a/packages/conntrack-tools/conntrack-tools.spec +++ /dev/null @@ -1,56 +0,0 @@ -Name: %{_cross_os}conntrack-tools -Version: 1.4.8 -Release: 1%{?dist} -Summary: Tools for managing Linux kernel connection tracking -# src/utils.c contains GPLv2-only code from linux -License: GPL-2.0-or-later AND GPL-2.0-only -URL: http://conntrack-tools.netfilter.org/ -Source0: https://www.netfilter.org/projects/conntrack-tools/files/conntrack-tools-%{version}.tar.xz -Patch1: 0001-disable-RPC-helper.patch - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libmnl-devel -BuildRequires: %{_cross_os}libnfnetlink-devel -BuildRequires: %{_cross_os}libnetfilter_conntrack-devel -BuildRequires: %{_cross_os}libnetfilter_cthelper-devel -BuildRequires: %{_cross_os}libnetfilter_cttimeout-devel -BuildRequires: %{_cross_os}libnetfilter_queue-devel -Requires: %{_cross_os}libmnl -Requires: %{_cross_os}libnfnetlink -Requires: %{_cross_os}libnetfilter_conntrack -Requires: %{_cross_os}libnetfilter_cthelper -Requires: %{_cross_os}libnetfilter_cttimeout -Requires: %{_cross_os}libnetfilter_queue - -%description -%{summary}. - -%package devel -Summary: Files for development using the tools for managing Linux kernel connection tracking -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n conntrack-tools-%{version} -p1 - -%build -autoreconf -fi -%cross_configure - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_sbindir}/conntrack -%exclude %{_cross_sbindir}/conntrackd -%exclude %{_cross_sbindir}/nfct -%exclude %{_cross_libdir}/conntrack-tools -%exclude %{_cross_mandir} - -%changelog diff --git a/packages/containerd/Cargo.toml b/packages/containerd/Cargo.toml deleted file mode 100644 index df5e3373697..00000000000 --- a/packages/containerd/Cargo.toml +++ /dev/null @@ -1,25 +0,0 @@ -[package] -name = "containerd" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/containerd/containerd/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/containerd/containerd/archive/v1.7.17/containerd-1.7.17.tar.gz" -sha512 = "78ed36ee43def3b83a1e0e8cc7da1e96517dd08c3fb19d2cdaf0e739d5a4188d313cd1f4f2a02701eb79cdcbfea5deba14030b438a0b07b08ec30510f4bb7660" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -runc = { path = "../runc" } -pigz = { path = "../pigz" } diff --git a/packages/containerd/clarify.toml b/packages/containerd/clarify.toml deleted file mode 100644 index 3fa231bd3ec..00000000000 --- a/packages/containerd/clarify.toml +++ /dev/null @@ -1,5 +0,0 @@ -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] diff --git a/packages/containerd/containerd-config-toml_basic b/packages/containerd/containerd-config-toml_basic deleted file mode 100644 index 0483eb0a1d4..00000000000 --- a/packages/containerd/containerd-config-toml_basic +++ /dev/null @@ -1,15 +0,0 @@ -+++ -version = 2 -root = "/var/lib/containerd" -state = "/run/containerd" -disabled_plugins = [ - "io.containerd.internal.v1.opt", - "io.containerd.snapshotter.v1.aufs", - "io.containerd.snapshotter.v1.devmapper", - "io.containerd.snapshotter.v1.native", - "io.containerd.snapshotter.v1.zfs", - "io.containerd.grpc.v1.cri", -] - -[grpc] -address = "/run/containerd/containerd.sock" diff --git a/packages/containerd/containerd-config-toml_k8s_containerd_sock b/packages/containerd/containerd-config-toml_k8s_containerd_sock deleted file mode 100644 index b0c20ecadef..00000000000 --- a/packages/containerd/containerd-config-toml_k8s_containerd_sock +++ /dev/null @@ -1,80 +0,0 @@ -[required-extensions] -container-registry = "v1" -container-runtime = "v1" -kubernetes = "v1" -std = { version = "v1", helpers = ["join_array"]} -+++ -version = 2 -root = "/var/lib/containerd" -state = "/run/containerd" -disabled_plugins = [ - "io.containerd.internal.v1.opt", - "io.containerd.snapshotter.v1.aufs", - "io.containerd.snapshotter.v1.devmapper", - "io.containerd.snapshotter.v1.native", - "io.containerd.snapshotter.v1.zfs", -] - -[grpc] -address = "/run/containerd/containerd.sock" - -[plugins."io.containerd.grpc.v1.cri"] -enable_selinux = true -# Pause container image is specified here, shares the same image as kubelet's pod-infra-container-image -sandbox_image = "localhost/kubernetes/pause:0.1.0" -{{#if settings.container-runtime.max-container-log-line-size}} -max_container_log_line_size = {{settings.container-runtime.max-container-log-line-size}} -{{/if}} -{{#if settings.container-runtime.max-concurrent-downloads}} -max_concurrent_downloads = {{settings.container-runtime.max-concurrent-downloads}} -{{/if}} -{{#if settings.container-runtime.enable-unprivileged-ports}} -enable_unprivileged_ports = {{settings.container-runtime.enable-unprivileged-ports}} -{{/if}} -{{#if settings.container-runtime.enable-unprivileged-icmp}} -enable_unprivileged_icmp = {{settings.container-runtime.enable-unprivileged-icmp}} -{{/if}} - -[plugins."io.containerd.grpc.v1.cri".containerd] -default_runtime_name = "shimpei" - -[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.shimpei] -runtime_type = "io.containerd.runc.v2" -base_runtime_spec = "/etc/containerd/cri-base.json" - -[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.shimpei.options] -SystemdCgroup = true -BinaryName = "shimpei" - -[plugins."io.containerd.grpc.v1.cri".cni] -bin_dir = "/opt/cni/bin" -conf_dir = "/etc/cni/net.d" - -{{#if settings.container-registry.mirrors}} -{{#each settings.container-registry.mirrors}} -[plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{registry}}"] -endpoint = [{{join_array ", " endpoint }}] -{{/each}} -{{/if}} - -{{#if settings.container-registry.credentials}} -{{#each settings.container-registry.credentials}} -{{#if (eq registry "docker.io" )}} -[plugins."io.containerd.grpc.v1.cri".registry.configs."registry-1.docker.io".auth] -{{else}} -[plugins."io.containerd.grpc.v1.cri".registry.configs."{{registry}}".auth] -{{/if}} -{{#if username}} -username = "{{{username}}}" -{{/if}} -{{#if password}} -password = "{{{password}}}" -{{/if}} -{{#if auth}} -auth = "{{{auth}}}" -{{/if}} -{{#if identitytoken}} -identitytoken = "{{{identitytoken}}}" -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/containerd/containerd-config-toml_k8s_nvidia_containerd_sock b/packages/containerd/containerd-config-toml_k8s_nvidia_containerd_sock deleted file mode 100644 index 0806e2445f7..00000000000 --- a/packages/containerd/containerd-config-toml_k8s_nvidia_containerd_sock +++ /dev/null @@ -1,80 +0,0 @@ -[required-extensions] -container-registry = "v1" -container-runtime = "v1" -kubernetes = "v1" -std = { version = "v1", helpers = ["join_array"]} -+++ -version = 2 -root = "/var/lib/containerd" -state = "/run/containerd" -disabled_plugins = [ - "io.containerd.internal.v1.opt", - "io.containerd.snapshotter.v1.aufs", - "io.containerd.snapshotter.v1.devmapper", - "io.containerd.snapshotter.v1.native", - "io.containerd.snapshotter.v1.zfs", -] - -[grpc] -address = "/run/containerd/containerd.sock" - -[plugins."io.containerd.grpc.v1.cri"] -enable_selinux = true -# Pause container image is specified here, shares the same image as kubelet's pod-infra-container-image -sandbox_image = "localhost/kubernetes/pause:0.1.0" -{{#if settings.container-runtime.max-container-log-line-size}} -max_container_log_line_size = {{settings.container-runtime.max-container-log-line-size}} -{{/if}} -{{#if settings.container-runtime.max-concurrent-downloads}} -max_concurrent_downloads = {{settings.container-runtime.max-concurrent-downloads}} -{{/if}} -{{#if settings.container-runtime.enable-unprivileged-ports}} -enable_unprivileged_ports = {{settings.container-runtime.enable-unprivileged-ports}} -{{/if}} -{{#if settings.container-runtime.enable-unprivileged-icmp}} -enable_unprivileged_icmp = {{settings.container-runtime.enable-unprivileged-icmp}} -{{/if}} - -[plugins."io.containerd.grpc.v1.cri".containerd] -default_runtime_name = "nvidia" - -[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia] -runtime_type = "io.containerd.runc.v2" -base_runtime_spec = "/etc/containerd/cri-base.json" - -[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia.options] -SystemdCgroup = true -BinaryName = "nvidia-oci" - -[plugins."io.containerd.grpc.v1.cri".cni] -bin_dir = "/opt/cni/bin" -conf_dir = "/etc/cni/net.d" - -{{#if settings.container-registry.mirrors}} -{{#each settings.container-registry.mirrors}} -[plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{registry}}"] -endpoint = [{{join_array ", " endpoint }}] -{{/each}} -{{/if}} - -{{#if settings.container-registry.credentials}} -{{#each settings.container-registry.credentials}} -{{#if (eq registry "docker.io" )~}} -[plugins."io.containerd.grpc.v1.cri".registry.configs."registry-1.docker.io".auth] -{{else}} -[plugins."io.containerd.grpc.v1.cri".registry.configs."{{registry}}".auth] -{{/if}} -{{#if username}} -username = "{{{username}}}" -{{/if}} -{{#if password}} -password = "{{{password}}}" -{{/if}} -{{#if auth}} -auth = "{{{auth}}}" -{{/if}} -{{#if identitytoken}} -identitytoken = "{{{identitytoken}}}" -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/containerd/containerd-cri-base-json b/packages/containerd/containerd-cri-base-json deleted file mode 100644 index 191dadc4c8c..00000000000 --- a/packages/containerd/containerd-cri-base-json +++ /dev/null @@ -1,163 +0,0 @@ -[required-extensions] -oci-defaults = { version = "v1", helpers = ["oci_defaults"] } -+++ -{ - "ociVersion": "1.0.2-dev", - "process": { - "user": { - "uid": 0, - "gid": 0 - }, - "cwd": "/", - {{~#if settings.oci-defaults.capabilities~}} - "capabilities": { - {{~oci_defaults "containerd" settings.oci-defaults.capabilities~}} - }, - {{~/if~}} - {{~#if settings.oci-defaults.resource-limits~}} - "rlimits": [ - {{~oci_defaults "containerd" settings.oci-defaults.resource-limits~}} - ], - {{~/if~}} - "noNewPrivileges": true - }, - "root": { - "path": "rootfs" - }, - "mounts": [ - { - "destination": "/proc", - "type": "proc", - "source": "proc", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/dev", - "type": "tmpfs", - "source": "tmpfs", - "options": [ - "nosuid", - "strictatime", - "mode=755", - "size=65536k" - ] - }, - { - "destination": "/dev/pts", - "type": "devpts", - "source": "devpts", - "options": [ - "nosuid", - "noexec", - "newinstance", - "ptmxmode=0666", - "mode=0620", - "gid=5" - ] - }, - { - "destination": "/dev/shm", - "type": "tmpfs", - "source": "shm", - "options": [ - "nosuid", - "noexec", - "nodev", - "mode=1777", - "size=65536k" - ] - }, - { - "destination": "/dev/mqueue", - "type": "mqueue", - "source": "mqueue", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/sys", - "type": "sysfs", - "source": "sysfs", - "options": [ - "nosuid", - "noexec", - "nodev", - "ro" - ] - }, - { - "destination": "/run", - "type": "tmpfs", - "source": "tmpfs", - "options": [ - "nosuid", - "strictatime", - "mode=755", - "size=65536k" - ] - }, - { - "destination": "/usr/local/sbin/modprobe", - "source": "/usr/bin/kmod", - "options": [ - "exec", - "bind", - "ro" - ] - } - ], - "linux": { - "resources": { - "devices": [ - { - "allow": false, - "access": "rwm" - } - ] - }, - "cgroupsPath": "/default", - "namespaces": [ - { - "type": "pid" - }, - { - "type": "ipc" - }, - { - "type": "uts" - }, - { - "type": "mount" - }, - { - "type": "network" - } - ], - "maskedPaths": [ - "/proc/acpi", - "/proc/asound", - "/proc/kcore", - "/proc/keys", - "/proc/latency_stats", - "/proc/timer_list", - "/proc/timer_stats", - "/proc/sched_debug", - "/sys/firmware", - "/proc/scsi" - ], - "readonlyPaths": [ - "/proc/bus", - "/proc/fs", - "/proc/irq", - "/proc/sys", - "/proc/sysrq-trigger" - ] - } -} diff --git a/packages/containerd/containerd-tmpfiles.conf b/packages/containerd/containerd-tmpfiles.conf deleted file mode 100644 index 4efaecb0f58..00000000000 --- a/packages/containerd/containerd-tmpfiles.conf +++ /dev/null @@ -1 +0,0 @@ -d /etc/cni/net.d - - - - diff --git a/packages/containerd/containerd.service b/packages/containerd/containerd.service deleted file mode 100644 index fc18c2baa10..00000000000 --- a/packages/containerd/containerd.service +++ /dev/null @@ -1,24 +0,0 @@ -[Unit] -Description=containerd container runtime -Documentation=https://containerd.io -After=network-online.target configured.target -Wants=network-online.target configured.target - -[Service] -Slice=runtime.slice -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=-/etc/containerd/nvidia.env -ExecStart=/usr/bin/containerd -Type=notify -Delegate=yes -KillMode=process -TimeoutSec=0 -RestartSec=2 -Restart=always -LimitNPROC=infinity -LimitCORE=infinity -LimitNOFILE=infinity -TasksMax=infinity - -[Install] -WantedBy=multi-user.target diff --git a/packages/containerd/containerd.spec b/packages/containerd/containerd.spec deleted file mode 100644 index ddba00723e2..00000000000 --- a/packages/containerd/containerd.spec +++ /dev/null @@ -1,138 +0,0 @@ -%global goproject github.com/containerd -%global gorepo containerd -%global goimport %{goproject}/%{gorepo} - -%global gover 1.7.17 -%global rpmver %{gover} -%global gitrev 3a4de459a68952ffb703bbe7f2290861a75b6b67 - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: An industry-standard container runtime -License: Apache-2.0 -URL: https://%{goimport} -Source0: https://%{goimport}/archive/v%{gover}/%{gorepo}-%{gover}.tar.gz -Source1: containerd.service -Source2: containerd-config-toml_k8s_containerd_sock -Source3: containerd-config-toml_basic -Source4: containerd-config-toml_k8s_nvidia_containerd_sock -Source5: containerd-tmpfiles.conf -Source6: containerd-cri-base-json - -# Mount for writing containerd configuration -Source100: etc-containerd.mount - -# Create container storage mount point. -Source110: prepare-var-lib-containerd.service - -Source1000: clarify.toml - -BuildRequires: git -BuildRequires: %{_cross_os}glibc-devel -Requires: %{_cross_os}runc -Requires: %{_cross_os}pigz -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: An industry-standard container runtime's binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: An industry-standard container runtime's binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%autosetup -Sgit -n %{gorepo}-%{gover} -p1 -%cross_go_setup %{gorepo}-%{gover} %{goproject} %{goimport} - -%build -%cross_go_configure %{goimport} -export BUILDTAGS="no_btrfs selinux" -export LD_VERSION="-X github.com/containerd/containerd/version.Version=%{gover}+bottlerocket" -export LD_REVISION="-X github.com/containerd/containerd/version.Revision=%{gitrev}" - -declare -a BUILD_ARGS -BUILD_ARGS=( - -tags="${BUILDTAGS}" - -ldflags="${GOLDFLAGS} ${LD_VERSION} ${LD_REVISION}" -) - -for bin in \ - containerd \ - containerd-shim \ - containerd-shim-runc-v1 \ - containerd-shim-runc-v2 \ - ctr ; -do - go build "${BUILD_ARGS[@]}" -o ${bin} %{goimport}/cmd/${bin} - gofips build "${BUILD_ARGS[@]}" -o fips/${bin} %{goimport}/cmd/${bin} -done - -%install -install -d %{buildroot}{%{_cross_bindir},%{_cross_fips_bindir}} -for bin in \ - containerd \ - containerd-shim \ - containerd-shim-runc-v1 \ - containerd-shim-runc-v2 \ - ctr ; -do - install -p -m 0755 ${bin} %{buildroot}%{_cross_bindir} - install -p -m 0755 fips/${bin} %{buildroot}%{_cross_fips_bindir} -done - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:100} %{S:110} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_templatedir} -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/containerd -install -p -m 0644 %{S:2} %{S:3} %{S:4} %{S:6} %{buildroot}%{_cross_templatedir} - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:5} %{buildroot}%{_cross_tmpfilesdir}/containerd.conf - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -%files -%license LICENSE NOTICE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/containerd.service -%{_cross_unitdir}/etc-containerd.mount -%{_cross_unitdir}/prepare-var-lib-containerd.service -%dir %{_cross_factorydir}%{_cross_sysconfdir}/containerd -%{_cross_templatedir}/containerd-config-toml* -%{_cross_templatedir}/containerd-cri-base-json -%{_cross_tmpfilesdir}/containerd.conf - -%files bin -%{_cross_bindir}/containerd -%{_cross_bindir}/containerd-shim -%{_cross_bindir}/containerd-shim-runc-v1 -%{_cross_bindir}/containerd-shim-runc-v2 -%{_cross_bindir}/ctr - -%files fips-bin -%{_cross_fips_bindir}/containerd -%{_cross_fips_bindir}/containerd-shim -%{_cross_fips_bindir}/containerd-shim-runc-v1 -%{_cross_fips_bindir}/containerd-shim-runc-v2 -%{_cross_fips_bindir}/ctr - -%changelog diff --git a/packages/containerd/etc-containerd.mount b/packages/containerd/etc-containerd.mount deleted file mode 100644 index 314779a2786..00000000000 --- a/packages/containerd/etc-containerd.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Containerd Configuration Directory (/etc/containerd) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/containerd -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,mode=0750,context=system_u:object_r:secret_t:s0 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/containerd/prepare-var-lib-containerd.service b/packages/containerd/prepare-var-lib-containerd.service deleted file mode 100644 index 285e90fa554..00000000000 --- a/packages/containerd/prepare-var-lib-containerd.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Containerd Directory (/var/lib/containerd) -DefaultDependencies=no -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Remove an existing symlink, if present. Intentionally not recursive! -ExecStartPre=-/usr/bin/rm -f /var/lib/containerd - -# Create /var/lib/containerd so it is available for bind mounts. -ExecStart=/usr/bin/mkdir -p /var/lib/containerd - -# Suppress warning if directory exists. -StandardError=null - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/coreutils/Cargo.toml b/packages/coreutils/Cargo.toml deleted file mode 100644 index a4e000ae92d..00000000000 --- a/packages/coreutils/Cargo.toml +++ /dev/null @@ -1,24 +0,0 @@ -[package] -name = "coreutils" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://ftp.gnu.org/gnu/coreutils" - -[[package.metadata.build-package.external-files]] -url = "https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.xz" -sha512 = "2ca0deac4dc10a80fd0c6fd131252e99d457fd03b7bd626a6bc74fe5a0529c0a3d48ce1f5da1d3b3a7a150a1ce44f0fbb6b68a6ac543dfd5baa3e71f5d65401c" - -[build-dependencies] -glibc = { path = "../glibc" } -libacl = { path = "../libacl" } -libattr = { path = "../libattr" } -libcap = { path = "../libcap" } -libselinux = { path = "../libselinux" } -libxcrypt = { path = "../libxcrypt" } diff --git a/packages/coreutils/coreutils.spec b/packages/coreutils/coreutils.spec deleted file mode 100644 index 84f95e6435a..00000000000 --- a/packages/coreutils/coreutils.spec +++ /dev/null @@ -1,152 +0,0 @@ -Name: %{_cross_os}coreutils -Version: 9.5 -Release: 1%{?dist} -Summary: A set of basic GNU tools -License: GPL-3.0-or-later -URL: https://www.gnu.org/software/coreutils/ -Source0: https://ftp.gnu.org/gnu/coreutils/coreutils-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libacl-devel -BuildRequires: %{_cross_os}libattr-devel -BuildRequires: %{_cross_os}libcap-devel -BuildRequires: %{_cross_os}libselinux-devel -BuildRequires: %{_cross_os}libxcrypt-devel -Requires: %{_cross_os}libacl -Requires: %{_cross_os}libattr -Requires: %{_cross_os}libcap -Requires: %{_cross_os}libselinux -Requires: %{_cross_os}libxcrypt - -%description -%{summary}. - -%prep -%autosetup -n coreutils-%{version} -p1 - -%build -%cross_configure \ - --disable-acl \ - --disable-rpath \ - --enable-single-binary=symlinks \ - --enable-no-install-program=kill,stdbuf,uptime \ - --with-selinux \ - --without-gmp \ - --without-openssl \ - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_bindir}/[ -%{_cross_bindir}/b2sum -%{_cross_bindir}/base32 -%{_cross_bindir}/base64 -%{_cross_bindir}/basename -%{_cross_bindir}/basenc -%{_cross_bindir}/cat -%{_cross_bindir}/chcon -%{_cross_bindir}/chgrp -%{_cross_bindir}/chmod -%{_cross_bindir}/chown -%{_cross_bindir}/chroot -%{_cross_bindir}/cksum -%{_cross_bindir}/comm -%{_cross_bindir}/coreutils -%{_cross_bindir}/cp -%{_cross_bindir}/csplit -%{_cross_bindir}/cut -%{_cross_bindir}/date -%{_cross_bindir}/dd -%{_cross_bindir}/df -%{_cross_bindir}/dir -%{_cross_bindir}/dircolors -%{_cross_bindir}/dirname -%{_cross_bindir}/du -%{_cross_bindir}/echo -%{_cross_bindir}/env -%{_cross_bindir}/expand -%{_cross_bindir}/expr -%{_cross_bindir}/factor -%{_cross_bindir}/false -%{_cross_bindir}/fmt -%{_cross_bindir}/fold -%{_cross_bindir}/groups -%{_cross_bindir}/head -%{_cross_bindir}/hostid -%{_cross_bindir}/id -%{_cross_bindir}/install -%{_cross_bindir}/join -%{_cross_bindir}/link -%{_cross_bindir}/ln -%{_cross_bindir}/logname -%{_cross_bindir}/ls -%{_cross_bindir}/md5sum -%{_cross_bindir}/mkdir -%{_cross_bindir}/mkfifo -%{_cross_bindir}/mknod -%{_cross_bindir}/mktemp -%{_cross_bindir}/mv -%{_cross_bindir}/nice -%{_cross_bindir}/nl -%{_cross_bindir}/nohup -%{_cross_bindir}/nproc -%{_cross_bindir}/numfmt -%{_cross_bindir}/od -%{_cross_bindir}/paste -%{_cross_bindir}/pathchk -%{_cross_bindir}/pinky -%{_cross_bindir}/pr -%{_cross_bindir}/printenv -%{_cross_bindir}/printf -%{_cross_bindir}/ptx -%{_cross_bindir}/pwd -%{_cross_bindir}/readlink -%{_cross_bindir}/realpath -%{_cross_bindir}/rm -%{_cross_bindir}/rmdir -%{_cross_bindir}/runcon -%{_cross_bindir}/seq -%{_cross_bindir}/sha1sum -%{_cross_bindir}/sha224sum -%{_cross_bindir}/sha256sum -%{_cross_bindir}/sha384sum -%{_cross_bindir}/sha512sum -%{_cross_bindir}/shred -%{_cross_bindir}/shuf -%{_cross_bindir}/sleep -%{_cross_bindir}/sort -%{_cross_bindir}/split -%{_cross_bindir}/stat -%{_cross_bindir}/stty -%{_cross_bindir}/sum -%{_cross_bindir}/sync -%{_cross_bindir}/tac -%{_cross_bindir}/tail -%{_cross_bindir}/tee -%{_cross_bindir}/test -%{_cross_bindir}/timeout -%{_cross_bindir}/touch -%{_cross_bindir}/tr -%{_cross_bindir}/true -%{_cross_bindir}/truncate -%{_cross_bindir}/tsort -%{_cross_bindir}/tty -%{_cross_bindir}/uname -%{_cross_bindir}/unexpand -%{_cross_bindir}/uniq -%{_cross_bindir}/unlink -%{_cross_bindir}/users -%{_cross_bindir}/vdir -%{_cross_bindir}/wc -%{_cross_bindir}/who -%{_cross_bindir}/whoami -%{_cross_bindir}/yes -%exclude %{_cross_infodir} -%exclude %{_cross_localedir} -%exclude %{_cross_mandir} - -%changelog diff --git a/packages/dbus-broker/0001-c-utf8-disable-strict-aliasing-optimizations.patch b/packages/dbus-broker/0001-c-utf8-disable-strict-aliasing-optimizations.patch deleted file mode 100644 index 8813635c0dd..00000000000 --- a/packages/dbus-broker/0001-c-utf8-disable-strict-aliasing-optimizations.patch +++ /dev/null @@ -1,32 +0,0 @@ -From e3b30388140d3cd7cb53a2f28faae8847bb7490e Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Thu, 22 Dec 2022 17:21:23 +0000 -Subject: [PATCH] c-utf8: disable strict aliasing optimizations - -The current implementation of c_utf8_verify() violates aliasing rules -when it calls into c_utf8_verify_ascii() with a type-punned pointer. - -Disable the strict aliasing optimization to prevent the compiler from -optimizing the code under the assumption that accesses through the -pointer are invalid, which breaks the function's contract. - -Signed-off-by: Ben Cressey ---- - subprojects/libcutf8-1/src/meson.build | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/subprojects/libcutf8-1/src/meson.build b/subprojects/libcutf8-1/src/meson.build -index baeecb7..ad38633 100644 ---- a/subprojects/libcutf8-1/src/meson.build -+++ b/subprojects/libcutf8-1/src/meson.build -@@ -16,6 +16,7 @@ libcutf8_both = both_libraries( - c_args: [ - '-fvisibility=hidden', - '-fno-common', -+ '-fno-strict-aliasing', - ], - dependencies: libcutf8_deps, - install: not meson.is_subproject(), --- -2.37.1 - diff --git a/packages/dbus-broker/Cargo.toml b/packages/dbus-broker/Cargo.toml deleted file mode 100644 index 2b39e78193a..00000000000 --- a/packages/dbus-broker/Cargo.toml +++ /dev/null @@ -1,22 +0,0 @@ -[package] -name = "dbus-broker" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/bus1/dbus-broker/releases/" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/bus1/dbus-broker/releases/download/v35/dbus-broker-35.tar.xz" -sha512 = "409e415889bd53b78e92ba077455e5583852a071e233e4b23dcbb23d8a367f177d6c8138e6fc113dcfe48440b68d594c1a076cb43ef445d472645f671d5ae033" - -[build-dependencies] -glibc = { path = "../glibc" } -libexpat = { path = "../libexpat" } -libselinux = { path = "../libselinux" } -systemd = { path = "../systemd" } diff --git a/packages/dbus-broker/dbus-1-system.conf b/packages/dbus-broker/dbus-1-system.conf deleted file mode 100644 index 08ff9b34435..00000000000 --- a/packages/dbus-broker/dbus-1-system.conf +++ /dev/null @@ -1,98 +0,0 @@ - - - - - - - - - system - - - dbus - - - - - - EXTERNAL - - - unix:path=/run/dbus/system_bus_socket - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - system.d - - - - - - diff --git a/packages/dbus-broker/dbus-broker.service b/packages/dbus-broker/dbus-broker.service deleted file mode 100644 index 574f2f844fd..00000000000 --- a/packages/dbus-broker/dbus-broker.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=D-Bus System Message Bus -Documentation=https://github.com/bus1/dbus-broker -DefaultDependencies=false -After=dbus.socket -Before=basic.target shutdown.target -Requires=dbus.socket -Conflicts=shutdown.target - -[Service] -Type=notify -Sockets=dbus.socket -OOMScoreAdjust=-900 -LimitNOFILE=16384 -ProtectSystem=full -PrivateTmp=true -PrivateDevices=true -ExecStart=/usr/bin/dbus-broker-launch --scope system -ExecReload=/usr/bin/busctl call org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus ReloadConfig - -[Install] -Alias=dbus.service -WantedBy=preconfigured.target diff --git a/packages/dbus-broker/dbus-broker.spec b/packages/dbus-broker/dbus-broker.spec deleted file mode 100644 index f0d15fa26ac..00000000000 --- a/packages/dbus-broker/dbus-broker.spec +++ /dev/null @@ -1,68 +0,0 @@ -Name: %{_cross_os}dbus-broker -Version: 35 -Release: 1%{?dist} -Summary: D-BUS message broker -License: Apache-2.0 -URL: https://github.com/bus1/dbus-broker -Source0: https://github.com/bus1/dbus-broker/releases/download/v%{version}/dbus-broker-%{version}.tar.xz -Source1: dbus.socket -Source2: dbus-1-system.conf -Source3: dbus-sysusers.conf -Source4: dbus-broker.service -BuildRequires: meson -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libexpat-devel -BuildRequires: %{_cross_os}libselinux-devel -BuildRequires: %{_cross_os}systemd-devel -Requires: %{_cross_os}libexpat -Requires: %{_cross_os}libselinux -Requires: %{_cross_os}systemd - -# Work around an aliasing rules violation. -Patch0001: 0001-c-utf8-disable-strict-aliasing-optimizations.patch - -%description -%{summary}. - -%prep -%autosetup -n dbus-broker-%{version} -p1 - -%build -CONFIGURE_OPTS=( - -Dapparmor=false - -Daudit=false - -Ddocs=false - -Dlauncher=true - -Dselinux=true -) - -%cross_meson "${CONFIGURE_OPTS[@]}" -%cross_meson_build - -%install -%cross_meson_install - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:4} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_datadir}/dbus-1/{interfaces,services,system-services,system.d} -install -p -m 0644 %{S:2} %{buildroot}%{_cross_datadir}/dbus-1/system.conf - -install -d %{buildroot}%{_cross_sysusersdir} -install -p -m 0644 %{S:3} %{buildroot}%{_cross_sysusersdir}/dbus.conf - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_bindir}/dbus-broker -%{_cross_bindir}/dbus-broker-launch -%dir %{_cross_datadir}/dbus-1 -%{_cross_datadir}/dbus-1/* -%{_cross_journalcatalogdir}/dbus-broker.catalog -%{_cross_journalcatalogdir}/dbus-broker-launch.catalog -%{_cross_sysusersdir}/dbus.conf -%{_cross_unitdir}/dbus-broker.service -%{_cross_unitdir}/dbus.socket -%exclude %{_cross_userunitdir}/dbus-broker.service - -%changelog diff --git a/packages/dbus-broker/dbus-sysusers.conf b/packages/dbus-broker/dbus-sysusers.conf deleted file mode 100644 index 778f1601ab2..00000000000 --- a/packages/dbus-broker/dbus-sysusers.conf +++ /dev/null @@ -1,2 +0,0 @@ -# User for dbus -u dbus 81 diff --git a/packages/dbus-broker/dbus.socket b/packages/dbus-broker/dbus.socket deleted file mode 100644 index e1e4a65f238..00000000000 --- a/packages/dbus-broker/dbus.socket +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=D-Bus System Message Bus Socket - -[Socket] -ListenStream=/run/dbus/system_bus_socket - -[Install] -WantedBy=sockets.target diff --git a/packages/docker-cli/0001-non-tcp-host-header.patch b/packages/docker-cli/0001-non-tcp-host-header.patch deleted file mode 100644 index dd9584419c3..00000000000 --- a/packages/docker-cli/0001-non-tcp-host-header.patch +++ /dev/null @@ -1,121 +0,0 @@ -From c85efebc0c9321fecc536485b47857dbcbe34ddf Mon Sep 17 00:00:00 2001 -From: Sebastiaan van Stijn -Date: Wed, 12 Jul 2023 15:07:59 +0200 -Subject: [PATCH 1/2] pkg/plugins: use a dummy hostname for local connections - -For local communications (npipe://, unix://), the hostname is not used, -but we need valid and meaningful hostname. - -The current code used the socket path as hostname, which gets rejected by -go1.20.6 and go1.19.11 because of a security fix for [CVE-2023-29406 ][1], -which was implemented in https://go.dev/issue/60374. - -Prior versions go Go would clean the host header, and strip slashes in the -process, but go1.20.6 and go1.19.11 no longer do, and reject the host -header. - -Before this patch, tests would fail on go1.20.6: - - === FAIL: pkg/authorization TestAuthZRequestPlugin (15.01s) - time="2023-07-12T12:53:45Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 1s" - time="2023-07-12T12:53:46Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 2s" - time="2023-07-12T12:53:48Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 4s" - time="2023-07-12T12:53:52Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 8s" - authz_unix_test.go:82: Failed to authorize request Post "http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq": http: invalid Host header - -[1]: https://github.com/advisories/GHSA-f8f7-69v5-w4vx - -Signed-off-by: Sebastiaan van Stijn - ---- - .../github.com/docker/docker/client/client.go | 30 +++++++++++++++++++ - .../github.com/docker/docker/client/hijack.go | 6 +++- - .../docker/docker/client/request.go | 10 +++---- - 3 files changed, 39 insertions(+), 7 deletions(-) - -diff --git a/vendor/github.com/docker/docker/client/client.go b/vendor/github.com/docker/docker/client/client.go -index 9b2b2eaeb8..5bf699d88d 100644 ---- a/vendor/github.com/docker/docker/client/client.go -+++ b/vendor/github.com/docker/docker/client/client.go -@@ -57,6 +57,36 @@ import ( - "github.com/pkg/errors" - ) - -+// DummyHost is a hostname used for local communication. -+// -+// It acts as a valid formatted hostname for local connections (such as "unix://" -+// or "npipe://") which do not require a hostname. It should never be resolved, -+// but uses the special-purpose ".localhost" TLD (as defined in [RFC 2606, Section 2] -+// and [RFC 6761, Section 6.3]). -+// -+// [RFC 7230, Section 5.4] defines that an empty header must be used for such -+// cases: -+// -+// If the authority component is missing or undefined for the target URI, -+// then a client MUST send a Host header field with an empty field-value. -+// -+// However, [Go stdlib] enforces the semantics of HTTP(S) over TCP, does not -+// allow an empty header to be used, and requires req.URL.Scheme to be either -+// "http" or "https". -+// -+// For further details, refer to: -+// -+// - https://github.com/docker/engine-api/issues/189 -+// - https://github.com/golang/go/issues/13624 -+// - https://github.com/golang/go/issues/61076 -+// - https://github.com/moby/moby/issues/45935 -+// -+// [RFC 2606, Section 2]: https://www.rfc-editor.org/rfc/rfc2606.html#section-2 -+// [RFC 6761, Section 6.3]: https://www.rfc-editor.org/rfc/rfc6761#section-6.3 -+// [RFC 7230, Section 5.4]: https://datatracker.ietf.org/doc/html/rfc7230#section-5.4 -+// [Go stdlib]: https://github.com/golang/go/blob/6244b1946bc2101b01955468f1be502dbadd6807/src/net/http/transport.go#L558-L569 -+const DummyHost = "api.moby.localhost" -+ - // ErrRedirect is the error returned by checkRedirect when the request is non-GET. - var ErrRedirect = errors.New("unexpected redirect in response") - -diff --git a/vendor/github.com/docker/docker/client/hijack.go b/vendor/github.com/docker/docker/client/hijack.go -index e1dc49ef0f..b8fac0be7e 100644 ---- a/vendor/github.com/docker/docker/client/hijack.go -+++ b/vendor/github.com/docker/docker/client/hijack.go -@@ -62,7 +62,11 @@ func fallbackDial(proto, addr string, tlsConfig *tls.Config) (net.Conn, error) { - } - - func (cli *Client) setupHijackConn(ctx context.Context, req *http.Request, proto string) (net.Conn, error) { -- req.Host = cli.addr -+ req.URL.Host = cli.addr -+ if cli.proto == "unix" || cli.proto == "npipe" { -+ // Override host header for non-tcp connections. -+ req.Host = DummyHost -+ } - req.Header.Set("Connection", "Upgrade") - req.Header.Set("Upgrade", proto) - -diff --git a/vendor/github.com/docker/docker/client/request.go b/vendor/github.com/docker/docker/client/request.go -index 7f54b1dd80..3fc99056d0 100644 ---- a/vendor/github.com/docker/docker/client/request.go -+++ b/vendor/github.com/docker/docker/client/request.go -@@ -89,16 +89,14 @@ func (cli *Client) buildRequest(method, path string, body io.Reader, headers hea - return nil, err - } - req = cli.addHeaders(req, headers) -+ req.URL.Scheme = cli.scheme -+ req.URL.Host = cli.addr - - if cli.proto == "unix" || cli.proto == "npipe" { -- // For local communications, it doesn't matter what the host is. We just -- // need a valid and meaningful host name. (See #189) -- req.Host = "docker" -+ // Override host header for non-tcp connections. -+ req.Host = DummyHost - } - -- req.URL.Host = cli.addr -- req.URL.Scheme = cli.scheme -- - if expectedPayload && req.Header.Get("Content-Type") == "" { - req.Header.Set("Content-Type", "text/plain") - } --- -2.34.1 - diff --git a/packages/docker-cli/Cargo.toml b/packages/docker-cli/Cargo.toml deleted file mode 100644 index 1427c993141..00000000000 --- a/packages/docker-cli/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "docker-cli" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/docker/cli/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/docker/cli/archive/v25.0.2/cli-25.0.2.tar.gz" -sha512 = "66c6c408f4f5f42ded007948a69fb66cf0d1f0462a1700fb4efaaf70755285e7179d5bd61e7963f77a088e5f27a8a42b0501be1331948d0ff30bd829b205b5ad" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/docker-cli/clarify.toml b/packages/docker-cli/clarify.toml deleted file mode 100644 index 841e006c6ce..00000000000 --- a/packages/docker-cli/clarify.toml +++ /dev/null @@ -1,12 +0,0 @@ -[clarify."github.com/docker/licensing"] -expression = "Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xd2f64213 }, -] -skip-files = ["license.go", "model/license.go"] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00}, -] diff --git a/packages/docker-cli/docker-cli.spec b/packages/docker-cli/docker-cli.spec deleted file mode 100644 index 111e8b19b57..00000000000 --- a/packages/docker-cli/docker-cli.spec +++ /dev/null @@ -1,87 +0,0 @@ -%global goproject github.com/docker -%global gorepo cli -%global goimport %{goproject}/%{gorepo} - -%global gover 25.0.2 -%global rpmver %{gover} -%global gitrev 29cf62922279a56e122dc132eb84fe98f61d5950 - -%global source_date_epoch 1492525740 - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}docker-%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Docker CLI -License: Apache-2.0 -URL: https://%{goimport} -Source0: https://%{goimport}/archive/v%{gover}/cli-%{gover}.tar.gz -Source1000: clarify.toml - -BuildRequires: git -BuildRequires: %{_cross_os}glibc-devel -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Docker CLI binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Docker CLI binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%autosetup -Sgit -n %{gorepo}-%{gover} -p1 -%cross_go_setup %{gorepo}-%{gover} %{goproject} %{goimport} - -%build -%cross_go_configure %{goimport} -LD_VERSION="-X github.com/docker/cli/cli/version.Version=%{gover}" -LD_GIT_REV="-X github.com/docker/cli/cli/version.GitCommit=%{gitrev}" -LD_PLATFORM="-X \"github.com/docker/cli/cli/version.PlatformName=Docker Engine - Community\"" -BUILDTIME=$(date -u -d "@%{source_date_epoch}" --rfc-3339 ns 2> /dev/null | sed -e 's/ /T/') -LD_BUILDTIME="-X github.com/docker/cli/cli/version.BuildTime=${BUILDTIME}" - -declare -a BUILD_ARGS -BUILD_ARGS=( - -ldflags="${GOLDFLAGS} ${LD_VERSION} ${LD_GIT_REV} ${LD_PLATFORM} ${LD_BUILDTIME}" -) - -go build "${BUILD_ARGS[@]}" -o docker %{goimport}/cmd/docker -gofips build "${BUILD_ARGS[@]}" -o fips/docker %{goimport}/cmd/docker - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 docker %{buildroot}%{_cross_bindir} - -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 fips/docker %{buildroot}%{_cross_fips_bindir} - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -%files -%license LICENSE NOTICE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} - -%files bin -%{_cross_bindir}/docker - -%files fips-bin -%{_cross_fips_bindir}/docker - -%changelog diff --git a/packages/docker-engine/0001-Change-default-capabilities-using-daemon-config.patch b/packages/docker-engine/0001-Change-default-capabilities-using-daemon-config.patch deleted file mode 100644 index 865aa39ded8..00000000000 --- a/packages/docker-engine/0001-Change-default-capabilities-using-daemon-config.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 0e8787a690f82d326c432cc4ad101c77ac48543b Mon Sep 17 00:00:00 2001 -From: Shikha Vyaghra -Date: Thu, 6 Jul 2023 17:26:45 +0000 -Subject: [PATCH] Change default capabilities using daemon config - -Default capabilities in spec can be changed by reading from daemon -configuration file using a parameter "default-capabilities". If -the capabilities will not be provided, then default capabilities -in Moby code will be used. - -Signed-off-by: Shikha Vyaghra -[agarrcia: updated for docker v25] -Signed-off-by: Arnaldo Garcia Rincon ---- - cmd/dockerd/config_unix.go | 1 + - daemon/config/config.go | 1 + - daemon/config/config_linux.go | 5 +++-- - daemon/oci_linux.go | 13 ++++++++++--- - 4 files changed, 15 insertions(+), 5 deletions(-) - -diff --git a/cmd/dockerd/config_unix.go b/cmd/dockerd/config_unix.go -index 00f5a9b..e684f63 100644 ---- a/cmd/dockerd/config_unix.go -+++ b/cmd/dockerd/config_unix.go -@@ -61,6 +61,7 @@ func installConfigFlags(conf *config.Config, flags *pflag.FlagSet) error { - // Note that conf.BridgeConfig.UserlandProxyPath and honorXDG are configured according to the value of rootless.RunningWithRootlessKit, not the value of --rootless. - flags.BoolVar(&conf.Rootless, "rootless", conf.Rootless, "Enable rootless mode; typically used with RootlessKit") - flags.StringVar(&conf.CgroupNamespaceMode, "default-cgroupns-mode", conf.CgroupNamespaceMode, `Default mode for containers cgroup namespace ("host" | "private")`) -+ flags.Var(opts.NewNamedListOptsRef("default-capabilities", &conf.Capabilities, nil), "default-capabilities", "Default capabilities for containers") - return nil - } - -diff --git a/daemon/config/config.go b/daemon/config/config.go -index 6e01495..37bd6ad 100644 ---- a/daemon/config/config.go -+++ b/daemon/config/config.go -@@ -78,6 +78,7 @@ var flatOptions = map[string]bool{ - "default-ulimits": true, - "features": true, - "builder": true, -+ "default-capabilities": true, - } - - // skipValidateOptions contains configuration keys -diff --git a/daemon/config/config_linux.go b/daemon/config/config_linux.go -index c2230f3..67387ac 100644 ---- a/daemon/config/config_linux.go -+++ b/daemon/config/config_linux.go -@@ -92,8 +92,9 @@ type Config struct { - IpcMode string `json:"default-ipc-mode,omitempty"` - CgroupNamespaceMode string `json:"default-cgroupns-mode,omitempty"` - // ResolvConf is the path to the configuration of the host resolver -- ResolvConf string `json:"resolv-conf,omitempty"` -- Rootless bool `json:"rootless,omitempty"` -+ ResolvConf string `json:"resolv-conf,omitempty"` -+ Rootless bool `json:"rootless,omitempty"` -+ Capabilities []string `json:"default-capabilities,omitempty"` - } - - // GetExecRoot returns the user configured Exec-root -diff --git a/daemon/oci_linux.go b/daemon/oci_linux.go -index c7fdedc..b197bf2 100644 ---- a/daemon/oci_linux.go -+++ b/daemon/oci_linux.go -@@ -179,10 +179,17 @@ func WithApparmor(c *container.Container) coci.SpecOpts { - } - - // WithCapabilities sets the container's capabilties --func WithCapabilities(c *container.Container) coci.SpecOpts { -+func WithCapabilities(c *container.Container, daemonCfg *dconfig.Config) coci.SpecOpts { - return func(ctx context.Context, _ coci.Client, _ *containers.Container, s *coci.Spec) error { -+ var defCaps []string -+ if len(daemonCfg.Capabilities) != 0 { -+ defCaps = daemonCfg.Capabilities -+ } else { -+ defCaps = caps.DefaultCapabilities() -+ } -+ - capabilities, err := caps.TweakCapabilities( -- caps.DefaultCapabilities(), -+ defCaps, - c.HostConfig.CapAdd, - c.HostConfig.CapDrop, - c.HostConfig.Privileged, -@@ -1106,7 +1113,7 @@ func (daemon *Daemon) createSpec(ctx context.Context, daemonCfg *configStore, c - WithDevices(daemon, c), - withRlimits(daemon, &daemonCfg.Config, c), - WithNamespaces(daemon, c), -- WithCapabilities(c), -+ WithCapabilities(c, &daemonCfg.Config), - WithSeccomp(daemon, c), - withMounts(daemon, daemonCfg, c), - withLibnetwork(daemon, &daemonCfg.Config, c), --- -2.41.0 - diff --git a/packages/docker-engine/0002-oci-inject-kmod-in-all-containers.patch b/packages/docker-engine/0002-oci-inject-kmod-in-all-containers.patch deleted file mode 100644 index c75d9bb7371..00000000000 --- a/packages/docker-engine/0002-oci-inject-kmod-in-all-containers.patch +++ /dev/null @@ -1,32 +0,0 @@ -From e35f5eeeaa4c7b9ec1ae0720fc7de0fc4d43e02f Mon Sep 17 00:00:00 2001 -From: Arnaldo Garcia Rincon -Date: Thu, 30 May 2024 14:38:33 +0000 -Subject: [PATCH] oci: inject kmod in all containers - -Append a new mount to the default spec created for Linux containers - -Signed-off-by: Arnaldo Garcia Rincon -Signed-off-by: Vighnesh Maheshwari ---- - oci/defaults.go | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/oci/defaults.go b/oci/defaults.go -index c3dae8b..2e90cfa 100644 ---- a/oci/defaults.go -+++ b/oci/defaults.go -@@ -100,6 +100,12 @@ func DefaultLinuxSpec() specs.Spec { - Source: "shm", - Options: []string{"nosuid", "noexec", "nodev", "mode=1777"}, - }, -+ { -+ Destination: "/usr/local/sbin/modprobe", -+ Type: "bind", -+ Source: "/usr/bin/kmod", -+ Options: []string{"exec", "bind", "ro"}, -+ }, - }, - Linux: &specs.Linux{ - MaskedPaths: []string{ --- -2.44.0 diff --git a/packages/docker-engine/Cargo.toml b/packages/docker-engine/Cargo.toml deleted file mode 100644 index f7f09908ad3..00000000000 --- a/packages/docker-engine/Cargo.toml +++ /dev/null @@ -1,30 +0,0 @@ -[package] -name = "docker-engine" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/moby/moby/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/moby/moby/archive/v25.0.2/moby-25.0.2.tar.gz" -sha512 = "f0cf5e1792bf54a0e3878663dace55b9e713adba61d8b464888991da2bdf670aebeb22da86f1a7335b79cc9dcde59379afba32249bd3c6a79e5291dbc9faa997" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } -libseccomp = { path = "../libseccomp" } -systemd = { path = "../systemd" } - -# RPM Requires -[dependencies] -# `containerd`, `iptables`, and `procps` are only needed at runtime, and are -# pulled in by `release`. -# containerd = { path = "../containerd" } -# iptables = { path = "../iptables" } -# procps = { path = "../procps" } diff --git a/packages/docker-engine/clarify.toml b/packages/docker-engine/clarify.toml deleted file mode 100644 index 890acc831f7..00000000000 --- a/packages/docker-engine/clarify.toml +++ /dev/null @@ -1,18 +0,0 @@ -[clarify."github.com/sean-/seed"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xd5734f17 }, -] - -[clarify."github.com/miekg/dns"] -expression = "BSD-3-Clause" -license-files = [ - { path = "COPYRIGHT", hash = 0xe41dd36c }, - { path = "LICENSE", hash = 0xfc8f12ff } -] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause AND Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] diff --git a/packages/docker-engine/daemon-json b/packages/docker-engine/daemon-json deleted file mode 100644 index 939f96d0764..00000000000 --- a/packages/docker-engine/daemon-json +++ /dev/null @@ -1,30 +0,0 @@ -[required-extensions] -container-registry = "v1" -oci-defaults = { version = "v1", helpers = ["oci_defaults"] } -std = { version = "v1", helpers = ["join_array"] } -+++ -{ - "log-driver": "journald", - "live-restore": true, - "max-concurrent-downloads": 10, - "storage-driver": "overlay2", - "data-root": "/var/lib/docker", - "default-runtime": "shimpei", - "runtimes": { "shimpei": { "path": "shimpei" } }, - {{#if settings.oci-defaults.capabilities}} - "default-capabilities": {{oci_defaults "docker" settings.oci-defaults.capabilities}}, - {{/if}} - {{#if settings.oci-defaults.resource-limits}} - "default-ulimits": { - {{oci_defaults "docker" settings.oci-defaults.resource-limits}} - }, - {{/if}} - {{#if settings.container-registry.mirrors}} - {{#each settings.container-registry.mirrors}} - {{#if (eq registry "docker.io" )}} - "registry-mirrors": [{{join_array ", " endpoint}}], - {{/if}} - {{/each}} - {{/if}} - "selinux-enabled": true -} diff --git a/packages/docker-engine/daemon-nvidia-json b/packages/docker-engine/daemon-nvidia-json deleted file mode 100644 index 3ba4ed0c999..00000000000 --- a/packages/docker-engine/daemon-nvidia-json +++ /dev/null @@ -1,30 +0,0 @@ -[required-extensions] -container-registry = "v1" -oci-defaults = { version = "v1", helpers = ["oci_defaults"] } -std = { version = "v1", helpers = ["join_array"] } -+++ -{ - "log-driver": "journald", - "live-restore": true, - "max-concurrent-downloads": 10, - "storage-driver": "overlay2", - "data-root": "/var/lib/docker", - "default-runtime": "shimpei", - "runtimes": { "shimpei": { "path": "shimpei" }, "nvidia": { "path": "nvidia-oci" } }, - {{#if settings.oci-defaults.capabilities}} - "default-capabilities": {{oci_defaults "docker" settings.oci-defaults.capabilities}}, - {{/if}} - {{#if settings.oci-defaults.resource-limits}} - "default-ulimits": { - {{oci_defaults "docker" settings.oci-defaults.resource-limits}} - }, - {{/if}} - {{#if settings.container-registry.mirrors}} - {{#each settings.container-registry.mirrors}} - {{#if (eq registry "docker.io" )}} - "registry-mirrors": [{{join_array ", " endpoint}}], - {{/if}} - {{/each}} - {{/if}} - "selinux-enabled": true -} diff --git a/packages/docker-engine/docker-engine.spec b/packages/docker-engine/docker-engine.spec deleted file mode 100644 index f9ad8919ca2..00000000000 --- a/packages/docker-engine/docker-engine.spec +++ /dev/null @@ -1,137 +0,0 @@ -%global project moby -%global repo github.com/moby/%{project} -%global goorg github.com/docker -%global goimport %{goorg}/docker - -%global gover 25.0.2 -%global rpmver %{gover} -%global gitrev fce6e0ca9bc000888de3daa157af14fa41fcd0ff - -%global source_date_epoch 1363394400 - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}docker-engine -Version: %{rpmver} -Release: 1%{?dist} -Summary: Docker engine -License: Apache-2.0 -URL: https://%{repo} -Source0: https://%{repo}/archive/v%{gover}/%{project}-%{gover}.tar.gz -Source1: docker.service -Source2: docker.socket -Source3: docker-sysusers.conf -Source4: daemon-json -Source5: daemon-nvidia-json - -# Create container storage mount point. -Source100: prepare-var-lib-docker.service - -Source1000: clarify.toml - -Patch0001: 0001-Change-default-capabilities-using-daemon-config.patch -Patch0002: 0002-oci-inject-kmod-in-all-containers.patch - -BuildRequires: git -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libseccomp-devel -BuildRequires: %{_cross_os}systemd-devel -Requires: %{_cross_os}containerd -Requires: %{_cross_os}libseccomp -Requires: %{_cross_os}iptables -Requires: %{_cross_os}systemd -Requires: %{_cross_os}procps -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Docker engine binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Docker engine binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%autosetup -Sgit -n %{project}-%{gover} -p1 -%cross_go_setup %{project}-%{gover} %{goorg} %{goimport} - -%build -%cross_go_configure %{goimport} -BUILDTAGS="journald selinux seccomp" -BUILDTAGS+=" exclude_graphdriver_btrfs" -BUILDTAGS+=" exclude_graphdriver_devicemapper" -BUILDTAGS+=" exclude_graphdriver_vfs" -BUILDTAGS+=" exclude_graphdriver_zfs" -export BUILDTAGS -export VERSION=%{gover} -export GITCOMMIT=%{gitrev} -export BUILDTIME=$(date -u -d "@%{source_date_epoch}" --rfc-3339 ns 2> /dev/null | sed -e 's/ /T/') -export PLATFORM="Docker Engine - Community" -source ./hack/make/.go-autogen - -declare -a BUILD_ARGS -BUILD_ARGS=( - -ldflags="${GOLDFLAGS} ${LDFLAGS}" - -tags="${BUILDTAGS}" -) - -go build "${BUILD_ARGS[@]}" -o dockerd %{goimport}/cmd/dockerd -go build "${BUILD_ARGS[@]}" -o docker-proxy %{goimport}/cmd/docker-proxy - -gofips build "${BUILD_ARGS[@]}" -o fips/dockerd %{goimport}/cmd/dockerd -gofips build "${BUILD_ARGS[@]}" -o fips/docker-proxy %{goimport}/cmd/docker-proxy - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 dockerd %{buildroot}%{_cross_bindir} -install -p -m 0755 docker-proxy %{buildroot}%{_cross_bindir} - -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 fips/dockerd %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 fips/docker-proxy %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:100} %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:2} %{buildroot}%{_cross_unitdir}/docker.socket - -install -d %{buildroot}%{_cross_sysusersdir} -install -p -m 0644 %{S:3} %{buildroot}%{_cross_sysusersdir}/docker.conf - -install -d %{buildroot}%{_cross_templatedir} -install -p -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/docker-daemon-json -install -p -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/docker-daemon-nvidia-json - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -%files -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/docker.service -%{_cross_unitdir}/docker.socket -%{_cross_unitdir}/prepare-var-lib-docker.service -%{_cross_sysusersdir}/docker.conf -%{_cross_templatedir}/docker-daemon-json -%{_cross_templatedir}/docker-daemon-nvidia-json - -%files bin -%{_cross_bindir}/dockerd -%{_cross_bindir}/docker-proxy - -%files fips-bin -%{_cross_fips_bindir}/dockerd -%{_cross_fips_bindir}/docker-proxy - -%changelog diff --git a/packages/docker-engine/docker-sysusers.conf b/packages/docker-engine/docker-sysusers.conf deleted file mode 100644 index 971141f9cd3..00000000000 --- a/packages/docker-engine/docker-sysusers.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Group for docker -g docker 900 diff --git a/packages/docker-engine/docker.service b/packages/docker-engine/docker.service deleted file mode 100644 index 4efffa623c3..00000000000 --- a/packages/docker-engine/docker.service +++ /dev/null @@ -1,27 +0,0 @@ -[Unit] -Description=docker engine -Documentation=https://docs.docker.com -BindsTo=containerd.service -After=network-online.target containerd.service configured.target -Wants=network-online.target configured.target -Requires=docker.socket -StartLimitBurst=3 -StartLimitIntervalSec=60s - -[Service] -Type=notify -EnvironmentFile=/etc/network/proxy.env -ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -ExecReload=/bin/kill -s HUP $MAINPID -Delegate=yes -KillMode=process -TimeoutSec=0 -RestartSec=2 -Restart=always -LimitNOFILE=infinity -LimitNPROC=infinity -LimitCORE=infinity -TasksMax=infinity - -[Install] -WantedBy=multi-user.target diff --git a/packages/docker-engine/docker.socket b/packages/docker-engine/docker.socket deleted file mode 100644 index 1608c37e05e..00000000000 --- a/packages/docker-engine/docker.socket +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=docker socket -PartOf=docker.service - -[Socket] -ListenStream=/run/docker.sock -SocketMode=0660 -SocketUser=root -SocketGroup=docker - -[Install] -WantedBy=sockets.target diff --git a/packages/docker-engine/prepare-var-lib-docker.service b/packages/docker-engine/prepare-var-lib-docker.service deleted file mode 100644 index e5a4119dd12..00000000000 --- a/packages/docker-engine/prepare-var-lib-docker.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Docker Directory (/var/lib/docker) -DefaultDependencies=no -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Remove an existing symlink, if present. Intentionally not recursive! -ExecStartPre=-/usr/bin/rm -f /var/lib/docker - -# Create /var/lib/docker so it is available for bind mounts. -ExecStart=/usr/bin/mkdir -p /var/lib/docker - -# Suppress warning if directory exists. -StandardError=null - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/docker-init/Cargo.toml b/packages/docker-init/Cargo.toml deleted file mode 100644 index 62e66177845..00000000000 --- a/packages/docker-init/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "docker-init" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/krallin/tini/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/krallin/tini/archive/v0.19.0/tini-0.19.0.tar.gz" -sha512 = "1fa85b56e2c6085ea474f251928e7a40510d92aeef60b3c145b0496969c1b5df86835d143cb91ef5b4bf4da63fa8a56947cc39a4276e4b72faa57276d432b292" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/docker-init/docker-init.spec b/packages/docker-init/docker-init.spec deleted file mode 100644 index 30c94854afc..00000000000 --- a/packages/docker-init/docker-init.spec +++ /dev/null @@ -1,34 +0,0 @@ -%global debug_package %{nil} - -%global tiniver 0.19.0 - -Name: %{_cross_os}docker-init -Version: 19.03.15 -Release: 1%{?dist} -Summary: Init for containers -License: MIT -URL: https://github.com/krallin/tini -Source0: https://github.com/krallin/tini/archive/v%{tiniver}/tini-%{tiniver}.tar.gz -BuildRequires: cmake -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%prep -%autosetup -n tini-%{tiniver} -p1 - -%build -%{cross_cmake} . -%make_build tini-static - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 tini-static %{buildroot}%{_cross_bindir}/docker-init - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_bindir}/docker-init - -%changelog diff --git a/packages/e2fsprogs/Cargo.toml b/packages/e2fsprogs/Cargo.toml deleted file mode 100644 index 4f2b9706ed0..00000000000 --- a/packages/e2fsprogs/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "e2fsprogs" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://mirrors.edge.kernel.org/pub/linux/kernel/people/tytso/e2fsprogs" - -[[package.metadata.build-package.external-files]] -url = "https://mirrors.edge.kernel.org/pub/linux/kernel/people/tytso/e2fsprogs/v1.47.0/e2fsprogs-1.47.0.tar.xz" -sha512 = "0e6d64c565b455becb84166b6a5c7090724bac5cfe69098657a31bf0481b4e2cace3de1363121b7d84820fbae85b7c83ac5f2a2b02bb36280f0e3ae83a934cec" - -[build-dependencies] -glibc = { path = "../glibc" } -util-linux = { path = "../util-linux" } diff --git a/packages/e2fsprogs/e2fsprogs-tmpfiles.conf b/packages/e2fsprogs/e2fsprogs-tmpfiles.conf deleted file mode 100644 index 4032b5b2398..00000000000 --- a/packages/e2fsprogs/e2fsprogs-tmpfiles.conf +++ /dev/null @@ -1 +0,0 @@ -C /etc/mke2fs.conf - - - - diff --git a/packages/e2fsprogs/e2fsprogs.spec b/packages/e2fsprogs/e2fsprogs.spec deleted file mode 100644 index 026a9125f67..00000000000 --- a/packages/e2fsprogs/e2fsprogs.spec +++ /dev/null @@ -1,126 +0,0 @@ -Name: %{_cross_os}e2fsprogs -Version: 1.47.0 -Release: 1%{?dist} -Summary: Tools for managing ext2, ext3, and ext4 file systems -License: GPL-2.0-only AND LGPL-2.0-only AND LGPL-2.0-or-later AND BSD-3-Clause -URL: http://e2fsprogs.sourceforge.net/ -Source0: https://mirrors.edge.kernel.org/pub/linux/kernel/people/tytso/e2fsprogs/%{version}/e2fsprogs-%{version}.tar.xz -Source10: mke2fs.conf -Source11: e2fsprogs-tmpfiles.conf - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libuuid-devel -BuildRequires: %{_cross_os}libblkid-devel -Requires: %{_cross_os}e2fsprogs-libs - -%description -%{summary}. - -%package libs -Summary: Libraries for ext2, ext3, and ext4 file systems - -%description libs -%{summary}. - -%package devel -Summary: Files for development using the libraries for ext2, ext3, and ext4 file systems -Requires: %{_cross_os}e2fsprogs-libs - -%description devel -%{summary}. - -%prep -%autosetup -n e2fsprogs-%{version} -p1 - -%build -%cross_configure \ - CFLAGS="${CFLAGS} -fno-strict-aliasing" \ - --enable-elf-shlibs \ - --enable-symlink-install \ - --enable-relative-symlinks \ - --enable-resizer \ - --disable-backtrace \ - --disable-debugfs \ - --disable-defrag \ - --disable-e2initrd-helper \ - --disable-fsck \ - --disable-fuse2fs \ - --disable-imager \ - --disable-libblkid \ - --disable-libuuid \ - --disable-nls \ - --disable-rpath \ - --disable-tdb \ - --disable-uuidd \ - --with-crond-dir=no \ - --with-systemd-unit-dir=no \ - --with-udev-rules-dir=no \ - -%make_build - -%install -%make_install install-libs \ - root_sbindir=%{_cross_sbindir} \ - root_libdir=%{_cross_libdir} - -chmod 644 %{buildroot}%{_cross_libdir}/*.a - -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir} -install -p -m 0644 %{S:10} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir} - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:11} %{buildroot}%{_cross_tmpfilesdir}/e2fsprogs.conf - -%files -%license debian/copyright -%{_cross_attribution_file} -%{_cross_sbindir}/badblocks -%{_cross_sbindir}/dumpe2fs -%{_cross_sbindir}/e2fsck -%{_cross_sbindir}/fsck.ext2 -%{_cross_sbindir}/fsck.ext3 -%{_cross_sbindir}/fsck.ext4 -%{_cross_sbindir}/mke2fs -%{_cross_sbindir}/mkfs.ext2 -%{_cross_sbindir}/mkfs.ext3 -%{_cross_sbindir}/mkfs.ext4 -%{_cross_sbindir}/resize2fs -%{_cross_sbindir}/tune2fs -%{_cross_factorydir}%{_cross_sysconfdir}/mke2fs.conf -%{_cross_tmpfilesdir}/e2fsprogs.conf - -%exclude %{_cross_sbindir}/e2freefrag -%exclude %{_cross_sbindir}/e2label -%exclude %{_cross_sbindir}/e2mmpstatus -%exclude %{_cross_sbindir}/e2scrub -%exclude %{_cross_sbindir}/e2scrub_all -%exclude %{_cross_sbindir}/e2undo -%exclude %{_cross_sbindir}/e4crypt -%exclude %{_cross_sbindir}/filefrag -%exclude %{_cross_sbindir}/logsave -%exclude %{_cross_sbindir}/mklost+found - -%exclude %{_cross_bindir} -%exclude %{_cross_mandir} -%exclude %{_cross_sysconfdir} -%exclude %{_cross_datadir}/et -%exclude %{_cross_datadir}/ss - -%files libs -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h -%dir %{_cross_includedir}/e2p -%dir %{_cross_includedir}/et -%dir %{_cross_includedir}/ext2fs -%dir %{_cross_includedir}/ss -%{_cross_includedir}/e2p/*.h -%{_cross_includedir}/et/*.h -%{_cross_includedir}/ext2fs/*.h -%{_cross_includedir}/ss/*.h -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/e2fsprogs/mke2fs.conf b/packages/e2fsprogs/mke2fs.conf deleted file mode 100644 index 4363ee8934a..00000000000 --- a/packages/e2fsprogs/mke2fs.conf +++ /dev/null @@ -1,50 +0,0 @@ -# Note: new features must be added with care, as they may not be compatible -# with the running kernel after a downgrade. - -[defaults] - base_features = sparse_super,large_file,filetype,resize_inode,dir_index,ext_attr - default_mntopts = acl,user_xattr - enable_periodic_fsck = 0 - blocksize = 4096 - inode_size = 256 - inode_ratio = 16384 - -[fs_types] - ext3 = { - features = has_journal - } - ext4 = { - features = has_journal,extent,huge_file,flex_bg,metadata_csum,64bit,dir_nlink,extra_isize - inode_size = 256 - } - small = { - blocksize = 1024 - inode_size = 128 - inode_ratio = 4096 - } - floppy = { - blocksize = 1024 - inode_size = 128 - inode_ratio = 8192 - } - big = { - inode_ratio = 32768 - } - huge = { - inode_ratio = 65536 - } - news = { - inode_ratio = 4096 - } - largefile = { - inode_ratio = 1048576 - blocksize = -1 - } - largefile4 = { - inode_ratio = 4194304 - blocksize = -1 - } - hurd = { - blocksize = 4096 - inode_size = 128 - } diff --git a/packages/early-boot-config/Cargo.toml b/packages/early-boot-config/Cargo.toml deleted file mode 100644 index 39f8fb89356..00000000000 --- a/packages/early-boot-config/Cargo.toml +++ /dev/null @@ -1,30 +0,0 @@ -[package] -name = "early-boot-config" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -source-groups = [ - "early-boot-config/early-boot-config", - "early-boot-config/early-boot-config-provider", - - "early-boot-config/user-data-providers/ec2-identity-doc", - "early-boot-config/user-data-providers/ec2-imds", - "early-boot-config/user-data-providers/local-defaults", - "early-boot-config/user-data-providers/local-file", - "early-boot-config/user-data-providers/local-overrides", - "early-boot-config/user-data-providers/vmware-cd-rom", - "early-boot-config/user-data-providers/vmware-guestinfo", -] - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] diff --git a/packages/early-boot-config/early-boot-config.service b/packages/early-boot-config/early-boot-config.service deleted file mode 100644 index 1f731114ac7..00000000000 --- a/packages/early-boot-config/early-boot-config.service +++ /dev/null @@ -1,24 +0,0 @@ -[Unit] -Description=Bottlerocket userdata configuration system -# Need network online to talk to IMDS. -After=network-online.target apiserver.service storewolf.service -# Don't restart the unit if the network goes offline or apiserver restarts -Wants=apiserver.service network-online.target -# Don't start the unit if storewolf.service fails -Requires=storewolf.service -# We only want to run once, at first boot. This file is created by early-boot-config -# after a successful run. -ConditionPathExists=!/var/lib/bottlerocket/early-boot-config.ran -# Block manual interactions with this service, since it could leave the system in an -# unexpected state -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -ExecStart=/usr/bin/early-boot-config -RemainAfterExit=true -StandardError=journal+console - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/early-boot-config/early-boot-config.spec b/packages/early-boot-config/early-boot-config.spec deleted file mode 100644 index e170db38036..00000000000 --- a/packages/early-boot-config/early-boot-config.spec +++ /dev/null @@ -1,159 +0,0 @@ -%global _cross_first_party 1 -%undefine _debugsource_packages - -Name: %{_cross_os}early-boot-config -Version: 0.1 -Release: 0%{?dist} -Summary: early-boot-config -License: Apache-2.0 OR MIT -URL: https://github.com/bottlerocket-os/bottlerocket - -Source100: early-boot-config.service - -BuildRequires: %{_cross_os}glibc-devel - -Requires: (%{name}-aws if %{_cross_os}variant-platform(aws)) -Requires: (%{name}-vmware if %{_cross_os}variant-platform(vmware)) -Requires: (%{name}-metal if %{_cross_os}variant-platform(metal)) - -%description -%{summary}. - -%package local -Summary: local-provider - -%description local -%{summary}. - -%package aws -Summary: early-boot-config package for AWS -Requires: %{name} -Requires: %{name}-local - -%description aws -%{summary}. - -%ifarch x86_64 -%package vmware -Summary: early-boot-config package for vmware -Requires: %{name} -Requires: %{name}-local - -%description vmware -%{summary}. -%endif - -%package metal -Summary: early-boot-config package for metal -Requires: %{name} -Requires: %{name}-local - -%description metal -%{summary}. - -%prep -%setup -T -c -%cargo_prep - -%build -%cargo_build --manifest-path %{_builddir}/sources/Cargo.toml \ - -p early-boot-config \ - -p ec2-identity-doc-user-data-provider \ - -p ec2-imds-user-data-provider \ - -p local-defaults-user-data-provider \ - -p local-file-user-data-provider \ - -p local-overrides-user-data-provider \ -%ifarch x86_64 - -p vmware-cd-rom-user-data-provider \ - -p vmware-guestinfo-user-data-provider \ -%endif - %{nil} - -%global cargo_outdir %{getenv:HOME}/.cache/%{__cargo_target}/release -%global early_boot_config_bindir %{_cross_libexecdir}/early-boot-config/bin -%global early_boot_config_provider_dir %{_cross_libexecdir}/early-boot-config/data-providers.d - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 %{cargo_outdir}/early-boot-config %{buildroot}%{_cross_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:100} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{early_boot_config_bindir} -install -p -m 0755 \ - %{cargo_outdir}/ec2-identity-doc-user-data-provider \ - %{cargo_outdir}/ec2-imds-user-data-provider \ - %{cargo_outdir}/local-defaults-user-data-provider \ - %{cargo_outdir}/local-file-user-data-provider \ - %{cargo_outdir}/local-overrides-user-data-provider \ - %{buildroot}%{early_boot_config_bindir} - -%ifarch x86_64 -install -p -m 0755 \ - %{cargo_outdir}/vmware-cd-rom-user-data-provider \ - %{cargo_outdir}/vmware-guestinfo-user-data-provider \ - %{buildroot}%{early_boot_config_bindir} -%endif - -install -d %{buildroot}%{early_boot_config_provider_dir} - -ln -rs \ - %{buildroot}%{early_boot_config_bindir}/ec2-identity-doc-user-data-provider \ - %{buildroot}%{early_boot_config_provider_dir}/30-ec2-identity-doc - -ln -rs \ - %{buildroot}%{early_boot_config_bindir}/ec2-imds-user-data-provider \ - %{buildroot}%{early_boot_config_provider_dir}/40-ec2-imds - -ln -rs \ - %{buildroot}%{early_boot_config_bindir}/local-defaults-user-data-provider \ - %{buildroot}%{early_boot_config_provider_dir}/10-local-defaults - -ln -rs \ - %{buildroot}%{early_boot_config_bindir}/local-file-user-data-provider \ - %{buildroot}%{early_boot_config_provider_dir}/20-local-user-data - -ln -rs \ - %{buildroot}%{early_boot_config_bindir}/local-overrides-user-data-provider \ - %{buildroot}%{early_boot_config_provider_dir}/99-local-overrides - -%ifarch x86_64 -ln -rs \ - %{buildroot}%{early_boot_config_bindir}/vmware-cd-rom-user-data-provider \ - %{buildroot}%{early_boot_config_provider_dir}/30-vmware-cd-rom - -ln -rs \ - %{buildroot}%{early_boot_config_bindir}/vmware-guestinfo-user-data-provider \ - %{buildroot}%{early_boot_config_provider_dir}/40-vmware-guestinfo -%endif - -%files -%{_cross_bindir}/early-boot-config -%{_cross_unitdir}/early-boot-config.service -%dir %{early_boot_config_provider_dir} - -%files local -%{early_boot_config_bindir}/local-defaults-user-data-provider -%{early_boot_config_bindir}/local-file-user-data-provider -%{early_boot_config_bindir}/local-overrides-user-data-provider -%{early_boot_config_provider_dir}/10-local-defaults -%{early_boot_config_provider_dir}/20-local-user-data -%{early_boot_config_provider_dir}/99-local-overrides - -%files aws -%{early_boot_config_bindir}/ec2-identity-doc-user-data-provider -%{early_boot_config_bindir}/ec2-imds-user-data-provider -%{early_boot_config_provider_dir}/30-ec2-identity-doc -%{early_boot_config_provider_dir}/40-ec2-imds - -%ifarch x86_64 -%files vmware -%{early_boot_config_bindir}/vmware-cd-rom-user-data-provider -%{early_boot_config_bindir}/vmware-guestinfo-user-data-provider -%{early_boot_config_provider_dir}/30-vmware-cd-rom -%{early_boot_config_provider_dir}/40-vmware-guestinfo -%endif - -# There are no metal-specific providers, just dependencies like the local file providers. -%files metal diff --git a/packages/ecr-credential-provider-1.27/Cargo.toml b/packages/ecr-credential-provider-1.27/Cargo.toml deleted file mode 100644 index a977094db4d..00000000000 --- a/packages/ecr-credential-provider-1.27/Cargo.toml +++ /dev/null @@ -1,24 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "ecr-credential-provider-1_27" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "ecr-credential-provider-1.27" -releases-url = "https://github.com/kubernetes/cloud-provider-aws/releases" - -[[package.metadata.build-package.external-files]] -url = "https://codeload.github.com/kubernetes/cloud-provider-aws/tar.gz/v1.27.1" -path = "cloud-provider-aws-1.27.1.tar.gz" -sha512 = "d7a28f4fb3cb2a1e7ee8d94405e3268608562af0ac509b51c32fcca19353eb68c87b023bd7dae1e84a76d9e856e4951cbc8a2260bab358d1eb492e47caedd29d" -bundle-modules = [ "go" ] - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/ecr-credential-provider-1.27/clarify.toml b/packages/ecr-credential-provider-1.27/clarify.toml deleted file mode 100644 index 3fa231bd3ec..00000000000 --- a/packages/ecr-credential-provider-1.27/clarify.toml +++ /dev/null @@ -1,5 +0,0 @@ -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] diff --git a/packages/ecr-credential-provider-1.27/ecr-credential-provider-1.27.spec b/packages/ecr-credential-provider-1.27/ecr-credential-provider-1.27.spec deleted file mode 100644 index eb5a83bf2f8..00000000000 --- a/packages/ecr-credential-provider-1.27/ecr-credential-provider-1.27.spec +++ /dev/null @@ -1,73 +0,0 @@ -%global goproject github.com/kubernetes -%global gorepo cloud-provider-aws -%global goimport %{goproject}/%{gorepo} - -%global gover 1.27.1 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}ecr-credential-provider-1.27 -Version: %{rpmver} -Release: 1%{?dist} -Summary: Amazon ECR credential provider -License: Apache-2.0 -URL: https://github.com/kubernetes/cloud-provider-aws - -Source: cloud-provider-aws-%{gover}.tar.gz -Source1: bundled-cloud-provider-aws-%{gover}.tar.gz -Source1000: clarify.toml - -BuildRequires: %{_cross_os}glibc-devel -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Amazon ECR credential provider binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Amazon ECR credential provider binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%setup -n %{gorepo}-%{gover} -q -%setup -T -D -n %{gorepo}-%{gover} -b 1 -q - -%build -%set_cross_go_flags - -go build -ldflags="${GOLDFLAGS}" -o=ecr-credential-provider cmd/ecr-credential-provider/*.go -gofips build -ldflags="${GOLDFLAGS}" -o=fips/ecr-credential-provider cmd/ecr-credential-provider/*.go - -%install -install -d %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet/plugins -install -p -m 0755 ecr-credential-provider %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet/plugins - -install -d %{buildroot}%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins -install -p -m 0755 fips/ecr-credential-provider %{buildroot}%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} - -%files bin -%{_cross_libexecdir}/kubernetes/kubelet/plugins/ecr-credential-provider - -%files fips-bin -%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins/ecr-credential-provider diff --git a/packages/ecr-credential-provider-1.29/Cargo.toml b/packages/ecr-credential-provider-1.29/Cargo.toml deleted file mode 100644 index 0472c08c487..00000000000 --- a/packages/ecr-credential-provider-1.29/Cargo.toml +++ /dev/null @@ -1,24 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "ecr-credential-provider-1_29" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "ecr-credential-provider-1.29" -releases-url = "https://github.com/kubernetes/cloud-provider-aws/releases" - -[[package.metadata.build-package.external-files]] -url = "https://codeload.github.com/kubernetes/cloud-provider-aws/tar.gz/v1.29.0" -path = "cloud-provider-aws-1.29.0.tar.gz" -sha512 = "30b08ca55d182de4b2289f58acf0af4476cbeff74ea2668d7e9d4c53e2fdbb38016d7cf434a55bba895230255a699233d4484333b5b516c16acb0515df514876" -bundle-modules = [ "go" ] - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/ecr-credential-provider-1.29/clarify.toml b/packages/ecr-credential-provider-1.29/clarify.toml deleted file mode 100644 index 3fa231bd3ec..00000000000 --- a/packages/ecr-credential-provider-1.29/clarify.toml +++ /dev/null @@ -1,5 +0,0 @@ -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] diff --git a/packages/ecr-credential-provider-1.29/ecr-credential-provider-1.29.spec b/packages/ecr-credential-provider-1.29/ecr-credential-provider-1.29.spec deleted file mode 100644 index 4930db68284..00000000000 --- a/packages/ecr-credential-provider-1.29/ecr-credential-provider-1.29.spec +++ /dev/null @@ -1,73 +0,0 @@ -%global goproject github.com/kubernetes -%global gorepo cloud-provider-aws -%global goimport %{goproject}/%{gorepo} - -%global gover 1.29.0 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}ecr-credential-provider-1.29 -Version: %{rpmver} -Release: 1%{?dist} -Summary: Amazon ECR credential provider -License: Apache-2.0 -URL: https://github.com/kubernetes/cloud-provider-aws - -Source: cloud-provider-aws-%{gover}.tar.gz -Source1: bundled-cloud-provider-aws-%{gover}.tar.gz -Source1000: clarify.toml - -BuildRequires: %{_cross_os}glibc-devel -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Amazon ECR credential provider binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Amazon ECR credential provider binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%setup -n %{gorepo}-%{gover} -q -%setup -T -D -n %{gorepo}-%{gover} -b 1 -q - -%build -%set_cross_go_flags - -go build -ldflags="${GOLDFLAGS}" -o=ecr-credential-provider cmd/ecr-credential-provider/*.go -gofips build -ldflags="${GOLDFLAGS}" -o=fips/ecr-credential-provider cmd/ecr-credential-provider/*.go - -%install -install -d %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet/plugins -install -p -m 0755 ecr-credential-provider %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet/plugins - -install -d %{buildroot}%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins -install -p -m 0755 fips/ecr-credential-provider %{buildroot}%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} - -%files bin -%{_cross_libexecdir}/kubernetes/kubelet/plugins/ecr-credential-provider - -%files fips-bin -%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins/ecr-credential-provider diff --git a/packages/ecr-credential-provider-1.30/Cargo.toml b/packages/ecr-credential-provider-1.30/Cargo.toml deleted file mode 100644 index 91b2f74f66b..00000000000 --- a/packages/ecr-credential-provider-1.30/Cargo.toml +++ /dev/null @@ -1,24 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "ecr-credential-provider-1_30" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "ecr-credential-provider-1.30" -releases-url = "https://github.com/kubernetes/cloud-provider-aws/releases" - -[[package.metadata.build-package.external-files]] -url = "https://codeload.github.com/kubernetes/cloud-provider-aws/tar.gz/v1.30.0" -path = "cloud-provider-aws-1.30.0.tar.gz" -sha512 = "d9b9c63f2f2b6d9e910650464acc5000ba0cc2e35d0f5f27c4121c5e3cd539682a4b89f80358a5fb2a4c8409e2d82a66c5409e9895c58546c78bbb78b39d96be" -bundle-modules = [ "go" ] - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/ecr-credential-provider-1.30/clarify.toml b/packages/ecr-credential-provider-1.30/clarify.toml deleted file mode 100644 index 3fa231bd3ec..00000000000 --- a/packages/ecr-credential-provider-1.30/clarify.toml +++ /dev/null @@ -1,5 +0,0 @@ -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] diff --git a/packages/ecr-credential-provider-1.30/ecr-credential-provider-1.30.spec b/packages/ecr-credential-provider-1.30/ecr-credential-provider-1.30.spec deleted file mode 100644 index 51d09cfeef7..00000000000 --- a/packages/ecr-credential-provider-1.30/ecr-credential-provider-1.30.spec +++ /dev/null @@ -1,75 +0,0 @@ -%global goproject github.com/kubernetes -%global gorepo cloud-provider-aws -%global goimport %{goproject}/%{gorepo} - -%global gover 1.30.0 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}ecr-credential-provider-1.30 -Version: %{rpmver} -Release: 1%{?dist} -Summary: Amazon ECR credential provider -License: Apache-2.0 -URL: https://github.com/kubernetes/cloud-provider-aws - -Source: cloud-provider-aws-%{gover}.tar.gz -Source1: bundled-cloud-provider-aws-%{gover}.tar.gz -Source1000: clarify.toml - -BuildRequires: %{_cross_os}glibc-devel -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Amazon ECR credential provider binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Amazon ECR credential provider binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%setup -n %{gorepo}-%{gover} -q -%setup -T -D -n %{gorepo}-%{gover} -b 1 -q - -%build -%set_cross_go_flags - -export GO_VERSION="1.22.2" - -go build -ldflags="${GOLDFLAGS}" -o=ecr-credential-provider cmd/ecr-credential-provider/*.go -gofips build -ldflags="${GOLDFLAGS}" -o=fips/ecr-credential-provider cmd/ecr-credential-provider/*.go - -%install -install -d %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet/plugins -install -p -m 0755 ecr-credential-provider %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet/plugins - -install -d %{buildroot}%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins -install -p -m 0755 fips/ecr-credential-provider %{buildroot}%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} - -%files bin -%{_cross_libexecdir}/kubernetes/kubelet/plugins/ecr-credential-provider - -%files fips-bin -%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins/ecr-credential-provider diff --git a/packages/ecr-credential-provider/Cargo.toml b/packages/ecr-credential-provider/Cargo.toml deleted file mode 100644 index 3cf1f8c1beb..00000000000 --- a/packages/ecr-credential-provider/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "ecr-credential-provider" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/kubernetes/cloud-provider-aws/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/kubernetes/cloud-provider-aws/archive/v1.25.3/cloud-provider-aws-1.25.3.tar.gz" -sha512 = "d727c01ea98608b0b51edc2bfe892218b55eee7148e358e18387f3f4a52ad765f8d0ee372884e36f95f1303c13dbeba81926f7560c325a8d3c258da11cdfc24b" -bundle-modules = [ "go" ] - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/ecr-credential-provider/clarify.toml b/packages/ecr-credential-provider/clarify.toml deleted file mode 100644 index 3fa231bd3ec..00000000000 --- a/packages/ecr-credential-provider/clarify.toml +++ /dev/null @@ -1,5 +0,0 @@ -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] diff --git a/packages/ecr-credential-provider/ecr-credential-provider.spec b/packages/ecr-credential-provider/ecr-credential-provider.spec deleted file mode 100644 index bde86c3fe15..00000000000 --- a/packages/ecr-credential-provider/ecr-credential-provider.spec +++ /dev/null @@ -1,73 +0,0 @@ -%global goproject github.com/kubernetes -%global gorepo cloud-provider-aws -%global goimport %{goproject}/%{gorepo} - -%global gover 1.25.3 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}ecr-credential-provider -Version: %{rpmver} -Release: 1%{?dist} -Summary: Amazon ECR credential provider -License: Apache-2.0 -URL: https://github.com/kubernetes/cloud-provider-aws - -Source: cloud-provider-aws-%{gover}.tar.gz -Source1: bundled-cloud-provider-aws-%{gover}.tar.gz -Source1000: clarify.toml - -BuildRequires: %{_cross_os}glibc-devel -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Amazon ECR credential provider binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Amazon ECR credential provider binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%setup -n %{gorepo}-%{gover} -q -%setup -T -D -n %{gorepo}-%{gover} -b 1 -q - -%build -%set_cross_go_flags - -go build -ldflags="${GOLDFLAGS}" -o=ecr-credential-provider cmd/ecr-credential-provider/*.go -gofips build -ldflags="${GOLDFLAGS}" -o=fips/ecr-credential-provider cmd/ecr-credential-provider/*.go - -%install -install -d %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet/plugins -install -p -m 0755 ecr-credential-provider %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet/plugins - -install -d %{buildroot}%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins -install -p -m 0755 fips/ecr-credential-provider %{buildroot}%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} - -%files bin -%{_cross_libexecdir}/kubernetes/kubelet/plugins/ecr-credential-provider - -%files fips-bin -%{_cross_fips_libexecdir}/kubernetes/kubelet/plugins/ecr-credential-provider diff --git a/packages/ecs-agent/0001-bottlerocket-default-filesystem-locations.patch b/packages/ecs-agent/0001-bottlerocket-default-filesystem-locations.patch deleted file mode 100644 index c30cd5f9bc3..00000000000 --- a/packages/ecs-agent/0001-bottlerocket-default-filesystem-locations.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 3df68e0247900b32e096eefd7465fb5e836916d1 Mon Sep 17 00:00:00 2001 -From: Shikha Vyaghra -Date: Wed, 23 Aug 2023 21:09:50 +0000 -Subject: [PATCH] bottlerocket: default filesystem locations - -This patch was originally written by Samuel Karp -(09721aa67086fde4f3cfd05d13b7ba1c4b05d379). In this updated patch -version all the settings that can be configured using config file, -have been removed from the patch. - -Signed-off-by: Sean P. Kelly -Signed-off-by: Shikha Vyaghra ---- - agent/config/config.go | 2 +- - agent/ecscni/plugin_linux.go | 2 +- - agent/ecscni/plugin_unsupported.go | 2 +- - agent/utils/license.go | 6 +++--- - 4 files changed, 6 insertions(+), 6 deletions(-) - -diff --git a/agent/config/config.go b/agent/config/config.go -index 34339bd..0cf7426 100644 ---- a/agent/config/config.go -+++ b/agent/config/config.go -@@ -122,7 +122,7 @@ const ( - DefaultMinSupportedCNIVersion = "0.3.0" - - // pauseContainerTarball is the path to the pause container tarball -- pauseContainerTarballPath = "/images/amazon-ecs-pause.tar" -+ pauseContainerTarballPath = "/usr/lib/amazon-ecs-agent/amazon-ecs-pause.tar" - - // DefaultTaskMetadataSteadyStateRate is set as 40. This is arrived from our benchmarking - // results where task endpoint can handle 4000 rps effectively. Here, 100 containers -diff --git a/agent/ecscni/plugin_linux.go b/agent/ecscni/plugin_linux.go -index 0d3a940..3e76060 100644 ---- a/agent/ecscni/plugin_linux.go -+++ b/agent/ecscni/plugin_linux.go -@@ -34,7 +34,7 @@ import ( - const ( - vpcCNIPluginInterfaceType = "vlan" - // vpcCNIPluginPath is the path of the cni plugin's log file. -- vpcCNIPluginPath = "/log/vpc-branch-eni.log" -+ vpcCNIPluginPath = "/var/log/ecs/vpc-branch-eni.log" - ) - - // newCNIGuard returns a new instance of CNI guard for the CNI client. -diff --git a/agent/ecscni/plugin_unsupported.go b/agent/ecscni/plugin_unsupported.go -index 05bc3cf..a34a823 100644 ---- a/agent/ecscni/plugin_unsupported.go -+++ b/agent/ecscni/plugin_unsupported.go -@@ -26,7 +26,7 @@ import ( - - const ( - // vpcCNIPluginPath is the path of the cni plugin's log file. -- vpcCNIPluginPath = "/log/vpc-branch-eni.log" -+ vpcCNIPluginPath = "/var/log/ecs/vpc-branch-eni.log" - ) - - // newCNIGuard returns a new instance of CNI guard for the CNI client. -diff --git a/agent/utils/license.go b/agent/utils/license.go -index 6eccff6..324307c 100644 ---- a/agent/utils/license.go -+++ b/agent/utils/license.go -@@ -24,9 +24,9 @@ type LicenseProvider interface { - type licenseProvider struct{} - - const ( -- licenseFile = "LICENSE" -- noticeFile = "NOTICE" -- thirdPartyFile = "THIRD-PARTY" -+ licenseFile = "/usr/share/licenses/ecs-agent/LICENSE" -+ noticeFile = "/usr/share/licenses/ecs-agent/NOTICE" -+ thirdPartyFile = "/usr/share/licenses/ecs-agent/THIRD_PARTY.md" - ) - - var readFile = ioutil.ReadFile --- -2.40.1 - diff --git a/packages/ecs-agent/0002-bottlerocket-remove-unsupported-capabilities.patch b/packages/ecs-agent/0002-bottlerocket-remove-unsupported-capabilities.patch deleted file mode 100644 index e8bf37c4cbf..00000000000 --- a/packages/ecs-agent/0002-bottlerocket-remove-unsupported-capabilities.patch +++ /dev/null @@ -1,40 +0,0 @@ -From b681439606e39ff21d14742ba58f1ecaf8e7f73d Mon Sep 17 00:00:00 2001 -From: Shikha Vyaghra -Date: Wed, 23 Aug 2023 22:16:58 +0000 -Subject: [PATCH] bottlerocket: remove unsupported capabilities - -Signed-off-by: Sean McGinnis -Signed-off-by: Arnaldo Garcia Rincon ---- - agent/app/agent_capability.go | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/agent/app/agent_capability.go b/agent/app/agent_capability.go -index e02e612..7ff5993 100644 ---- a/agent/app/agent_capability.go -+++ b/agent/app/agent_capability.go -@@ -250,7 +250,7 @@ func (agent *ecsAgent) capabilities() ([]*ecs.Attribute, error) { - capabilities = agent.appendAppMeshCapabilities(capabilities) - - // support elastic inference in agent -- capabilities = agent.appendTaskEIACapabilities(capabilities) -+ // capabilities = agent.appendTaskEIACapabilities(capabilities) - - // support aws router capabilities for fluentd - capabilities = agent.appendFirelensFluentdCapabilities(capabilities) -@@ -277,9 +277,9 @@ func (agent *ecsAgent) capabilities() ([]*ecs.Attribute, error) { - capabilities = agent.appendGMSADomainlessCapabilities(capabilities) - - // support efs auth on ecs capabilities -- for _, cap := range agent.cfg.VolumePluginCapabilities { -- capabilities = agent.appendEFSVolumePluginCapabilities(capabilities, cap) -- } -+ // for _, cap := range agent.cfg.VolumePluginCapabilities { -+ // capabilities = agent.appendEFSVolumePluginCapabilities(capabilities, cap) -+ // } - - // support fsxWindowsFileServer on ecs capabilities - capabilities = agent.appendFSxWindowsFileServerCapabilities(capabilities) --- -2.40.1 - diff --git a/packages/ecs-agent/0003-bottlerocket-bind-introspection-to-localhost.patch b/packages/ecs-agent/0003-bottlerocket-bind-introspection-to-localhost.patch deleted file mode 100644 index d9df528edeb..00000000000 --- a/packages/ecs-agent/0003-bottlerocket-bind-introspection-to-localhost.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 4341f9ecc3e527ffd2329359e86c5f74e64c5b74 Mon Sep 17 00:00:00 2001 -From: Samuel Karp -Date: Fri, 21 Aug 2020 11:07:32 -0700 -Subject: [PATCH] bottlerocket: bind introspection to localhost - ---- - agent/handlers/introspection_server_setup.go | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/agent/handlers/introspection_server_setup.go b/agent/handlers/introspection_server_setup.go -index 3ca0ecc..b7f70e9 100644 ---- a/agent/handlers/introspection_server_setup.go -+++ b/agent/handlers/introspection_server_setup.go -@@ -88,7 +88,7 @@ func introspectionServerSetup(containerInstanceArn *string, taskEngine handlersu - wTimeout = writeTimeoutForPprof - } - server := &http.Server{ -- Addr: ":" + strconv.Itoa(config.AgentIntrospectionPort), -+ Addr: "127.0.0.1:" + strconv.Itoa(config.AgentIntrospectionPort), - Handler: loggingServeMux, - ReadTimeout: readTimeout, - WriteTimeout: wTimeout, --- -2.40.1 - diff --git a/packages/ecs-agent/0004-bottlerocket-fix-procfs-path-on-host.patch b/packages/ecs-agent/0004-bottlerocket-fix-procfs-path-on-host.patch deleted file mode 100644 index 9ef6d4eb35a..00000000000 --- a/packages/ecs-agent/0004-bottlerocket-fix-procfs-path-on-host.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 41908954afbd0c56802b4116f43f2884124666ed Mon Sep 17 00:00:00 2001 -From: Samuel Karp -Date: Fri, 26 Mar 2021 17:48:28 -0700 -Subject: [PATCH] bottlerocket: fix procfs path on host - -Bottlerocket runs the ECS agent directly on the host rather than in a -container. In other environments, the ECS agent runs in a container -with `/host` mounted as the host's root filesystem and can read the -host's `procfs` at `/host/proc`. Because Bottlerocket does not run the -ECS agent in a container, the ECS agent can directly read the host's -`procfs` at `/proc`. ---- - agent/ecscni/types_linux.go | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/agent/ecscni/types_linux.go b/agent/ecscni/types_linux.go -index 6d6ce35..1f2d091 100644 ---- a/agent/ecscni/types_linux.go -+++ b/agent/ecscni/types_linux.go -@@ -47,7 +47,7 @@ const ( - // ECSServiceConnectPluginName is the binary of the service connect plugin - ECSServiceConnectPluginName = "ecs-serviceconnect" - // NetnsFormat is used to construct the path to cotainer network namespace -- NetnsFormat = "/host/proc/%s/ns/net" -+ NetnsFormat = "/proc/%s/ns/net" - // Starting with CNI plugin v0.8.0 (this PR https://github.com/containernetworking/cni/pull/698) - // NetworkName has to be non-empty field for network config. - // We do not actually make use of the field, hence passing in a placeholder string to fulfill the API spec --- -2.40.1 - diff --git a/packages/ecs-agent/0005-bottlerocket-change-execcmd-directories-for-Bottlero.patch b/packages/ecs-agent/0005-bottlerocket-change-execcmd-directories-for-Bottlero.patch deleted file mode 100644 index 5b57fa1561e..00000000000 --- a/packages/ecs-agent/0005-bottlerocket-change-execcmd-directories-for-Bottlero.patch +++ /dev/null @@ -1,67 +0,0 @@ -From cef5037351f2b214b9239d59dec7a83a0db75b0c Mon Sep 17 00:00:00 2001 -From: Arnaldo Garcia Rincon -Date: Wed, 3 May 2023 18:23:40 +0000 -Subject: [PATCH] bottlerocket: change execcmd directories for Bottlerocket - -The ECS agent performs checks on directories that, in normal -circumstances, are mounted on the ECS agent container. Since the ECS -agent runs as a service in Bottlerocket, the paths to the directories -are different. - -Signed-off-by: Arnaldo Garcia Rincon ---- - agent/app/agent_capability_unix.go | 2 +- - agent/engine/execcmd/manager_init_task_linux.go | 4 ++-- - agent/engine/execcmd/manager_linux.go | 2 +- - 3 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/agent/app/agent_capability_unix.go b/agent/app/agent_capability_unix.go -index 51b4393..76492c7 100644 ---- a/agent/app/agent_capability_unix.go -+++ b/agent/app/agent_capability_unix.go -@@ -37,7 +37,7 @@ const ( - SSE41 = "sse4_1" - SSE42 = "sse4_2" - CpuInfoPath = "/proc/cpuinfo" -- capabilityDepsRootDir = "/managed-agents" -+ capabilityDepsRootDir = "/usr/libexec/amazon-ecs-agent/managed-agents" - ) - - var ( -diff --git a/agent/engine/execcmd/manager_init_task_linux.go b/agent/engine/execcmd/manager_init_task_linux.go -index 05af158..6117e55 100644 ---- a/agent/engine/execcmd/manager_init_task_linux.go -+++ b/agent/engine/execcmd/manager_init_task_linux.go -@@ -24,7 +24,7 @@ import ( - ) - - const ( -- ecsAgentExecDepsDir = "/managed-agents/execute-command" -+ ecsAgentExecDepsDir = "/usr/libexec/amazon-ecs-agent/managed-agents/execute-command" - - // ecsAgentDepsBinDir is the directory where ECS Agent will read versions of SSM agent - ecsAgentDepsBinDir = ecsAgentExecDepsDir + "/bin" -@@ -40,7 +40,7 @@ const ( - ContainerLogDir = "/var/log/amazon/ssm" - ECSAgentExecLogDir = "/log/exec" - -- HostCertFile = "/var/lib/ecs/deps/execute-command/certs/tls-ca-bundle.pem" -+ HostCertFile = "/usr/libexec/amazon-ecs-agent/managed-agents/execute-command/certs/tls-ca-bundle.pem" - ContainerCertFileSuffix = "certs/amazon-ssm-agent.crt" - - ContainerConfigFileSuffix = "configuration/" + containerConfigFileName -diff --git a/agent/engine/execcmd/manager_linux.go b/agent/engine/execcmd/manager_linux.go -index 706d5da..6322816 100644 ---- a/agent/engine/execcmd/manager_linux.go -+++ b/agent/engine/execcmd/manager_linux.go -@@ -16,6 +16,6 @@ - package execcmd - - const ( -- hostExecDepsDir = "/var/lib/ecs/deps/execute-command" -+ hostExecDepsDir = "/usr/libexec/amazon-ecs-agent/managed-agents/execute-command" - HostBinDir = hostExecDepsDir + "/bin" - ) --- -2.40.1 - diff --git a/packages/ecs-agent/0006-containermetadata-don-t-use-dataDirOnHost-for-metada.patch b/packages/ecs-agent/0006-containermetadata-don-t-use-dataDirOnHost-for-metada.patch deleted file mode 100644 index 7bceee632af..00000000000 --- a/packages/ecs-agent/0006-containermetadata-don-t-use-dataDirOnHost-for-metada.patch +++ /dev/null @@ -1,50 +0,0 @@ -From b1c29a82de3d567ab84cea71a7142dffd34d7c03 Mon Sep 17 00:00:00 2001 -From: Arnaldo Garcia Rincon -Date: Tue, 13 Feb 2024 17:38:29 +0000 -Subject: [PATCH] containermetadata: don't use dataDirOnHost for metadata path - -The ECS agent stores the metadata file for a container task under -ECS_DATADIR. Under normal circumstances, the ECS agent runs as a -container and the ECS_DATADIR configuration points to a bind-mounted -directory in the host under the path at ECS_HOST_DATA_DIR. The setup for -these two configurations is as follows: - -- ECS_HOST_DATA_DIR: /var/lib/ecs/, in the host -- ECS_DATADIR: /data, in the container, that points to /var/lib/ecs/data - in the host - -When the ECS agent writes the metadata file, it uses the path at -ECS_DATADIR, e.g. /data/metadata//*.json. However, when it sets -up the mounts for the container task it uses the composite path -ECS_HOST_DATA_DIR/ECS_DATADIR. This works for the ECS agent, since the -final source path will be the correct path: /var/lib/ecs/data. - -In Bottlerocket, the ECS agent doesn't run as a container. Thus, the -ECS_DATADIR configuration points to /var/lib/ecs/data in the host. The -problem with this configuration is that the source of the bind-mount -path will be wrong when ECS_HOST_DATA_DIR and ECS_DATADIR are -concatenated, the resulting path will include /var/lib/ecs twice. - -With this commit, only the ECS_HOST_DATA_DIR configuration is ignored -when the bind-mount configuration is generated, and the correct metadata -file is bind-mounted onto the container. ---- - agent/containermetadata/write_metadata_unix.go | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/agent/containermetadata/write_metadata_unix.go b/agent/containermetadata/write_metadata_unix.go -index 1c9e799..0181c95 100644 ---- a/agent/containermetadata/write_metadata_unix.go -+++ b/agent/containermetadata/write_metadata_unix.go -@@ -47,7 +47,7 @@ func createBindsEnv(binds []string, env []string, dataDirOnHost string, metadata - } - - randID := uuid.New() -- instanceBind := fmt.Sprintf(`%s/%s:%s/%s`, dataDirOnHost, metadataDirectoryPath, mountPoint, randID) -+ instanceBind := fmt.Sprintf(`%s:%s/%s`, metadataDirectoryPath, mountPoint, randID) - if selinuxEnabled { - seelog.Info("Selinux is enabled on docker, mounting data directory in Z mode") - instanceBind = fmt.Sprintf(`%s:%s`, instanceBind, bindMode) --- -2.41.0 - diff --git a/packages/ecs-agent/1001-bottlerocket-default-filesystem-locations.patch b/packages/ecs-agent/1001-bottlerocket-default-filesystem-locations.patch deleted file mode 100644 index ba68647295e..00000000000 --- a/packages/ecs-agent/1001-bottlerocket-default-filesystem-locations.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 17d96b85504988622545e08cdf0c3b2563f662d4 Mon Sep 17 00:00:00 2001 -From: Samuel Karp -Date: Fri, 26 Mar 2021 16:07:25 -0700 -Subject: [PATCH] bottlerocket: default filesystem locations - ---- - plugins/ecs-bridge/main.go | 2 +- - plugins/eni/main.go | 2 +- - plugins/ipam/config/config.go | 2 +- - plugins/ipam/main.go | 2 +- - 4 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/plugins/ecs-bridge/main.go b/plugins/ecs-bridge/main.go -index 9ea2c8b..3495eeb 100644 ---- a/plugins/ecs-bridge/main.go -+++ b/plugins/ecs-bridge/main.go -@@ -29,7 +29,7 @@ import ( - ) - - const ( -- defaultLogFilePath = "/log/ecs-cni-bridge-plugin.log" -+ defaultLogFilePath = "/var/log/ecs/ecs-cni-bridge-plugin.log" - ) - - func init() { -diff --git a/plugins/eni/main.go b/plugins/eni/main.go -index ad81cfc..f483bd9 100644 ---- a/plugins/eni/main.go -+++ b/plugins/eni/main.go -@@ -29,7 +29,7 @@ import ( - ) - - const ( -- defaultLogFilePath = "/log/ecs-cni-eni-plugin.log" -+ defaultLogFilePath = "/var/log/ecs/ecs-cni-eni-plugin.log" - ) - - func init() { -diff --git a/plugins/ipam/config/config.go b/plugins/ipam/config/config.go -index 7a4378f..f1b9c93 100644 ---- a/plugins/ipam/config/config.go -+++ b/plugins/ipam/config/config.go -@@ -31,7 +31,7 @@ const ( - EnvIpamTimeout = "IPAM_DB_CONNECTION_TIMEOUT" - LastKnownIPKey = "lastKnownIP" - GatewayValue = "GateWay" -- DefaultDBPath = "/data/eni-ipam.db" -+ DefaultDBPath = "/var/lib/ecs/eni-ipam.db" - BucketName = "IPAM" - DefaultConnectionTimeout = 5 * time.Second - ) -diff --git a/plugins/ipam/main.go b/plugins/ipam/main.go -index dadabb0..f0906dd 100644 ---- a/plugins/ipam/main.go -+++ b/plugins/ipam/main.go -@@ -28,7 +28,7 @@ import ( - ) - - const ( -- defaultLogFilePath = "/log/ecs-cni-ipam-plugin.log" -+ defaultLogFilePath = "/var/log/ecs/ecs-cni-ipam-plugin.log" - ) - - func main() { --- -2.31.0 - diff --git a/packages/ecs-agent/Cargo.toml b/packages/ecs-agent/Cargo.toml deleted file mode 100644 index 05d088f93a4..00000000000 --- a/packages/ecs-agent/Cargo.toml +++ /dev/null @@ -1,44 +0,0 @@ -[package] -name = "ecs-agent" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -# ECS agent -[package.metadata.build-package] -releases-url = "https://github.com/aws/amazon-ecs-agent/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/aws/amazon-ecs-agent/archive/v1.82.3/amazon-ecs-agent-1.82.3.tar.gz" -sha512 = "a26fdbe5c6cb96f5357afea701a97ccaa208ab3ae2149cd0205aa34b8686edd38c194ee8e0389b5385295bf284fcc1bee73dcacc2313c4b560e807eb27c1bafa" - -# The ECS agent repository includes two CNI plugins as git submodules. git -# archive does not include submodules, so the tarball above does not include -# the source of those plugins. Instead, we include the CNI plugin source -# directly. -# You can get the commit SHA for the submodules for a particular ecs-agent release here: -# https://github.com/aws/amazon-ecs-agent/blob/ECS_AGENT_VERSION/agent/ecscni/plugin_test.go#L29-L34 -[[package.metadata.build-package.external-files]] -url = "https://github.com/aws/amazon-ecs-cni-plugins/archive/53a8481891251e66e35847554d52a13fc7c4fd03/amazon-ecs-cni-plugins.tar.gz" -sha512 = "e819c1aae509d19461999bf717d126b3e918b73dc6049e415c4911be6cb11159404bb45bb6c92cdfa16b5b30bb174731e972e3f2be44fa0b51bbc7a969049ab7" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/aws/amazon-vpc-cni-plugins/archive/be5214353252f8315a1341f4df9ffbd8cf69000c/amazon-vpc-cni-plugins.tar.gz" -sha512 = "b1aa61d0000ff732dae67213cea2eac49363c048416716e27f36b2b43f6227db8b15ead27c43c5fd623569a49572cb6b2149c86d69363f75cec4620ddc9ef47b" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -# `docker-engine` is only needed at runtime, and is included in the variant -# definition. -# docker-engine = { path = "../docker-engine" } -# `iptables` is only needed at runtime, and is pulled in by `release`. -# iptables = { path = "../iptables" } -amazon-ssm-agent = { path = "../amazon-ssm-agent" } diff --git a/packages/ecs-agent/README.md b/packages/ecs-agent/README.md deleted file mode 100644 index 355519cfcbe..00000000000 --- a/packages/ecs-agent/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# ecs-agent - -The ecs-agent package in Bottlerocket provides the ECS agent and a systemd unit -that sets up necessary configuration on the host. - -This README is temporary and is meant to track the known issues and remaining -work items for the ECS agent. - -## Known issues - -* The systemd unit contains many `ExecStartPre`/`ExecStopPost` commands, with - little explanation or infrastructure. The `ExecStartPre` commands should - probably be run exactly once, and the `ExecStopPost` commands probably - shouldn't ever run. -* The Bottlerocket datastore does not accept keys with `\` characters. This - means that even though `\` is valid in ECS attribute names, it is not - supported on Bottlerocket. diff --git a/packages/ecs-agent/ecs-agent.spec b/packages/ecs-agent/ecs-agent.spec deleted file mode 100644 index 7aadb151ba0..00000000000 --- a/packages/ecs-agent/ecs-agent.spec +++ /dev/null @@ -1,414 +0,0 @@ -%global agent_goproject github.com/aws -%global agent_gorepo amazon-ecs-agent -%global agent_goimport %{agent_goproject}/%{agent_gorepo} - -%global agent_gover 1.82.3 - -# git rev-parse --short=8 -%global agent_gitrev b7e96508 - -%global ecscni_goproject github.com/aws -%global ecscni_gorepo amazon-ecs-cni-plugins -%global ecscni_goimport %{ecscni_goproject}/%{ecscni_gorepo} -%global ecscni_gitrev 53a8481891251e66e35847554d52a13fc7c4fd03 - -%global vpccni_goproject github.com/aws -%global vpccni_gorepo amazon-vpc-cni-plugins -%global vpccni_goimport %{vpccni_goproject}/%{vpccni_gorepo} -%global vpccni_gitrev be5214353252f8315a1341f4df9ffbd8cf69000c -%global vpccni_gover 1.3 - -# Construct reproducible tar archives -# See https://reproducible-builds.org/docs/archives/ -%global source_date_epoch 1234567890 -%global tar_cf tar --sort=name --mtime="@%{source_date_epoch}" --owner=0 --group=0 --numeric-owner -cf - -Name: %{_cross_os}ecs-agent -Version: %{agent_gover} -Release: 1%{?dist} -Summary: Amazon Elastic Container Service agent -License: Apache-2.0 -URL: https://%{agent_goimport} -Source0: https://%{agent_goimport}/archive/v%{agent_gover}/%{agent_gorepo}-%{agent_gover}.tar.gz -Source1: https://%{ecscni_goimport}/archive/%{ecscni_gitrev}/%{ecscni_gorepo}.tar.gz -Source2: https://%{vpccni_goimport}/archive/%{vpccni_gitrev}/%{vpccni_gorepo}.tar.gz -Source101: ecs.service -Source102: ecs-tmpfiles.conf -Source103: ecs-sysctl.conf -Source104: ecs-base-conf -Source105: pause-image-VERSION -Source106: pause-config.json -Source107: pause-manifest.json -Source108: pause-repositories -# Bottlerocket-specific - version data can be set with linker options -Source109: version.go -Source110: ecs-defaults.conf -Source111: ecs-nvidia.conf - -# Mount for writing ECS agent configuration -Source200: etc-systemd-system-ecs.service.d.mount - -# Ecs logdog configuration -Source300: logdog.ecs.conf - -# Patches are numbered according to which source they apply to -# Patches 0000 - 0999 apply to Source0 -# Patches 1000 - 1999 apply to Source1 -# Patches 2000 - 2999 apply to Source2 -# See the %prep section for the implementation of this logic - -# Bottlerocket-specific - filesystem location of the pause image -Patch0001: 0001-bottlerocket-default-filesystem-locations.patch - -# Bottlerocket-specific - remove unsupported capabilities -Patch0002: 0002-bottlerocket-remove-unsupported-capabilities.patch - -# bind introspection to localhost -# https://github.com/aws/amazon-ecs-agent/pull/2588 -Patch0003: 0003-bottlerocket-bind-introspection-to-localhost.patch - -# Bottlerocket-specific - fix procfs path for non-containerized ECS agent -Patch0004: 0004-bottlerocket-fix-procfs-path-on-host.patch - -# Bottlerocket-specific - fix ECS exec directories -Patch0005: 0005-bottlerocket-change-execcmd-directories-for-Bottlero.patch - -# Bottlerocket-specific - fix container metadata path -Patch0006: 0006-containermetadata-don-t-use-dataDirOnHost-for-metada.patch - -# Bottlerocket-specific - filesystem location for ECS CNI plugins -Patch1001: 1001-bottlerocket-default-filesystem-locations.patch - -BuildRequires: %{_cross_os}glibc-devel - -Requires: %{_cross_os}docker-engine -Requires: %{_cross_os}iptables -Requires: %{_cross_os}amazon-ssm-agent -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Amazon Elastic Container Service agent binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Amazon Elastic Container Service agent binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%package config -Summary: Base configuration files for the ECS agent -Requires: %{name} - -%description config -%{summary}. - -%package nvidia-config -Summary: NVIDIA specific configuration files for the ECS agent -Requires: %{name} -Requires: %{name}-config - -%description nvidia-config -%{summary}. - -%prep -# After prep runs, the directory setup looks like this: -# %{_builddir} [root] -# └── %{name}-%{version} [created by setup] -# ├── amazon-ecs-agent-%{agent_gover} [top level of Source0] -# │ └── [unpacked sources] -# ├── amazon-ecs-cni-plugins-%{ecscni_gitrev} [top level of Source1] -# │ └── [unpacked sources] -# ├── amazon-vpc-cni-plugins-%{vpccni_gitrev} [top level of Source2] -# │ └── [unpacked sources] -# └── GOPATH -# └── src/github.com/aws -# ├── amazon-ecs-agent [symlink] -# ├── amazon-ecs-cni-plugins [symlink] -# └── amazon-vpc-cni-plugins [symlink] - -# Extract Source0, which has a top-level directory of -# %{agent_gorepo}-%{agent_gover} -# -c: Create directory (%{name}-%{version}) -# -q: Unpack quietly -%setup -c -q -# Change to the directory that we unpacked -cd %{agent_gorepo}-%{agent_gover} -# Set up git so we can apply patches -# This is included in autosetup, but not autopatch -%global __scm git -%__scm_setup_git -# Apply patches up to 0999 -%autopatch -M 0999 -# Replace upstream's version.go to support build-time values from ldflags. This -# avoids maintenance of patches that use always changing version-control tokens -# in its replacement. -cp %{S:109} "agent/version/version.go" - -# Extract Source1, which has a top-level directory of -# %{ecscni_gorepo}-%{ecscni_gitrev} -# -T: Do not perform default archive unpack (i.e., skip Source0) -# -D: Do not delete directory before unpacking sources (i.e., don't delete -# unpacked Source0) -# -a: Unpack after changing into the directory -# -q: Unpack quietly -# See http://ftp.rpm.org/max-rpm/s1-rpm-inside-macros.html -%setup -T -D -a 1 -q -# Change to the directory that we unpacked -cd %{ecscni_gorepo}-%{ecscni_gitrev} -# Set up git so we can apply patches -# This is included in autosetup, but not autopatch -%__scm_setup_git -# Apply patches from 1000 to 1999 -%autopatch -m 1000 -M 1999 - -# Extract Source2, which has a top-level directory of -# %{vpccni_gorepo}-%{vpccni_gitrev} -# -T: Do not perform default archive unpack (i.e., skip Source0) -# -D: Do not delete directory before unpacking sources (i.e., don't delete -# unpacked Source0) -# -a: Unpack after changing into the directory -# -q: Unpack quietly -# See http://ftp.rpm.org/max-rpm/s1-rpm-inside-macros.html -%setup -T -D -a 2 -q -# Change to the directory that we unpacked -cd %{vpccni_gorepo}-%{vpccni_gitrev} -# Set up git so we can apply patches -# This is included in autosetup, but not autopatch -%__scm_setup_git -# Apply patches from 2000 to 2999 -%autopatch -m 2000 -M 2999 - -cd ../ -# Symlink amazon-ecs-agent-%{agent_gover} to the GOPATH location -%cross_go_setup %{name}-%{version}/%{agent_gorepo}-%{agent_gover} %{agent_goproject} %{agent_goimport} -# Symlink amazon-ecs-cni-plugins-%{ecscni_gitrev} to the GOPATH location -%cross_go_setup %{name}-%{version}/%{ecscni_gorepo}-%{ecscni_gitrev} %{ecscni_goproject} %{ecscni_goimport} -# Symlink amazon-vpc-cni-plugins-%{vpccni_gitrev} to the GOPATH location -%cross_go_setup %{name}-%{version}/%{vpccni_gorepo}-%{vpccni_gitrev} %{vpccni_goproject} %{vpccni_goimport} - -%build -BUILD_TOP=$(pwd -P) -# Build the agent -# cross_go_configure cd's to the correct GOPATH location -%cross_go_configure %{agent_goimport} -PAUSE_CONTAINER_IMAGE_NAME="amazon/amazon-ecs-pause" -PAUSE_CONTAINER_IMAGE_TAG="bottlerocket" -LD_PAUSE_CONTAINER_NAME="-X github.com/aws/amazon-ecs-agent/agent/config.DefaultPauseContainerImageName=${PAUSE_CONTAINER_IMAGE_NAME}" -LD_PAUSE_CONTAINER_TAG="-X github.com/aws/amazon-ecs-agent/agent/config.DefaultPauseContainerTag=${PAUSE_CONTAINER_IMAGE_TAG}" -LD_VERSION="-X github.com/aws/amazon-ecs-agent/agent/version.Version=%{agent_gover}" -LD_GIT_REV="-X github.com/aws/amazon-ecs-agent/agent/version.GitShortHash=%{agent_gitrev}" - -declare -a ECS_AGENT_BUILD_ARGS -ECS_AGENT_BUILD_ARGS=( - -ldflags "${GOLDFLAGS} ${LD_PAUSE_CONTAINER_NAME} ${LD_PAUSE_CONTAINER_TAG} ${LD_VERSION} ${LD_GIT_REV}" -) - -go build "${ECS_AGENT_BUILD_ARGS[@]}" -o amazon-ecs-agent ./agent -gofips build "${ECS_AGENT_BUILD_ARGS[@]}" -o fips/amazon-ecs-agent ./agent - -# Build the pause container -( - set -x - cd misc/pause-container/ - - # Build static pause executable for container image. - mkdir -p rootfs/usr/bin - %{_cross_triple}-musl-gcc ${_cross_cflags} -static pause.c -o rootfs/usr/bin/pause - - # Construct container image. - mkdir -p image/rootfs - %tar_cf image/rootfs/layer.tar -C rootfs . - DIGEST=$(sha256sum image/rootfs/layer.tar | sed -e 's/ .*//') - install -m 0644 %{S:105} image/rootfs/VERSION - install -m 0644 %{S:106} image/config.json - sed -i "s/~~digest~~/${DIGEST}/" image/config.json - install -m 0644 %{S:107} image/manifest.json - install -m 0644 %{S:108} image/repositories - %tar_cf ../../amazon-ecs-pause.tar -C image . -) - -cd "${BUILD_TOP}" - -# Build the ECS CNI plugins -# cross_go_configure cd's to the correct GOPATH location -%cross_go_configure %{ecscni_goimport} -LD_ECS_CNI_VERSION="-X github.com/aws/amazon-ecs-cni-plugins/pkg/version.Version=$(cat VERSION)" -ECS_CNI_HASH="%{ecscni_gitrev}" -LD_ECS_CNI_SHORT_HASH="-X github.com/aws/amazon-ecs-cni-plugins/pkg/version.GitShortHash=${ECS_CNI_HASH::8}" -LD_ECS_CNI_PORCELAIN="-X github.com/aws/amazon-ecs-cni-plugins/pkg/version.GitPorcelain=0" - -declare -a ECS_CNI_BUILD_ARGS -ECS_CNI_BUILD_ARGS=( - -ldflags "${GOLDFLAGS} ${LD_ECS_CNI_VERSION} ${LD_ECS_CNI_SHORT_HASH} ${LD_ECS_CNI_PORCELAIN}" -) - -go build "${ECS_CNI_BUILD_ARGS[@]}" -o ecs-eni ./plugins/eni -gofips build "${ECS_CNI_BUILD_ARGS[@]}" -o fips/ecs-eni ./plugins/eni - -go build "${ECS_CNI_BUILD_ARGS[@]}" -o ecs-ipam ./plugins/ipam -gofips build "${ECS_CNI_BUILD_ARGS[@]}" -o fips/ecs-ipam ./plugins/ipam - -go build "${ECS_CNI_BUILD_ARGS[@]}" -o ecs-bridge ./plugins/ecs-bridge -gofips build "${ECS_CNI_BUILD_ARGS[@]}" -o fips/ecs-bridge ./plugins/ecs-bridge - -cd "${BUILD_TOP}" - -# Build the VPC CNI plugins -# cross_go_configure cd's to the correct GOPATH location -%cross_go_configure %{vpccni_goimport} -LD_VPC_CNI_VERSION="-X github.com/aws/amazon-vpc-cni-plugins/version.Version=%{vpccni_gover}" -VPC_CNI_HASH="%{vpccni_gitrev}" -LD_VPC_CNI_SHORT_HASH="-X github.com/aws/amazon-vpc-cni-plugins/version.GitShortHash=${VPC_CNI_HASH::8}" - -declare -a VPC_CNI_BUILD_ARGS -VPC_CNI_BUILD_ARGS=( - -ldflags "${GOLDFLAGS} ${LD_VPC_CNI_VERSION} ${LD_VPC_CNI_SHORT_HASH} ${LD_VPC_CNI_PORCELAIN}" -) - -for p in \ - vpc-branch-eni \ - aws-appmesh \ - vpc-eni \ -; do - go build "${VPC_CNI_BUILD_ARGS[@]}" -mod=vendor -o ${p} ./plugins/${p} - gofips build "${VPC_CNI_BUILD_ARGS[@]}" -mod=vendor -o fips/${p} ./plugins/${p} -done - -%install -install -d %{buildroot}{%{_cross_bindir},%{_cross_libexecdir}} -install -D -p -m 0755 %{agent_gorepo}-%{agent_gover}/amazon-ecs-agent %{buildroot}%{_cross_bindir}/amazon-ecs-agent -install -D -p -m 0644 %{agent_gorepo}-%{agent_gover}/amazon-ecs-pause.tar %{buildroot}%{_cross_libdir}/amazon-ecs-agent/amazon-ecs-pause.tar -install -D -p -m 0755 %{ecscni_gorepo}-%{ecscni_gitrev}/ecs-bridge %{buildroot}%{_cross_libexecdir}/amazon-ecs-agent/ecs-bridge -install -D -p -m 0755 %{ecscni_gorepo}-%{ecscni_gitrev}/ecs-eni %{buildroot}%{_cross_libexecdir}/amazon-ecs-agent/ecs-eni -install -D -p -m 0755 %{ecscni_gorepo}-%{ecscni_gitrev}/ecs-ipam %{buildroot}%{_cross_libexecdir}/amazon-ecs-agent/ecs-ipam -install -D -p -m 0755 %{vpccni_gorepo}-%{vpccni_gitrev}/vpc-branch-eni %{buildroot}%{_cross_libexecdir}/amazon-ecs-agent/vpc-branch-eni -install -D -p -m 0755 %{vpccni_gorepo}-%{vpccni_gitrev}/aws-appmesh %{buildroot}%{_cross_libexecdir}/amazon-ecs-agent/aws-appmesh -install -D -p -m 0755 %{vpccni_gorepo}-%{vpccni_gitrev}/vpc-eni %{buildroot}%{_cross_libexecdir}/amazon-ecs-agent/vpc-eni - -install -d %{buildroot}{%{_cross_fips_bindir},%{_cross_fips_libexecdir}} -install -D -p -m 0755 %{agent_gorepo}-%{agent_gover}/fips/amazon-ecs-agent %{buildroot}%{_cross_fips_bindir}/amazon-ecs-agent -install -D -p -m 0755 %{ecscni_gorepo}-%{ecscni_gitrev}/fips/ecs-bridge %{buildroot}%{_cross_fips_libexecdir}/amazon-ecs-agent/ecs-bridge -install -D -p -m 0755 %{ecscni_gorepo}-%{ecscni_gitrev}/fips/ecs-eni %{buildroot}%{_cross_fips_libexecdir}/amazon-ecs-agent/ecs-eni -install -D -p -m 0755 %{ecscni_gorepo}-%{ecscni_gitrev}/fips/ecs-ipam %{buildroot}%{_cross_fips_libexecdir}/amazon-ecs-agent/ecs-ipam -install -D -p -m 0755 %{vpccni_gorepo}-%{vpccni_gitrev}/fips/vpc-branch-eni %{buildroot}%{_cross_fips_libexecdir}/amazon-ecs-agent/vpc-branch-eni -install -D -p -m 0755 %{vpccni_gorepo}-%{vpccni_gitrev}/fips/aws-appmesh %{buildroot}%{_cross_fips_libexecdir}/amazon-ecs-agent/aws-appmesh -install -D -p -m 0755 %{vpccni_gorepo}-%{vpccni_gitrev}/fips/vpc-eni %{buildroot}%{_cross_fips_libexecdir}/amazon-ecs-agent/vpc-eni - -install -d %{buildroot}%{_cross_unitdir} -install -D -p -m 0644 %{S:101} %{S:200} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_unitdir}/ecs.service.d/ -install -D -p -m 0644 %{S:110} %{buildroot}%{_cross_unitdir}/ecs.service.d/00-defaults.conf -install -D -p -m 0644 %{S:111} %{buildroot}%{_cross_unitdir}/ecs.service.d/20-nvidia.conf - -install -D -p -m 0644 %{S:102} %{buildroot}%{_cross_tmpfilesdir}/ecs.conf -install -D -p -m 0644 %{S:103} %{buildroot}%{_cross_sysctldir}/90-ecs.conf - -install -D -p -m 0644 %{S:104} %{buildroot}%{_cross_templatedir}/ecs-base-conf - -# Directory for agents used by the ECS agent, e.g. SSM, Service Connect -%global managed_agents %{_cross_libexecdir}/amazon-ecs-agent/managed-agents -install -d %{buildroot}%{managed_agents} - -# Directory for ECS exec artifacts -%global ecs_exec_dir %{managed_agents}/execute-command -install -d %{buildroot}%{ecs_exec_dir} - -# The ECS agent looks for real versioned directories under bin, symlinks will be -# ignored. Thus, link the bin directory in the ssm-agent directory which contains -# the versioned binaries. -ln -rs %{buildroot}%{_cross_libexecdir}/amazon-ssm-agent/bin %{buildroot}/%{ecs_exec_dir}/bin - -# The ECS agent generates and stores configurations for ECS exec sessions inside -# "config", thus reference it with a symlink to a directory under /var -ln -rs %{buildroot}%{_cross_localstatedir}/ecs/managed-agents/execute-command/config %{buildroot}%{ecs_exec_dir}/config - -# Use the host's certificates bundle for ECS exec sessions -install -d %{buildroot}%{ecs_exec_dir}/certs -ln -rs %{buildroot}%{_cross_sysconfdir}/pki/tls/certs/ca-bundle.crt %{buildroot}%{ecs_exec_dir}/certs/tls-ca-bundle.pem - -# Prepare license and vendor information so it can be co-installable -mv %{ecscni_gorepo}-%{ecscni_gitrev}/LICENSE %{ecscni_gorepo}-%{ecscni_gitrev}/LICENSE.%{ecscni_gorepo} -mv %{vpccni_gorepo}-%{vpccni_gitrev}/LICENSE %{vpccni_gorepo}-%{vpccni_gitrev}/LICENSE.%{vpccni_gorepo} -# Move vendor folder into a single directory so cross_scan_attribution can run once -mkdir go-vendor -mv %{agent_gorepo}-%{agent_gover}/agent/vendor go-vendor/%{agent_gorepo} -mv %{ecscni_gorepo}-%{ecscni_gitrev}/vendor go-vendor/%{ecscni_gorepo} -mv %{vpccni_gorepo}-%{vpccni_gitrev}/vendor go-vendor/%{vpccni_gorepo} -%cross_scan_attribution go-vendor go-vendor - -install -d %{buildroot}%{_cross_datadir}/logdog.d -install -p -m 0644 %{S:300} %{buildroot}%{_cross_datadir}/logdog.d - -%files -# License and attribution files are installed into /usr/share/licenses with a -# directory structure as follows: -# /usr/share/licenses/ecs-agent/ -# ├── attribution.txt -# ├── LICENSE -# ├── LICENSE.amazon-ecs-cni-plugins -# ├── LICENSE.amazon-vpc-cni-plugins -# ├── NOTICE -# ├── THIRD_PARTY.md -# └── vendor -# ├── amazon-ecs-agent -# │ └── ... -# ├── amazon-ecs-cni-plugins -# │ └── ... -# └── amazon-vpc-cni-plugins -# └── ... - -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%license %{agent_gorepo}-%{agent_gover}/LICENSE -%license %{agent_gorepo}-%{agent_gover}/NOTICE -%license %{agent_gorepo}-%{agent_gover}/ecs-agent/THIRD_PARTY.md -%license %{ecscni_gorepo}-%{ecscni_gitrev}/LICENSE.%{ecscni_gorepo} -%license %{vpccni_gorepo}-%{vpccni_gitrev}/LICENSE.%{vpccni_gorepo} - -%{_cross_libexecdir}/amazon-ecs-agent/managed-agents -%{_cross_unitdir}/ecs.service -%{_cross_unitdir}/etc-systemd-system-ecs.service.d.mount -%{_cross_tmpfilesdir}/ecs.conf -%{_cross_sysctldir}/90-ecs.conf -%{_cross_libdir}/amazon-ecs-agent/amazon-ecs-pause.tar -%{_cross_datadir}/logdog.d/logdog.ecs.conf - -%files bin -%{_cross_bindir}/amazon-ecs-agent -%{_cross_libexecdir}/amazon-ecs-agent/ecs-bridge -%{_cross_libexecdir}/amazon-ecs-agent/ecs-eni -%{_cross_libexecdir}/amazon-ecs-agent/ecs-ipam -%{_cross_libexecdir}/amazon-ecs-agent/vpc-branch-eni -%{_cross_libexecdir}/amazon-ecs-agent/aws-appmesh -%{_cross_libexecdir}/amazon-ecs-agent/vpc-eni - -%files fips-bin -%{_cross_fips_bindir}/amazon-ecs-agent -%{_cross_fips_libexecdir}/amazon-ecs-agent/ecs-bridge -%{_cross_fips_libexecdir}/amazon-ecs-agent/ecs-eni -%{_cross_fips_libexecdir}/amazon-ecs-agent/ecs-ipam -%{_cross_fips_libexecdir}/amazon-ecs-agent/vpc-branch-eni -%{_cross_fips_libexecdir}/amazon-ecs-agent/aws-appmesh -%{_cross_fips_libexecdir}/amazon-ecs-agent/vpc-eni - -%files config -%{_cross_templatedir}/ecs-base-conf -%{_cross_unitdir}/ecs.service.d/00-defaults.conf - -%files nvidia-config -%{_cross_unitdir}/ecs.service.d/20-nvidia.conf - -%changelog diff --git a/packages/ecs-agent/ecs-base-conf b/packages/ecs-agent/ecs-base-conf deleted file mode 100644 index 73d294829e6..00000000000 --- a/packages/ecs-agent/ecs-base-conf +++ /dev/null @@ -1,59 +0,0 @@ -[required-extensions] -autoscaling = "v1" -container-registry = "v1" -os = "v1" -std = { version = "v1", helpers = ["default", "negate_or_else"] } -ecs = { version = "v1", helpers = ["ecs_metadata_service_limits"] } -+++ -# Configurations set through the API; default values match the default values in the agent -[Service] -Environment=ECS_AWSVPC_BLOCK_IMDS="{{default "false" settings.ecs.awsvpc-block-imds}}" -Environment=ECS_BACKEND_HOST="{{default "" settings.ecs.backend-host}}" -Environment=ECS_CONTAINER_STOP_TIMEOUT="{{default "30s" settings.ecs.container-stop-timeout}}" -Environment=ECS_CLUSTER="{{default "" settings.ecs.cluster}}" -Environment=ECS_ENABLE_CONTAINER_METADATA="{{default "false" settings.ecs.enable-container-metadata}}" -Environment=ECS_ENABLE_SPOT_INSTANCE_DRAINING="{{default "false" settings.enable-spot-instance-draining}}" -Environment=ECS_ENGINE_TASK_CLEANUP_WAIT_DURATION="{{default "3h" settings.ecs.task-cleanup-wait}}" -Environment=ECS_IMAGE_CLEANUP_INTERVAL="{{default "30m" settings.ecs.image-cleanup-wait}}" -Environment=ECS_IMAGE_MINIMUM_CLEANUP_AGE="{{default "1h" settings.ecs.image-cleanup-age}}" -Environment=ECS_IMAGE_PULL_BEHAVIOR="{{default "default" settings.ecs.image-pull-behavior}}" -Environment=ECS_LOGLEVEL="{{settings.ecs.loglevel}}" -Environment=ECS_NUM_IMAGES_DELETE_PER_CYCLE="{{default 5 settings.ecs.image-cleanup-delete-per-cycle}}" -Environment=ECS_RESERVED_MEMORY="{{default 0 settings.ecs.reserved-memory}}" -Environment=ECS_TASK_METADATA_RPS_LIMIT="{{ecs_metadata_service_limits settings.ecs.metadata-service-rps settings.ecs.metadata-service-burst}}" -Environment=ECS_WARM_POOLS_CHECK="{{default "false" settings.autoscaling.should-wait}}" - -# Boolean configurations whose values are inverted in the API -Environment=ECS_PRIVILEGED_DISABLED="{{negate_or_else true settings.ecs.allow-privileged-containers}}" -Environment=ECS_DISABLE_IMAGE_CLEANUP="{{negate_or_else false settings.ecs.image-cleanup-enabled}}" - -Environment=ECS_INSTANCE_ATTRIBUTES='{ "bottlerocket.variant": "{{os.variant_id}}" - {{~#if settings.ecs.instance-attributes~}} - {{~#each settings.ecs.instance-attributes}} ,"{{@key}}": "{{this}}" {{~/each~}} - {{~/if~}}}' - -{{#if settings.ecs.logging-drivers }} -Environment=ECS_AVAILABLE_LOGGING_DRIVERS='[ - {{~#each settings.ecs.logging-drivers~}} - {{~#unless @first~}}, {{~/unless~}} - "{{this}}" - {{~/each~}}]' -{{/if}} - -{{#if settings.container-registry.credentials~}} -Environment=ECS_ENGINE_AUTH_TYPE=dockercfg - -Environment=ECS_ENGINE_AUTH_DATA='{ - {{~#each settings.container-registry.credentials~}} - {{~#unless @first~}},{{~/unless~}} - {{~#if (eq registry "docker.io" )~}} - "https://index.docker.io/v1/": - {{~else~}} - "{{registry}}": - {{~/if~}} - {"email": "." - {{~#if auth~}},"auth": "{{{auth}}}"{{/if}} - {{~#if username~}},"username": "{{{username}}}"{{/if}} - {{~#if password~}},"password": "{{{password}}}"}{{/if}} - {{~/each~}}}}' -{{/if}} diff --git a/packages/ecs-agent/ecs-defaults.conf b/packages/ecs-agent/ecs-defaults.conf deleted file mode 100644 index ec772fbd95e..00000000000 --- a/packages/ecs-agent/ecs-defaults.conf +++ /dev/null @@ -1,12 +0,0 @@ -[Service] -# Path overrides -Environment=ECS_AUDIT_LOGFILE="/var/log/ecs/audit.log" -Environment=ECS_CNI_PLUGINS_PATH="/usr/libexec/amazon-ecs-agent" -Environment=ECS_DATADIR="/var/lib/ecs/data" -Environment=ECS_LOGFILE="/var/log/ecs/ecs-agent.log" -# Default configurations -Environment=ECS_ENABLE_AWSLOGS_EXECUTIONROLE_OVERRIDE="true" -Environment=ECS_ENABLE_TASK_IAM_ROLE="true" -Environment=ECS_ENABLE_TASK_IAM_ROLE_NETWORK_HOST="true" -Environment=ECS_ENABLE_TASK_ENI="true" -Environment=ECS_SELINUX_CAPABLE="true" diff --git a/packages/ecs-agent/ecs-nvidia.conf b/packages/ecs-agent/ecs-nvidia.conf deleted file mode 100644 index 55fec554f96..00000000000 --- a/packages/ecs-agent/ecs-nvidia.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -Environment=ECS_ENABLE_GPU_SUPPORT="true" diff --git a/packages/ecs-agent/ecs-sysctl.conf b/packages/ecs-agent/ecs-sysctl.conf deleted file mode 100644 index 64c0759a606..00000000000 --- a/packages/ecs-agent/ecs-sysctl.conf +++ /dev/null @@ -1,2 +0,0 @@ -# ECS task role endpoint -net.ipv4.conf.all.route_localnet = 1 diff --git a/packages/ecs-agent/ecs-tmpfiles.conf b/packages/ecs-agent/ecs-tmpfiles.conf deleted file mode 100644 index e4ec94bf179..00000000000 --- a/packages/ecs-agent/ecs-tmpfiles.conf +++ /dev/null @@ -1,5 +0,0 @@ -d /var/lib/ecs/data 0700 root root -d /var/log/ecs 0755 root root -d /var/log/ecs/exec 0755 root root - -R /var/ecs/managed-agents - - - - -d /var/ecs/managed-agents/execute-command/config 0750 root root - diff --git a/packages/ecs-agent/ecs.service b/packages/ecs-agent/ecs.service deleted file mode 100644 index dcd6a56f5c4..00000000000 --- a/packages/ecs-agent/ecs.service +++ /dev/null @@ -1,42 +0,0 @@ -[Unit] -Description=Amazon Elastic Container Service - container agent -Documentation=https://aws.amazon.com/documentation/ecs/ -Requires=docker.service -After=docker.service configured.target -Wants=network-online.target configured.target - -[Service] -Type=simple -Restart=always -RestartPreventExitStatus=5 -RestartSec=5 -EnvironmentFile=/etc/network/proxy.env -Environment=ECS_CHECKPOINT=true -# Grant ECS tasks access to the ECS task metadata endpoint -ExecStartPre=/sbin/iptables -t nat -A PREROUTING -d 169.254.170.2/32 \ - -p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:51679 -ExecStartPre=/sbin/iptables -t nat -A OUTPUT -d 169.254.170.2/32 \ - -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 51679 -# Grant access to the ECS Introspection server -ExecStartPre=/sbin/iptables -t nat -A PREROUTING -d 172.17.0.1/32 \ - -p tcp -m tcp --dport 51678 -j DNAT --to-destination 127.0.0.1:51678 -ExecStartPre=/sbin/iptables -t nat -A OUTPUT -d 172.17.0.1/32 \ - -p tcp -m tcp --dport 51678 -j REDIRECT --to-ports 51678 -ExecStartPre=/sbin/iptables -t filter -I INPUT --dst 127.0.0.0/8 ! \ - --src 127.0.0.0/8 -m conntrack ! --ctstate RELATED,ESTABLISHED,DNAT -j DROP -ExecStart=/usr/bin/amazon-ecs-agent -# Remove access to the ECS task metadata endpoint from ECS tasks -ExecStopPost=-/sbin/iptables -t nat -D PREROUTING -d 169.254.170.2/32 \ - -p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:51679 -ExecStopPost=-/sbin/iptables -t nat -D OUTPUT -d 169.254.170.2/32 \ - -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 51679 -# Remove access to the ECS Introspection server -ExecStopPost=-/sbin/iptables -t nat -D PREROUTING -d 172.17.0.1/32 \ - -p tcp -m tcp --dport 51678 -j DNAT --to-destination 127.0.0.1:51678 -ExecStopPost=-/sbin/iptables -t nat -D OUTPUT -d 172.17.0.1/32 \ - -p tcp -m tcp --dport 51678 -j REDIRECT --to-ports 51678 -ExecStopPost=-/sbin/iptables -t filter -D INPUT --dst 127.0.0.0/8 ! \ - --src 127.0.0.0/8 -m conntrack ! --ctstate RELATED,ESTABLISHED,DNAT -j DROP - -[Install] -WantedBy=multi-user.target diff --git a/packages/ecs-agent/etc-systemd-system-ecs.service.d.mount b/packages/ecs-agent/etc-systemd-system-ecs.service.d.mount deleted file mode 100644 index 8a2c20fbf79..00000000000 --- a/packages/ecs-agent/etc-systemd-system-ecs.service.d.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=ECS agent drop-ins Directory (/etc/systemd/system/ecs.service.d) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/systemd/system/ecs.service.d -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,mode=0750,context=system_u:object_r:secret_t:s0 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/ecs-agent/logdog.ecs.conf b/packages/ecs-agent/logdog.ecs.conf deleted file mode 100644 index 05ab70b67d6..00000000000 --- a/packages/ecs-agent/logdog.ecs.conf +++ /dev/null @@ -1,9 +0,0 @@ -exec docker-info docker info -file docker-daemon.json /etc/docker/daemon.json -file ecs-agent-state.json /var/lib/ecs/data/ecs_agent_data.json -file ecs-config.json /etc/ecs/ecs.config.json -http ecs-tasks http://localhost:51678/v1/tasks -glob /var/log/ecs/agent-runtime-stats.log* -glob /var/log/ecs/ecs-cni-bridge-plugin.log* -glob /var/log/ecs/ecs-cni-eni-plugin.log* -glob /var/log/ecs/vpc-branch-eni.log* diff --git a/packages/ecs-agent/pause-config.json b/packages/ecs-agent/pause-config.json deleted file mode 100644 index 989255f38cb..00000000000 --- a/packages/ecs-agent/pause-config.json +++ /dev/null @@ -1 +0,0 @@ -{"author":"Amazon Web Services, Inc.","config":{"Cmd":["/usr/bin/pause"],"ArgsEscaped":true},"created":"2014-12-12T01:12:53.332832423Z","history":[{"created":"2014-12-12T01:12:53.332832423Z","author":"Amazon Web Services, Inc.","created_by":"[] + [] === \"\"","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:~~digest~~"]}} diff --git a/packages/ecs-agent/pause-image-VERSION b/packages/ecs-agent/pause-image-VERSION deleted file mode 100644 index 9f8e9b69a33..00000000000 --- a/packages/ecs-agent/pause-image-VERSION +++ /dev/null @@ -1 +0,0 @@ -1.0 \ No newline at end of file diff --git a/packages/ecs-agent/pause-manifest.json b/packages/ecs-agent/pause-manifest.json deleted file mode 100644 index 514fbec19cd..00000000000 --- a/packages/ecs-agent/pause-manifest.json +++ /dev/null @@ -1 +0,0 @@ -[{"Config":"config.json","RepoTags":["amazon/amazon-ecs-pause:bottlerocket"],"Layers":["rootfs/layer.tar"]}] diff --git a/packages/ecs-agent/pause-repositories b/packages/ecs-agent/pause-repositories deleted file mode 100644 index 47a8eeb37ac..00000000000 --- a/packages/ecs-agent/pause-repositories +++ /dev/null @@ -1 +0,0 @@ -{"amazon/amazon-ecs-pause":{"bottlerocket":"rootfs"}} diff --git a/packages/ecs-agent/version.go b/packages/ecs-agent/version.go deleted file mode 100644 index d49d9f123ee..00000000000 --- a/packages/ecs-agent/version.go +++ /dev/null @@ -1,6 +0,0 @@ -// Version provides build data for reporting the agent's source info. -package version - -var Version = "" -const GitDirty = false -var GitShortHash = "" diff --git a/packages/ecs-gpu-init/Cargo.toml b/packages/ecs-gpu-init/Cargo.toml deleted file mode 100644 index 24d819926c6..00000000000 --- a/packages/ecs-gpu-init/Cargo.toml +++ /dev/null @@ -1,16 +0,0 @@ -[package] -name = "ecs-gpu-init" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] -source-groups = [ "ecs-gpu-init" ] - -[lib] -path = "../packages.rs" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/ecs-gpu-init/ecs-gpu-init-tmpfiles.conf b/packages/ecs-gpu-init/ecs-gpu-init-tmpfiles.conf deleted file mode 100644 index e305002654d..00000000000 --- a/packages/ecs-gpu-init/ecs-gpu-init-tmpfiles.conf +++ /dev/null @@ -1,3 +0,0 @@ -R /var/lib/ecs/gpu - - - - -d /var/lib/ecs/gpu - - - - -Z /var/lib/ecs/gpu 0700 root root - diff --git a/packages/ecs-gpu-init/ecs-gpu-init.service b/packages/ecs-gpu-init/ecs-gpu-init.service deleted file mode 100644 index 4f12232eca4..00000000000 --- a/packages/ecs-gpu-init/ecs-gpu-init.service +++ /dev/null @@ -1,21 +0,0 @@ -[Unit] -Description=Initialize ECS GPU config -# This has to be executed after the kernel modules are loaded -# otherwise the userspace component of the driver will fail to -# query the /dev devices -After=load-kernel-modules.service -Requires=load-kernel-modules.service -# Block manual interactions with this service. It doesn't -# make sense to regenerate the GPU config file if the ECS -# agent won't read it when it changes -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -ExecStart=/usr/bin/ecs-gpu-init -RemainAfterExit=true -StandardError=journal+console - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/ecs-gpu-init/ecs-gpu-init.spec b/packages/ecs-gpu-init/ecs-gpu-init.spec deleted file mode 100644 index d56fc80255b..00000000000 --- a/packages/ecs-gpu-init/ecs-gpu-init.spec +++ /dev/null @@ -1,45 +0,0 @@ -%global _cross_first_party 1 -%global workspace_name ecs-gpu-init - -Name: %{_cross_os}%{workspace_name} -Version: 0.0 -Release: 0%{?dist} -Summary: Tool to generate the ECS agent's GPU configuration -License: Apache-2.0 OR MIT -Source1: ecs-gpu-init.service -Source2: ecs-gpu-init-tmpfiles.conf -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%prep -%setup -T -c -cp -r %{_builddir}/sources/%{workspace_name}/* . - -%build -%set_cross_go_flags -# We don't set `-Wl,-z,now`, because the binary uses lazy loading -# to load the NVIDIA libraries in the host -export CGO_LDFLAGS="-Wl,-z,relro -Wl,--export-dynamic" -export GOLDFLAGS="-compressdwarf=false -linkmode=external -extldflags '${CGO_LDFLAGS}'" -go build -ldflags="${GOLDFLAGS}" -o ecs-gpu-init ./cmd/ecs-gpu-init - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ecs-gpu-init %{buildroot}%{_cross_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -D -p -m 0644 %{S:1} %{buildroot}%{_cross_unitdir} - -install -D -p -m 0644 %{S:2} %{buildroot}%{_cross_tmpfilesdir}/ecs-gpu-init.conf - -%cross_scan_attribution go-vendor vendor - -%files -%{_cross_attribution_vendor_dir} -%{_cross_bindir}/ecs-gpu-init -%{_cross_unitdir}/ecs-gpu-init.service -%{_cross_tmpfilesdir}/ecs-gpu-init.conf - -%changelog diff --git a/packages/ethtool/Cargo.toml b/packages/ethtool/Cargo.toml deleted file mode 100644 index e009b7c5b00..00000000000 --- a/packages/ethtool/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "ethtool" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://kernel.org/pub/software/network/ethtool/" - -[[package.metadata.build-package.external-files]] -url = "https://mirrors.edge.kernel.org/pub/software/network/ethtool/ethtool-6.7.tar.xz" -sha512 = "07d13f9a8f980dab73c07e7c68179cfee272f53103c6dfbce1814b768e3313dc671a0cbefc63d4d53a616876bc1f96db8db2444617e4d58d741fae3acf0be524" - -[build-dependencies] -glibc = { path = "../glibc" } -libmnl = { path = "../libmnl" } diff --git a/packages/ethtool/ethtool.spec b/packages/ethtool/ethtool.spec deleted file mode 100644 index e0428bbc459..00000000000 --- a/packages/ethtool/ethtool.spec +++ /dev/null @@ -1,29 +0,0 @@ -Name: %{_cross_os}ethtool -Version: 6.7 -Release: 1%{?dist} -Summary: Settings tool for Ethernet NICs -License: GPL-2.0-only AND GPL-2.0-or-later -URL: https://www.kernel.org/pub/software/network/ethtool/ -Source0: https://www.kernel.org/pub/software/network/ethtool/ethtool-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libmnl-devel - -%description -%{summary}. - -%prep -%setup -n ethtool-%{version} - -%build -%cross_configure -%make_build - -%install -%make_install - -%files -%license COPYING LICENSE -%{_cross_attribution_file} -%{_cross_sbindir}/ethtool -%exclude %{_cross_datadir}/bash-completion -%exclude %{_cross_mandir} diff --git a/packages/filesystem/Cargo.toml b/packages/filesystem/Cargo.toml deleted file mode 100644 index 1d8f407150f..00000000000 --- a/packages/filesystem/Cargo.toml +++ /dev/null @@ -1,12 +0,0 @@ -[package] -name = "filesystem" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - - -[package.metadata.build-package] - -[lib] -path = "../packages.rs" diff --git a/packages/filesystem/filesystem.spec b/packages/filesystem/filesystem.spec deleted file mode 100644 index a9d69675161..00000000000 --- a/packages/filesystem/filesystem.spec +++ /dev/null @@ -1,92 +0,0 @@ -%global debug_package %{nil} -%global _cross_first_party 1 - -Name: %{_cross_os}filesystem -Version: 1.0 -Release: 1%{?dist} -Summary: The basic directory layout -License: Apache-2.0 OR MIT -URL: https://github.com/bottlerocket-os/bottlerocket -Requires: (%{name}-fips if %{_cross_os}image-feature(fips)) - -%description -%{summary}. - -%package fips -Summary: The FIPS directory layout -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: %{_cross_os}image-feature(no-fips) - -%description fips -%{summary}. - -%prep - -%build - -%install -mkdir -p %{buildroot}%{_cross_rootdir} -mkdir -p %{buildroot}%{_cross_prefix} -mkdir -p %{buildroot}%{_cross_bindir} -mkdir -p %{buildroot}%{_cross_sbindir} -mkdir -p %{buildroot}%{_cross_fips_bindir} -mkdir -p %{buildroot}%{_cross_libdir} -mkdir -p %{buildroot}%{_cross_libexecdir}/{cni,csi}/bin -mkdir -p %{buildroot}%{_cross_fips_libexecdir}/{cni,csi}/bin -mkdir -p %{buildroot}%{_cross_includedir} -mkdir -p %{buildroot}%{_cross_sysconfdir} -mkdir -p %{buildroot}%{_cross_datadir} -mkdir -p %{buildroot}%{_cross_infodir} -mkdir -p %{buildroot}%{_cross_mandir} -mkdir -p %{buildroot}%{_cross_localstatedir} -mkdir -p %{buildroot}/{boot,dev,proc,run,sys,tmp} -mkdir -p %{buildroot}/{home,local,media,mnt,opt,srv} -mkdir -p %{buildroot}/media/cdrom -mkdir -p %{buildroot}/root/.aws - -ln -s .%{_cross_prefix} %{buildroot}%{_prefix} -ln -s .%{_cross_libdir} %{buildroot}/lib -ln -s .%{_cross_libdir} %{buildroot}/lib64 -ln -s lib %{buildroot}%{_cross_prefix}/lib64 - -# Avoid "unmerged-usr" taint by linking to sys-root via `/usr`. -ln -s .%{_bindir} %{buildroot}/bin -ln -s .%{_sbindir} %{buildroot}/sbin - -%files -%dir %{_cross_rootdir} -%{_cross_rootdir}/* -%dir %{_cross_sysconfdir} -%dir %{_cross_localstatedir} - -%{_prefix} -/bin -/sbin -/lib -/lib64 - -/boot -/dev -/proc -/root -/run -/sys -/tmp - -/home -/local -/media -/mnt -/opt -/srv - -%exclude %{_cross_prefix}/fips -%exclude %{_cross_fips_bindir} -%exclude %{_cross_fips_libexecdir} - -%files fips -%{_cross_prefix}/fips -%{_cross_fips_bindir} -%{_cross_fips_libexecdir} - -%changelog diff --git a/packages/findutils/Cargo.toml b/packages/findutils/Cargo.toml deleted file mode 100644 index dd6f8f7584f..00000000000 --- a/packages/findutils/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "findutils" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://ftp.gnu.org/pub/gnu/findutils" - -[[package.metadata.build-package.external-files]] -url = "https://ftp.gnu.org/pub/gnu/findutils/findutils-4.9.0.tar.xz" -sha512 = "ba4844f4403de0148ad14b46a3dbefd5a721f6257c864bf41a6789b11705408524751c627420b15a52af95564d8e5b52f0978474f640a62ab86a41d20cf14be9" - -[build-dependencies] -glibc = { path = "../glibc" } -libselinux = { path = "../libselinux" } diff --git a/packages/findutils/findutils.spec b/packages/findutils/findutils.spec deleted file mode 100644 index cfbb1e0a11d..00000000000 --- a/packages/findutils/findutils.spec +++ /dev/null @@ -1,37 +0,0 @@ -Name: %{_cross_os}findutils -Version: 4.9.0 -Release: 1%{?dist} -Summary: A set of GNU tools for finding -License: GPL-3.0-or-later -URL: http://www.gnu.org/software/findutils/ -Source0: https://ftp.gnu.org/pub/gnu/findutils/findutils-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libselinux-devel -Requires: %{_cross_os}libselinux - -%description -%{summary}. - -%prep -%autosetup -n findutils-%{version} -p1 - -%build -%cross_configure -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_bindir}/find -%{_cross_bindir}/xargs -%exclude %{_cross_bindir}/locate -%exclude %{_cross_bindir}/updatedb -%exclude %{_cross_infodir} -%exclude %{_cross_libexecdir} -%exclude %{_cross_localedir} -%exclude %{_cross_mandir} - -%changelog diff --git a/packages/glibc/0001-stdlib-Improve-tst-realpath-compatibility-with-sourc.patch b/packages/glibc/0001-stdlib-Improve-tst-realpath-compatibility-with-sourc.patch deleted file mode 100644 index 54d27e7af3a..00000000000 --- a/packages/glibc/0001-stdlib-Improve-tst-realpath-compatibility-with-sourc.patch +++ /dev/null @@ -1,43 +0,0 @@ -From d97cca1e5df812be0e4de1e38091f02bb1e7ec4e Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Tue, 1 Aug 2023 10:27:15 +0200 -Subject: [PATCH] stdlib: Improve tst-realpath compatibility with source - fortification - -On GCC before 11, IPA can make the fortified realpath aware that the -buffer size is not large enough (8 bytes instead of PATH_MAX bytes). -Fix this by using a buffer that is large enough. - -(cherry picked from commit 510fc20d73de12c85823d9996faac74666e9c2e7) ---- - stdlib/tst-realpath.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/stdlib/tst-realpath.c b/stdlib/tst-realpath.c -index f325c95a44..3694ecd8af 100644 ---- a/stdlib/tst-realpath.c -+++ b/stdlib/tst-realpath.c -@@ -24,6 +24,7 @@ - License along with the GNU C Library; if not, see - . */ - -+#include - #include - #include - #include -@@ -50,7 +51,11 @@ void dealloc (void *p) - - char* alloc (void) - { -- return (char *)malloc (8); -+#ifdef PATH_MAX -+ return (char *)malloc (PATH_MAX); -+#else -+ return (char *)malloc (4096); -+#endif - } - - static int --- -2.40.1 - diff --git a/packages/glibc/0002-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch b/packages/glibc/0002-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch deleted file mode 100644 index 6f97f7eeadf..00000000000 --- a/packages/glibc/0002-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch +++ /dev/null @@ -1,286 +0,0 @@ -From ced101ed9d3b7cfd12d97ef24940cb00b8658c81 Mon Sep 17 00:00:00 2001 -From: Sajan Karumanchi -Date: Tue, 1 Aug 2023 15:20:55 +0000 -Subject: [PATCH] x86: Fix for cache computation on AMD legacy cpus. - -Some legacy AMD CPUs and hypervisors have the _cpuid_ '0x8000_001D' -set to Zero, thus resulting in zeroed-out computed cache values. -This patch reintroduces the old way of cache computation as a -fail-safe option to handle these exceptions. -Fixed 'level4_cache_size' value through handle_amd(). - -Reviewed-by: Premachandra Mallappa -Tested-by: Florian Weimer ---- - sysdeps/x86/dl-cacheinfo.h | 226 ++++++++++++++++++++++++++++++++----- - 1 file changed, 199 insertions(+), 27 deletions(-) - -diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h -index cd4d0351ae..285773039f 100644 ---- a/sysdeps/x86/dl-cacheinfo.h -+++ b/sysdeps/x86/dl-cacheinfo.h -@@ -315,40 +315,206 @@ handle_amd (int name) - { - unsigned int eax; - unsigned int ebx; -- unsigned int ecx; -+ unsigned int ecx = 0; - unsigned int edx; -- unsigned int count = 0x1; -+ unsigned int max_cpuid = 0; -+ unsigned int fn = 0; - - /* No level 4 cache (yet). */ - if (name > _SC_LEVEL3_CACHE_LINESIZE) - return 0; - -- if (name >= _SC_LEVEL3_CACHE_SIZE) -- count = 0x3; -- else if (name >= _SC_LEVEL2_CACHE_SIZE) -- count = 0x2; -- else if (name >= _SC_LEVEL1_DCACHE_SIZE) -- count = 0x0; -+ __cpuid (0x80000000, max_cpuid, ebx, ecx, edx); -+ -+ if (max_cpuid >= 0x8000001D) -+ /* Use __cpuid__ '0x8000_001D' to compute cache details. */ -+ { -+ unsigned int count = 0x1; -+ -+ if (name >= _SC_LEVEL3_CACHE_SIZE) -+ count = 0x3; -+ else if (name >= _SC_LEVEL2_CACHE_SIZE) -+ count = 0x2; -+ else if (name >= _SC_LEVEL1_DCACHE_SIZE) -+ count = 0x0; -+ -+ __cpuid_count (0x8000001D, count, eax, ebx, ecx, edx); -+ -+ if (ecx != 0) -+ { -+ switch (name) -+ { -+ case _SC_LEVEL1_ICACHE_ASSOC: -+ case _SC_LEVEL1_DCACHE_ASSOC: -+ case _SC_LEVEL2_CACHE_ASSOC: -+ case _SC_LEVEL3_CACHE_ASSOC: -+ return ((ebx >> 22) & 0x3ff) + 1; -+ case _SC_LEVEL1_ICACHE_LINESIZE: -+ case _SC_LEVEL1_DCACHE_LINESIZE: -+ case _SC_LEVEL2_CACHE_LINESIZE: -+ case _SC_LEVEL3_CACHE_LINESIZE: -+ return (ebx & 0xfff) + 1; -+ case _SC_LEVEL1_ICACHE_SIZE: -+ case _SC_LEVEL1_DCACHE_SIZE: -+ case _SC_LEVEL2_CACHE_SIZE: -+ case _SC_LEVEL3_CACHE_SIZE: -+ return (((ebx >> 22) & 0x3ff) + 1) * ((ebx & 0xfff) + 1) * (ecx + 1); -+ default: -+ __builtin_unreachable (); -+ } -+ return -1; -+ } -+ } -+ -+ /* Legacy cache computation for CPUs prior to Bulldozer family. -+ This is also a fail-safe mechanism for some hypervisors that -+ accidentally configure __cpuid__ '0x8000_001D' to Zero. */ - -- __cpuid_count (0x8000001D, count, eax, ebx, ecx, edx); -+ fn = 0x80000005 + (name >= _SC_LEVEL2_CACHE_SIZE); -+ -+ if (max_cpuid < fn) -+ return 0; -+ -+ __cpuid (fn, eax, ebx, ecx, edx); -+ -+ if (name < _SC_LEVEL1_DCACHE_SIZE) -+ { -+ name += _SC_LEVEL1_DCACHE_SIZE - _SC_LEVEL1_ICACHE_SIZE; -+ ecx = edx; -+ } - - switch (name) - { -- case _SC_LEVEL1_ICACHE_ASSOC: -- case _SC_LEVEL1_DCACHE_ASSOC: -- case _SC_LEVEL2_CACHE_ASSOC: -+ case _SC_LEVEL1_DCACHE_SIZE: -+ return (ecx >> 14) & 0x3fc00; -+ -+ case _SC_LEVEL1_DCACHE_ASSOC: -+ ecx >>= 16; -+ if ((ecx & 0xff) == 0xff) -+ { -+ /* Fully associative. */ -+ return (ecx << 2) & 0x3fc00; -+ } -+ return ecx & 0xff; -+ -+ case _SC_LEVEL1_DCACHE_LINESIZE: -+ return ecx & 0xff; -+ -+ case _SC_LEVEL2_CACHE_SIZE: -+ return (ecx & 0xf000) == 0 ? 0 : (ecx >> 6) & 0x3fffc00; -+ -+ case _SC_LEVEL2_CACHE_ASSOC: -+ switch ((ecx >> 12) & 0xf) -+ { -+ case 0: -+ case 1: -+ case 2: -+ case 4: -+ return (ecx >> 12) & 0xf; -+ case 6: -+ return 8; -+ case 8: -+ return 16; -+ case 10: -+ return 32; -+ case 11: -+ return 48; -+ case 12: -+ return 64; -+ case 13: -+ return 96; -+ case 14: -+ return 128; -+ case 15: -+ return ((ecx >> 6) & 0x3fffc00) / (ecx & 0xff); -+ default: -+ return 0; -+ } -+ -+ case _SC_LEVEL2_CACHE_LINESIZE: -+ return (ecx & 0xf000) == 0 ? 0 : ecx & 0xff; -+ -+ case _SC_LEVEL3_CACHE_SIZE: -+ { -+ long int total_l3_cache = 0, l3_cache_per_thread = 0; -+ unsigned int threads = 0; -+ const struct cpu_features *cpu_features; -+ -+ if ((edx & 0xf000) == 0) -+ return 0; -+ -+ total_l3_cache = (edx & 0x3ffc0000) << 1; -+ cpu_features = __get_cpu_features (); -+ -+ /* Figure out the number of logical threads that share L3. */ -+ if (max_cpuid >= 0x80000008) -+ { -+ /* Get width of APIC ID. */ -+ __cpuid (0x80000008, eax, ebx, ecx, edx); -+ threads = (ecx & 0xff) + 1; -+ } -+ -+ if (threads == 0) -+ { -+ /* If APIC ID width is not available, use logical -+ processor count. */ -+ __cpuid (0x00000001, eax, ebx, ecx, edx); -+ if ((edx & (1 << 28)) != 0) -+ threads = (ebx >> 16) & 0xff; -+ } -+ -+ /* Cap usage of highest cache level to the number of -+ supported threads. */ -+ if (threads > 0) -+ l3_cache_per_thread = total_l3_cache/threads; -+ -+ /* Get shared cache per ccx for Zen architectures. */ -+ if (cpu_features->basic.family >= 0x17) -+ { -+ long int l3_cache_per_ccx = 0; -+ /* Get number of threads share the L3 cache in CCX. */ -+ __cpuid_count (0x8000001D, 0x3, eax, ebx, ecx, edx); -+ unsigned int threads_per_ccx = ((eax >> 14) & 0xfff) + 1; -+ l3_cache_per_ccx = l3_cache_per_thread * threads_per_ccx; -+ return l3_cache_per_ccx; -+ } -+ else -+ { -+ return l3_cache_per_thread; -+ } -+ } -+ - case _SC_LEVEL3_CACHE_ASSOC: -- return ecx ? ((ebx >> 22) & 0x3ff) + 1 : 0; -- case _SC_LEVEL1_ICACHE_LINESIZE: -- case _SC_LEVEL1_DCACHE_LINESIZE: -- case _SC_LEVEL2_CACHE_LINESIZE: -+ switch ((edx >> 12) & 0xf) -+ { -+ case 0: -+ case 1: -+ case 2: -+ case 4: -+ return (edx >> 12) & 0xf; -+ case 6: -+ return 8; -+ case 8: -+ return 16; -+ case 10: -+ return 32; -+ case 11: -+ return 48; -+ case 12: -+ return 64; -+ case 13: -+ return 96; -+ case 14: -+ return 128; -+ case 15: -+ return ((edx & 0x3ffc0000) << 1) / (edx & 0xff); -+ default: -+ return 0; -+ } -+ - case _SC_LEVEL3_CACHE_LINESIZE: -- return ecx ? (ebx & 0xfff) + 1 : 0; -- case _SC_LEVEL1_ICACHE_SIZE: -- case _SC_LEVEL1_DCACHE_SIZE: -- case _SC_LEVEL2_CACHE_SIZE: -- case _SC_LEVEL3_CACHE_SIZE: -- return ecx ? (((ebx >> 22) & 0x3ff) + 1) * ((ebx & 0xfff) + 1) * (ecx + 1): 0; -+ return (edx & 0xf000) == 0 ? 0 : edx & 0xff; -+ - default: - __builtin_unreachable (); - } -@@ -703,7 +869,6 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - data = handle_amd (_SC_LEVEL1_DCACHE_SIZE); - core = handle_amd (_SC_LEVEL2_CACHE_SIZE); - shared = handle_amd (_SC_LEVEL3_CACHE_SIZE); -- shared_per_thread = shared; - - level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE); - level1_icache_linesize = handle_amd (_SC_LEVEL1_ICACHE_LINESIZE); -@@ -716,13 +881,20 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - level3_cache_size = shared; - level3_cache_assoc = handle_amd (_SC_LEVEL3_CACHE_ASSOC); - level3_cache_linesize = handle_amd (_SC_LEVEL3_CACHE_LINESIZE); -+ level4_cache_size = handle_amd (_SC_LEVEL4_CACHE_SIZE); - - if (shared <= 0) -- /* No shared L3 cache. All we have is the L2 cache. */ -- shared = core; -+ { -+ /* No shared L3 cache. All we have is the L2 cache. */ -+ shared = core; -+ } -+ else if (cpu_features->basic.family < 0x17) -+ { -+ /* Account for exclusive L2 and L3 caches. */ -+ shared += core; -+ } - -- if (shared_per_thread <= 0) -- shared_per_thread = shared; -+ shared_per_thread = shared; - } - - cpu_features->level1_icache_size = level1_icache_size; --- -2.40.1 - diff --git a/packages/glibc/0003-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch b/packages/glibc/0003-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch deleted file mode 100644 index 480d032567e..00000000000 --- a/packages/glibc/0003-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch +++ /dev/null @@ -1,185 +0,0 @@ -From 6b99458d197ab779ebb6ff632c168e2cbfa4f543 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Fri, 11 Aug 2023 10:10:16 +0200 -Subject: [PATCH] nscd: Do not rebuild getaddrinfo (bug 30709) - -The nscd daemon caches hosts data from NSS modules verbatim, without -filtering protocol families or sorting them (otherwise separate caches -would be needed for certain ai_flags combinations). The cache -implementation is complete separate from the getaddrinfo code. This -means that rebuilding getaddrinfo is not needed. The only function -actually used is __bump_nl_timestamp from check_pf.c, and this change -moves it into nscd/connections.c. - -Tested on x86_64-linux-gnu with -fexceptions, built with -build-many-glibcs.py. I also backported this patch into a distribution -that still supports nscd and verified manually that caching still works. - -Reviewed-by: Siddhesh Poyarekar -(cherry picked from commit 039ff51ac7e02db1cfc0c23e38ac7bfbb00221d1) ---- - include/ifaddrs.h | 4 --- - inet/check_pf.c | 9 ------ - nscd/Makefile | 2 +- - nscd/connections.c | 11 +++++++ - nscd/gai.c | 50 ------------------------------ - sysdeps/unix/sysv/linux/check_pf.c | 17 +--------- - 6 files changed, 13 insertions(+), 80 deletions(-) - delete mode 100644 nscd/gai.c - -diff --git a/include/ifaddrs.h b/include/ifaddrs.h -index 416118f1b3..19a3afb19f 100644 ---- a/include/ifaddrs.h -+++ b/include/ifaddrs.h -@@ -34,9 +34,5 @@ extern void __check_native (uint32_t a1_index, int *a1_native, - uint32_t a2_index, int *a2_native) - attribute_hidden; - --#if IS_IN (nscd) --extern uint32_t __bump_nl_timestamp (void) attribute_hidden; --#endif -- - # endif /* !_ISOMAC */ - #endif /* ifaddrs.h */ -diff --git a/inet/check_pf.c b/inet/check_pf.c -index 5310c99121..6d1475920f 100644 ---- a/inet/check_pf.c -+++ b/inet/check_pf.c -@@ -60,12 +60,3 @@ __free_in6ai (struct in6addrinfo *in6ai) - { - /* Nothing to do. */ - } -- -- --#if IS_IN (nscd) --uint32_t --__bump_nl_timestamp (void) --{ -- return 0; --} --#endif -diff --git a/nscd/Makefile b/nscd/Makefile -index 2a0489f4cf..16b6460ee9 100644 ---- a/nscd/Makefile -+++ b/nscd/Makefile -@@ -35,7 +35,7 @@ nscd-modules := nscd connections pwdcache getpwnam_r getpwuid_r grpcache \ - getgrnam_r getgrgid_r hstcache gethstbyad_r gethstbynm3_r \ - getsrvbynm_r getsrvbypt_r servicescache \ - dbg_log nscd_conf nscd_stat cache mem nscd_setup_thread \ -- xmalloc xstrdup aicache initgrcache gai res_hconf \ -+ xmalloc xstrdup aicache initgrcache res_hconf \ - netgroupcache cachedumper - - ifeq ($(build-nscd)$(have-thread-library),yesyes) -diff --git a/nscd/connections.c b/nscd/connections.c -index a405a44a9b..15693e5090 100644 ---- a/nscd/connections.c -+++ b/nscd/connections.c -@@ -256,6 +256,17 @@ int inotify_fd = -1; - #ifdef HAVE_NETLINK - /* Descriptor for netlink status updates. */ - static int nl_status_fd = -1; -+ -+static uint32_t -+__bump_nl_timestamp (void) -+{ -+ static uint32_t nl_timestamp; -+ -+ if (atomic_fetch_add_relaxed (&nl_timestamp, 1) + 1 == 0) -+ atomic_fetch_add_relaxed (&nl_timestamp, 1); -+ -+ return nl_timestamp; -+} - #endif - - /* Number of times clients had to wait. */ -diff --git a/nscd/gai.c b/nscd/gai.c -deleted file mode 100644 -index e29f3fe583..0000000000 ---- a/nscd/gai.c -+++ /dev/null -@@ -1,50 +0,0 @@ --/* Copyright (C) 2004-2023 Free Software Foundation, Inc. -- This file is part of the GNU C Library. -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published -- by the Free Software Foundation; version 2 of the License, or -- (at your option) any later version. -- -- This program is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU General Public License for more details. -- -- You should have received a copy of the GNU General Public License -- along with this program; if not, see . */ -- --#include --#include -- --/* This file uses the getaddrinfo code but it compiles it without NSCD -- support. We just need a few symbol renames. */ --#define __ioctl ioctl --#define __getsockname getsockname --#define __socket socket --#define __recvmsg recvmsg --#define __bind bind --#define __sendto sendto --#define __strchrnul strchrnul --#define __getline getline --#define __qsort_r qsort_r --/* nscd uses 1MB or 2MB thread stacks. */ --#define __libc_use_alloca(size) (size <= __MAX_ALLOCA_CUTOFF) --#define __getifaddrs getifaddrs --#define __freeifaddrs freeifaddrs --#undef __fstat64 --#define __fstat64 fstat64 --#undef __stat64 --#define __stat64 stat64 -- --/* We are nscd, so we don't want to be talking to ourselves. */ --#undef USE_NSCD -- --#include -- --/* Support code. */ --#include --#include -- --/* Some variables normally defined in libc. */ --nss_action_list __nss_hosts_database attribute_hidden; -diff --git a/sysdeps/unix/sysv/linux/check_pf.c b/sysdeps/unix/sysv/linux/check_pf.c -index 2b0b8b6368..3aa6a00348 100644 ---- a/sysdeps/unix/sysv/linux/check_pf.c -+++ b/sysdeps/unix/sysv/linux/check_pf.c -@@ -66,25 +66,10 @@ static struct cached_data *cache; - __libc_lock_define_initialized (static, lock); - - --#if IS_IN (nscd) --static uint32_t nl_timestamp; -- --uint32_t --__bump_nl_timestamp (void) --{ -- if (atomic_fetch_add_relaxed (&nl_timestamp, 1) + 1 == 0) -- atomic_fetch_add_relaxed (&nl_timestamp, 1); -- -- return nl_timestamp; --} --#endif -- - static inline uint32_t - get_nl_timestamp (void) - { --#if IS_IN (nscd) -- return nl_timestamp; --#elif defined USE_NSCD -+#if defined USE_NSCD - return __nscd_get_nl_timestamp (); - #else - return 0; --- -2.40.1 - diff --git a/packages/glibc/0004-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch b/packages/glibc/0004-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch deleted file mode 100644 index f2f5cb5ffdc..00000000000 --- a/packages/glibc/0004-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 5ea70cc02626d9b85f1570153873d8648a47bf95 Mon Sep 17 00:00:00 2001 -From: Noah Goldstein -Date: Thu, 10 Aug 2023 19:28:24 -0500 -Subject: [PATCH] x86: Fix incorrect scope of setting `shared_per_thread` [BZ# - 30745] - -The: - -``` - if (shared_per_thread > 0 && threads > 0) - shared_per_thread /= threads; -``` - -Code was accidentally moved to inside the else scope. This doesn't -match how it was previously (before af992e7abd). - -This patch fixes that by putting the division after the `else` block. - -(cherry picked from commit 084fb31bc2c5f95ae0b9e6df4d3cf0ff43471ede) ---- - sysdeps/x86/dl-cacheinfo.h | 7 +++---- - 1 file changed, 3 insertions(+), 4 deletions(-) - -diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h -index 285773039f..5ddb35c9d9 100644 ---- a/sysdeps/x86/dl-cacheinfo.h -+++ b/sysdeps/x86/dl-cacheinfo.h -@@ -770,11 +770,10 @@ get_common_cache_info (long int *shared_ptr, long int * shared_per_thread_ptr, u - level. */ - threads = ((cpu_features->features[CPUID_INDEX_1].cpuid.ebx >> 16) - & 0xff); -- -- /* Get per-thread size of highest level cache. */ -- if (shared_per_thread > 0 && threads > 0) -- shared_per_thread /= threads; - } -+ /* Get per-thread size of highest level cache. */ -+ if (shared_per_thread > 0 && threads > 0) -+ shared_per_thread /= threads; - } - - /* Account for non-inclusive L2 and L3 caches. */ --- -2.40.1 - diff --git a/packages/glibc/0005-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch b/packages/glibc/0005-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch deleted file mode 100644 index b2e0194942c..00000000000 --- a/packages/glibc/0005-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 6135d50e44233d8c89ca788f78c669941ad09fb9 Mon Sep 17 00:00:00 2001 -From: Adhemerval Zanella -Date: Tue, 8 Aug 2023 09:27:54 -0300 -Subject: [PATCH] x86_64: Fix build with --disable-multiarch (BZ 30721) - -With multiarch disabled, the default memmove implementation provides -the fortify routines for memcpy, mempcpy, and memmove. However, it -does not provide the internal hidden definitions used when building -with fortify enabled. The memset has a similar issue. - -Checked on x86_64-linux-gnu building with different options: -default and --disable-multi-arch plus default, --disable-default-pie, ---enable-fortify-source={2,3}, and --enable-fortify-source={2,3} -with --disable-default-pie. -Tested-by: Andreas K. Huettel -Reviewed-by: Siddhesh Poyarekar - -(cherry picked from commit 51cb52214fcd72849c640b12f5099ed3ac776181) ---- - sysdeps/x86_64/memcpy.S | 2 +- - sysdeps/x86_64/memmove.S | 3 +++ - sysdeps/x86_64/memset.S | 1 + - 3 files changed, 5 insertions(+), 1 deletion(-) - -diff --git a/sysdeps/x86_64/memcpy.S b/sysdeps/x86_64/memcpy.S -index d98500a78a..4922cba657 100644 ---- a/sysdeps/x86_64/memcpy.S -+++ b/sysdeps/x86_64/memcpy.S -@@ -1 +1 @@ --/* Implemented in memcpy.S. */ -+/* Implemented in memmove.S. */ -diff --git a/sysdeps/x86_64/memmove.S b/sysdeps/x86_64/memmove.S -index f0b84e3b52..c3c08165e1 100644 ---- a/sysdeps/x86_64/memmove.S -+++ b/sysdeps/x86_64/memmove.S -@@ -46,6 +46,9 @@ weak_alias (__mempcpy, mempcpy) - - #ifndef USE_MULTIARCH - libc_hidden_builtin_def (memmove) -+libc_hidden_builtin_def (__memmove_chk) -+libc_hidden_builtin_def (__memcpy_chk) -+libc_hidden_builtin_def (__mempcpy_chk) - # if defined SHARED && IS_IN (libc) - strong_alias (memmove, __memcpy) - libc_hidden_ver (memmove, memcpy) -diff --git a/sysdeps/x86_64/memset.S b/sysdeps/x86_64/memset.S -index 7c99df36db..c6df24e8de 100644 ---- a/sysdeps/x86_64/memset.S -+++ b/sysdeps/x86_64/memset.S -@@ -32,6 +32,7 @@ - #include "isa-default-impl.h" - - libc_hidden_builtin_def (memset) -+libc_hidden_builtin_def (__memset_chk) - - #if IS_IN (libc) - libc_hidden_def (__wmemset) --- -2.40.1 - diff --git a/packages/glibc/0006-i686-Fix-build-with-disable-multiarch.patch b/packages/glibc/0006-i686-Fix-build-with-disable-multiarch.patch deleted file mode 100644 index 5987757e5ee..00000000000 --- a/packages/glibc/0006-i686-Fix-build-with-disable-multiarch.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 7ac405a74c6069b0627dc2d8449a82a621f8ff06 Mon Sep 17 00:00:00 2001 -From: Adhemerval Zanella -Date: Tue, 8 Aug 2023 09:27:55 -0300 -Subject: [PATCH] i686: Fix build with --disable-multiarch - -Since i686 provides the fortified wrappers for memcpy, mempcpy, -memmove, and memset on the same string implementation, the static -build tries to optimized it by not tying the fortified wrappers -to string routine (to avoid pulling the fortify function if -they are not required). - -Checked on i686-linux-gnu building with different option: -default and --disable-multi-arch plus default, --disable-default-pie, ---enable-fortify-source={2,3}, and --enable-fortify-source={2,3} -with --disable-default-pie. -Reviewed-by: Siddhesh Poyarekar - -(cherry picked from commit c73c96a4a1af1326df7f96eec58209e1e04066d8) ---- - sysdeps/i386/i686/memcpy.S | 2 +- - sysdeps/i386/i686/mempcpy.S | 2 +- - sysdeps/i386/i686/multiarch/memcpy_chk.c | 2 ++ - sysdeps/i386/i686/multiarch/memmove_chk.c | 2 ++ - sysdeps/i386/i686/multiarch/mempcpy_chk.c | 2 ++ - sysdeps/i386/i686/multiarch/memset_chk.c | 2 ++ - 6 files changed, 10 insertions(+), 2 deletions(-) - -diff --git a/sysdeps/i386/i686/memcpy.S b/sysdeps/i386/i686/memcpy.S -index 9b48ec0ea1..b86af4aac9 100644 ---- a/sysdeps/i386/i686/memcpy.S -+++ b/sysdeps/i386/i686/memcpy.S -@@ -27,7 +27,7 @@ - #define LEN SRC+4 - - .text --#if defined PIC && IS_IN (libc) -+#if defined SHARED && IS_IN (libc) - ENTRY_CHK (__memcpy_chk) - movl 12(%esp), %eax - cmpl %eax, 16(%esp) -diff --git a/sysdeps/i386/i686/mempcpy.S b/sysdeps/i386/i686/mempcpy.S -index 26f8501e7d..14d9dd681a 100644 ---- a/sysdeps/i386/i686/mempcpy.S -+++ b/sysdeps/i386/i686/mempcpy.S -@@ -27,7 +27,7 @@ - #define LEN SRC+4 - - .text --#if defined PIC && IS_IN (libc) -+#if defined SHARED && IS_IN (libc) - ENTRY_CHK (__mempcpy_chk) - movl 12(%esp), %eax - cmpl %eax, 16(%esp) -diff --git a/sysdeps/i386/i686/multiarch/memcpy_chk.c b/sysdeps/i386/i686/multiarch/memcpy_chk.c -index ec945dc91f..c3a8aeaf18 100644 ---- a/sysdeps/i386/i686/multiarch/memcpy_chk.c -+++ b/sysdeps/i386/i686/multiarch/memcpy_chk.c -@@ -32,4 +32,6 @@ libc_ifunc_redirected (__redirect_memcpy_chk, __memcpy_chk, - __hidden_ver1 (__memcpy_chk, __GI___memcpy_chk, __redirect_memcpy_chk) - __attribute__ ((visibility ("hidden"))) __attribute_copy__ (__memcpy_chk); - # endif -+#else -+# include - #endif -diff --git a/sysdeps/i386/i686/multiarch/memmove_chk.c b/sysdeps/i386/i686/multiarch/memmove_chk.c -index 55c7601d5d..070dde083a 100644 ---- a/sysdeps/i386/i686/multiarch/memmove_chk.c -+++ b/sysdeps/i386/i686/multiarch/memmove_chk.c -@@ -32,4 +32,6 @@ libc_ifunc_redirected (__redirect_memmove_chk, __memmove_chk, - __hidden_ver1 (__memmove_chk, __GI___memmove_chk, __redirect_memmove_chk) - __attribute__ ((visibility ("hidden"))) __attribute_copy__ (__memmove_chk); - # endif -+#else -+# include - #endif -diff --git a/sysdeps/i386/i686/multiarch/mempcpy_chk.c b/sysdeps/i386/i686/multiarch/mempcpy_chk.c -index 83569cf9d9..14360f1828 100644 ---- a/sysdeps/i386/i686/multiarch/mempcpy_chk.c -+++ b/sysdeps/i386/i686/multiarch/mempcpy_chk.c -@@ -32,4 +32,6 @@ libc_ifunc_redirected (__redirect_mempcpy_chk, __mempcpy_chk, - __hidden_ver1 (__mempcpy_chk, __GI___mempcpy_chk, __redirect_mempcpy_chk) - __attribute__ ((visibility ("hidden"))) __attribute_copy__ (__mempcpy_chk); - # endif -+#else -+# include - #endif -diff --git a/sysdeps/i386/i686/multiarch/memset_chk.c b/sysdeps/i386/i686/multiarch/memset_chk.c -index 1a7503858d..8179ef7c0b 100644 ---- a/sysdeps/i386/i686/multiarch/memset_chk.c -+++ b/sysdeps/i386/i686/multiarch/memset_chk.c -@@ -32,4 +32,6 @@ libc_ifunc_redirected (__redirect_memset_chk, __memset_chk, - __hidden_ver1 (__memset_chk, __GI___memset_chk, __redirect_memset_chk) - __attribute__ ((visibility ("hidden"))) __attribute_copy__ (__memset_chk); - # endif -+#else -+# include - #endif --- -2.40.1 - diff --git a/packages/glibc/0007-malloc-Enable-merging-of-remainders-in-memalign-bug-.patch b/packages/glibc/0007-malloc-Enable-merging-of-remainders-in-memalign-bug-.patch deleted file mode 100644 index d08bbf89696..00000000000 --- a/packages/glibc/0007-malloc-Enable-merging-of-remainders-in-memalign-bug-.patch +++ /dev/null @@ -1,300 +0,0 @@ -From 98c293c61f770b6b7a22f89a6ea81b711ecb1952 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Fri, 11 Aug 2023 11:18:17 +0200 -Subject: [PATCH] malloc: Enable merging of remainders in memalign (bug 30723) - -Previously, calling _int_free from _int_memalign could put remainders -into the tcache or into fastbins, where they are invisible to the -low-level allocator. This results in missed merge opportunities -because once these freed chunks become available to the low-level -allocator, further memalign allocations (even of the same size are) -likely obstructing merges. - -Furthermore, during forwards merging in _int_memalign, do not -completely give up when the remainder is too small to serve as a -chunk on its own. We can still give it back if it can be merged -with the following unused chunk. This makes it more likely that -memalign calls in a loop achieve a compact memory layout, -independently of initial heap layout. - -Drop some useless (unsigned long) casts along the way, and tweak -the style to more closely match GNU on changed lines. - -Reviewed-by: DJ Delorie -(cherry picked from commit 542b1105852568c3ebc712225ae78b8c8ba31a78) ---- - malloc/malloc.c | 197 +++++++++++++++++++++++++++++------------------- - 1 file changed, 121 insertions(+), 76 deletions(-) - -diff --git a/malloc/malloc.c b/malloc/malloc.c -index e2f1a615a4..948f9759af 100644 ---- a/malloc/malloc.c -+++ b/malloc/malloc.c -@@ -1086,6 +1086,11 @@ typedef struct malloc_chunk* mchunkptr; - - static void* _int_malloc(mstate, size_t); - static void _int_free(mstate, mchunkptr, int); -+static void _int_free_merge_chunk (mstate, mchunkptr, INTERNAL_SIZE_T); -+static INTERNAL_SIZE_T _int_free_create_chunk (mstate, -+ mchunkptr, INTERNAL_SIZE_T, -+ mchunkptr, INTERNAL_SIZE_T); -+static void _int_free_maybe_consolidate (mstate, INTERNAL_SIZE_T); - static void* _int_realloc(mstate, mchunkptr, INTERNAL_SIZE_T, - INTERNAL_SIZE_T); - static void* _int_memalign(mstate, size_t, size_t); -@@ -4637,31 +4642,52 @@ _int_free (mstate av, mchunkptr p, int have_lock) - if (!have_lock) - __libc_lock_lock (av->mutex); - -- nextchunk = chunk_at_offset(p, size); -- -- /* Lightweight tests: check whether the block is already the -- top block. */ -- if (__glibc_unlikely (p == av->top)) -- malloc_printerr ("double free or corruption (top)"); -- /* Or whether the next chunk is beyond the boundaries of the arena. */ -- if (__builtin_expect (contiguous (av) -- && (char *) nextchunk -- >= ((char *) av->top + chunksize(av->top)), 0)) -- malloc_printerr ("double free or corruption (out)"); -- /* Or whether the block is actually not marked used. */ -- if (__glibc_unlikely (!prev_inuse(nextchunk))) -- malloc_printerr ("double free or corruption (!prev)"); -- -- nextsize = chunksize(nextchunk); -- if (__builtin_expect (chunksize_nomask (nextchunk) <= CHUNK_HDR_SZ, 0) -- || __builtin_expect (nextsize >= av->system_mem, 0)) -- malloc_printerr ("free(): invalid next size (normal)"); -+ _int_free_merge_chunk (av, p, size); - -- free_perturb (chunk2mem(p), size - CHUNK_HDR_SZ); -+ if (!have_lock) -+ __libc_lock_unlock (av->mutex); -+ } -+ /* -+ If the chunk was allocated via mmap, release via munmap(). -+ */ -+ -+ else { -+ munmap_chunk (p); -+ } -+} -+ -+/* Try to merge chunk P of SIZE bytes with its neighbors. Put the -+ resulting chunk on the appropriate bin list. P must not be on a -+ bin list yet, and it can be in use. */ -+static void -+_int_free_merge_chunk (mstate av, mchunkptr p, INTERNAL_SIZE_T size) -+{ -+ mchunkptr nextchunk = chunk_at_offset(p, size); -+ -+ /* Lightweight tests: check whether the block is already the -+ top block. */ -+ if (__glibc_unlikely (p == av->top)) -+ malloc_printerr ("double free or corruption (top)"); -+ /* Or whether the next chunk is beyond the boundaries of the arena. */ -+ if (__builtin_expect (contiguous (av) -+ && (char *) nextchunk -+ >= ((char *) av->top + chunksize(av->top)), 0)) -+ malloc_printerr ("double free or corruption (out)"); -+ /* Or whether the block is actually not marked used. */ -+ if (__glibc_unlikely (!prev_inuse(nextchunk))) -+ malloc_printerr ("double free or corruption (!prev)"); -+ -+ INTERNAL_SIZE_T nextsize = chunksize(nextchunk); -+ if (__builtin_expect (chunksize_nomask (nextchunk) <= CHUNK_HDR_SZ, 0) -+ || __builtin_expect (nextsize >= av->system_mem, 0)) -+ malloc_printerr ("free(): invalid next size (normal)"); -+ -+ free_perturb (chunk2mem(p), size - CHUNK_HDR_SZ); - -- /* consolidate backward */ -- if (!prev_inuse(p)) { -- prevsize = prev_size (p); -+ /* Consolidate backward. */ -+ if (!prev_inuse(p)) -+ { -+ INTERNAL_SIZE_T prevsize = prev_size (p); - size += prevsize; - p = chunk_at_offset(p, -((long) prevsize)); - if (__glibc_unlikely (chunksize(p) != prevsize)) -@@ -4669,9 +4695,25 @@ _int_free (mstate av, mchunkptr p, int have_lock) - unlink_chunk (av, p); - } - -- if (nextchunk != av->top) { -+ /* Write the chunk header, maybe after merging with the following chunk. */ -+ size = _int_free_create_chunk (av, p, size, nextchunk, nextsize); -+ _int_free_maybe_consolidate (av, size); -+} -+ -+/* Create a chunk at P of SIZE bytes, with SIZE potentially increased -+ to cover the immediately following chunk NEXTCHUNK of NEXTSIZE -+ bytes (if NEXTCHUNK is unused). The chunk at P is not actually -+ read and does not have to be initialized. After creation, it is -+ placed on the appropriate bin list. The function returns the size -+ of the new chunk. */ -+static INTERNAL_SIZE_T -+_int_free_create_chunk (mstate av, mchunkptr p, INTERNAL_SIZE_T size, -+ mchunkptr nextchunk, INTERNAL_SIZE_T nextsize) -+{ -+ if (nextchunk != av->top) -+ { - /* get and clear inuse bit */ -- nextinuse = inuse_bit_at_offset(nextchunk, nextsize); -+ bool nextinuse = inuse_bit_at_offset (nextchunk, nextsize); - - /* consolidate forward */ - if (!nextinuse) { -@@ -4686,8 +4728,8 @@ _int_free (mstate av, mchunkptr p, int have_lock) - been given one chance to be used in malloc. - */ - -- bck = unsorted_chunks(av); -- fwd = bck->fd; -+ mchunkptr bck = unsorted_chunks (av); -+ mchunkptr fwd = bck->fd; - if (__glibc_unlikely (fwd->bk != bck)) - malloc_printerr ("free(): corrupted unsorted chunks"); - p->fd = fwd; -@@ -4706,61 +4748,52 @@ _int_free (mstate av, mchunkptr p, int have_lock) - check_free_chunk(av, p); - } - -- /* -- If the chunk borders the current high end of memory, -- consolidate into top -- */ -- -- else { -+ else -+ { -+ /* If the chunk borders the current high end of memory, -+ consolidate into top. */ - size += nextsize; - set_head(p, size | PREV_INUSE); - av->top = p; - check_chunk(av, p); - } - -- /* -- If freeing a large space, consolidate possibly-surrounding -- chunks. Then, if the total unused topmost memory exceeds trim -- threshold, ask malloc_trim to reduce top. -- -- Unless max_fast is 0, we don't know if there are fastbins -- bordering top, so we cannot tell for sure whether threshold -- has been reached unless fastbins are consolidated. But we -- don't want to consolidate on each free. As a compromise, -- consolidation is performed if FASTBIN_CONSOLIDATION_THRESHOLD -- is reached. -- */ -+ return size; -+} - -- if ((unsigned long)(size) >= FASTBIN_CONSOLIDATION_THRESHOLD) { -+/* If freeing a large space, consolidate possibly-surrounding -+ chunks. Then, if the total unused topmost memory exceeds trim -+ threshold, ask malloc_trim to reduce top. */ -+static void -+_int_free_maybe_consolidate (mstate av, INTERNAL_SIZE_T size) -+{ -+ /* Unless max_fast is 0, we don't know if there are fastbins -+ bordering top, so we cannot tell for sure whether threshold has -+ been reached unless fastbins are consolidated. But we don't want -+ to consolidate on each free. As a compromise, consolidation is -+ performed if FASTBIN_CONSOLIDATION_THRESHOLD is reached. */ -+ if (size >= FASTBIN_CONSOLIDATION_THRESHOLD) -+ { - if (atomic_load_relaxed (&av->have_fastchunks)) - malloc_consolidate(av); - -- if (av == &main_arena) { -+ if (av == &main_arena) -+ { - #ifndef MORECORE_CANNOT_TRIM -- if ((unsigned long)(chunksize(av->top)) >= -- (unsigned long)(mp_.trim_threshold)) -- systrim(mp_.top_pad, av); -+ if (chunksize (av->top) >= mp_.trim_threshold) -+ systrim (mp_.top_pad, av); - #endif -- } else { -- /* Always try heap_trim(), even if the top chunk is not -- large, because the corresponding heap might go away. */ -- heap_info *heap = heap_for_ptr(top(av)); -+ } -+ else -+ { -+ /* Always try heap_trim, even if the top chunk is not large, -+ because the corresponding heap might go away. */ -+ heap_info *heap = heap_for_ptr (top (av)); - -- assert(heap->ar_ptr == av); -- heap_trim(heap, mp_.top_pad); -- } -+ assert (heap->ar_ptr == av); -+ heap_trim (heap, mp_.top_pad); -+ } - } -- -- if (!have_lock) -- __libc_lock_unlock (av->mutex); -- } -- /* -- If the chunk was allocated via mmap, release via munmap(). -- */ -- -- else { -- munmap_chunk (p); -- } - } - - /* -@@ -5221,7 +5254,7 @@ _int_memalign (mstate av, size_t alignment, size_t bytes) - (av != &main_arena ? NON_MAIN_ARENA : 0)); - set_inuse_bit_at_offset (newp, newsize); - set_head_size (p, leadsize | (av != &main_arena ? NON_MAIN_ARENA : 0)); -- _int_free (av, p, 1); -+ _int_free_merge_chunk (av, p, leadsize); - p = newp; - - assert (newsize >= nb && -@@ -5232,15 +5265,27 @@ _int_memalign (mstate av, size_t alignment, size_t bytes) - if (!chunk_is_mmapped (p)) - { - size = chunksize (p); -- if ((unsigned long) (size) > (unsigned long) (nb + MINSIZE)) -+ mchunkptr nextchunk = chunk_at_offset(p, size); -+ INTERNAL_SIZE_T nextsize = chunksize(nextchunk); -+ if (size > nb) - { - remainder_size = size - nb; -- remainder = chunk_at_offset (p, nb); -- set_head (remainder, remainder_size | PREV_INUSE | -- (av != &main_arena ? NON_MAIN_ARENA : 0)); -- set_head_size (p, nb); -- _int_free (av, remainder, 1); -- } -+ if (remainder_size >= MINSIZE -+ || nextchunk == av->top -+ || !inuse_bit_at_offset (nextchunk, nextsize)) -+ { -+ /* We can only give back the tail if it is larger than -+ MINSIZE, or if the following chunk is unused (top -+ chunk or unused in-heap chunk). Otherwise we would -+ create a chunk that is smaller than MINSIZE. */ -+ remainder = chunk_at_offset (p, nb); -+ set_head_size (p, nb); -+ remainder_size = _int_free_create_chunk (av, remainder, -+ remainder_size, -+ nextchunk, nextsize); -+ _int_free_maybe_consolidate (av, remainder_size); -+ } -+ } - } - - check_inuse_chunk (av, p); --- -2.40.1 - diff --git a/packages/glibc/0008-malloc-Remove-bin-scanning-from-memalign-bug-30723.patch b/packages/glibc/0008-malloc-Remove-bin-scanning-from-memalign-bug-30723.patch deleted file mode 100644 index 365f1e5fcc5..00000000000 --- a/packages/glibc/0008-malloc-Remove-bin-scanning-from-memalign-bug-30723.patch +++ /dev/null @@ -1,269 +0,0 @@ -From 2af141bda3cd407abd4bedf615f9e45fe79518e2 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Thu, 10 Aug 2023 19:36:56 +0200 -Subject: [PATCH] malloc: Remove bin scanning from memalign (bug 30723) - -On the test workload (mpv --cache=yes with VP9 video decoding), the -bin scanning has a very poor success rate (less than 2%). The tcache -scanning has about 50% success rate, so keep that. - -Update comments in malloc/tst-memalign-2 to indicate the purpose -of the tests. Even with the scanning removed, the additional -merging opportunities since commit 542b1105852568c3ebc712225ae78b -("malloc: Enable merging of remainders in memalign (bug 30723)") -are sufficient to pass the existing large bins test. - -Remove leftover variables from _int_free from refactoring in the -same commit. - -Reviewed-by: DJ Delorie -(cherry picked from commit 0dc7fc1cf094406a138e4d1bcf9553e59edcf89d) ---- - NEWS | 1 + - malloc/malloc.c | 169 ++-------------------------------------- - malloc/tst-memalign-2.c | 7 +- - 3 files changed, 11 insertions(+), 166 deletions(-) - -diff --git a/NEWS b/NEWS -index 872bc8907b..c339cb444e 100644 ---- a/NEWS -+++ b/NEWS -@@ -132,6 +132,7 @@ The following bugs are resolved with this release: - [30555] string: strerror can incorrectly return NULL - [30579] malloc: trim_threshold in realloc lead to high memory usage - [30662] nscd: Group and password cache use errno in place of errval -+ [30723] posix_memalign repeatedly scans long bin lists - - Version 2.37 - -diff --git a/malloc/malloc.c b/malloc/malloc.c -index 948f9759af..d0bbbf3710 100644 ---- a/malloc/malloc.c -+++ b/malloc/malloc.c -@@ -4488,12 +4488,6 @@ _int_free (mstate av, mchunkptr p, int have_lock) - { - INTERNAL_SIZE_T size; /* its size */ - mfastbinptr *fb; /* associated fastbin */ -- mchunkptr nextchunk; /* next contiguous chunk */ -- INTERNAL_SIZE_T nextsize; /* its size */ -- int nextinuse; /* true if nextchunk is used */ -- INTERNAL_SIZE_T prevsize; /* size of previous contiguous chunk */ -- mchunkptr bck; /* misc temp for linking */ -- mchunkptr fwd; /* misc temp for linking */ - - size = chunksize (p); - -@@ -5032,42 +5026,6 @@ _int_realloc (mstate av, mchunkptr oldp, INTERNAL_SIZE_T oldsize, - ------------------------------ memalign ------------------------------ - */ - --/* Returns 0 if the chunk is not and does not contain the requested -- aligned sub-chunk, else returns the amount of "waste" from -- trimming. NB is the *chunk* byte size, not the user byte -- size. */ --static size_t --chunk_ok_for_memalign (mchunkptr p, size_t alignment, size_t nb) --{ -- void *m = chunk2mem (p); -- INTERNAL_SIZE_T size = chunksize (p); -- void *aligned_m = m; -- -- if (__glibc_unlikely (misaligned_chunk (p))) -- malloc_printerr ("_int_memalign(): unaligned chunk detected"); -- -- aligned_m = PTR_ALIGN_UP (m, alignment); -- -- INTERNAL_SIZE_T front_extra = (intptr_t) aligned_m - (intptr_t) m; -- -- /* We can't trim off the front as it's too small. */ -- if (front_extra > 0 && front_extra < MINSIZE) -- return 0; -- -- /* If it's a perfect fit, it's an exception to the return value rule -- (we would return zero waste, which looks like "not usable"), so -- handle it here by returning a small non-zero value instead. */ -- if (size == nb && front_extra == 0) -- return 1; -- -- /* If the block we need fits in the chunk, calculate total waste. */ -- if (size > nb + front_extra) -- return size - nb; -- -- /* Can't use this chunk. */ -- return 0; --} -- - /* BYTES is user requested bytes, not requested chunksize bytes. */ - static void * - _int_memalign (mstate av, size_t alignment, size_t bytes) -@@ -5082,7 +5040,6 @@ _int_memalign (mstate av, size_t alignment, size_t bytes) - mchunkptr remainder; /* spare room at end to split off */ - unsigned long remainder_size; /* its size */ - INTERNAL_SIZE_T size; -- mchunkptr victim; - - nb = checked_request2size (bytes); - if (nb == 0) -@@ -5101,129 +5058,13 @@ _int_memalign (mstate av, size_t alignment, size_t bytes) - we don't find anything in those bins, the common malloc code will - scan starting at 2x. */ - -- /* This will be set if we found a candidate chunk. */ -- victim = NULL; -- -- /* Fast bins are singly-linked, hard to remove a chunk from the middle -- and unlikely to meet our alignment requirements. We have not done -- any experimentation with searching for aligned fastbins. */ -- -- if (av != NULL) -- { -- int first_bin_index; -- int first_largebin_index; -- int last_bin_index; -- -- if (in_smallbin_range (nb)) -- first_bin_index = smallbin_index (nb); -- else -- first_bin_index = largebin_index (nb); -- -- if (in_smallbin_range (nb * 2)) -- last_bin_index = smallbin_index (nb * 2); -- else -- last_bin_index = largebin_index (nb * 2); -- -- first_largebin_index = largebin_index (MIN_LARGE_SIZE); -- -- int victim_index; /* its bin index */ -- -- for (victim_index = first_bin_index; -- victim_index < last_bin_index; -- victim_index ++) -- { -- victim = NULL; -- -- if (victim_index < first_largebin_index) -- { -- /* Check small bins. Small bin chunks are doubly-linked despite -- being the same size. */ -- -- mchunkptr fwd; /* misc temp for linking */ -- mchunkptr bck; /* misc temp for linking */ -- -- bck = bin_at (av, victim_index); -- fwd = bck->fd; -- while (fwd != bck) -- { -- if (chunk_ok_for_memalign (fwd, alignment, nb) > 0) -- { -- victim = fwd; -- -- /* Unlink it */ -- victim->fd->bk = victim->bk; -- victim->bk->fd = victim->fd; -- break; -- } -- -- fwd = fwd->fd; -- } -- } -- else -- { -- /* Check large bins. */ -- mchunkptr fwd; /* misc temp for linking */ -- mchunkptr bck; /* misc temp for linking */ -- mchunkptr best = NULL; -- size_t best_size = 0; -- -- bck = bin_at (av, victim_index); -- fwd = bck->fd; -+ /* Call malloc with worst case padding to hit alignment. */ -+ m = (char *) (_int_malloc (av, nb + alignment + MINSIZE)); - -- while (fwd != bck) -- { -- int extra; -- -- if (chunksize (fwd) < nb) -- break; -- extra = chunk_ok_for_memalign (fwd, alignment, nb); -- if (extra > 0 -- && (extra <= best_size || best == NULL)) -- { -- best = fwd; -- best_size = extra; -- } -+ if (m == 0) -+ return 0; /* propagate failure */ - -- fwd = fwd->fd; -- } -- victim = best; -- -- if (victim != NULL) -- { -- unlink_chunk (av, victim); -- break; -- } -- } -- -- if (victim != NULL) -- break; -- } -- } -- -- /* Strategy: find a spot within that chunk that meets the alignment -- request, and then possibly free the leading and trailing space. -- This strategy is incredibly costly and can lead to external -- fragmentation if header and footer chunks are unused. */ -- -- if (victim != NULL) -- { -- p = victim; -- m = chunk2mem (p); -- set_inuse (p); -- if (av != &main_arena) -- set_non_main_arena (p); -- } -- else -- { -- /* Call malloc with worst case padding to hit alignment. */ -- -- m = (char *) (_int_malloc (av, nb + alignment + MINSIZE)); -- -- if (m == 0) -- return 0; /* propagate failure */ -- -- p = mem2chunk (m); -- } -+ p = mem2chunk (m); - - if ((((unsigned long) (m)) % alignment) != 0) /* misaligned */ - { -diff --git a/malloc/tst-memalign-2.c b/malloc/tst-memalign-2.c -index f229283dbf..ecd6fa249e 100644 ---- a/malloc/tst-memalign-2.c -+++ b/malloc/tst-memalign-2.c -@@ -86,7 +86,8 @@ do_test (void) - TEST_VERIFY (tcache_allocs[i].ptr1 == tcache_allocs[i].ptr2); - } - -- /* Test for non-head tcache hits. */ -+ /* Test for non-head tcache hits. This exercises the memalign -+ scanning code to find matching allocations. */ - for (i = 0; i < array_length (ptr); ++ i) - { - if (i == 4) -@@ -113,7 +114,9 @@ do_test (void) - free (p); - TEST_VERIFY (count > 0); - -- /* Large bins test. */ -+ /* Large bins test. This verifies that the over-allocated parts -+ that memalign releases for future allocations can be reused by -+ memalign itself at least in some cases. */ - - for (i = 0; i < LN; ++ i) - { --- -2.40.1 - diff --git a/packages/glibc/0009-sysdeps-tst-bz21269-fix-test-parameter.patch b/packages/glibc/0009-sysdeps-tst-bz21269-fix-test-parameter.patch deleted file mode 100644 index e0d39b9490f..00000000000 --- a/packages/glibc/0009-sysdeps-tst-bz21269-fix-test-parameter.patch +++ /dev/null @@ -1,31 +0,0 @@ -From c8ecda6251dd4a0dfe074e0a6011211cadeef742 Mon Sep 17 00:00:00 2001 -From: Sam James -Date: Fri, 4 Aug 2023 23:58:27 +0100 -Subject: [PATCH] sysdeps: tst-bz21269: fix test parameter - -All callers pass 1 or 0x11 anyway (same meaning according to man page), -but still. - -Reviewed-by: DJ Delorie -Signed-off-by: Sam James -(cherry picked from commit e0b712dd9183d527aae4506cd39564c14af3bb28) ---- - sysdeps/unix/sysv/linux/i386/tst-bz21269.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c -index 51d4a1b082..f508ef8f16 100644 ---- a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c -+++ b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c -@@ -52,7 +52,7 @@ xset_thread_area (struct user_desc *u_info) - static void - xmodify_ldt (int func, const void *ptr, unsigned long bytecount) - { -- TEST_VERIFY_EXIT (syscall (SYS_modify_ldt, 1, ptr, bytecount) == 0); -+ TEST_VERIFY_EXIT (syscall (SYS_modify_ldt, func, ptr, bytecount) == 0); - } - - static int --- -2.40.1 - diff --git a/packages/glibc/0010-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch b/packages/glibc/0010-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch deleted file mode 100644 index b4f2a32f0b8..00000000000 --- a/packages/glibc/0010-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch +++ /dev/null @@ -1,41 +0,0 @@ -From ad9b8399537670a990572c4b0c4da5411e3b68cf Mon Sep 17 00:00:00 2001 -From: Sam James -Date: Sat, 5 Aug 2023 00:04:33 +0100 -Subject: [PATCH] sysdeps: tst-bz21269: handle ENOSYS & skip appropriately - -SYS_modify_ldt requires CONFIG_MODIFY_LDT_SYSCALL to be set in the kernel, which -some distributions may disable for hardening. Check if that's the case (unset) -and mark the test as UNSUPPORTED if so. - -Reviewed-by: DJ Delorie -Signed-off-by: Sam James -(cherry picked from commit 652b9fdb77d9fd056d4dd26dad2c14142768ab49) ---- - sysdeps/unix/sysv/linux/i386/tst-bz21269.c | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - -diff --git a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c -index f508ef8f16..28f5359bea 100644 ---- a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c -+++ b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c -@@ -52,7 +52,16 @@ xset_thread_area (struct user_desc *u_info) - static void - xmodify_ldt (int func, const void *ptr, unsigned long bytecount) - { -- TEST_VERIFY_EXIT (syscall (SYS_modify_ldt, func, ptr, bytecount) == 0); -+ long ret = syscall (SYS_modify_ldt, func, ptr, bytecount); -+ -+ if (ret == -1) -+ { -+ if (errno == ENOSYS) -+ FAIL_UNSUPPORTED ("modify_ldt not supported"); -+ FAIL_EXIT1 ("modify_ldt failed (errno=%d)", errno); -+ } -+ -+ return 0; - } - - static int --- -2.40.1 - diff --git a/packages/glibc/0011-sysdeps-tst-bz21269-fix-Wreturn-type.patch b/packages/glibc/0011-sysdeps-tst-bz21269-fix-Wreturn-type.patch deleted file mode 100644 index c772f3293fc..00000000000 --- a/packages/glibc/0011-sysdeps-tst-bz21269-fix-Wreturn-type.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 1aed90c9c8f8be9f68b58e96b6e4cd0fc08eb2b1 Mon Sep 17 00:00:00 2001 -From: Sam James -Date: Thu, 17 Aug 2023 09:30:29 +0100 -Subject: [PATCH] sysdeps: tst-bz21269: fix -Wreturn-type - -Thanks to Andreas Schwab for reporting. - -Fixes: 652b9fdb77d9fd056d4dd26dad2c14142768ab49 -Signed-off-by: Sam James -(cherry picked from commit 369f373057073c307938da91af16922bda3dff6a) ---- - sysdeps/unix/sysv/linux/i386/tst-bz21269.c | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c -index 28f5359bea..822c41fceb 100644 ---- a/sysdeps/unix/sysv/linux/i386/tst-bz21269.c -+++ b/sysdeps/unix/sysv/linux/i386/tst-bz21269.c -@@ -60,8 +60,6 @@ xmodify_ldt (int func, const void *ptr, unsigned long bytecount) - FAIL_UNSUPPORTED ("modify_ldt not supported"); - FAIL_EXIT1 ("modify_ldt failed (errno=%d)", errno); - } -- -- return 0; - } - - static int --- -2.40.1 - diff --git a/packages/glibc/0012-io-Fix-record-locking-contants-for-powerpc64-with-__.patch b/packages/glibc/0012-io-Fix-record-locking-contants-for-powerpc64-with-__.patch deleted file mode 100644 index 726c166f4ef..00000000000 --- a/packages/glibc/0012-io-Fix-record-locking-contants-for-powerpc64-with-__.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 5bdef6f27c91f45505ed5444147be4ed0e9bc3c7 Mon Sep 17 00:00:00 2001 -From: Aurelien Jarno -Date: Mon, 28 Aug 2023 23:30:37 +0200 -Subject: [PATCH] io: Fix record locking contants for powerpc64 with - __USE_FILE_OFFSET64 - -Commit 5f828ff824e3b7cd1 ("io: Fix F_GETLK, F_SETLK, and F_SETLKW for -powerpc64") fixed an issue with the value of the lock constants on -powerpc64 when not using __USE_FILE_OFFSET64, but it ended-up also -changing the value when using __USE_FILE_OFFSET64 causing an API change. - -Fix that by also checking that define, restoring the pre -4d0fe291aed3a476a commit values: - -Default values: -- F_GETLK: 5 -- F_SETLK: 6 -- F_SETLKW: 7 - -With -D_FILE_OFFSET_BITS=64: -- F_GETLK: 12 -- F_SETLK: 13 -- F_SETLKW: 14 - -At the same time, it has been noticed that there was no test for io lock -with __USE_FILE_OFFSET64, so just add one. - -Tested on x86_64-linux-gnu, i686-linux-gnu and -powerpc64le-unknown-linux-gnu. - -Resolves: BZ #30804. -Co-authored-by: Adhemerval Zanella -Signed-off-by: Aurelien Jarno -(cherry picked from commit 434bf72a94de68f0cc7fbf3c44bf38c1911b70cb) ---- - NEWS | 2 ++ - io/Makefile | 1 + - io/tst-fcntl-lock-lfs.c | 2 ++ - sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h | 2 +- - 4 files changed, 6 insertions(+), 1 deletion(-) - create mode 100644 io/tst-fcntl-lock-lfs.c - -diff --git a/NEWS b/NEWS -index c339cb444e..8156572cdf 100644 ---- a/NEWS -+++ b/NEWS -@@ -133,6 +133,8 @@ The following bugs are resolved with this release: - [30579] malloc: trim_threshold in realloc lead to high memory usage - [30662] nscd: Group and password cache use errno in place of errval - [30723] posix_memalign repeatedly scans long bin lists -+ [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with -+ -D_FILE_OFFSET_BITS=64 - - Version 2.37 - -diff --git a/io/Makefile b/io/Makefile -index 6ccc0e8691..8a3c83a3bb 100644 ---- a/io/Makefile -+++ b/io/Makefile -@@ -192,6 +192,7 @@ tests := \ - tst-fchownat \ - tst-fcntl \ - tst-fcntl-lock \ -+ tst-fcntl-lock-lfs \ - tst-fstatat \ - tst-fts \ - tst-fts-lfs \ -diff --git a/io/tst-fcntl-lock-lfs.c b/io/tst-fcntl-lock-lfs.c -new file mode 100644 -index 0000000000..f2a909fb02 ---- /dev/null -+++ b/io/tst-fcntl-lock-lfs.c -@@ -0,0 +1,2 @@ -+#define _FILE_OFFSET_BITS 64 -+#include -diff --git a/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h b/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h -index f7615a447e..d8a291a331 100644 ---- a/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h -+++ b/sysdeps/unix/sysv/linux/powerpc/bits/fcntl.h -@@ -33,7 +33,7 @@ - # define __O_LARGEFILE 0200000 - #endif - --#if __WORDSIZE == 64 -+#if __WORDSIZE == 64 && !defined __USE_FILE_OFFSET64 - # define F_GETLK 5 - # define F_SETLK 6 - # define F_SETLKW 7 --- -2.41.0 - diff --git a/packages/glibc/0013-libio-Fix-oversized-__io_vtables.patch b/packages/glibc/0013-libio-Fix-oversized-__io_vtables.patch deleted file mode 100644 index 2f418fd89ac..00000000000 --- a/packages/glibc/0013-libio-Fix-oversized-__io_vtables.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 92201f16cbcfd9eafe314ef6654be2ea7ba25675 Mon Sep 17 00:00:00 2001 -From: Adam Jackson -Date: Fri, 8 Sep 2023 15:55:19 -0400 -Subject: [PATCH] libio: Fix oversized __io_vtables - -IO_VTABLES_LEN is the size of the struct array in bytes, not the number -of __IO_jump_t's in the array. Drops just under 384kb from .rodata on -LP64 machines. - -Fixes: 3020f72618e ("libio: Remove the usage of __libc_IO_vtables") -Signed-off-by: Adam Jackson -Reviewed-by: Florian Weimer -Tested-by: Florian Weimer -(cherry picked from commit 8cb69e054386f980f9ff4d93b157861d72b2019e) ---- - libio/vtables.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/libio/vtables.c b/libio/vtables.c -index 1d8ad612e9..34f7e15f1c 100644 ---- a/libio/vtables.c -+++ b/libio/vtables.c -@@ -20,6 +20,7 @@ - #include - #include - #include -+#include - #include - #include - -@@ -88,7 +89,7 @@ - # pragma weak __wprintf_buffer_as_file_xsputn - #endif - --const struct _IO_jump_t __io_vtables[IO_VTABLES_LEN] attribute_relro = -+const struct _IO_jump_t __io_vtables[] attribute_relro = - { - /* _IO_str_jumps */ - [IO_STR_JUMPS] = -@@ -485,6 +486,8 @@ const struct _IO_jump_t __io_vtables[IO_VTABLES_LEN] attribute_relro = - }, - #endif - }; -+_Static_assert (array_length (__io_vtables) == IO_VTABLES_NUM, -+ "initializer count"); - - #ifdef SHARED - --- -2.41.0 - diff --git a/packages/glibc/0014-elf-Do-not-run-constructors-for-proxy-objects.patch b/packages/glibc/0014-elf-Do-not-run-constructors-for-proxy-objects.patch deleted file mode 100644 index e2665ecfae0..00000000000 --- a/packages/glibc/0014-elf-Do-not-run-constructors-for-proxy-objects.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 7ae211a01b085d0bde54bd13b887ce8f9d57c2b4 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Tue, 22 Aug 2023 13:56:25 +0200 -Subject: [PATCH] elf: Do not run constructors for proxy objects - -Otherwise, the ld.so constructor runs for each audit namespace -and each dlmopen namespace. - -(cherry picked from commit f6c8204fd7fabf0cf4162eaf10ccf23258e4d10e) ---- - elf/dl-init.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/elf/dl-init.c b/elf/dl-init.c -index 5b0732590f..ba4d2fdc85 100644 ---- a/elf/dl-init.c -+++ b/elf/dl-init.c -@@ -25,10 +25,14 @@ - static void - call_init (struct link_map *l, int argc, char **argv, char **env) - { -+ /* Do not run constructors for proxy objects. */ -+ if (l != l->l_real) -+ return; -+ - /* If the object has not been relocated, this is a bug. The - function pointers are invalid in this case. (Executables do not -- need relocation, and neither do proxy objects.) */ -- assert (l->l_real->l_relocated || l->l_real->l_type == lt_executable); -+ need relocation.) */ -+ assert (l->l_relocated || l->l_type == lt_executable); - - if (l->l_init_called) - /* This object is all done. */ --- -2.41.0 - diff --git a/packages/glibc/0015-elf-Always-call-destructors-in-reverse-constructor-o.patch b/packages/glibc/0015-elf-Always-call-destructors-in-reverse-constructor-o.patch deleted file mode 100644 index 9c89f054915..00000000000 --- a/packages/glibc/0015-elf-Always-call-destructors-in-reverse-constructor-o.patch +++ /dev/null @@ -1,669 +0,0 @@ -From a3189f66a5f2fe86568286fa025fa153be04c6c0 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Fri, 8 Sep 2023 12:32:14 +0200 -Subject: [PATCH] elf: Always call destructors in reverse constructor order - (bug 30785) - -The current implementation of dlclose (and process exit) re-sorts the -link maps before calling ELF destructors. Destructor order is not the -reverse of the constructor order as a result: The second sort takes -relocation dependencies into account, and other differences can result -from ambiguous inputs, such as cycles. (The force_first handling in -_dl_sort_maps is not effective for dlclose.) After the changes in -this commit, there is still a required difference due to -dlopen/dlclose ordering by the application, but the previous -discrepancies went beyond that. - -A new global (namespace-spanning) list of link maps, -_dl_init_called_list, is updated right before ELF constructors are -called from _dl_init. - -In dl_close_worker, the maps variable, an on-stack variable length -array, is eliminated. (VLAs are problematic, and dlclose should not -call malloc because it cannot readily deal with malloc failure.) -Marking still-used objects uses the namespace list directly, with -next and next_idx replacing the done_index variable. - -After marking, _dl_init_called_list is used to call the destructors -of now-unused maps in reverse destructor order. These destructors -can call dlopen. Previously, new objects do not have l_map_used set. -This had to change: There is no copy of the link map list anymore, -so processing would cover newly opened (and unmarked) mappings, -unloading them. Now, _dl_init (indirectly) sets l_map_used, too. -(dlclose is handled by the existing reentrancy guard.) - -After _dl_init_called_list traversal, two more loops follow. The -processing order changes to the original link map order in the -namespace. Previously, dependency order was used. The difference -should not matter because relocation dependencies could already -reorder link maps in the old code. - -The changes to _dl_fini remove the sorting step and replace it with -a traversal of _dl_init_called_list. The l_direct_opencount -decrement outside the loader lock is removed because it appears -incorrect: the counter manipulation could race with other dynamic -loader operations. - -tst-audit23 needs adjustments to the changes in LA_ACT_DELETE -notifications. The new approach for checking la_activity should -make it clearer that la_activty calls come in pairs around namespace -updates. - -The dependency sorting test cases need updates because the destructor -order is always the opposite order of constructor order, even with -relocation dependencies or cycles present. - -There is a future cleanup opportunity to remove the now-constant -force_first and for_fini arguments from the _dl_sort_maps function. - -Fixes commit 1df71d32fe5f5905ffd5d100e5e9ca8ad62 ("elf: Implement -force_first handling in _dl_sort_maps_dfs (bug 28937)"). - -Reviewed-by: DJ Delorie -(cherry picked from commit 6985865bc3ad5b23147ee73466583dd7fdf65892) ---- - NEWS | 7 ++ - elf/dl-close.c | 113 +++++++++++++++++---------- - elf/dl-fini.c | 152 +++++++++++++------------------------ - elf/dl-init.c | 16 ++++ - elf/dso-sort-tests-1.def | 19 ++--- - elf/tst-audit23.c | 44 ++++++----- - include/link.h | 4 + - sysdeps/generic/ldsodefs.h | 4 + - 8 files changed, 186 insertions(+), 173 deletions(-) - -diff --git a/NEWS b/NEWS -index 8156572cdf..f1a14f45dd 100644 ---- a/NEWS -+++ b/NEWS -@@ -4,6 +4,13 @@ See the end for copying conditions. - - Please send GNU C library bug reports via - using `glibc' in the "product" field. -+ -+Version 2.38.1 -+ -+The following bugs are resolved with this release: -+ -+ [30785] Always call destructors in reverse constructor order -+ - - Version 2.38 - -diff --git a/elf/dl-close.c b/elf/dl-close.c -index b887a44888..ea62d0e601 100644 ---- a/elf/dl-close.c -+++ b/elf/dl-close.c -@@ -138,30 +138,31 @@ _dl_close_worker (struct link_map *map, bool force) - - bool any_tls = false; - const unsigned int nloaded = ns->_ns_nloaded; -- struct link_map *maps[nloaded]; - -- /* Run over the list and assign indexes to the link maps and enter -- them into the MAPS array. */ -+ /* Run over the list and assign indexes to the link maps. */ - int idx = 0; - for (struct link_map *l = ns->_ns_loaded; l != NULL; l = l->l_next) - { - l->l_map_used = 0; - l->l_map_done = 0; - l->l_idx = idx; -- maps[idx] = l; - ++idx; - } - assert (idx == nloaded); - -- /* Keep track of the lowest index link map we have covered already. */ -- int done_index = -1; -- while (++done_index < nloaded) -+ /* Keep marking link maps until no new link maps are found. */ -+ for (struct link_map *l = ns->_ns_loaded; l != NULL; ) - { -- struct link_map *l = maps[done_index]; -+ /* next is reset to earlier link maps for remarking. */ -+ struct link_map *next = l->l_next; -+ int next_idx = l->l_idx + 1; /* next->l_idx, but covers next == NULL. */ - - if (l->l_map_done) -- /* Already handled. */ -- continue; -+ { -+ /* Already handled. */ -+ l = next; -+ continue; -+ } - - /* Check whether this object is still used. */ - if (l->l_type == lt_loaded -@@ -171,7 +172,10 @@ _dl_close_worker (struct link_map *map, bool force) - acquire is sufficient and correct. */ - && atomic_load_acquire (&l->l_tls_dtor_count) == 0 - && !l->l_map_used) -- continue; -+ { -+ l = next; -+ continue; -+ } - - /* We need this object and we handle it now. */ - l->l_map_used = 1; -@@ -198,8 +202,11 @@ _dl_close_worker (struct link_map *map, bool force) - already processed it, then we need to go back - and process again from that point forward to - ensure we keep all of its dependencies also. */ -- if ((*lp)->l_idx - 1 < done_index) -- done_index = (*lp)->l_idx - 1; -+ if ((*lp)->l_idx < next_idx) -+ { -+ next = *lp; -+ next_idx = next->l_idx; -+ } - } - } - -@@ -219,44 +226,65 @@ _dl_close_worker (struct link_map *map, bool force) - if (!jmap->l_map_used) - { - jmap->l_map_used = 1; -- if (jmap->l_idx - 1 < done_index) -- done_index = jmap->l_idx - 1; -+ if (jmap->l_idx < next_idx) -+ { -+ next = jmap; -+ next_idx = next->l_idx; -+ } - } - } - } -- } - -- /* Sort the entries. We can skip looking for the binary itself which is -- at the front of the search list for the main namespace. */ -- _dl_sort_maps (maps, nloaded, (nsid == LM_ID_BASE), true); -+ l = next; -+ } - -- /* Call all termination functions at once. */ -- bool unload_any = false; -- bool scope_mem_left = false; -- unsigned int unload_global = 0; -- unsigned int first_loaded = ~0; -- for (unsigned int i = 0; i < nloaded; ++i) -+ /* Call the destructors in reverse constructor order, and remove the -+ closed link maps from the list. */ -+ for (struct link_map **init_called_head = &_dl_init_called_list; -+ *init_called_head != NULL; ) - { -- struct link_map *imap = maps[i]; -+ struct link_map *imap = *init_called_head; - -- /* All elements must be in the same namespace. */ -- assert (imap->l_ns == nsid); -- -- if (!imap->l_map_used) -+ /* _dl_init_called_list is global, to produce a global odering. -+ Ignore the other namespaces (and link maps that are still used). */ -+ if (imap->l_ns != nsid || imap->l_map_used) -+ init_called_head = &imap->l_init_called_next; -+ else - { - assert (imap->l_type == lt_loaded && !imap->l_nodelete_active); - -- /* Call its termination function. Do not do it for -- half-cooked objects. Temporarily disable exception -- handling, so that errors are fatal. */ -- if (imap->l_init_called) -+ /* _dl_init_called_list is updated at the same time as -+ l_init_called. */ -+ assert (imap->l_init_called); -+ -+ if (imap->l_info[DT_FINI_ARRAY] != NULL -+ || imap->l_info[DT_FINI] != NULL) - _dl_catch_exception (NULL, _dl_call_fini, imap); - - #ifdef SHARED - /* Auditing checkpoint: we remove an object. */ - _dl_audit_objclose (imap); - #endif -+ /* Unlink this link map. */ -+ *init_called_head = imap->l_init_called_next; -+ } -+ } -+ -+ -+ bool unload_any = false; -+ bool scope_mem_left = false; -+ unsigned int unload_global = 0; -+ -+ /* For skipping un-unloadable link maps in the second loop. */ -+ struct link_map *first_loaded = ns->_ns_loaded; - -+ /* Iterate over the namespace to find objects to unload. Some -+ unloadable objects may not be on _dl_init_called_list due to -+ dlopen failure. */ -+ for (struct link_map *imap = first_loaded; imap != NULL; imap = imap->l_next) -+ { -+ if (!imap->l_map_used) -+ { - /* This object must not be used anymore. */ - imap->l_removed = 1; - -@@ -267,8 +295,8 @@ _dl_close_worker (struct link_map *map, bool force) - ++unload_global; - - /* Remember where the first dynamically loaded object is. */ -- if (i < first_loaded) -- first_loaded = i; -+ if (first_loaded == NULL) -+ first_loaded = imap; - } - /* Else imap->l_map_used. */ - else if (imap->l_type == lt_loaded) -@@ -404,8 +432,8 @@ _dl_close_worker (struct link_map *map, bool force) - imap->l_loader = NULL; - - /* Remember where the first dynamically loaded object is. */ -- if (i < first_loaded) -- first_loaded = i; -+ if (first_loaded == NULL) -+ first_loaded = imap; - } - } - -@@ -476,10 +504,11 @@ _dl_close_worker (struct link_map *map, bool force) - - /* Check each element of the search list to see if all references to - it are gone. */ -- for (unsigned int i = first_loaded; i < nloaded; ++i) -+ for (struct link_map *imap = first_loaded; imap != NULL; ) - { -- struct link_map *imap = maps[i]; -- if (!imap->l_map_used) -+ if (imap->l_map_used) -+ imap = imap->l_next; -+ else - { - assert (imap->l_type == lt_loaded); - -@@ -690,7 +719,9 @@ _dl_close_worker (struct link_map *map, bool force) - if (imap == GL(dl_initfirst)) - GL(dl_initfirst) = NULL; - -+ struct link_map *next = imap->l_next; - free (imap); -+ imap = next; - } - } - -diff --git a/elf/dl-fini.c b/elf/dl-fini.c -index 9acb64f47c..e201d36651 100644 ---- a/elf/dl-fini.c -+++ b/elf/dl-fini.c -@@ -24,116 +24,68 @@ - void - _dl_fini (void) - { -- /* Lots of fun ahead. We have to call the destructors for all still -- loaded objects, in all namespaces. The problem is that the ELF -- specification now demands that dependencies between the modules -- are taken into account. I.e., the destructor for a module is -- called before the ones for any of its dependencies. -- -- To make things more complicated, we cannot simply use the reverse -- order of the constructors. Since the user might have loaded objects -- using `dlopen' there are possibly several other modules with its -- dependencies to be taken into account. Therefore we have to start -- determining the order of the modules once again from the beginning. */ -- -- /* We run the destructors of the main namespaces last. As for the -- other namespaces, we pick run the destructors in them in reverse -- order of the namespace ID. */ --#ifdef SHARED -- int do_audit = 0; -- again: --#endif -- for (Lmid_t ns = GL(dl_nns) - 1; ns >= 0; --ns) -- { -- /* Protect against concurrent loads and unloads. */ -- __rtld_lock_lock_recursive (GL(dl_load_lock)); -- -- unsigned int nloaded = GL(dl_ns)[ns]._ns_nloaded; -- /* No need to do anything for empty namespaces or those used for -- auditing DSOs. */ -- if (nloaded == 0 --#ifdef SHARED -- || GL(dl_ns)[ns]._ns_loaded->l_auditing != do_audit --#endif -- ) -- __rtld_lock_unlock_recursive (GL(dl_load_lock)); -- else -- { -+ /* Call destructors strictly in the reverse order of constructors. -+ This causes fewer surprises than some arbitrary reordering based -+ on new (relocation) dependencies. None of the objects are -+ unmapped, so applications can deal with this if their DSOs remain -+ in a consistent state after destructors have run. */ -+ -+ /* Protect against concurrent loads and unloads. */ -+ __rtld_lock_lock_recursive (GL(dl_load_lock)); -+ -+ /* Ignore objects which are opened during shutdown. */ -+ struct link_map *local_init_called_list = _dl_init_called_list; -+ -+ for (struct link_map *l = local_init_called_list; l != NULL; -+ l = l->l_init_called_next) -+ /* Bump l_direct_opencount of all objects so that they -+ are not dlclose()ed from underneath us. */ -+ ++l->l_direct_opencount; -+ -+ /* After this point, everything linked from local_init_called_list -+ cannot be unloaded because of the reference counter update. */ -+ __rtld_lock_unlock_recursive (GL(dl_load_lock)); -+ -+ /* Perform two passes: One for non-audit modules, one for audit -+ modules. This way, audit modules receive unload notifications -+ for non-audit objects, and the destructors for audit modules -+ still run. */ - #ifdef SHARED -- _dl_audit_activity_nsid (ns, LA_ACT_DELETE); -+ int last_pass = GLRO(dl_naudit) > 0; -+ Lmid_t last_ns = -1; -+ for (int do_audit = 0; do_audit <= last_pass; ++do_audit) - #endif -- -- /* Now we can allocate an array to hold all the pointers and -- copy the pointers in. */ -- struct link_map *maps[nloaded]; -- -- unsigned int i; -- struct link_map *l; -- assert (nloaded != 0 || GL(dl_ns)[ns]._ns_loaded == NULL); -- for (l = GL(dl_ns)[ns]._ns_loaded, i = 0; l != NULL; l = l->l_next) -- /* Do not handle ld.so in secondary namespaces. */ -- if (l == l->l_real) -- { -- assert (i < nloaded); -- -- maps[i] = l; -- l->l_idx = i; -- ++i; -- -- /* Bump l_direct_opencount of all objects so that they -- are not dlclose()ed from underneath us. */ -- ++l->l_direct_opencount; -- } -- assert (ns != LM_ID_BASE || i == nloaded); -- assert (ns == LM_ID_BASE || i == nloaded || i == nloaded - 1); -- unsigned int nmaps = i; -- -- /* Now we have to do the sorting. We can skip looking for the -- binary itself which is at the front of the search list for -- the main namespace. */ -- _dl_sort_maps (maps, nmaps, (ns == LM_ID_BASE), true); -- -- /* We do not rely on the linked list of loaded object anymore -- from this point on. We have our own list here (maps). The -- various members of this list cannot vanish since the open -- count is too high and will be decremented in this loop. So -- we release the lock so that some code which might be called -- from a destructor can directly or indirectly access the -- lock. */ -- __rtld_lock_unlock_recursive (GL(dl_load_lock)); -- -- /* 'maps' now contains the objects in the right order. Now -- call the destructors. We have to process this array from -- the front. */ -- for (i = 0; i < nmaps; ++i) -- { -- struct link_map *l = maps[i]; -- -- if (l->l_init_called) -- { -- _dl_call_fini (l); -+ for (struct link_map *l = local_init_called_list; l != NULL; -+ l = l->l_init_called_next) -+ { - #ifdef SHARED -- /* Auditing checkpoint: another object closed. */ -- _dl_audit_objclose (l); -+ if (GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing != do_audit) -+ continue; -+ -+ /* Avoid back-to-back calls of _dl_audit_activity_nsid for the -+ same namespace. */ -+ if (last_ns != l->l_ns) -+ { -+ if (last_ns >= 0) -+ _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); -+ _dl_audit_activity_nsid (l->l_ns, LA_ACT_DELETE); -+ last_ns = l->l_ns; -+ } - #endif -- } - -- /* Correct the previous increment. */ -- --l->l_direct_opencount; -- } -+ /* There is no need to re-enable exceptions because _dl_fini -+ is not called from a context where exceptions are caught. */ -+ _dl_call_fini (l); - - #ifdef SHARED -- _dl_audit_activity_nsid (ns, LA_ACT_CONSISTENT); -+ /* Auditing checkpoint: another object closed. */ -+ _dl_audit_objclose (l); - #endif -- } -- } -+ } - - #ifdef SHARED -- if (! do_audit && GLRO(dl_naudit) > 0) -- { -- do_audit = 1; -- goto again; -- } -+ if (last_ns >= 0) -+ _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); - - if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_STATISTICS)) - _dl_debug_printf ("\nruntime linker statistics:\n" -diff --git a/elf/dl-init.c b/elf/dl-init.c -index ba4d2fdc85..ffd05b7806 100644 ---- a/elf/dl-init.c -+++ b/elf/dl-init.c -@@ -21,6 +21,7 @@ - #include - #include - -+struct link_map *_dl_init_called_list; - - static void - call_init (struct link_map *l, int argc, char **argv, char **env) -@@ -42,6 +43,21 @@ call_init (struct link_map *l, int argc, char **argv, char **env) - dependency. */ - l->l_init_called = 1; - -+ /* Help an already-running dlclose: The just-loaded object must not -+ be removed during the current pass. (No effect if no dlclose in -+ progress.) */ -+ l->l_map_used = 1; -+ -+ /* Record execution before starting any initializers. This way, if -+ the initializers themselves call dlopen, their ELF destructors -+ will eventually be run before this object is destructed, matching -+ that their ELF constructors have run before this object was -+ constructed. _dl_fini uses this list for audit callbacks, so -+ register objects on the list even if they do not have a -+ constructor. */ -+ l->l_init_called_next = _dl_init_called_list; -+ _dl_init_called_list = l; -+ - /* Check for object which constructors we do not run here. */ - if (__builtin_expect (l->l_name[0], 'a') == '\0' - && l->l_type == lt_executable) -diff --git a/elf/dso-sort-tests-1.def b/elf/dso-sort-tests-1.def -index 4bf9052db1..61dc54f8ae 100644 ---- a/elf/dso-sort-tests-1.def -+++ b/elf/dso-sort-tests-1.def -@@ -53,21 +53,14 @@ tst-dso-ordering10: {}->a->b->c;soname({})=c - output: b>a>{}b->c->d order). --# The older dynamic_sort=1 algorithm does not achieve this, while the DFS-based --# dynamic_sort=2 algorithm does, although it is still arguable whether going --# beyond spec to do this is the right thing to do. --# The below expected outputs are what the two algorithms currently produce --# respectively, for regression testing purposes. -+# relocation(dynamic) dependencies. For both sorting algorithms, the -+# destruction order is the reverse of the construction order, and -+# relocation dependencies are not taken into account. - tst-bz15311: {+a;+e;+f;+g;+d;%d;-d;-g;-f;-e;-a};a->b->c->d;d=>[ba];c=>a;b=>e=>a;c=>f=>b;d=>g=>c --output(glibc.rtld.dynamic_sort=1): {+a[d>c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[a1;a->a2;a2->a;b->b1;c->a1;c=>a1 --output(glibc.rtld.dynamic_sort=1): {+a[a2>a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());} -Date: Fri, 8 Sep 2023 13:02:06 +0200 -Subject: [PATCH] elf: Remove unused l_text_end field from struct link_map - -It is a left-over from commit 52a01100ad011293197637e42b5be1a479a2 -("elf: Remove ad-hoc restrictions on dlopen callers [BZ #22787]"). - -When backporting commmit 6985865bc3ad5b23147ee73466583dd7fdf65892 -("elf: Always call destructors in reverse constructor order -(bug 30785)"), we can move the l_init_called_next field to this -place, so that the internal GLIBC_PRIVATE ABI does not change. - -Reviewed-by: Carlos O'Donell -Tested-by: Carlos O'Donell -(cherry picked from commit 53df2ce6885da3d0e89e87dca7b095622296014f) ---- - elf/dl-load.c | 2 +- - elf/dl-load.h | 7 ++----- - elf/rtld.c | 6 ------ - elf/setup-vdso.h | 4 ---- - include/link.h | 2 -- - 5 files changed, 3 insertions(+), 18 deletions(-) - -diff --git a/elf/dl-load.c b/elf/dl-load.c -index 9a87fda9c9..2923b1141d 100644 ---- a/elf/dl-load.c -+++ b/elf/dl-load.c -@@ -1253,7 +1253,7 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd, - - /* Now process the load commands and map segments into memory. - This is responsible for filling in: -- l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr -+ l_map_start, l_map_end, l_addr, l_contiguous, l_phdr - */ - errstring = _dl_map_segments (l, fd, header, type, loadcmds, nloadcmds, - maplength, has_holes, loader); -diff --git a/elf/dl-load.h b/elf/dl-load.h -index ecf6910c68..1d5207694b 100644 ---- a/elf/dl-load.h -+++ b/elf/dl-load.h -@@ -83,14 +83,11 @@ struct loadcmd - - /* This is a subroutine of _dl_map_segments. It should be called for each - load command, some time after L->l_addr has been set correctly. It is -- responsible for setting up the l_text_end and l_phdr fields. */ -+ responsible for setting the l_phdr fields */ - static __always_inline void - _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, - const struct loadcmd *c) - { -- if (c->prot & PROT_EXEC) -- l->l_text_end = l->l_addr + c->mapend; -- - if (l->l_phdr == 0 - && c->mapoff <= header->e_phoff - && ((size_t) (c->mapend - c->mapstart + c->mapoff) -@@ -103,7 +100,7 @@ _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, - - /* This is a subroutine of _dl_map_object_from_fd. It is responsible - for filling in several fields in *L: l_map_start, l_map_end, l_addr, -- l_contiguous, l_text_end, l_phdr. On successful return, all the -+ l_contiguous, l_phdr. On successful return, all the - segments are mapped (or copied, or whatever) from the file into their - final places in the address space, with the correct page permissions, - and any bss-like regions already zeroed. It returns a null pointer -diff --git a/elf/rtld.c b/elf/rtld.c -index a91e2a4471..5107d16fe3 100644 ---- a/elf/rtld.c -+++ b/elf/rtld.c -@@ -477,7 +477,6 @@ _dl_start_final (void *arg, struct dl_start_final_info *info) - GL(dl_rtld_map).l_real = &GL(dl_rtld_map); - GL(dl_rtld_map).l_map_start = (ElfW(Addr)) &__ehdr_start; - GL(dl_rtld_map).l_map_end = (ElfW(Addr)) _end; -- GL(dl_rtld_map).l_text_end = (ElfW(Addr)) _etext; - /* Copy the TLS related data if necessary. */ - #ifndef DONT_USE_BOOTSTRAP_MAP - # if NO_TLS_OFFSET != 0 -@@ -1119,7 +1118,6 @@ rtld_setup_main_map (struct link_map *main_map) - bool has_interp = false; - - main_map->l_map_end = 0; -- main_map->l_text_end = 0; - /* Perhaps the executable has no PT_LOAD header entries at all. */ - main_map->l_map_start = ~0; - /* And it was opened directly. */ -@@ -1211,8 +1209,6 @@ rtld_setup_main_map (struct link_map *main_map) - allocend = main_map->l_addr + ph->p_vaddr + ph->p_memsz; - if (main_map->l_map_end < allocend) - main_map->l_map_end = allocend; -- if ((ph->p_flags & PF_X) && allocend > main_map->l_text_end) -- main_map->l_text_end = allocend; - - /* The next expected address is the page following this load - segment. */ -@@ -1272,8 +1268,6 @@ rtld_setup_main_map (struct link_map *main_map) - = (char *) main_map->l_tls_initimage + main_map->l_addr; - if (! main_map->l_map_end) - main_map->l_map_end = ~0; -- if (! main_map->l_text_end) -- main_map->l_text_end = ~0; - if (! GL(dl_rtld_map).l_libname && GL(dl_rtld_map).l_name) - { - /* We were invoked directly, so the program might not have a -diff --git a/elf/setup-vdso.h b/elf/setup-vdso.h -index 0079842d1f..d92b12a7aa 100644 ---- a/elf/setup-vdso.h -+++ b/elf/setup-vdso.h -@@ -51,9 +51,6 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), - l->l_addr = ph->p_vaddr; - if (ph->p_vaddr + ph->p_memsz >= l->l_map_end) - l->l_map_end = ph->p_vaddr + ph->p_memsz; -- if ((ph->p_flags & PF_X) -- && ph->p_vaddr + ph->p_memsz >= l->l_text_end) -- l->l_text_end = ph->p_vaddr + ph->p_memsz; - } - else - /* There must be no TLS segment. */ -@@ -62,7 +59,6 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), - l->l_map_start = (ElfW(Addr)) GLRO(dl_sysinfo_dso); - l->l_addr = l->l_map_start - l->l_addr; - l->l_map_end += l->l_addr; -- l->l_text_end += l->l_addr; - l->l_ld = (void *) ((ElfW(Addr)) l->l_ld + l->l_addr); - elf_get_dynamic_info (l, false, false); - _dl_setup_hash (l); -diff --git a/include/link.h b/include/link.h -index 69bda3ed17..c6af095d87 100644 ---- a/include/link.h -+++ b/include/link.h -@@ -253,8 +253,6 @@ struct link_map - /* Start and finish of memory map for this object. l_map_start - need not be the same as l_addr. */ - ElfW(Addr) l_map_start, l_map_end; -- /* End of the executable part of the mapping. */ -- ElfW(Addr) l_text_end; - - /* Default array for 'l_scope'. */ - struct r_scope_elem *l_scope_mem[4]; --- -2.41.0 - diff --git a/packages/glibc/0017-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch b/packages/glibc/0017-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch deleted file mode 100644 index 763d9d0b0f8..00000000000 --- a/packages/glibc/0017-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch +++ /dev/null @@ -1,41 +0,0 @@ -From d3ba6c1333b10680ce5900a628108507d9d4b844 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Mon, 11 Sep 2023 09:17:52 +0200 -Subject: [PATCH] elf: Move l_init_called_next to old place of l_text_end in - link map - -This preserves all member offsets and the GLIBC_PRIVATE ABI -for backporting. ---- - include/link.h | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/include/link.h b/include/link.h -index c6af095d87..686813f281 100644 ---- a/include/link.h -+++ b/include/link.h -@@ -254,6 +254,10 @@ struct link_map - need not be the same as l_addr. */ - ElfW(Addr) l_map_start, l_map_end; - -+ /* Linked list of objects in reverse ELF constructor execution -+ order. Head of list is stored in _dl_init_called_list. */ -+ struct link_map *l_init_called_next; -+ - /* Default array for 'l_scope'. */ - struct r_scope_elem *l_scope_mem[4]; - /* Size of array allocated for 'l_scope'. */ -@@ -276,10 +280,6 @@ struct link_map - /* List of object in order of the init and fini calls. */ - struct link_map **l_initfini; - -- /* Linked list of objects in reverse ELF constructor execution -- order. Head of list is stored in _dl_init_called_list. */ -- struct link_map *l_init_called_next; -- - /* List of the dependencies introduced through symbol binding. */ - struct link_map_reldeps - { --- -2.41.0 - diff --git a/packages/glibc/0018-NEWS-Add-the-2.38.1-bug-list.patch b/packages/glibc/0018-NEWS-Add-the-2.38.1-bug-list.patch deleted file mode 100644 index f50edc9ddca..00000000000 --- a/packages/glibc/0018-NEWS-Add-the-2.38.1-bug-list.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 89da8bc588c2296252543b049bf6d9272321f90d Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Mon, 11 Sep 2023 10:06:15 +0200 -Subject: [PATCH] NEWS: Add the 2.38.1 bug list - ---- - NEWS | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/NEWS b/NEWS -index f1a14f45dd..64596d5d09 100644 ---- a/NEWS -+++ b/NEWS -@@ -9,7 +9,10 @@ Version 2.38.1 - - The following bugs are resolved with this release: - -+ [30723] posix_memalign repeatedly scans long bin lists - [30785] Always call destructors in reverse constructor order -+ [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with -+ -D_FILE_OFFSET_BITS=64 - - - Version 2.38 -@@ -139,9 +142,6 @@ The following bugs are resolved with this release: - [30555] string: strerror can incorrectly return NULL - [30579] malloc: trim_threshold in realloc lead to high memory usage - [30662] nscd: Group and password cache use errno in place of errval -- [30723] posix_memalign repeatedly scans long bin lists -- [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with -- -D_FILE_OFFSET_BITS=64 - - Version 2.37 - --- -2.41.0 - diff --git a/packages/glibc/0019-CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch b/packages/glibc/0019-CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch deleted file mode 100644 index 4de84490278..00000000000 --- a/packages/glibc/0019-CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch +++ /dev/null @@ -1,221 +0,0 @@ -From b25508dd774b617f99419bdc3cf2ace4560cd2d6 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Wed, 13 Sep 2023 14:10:56 +0200 -Subject: [PATCH] CVE-2023-4527: Stack read overflow with large TCP responses - in no-aaaa mode - -Without passing alt_dns_packet_buffer, __res_context_search can only -store 2048 bytes (what fits into dns_packet_buffer). However, -the function returns the total packet size, and the subsequent -DNS parsing code in _nss_dns_gethostbyname4_r reads beyond the end -of the stack-allocated buffer. - -Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa -stub resolver option") and bug 30842. - -(cherry picked from commit bd77dd7e73e3530203be1c52c8a29d08270cb25d) ---- - NEWS | 9 +++ - resolv/Makefile | 2 + - resolv/nss_dns/dns-host.c | 2 +- - resolv/tst-resolv-noaaaa-vc.c | 129 ++++++++++++++++++++++++++++++++++ - 4 files changed, 141 insertions(+), 1 deletion(-) - create mode 100644 resolv/tst-resolv-noaaaa-vc.c - -diff --git a/NEWS b/NEWS -index 64596d5d09..dfee278a9c 100644 ---- a/NEWS -+++ b/NEWS -@@ -7,12 +7,21 @@ using `glibc' in the "product" field. - - Version 2.38.1 - -+Security related changes: -+ -+ CVE-2023-4527: If the system is configured in no-aaaa mode via -+ /etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address -+ family, and a DNS response is received over TCP that is larger than -+ 2048 bytes, getaddrinfo may potentially disclose stack contents via -+ the returned address data, or crash. -+ - The following bugs are resolved with this release: - - [30723] posix_memalign repeatedly scans long bin lists - [30785] Always call destructors in reverse constructor order - [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with - -D_FILE_OFFSET_BITS=64 -+ [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) - - - Version 2.38 -diff --git a/resolv/Makefile b/resolv/Makefile -index 054b1fa36c..2f99eb3862 100644 ---- a/resolv/Makefile -+++ b/resolv/Makefile -@@ -102,6 +102,7 @@ tests += \ - tst-resolv-invalid-cname \ - tst-resolv-network \ - tst-resolv-noaaaa \ -+ tst-resolv-noaaaa-vc \ - tst-resolv-nondecimal \ - tst-resolv-res_init-multi \ - tst-resolv-search \ -@@ -293,6 +294,7 @@ $(objpfx)tst-resolv-res_init-thread: $(objpfx)libresolv.so \ - $(objpfx)tst-resolv-invalid-cname: $(objpfx)libresolv.so \ - $(shared-thread-library) - $(objpfx)tst-resolv-noaaaa: $(objpfx)libresolv.so $(shared-thread-library) -+$(objpfx)tst-resolv-noaaaa-vc: $(objpfx)libresolv.so $(shared-thread-library) - $(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library) - $(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library) - $(objpfx)tst-resolv-rotate: $(objpfx)libresolv.so $(shared-thread-library) -diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c -index 1d60c51f5e..5d0ab30de6 100644 ---- a/resolv/nss_dns/dns-host.c -+++ b/resolv/nss_dns/dns-host.c -@@ -427,7 +427,7 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat, - { - n = __res_context_search (ctx, name, C_IN, T_A, - dns_packet_buffer, sizeof (dns_packet_buffer), -- NULL, NULL, NULL, NULL, NULL); -+ &alt_dns_packet_buffer, NULL, NULL, NULL, NULL); - if (n >= 0) - status = gaih_getanswer_noaaaa (alt_dns_packet_buffer, n, - &abuf, pat, errnop, herrnop, ttlp); -diff --git a/resolv/tst-resolv-noaaaa-vc.c b/resolv/tst-resolv-noaaaa-vc.c -new file mode 100644 -index 0000000000..9f5aebd99f ---- /dev/null -+++ b/resolv/tst-resolv-noaaaa-vc.c -@@ -0,0 +1,129 @@ -+/* Test the RES_NOAAAA resolver option with a large response. -+ Copyright (C) 2022-2023 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+/* Used to keep track of the number of queries. */ -+static volatile unsigned int queries; -+ -+/* If true, add a large TXT record at the start of the answer section. */ -+static volatile bool stuff_txt; -+ -+static void -+response (const struct resolv_response_context *ctx, -+ struct resolv_response_builder *b, -+ const char *qname, uint16_t qclass, uint16_t qtype) -+{ -+ /* If not using TCP, just force its use. */ -+ if (!ctx->tcp) -+ { -+ struct resolv_response_flags flags = {.tc = true}; -+ resolv_response_init (b, flags); -+ resolv_response_add_question (b, qname, qclass, qtype); -+ return; -+ } -+ -+ /* The test needs to send four queries, the first three are used to -+ grow the NSS buffer via the ERANGE handshake. */ -+ ++queries; -+ TEST_VERIFY (queries <= 4); -+ -+ /* AAAA queries are supposed to be disabled. */ -+ TEST_COMPARE (qtype, T_A); -+ TEST_COMPARE (qclass, C_IN); -+ TEST_COMPARE_STRING (qname, "example.com"); -+ -+ struct resolv_response_flags flags = {}; -+ resolv_response_init (b, flags); -+ resolv_response_add_question (b, qname, qclass, qtype); -+ -+ resolv_response_section (b, ns_s_an); -+ -+ if (stuff_txt) -+ { -+ resolv_response_open_record (b, qname, qclass, T_TXT, 60); -+ int zero = 0; -+ for (int i = 0; i <= 15000; ++i) -+ resolv_response_add_data (b, &zero, sizeof (zero)); -+ resolv_response_close_record (b); -+ } -+ -+ for (int i = 0; i < 200; ++i) -+ { -+ resolv_response_open_record (b, qname, qclass, qtype, 60); -+ char ipv4[4] = {192, 0, 2, i + 1}; -+ resolv_response_add_data (b, &ipv4, sizeof (ipv4)); -+ resolv_response_close_record (b); -+ } -+} -+ -+static int -+do_test (void) -+{ -+ struct resolv_test *obj = resolv_test_start -+ ((struct resolv_redirect_config) -+ { -+ .response_callback = response -+ }); -+ -+ _res.options |= RES_NOAAAA; -+ -+ for (int do_stuff_txt = 0; do_stuff_txt < 2; ++do_stuff_txt) -+ { -+ queries = 0; -+ stuff_txt = do_stuff_txt; -+ -+ struct addrinfo *ai = NULL; -+ int ret; -+ ret = getaddrinfo ("example.com", "80", -+ &(struct addrinfo) -+ { -+ .ai_family = AF_UNSPEC, -+ .ai_socktype = SOCK_STREAM, -+ }, &ai); -+ -+ char *expected_result; -+ { -+ struct xmemstream mem; -+ xopen_memstream (&mem); -+ for (int i = 0; i < 200; ++i) -+ fprintf (mem.out, "address: STREAM/TCP 192.0.2.%d 80\n", i + 1); -+ xfclose_memstream (&mem); -+ expected_result = mem.buffer; -+ } -+ -+ check_addrinfo ("example.com", ai, ret, expected_result); -+ -+ free (expected_result); -+ freeaddrinfo (ai); -+ } -+ -+ resolv_test_end (obj); -+ return 0; -+} -+ -+#include --- -2.41.0 - diff --git a/packages/glibc/0020-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch b/packages/glibc/0020-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch deleted file mode 100644 index d55bc8fe318..00000000000 --- a/packages/glibc/0020-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch +++ /dev/null @@ -1,338 +0,0 @@ -From 00ae4f10b504bc4564e9f22f00907093f1ab9338 Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Fri, 15 Sep 2023 13:51:12 -0400 -Subject: [PATCH] getaddrinfo: Fix use after free in getcanonname - (CVE-2023-4806) - -When an NSS plugin only implements the _gethostbyname2_r and -_getcanonname_r callbacks, getaddrinfo could use memory that was freed -during tmpbuf resizing, through h_name in a previous query response. - -The backing store for res->at->name when doing a query with -gethostbyname3_r or gethostbyname2_r is tmpbuf, which is reallocated in -gethosts during the query. For AF_INET6 lookup with AI_ALL | -AI_V4MAPPED, gethosts gets called twice, once for a v6 lookup and second -for a v4 lookup. In this case, if the first call reallocates tmpbuf -enough number of times, resulting in a malloc, th->h_name (that -res->at->name refers to) ends up on a heap allocated storage in tmpbuf. -Now if the second call to gethosts also causes the plugin callback to -return NSS_STATUS_TRYAGAIN, tmpbuf will get freed, resulting in a UAF -reference in res->at->name. This then gets dereferenced in the -getcanonname_r plugin call, resulting in the use after free. - -Fix this by copying h_name over and freeing it at the end. This -resolves BZ #30843, which is assigned CVE-2023-4806. - -Signed-off-by: Siddhesh Poyarekar -(cherry picked from commit 973fe93a5675c42798b2161c6f29c01b0e243994) ---- - nss/Makefile | 15 ++++- - nss/nss_test_gai_hv2_canonname.c | 56 +++++++++++++++++ - nss/tst-nss-gai-hv2-canonname.c | 63 +++++++++++++++++++ - nss/tst-nss-gai-hv2-canonname.h | 1 + - .../postclean.req | 0 - .../tst-nss-gai-hv2-canonname.script | 2 + - sysdeps/posix/getaddrinfo.c | 25 +++++--- - 7 files changed, 152 insertions(+), 10 deletions(-) - create mode 100644 nss/nss_test_gai_hv2_canonname.c - create mode 100644 nss/tst-nss-gai-hv2-canonname.c - create mode 100644 nss/tst-nss-gai-hv2-canonname.h - create mode 100644 nss/tst-nss-gai-hv2-canonname.root/postclean.req - create mode 100644 nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script - -diff --git a/nss/Makefile b/nss/Makefile -index 06fcdc450f..8a5126ecf3 100644 ---- a/nss/Makefile -+++ b/nss/Makefile -@@ -82,6 +82,7 @@ tests-container := \ - tst-nss-test3 \ - tst-reload1 \ - tst-reload2 \ -+ tst-nss-gai-hv2-canonname \ - # tests-container - - # Tests which need libdl -@@ -145,7 +146,8 @@ libnss_compat-inhibit-o = $(filter-out .os,$(object-suffixes)) - ifeq ($(build-static-nss),yes) - tests-static += tst-nss-static - endif --extra-test-objs += nss_test1.os nss_test2.os nss_test_errno.os -+extra-test-objs += nss_test1.os nss_test2.os nss_test_errno.os \ -+ nss_test_gai_hv2_canonname.os - - include ../Rules - -@@ -180,12 +182,16 @@ rtld-tests-LDFLAGS += -Wl,--dynamic-list=nss_test.ver - libof-nss_test1 = extramodules - libof-nss_test2 = extramodules - libof-nss_test_errno = extramodules -+libof-nss_test_gai_hv2_canonname = extramodules - $(objpfx)/libnss_test1.so: $(objpfx)nss_test1.os $(link-libc-deps) - $(build-module) - $(objpfx)/libnss_test2.so: $(objpfx)nss_test2.os $(link-libc-deps) - $(build-module) - $(objpfx)/libnss_test_errno.so: $(objpfx)nss_test_errno.os $(link-libc-deps) - $(build-module) -+$(objpfx)/libnss_test_gai_hv2_canonname.so: \ -+ $(objpfx)nss_test_gai_hv2_canonname.os $(link-libc-deps) -+ $(build-module) - $(objpfx)nss_test2.os : nss_test1.c - # Use the nss_files suffix for these objects as well. - $(objpfx)/libnss_test1.so$(libnss_files.so-version): $(objpfx)/libnss_test1.so -@@ -195,10 +201,14 @@ $(objpfx)/libnss_test2.so$(libnss_files.so-version): $(objpfx)/libnss_test2.so - $(objpfx)/libnss_test_errno.so$(libnss_files.so-version): \ - $(objpfx)/libnss_test_errno.so - $(make-link) -+$(objpfx)/libnss_test_gai_hv2_canonname.so$(libnss_files.so-version): \ -+ $(objpfx)/libnss_test_gai_hv2_canonname.so -+ $(make-link) - $(patsubst %,$(objpfx)%.out,$(tests) $(tests-container)) : \ - $(objpfx)/libnss_test1.so$(libnss_files.so-version) \ - $(objpfx)/libnss_test2.so$(libnss_files.so-version) \ -- $(objpfx)/libnss_test_errno.so$(libnss_files.so-version) -+ $(objpfx)/libnss_test_errno.so$(libnss_files.so-version) \ -+ $(objpfx)/libnss_test_gai_hv2_canonname.so$(libnss_files.so-version) - - ifeq (yes,$(have-thread-library)) - $(objpfx)tst-cancel-getpwuid_r: $(shared-thread-library) -@@ -215,3 +225,4 @@ LDFLAGS-tst-nss-test3 = -Wl,--disable-new-dtags - LDFLAGS-tst-nss-test4 = -Wl,--disable-new-dtags - LDFLAGS-tst-nss-test5 = -Wl,--disable-new-dtags - LDFLAGS-tst-nss-test_errno = -Wl,--disable-new-dtags -+LDFLAGS-tst-nss-test_gai_hv2_canonname = -Wl,--disable-new-dtags -diff --git a/nss/nss_test_gai_hv2_canonname.c b/nss/nss_test_gai_hv2_canonname.c -new file mode 100644 -index 0000000000..4439c83c9f ---- /dev/null -+++ b/nss/nss_test_gai_hv2_canonname.c -@@ -0,0 +1,56 @@ -+/* NSS service provider that only provides gethostbyname2_r. -+ Copyright The GNU Toolchain Authors. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+#include -+#include "nss/tst-nss-gai-hv2-canonname.h" -+ -+/* Catch misnamed and functions. */ -+#pragma GCC diagnostic error "-Wmissing-prototypes" -+NSS_DECLARE_MODULE_FUNCTIONS (test_gai_hv2_canonname) -+ -+extern enum nss_status _nss_files_gethostbyname2_r (const char *, int, -+ struct hostent *, char *, -+ size_t, int *, int *); -+ -+enum nss_status -+_nss_test_gai_hv2_canonname_gethostbyname2_r (const char *name, int af, -+ struct hostent *result, -+ char *buffer, size_t buflen, -+ int *errnop, int *herrnop) -+{ -+ return _nss_files_gethostbyname2_r (name, af, result, buffer, buflen, errnop, -+ herrnop); -+} -+ -+enum nss_status -+_nss_test_gai_hv2_canonname_getcanonname_r (const char *name, char *buffer, -+ size_t buflen, char **result, -+ int *errnop, int *h_errnop) -+{ -+ /* We expect QUERYNAME, which is a small enough string that it shouldn't fail -+ the test. */ -+ if (memcmp (QUERYNAME, name, sizeof (QUERYNAME)) -+ || buflen < sizeof (QUERYNAME)) -+ abort (); -+ -+ strncpy (buffer, name, buflen); -+ *result = buffer; -+ return NSS_STATUS_SUCCESS; -+} -diff --git a/nss/tst-nss-gai-hv2-canonname.c b/nss/tst-nss-gai-hv2-canonname.c -new file mode 100644 -index 0000000000..d5f10c07d6 ---- /dev/null -+++ b/nss/tst-nss-gai-hv2-canonname.c -@@ -0,0 +1,63 @@ -+/* Test NSS query path for plugins that only implement gethostbyname2 -+ (#30843). -+ Copyright The GNU Toolchain Authors. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include "nss/tst-nss-gai-hv2-canonname.h" -+ -+#define PREPARE do_prepare -+ -+static void do_prepare (int a, char **av) -+{ -+ FILE *hosts = xfopen ("/etc/hosts", "w"); -+ for (unsigned i = 2; i < 255; i++) -+ { -+ fprintf (hosts, "ff01::ff02:ff03:%u:2\ttest.example.com\n", i); -+ fprintf (hosts, "192.168.0.%u\ttest.example.com\n", i); -+ } -+ xfclose (hosts); -+} -+ -+static int -+do_test (void) -+{ -+ __nss_configure_lookup ("hosts", "test_gai_hv2_canonname"); -+ -+ struct addrinfo hints = {}; -+ struct addrinfo *result = NULL; -+ -+ hints.ai_family = AF_INET6; -+ hints.ai_flags = AI_ALL | AI_V4MAPPED | AI_CANONNAME; -+ -+ int ret = getaddrinfo (QUERYNAME, NULL, &hints, &result); -+ -+ if (ret != 0) -+ FAIL_EXIT1 ("getaddrinfo failed: %s\n", gai_strerror (ret)); -+ -+ TEST_COMPARE_STRING (result->ai_canonname, QUERYNAME); -+ -+ freeaddrinfo(result); -+ return 0; -+} -+ -+#include -diff --git a/nss/tst-nss-gai-hv2-canonname.h b/nss/tst-nss-gai-hv2-canonname.h -new file mode 100644 -index 0000000000..14f2a9cb08 ---- /dev/null -+++ b/nss/tst-nss-gai-hv2-canonname.h -@@ -0,0 +1 @@ -+#define QUERYNAME "test.example.com" -diff --git a/nss/tst-nss-gai-hv2-canonname.root/postclean.req b/nss/tst-nss-gai-hv2-canonname.root/postclean.req -new file mode 100644 -index 0000000000..e69de29bb2 -diff --git a/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script b/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script -new file mode 100644 -index 0000000000..31848b4a28 ---- /dev/null -+++ b/nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script -@@ -0,0 +1,2 @@ -+cp $B/nss/libnss_test_gai_hv2_canonname.so $L/libnss_test_gai_hv2_canonname.so.2 -+su -diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c -index 0356b622be..b2236b105c 100644 ---- a/sysdeps/posix/getaddrinfo.c -+++ b/sysdeps/posix/getaddrinfo.c -@@ -120,6 +120,7 @@ struct gaih_result - { - struct gaih_addrtuple *at; - char *canon; -+ char *h_name; - bool free_at; - bool got_ipv6; - }; -@@ -165,6 +166,7 @@ gaih_result_reset (struct gaih_result *res) - if (res->free_at) - free (res->at); - free (res->canon); -+ free (res->h_name); - memset (res, 0, sizeof (*res)); - } - -@@ -203,9 +205,8 @@ gaih_inet_serv (const char *servicename, const struct gaih_typeproto *tp, - return 0; - } - --/* Convert struct hostent to a list of struct gaih_addrtuple objects. h_name -- is not copied, and the struct hostent object must not be deallocated -- prematurely. The new addresses are appended to the tuple array in RES. */ -+/* Convert struct hostent to a list of struct gaih_addrtuple objects. The new -+ addresses are appended to the tuple array in RES. */ - static bool - convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, int family, - struct hostent *h, struct gaih_result *res) -@@ -238,6 +239,15 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, int family, - res->at = array; - res->free_at = true; - -+ /* Duplicate h_name because it may get reclaimed when the underlying storage -+ is freed. */ -+ if (res->h_name == NULL) -+ { -+ res->h_name = __strdup (h->h_name); -+ if (res->h_name == NULL) -+ return false; -+ } -+ - /* Update the next pointers on reallocation. */ - for (size_t i = 0; i < old; i++) - array[i].next = array + i + 1; -@@ -262,7 +272,6 @@ convert_hostent_to_gaih_addrtuple (const struct addrinfo *req, int family, - } - array[i].next = array + i + 1; - } -- array[0].name = h->h_name; - array[count - 1].next = NULL; - - return true; -@@ -324,15 +333,15 @@ gethosts (nss_gethostbyname3_r fct, int family, const char *name, - memory allocation failure. The returned string is allocated on the - heap; the caller has to free it. */ - static char * --getcanonname (nss_action_list nip, struct gaih_addrtuple *at, const char *name) -+getcanonname (nss_action_list nip, const char *hname, const char *name) - { - nss_getcanonname_r *cfct = __nss_lookup_function (nip, "getcanonname_r"); - char *s = (char *) name; - if (cfct != NULL) - { - char buf[256]; -- if (DL_CALL_FCT (cfct, (at->name ?: name, buf, sizeof (buf), -- &s, &errno, &h_errno)) != NSS_STATUS_SUCCESS) -+ if (DL_CALL_FCT (cfct, (hname ?: name, buf, sizeof (buf), &s, &errno, -+ &h_errno)) != NSS_STATUS_SUCCESS) - /* If the canonical name cannot be determined, use the passed - string. */ - s = (char *) name; -@@ -771,7 +780,7 @@ get_nss_addresses (const char *name, const struct addrinfo *req, - if ((req->ai_flags & AI_CANONNAME) != 0 - && res->canon == NULL) - { -- char *canonbuf = getcanonname (nip, res->at, name); -+ char *canonbuf = getcanonname (nip, res->h_name, name); - if (canonbuf == NULL) - { - __resolv_context_put (res_ctx); --- -2.42.0 - diff --git a/packages/glibc/0021-iconv-restore-verbosity-with-unrecognized-encoding-n.patch b/packages/glibc/0021-iconv-restore-verbosity-with-unrecognized-encoding-n.patch deleted file mode 100644 index 9c3f138b66b..00000000000 --- a/packages/glibc/0021-iconv-restore-verbosity-with-unrecognized-encoding-n.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 63250e9c571314b6daa2c949ea0af335ee766751 Mon Sep 17 00:00:00 2001 -From: Andreas Schwab -Date: Tue, 1 Aug 2023 17:01:37 +0200 -Subject: [PATCH] iconv: restore verbosity with unrecognized encoding names - (bug 30694) - -Commit 91927b7c76 ("Rewrite iconv option parsing [BZ #19519]") changed the -iconv program to call __gconv_open directly instead of the iconv_open -wrapper, but the former does not set errno. Update the caller to -interpret the return codes like iconv_open does. - -(cherry picked from commit fc72b6d7d818ab2868920af956d1542d03342a4d) ---- - iconv/iconv_prog.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/iconv/iconv_prog.c b/iconv/iconv_prog.c -index bee898c63c..cf32cf9b44 100644 ---- a/iconv/iconv_prog.c -+++ b/iconv/iconv_prog.c -@@ -187,7 +187,7 @@ main (int argc, char *argv[]) - - if (res != __GCONV_OK) - { -- if (errno == EINVAL) -+ if (res == __GCONV_NOCONV || res == __GCONV_NODB) - { - /* Try to be nice with the user and tell her which of the - two encoding names is wrong. This is possible because --- -2.42.0 - diff --git a/packages/glibc/0022-string-Fix-tester-build-with-fortify-enable-with-gcc.patch b/packages/glibc/0022-string-Fix-tester-build-with-fortify-enable-with-gcc.patch deleted file mode 100644 index c1c1cf10f79..00000000000 --- a/packages/glibc/0022-string-Fix-tester-build-with-fortify-enable-with-gcc.patch +++ /dev/null @@ -1,49 +0,0 @@ -From d94461bb86ba176b9390c0015bb612a528e22d95 Mon Sep 17 00:00:00 2001 -From: Mahesh Bodapati -Date: Fri, 11 Aug 2023 10:38:25 -0500 -Subject: [PATCH] string: Fix tester build with fortify enable with gcc < 12 - -When building with fortify enabled, GCC < 12 issues a warning on the -fortify strncat wrapper might overflow the destination buffer (the -failure is tied to -Werror). - -Checked on ppc64 and x86_64. -Reviewed-by: Adhemerval Zanella - -(cherry picked from commit f1c7ed0859a45929136836341741c7cd70f428cb) ---- - string/tester.c | 11 ++++++++--- - 1 file changed, 8 insertions(+), 3 deletions(-) - -diff --git a/string/tester.c b/string/tester.c -index f7d4bac5a8..824cf315ff 100644 ---- a/string/tester.c -+++ b/string/tester.c -@@ -34,6 +34,14 @@ - DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-truncation"); - #endif - -+/* When building with fortify enabled, GCC < 12 issues a warning on the -+ fortify strncat wrapper might overflow the destination buffer (the -+ failure is tied to -Werror). -+ Triggered by strncat fortify wrapper when it is enabled. */ -+#if __GNUC_PREREQ (11, 0) -+DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread"); -+#endif -+ - #include - #include - #include -@@ -52,9 +60,6 @@ DIAG_IGNORE_NEEDS_COMMENT (5.0, "-Wmemset-transposed-args"); - DIAG_IGNORE_NEEDS_COMMENT (9, "-Wrestrict"); - DIAG_IGNORE_NEEDS_COMMENT (7, "-Wstringop-overflow="); - #endif --#if __GNUC_PREREQ (11, 0) --DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread"); --#endif - - - #define STREQ(a, b) (strcmp((a), (b)) == 0) --- -2.42.0 - diff --git a/packages/glibc/0023-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch b/packages/glibc/0023-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch deleted file mode 100644 index 30d18016404..00000000000 --- a/packages/glibc/0023-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 0e1ef6779a90bc0f8a05bc367796df2793deecaa Mon Sep 17 00:00:00 2001 -From: Mark Wielaard -Date: Thu, 24 Aug 2023 21:36:34 +0200 -Subject: [PATCH] manual/jobs.texi: Add missing @item EPERM for getpgid - -The missing @item makes it look like errno will be set to ESRCH -if a cross-session getpgid is not permitted. - -Found by ulfvonbelow on irc. - -(cherry picked from commit 5a21cefd5abab1b99eda1fbf84204a9bf41662ab) ---- - manual/job.texi | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/manual/job.texi b/manual/job.texi -index 42cb9fb26d..8157f13a1c 100644 ---- a/manual/job.texi -+++ b/manual/job.texi -@@ -1133,6 +1133,7 @@ following @code{errno} error conditions are defined for this function: - @table @code - @item ESRCH - There is no process with the given process ID @var{pid}. -+@item EPERM - The calling process and the process specified by @var{pid} are in - different sessions, and the implementation doesn't allow to access the - process group ID of the process with ID @var{pid} from the calling --- -2.42.0 - diff --git a/packages/glibc/0024-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch b/packages/glibc/0024-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch deleted file mode 100644 index f45251f173f..00000000000 --- a/packages/glibc/0024-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch +++ /dev/null @@ -1,98 +0,0 @@ -From 5ee59ca371b99984232d7584fe2b1a758b4421d3 Mon Sep 17 00:00:00 2001 -From: Romain Geissler -Date: Mon, 25 Sep 2023 01:21:51 +0100 -Subject: [PATCH] Fix leak in getaddrinfo introduced by the fix for - CVE-2023-4806 [BZ #30843] - -This patch fixes a very recently added leak in getaddrinfo. - -This was assigned CVE-2023-5156. - -Resolves: BZ #30884 -Related: BZ #30842 - -Reviewed-by: Siddhesh Poyarekar -(cherry picked from commit ec6b95c3303c700eb89eebeda2d7264cc184a796) ---- - nss/Makefile | 20 ++++++++++++++++++++ - nss/tst-nss-gai-hv2-canonname.c | 3 +++ - sysdeps/posix/getaddrinfo.c | 4 +--- - 3 files changed, 24 insertions(+), 3 deletions(-) - -diff --git a/nss/Makefile b/nss/Makefile -index 8a5126ecf3..668ba34b18 100644 ---- a/nss/Makefile -+++ b/nss/Makefile -@@ -149,6 +149,15 @@ endif - extra-test-objs += nss_test1.os nss_test2.os nss_test_errno.os \ - nss_test_gai_hv2_canonname.os - -+ifeq ($(run-built-tests),yes) -+ifneq (no,$(PERL)) -+tests-special += $(objpfx)mtrace-tst-nss-gai-hv2-canonname.out -+endif -+endif -+ -+generated += mtrace-tst-nss-gai-hv2-canonname.out \ -+ tst-nss-gai-hv2-canonname.mtrace -+ - include ../Rules - - ifeq (yes,$(have-selinux)) -@@ -217,6 +226,17 @@ endif - $(objpfx)tst-nss-files-alias-leak.out: $(objpfx)/libnss_files.so - $(objpfx)tst-nss-files-alias-truncated.out: $(objpfx)/libnss_files.so - -+tst-nss-gai-hv2-canonname-ENV = \ -+ MALLOC_TRACE=$(objpfx)tst-nss-gai-hv2-canonname.mtrace \ -+ LD_PRELOAD=$(common-objpfx)/malloc/libc_malloc_debug.so -+$(objpfx)mtrace-tst-nss-gai-hv2-canonname.out: \ -+ $(objpfx)tst-nss-gai-hv2-canonname.out -+ { test -r $(objpfx)tst-nss-gai-hv2-canonname.mtrace \ -+ || ( echo "tst-nss-gai-hv2-canonname.mtrace does not exist"; exit 77; ) \ -+ && $(common-objpfx)malloc/mtrace \ -+ $(objpfx)tst-nss-gai-hv2-canonname.mtrace; } > $@; \ -+ $(evaluate-test) -+ - # Disable DT_RUNPATH on NSS tests so that the glibc internal NSS - # functions can load testing NSS modules via DT_RPATH. - LDFLAGS-tst-nss-test1 = -Wl,--disable-new-dtags -diff --git a/nss/tst-nss-gai-hv2-canonname.c b/nss/tst-nss-gai-hv2-canonname.c -index d5f10c07d6..7db53cf09d 100644 ---- a/nss/tst-nss-gai-hv2-canonname.c -+++ b/nss/tst-nss-gai-hv2-canonname.c -@@ -21,6 +21,7 @@ - #include - #include - #include -+#include - #include - #include - #include "nss/tst-nss-gai-hv2-canonname.h" -@@ -41,6 +42,8 @@ static void do_prepare (int a, char **av) - static int - do_test (void) - { -+ mtrace (); -+ - __nss_configure_lookup ("hosts", "test_gai_hv2_canonname"); - - struct addrinfo hints = {}; -diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c -index b2236b105c..13082305d3 100644 ---- a/sysdeps/posix/getaddrinfo.c -+++ b/sysdeps/posix/getaddrinfo.c -@@ -1196,9 +1196,7 @@ free_and_return: - if (malloc_name) - free ((char *) name); - free (addrmem); -- if (res.free_at) -- free (res.at); -- free (res.canon); -+ gaih_result_reset (&res); - - return result; - } --- -2.42.0 - diff --git a/packages/glibc/0025-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch b/packages/glibc/0025-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch deleted file mode 100644 index a3bf2a7a5c0..00000000000 --- a/packages/glibc/0025-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch +++ /dev/null @@ -1,36 +0,0 @@ -From f6445dc94da185b3d1ee283f0ca0a34c4e1986cc Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Tue, 26 Sep 2023 07:38:07 -0400 -Subject: [PATCH] Document CVE-2023-4806 and CVE-2023-5156 in NEWS - -These are tracked in BZ #30884 and BZ #30843. - -Signed-off-by: Siddhesh Poyarekar -(cherry picked from commit fd134feba35fa839018965733b34d28a09a075dd) ---- - NEWS | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/NEWS b/NEWS -index dfee278a9c..f1b1b0a3b4 100644 ---- a/NEWS -+++ b/NEWS -@@ -15,6 +15,15 @@ Security related changes: - 2048 bytes, getaddrinfo may potentially disclose stack contents via - the returned address data, or crash. - -+ CVE-2023-4806: When an NSS plugin only implements the -+ _gethostbyname2_r and _getcanonname_r callbacks, getaddrinfo could use -+ memory that was freed during buffer resizing, potentially causing a -+ crash or read or write to arbitrary memory. -+ -+ CVE-2023-5156: The fix for CVE-2023-4806 introduced a memory leak when -+ an application calls getaddrinfo for AF_INET6 with AI_CANONNAME, -+ AI_ALL and AI_V4MAPPED flags set. -+ - The following bugs are resolved with this release: - - [30723] posix_memalign repeatedly scans long bin lists --- -2.42.0 - diff --git a/packages/glibc/0026-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch b/packages/glibc/0026-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch deleted file mode 100644 index 461bd7a1e9d..00000000000 --- a/packages/glibc/0026-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 73e3fcd1a552783e66ff1f65c5f322e2f17a81d1 Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Tue, 19 Sep 2023 13:25:40 -0400 -Subject: [PATCH] Propagate GLIBC_TUNABLES in setxid binaries - -GLIBC_TUNABLES scrubbing happens earlier than envvar scrubbing and some -tunables are required to propagate past setxid boundary, like their -env_alias. Rely on tunable scrubbing to clean out GLIBC_TUNABLES like -before, restoring behaviour in glibc 2.37 and earlier. - -Signed-off-by: Siddhesh Poyarekar -Reviewed-by: Carlos O'Donell -(cherry picked from commit 0d5f9ea97f1b39f2a855756078771673a68497e1) ---- - sysdeps/generic/unsecvars.h | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/sysdeps/generic/unsecvars.h b/sysdeps/generic/unsecvars.h -index 81397fb90b..8278c50a84 100644 ---- a/sysdeps/generic/unsecvars.h -+++ b/sysdeps/generic/unsecvars.h -@@ -4,7 +4,6 @@ - #define UNSECURE_ENVVARS \ - "GCONV_PATH\0" \ - "GETCONF_DIR\0" \ -- "GLIBC_TUNABLES\0" \ - "HOSTALIASES\0" \ - "LD_AUDIT\0" \ - "LD_DEBUG\0" \ --- -2.42.0 - diff --git a/packages/glibc/0027-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch b/packages/glibc/0027-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch deleted file mode 100644 index e2e5b094f7a..00000000000 --- a/packages/glibc/0027-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch +++ /dev/null @@ -1,173 +0,0 @@ -From 750a45a783906a19591fb8ff6b7841470f1f5701 Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Tue, 19 Sep 2023 18:39:32 -0400 -Subject: [PATCH] tunables: Terminate if end of input is reached - (CVE-2023-4911) - -The string parsing routine may end up writing beyond bounds of tunestr -if the input tunable string is malformed, of the form name=name=val. -This gets processed twice, first as name=name=val and next as name=val, -resulting in tunestr being name=name=val:name=val, thus overflowing -tunestr. - -Terminate the parsing loop at the first instance itself so that tunestr -does not overflow. - -This also fixes up tst-env-setuid-tunables to actually handle failures -correct and add new tests to validate the fix for this CVE. - -Signed-off-by: Siddhesh Poyarekar -Reviewed-by: Carlos O'Donell -(cherry picked from commit 1056e5b4c3f2d90ed2b4a55f96add28da2f4c8fa) ---- - NEWS | 5 +++++ - elf/dl-tunables.c | 17 +++++++++------- - elf/tst-env-setuid-tunables.c | 37 +++++++++++++++++++++++++++-------- - 3 files changed, 44 insertions(+), 15 deletions(-) - -diff --git a/NEWS b/NEWS -index f1b1b0a3b4..bfcd46efa9 100644 ---- a/NEWS -+++ b/NEWS -@@ -24,6 +24,11 @@ Security related changes: - an application calls getaddrinfo for AF_INET6 with AI_CANONNAME, - AI_ALL and AI_V4MAPPED flags set. - -+ CVE-2023-4911: If a tunable of the form NAME=NAME=VAL is passed in the -+ environment of a setuid program and NAME is valid, it may result in a -+ buffer overflow, which could be exploited to achieve escalated -+ privileges. This flaw was introduced in glibc 2.34. -+ - The following bugs are resolved with this release: - - [30723] posix_memalign repeatedly scans long bin lists -diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c -index 62b7332d95..cae67efa0a 100644 ---- a/elf/dl-tunables.c -+++ b/elf/dl-tunables.c -@@ -180,11 +180,7 @@ parse_tunables (char *tunestr, char *valstring) - /* If we reach the end of the string before getting a valid name-value - pair, bail out. */ - if (p[len] == '\0') -- { -- if (__libc_enable_secure) -- tunestr[off] = '\0'; -- return; -- } -+ break; - - /* We did not find a valid name-value pair before encountering the - colon. */ -@@ -244,9 +240,16 @@ parse_tunables (char *tunestr, char *valstring) - } - } - -- if (p[len] != '\0') -- p += len + 1; -+ /* We reached the end while processing the tunable string. */ -+ if (p[len] == '\0') -+ break; -+ -+ p += len + 1; - } -+ -+ /* Terminate tunestr before we leave. */ -+ if (__libc_enable_secure) -+ tunestr[off] = '\0'; - } - - /* Enable the glibc.malloc.check tunable in SETUID/SETGID programs only when -diff --git a/elf/tst-env-setuid-tunables.c b/elf/tst-env-setuid-tunables.c -index 7dfb0e073a..f0b92c97e7 100644 ---- a/elf/tst-env-setuid-tunables.c -+++ b/elf/tst-env-setuid-tunables.c -@@ -50,6 +50,8 @@ const char *teststrings[] = - "glibc.malloc.perturb=0x800:not_valid.malloc.check=2:glibc.malloc.mmap_threshold=4096", - "glibc.not_valid.check=2:glibc.malloc.mmap_threshold=4096", - "not_valid.malloc.check=2:glibc.malloc.mmap_threshold=4096", -+ "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096", -+ "glibc.malloc.check=2", - "glibc.malloc.garbage=2:glibc.maoc.mmap_threshold=4096:glibc.malloc.check=2", - "glibc.malloc.check=4:glibc.malloc.garbage=2:glibc.maoc.mmap_threshold=4096", - ":glibc.malloc.garbage=2:glibc.malloc.check=1", -@@ -68,6 +70,8 @@ const char *resultstrings[] = - "glibc.malloc.perturb=0x800:glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=4096", - "glibc.malloc.mmap_threshold=4096", -+ "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096", -+ "", - "", - "", - "", -@@ -81,11 +85,18 @@ test_child (int off) - { - const char *val = getenv ("GLIBC_TUNABLES"); - -+ printf (" [%d] GLIBC_TUNABLES is %s\n", off, val); -+ fflush (stdout); - if (val != NULL && strcmp (val, resultstrings[off]) == 0) - return 0; - - if (val != NULL) -- printf ("[%d] Unexpected GLIBC_TUNABLES VALUE %s\n", off, val); -+ printf (" [%d] Unexpected GLIBC_TUNABLES VALUE %s, expected %s\n", -+ off, val, resultstrings[off]); -+ else -+ printf (" [%d] GLIBC_TUNABLES environment variable absent\n", off); -+ -+ fflush (stdout); - - return 1; - } -@@ -106,21 +117,26 @@ do_test (int argc, char **argv) - if (ret != 0) - exit (1); - -- exit (EXIT_SUCCESS); -+ /* Special return code to make sure that the child executed all the way -+ through. */ -+ exit (42); - } - else - { -- int ret = 0; -- - /* Spawn tests. */ - for (int i = 0; i < array_length (teststrings); i++) - { - char buf[INT_BUFSIZE_BOUND (int)]; - -- printf ("Spawned test for %s (%d)\n", teststrings[i], i); -+ printf ("[%d] Spawned test for %s\n", i, teststrings[i]); - snprintf (buf, sizeof (buf), "%d\n", i); -+ fflush (stdout); - if (setenv ("GLIBC_TUNABLES", teststrings[i], 1) != 0) -- exit (1); -+ { -+ printf (" [%d] Failed to set GLIBC_TUNABLES: %m", i); -+ support_record_failure (); -+ continue; -+ } - - int status = support_capture_subprogram_self_sgid (buf); - -@@ -128,9 +144,14 @@ do_test (int argc, char **argv) - if (WEXITSTATUS (status) == EXIT_UNSUPPORTED) - return EXIT_UNSUPPORTED; - -- ret |= status; -+ if (WEXITSTATUS (status) != 42) -+ { -+ printf (" [%d] child failed with status %d\n", i, -+ WEXITSTATUS (status)); -+ support_record_failure (); -+ } - } -- return ret; -+ return 0; - } - } - --- -2.42.0 - diff --git a/packages/glibc/0028-Revert-elf-Remove-unused-l_text_end-field-from-struc.patch b/packages/glibc/0028-Revert-elf-Remove-unused-l_text_end-field-from-struc.patch deleted file mode 100644 index 6b9e8766210..00000000000 --- a/packages/glibc/0028-Revert-elf-Remove-unused-l_text_end-field-from-struc.patch +++ /dev/null @@ -1,135 +0,0 @@ -From e0b6c9706c91a642c781918eea52588ee8dc9f09 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Wed, 18 Oct 2023 14:22:59 +0200 -Subject: [PATCH] Revert "elf: Remove unused l_text_end field from struct - link_map" - -This reverts commit 750f19526ae71aac801c77a3f7ef5374890c09b7. - -Reason for revert: Restore ABI after revert of commit a3189f66a5f. ---- - elf/dl-load.c | 2 +- - elf/dl-load.h | 7 +++++-- - elf/rtld.c | 6 ++++++ - elf/setup-vdso.h | 4 ++++ - include/link.h | 2 ++ - 5 files changed, 18 insertions(+), 3 deletions(-) - -diff --git a/elf/dl-load.c b/elf/dl-load.c -index 2923b1141d..9a87fda9c9 100644 ---- a/elf/dl-load.c -+++ b/elf/dl-load.c -@@ -1253,7 +1253,7 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd, - - /* Now process the load commands and map segments into memory. - This is responsible for filling in: -- l_map_start, l_map_end, l_addr, l_contiguous, l_phdr -+ l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr - */ - errstring = _dl_map_segments (l, fd, header, type, loadcmds, nloadcmds, - maplength, has_holes, loader); -diff --git a/elf/dl-load.h b/elf/dl-load.h -index 1d5207694b..ecf6910c68 100644 ---- a/elf/dl-load.h -+++ b/elf/dl-load.h -@@ -83,11 +83,14 @@ struct loadcmd - - /* This is a subroutine of _dl_map_segments. It should be called for each - load command, some time after L->l_addr has been set correctly. It is -- responsible for setting the l_phdr fields */ -+ responsible for setting up the l_text_end and l_phdr fields. */ - static __always_inline void - _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, - const struct loadcmd *c) - { -+ if (c->prot & PROT_EXEC) -+ l->l_text_end = l->l_addr + c->mapend; -+ - if (l->l_phdr == 0 - && c->mapoff <= header->e_phoff - && ((size_t) (c->mapend - c->mapstart + c->mapoff) -@@ -100,7 +103,7 @@ _dl_postprocess_loadcmd (struct link_map *l, const ElfW(Ehdr) *header, - - /* This is a subroutine of _dl_map_object_from_fd. It is responsible - for filling in several fields in *L: l_map_start, l_map_end, l_addr, -- l_contiguous, l_phdr. On successful return, all the -+ l_contiguous, l_text_end, l_phdr. On successful return, all the - segments are mapped (or copied, or whatever) from the file into their - final places in the address space, with the correct page permissions, - and any bss-like regions already zeroed. It returns a null pointer -diff --git a/elf/rtld.c b/elf/rtld.c -index 5107d16fe3..a91e2a4471 100644 ---- a/elf/rtld.c -+++ b/elf/rtld.c -@@ -477,6 +477,7 @@ _dl_start_final (void *arg, struct dl_start_final_info *info) - GL(dl_rtld_map).l_real = &GL(dl_rtld_map); - GL(dl_rtld_map).l_map_start = (ElfW(Addr)) &__ehdr_start; - GL(dl_rtld_map).l_map_end = (ElfW(Addr)) _end; -+ GL(dl_rtld_map).l_text_end = (ElfW(Addr)) _etext; - /* Copy the TLS related data if necessary. */ - #ifndef DONT_USE_BOOTSTRAP_MAP - # if NO_TLS_OFFSET != 0 -@@ -1118,6 +1119,7 @@ rtld_setup_main_map (struct link_map *main_map) - bool has_interp = false; - - main_map->l_map_end = 0; -+ main_map->l_text_end = 0; - /* Perhaps the executable has no PT_LOAD header entries at all. */ - main_map->l_map_start = ~0; - /* And it was opened directly. */ -@@ -1209,6 +1211,8 @@ rtld_setup_main_map (struct link_map *main_map) - allocend = main_map->l_addr + ph->p_vaddr + ph->p_memsz; - if (main_map->l_map_end < allocend) - main_map->l_map_end = allocend; -+ if ((ph->p_flags & PF_X) && allocend > main_map->l_text_end) -+ main_map->l_text_end = allocend; - - /* The next expected address is the page following this load - segment. */ -@@ -1268,6 +1272,8 @@ rtld_setup_main_map (struct link_map *main_map) - = (char *) main_map->l_tls_initimage + main_map->l_addr; - if (! main_map->l_map_end) - main_map->l_map_end = ~0; -+ if (! main_map->l_text_end) -+ main_map->l_text_end = ~0; - if (! GL(dl_rtld_map).l_libname && GL(dl_rtld_map).l_name) - { - /* We were invoked directly, so the program might not have a -diff --git a/elf/setup-vdso.h b/elf/setup-vdso.h -index d92b12a7aa..0079842d1f 100644 ---- a/elf/setup-vdso.h -+++ b/elf/setup-vdso.h -@@ -51,6 +51,9 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), - l->l_addr = ph->p_vaddr; - if (ph->p_vaddr + ph->p_memsz >= l->l_map_end) - l->l_map_end = ph->p_vaddr + ph->p_memsz; -+ if ((ph->p_flags & PF_X) -+ && ph->p_vaddr + ph->p_memsz >= l->l_text_end) -+ l->l_text_end = ph->p_vaddr + ph->p_memsz; - } - else - /* There must be no TLS segment. */ -@@ -59,6 +62,7 @@ setup_vdso (struct link_map *main_map __attribute__ ((unused)), - l->l_map_start = (ElfW(Addr)) GLRO(dl_sysinfo_dso); - l->l_addr = l->l_map_start - l->l_addr; - l->l_map_end += l->l_addr; -+ l->l_text_end += l->l_addr; - l->l_ld = (void *) ((ElfW(Addr)) l->l_ld + l->l_addr); - elf_get_dynamic_info (l, false, false); - _dl_setup_hash (l); -diff --git a/include/link.h b/include/link.h -index 686813f281..a02d5f2eba 100644 ---- a/include/link.h -+++ b/include/link.h -@@ -253,6 +253,8 @@ struct link_map - /* Start and finish of memory map for this object. l_map_start - need not be the same as l_addr. */ - ElfW(Addr) l_map_start, l_map_end; -+ /* End of the executable part of the mapping. */ -+ ElfW(Addr) l_text_end; - - /* Linked list of objects in reverse ELF constructor execution - order. Head of list is stored in _dl_init_called_list. */ --- -2.43.0 - diff --git a/packages/glibc/0029-Revert-elf-Always-call-destructors-in-reverse-constr.patch b/packages/glibc/0029-Revert-elf-Always-call-destructors-in-reverse-constr.patch deleted file mode 100644 index d57028b7fef..00000000000 --- a/packages/glibc/0029-Revert-elf-Always-call-destructors-in-reverse-constr.patch +++ /dev/null @@ -1,593 +0,0 @@ -From 719866ab2ff0e6d514a04fb47e507d92e70ef7ee Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Wed, 18 Oct 2023 14:25:46 +0200 -Subject: [PATCH] Revert "elf: Always call destructors in reverse constructor - order (bug 30785)" - -This reverts commit a3189f66a5f2fe86568286fa025fa153be04c6c0. - -Reason for revert: Incompatibility with existing applications. ---- - NEWS | 1 - - elf/dl-close.c | 113 ++++++++++----------------- - elf/dl-fini.c | 152 ++++++++++++++++++++++++------------- - elf/dl-init.c | 16 ---- - elf/dso-sort-tests-1.def | 19 +++-- - elf/tst-audit23.c | 44 +++++------ - sysdeps/generic/ldsodefs.h | 4 - - 7 files changed, 173 insertions(+), 176 deletions(-) - -diff --git a/NEWS b/NEWS -index bfcd46efa9..f117874e34 100644 ---- a/NEWS -+++ b/NEWS -@@ -32,7 +32,6 @@ Security related changes: - The following bugs are resolved with this release: - - [30723] posix_memalign repeatedly scans long bin lists -- [30785] Always call destructors in reverse constructor order - [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with - -D_FILE_OFFSET_BITS=64 - [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) -diff --git a/elf/dl-close.c b/elf/dl-close.c -index ea62d0e601..b887a44888 100644 ---- a/elf/dl-close.c -+++ b/elf/dl-close.c -@@ -138,31 +138,30 @@ _dl_close_worker (struct link_map *map, bool force) - - bool any_tls = false; - const unsigned int nloaded = ns->_ns_nloaded; -+ struct link_map *maps[nloaded]; - -- /* Run over the list and assign indexes to the link maps. */ -+ /* Run over the list and assign indexes to the link maps and enter -+ them into the MAPS array. */ - int idx = 0; - for (struct link_map *l = ns->_ns_loaded; l != NULL; l = l->l_next) - { - l->l_map_used = 0; - l->l_map_done = 0; - l->l_idx = idx; -+ maps[idx] = l; - ++idx; - } - assert (idx == nloaded); - -- /* Keep marking link maps until no new link maps are found. */ -- for (struct link_map *l = ns->_ns_loaded; l != NULL; ) -+ /* Keep track of the lowest index link map we have covered already. */ -+ int done_index = -1; -+ while (++done_index < nloaded) - { -- /* next is reset to earlier link maps for remarking. */ -- struct link_map *next = l->l_next; -- int next_idx = l->l_idx + 1; /* next->l_idx, but covers next == NULL. */ -+ struct link_map *l = maps[done_index]; - - if (l->l_map_done) -- { -- /* Already handled. */ -- l = next; -- continue; -- } -+ /* Already handled. */ -+ continue; - - /* Check whether this object is still used. */ - if (l->l_type == lt_loaded -@@ -172,10 +171,7 @@ _dl_close_worker (struct link_map *map, bool force) - acquire is sufficient and correct. */ - && atomic_load_acquire (&l->l_tls_dtor_count) == 0 - && !l->l_map_used) -- { -- l = next; -- continue; -- } -+ continue; - - /* We need this object and we handle it now. */ - l->l_map_used = 1; -@@ -202,11 +198,8 @@ _dl_close_worker (struct link_map *map, bool force) - already processed it, then we need to go back - and process again from that point forward to - ensure we keep all of its dependencies also. */ -- if ((*lp)->l_idx < next_idx) -- { -- next = *lp; -- next_idx = next->l_idx; -- } -+ if ((*lp)->l_idx - 1 < done_index) -+ done_index = (*lp)->l_idx - 1; - } - } - -@@ -226,65 +219,44 @@ _dl_close_worker (struct link_map *map, bool force) - if (!jmap->l_map_used) - { - jmap->l_map_used = 1; -- if (jmap->l_idx < next_idx) -- { -- next = jmap; -- next_idx = next->l_idx; -- } -+ if (jmap->l_idx - 1 < done_index) -+ done_index = jmap->l_idx - 1; - } - } - } -- -- l = next; - } - -- /* Call the destructors in reverse constructor order, and remove the -- closed link maps from the list. */ -- for (struct link_map **init_called_head = &_dl_init_called_list; -- *init_called_head != NULL; ) -+ /* Sort the entries. We can skip looking for the binary itself which is -+ at the front of the search list for the main namespace. */ -+ _dl_sort_maps (maps, nloaded, (nsid == LM_ID_BASE), true); -+ -+ /* Call all termination functions at once. */ -+ bool unload_any = false; -+ bool scope_mem_left = false; -+ unsigned int unload_global = 0; -+ unsigned int first_loaded = ~0; -+ for (unsigned int i = 0; i < nloaded; ++i) - { -- struct link_map *imap = *init_called_head; -+ struct link_map *imap = maps[i]; - -- /* _dl_init_called_list is global, to produce a global odering. -- Ignore the other namespaces (and link maps that are still used). */ -- if (imap->l_ns != nsid || imap->l_map_used) -- init_called_head = &imap->l_init_called_next; -- else -+ /* All elements must be in the same namespace. */ -+ assert (imap->l_ns == nsid); -+ -+ if (!imap->l_map_used) - { - assert (imap->l_type == lt_loaded && !imap->l_nodelete_active); - -- /* _dl_init_called_list is updated at the same time as -- l_init_called. */ -- assert (imap->l_init_called); -- -- if (imap->l_info[DT_FINI_ARRAY] != NULL -- || imap->l_info[DT_FINI] != NULL) -+ /* Call its termination function. Do not do it for -+ half-cooked objects. Temporarily disable exception -+ handling, so that errors are fatal. */ -+ if (imap->l_init_called) - _dl_catch_exception (NULL, _dl_call_fini, imap); - - #ifdef SHARED - /* Auditing checkpoint: we remove an object. */ - _dl_audit_objclose (imap); - #endif -- /* Unlink this link map. */ -- *init_called_head = imap->l_init_called_next; -- } -- } -- -- -- bool unload_any = false; -- bool scope_mem_left = false; -- unsigned int unload_global = 0; -- -- /* For skipping un-unloadable link maps in the second loop. */ -- struct link_map *first_loaded = ns->_ns_loaded; - -- /* Iterate over the namespace to find objects to unload. Some -- unloadable objects may not be on _dl_init_called_list due to -- dlopen failure. */ -- for (struct link_map *imap = first_loaded; imap != NULL; imap = imap->l_next) -- { -- if (!imap->l_map_used) -- { - /* This object must not be used anymore. */ - imap->l_removed = 1; - -@@ -295,8 +267,8 @@ _dl_close_worker (struct link_map *map, bool force) - ++unload_global; - - /* Remember where the first dynamically loaded object is. */ -- if (first_loaded == NULL) -- first_loaded = imap; -+ if (i < first_loaded) -+ first_loaded = i; - } - /* Else imap->l_map_used. */ - else if (imap->l_type == lt_loaded) -@@ -432,8 +404,8 @@ _dl_close_worker (struct link_map *map, bool force) - imap->l_loader = NULL; - - /* Remember where the first dynamically loaded object is. */ -- if (first_loaded == NULL) -- first_loaded = imap; -+ if (i < first_loaded) -+ first_loaded = i; - } - } - -@@ -504,11 +476,10 @@ _dl_close_worker (struct link_map *map, bool force) - - /* Check each element of the search list to see if all references to - it are gone. */ -- for (struct link_map *imap = first_loaded; imap != NULL; ) -+ for (unsigned int i = first_loaded; i < nloaded; ++i) - { -- if (imap->l_map_used) -- imap = imap->l_next; -- else -+ struct link_map *imap = maps[i]; -+ if (!imap->l_map_used) - { - assert (imap->l_type == lt_loaded); - -@@ -719,9 +690,7 @@ _dl_close_worker (struct link_map *map, bool force) - if (imap == GL(dl_initfirst)) - GL(dl_initfirst) = NULL; - -- struct link_map *next = imap->l_next; - free (imap); -- imap = next; - } - } - -diff --git a/elf/dl-fini.c b/elf/dl-fini.c -index e201d36651..9acb64f47c 100644 ---- a/elf/dl-fini.c -+++ b/elf/dl-fini.c -@@ -24,68 +24,116 @@ - void - _dl_fini (void) - { -- /* Call destructors strictly in the reverse order of constructors. -- This causes fewer surprises than some arbitrary reordering based -- on new (relocation) dependencies. None of the objects are -- unmapped, so applications can deal with this if their DSOs remain -- in a consistent state after destructors have run. */ -- -- /* Protect against concurrent loads and unloads. */ -- __rtld_lock_lock_recursive (GL(dl_load_lock)); -- -- /* Ignore objects which are opened during shutdown. */ -- struct link_map *local_init_called_list = _dl_init_called_list; -- -- for (struct link_map *l = local_init_called_list; l != NULL; -- l = l->l_init_called_next) -- /* Bump l_direct_opencount of all objects so that they -- are not dlclose()ed from underneath us. */ -- ++l->l_direct_opencount; -- -- /* After this point, everything linked from local_init_called_list -- cannot be unloaded because of the reference counter update. */ -- __rtld_lock_unlock_recursive (GL(dl_load_lock)); -- -- /* Perform two passes: One for non-audit modules, one for audit -- modules. This way, audit modules receive unload notifications -- for non-audit objects, and the destructors for audit modules -- still run. */ -+ /* Lots of fun ahead. We have to call the destructors for all still -+ loaded objects, in all namespaces. The problem is that the ELF -+ specification now demands that dependencies between the modules -+ are taken into account. I.e., the destructor for a module is -+ called before the ones for any of its dependencies. -+ -+ To make things more complicated, we cannot simply use the reverse -+ order of the constructors. Since the user might have loaded objects -+ using `dlopen' there are possibly several other modules with its -+ dependencies to be taken into account. Therefore we have to start -+ determining the order of the modules once again from the beginning. */ -+ -+ /* We run the destructors of the main namespaces last. As for the -+ other namespaces, we pick run the destructors in them in reverse -+ order of the namespace ID. */ -+#ifdef SHARED -+ int do_audit = 0; -+ again: -+#endif -+ for (Lmid_t ns = GL(dl_nns) - 1; ns >= 0; --ns) -+ { -+ /* Protect against concurrent loads and unloads. */ -+ __rtld_lock_lock_recursive (GL(dl_load_lock)); -+ -+ unsigned int nloaded = GL(dl_ns)[ns]._ns_nloaded; -+ /* No need to do anything for empty namespaces or those used for -+ auditing DSOs. */ -+ if (nloaded == 0 -+#ifdef SHARED -+ || GL(dl_ns)[ns]._ns_loaded->l_auditing != do_audit -+#endif -+ ) -+ __rtld_lock_unlock_recursive (GL(dl_load_lock)); -+ else -+ { - #ifdef SHARED -- int last_pass = GLRO(dl_naudit) > 0; -- Lmid_t last_ns = -1; -- for (int do_audit = 0; do_audit <= last_pass; ++do_audit) -+ _dl_audit_activity_nsid (ns, LA_ACT_DELETE); - #endif -- for (struct link_map *l = local_init_called_list; l != NULL; -- l = l->l_init_called_next) -- { -+ -+ /* Now we can allocate an array to hold all the pointers and -+ copy the pointers in. */ -+ struct link_map *maps[nloaded]; -+ -+ unsigned int i; -+ struct link_map *l; -+ assert (nloaded != 0 || GL(dl_ns)[ns]._ns_loaded == NULL); -+ for (l = GL(dl_ns)[ns]._ns_loaded, i = 0; l != NULL; l = l->l_next) -+ /* Do not handle ld.so in secondary namespaces. */ -+ if (l == l->l_real) -+ { -+ assert (i < nloaded); -+ -+ maps[i] = l; -+ l->l_idx = i; -+ ++i; -+ -+ /* Bump l_direct_opencount of all objects so that they -+ are not dlclose()ed from underneath us. */ -+ ++l->l_direct_opencount; -+ } -+ assert (ns != LM_ID_BASE || i == nloaded); -+ assert (ns == LM_ID_BASE || i == nloaded || i == nloaded - 1); -+ unsigned int nmaps = i; -+ -+ /* Now we have to do the sorting. We can skip looking for the -+ binary itself which is at the front of the search list for -+ the main namespace. */ -+ _dl_sort_maps (maps, nmaps, (ns == LM_ID_BASE), true); -+ -+ /* We do not rely on the linked list of loaded object anymore -+ from this point on. We have our own list here (maps). The -+ various members of this list cannot vanish since the open -+ count is too high and will be decremented in this loop. So -+ we release the lock so that some code which might be called -+ from a destructor can directly or indirectly access the -+ lock. */ -+ __rtld_lock_unlock_recursive (GL(dl_load_lock)); -+ -+ /* 'maps' now contains the objects in the right order. Now -+ call the destructors. We have to process this array from -+ the front. */ -+ for (i = 0; i < nmaps; ++i) -+ { -+ struct link_map *l = maps[i]; -+ -+ if (l->l_init_called) -+ { -+ _dl_call_fini (l); - #ifdef SHARED -- if (GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing != do_audit) -- continue; -- -- /* Avoid back-to-back calls of _dl_audit_activity_nsid for the -- same namespace. */ -- if (last_ns != l->l_ns) -- { -- if (last_ns >= 0) -- _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); -- _dl_audit_activity_nsid (l->l_ns, LA_ACT_DELETE); -- last_ns = l->l_ns; -- } -+ /* Auditing checkpoint: another object closed. */ -+ _dl_audit_objclose (l); - #endif -+ } - -- /* There is no need to re-enable exceptions because _dl_fini -- is not called from a context where exceptions are caught. */ -- _dl_call_fini (l); -+ /* Correct the previous increment. */ -+ --l->l_direct_opencount; -+ } - - #ifdef SHARED -- /* Auditing checkpoint: another object closed. */ -- _dl_audit_objclose (l); -+ _dl_audit_activity_nsid (ns, LA_ACT_CONSISTENT); - #endif -- } -+ } -+ } - - #ifdef SHARED -- if (last_ns >= 0) -- _dl_audit_activity_nsid (last_ns, LA_ACT_CONSISTENT); -+ if (! do_audit && GLRO(dl_naudit) > 0) -+ { -+ do_audit = 1; -+ goto again; -+ } - - if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_STATISTICS)) - _dl_debug_printf ("\nruntime linker statistics:\n" -diff --git a/elf/dl-init.c b/elf/dl-init.c -index ffd05b7806..ba4d2fdc85 100644 ---- a/elf/dl-init.c -+++ b/elf/dl-init.c -@@ -21,7 +21,6 @@ - #include - #include - --struct link_map *_dl_init_called_list; - - static void - call_init (struct link_map *l, int argc, char **argv, char **env) -@@ -43,21 +42,6 @@ call_init (struct link_map *l, int argc, char **argv, char **env) - dependency. */ - l->l_init_called = 1; - -- /* Help an already-running dlclose: The just-loaded object must not -- be removed during the current pass. (No effect if no dlclose in -- progress.) */ -- l->l_map_used = 1; -- -- /* Record execution before starting any initializers. This way, if -- the initializers themselves call dlopen, their ELF destructors -- will eventually be run before this object is destructed, matching -- that their ELF constructors have run before this object was -- constructed. _dl_fini uses this list for audit callbacks, so -- register objects on the list even if they do not have a -- constructor. */ -- l->l_init_called_next = _dl_init_called_list; -- _dl_init_called_list = l; -- - /* Check for object which constructors we do not run here. */ - if (__builtin_expect (l->l_name[0], 'a') == '\0' - && l->l_type == lt_executable) -diff --git a/elf/dso-sort-tests-1.def b/elf/dso-sort-tests-1.def -index 61dc54f8ae..4bf9052db1 100644 ---- a/elf/dso-sort-tests-1.def -+++ b/elf/dso-sort-tests-1.def -@@ -53,14 +53,21 @@ tst-dso-ordering10: {}->a->b->c;soname({})=c - output: b>a>{}b->c->d order). -+# The older dynamic_sort=1 algorithm does not achieve this, while the DFS-based -+# dynamic_sort=2 algorithm does, although it is still arguable whether going -+# beyond spec to do this is the right thing to do. -+# The below expected outputs are what the two algorithms currently produce -+# respectively, for regression testing purposes. - tst-bz15311: {+a;+e;+f;+g;+d;%d;-d;-g;-f;-e;-a};a->b->c->d;d=>[ba];c=>a;b=>e=>a;c=>f=>b;d=>g=>c --output: {+a[d>c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[c>b>a>];+e[e>];+f[f>];+g[g>];+d[];%d(b(e(a()))a()g(c(a()f(b(e(a()))))));-d[];-g[];-f[];-e[];-a[a1;a->a2;a2->a;b->b1;c->a1;c=>a1 --output: {+a[a2>a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());}a1>a>];+b[b1>b>];-b[];%c(a1());} -Date: Thu, 19 Oct 2023 09:17:38 +0200 -Subject: [PATCH] Revert "elf: Move l_init_called_next to old place of - l_text_end in link map" - -This reverts commit d3ba6c1333b10680ce5900a628108507d9d4b844. - -Reason: Preserve internal ABI. ---- - include/link.h | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/include/link.h b/include/link.h -index a02d5f2eba..69bda3ed17 100644 ---- a/include/link.h -+++ b/include/link.h -@@ -256,10 +256,6 @@ struct link_map - /* End of the executable part of the mapping. */ - ElfW(Addr) l_text_end; - -- /* Linked list of objects in reverse ELF constructor execution -- order. Head of list is stored in _dl_init_called_list. */ -- struct link_map *l_init_called_next; -- - /* Default array for 'l_scope'. */ - struct r_scope_elem *l_scope_mem[4]; - /* Size of array allocated for 'l_scope'. */ -@@ -282,6 +278,10 @@ struct link_map - /* List of object in order of the init and fini calls. */ - struct link_map **l_initfini; - -+ /* Linked list of objects in reverse ELF constructor execution -+ order. Head of list is stored in _dl_init_called_list. */ -+ struct link_map *l_init_called_next; -+ - /* List of the dependencies introduced through symbol binding. */ - struct link_map_reldeps - { --- -2.43.0 - diff --git a/packages/glibc/0031-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch b/packages/glibc/0031-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch deleted file mode 100644 index 9453bf8dc9e..00000000000 --- a/packages/glibc/0031-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 63dbbc5c52f9823f86270f32fce20d1e91cdf484 Mon Sep 17 00:00:00 2001 -From: Sergio Durigan Junior -Date: Wed, 1 Nov 2023 18:15:23 -0400 -Subject: [PATCH] sysdeps: sem_open: Clear O_CREAT when semaphore file is - expected to exist [BZ #30789] - -When invoking sem_open with O_CREAT as one of its flags, we'll end up -in the second part of sem_open's "if ((oflag & O_CREAT) == 0 || (oflag -& O_EXCL) == 0)", which means that we don't expect the semaphore file -to exist. - -In that part, open_flags is initialized as "O_RDWR | O_CREAT | O_EXCL -| O_CLOEXEC" and there's an attempt to open(2) the file, which will -likely fail because it won't exist. After that first (expected) -failure, some cleanup is done and we go back to the label "try_again", -which lives in the first part of the aforementioned "if". - -The problem is that, in that part of the code, we expect the semaphore -file to exist, and as such O_CREAT (this time the flag we pass to -open(2)) needs to be cleaned from open_flags, otherwise we'll see -another failure (this time unexpected) when trying to open the file, -which will lead the call to sem_open to fail as well. - -This can cause very strange bugs, especially with OpenMPI, which makes -extensive use of semaphores. - -Fix the bug by simplifying the logic when choosing open(2) flags and -making sure O_CREAT is not set when the semaphore file is expected to -exist. - -A regression test for this issue would require a complex and cpu time -consuming logic, since to trigger the wrong code path is not -straightforward due the racy condition. There is a somewhat reliable -reproducer in the bug, but it requires using OpenMPI. - -This resolves BZ #30789. - -See also: https://bugs.launchpad.net/ubuntu/+source/h5py/+bug/2031912 - -Signed-off-by: Sergio Durigan Junior -Co-Authored-By: Simon Chopin -Co-Authored-By: Adhemerval Zanella Netto -Fixes: 533deafbdf189f5fbb280c28562dd43ace2f4b0f ("Use O_CLOEXEC in more places (BZ #15722)") -(cherry picked from commit f957f47df75b9fab995754011491edebc6feb147) ---- - NEWS | 2 ++ - sysdeps/pthread/sem_open.c | 10 ++++------ - 2 files changed, 6 insertions(+), 6 deletions(-) - -diff --git a/NEWS b/NEWS -index f117874e34..5ac488bf9b 100644 ---- a/NEWS -+++ b/NEWS -@@ -32,6 +32,8 @@ Security related changes: - The following bugs are resolved with this release: - - [30723] posix_memalign repeatedly scans long bin lists -+ [30789] sem_open will fail on multithreaded scenarios when semaphore -+ file doesn't exist (O_CREAT) - [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with - -D_FILE_OFFSET_BITS=64 - [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) -diff --git a/sysdeps/pthread/sem_open.c b/sysdeps/pthread/sem_open.c -index e5db929d20..0e331a7445 100644 ---- a/sysdeps/pthread/sem_open.c -+++ b/sysdeps/pthread/sem_open.c -@@ -32,11 +32,12 @@ - # define __unlink unlink - #endif - -+#define SEM_OPEN_FLAGS (O_RDWR | O_NOFOLLOW | O_CLOEXEC) -+ - sem_t * - __sem_open (const char *name, int oflag, ...) - { - int fd; -- int open_flags; - sem_t *result; - - /* Check that shared futexes are supported. */ -@@ -65,10 +66,8 @@ __sem_open (const char *name, int oflag, ...) - /* If the semaphore object has to exist simply open it. */ - if ((oflag & O_CREAT) == 0 || (oflag & O_EXCL) == 0) - { -- open_flags = O_RDWR | O_NOFOLLOW | O_CLOEXEC; -- open_flags |= (oflag & ~(O_CREAT|O_ACCMODE)); - try_again: -- fd = __open (dirname.name, open_flags); -+ fd = __open (dirname.name, (oflag & O_EXCL) | SEM_OPEN_FLAGS); - - if (fd == -1) - { -@@ -135,8 +134,7 @@ __sem_open (const char *name, int oflag, ...) - } - - /* Open the file. Make sure we do not overwrite anything. */ -- open_flags = O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC; -- fd = __open (tmpfname, open_flags, mode); -+ fd = __open (tmpfname, O_CREAT | O_EXCL | SEM_OPEN_FLAGS, mode); - if (fd == -1) - { - if (errno == EEXIST) --- -2.43.0 - diff --git a/packages/glibc/0032-elf-Fix-wrong-break-removal-from-8ee878592c.patch b/packages/glibc/0032-elf-Fix-wrong-break-removal-from-8ee878592c.patch deleted file mode 100644 index f4227213ead..00000000000 --- a/packages/glibc/0032-elf-Fix-wrong-break-removal-from-8ee878592c.patch +++ /dev/null @@ -1,26 +0,0 @@ -From bf5aa419cbf545d2cd09dc097e518033d6e4df5e Mon Sep 17 00:00:00 2001 -From: Adhemerval Zanella -Date: Thu, 7 Dec 2023 11:17:35 -0300 -Subject: [PATCH] elf: Fix wrong break removal from 8ee878592c - -Reported-by: Alexander Monakov -(cherry picked from commit 546a1ba664626603660b595662249d524e429013) ---- - elf/readelflib.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/elf/readelflib.c b/elf/readelflib.c -index f5b8c80e38..64f1d662a9 100644 ---- a/elf/readelflib.c -+++ b/elf/readelflib.c -@@ -107,6 +107,7 @@ process_elf_file (const char *file_name, const char *lib, int *flag, - case PT_INTERP: - program_interpreter = (char *) (file_contents + segment->p_offset); - check_ptr (program_interpreter); -+ break; - - case PT_GNU_PROPERTY: - /* The NT_GNU_PROPERTY_TYPE_0 note must be aligned to 4 bytes --- -2.43.0 - diff --git a/packages/glibc/0033-LoongArch-Delete-excessively-allocated-memory.patch b/packages/glibc/0033-LoongArch-Delete-excessively-allocated-memory.patch deleted file mode 100644 index d8ccd906a84..00000000000 --- a/packages/glibc/0033-LoongArch-Delete-excessively-allocated-memory.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 44f757a6364a546359809d48c76b3debd26e77d4 Mon Sep 17 00:00:00 2001 -From: caiyinyu -Date: Thu, 26 Oct 2023 17:27:21 +0800 -Subject: [PATCH] LoongArch: Delete excessively allocated memory. - -Backported from glibc 2.39 development. ---- - sysdeps/loongarch/dl-trampoline.h | 68 +++++++++++++++---------------- - 1 file changed, 34 insertions(+), 34 deletions(-) - -diff --git a/sysdeps/loongarch/dl-trampoline.h b/sysdeps/loongarch/dl-trampoline.h -index 02375286f8..99fcacab76 100644 ---- a/sysdeps/loongarch/dl-trampoline.h -+++ b/sysdeps/loongarch/dl-trampoline.h -@@ -19,9 +19,9 @@ - /* Assembler veneer called from the PLT header code for lazy loading. - The PLT header passes its own args in t0-t2. */ - #ifdef USE_LASX --# define FRAME_SIZE (-((-9 * SZREG - 8 * SZFREG - 8 * SZXREG) & ALMASK)) -+# define FRAME_SIZE (-((-9 * SZREG - 8 * SZXREG) & ALMASK)) - #elif defined USE_LSX --# define FRAME_SIZE (-((-9 * SZREG - 8 * SZFREG - 8 * SZVREG) & ALMASK)) -+# define FRAME_SIZE (-((-9 * SZREG - 8 * SZVREG) & ALMASK)) - #elif !defined __loongarch_soft_float - # define FRAME_SIZE (-((-9 * SZREG - 8 * SZFREG) & ALMASK)) - #else -@@ -44,23 +44,23 @@ ENTRY (_dl_runtime_resolve) - REG_S a7, sp, 8*SZREG - - #ifdef USE_LASX -- xvst xr0, sp, 9*SZREG + 8*SZFREG + 0*SZXREG -- xvst xr1, sp, 9*SZREG + 8*SZFREG + 1*SZXREG -- xvst xr2, sp, 9*SZREG + 8*SZFREG + 2*SZXREG -- xvst xr3, sp, 9*SZREG + 8*SZFREG + 3*SZXREG -- xvst xr4, sp, 9*SZREG + 8*SZFREG + 4*SZXREG -- xvst xr5, sp, 9*SZREG + 8*SZFREG + 5*SZXREG -- xvst xr6, sp, 9*SZREG + 8*SZFREG + 6*SZXREG -- xvst xr7, sp, 9*SZREG + 8*SZFREG + 7*SZXREG -+ xvst xr0, sp, 9*SZREG + 0*SZXREG -+ xvst xr1, sp, 9*SZREG + 1*SZXREG -+ xvst xr2, sp, 9*SZREG + 2*SZXREG -+ xvst xr3, sp, 9*SZREG + 3*SZXREG -+ xvst xr4, sp, 9*SZREG + 4*SZXREG -+ xvst xr5, sp, 9*SZREG + 5*SZXREG -+ xvst xr6, sp, 9*SZREG + 6*SZXREG -+ xvst xr7, sp, 9*SZREG + 7*SZXREG - #elif defined USE_LSX -- vst vr0, sp, 9*SZREG + 8*SZFREG + 0*SZVREG -- vst vr1, sp, 9*SZREG + 8*SZFREG + 1*SZVREG -- vst vr2, sp, 9*SZREG + 8*SZFREG + 2*SZVREG -- vst vr3, sp, 9*SZREG + 8*SZFREG + 3*SZVREG -- vst vr4, sp, 9*SZREG + 8*SZFREG + 4*SZVREG -- vst vr5, sp, 9*SZREG + 8*SZFREG + 5*SZVREG -- vst vr6, sp, 9*SZREG + 8*SZFREG + 6*SZVREG -- vst vr7, sp, 9*SZREG + 8*SZFREG + 7*SZVREG -+ vst vr0, sp, 9*SZREG + 0*SZVREG -+ vst vr1, sp, 9*SZREG + 1*SZVREG -+ vst vr2, sp, 9*SZREG + 2*SZVREG -+ vst vr3, sp, 9*SZREG + 3*SZVREG -+ vst vr4, sp, 9*SZREG + 4*SZVREG -+ vst vr5, sp, 9*SZREG + 5*SZVREG -+ vst vr6, sp, 9*SZREG + 6*SZVREG -+ vst vr7, sp, 9*SZREG + 7*SZVREG - #elif !defined __loongarch_soft_float - FREG_S fa0, sp, 9*SZREG + 0*SZFREG - FREG_S fa1, sp, 9*SZREG + 1*SZFREG -@@ -92,23 +92,23 @@ ENTRY (_dl_runtime_resolve) - REG_L a7, sp, 8*SZREG - - #ifdef USE_LASX -- xvld xr0, sp, 9*SZREG + 8*SZFREG + 0*SZXREG -- xvld xr1, sp, 9*SZREG + 8*SZFREG + 1*SZXREG -- xvld xr2, sp, 9*SZREG + 8*SZFREG + 2*SZXREG -- xvld xr3, sp, 9*SZREG + 8*SZFREG + 3*SZXREG -- xvld xr4, sp, 9*SZREG + 8*SZFREG + 4*SZXREG -- xvld xr5, sp, 9*SZREG + 8*SZFREG + 5*SZXREG -- xvld xr6, sp, 9*SZREG + 8*SZFREG + 6*SZXREG -- xvld xr7, sp, 9*SZREG + 8*SZFREG + 7*SZXREG -+ xvld xr0, sp, 9*SZREG + 0*SZXREG -+ xvld xr1, sp, 9*SZREG + 1*SZXREG -+ xvld xr2, sp, 9*SZREG + 2*SZXREG -+ xvld xr3, sp, 9*SZREG + 3*SZXREG -+ xvld xr4, sp, 9*SZREG + 4*SZXREG -+ xvld xr5, sp, 9*SZREG + 5*SZXREG -+ xvld xr6, sp, 9*SZREG + 6*SZXREG -+ xvld xr7, sp, 9*SZREG + 7*SZXREG - #elif defined USE_LSX -- vld vr0, sp, 9*SZREG + 8*SZFREG + 0*SZVREG -- vld vr1, sp, 9*SZREG + 8*SZFREG + 1*SZVREG -- vld vr2, sp, 9*SZREG + 8*SZFREG + 2*SZVREG -- vld vr3, sp, 9*SZREG + 8*SZFREG + 3*SZVREG -- vld vr4, sp, 9*SZREG + 8*SZFREG + 4*SZVREG -- vld vr5, sp, 9*SZREG + 8*SZFREG + 5*SZVREG -- vld vr6, sp, 9*SZREG + 8*SZFREG + 6*SZVREG -- vld vr7, sp, 9*SZREG + 8*SZFREG + 7*SZVREG -+ vld vr0, sp, 9*SZREG + 0*SZVREG -+ vld vr1, sp, 9*SZREG + 1*SZVREG -+ vld vr2, sp, 9*SZREG + 2*SZVREG -+ vld vr3, sp, 9*SZREG + 3*SZVREG -+ vld vr4, sp, 9*SZREG + 4*SZVREG -+ vld vr5, sp, 9*SZREG + 5*SZVREG -+ vld vr6, sp, 9*SZREG + 6*SZVREG -+ vld vr7, sp, 9*SZREG + 7*SZVREG - #elif !defined __loongarch_soft_float - FREG_L fa0, sp, 9*SZREG + 0*SZFREG - FREG_L fa1, sp, 9*SZREG + 1*SZFREG --- -2.43.0 - diff --git a/packages/glibc/0034-elf-Fix-TLS-modid-reuse-generation-assignment-BZ-290.patch b/packages/glibc/0034-elf-Fix-TLS-modid-reuse-generation-assignment-BZ-290.patch deleted file mode 100644 index 1f4b8341bae..00000000000 --- a/packages/glibc/0034-elf-Fix-TLS-modid-reuse-generation-assignment-BZ-290.patch +++ /dev/null @@ -1,53 +0,0 @@ -From ccdc4cba07684fe1397e1f5f134a0a827af98c04 Mon Sep 17 00:00:00 2001 -From: Hector Martin -Date: Tue, 28 Nov 2023 15:23:07 +0900 -Subject: [PATCH] elf: Fix TLS modid reuse generation assignment (BZ 29039) - -_dl_assign_tls_modid() assigns a slotinfo entry for a new module, but -does *not* do anything to the generation counter. The first time this -happens, the generation is zero and map_generation() returns the current -generation to be used during relocation processing. However, if -a slotinfo entry is later reused, it will already have a generation -assigned. If this generation has fallen behind the current global max -generation, then this causes an obsolete generation to be assigned -during relocation processing, as map_generation() returns this -generation if nonzero. _dl_add_to_slotinfo() eventually resets the -generation, but by then it is too late. This causes DTV updates to be -skipped, leading to NULL or broken TLS slot pointers and segfaults. - -Fix this by resetting the generation to zero in _dl_assign_tls_modid(), -so it behaves the same as the first time a slot is assigned. -_dl_add_to_slotinfo() will still assign the correct static generation -later during module load, but relocation processing will no longer use -an obsolete generation. - -Note that slotinfo entry (aka modid) reuse typically happens after a -dlclose and only TLS access via dynamic tlsdesc is affected. Because -tlsdesc is optimized to use the optional part of static TLS, dynamic -tlsdesc can be avoided by increasing the glibc.rtld.optional_static_tls -tunable to a large enough value, or by LD_PRELOAD-ing the affected -modules. - -Fixes bug 29039. - -Reviewed-by: Szabolcs Nagy -(cherry picked from commit 3921c5b40f293c57cb326f58713c924b0662ef59) ---- - elf/dl-tls.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/elf/dl-tls.c b/elf/dl-tls.c -index 99b83ca696..1f6f820819 100644 ---- a/elf/dl-tls.c -+++ b/elf/dl-tls.c -@@ -154,6 +154,7 @@ _dl_assign_tls_modid (struct link_map *l) - { - /* Mark the entry as used, so any dependency see it. */ - atomic_store_relaxed (&runp->slotinfo[result - disp].map, l); -+ atomic_store_relaxed (&runp->slotinfo[result - disp].gen, 0); - break; - } - --- -2.43.0 - diff --git a/packages/glibc/0035-elf-Add-TLS-modid-reuse-test-for-bug-29039.patch b/packages/glibc/0035-elf-Add-TLS-modid-reuse-test-for-bug-29039.patch deleted file mode 100644 index f81fffd3425..00000000000 --- a/packages/glibc/0035-elf-Add-TLS-modid-reuse-test-for-bug-29039.patch +++ /dev/null @@ -1,208 +0,0 @@ -From 0de9082ed8d8f149ca87d569a73692046e236c18 Mon Sep 17 00:00:00 2001 -From: Szabolcs Nagy -Date: Wed, 29 Nov 2023 11:31:37 +0000 -Subject: [PATCH] elf: Add TLS modid reuse test for bug 29039 - -This is a minimal regression test for bug 29039 which only affects -targets with TLSDESC and a reproducer requires that - -1) Have modid gaps (closed modules) with old generation. -2) Update a DTV to a newer generation (needs a newer dlopen). -3) But do not update the closed gap entry in that DTV. -4) Reuse the modid gap for a new module (another dlopen). -5) Use dynamic TLSDESC in that new module with old generation (bug). -6) Access TLS via this TLSDESC and the now outdated DTV. - -However step (3) in practice rarely happens: during DTV update the -entries for closed modids are initialized to "unallocated" and then -dynamic TLSDESC calls __tls_get_addr independently of its generation. -The only exception to this is DTV setup at thread creation (gaps are -initialized to NULL instead of unallocated) or DTV resize where the -gap entries are outside the previous DTV array (again NULL instead -of unallocated, and this requires loading > DTV_SURPLUS modules). - -So the bug can only cause NULL (+ offset) dereference, not use after -free. And the easiest way to get (3) is via thread creation. - -Note that step (5) requires that the newly loaded module has larger -TLS than the remaining optional static TLS. And for (6) there cannot -be other TLS access or dlopen in the thread that updates the DTV. - -Tested on aarch64-linux-gnu. - -Reviewed-by: Adhemerval Zanella -(cherry picked from commit 980450f12685326729d63ff72e93a996113bf073) ---- - elf/Makefile | 15 +++++++ - elf/tst-tlsgap-mod0.c | 2 + - elf/tst-tlsgap-mod1.c | 2 + - elf/tst-tlsgap-mod2.c | 2 + - elf/tst-tlsgap.c | 92 +++++++++++++++++++++++++++++++++++++++++++ - 5 files changed, 113 insertions(+) - create mode 100644 elf/tst-tlsgap-mod0.c - create mode 100644 elf/tst-tlsgap-mod1.c - create mode 100644 elf/tst-tlsgap-mod2.c - create mode 100644 elf/tst-tlsgap.c - -diff --git a/elf/Makefile b/elf/Makefile -index c00e2ccfc5..1a05a6aaca 100644 ---- a/elf/Makefile -+++ b/elf/Makefile -@@ -459,6 +459,7 @@ tests += \ - tst-tls21 \ - tst-tlsalign \ - tst-tlsalign-extern \ -+ tst-tlsgap \ - tst-unique1 \ - tst-unique2 \ - tst-unwind-ctor \ -@@ -883,6 +884,9 @@ modules-names += \ - tst-tls20mod-bad \ - tst-tls21mod \ - tst-tlsalign-lib \ -+ tst-tlsgap-mod0 \ -+ tst-tlsgap-mod1 \ -+ tst-tlsgap-mod2 \ - tst-tlsmod1 \ - tst-tlsmod10 \ - tst-tlsmod11 \ -@@ -3009,3 +3013,14 @@ LDFLAGS-tst-dlclose-lazy-mod1.so = -Wl,-z,lazy,--no-as-needed - $(objpfx)tst-dlclose-lazy-mod1.so: $(objpfx)tst-dlclose-lazy-mod2.so - $(objpfx)tst-dlclose-lazy.out: \ - $(objpfx)tst-dlclose-lazy-mod1.so $(objpfx)tst-dlclose-lazy-mod2.so -+ -+$(objpfx)tst-tlsgap: $(shared-thread-library) -+$(objpfx)tst-tlsgap.out: \ -+ $(objpfx)tst-tlsgap-mod0.so \ -+ $(objpfx)tst-tlsgap-mod1.so \ -+ $(objpfx)tst-tlsgap-mod2.so -+ifeq (yes,$(have-mtls-dialect-gnu2)) -+CFLAGS-tst-tlsgap-mod0.c += -mtls-dialect=gnu2 -+CFLAGS-tst-tlsgap-mod1.c += -mtls-dialect=gnu2 -+CFLAGS-tst-tlsgap-mod2.c += -mtls-dialect=gnu2 -+endif -diff --git a/elf/tst-tlsgap-mod0.c b/elf/tst-tlsgap-mod0.c -new file mode 100644 -index 0000000000..1478b0beac ---- /dev/null -+++ b/elf/tst-tlsgap-mod0.c -@@ -0,0 +1,2 @@ -+int __thread tls0; -+int *f0(void) { return &tls0; } -diff --git a/elf/tst-tlsgap-mod1.c b/elf/tst-tlsgap-mod1.c -new file mode 100644 -index 0000000000..b10fc3702c ---- /dev/null -+++ b/elf/tst-tlsgap-mod1.c -@@ -0,0 +1,2 @@ -+int __thread tls1[100]; /* Size > glibc.rtld.optional_static_tls / 2. */ -+int *f1(void) { return tls1; } -diff --git a/elf/tst-tlsgap-mod2.c b/elf/tst-tlsgap-mod2.c -new file mode 100644 -index 0000000000..166c27d7f3 ---- /dev/null -+++ b/elf/tst-tlsgap-mod2.c -@@ -0,0 +1,2 @@ -+int __thread tls2; -+int *f2(void) { return &tls2; } -diff --git a/elf/tst-tlsgap.c b/elf/tst-tlsgap.c -new file mode 100644 -index 0000000000..4932885076 ---- /dev/null -+++ b/elf/tst-tlsgap.c -@@ -0,0 +1,92 @@ -+/* TLS modid gap reuse regression test for bug 29039. -+ Copyright (C) 2023 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+static void *mod[3]; -+#define MOD(i) "tst-tlsgap-mod" #i ".so" -+static const char *modname[3] = { MOD(0), MOD(1), MOD(2) }; -+#undef MOD -+ -+static void -+open_mod (int i) -+{ -+ mod[i] = xdlopen (modname[i], RTLD_LAZY); -+ printf ("open %s\n", modname[i]); -+} -+ -+static void -+close_mod (int i) -+{ -+ xdlclose (mod[i]); -+ mod[i] = NULL; -+ printf ("close %s\n", modname[i]); -+} -+ -+static void -+access_mod (int i, const char *sym) -+{ -+ int *(*f) (void) = xdlsym (mod[i], sym); -+ int *p = f (); -+ printf ("access %s: %s() = %p\n", modname[i], sym, p); -+ TEST_VERIFY_EXIT (p != NULL); -+ ++*p; -+} -+ -+static void * -+start (void *arg) -+{ -+ /* The DTV generation is at the last dlopen of mod0 and the -+ entry for mod1 is NULL. */ -+ -+ open_mod (1); /* Reuse modid of mod1. Uses dynamic TLS. */ -+ -+ /* DTV is unchanged: dlopen only updates the DTV to the latest -+ generation if static TLS is allocated for a loaded module. -+ -+ With bug 29039, the TLSDESC relocation in mod1 uses the old -+ dlclose generation of mod1 instead of the new dlopen one so -+ DTV is not updated on TLS access. */ -+ -+ access_mod (1, "f1"); -+ -+ return arg; -+} -+ -+static int -+do_test (void) -+{ -+ open_mod (0); -+ open_mod (1); -+ open_mod (2); -+ close_mod (0); -+ close_mod (1); /* Create modid gap at mod1. */ -+ open_mod (0); /* Reuse modid of mod0, bump generation count. */ -+ -+ /* Create a thread where DTV of mod1 is NULL. */ -+ pthread_t t = xpthread_create (NULL, start, NULL); -+ xpthread_join (t); -+ return 0; -+} -+ -+#include --- -2.43.0 - diff --git a/packages/glibc/0036-x86-64-Fix-the-dtv-field-load-for-x32-BZ-31184.patch b/packages/glibc/0036-x86-64-Fix-the-dtv-field-load-for-x32-BZ-31184.patch deleted file mode 100644 index b26b8626a2a..00000000000 --- a/packages/glibc/0036-x86-64-Fix-the-dtv-field-load-for-x32-BZ-31184.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 35ea7549751d4f13a28c732e6ad68204f5e60a06 Mon Sep 17 00:00:00 2001 -From: "H.J. Lu" -Date: Wed, 20 Dec 2023 16:31:43 -0800 -Subject: [PATCH] x86-64: Fix the dtv field load for x32 [BZ #31184] - -On x32, I got - -FAIL: elf/tst-tlsgap - -$ gdb elf/tst-tlsgap -... -open tst-tlsgap-mod1.so - -Thread 2 "tst-tlsgap" received signal SIGSEGV, Segmentation fault. -[Switching to LWP 2268754] -_dl_tlsdesc_dynamic () at ../sysdeps/x86_64/dl-tlsdesc.S:108 -108 movq (%rsi), %rax -(gdb) p/x $rsi -$4 = 0xf7dbf9005655fb18 -(gdb) - -This is caused by - -_dl_tlsdesc_dynamic: - _CET_ENDBR - /* Preserve call-clobbered registers that we modify. - We need two scratch regs anyway. */ - movq %rsi, -16(%rsp) - movq %fs:DTV_OFFSET, %rsi - -Since the dtv field in TCB is a pointer, %fs:DTV_OFFSET is a 32-bit -location, not 64-bit. Load the dtv field to RSI_LP instead of rsi. -This fixes BZ #31184. - -(cherry picked from commit 3502440397bbb840e2f7223734aa5cc2cc0e29b6) ---- - NEWS | 1 + - sysdeps/x86_64/dl-tlsdesc.S | 2 +- - 2 files changed, 2 insertions(+), 1 deletion(-) - -diff --git a/NEWS b/NEWS -index 5ac488bf9b..71057e4793 100644 ---- a/NEWS -+++ b/NEWS -@@ -37,6 +37,7 @@ The following bugs are resolved with this release: - [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with - -D_FILE_OFFSET_BITS=64 - [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) -+ [31184] FAIL: elf/tst-tlsgap - - - Version 2.38 -diff --git a/sysdeps/x86_64/dl-tlsdesc.S b/sysdeps/x86_64/dl-tlsdesc.S -index 5593897e29..c4823547d7 100644 ---- a/sysdeps/x86_64/dl-tlsdesc.S -+++ b/sysdeps/x86_64/dl-tlsdesc.S -@@ -102,7 +102,7 @@ _dl_tlsdesc_dynamic: - /* Preserve call-clobbered registers that we modify. - We need two scratch regs anyway. */ - movq %rsi, -16(%rsp) -- movq %fs:DTV_OFFSET, %rsi -+ mov %fs:DTV_OFFSET, %RSI_LP - movq %rdi, -8(%rsp) - movq TLSDESC_ARG(%rax), %rdi - movq (%rsi), %rax --- -2.43.0 - diff --git a/packages/glibc/0037-x86-64-Fix-the-tcb-field-load-for-x32-BZ-31185.patch b/packages/glibc/0037-x86-64-Fix-the-tcb-field-load-for-x32-BZ-31185.patch deleted file mode 100644 index ffbf07a78c8..00000000000 --- a/packages/glibc/0037-x86-64-Fix-the-tcb-field-load-for-x32-BZ-31185.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 968c983d43bc51f719f3e7a0fcb1bb8669b5f7c4 Mon Sep 17 00:00:00 2001 -From: "H.J. Lu" -Date: Wed, 20 Dec 2023 19:42:12 -0800 -Subject: [PATCH] x86-64: Fix the tcb field load for x32 [BZ #31185] - -_dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic access the thread pointer -via the tcb field in TCB: - -_dl_tlsdesc_undefweak: - _CET_ENDBR - movq 8(%rax), %rax - subq %fs:0, %rax - ret - -_dl_tlsdesc_dynamic: - ... - subq %fs:0, %rax - movq -8(%rsp), %rdi - ret - -Since the tcb field in TCB is a pointer, %fs:0 is a 32-bit location, -not 64-bit. It should use "sub %fs:0, %RAX_LP" instead. Since -_dl_tlsdesc_undefweak returns ptrdiff_t and _dl_make_tlsdesc_dynamic -returns void *, RAX_LP is appropriate here for x32 and x86-64. This -fixes BZ #31185. - -(cherry picked from commit 81be2a61dafc168327c1639e97b6dae128c7ccf3) ---- - NEWS | 1 + - sysdeps/x86_64/dl-tlsdesc.S | 4 ++-- - 2 files changed, 3 insertions(+), 2 deletions(-) - -diff --git a/NEWS b/NEWS -index 71057e4793..6fbb8a9e1d 100644 ---- a/NEWS -+++ b/NEWS -@@ -38,6 +38,7 @@ The following bugs are resolved with this release: - -D_FILE_OFFSET_BITS=64 - [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) - [31184] FAIL: elf/tst-tlsgap -+ [31185] Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic - - - Version 2.38 -diff --git a/sysdeps/x86_64/dl-tlsdesc.S b/sysdeps/x86_64/dl-tlsdesc.S -index c4823547d7..4579424bf7 100644 ---- a/sysdeps/x86_64/dl-tlsdesc.S -+++ b/sysdeps/x86_64/dl-tlsdesc.S -@@ -61,7 +61,7 @@ _dl_tlsdesc_return: - _dl_tlsdesc_undefweak: - _CET_ENDBR - movq 8(%rax), %rax -- subq %fs:0, %rax -+ sub %fs:0, %RAX_LP - ret - cfi_endproc - .size _dl_tlsdesc_undefweak, .-_dl_tlsdesc_undefweak -@@ -116,7 +116,7 @@ _dl_tlsdesc_dynamic: - addq TLSDESC_MODOFF(%rdi), %rax - .Lret: - movq -16(%rsp), %rsi -- subq %fs:0, %rax -+ sub %fs:0, %RAX_LP - movq -8(%rsp), %rdi - ret - .Lslow: --- -2.43.0 - diff --git a/packages/glibc/0038-NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch b/packages/glibc/0038-NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch deleted file mode 100644 index a047469de64..00000000000 --- a/packages/glibc/0038-NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch +++ /dev/null @@ -1,27 +0,0 @@ -From d25e2c8d5cb0778ae87ad43b1f4c301abe5a932b Mon Sep 17 00:00:00 2001 -From: "H.J. Lu" -Date: Sat, 23 Dec 2023 06:24:41 -0800 -Subject: [PATCH] NEWS: Mention bug fixes for 29039/30694/30709/30721 - ---- - NEWS | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/NEWS b/NEWS -index 6fbb8a9e1d..db4d6c8373 100644 ---- a/NEWS -+++ b/NEWS -@@ -31,6 +31,10 @@ Security related changes: - - The following bugs are resolved with this release: - -+ [29039] Corrupt DTV after reuse of a TLS module ID following dlclose with unused TLS -+ [30694] The iconv program no longer tells the user which given encoding name was wrong -+ [30709] nscd fails to build with cleanup handler if built with -fexceptions -+ [30721] x86_64: Fix build with --disable-multiarch - [30723] posix_memalign repeatedly scans long bin lists - [30789] sem_open will fail on multithreaded scenarios when semaphore - file doesn't exist (O_CREAT) --- -2.43.0 - diff --git a/packages/glibc/0039-NEWS-Mention-bug-fixes-for-30745-30843.patch b/packages/glibc/0039-NEWS-Mention-bug-fixes-for-30745-30843.patch deleted file mode 100644 index 70c22bf9e17..00000000000 --- a/packages/glibc/0039-NEWS-Mention-bug-fixes-for-30745-30843.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 27339a3eb8f987eebae72b854af80256c1588ebd Mon Sep 17 00:00:00 2001 -From: "H.J. Lu" -Date: Sat, 23 Dec 2023 06:27:50 -0800 -Subject: [PATCH] NEWS: Mention bug fixes for 30745/30843 - ---- - NEWS | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/NEWS b/NEWS -index db4d6c8373..905230b838 100644 ---- a/NEWS -+++ b/NEWS -@@ -36,11 +36,13 @@ The following bugs are resolved with this release: - [30709] nscd fails to build with cleanup handler if built with -fexceptions - [30721] x86_64: Fix build with --disable-multiarch - [30723] posix_memalign repeatedly scans long bin lists -+ [30745] Slight bug in cache info codes for x86 - [30789] sem_open will fail on multithreaded scenarios when semaphore - file doesn't exist (O_CREAT) - [30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with - -D_FILE_OFFSET_BITS=64 - [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) -+ [30843] potential use-after-free in getcanonname (CVE-2023-4806) - [31184] FAIL: elf/tst-tlsgap - [31185] Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic - --- -2.43.0 - diff --git a/packages/glibc/0040-getaddrinfo-translate-ENOMEM-to-EAI_MEMORY-bug-31163.patch b/packages/glibc/0040-getaddrinfo-translate-ENOMEM-to-EAI_MEMORY-bug-31163.patch deleted file mode 100644 index 81818522567..00000000000 --- a/packages/glibc/0040-getaddrinfo-translate-ENOMEM-to-EAI_MEMORY-bug-31163.patch +++ /dev/null @@ -1,36 +0,0 @@ -From ae1e5217021e43e1f2de443d26e87ea3adfb221c Mon Sep 17 00:00:00 2001 -From: Andreas Schwab -Date: Wed, 6 Dec 2023 14:48:22 +0100 -Subject: [PATCH] getaddrinfo: translate ENOMEM to EAI_MEMORY (bug 31163) - -When __resolv_context_get returns NULL due to out of memory, translate it -to a return value of EAI_MEMORY. - -(cherry picked from commit 5eabdb6a6ac1599d23dd5966a37417215950245f) ---- - sysdeps/posix/getaddrinfo.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c -index 13082305d3..da573bea24 100644 ---- a/sysdeps/posix/getaddrinfo.c -+++ b/sysdeps/posix/getaddrinfo.c -@@ -616,7 +616,14 @@ get_nss_addresses (const char *name, const struct addrinfo *req, - function variant. */ - res_ctx = __resolv_context_get (); - if (res_ctx == NULL) -- no_more = 1; -+ { -+ if (errno == ENOMEM) -+ { -+ result = -EAI_MEMORY; -+ goto out; -+ } -+ no_more = 1; -+ } - - while (!no_more) - { --- -2.43.0 - diff --git a/packages/glibc/0041-libio-Check-remaining-buffer-size-in-_IO_wdo_write-b.patch b/packages/glibc/0041-libio-Check-remaining-buffer-size-in-_IO_wdo_write-b.patch deleted file mode 100644 index 98bb72f7cbe..00000000000 --- a/packages/glibc/0041-libio-Check-remaining-buffer-size-in-_IO_wdo_write-b.patch +++ /dev/null @@ -1,48 +0,0 @@ -From cfe121910013a46e2477562282c56ae8062089aa Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Tue, 2 Jan 2024 14:36:17 +0100 -Subject: [PATCH] libio: Check remaining buffer size in _IO_wdo_write (bug - 31183) - -The multibyte character needs to fit into the remaining buffer space, -not the already-written buffer space. Without the fix, we were never -moving the write pointer from the start of the buffer, always using -the single-character fallback buffer. - -Fixes commit 04b76b5aa8b2d1d19066e42dd1 ("Don't error out writing -a multibyte character to an unbuffered stream (bug 17522)"). - -(cherry picked from commit ecc7c3deb9f347649c2078fcc0f94d4cedf92d60) ---- - NEWS | 1 + - libio/wfileops.c | 2 +- - 2 files changed, 2 insertions(+), 1 deletion(-) - -diff --git a/NEWS b/NEWS -index 905230b838..6768c2da6f 100644 ---- a/NEWS -+++ b/NEWS -@@ -43,6 +43,7 @@ The following bugs are resolved with this release: - -D_FILE_OFFSET_BITS=64 - [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) - [30843] potential use-after-free in getcanonname (CVE-2023-4806) -+ [31183] Wide stream buffer size reduced MB_LEN_MAX bytes after bug 17522 fix - [31184] FAIL: elf/tst-tlsgap - [31185] Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic - -diff --git a/libio/wfileops.c b/libio/wfileops.c -index f16f6db1c3..9ab8f2e7f3 100644 ---- a/libio/wfileops.c -+++ b/libio/wfileops.c -@@ -55,7 +55,7 @@ _IO_wdo_write (FILE *fp, const wchar_t *data, size_t to_do) - char mb_buf[MB_LEN_MAX]; - char *write_base, *write_ptr, *buf_end; - -- if (fp->_IO_write_ptr - fp->_IO_write_base < sizeof (mb_buf)) -+ if (fp->_IO_buf_end - fp->_IO_write_ptr < sizeof (mb_buf)) - { - /* Make sure we have room for at least one multibyte - character. */ --- -2.43.0 - diff --git a/packages/glibc/0042-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch b/packages/glibc/0042-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch deleted file mode 100644 index 653145dd7af..00000000000 --- a/packages/glibc/0042-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch +++ /dev/null @@ -1,181 +0,0 @@ -From 23514c72b780f3da097ecf33a793b7ba9c2070d2 Mon Sep 17 00:00:00 2001 -From: Arjun Shankar -Date: Mon, 15 Jan 2024 17:44:43 +0100 -Subject: [PATCH] syslog: Fix heap buffer overflow in __vsyslog_internal - (CVE-2023-6246) - -__vsyslog_internal did not handle a case where printing a SYSLOG_HEADER -containing a long program name failed to update the required buffer -size, leading to the allocation and overflow of a too-small buffer on -the heap. This commit fixes that. It also adds a new regression test -that uses glibc.malloc.check. - -Reviewed-by: Adhemerval Zanella -Reviewed-by: Carlos O'Donell -Tested-by: Carlos O'Donell -(cherry picked from commit 6bd0e4efcc78f3c0115e5ea9739a1642807450da) ---- - misc/Makefile | 8 ++- - misc/syslog.c | 50 +++++++++++++------ - misc/tst-syslog-long-progname.c | 39 +++++++++++++++ - .../postclean.req | 0 - 4 files changed, 82 insertions(+), 15 deletions(-) - create mode 100644 misc/tst-syslog-long-progname.c - create mode 100644 misc/tst-syslog-long-progname.root/postclean.req - -diff --git a/misc/Makefile b/misc/Makefile -index fe0d49c1de..90b31952c5 100644 ---- a/misc/Makefile -+++ b/misc/Makefile -@@ -289,7 +289,10 @@ tests-special += $(objpfx)tst-error1-mem.out \ - $(objpfx)tst-allocate_once-mem.out - endif - --tests-container := tst-syslog -+tests-container := \ -+ tst-syslog \ -+ tst-syslog-long-progname \ -+ # tests-container - - CFLAGS-select.c += -fexceptions -fasynchronous-unwind-tables - CFLAGS-tsearch.c += $(uses-callbacks) -@@ -351,6 +354,9 @@ $(objpfx)tst-allocate_once-mem.out: $(objpfx)tst-allocate_once.out - $(common-objpfx)malloc/mtrace $(objpfx)tst-allocate_once.mtrace > $@; \ - $(evaluate-test) - -+tst-syslog-long-progname-ENV = GLIBC_TUNABLES=glibc.malloc.check=3 \ -+ LD_PRELOAD=libc_malloc_debug.so.0 -+ - $(objpfx)tst-select: $(librt) - $(objpfx)tst-select-time64: $(librt) - $(objpfx)tst-pselect: $(librt) -diff --git a/misc/syslog.c b/misc/syslog.c -index 1b8cb722c5..814d224a1e 100644 ---- a/misc/syslog.c -+++ b/misc/syslog.c -@@ -124,8 +124,9 @@ __vsyslog_internal (int pri, const char *fmt, va_list ap, - { - /* Try to use a static buffer as an optimization. */ - char bufs[1024]; -- char *buf = NULL; -- size_t bufsize = 0; -+ char *buf = bufs; -+ size_t bufsize; -+ - int msgoff; - int saved_errno = errno; - -@@ -177,29 +178,50 @@ __vsyslog_internal (int pri, const char *fmt, va_list ap, - #define SYSLOG_HEADER_WITHOUT_TS(__pri, __msgoff) \ - "<%d>: %n", __pri, __msgoff - -- int l; -+ int l, vl; - if (has_ts) - l = __snprintf (bufs, sizeof bufs, - SYSLOG_HEADER (pri, timestamp, &msgoff, pid)); - else - l = __snprintf (bufs, sizeof bufs, - SYSLOG_HEADER_WITHOUT_TS (pri, &msgoff)); -+ -+ char *pos; -+ size_t len; -+ - if (0 <= l && l < sizeof bufs) - { -- va_list apc; -- va_copy (apc, ap); -+ /* At this point, there is still a chance that we can print the -+ remaining part of the log into bufs and use that. */ -+ pos = bufs + l; -+ len = sizeof (bufs) - l; -+ } -+ else -+ { -+ buf = NULL; -+ /* We already know that bufs is too small to use for this log message. -+ The next vsnprintf into bufs is used only to calculate the total -+ required buffer length. We will discard bufs contents and allocate -+ an appropriately sized buffer later instead. */ -+ pos = bufs; -+ len = sizeof (bufs); -+ } - -- /* Restore errno for %m format. */ -- __set_errno (saved_errno); -+ { -+ va_list apc; -+ va_copy (apc, ap); - -- int vl = __vsnprintf_internal (bufs + l, sizeof bufs - l, fmt, apc, -- mode_flags); -- if (0 <= vl && vl < sizeof bufs - l) -- buf = bufs; -- bufsize = l + vl; -+ /* Restore errno for %m format. */ -+ __set_errno (saved_errno); - -- va_end (apc); -- } -+ vl = __vsnprintf_internal (pos, len, fmt, apc, mode_flags); -+ -+ if (!(0 <= vl && vl < len)) -+ buf = NULL; -+ -+ bufsize = l + vl; -+ va_end (apc); -+ } - - if (buf == NULL) - { -diff --git a/misc/tst-syslog-long-progname.c b/misc/tst-syslog-long-progname.c -new file mode 100644 -index 0000000000..88f37a8a00 ---- /dev/null -+++ b/misc/tst-syslog-long-progname.c -@@ -0,0 +1,39 @@ -+/* Test heap buffer overflow in syslog with long __progname (CVE-2023-6246) -+ Copyright (C) 2023 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+ -+extern char * __progname; -+ -+static int -+do_test (void) -+{ -+ char long_progname[2048]; -+ -+ memset (long_progname, 'X', sizeof (long_progname) - 1); -+ long_progname[sizeof (long_progname) - 1] = '\0'; -+ -+ __progname = long_progname; -+ -+ syslog (LOG_INFO, "Hello, World!"); -+ -+ return 0; -+} -+ -+#include -diff --git a/misc/tst-syslog-long-progname.root/postclean.req b/misc/tst-syslog-long-progname.root/postclean.req -new file mode 100644 -index 0000000000..e69de29bb2 --- -2.43.0 - diff --git a/packages/glibc/0043-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch b/packages/glibc/0043-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch deleted file mode 100644 index 3c40e6c133c..00000000000 --- a/packages/glibc/0043-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch +++ /dev/null @@ -1,106 +0,0 @@ -From d0338312aace5bbfef85e03055e1212dd0e49578 Mon Sep 17 00:00:00 2001 -From: Arjun Shankar -Date: Mon, 15 Jan 2024 17:44:44 +0100 -Subject: [PATCH] syslog: Fix heap buffer overflow in __vsyslog_internal - (CVE-2023-6779) - -__vsyslog_internal used the return value of snprintf/vsnprintf to -calculate buffer sizes for memory allocation. If these functions (for -any reason) failed and returned -1, the resulting buffer would be too -small to hold output. This commit fixes that. - -All snprintf/vsnprintf calls are checked for negative return values and -the function silently returns upon encountering them. - -Reviewed-by: Carlos O'Donell -(cherry picked from commit 7e5a0c286da33159d47d0122007aac016f3e02cd) ---- - misc/syslog.c | 39 ++++++++++++++++++++++++++++----------- - 1 file changed, 28 insertions(+), 11 deletions(-) - -diff --git a/misc/syslog.c b/misc/syslog.c -index 814d224a1e..53440e47ad 100644 ---- a/misc/syslog.c -+++ b/misc/syslog.c -@@ -185,11 +185,13 @@ __vsyslog_internal (int pri, const char *fmt, va_list ap, - else - l = __snprintf (bufs, sizeof bufs, - SYSLOG_HEADER_WITHOUT_TS (pri, &msgoff)); -+ if (l < 0) -+ goto out; - - char *pos; - size_t len; - -- if (0 <= l && l < sizeof bufs) -+ if (l < sizeof bufs) - { - /* At this point, there is still a chance that we can print the - remaining part of the log into bufs and use that. */ -@@ -215,12 +217,15 @@ __vsyslog_internal (int pri, const char *fmt, va_list ap, - __set_errno (saved_errno); - - vl = __vsnprintf_internal (pos, len, fmt, apc, mode_flags); -+ va_end (apc); -+ -+ if (vl < 0) -+ goto out; - -- if (!(0 <= vl && vl < len)) -+ if (vl >= len) - buf = NULL; - - bufsize = l + vl; -- va_end (apc); - } - - if (buf == NULL) -@@ -231,25 +236,37 @@ __vsyslog_internal (int pri, const char *fmt, va_list ap, - /* Tell the cancellation handler to free this buffer. */ - clarg.buf = buf; - -+ int cl; - if (has_ts) -- __snprintf (buf, l + 1, -- SYSLOG_HEADER (pri, timestamp, &msgoff, pid)); -+ cl = __snprintf (buf, l + 1, -+ SYSLOG_HEADER (pri, timestamp, &msgoff, pid)); - else -- __snprintf (buf, l + 1, -- SYSLOG_HEADER_WITHOUT_TS (pri, &msgoff)); -+ cl = __snprintf (buf, l + 1, -+ SYSLOG_HEADER_WITHOUT_TS (pri, &msgoff)); -+ if (cl != l) -+ goto out; - - va_list apc; - va_copy (apc, ap); -- __vsnprintf_internal (buf + l, bufsize - l + 1, fmt, apc, -- mode_flags); -+ cl = __vsnprintf_internal (buf + l, bufsize - l + 1, fmt, apc, -+ mode_flags); - va_end (apc); -+ -+ if (cl != vl) -+ goto out; - } - else - { -+ int bl; - /* Nothing much to do but emit an error message. */ -- bufsize = __snprintf (bufs, sizeof bufs, -- "out of memory[%d]", __getpid ()); -+ bl = __snprintf (bufs, sizeof bufs, -+ "out of memory[%d]", __getpid ()); -+ if (bl < 0 || bl >= sizeof bufs) -+ goto out; -+ -+ bufsize = bl; - buf = bufs; -+ msgoff = 0; - } - } - --- -2.43.0 - diff --git a/packages/glibc/0044-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch b/packages/glibc/0044-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch deleted file mode 100644 index 5529b3b8fe2..00000000000 --- a/packages/glibc/0044-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch +++ /dev/null @@ -1,41 +0,0 @@ -From d37c2b20a4787463d192b32041c3406c2bd91de0 Mon Sep 17 00:00:00 2001 -From: Arjun Shankar -Date: Mon, 15 Jan 2024 17:44:45 +0100 -Subject: [PATCH] syslog: Fix integer overflow in __vsyslog_internal - (CVE-2023-6780) - -__vsyslog_internal calculated a buffer size by adding two integers, but -did not first check if the addition would overflow. This commit fixes -that. - -Reviewed-by: Carlos O'Donell -Tested-by: Carlos O'Donell -(cherry picked from commit ddf542da94caf97ff43cc2875c88749880b7259b) ---- - misc/syslog.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/misc/syslog.c b/misc/syslog.c -index 53440e47ad..4af87f54fd 100644 ---- a/misc/syslog.c -+++ b/misc/syslog.c -@@ -41,6 +41,7 @@ static char sccsid[] = "@(#)syslog.c 8.4 (Berkeley) 3/18/94"; - #include - #include - #include -+#include - - static int LogType = SOCK_DGRAM; /* type of socket connection */ - static int LogFile = -1; /* fd for log */ -@@ -219,7 +220,7 @@ __vsyslog_internal (int pri, const char *fmt, va_list ap, - vl = __vsnprintf_internal (pos, len, fmt, apc, mode_flags); - va_end (apc); - -- if (vl < 0) -+ if (vl < 0 || vl >= INT_MAX - l) - goto out; - - if (vl >= len) --- -2.43.0 - diff --git a/packages/glibc/0045-x86_64-Optimize-ffsll-function-code-size.patch b/packages/glibc/0045-x86_64-Optimize-ffsll-function-code-size.patch deleted file mode 100644 index a86641b56fe..00000000000 --- a/packages/glibc/0045-x86_64-Optimize-ffsll-function-code-size.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 30e546d76e756fe4d2d20a8b2286de4fbf30ceb5 Mon Sep 17 00:00:00 2001 -From: Sunil K Pandey -Date: Wed, 26 Jul 2023 08:34:05 -0700 -Subject: [PATCH] x86_64: Optimize ffsll function code size. - -Ffsll function randomly regress by ~20%, depending on how code gets -aligned in memory. Ffsll function code size is 17 bytes. Since default -function alignment is 16 bytes, it can load on 16, 32, 48 or 64 bytes -aligned memory. When ffsll function load at 16, 32 or 64 bytes aligned -memory, entire code fits in single 64 bytes cache line. When ffsll -function load at 48 bytes aligned memory, it splits in two cache line, -hence random regression. - -Ffsll function size reduction from 17 bytes to 12 bytes ensures that it -will always fit in single 64 bytes cache line. - -This patch fixes ffsll function random performance regression. - -Reviewed-by: Carlos O'Donell -(cherry picked from commit 9d94997b5f9445afd4f2bccc5fa60ff7c4361ec1) ---- - sysdeps/x86_64/ffsll.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/sysdeps/x86_64/ffsll.c b/sysdeps/x86_64/ffsll.c -index a1c13d4906..0c6680735c 100644 ---- a/sysdeps/x86_64/ffsll.c -+++ b/sysdeps/x86_64/ffsll.c -@@ -26,13 +26,13 @@ int - ffsll (long long int x) - { - long long int cnt; -- long long int tmp; - -- asm ("bsfq %2,%0\n" /* Count low bits in X and store in %1. */ -- "cmoveq %1,%0\n" /* If number was zero, use -1 as result. */ -- : "=&r" (cnt), "=r" (tmp) : "rm" (x), "1" (-1)); -+ asm ("mov $-1,%k0\n" /* Initialize cnt to -1. */ -+ "bsf %1,%0\n" /* Count low bits in x and store in cnt. */ -+ "inc %k0\n" /* Increment cnt by 1. */ -+ : "=&r" (cnt) : "r" (x)); - -- return cnt + 1; -+ return cnt; - } - - #ifndef __ILP32__ --- -2.44.0 - diff --git a/packages/glibc/0046-S390-Fix-building-with-disable-mutli-arch-BZ-31196.patch b/packages/glibc/0046-S390-Fix-building-with-disable-mutli-arch-BZ-31196.patch deleted file mode 100644 index ec4d7648736..00000000000 --- a/packages/glibc/0046-S390-Fix-building-with-disable-mutli-arch-BZ-31196.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 18876c9ff52c3d9aefe2c663b1a287589bebedc0 Mon Sep 17 00:00:00 2001 -From: Stefan Liebler -Date: Tue, 30 Jan 2024 09:34:32 +0100 -Subject: [PATCH] S390: Fix building with --disable-mutli-arch [BZ #31196] -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Starting with commits -- 7ea510127e2067efa07865158ac92c330c379950 -string: Add libc_hidden_proto for strchrnul -- 22999b2f0fb62eed1af4095d062bd1272d6afeb1 -string: Add libc_hidden_proto for memrchr - -building glibc on s390x with --disable-multi-arch fails if only -the C-variant of strchrnul / memrchr is used. This is the case -if gcc uses -march < z13. - -The build fails with: -../sysdeps/s390/strchrnul-c.c:28:49: error: ‘__strchrnul_c’ undeclared here (not in a function); did you mean ‘__strchrnul’? - 28 | __hidden_ver1 (__strchrnul_c, __GI___strchrnul, __strchrnul_c); - -With --disable-multi-arch, __strchrnul_c is not available as string/strchrnul.c -is just included without defining STRCHRNUL and thus we also don't have to create -the internal hidden symbol. - -Tested-by: Andreas K. Hüttel -(cherry picked from commit cc1b91eabd806057aa7e3058a84bf129ed36e157) ---- - sysdeps/s390/memrchr-c.c | 4 +++- - sysdeps/s390/strchrnul-c.c | 4 +++- - 2 files changed, 6 insertions(+), 2 deletions(-) - -diff --git a/sysdeps/s390/memrchr-c.c b/sysdeps/s390/memrchr-c.c -index bdf3c7bbe0..fadd63087a 100644 ---- a/sysdeps/s390/memrchr-c.c -+++ b/sysdeps/s390/memrchr-c.c -@@ -25,7 +25,9 @@ - - # include - --# if defined SHARED && IS_IN (libc) -+# if HAVE_MEMRCHR_IFUNC -+# if defined SHARED && IS_IN (libc) - __hidden_ver1 (__memrchr_c, __GI___memrchr, __memrchr_c); -+# endif - # endif - #endif -diff --git a/sysdeps/s390/strchrnul-c.c b/sysdeps/s390/strchrnul-c.c -index f6f5bae311..97fbc16edb 100644 ---- a/sysdeps/s390/strchrnul-c.c -+++ b/sysdeps/s390/strchrnul-c.c -@@ -24,7 +24,9 @@ - # endif - - # include --# if defined SHARED && IS_IN (libc) -+# if HAVE_STRCHRNUL_IFUNC -+# if defined SHARED && IS_IN (libc) - __hidden_ver1 (__strchrnul_c, __GI___strchrnul, __strchrnul_c); -+# endif - # endif - #endif --- -2.44.0 - diff --git a/packages/glibc/0047-sparc-Fix-broken-memset-for-sparc32-BZ-31068.patch b/packages/glibc/0047-sparc-Fix-broken-memset-for-sparc32-BZ-31068.patch deleted file mode 100644 index 978734f63d9..00000000000 --- a/packages/glibc/0047-sparc-Fix-broken-memset-for-sparc32-BZ-31068.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 6f68075869f6034f5fde3823741623d34164dc7d Mon Sep 17 00:00:00 2001 -From: Andreas Larsson -Date: Wed, 15 Nov 2023 13:29:43 +0100 -Subject: [PATCH] sparc: Fix broken memset for sparc32 [BZ #31068] - -Fixes commit a61933fe27df ("sparc: Remove bzero optimization") that -after moving code jumped to the wrong label 4. - -Verfied by successfully running string/test-memset on sparc32. - -Signed-off-by: Andreas Larsson -Signed-off-by: Ludwig Rydberg -Reviewed-by: Adhemerval Zanella -(cherry picked from commit 578190b7e43305141512dee777e4a3b3e8159393) ---- - sysdeps/sparc/sparc32/memset.S | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/sysdeps/sparc/sparc32/memset.S b/sysdeps/sparc/sparc32/memset.S -index ca29ff5685..1dc3a640e8 100644 ---- a/sysdeps/sparc/sparc32/memset.S -+++ b/sysdeps/sparc/sparc32/memset.S -@@ -55,7 +55,7 @@ ENTRY(memset) - - andcc %o0, 3, %o2 - bne 3f --4: andcc %o0, 4, %g0 -+5: andcc %o0, 4, %g0 - - be 2f - mov %g3, %g2 -@@ -139,7 +139,7 @@ ENTRY(memset) - stb %g3, [%o0 + 0x02] - 2: sub %o2, 4, %o2 - add %o1, %o2, %o1 -- b 4b -+ b 5b - sub %o0, %o2, %o0 - END(memset) - libc_hidden_builtin_def (memset) --- -2.44.0 - diff --git a/packages/glibc/0048-sparc64-Remove-unwind-information-from-signal-return.patch b/packages/glibc/0048-sparc64-Remove-unwind-information-from-signal-return.patch deleted file mode 100644 index f7a02c7b303..00000000000 --- a/packages/glibc/0048-sparc64-Remove-unwind-information-from-signal-return.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 0e383d2d4e7c08b36ad3edb30c072a3dc4d26ed8 Mon Sep 17 00:00:00 2001 -From: Adhemerval Zanella -Date: Wed, 17 Jan 2024 10:38:09 -0300 -Subject: [PATCH] sparc64: Remove unwind information from signal return stubs - [BZ#31244] - -Similar to sparc32 fix, remove the unwind information on the signal -return stubs. This fixes the regressions: - -FAIL: nptl/tst-cancel24-static -FAIL: nptl/tst-cond8-static -FAIL: nptl/tst-mutex8-static -FAIL: nptl/tst-mutexpi8-static -FAIL: nptl/tst-mutexpi9 - -On sparc64-linux-gnu. - -(cherry picked from commit 369efd817780276dbe0ecf8be6e1f354bdbc9857) ---- - sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S b/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S -index 7fac04f657..f089bcaf68 100644 ---- a/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S -+++ b/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S -@@ -23,7 +23,10 @@ - - [1] https://lkml.org/lkml/2016/5/27/465 */ - --ENTRY (__rt_sigreturn_stub) -+ nop -+ nop -+ -+ENTRY_NOCFI (__rt_sigreturn_stub) - mov __NR_rt_sigreturn, %g1 - ta 0x6d --END (__rt_sigreturn_stub) -+END_NOCFI (__rt_sigreturn_stub) --- -2.44.0 - diff --git a/packages/glibc/0049-sparc-Fix-sparc64-memmove-length-comparison-BZ-31266.patch b/packages/glibc/0049-sparc-Fix-sparc64-memmove-length-comparison-BZ-31266.patch deleted file mode 100644 index e2a85c107d5..00000000000 --- a/packages/glibc/0049-sparc-Fix-sparc64-memmove-length-comparison-BZ-31266.patch +++ /dev/null @@ -1,32 +0,0 @@ -From aac57faf5425b472a72132b09f4b3a2aa1f77a63 Mon Sep 17 00:00:00 2001 -From: Adhemerval Zanella -Date: Thu, 18 Jan 2024 10:52:18 -0300 -Subject: [PATCH] sparc: Fix sparc64 memmove length comparison (BZ 31266) - -The small counts copy bytes comparsion should be unsigned (as the -memmove size argument). It fixes string/tst-memmove-overflow on -sparcv9, where the input size triggers an invalid code path. - -Checked on sparc64-linux-gnu and sparcv9-linux-gnu. - -(cherry picked from commit 926a4bdbb5fc8955570208b5571b2d04c6ffbd1d) ---- - sysdeps/sparc/sparc64/memmove.S | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sysdeps/sparc/sparc64/memmove.S b/sysdeps/sparc/sparc64/memmove.S -index db6f4f0e84..62b19ebc1b 100644 ---- a/sysdeps/sparc/sparc64/memmove.S -+++ b/sysdeps/sparc/sparc64/memmove.S -@@ -38,7 +38,7 @@ ENTRY(memmove) - /* - * normal, copy forwards - */ --2: ble %XCC, .Ldbytecp -+2: bleu %XCC, .Ldbytecp - andcc %o1, 3, %o5 /* is src word aligned */ - bz,pn %icc, .Laldst - cmp %o5, 2 /* is src half-word aligned */ --- -2.44.0 - diff --git a/packages/glibc/0050-sparc-Remove-unwind-information-from-signal-return-s.patch b/packages/glibc/0050-sparc-Remove-unwind-information-from-signal-return-s.patch deleted file mode 100644 index 3d6e8b23eb4..00000000000 --- a/packages/glibc/0050-sparc-Remove-unwind-information-from-signal-return-s.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 0c5e5bace57578ed3e28eb89ee2d2b31b74c4ecc Mon Sep 17 00:00:00 2001 -From: Daniel Cederman -Date: Tue, 16 Jan 2024 09:31:41 +0100 -Subject: [PATCH] sparc: Remove unwind information from signal return stubs [BZ - #31244] - -The functions were previously written in C, but were not compiled -with unwind information. The ENTRY/END macros includes .cfi_startproc -and .cfi_endproc which adds unwind information. This caused the -tests cleanup-8 and cleanup-10 in the GCC testsuite to fail. -This patch adds a version of the ENTRY/END macros without the -CFI instructions that can be used instead. - -sigaction registers a restorer address that is located two instructions -before the stub function. This patch adds a two instruction padding to -avoid that the unwinder accesses the unwind information from the function -that the linker has placed right before it in memory. This fixes an issue -with pthread_cancel that caused tst-mutex8-static (and other tests) to fail. - -Signed-off-by: Daniel Cederman -Reviewed-by: Adhemerval Zanella -(cherry picked from commit 7bd06985c0a143cdcba2762bfe020e53514a53de) ---- - sysdeps/sparc/sysdep.h | 9 +++++++++ - .../unix/sysv/linux/sparc/sparc32/sigreturn_stub.S | 11 +++++++---- - 2 files changed, 16 insertions(+), 4 deletions(-) - -diff --git a/sysdeps/sparc/sysdep.h b/sysdeps/sparc/sysdep.h -index 687e626182..151baa5e10 100644 ---- a/sysdeps/sparc/sysdep.h -+++ b/sysdeps/sparc/sysdep.h -@@ -76,6 +76,15 @@ C_LABEL(name) \ - cfi_endproc; \ - .size name, . - name - -+#define ENTRY_NOCFI(name) \ -+ .align 4; \ -+ .global C_SYMBOL_NAME(name); \ -+ .type name, @function; \ -+C_LABEL(name) -+ -+#define END_NOCFI(name) \ -+ .size name, . - name -+ - #undef LOC - #define LOC(name) .L##name - -diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S b/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S -index cf509c8d5c..1962f9053c 100644 ---- a/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S -+++ b/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S -@@ -23,12 +23,15 @@ - - [1] https://lkml.org/lkml/2016/5/27/465 */ - --ENTRY (__rt_sigreturn_stub) -+ nop -+ nop -+ -+ENTRY_NOCFI (__rt_sigreturn_stub) - mov __NR_rt_sigreturn, %g1 - ta 0x10 --END (__rt_sigreturn_stub) -+END_NOCFI (__rt_sigreturn_stub) - --ENTRY (__sigreturn_stub) -+ENTRY_NOCFI (__sigreturn_stub) - mov __NR_sigreturn, %g1 - ta 0x10 --END (__sigreturn_stub) -+END_NOCFI (__sigreturn_stub) --- -2.44.0 - diff --git a/packages/glibc/0051-arm-Remove-wrong-ldr-from-_dl_start_user-BZ-31339.patch b/packages/glibc/0051-arm-Remove-wrong-ldr-from-_dl_start_user-BZ-31339.patch deleted file mode 100644 index 71b8ff3b093..00000000000 --- a/packages/glibc/0051-arm-Remove-wrong-ldr-from-_dl_start_user-BZ-31339.patch +++ /dev/null @@ -1,40 +0,0 @@ -From b09073e63138ce409bf6426cf820eeaa0d28ca74 Mon Sep 17 00:00:00 2001 -From: Adhemerval Zanella -Date: Mon, 5 Feb 2024 16:10:24 +0000 -Subject: [PATCH] arm: Remove wrong ldr from _dl_start_user (BZ 31339) - -The commit 49d877a80b29d3002887b084eec6676d9f5fec18 (arm: Remove -_dl_skip_args usage) removed the _SKIP_ARGS literal, which was -previously loader to r4 on loader _start. However, the cleanup did not -remove the following 'ldr r4, [sl, r4]' on _dl_start_user, used to check -to skip the arguments after ld self-relocations. - -In my testing, the kernel initially set r4 to 0, which makes the -ldr instruction just read the _GLOBAL_OFFSET_TABLE_. However, since r4 -is a callee-saved register; a different runtime might not zero -initialize it and thus trigger an invalid memory access. - -Checked on arm-linux-gnu. - -Reported-by: Adrian Ratiu -Reviewed-by: Szabolcs Nagy -(cherry picked from commit 1e25112dc0cb2515d27d8d178b1ecce778a9d37a) ---- - sysdeps/arm/dl-machine.h | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/sysdeps/arm/dl-machine.h b/sysdeps/arm/dl-machine.h -index d720c02c96..77dc7415e9 100644 ---- a/sysdeps/arm/dl-machine.h -+++ b/sysdeps/arm/dl-machine.h -@@ -137,7 +137,6 @@ _start:\n\ - _dl_start_user:\n\ - adr r6, .L_GET_GOT\n\ - add sl, sl, r6\n\ -- ldr r4, [sl, r4]\n\ - @ save the entry point in another register\n\ - mov r6, r0\n\ - @ get the original arg count\n\ --- -2.44.0 - diff --git a/packages/glibc/0052-malloc-Use-__get_nprocs-on-arena_get2-BZ-30945.patch b/packages/glibc/0052-malloc-Use-__get_nprocs-on-arena_get2-BZ-30945.patch deleted file mode 100644 index e8468302e23..00000000000 --- a/packages/glibc/0052-malloc-Use-__get_nprocs-on-arena_get2-BZ-30945.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 506e47da1d66b33e24440a495eeef85daf7f2a78 Mon Sep 17 00:00:00 2001 -From: Adhemerval Zanella -Date: Wed, 11 Oct 2023 13:43:56 -0300 -Subject: [PATCH] malloc: Use __get_nprocs on arena_get2 (BZ 30945) - -This restore the 2.33 semantic for arena_get2. It was changed by -11a02b035b46 to avoid arena_get2 call malloc (back when __get_nproc -was refactored to use an scratch_buffer - 903bc7dcc2acafc). The -__get_nproc was refactored over then and now it also avoid to call -malloc. - -The 11a02b035b46 did not take in consideration any performance -implication, which should have been discussed properly. The -__get_nprocs_sched is still used as a fallback mechanism if procfs -and sysfs is not acessible. - -Checked on x86_64-linux-gnu. -Reviewed-by: DJ Delorie - -(cherry picked from commit 472894d2cfee5751b44c0aaa71ed87df81c8e62e) ---- - include/sys/sysinfo.h | 4 ---- - malloc/arena.c | 2 +- - misc/getsysstats.c | 6 ------ - sysdeps/mach/getsysstats.c | 6 ------ - sysdeps/unix/sysv/linux/getsysstats.c | 2 +- - 5 files changed, 2 insertions(+), 18 deletions(-) - -diff --git a/include/sys/sysinfo.h b/include/sys/sysinfo.h -index c490561581..65742b1036 100644 ---- a/include/sys/sysinfo.h -+++ b/include/sys/sysinfo.h -@@ -14,10 +14,6 @@ libc_hidden_proto (__get_nprocs_conf) - extern int __get_nprocs (void); - libc_hidden_proto (__get_nprocs) - --/* Return the number of available processors which the process can -- be scheduled. */ --extern int __get_nprocs_sched (void) attribute_hidden; -- - /* Return number of physical pages of memory in the system. */ - extern long int __get_phys_pages (void); - libc_hidden_proto (__get_phys_pages) -diff --git a/malloc/arena.c b/malloc/arena.c -index 6f03955ff2..82b09adb47 100644 ---- a/malloc/arena.c -+++ b/malloc/arena.c -@@ -820,7 +820,7 @@ arena_get2 (size_t size, mstate avoid_arena) - narenas_limit = mp_.arena_max; - else if (narenas > mp_.arena_test) - { -- int n = __get_nprocs_sched (); -+ int n = __get_nprocs (); - - if (n >= 1) - narenas_limit = NARENAS_FROM_NCORES (n); -diff --git a/misc/getsysstats.c b/misc/getsysstats.c -index 5f36adc0e8..23cc112074 100644 ---- a/misc/getsysstats.c -+++ b/misc/getsysstats.c -@@ -44,12 +44,6 @@ weak_alias (__get_nprocs, get_nprocs) - link_warning (get_nprocs, "warning: get_nprocs will always return 1") - - --int --__get_nprocs_sched (void) --{ -- return 1; --} -- - long int - __get_phys_pages (void) - { -diff --git a/sysdeps/mach/getsysstats.c b/sysdeps/mach/getsysstats.c -index 5184e5eee1..d3834f3b69 100644 ---- a/sysdeps/mach/getsysstats.c -+++ b/sysdeps/mach/getsysstats.c -@@ -62,12 +62,6 @@ __get_nprocs (void) - libc_hidden_def (__get_nprocs) - weak_alias (__get_nprocs, get_nprocs) - --int --__get_nprocs_sched (void) --{ -- return __get_nprocs (); --} -- - /* Return the number of physical pages on the system. */ - long int - __get_phys_pages (void) -diff --git a/sysdeps/unix/sysv/linux/getsysstats.c b/sysdeps/unix/sysv/linux/getsysstats.c -index b0b6c154ac..1ea7f1f01f 100644 ---- a/sysdeps/unix/sysv/linux/getsysstats.c -+++ b/sysdeps/unix/sysv/linux/getsysstats.c -@@ -29,7 +29,7 @@ - #include - #include - --int -+static int - __get_nprocs_sched (void) - { - enum --- -2.44.0 - diff --git a/packages/glibc/0053-S390-Do-not-clobber-r7-in-clone-BZ-31402.patch b/packages/glibc/0053-S390-Do-not-clobber-r7-in-clone-BZ-31402.patch deleted file mode 100644 index 44a2f112056..00000000000 --- a/packages/glibc/0053-S390-Do-not-clobber-r7-in-clone-BZ-31402.patch +++ /dev/null @@ -1,157 +0,0 @@ -From ee4806e978467d705b26ccb7dfddb9e0a710f8e4 Mon Sep 17 00:00:00 2001 -From: Stefan Liebler -Date: Thu, 22 Feb 2024 15:03:27 +0100 -Subject: [PATCH] S390: Do not clobber r7 in clone [BZ #31402] - -Starting with commit e57d8fc97b90127de4ed3e3a9cdf663667580935 -"S390: Always use svc 0" -clone clobbers the call-saved register r7 in error case: -function or stack is NULL. - -This patch restores the saved registers also in the error case. -Furthermore the existing test misc/tst-clone is extended to check -all error cases and that clone does not clobber registers in this -error case. - -(cherry picked from commit 02782fd12849b6673cb5c2728cb750e8ec295aa3) -Note: Added ia64 __clone2 call to tst-clone.c. ---- - sysdeps/unix/sysv/linux/s390/s390-32/clone.S | 1 + - sysdeps/unix/sysv/linux/s390/s390-64/clone.S | 1 + - sysdeps/unix/sysv/linux/tst-clone.c | 76 ++++++++++++++++---- - 3 files changed, 65 insertions(+), 13 deletions(-) - -diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/clone.S b/sysdeps/unix/sysv/linux/s390/s390-32/clone.S -index 5d8d873383..fd1e509cf4 100644 ---- a/sysdeps/unix/sysv/linux/s390/s390-32/clone.S -+++ b/sysdeps/unix/sysv/linux/s390/s390-32/clone.S -@@ -53,6 +53,7 @@ ENTRY(__clone) - br %r14 - error: - lhi %r2,-EINVAL -+ lm %r6,%r7,24(%r15) /* Load registers. */ - j SYSCALL_ERROR_LABEL - PSEUDO_END (__clone) - -diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/clone.S b/sysdeps/unix/sysv/linux/s390/s390-64/clone.S -index f1c4288a3d..7b37b18010 100644 ---- a/sysdeps/unix/sysv/linux/s390/s390-64/clone.S -+++ b/sysdeps/unix/sysv/linux/s390/s390-64/clone.S -@@ -54,6 +54,7 @@ ENTRY(__clone) - br %r14 - error: - lghi %r2,-EINVAL -+ lmg %r6,%r7,48(%r15) /* Restore registers. */ - jg SYSCALL_ERROR_LABEL - PSEUDO_END (__clone) - -diff --git a/sysdeps/unix/sysv/linux/tst-clone.c b/sysdeps/unix/sysv/linux/tst-clone.c -index 56348707d4..95bd0f6ccb 100644 ---- a/sysdeps/unix/sysv/linux/tst-clone.c -+++ b/sysdeps/unix/sysv/linux/tst-clone.c -@@ -16,12 +16,16 @@ - License along with the GNU C Library; if not, see - . */ - --/* BZ #2386 */ -+/* BZ #2386, BZ #31402 */ - #include - #include - #include - #include - #include -+#include /* For _STACK_GROWS_{UP,DOWN}. */ -+#include -+ -+volatile unsigned v = 0xdeadbeef; - - #ifdef __ia64__ - extern int __clone2 (int (*__fn) (void *__arg), void *__child_stack_base, -@@ -35,26 +39,72 @@ int child_fn(void *arg) - } - - static int --do_test (void) -+__attribute__((noinline)) -+do_clone (int (*fn)(void *), void *stack) - { - int result; -+ unsigned int a = v; -+ unsigned int b = v; -+ unsigned int c = v; -+ unsigned int d = v; -+ unsigned int e = v; -+ unsigned int f = v; -+ unsigned int g = v; -+ unsigned int h = v; -+ unsigned int i = v; -+ unsigned int j = v; -+ unsigned int k = v; -+ unsigned int l = v; -+ unsigned int m = v; -+ unsigned int n = v; -+ unsigned int o = v; - - #ifdef __ia64__ -- result = __clone2 (child_fn, NULL, 0, 0, NULL, NULL, NULL); -+ result = __clone2 (fn, stack, stack != NULL ? 128 * 1024 : 0, 0, NULL, NULL, -+ NULL); -+#else -+ result = clone (fn, stack, 0, NULL); -+#endif -+ -+ /* Check that clone does not clobber call-saved registers. */ -+ TEST_VERIFY (a == v && b == v && c == v && d == v && e == v && f == v -+ && g == v && h == v && i == v && j == v && k == v && l == v -+ && m == v && n == v && o == v); -+ -+ return result; -+} -+ -+static void -+__attribute__((noinline)) -+do_test_single (int (*fn)(void *), void *stack) -+{ -+ printf ("%s (fn=%p, stack=%p)\n", __FUNCTION__, fn, stack); -+ errno = 0; -+ -+ int result = do_clone (fn, stack); -+ -+ TEST_COMPARE (errno, EINVAL); -+ TEST_COMPARE (result, -1); -+} -+ -+static int -+do_test (void) -+{ -+ char st[128 * 1024] __attribute__ ((aligned)); -+ void *stack = NULL; -+#if defined __ia64__ || _STACK_GROWS_UP -+ stack = st; -+#elif _STACK_GROWS_DOWN -+ stack = st + sizeof (st); - #else -- result = clone (child_fn, NULL, 0, NULL); -+# error "Define either _STACK_GROWS_DOWN or _STACK_GROWS_UP" - #endif - -- if (errno != EINVAL || result != -1) -- { -- printf ("FAIL: clone()=%d (wanted -1) errno=%d (wanted %d)\n", -- result, errno, EINVAL); -- return 1; -- } -+ do_test_single (child_fn, NULL); -+ do_test_single (NULL, stack); -+ do_test_single (NULL, NULL); - -- puts ("All OK"); - return 0; - } - --#define TEST_FUNCTION do_test () --#include "../test-skeleton.c" -+#include --- -2.44.0 - diff --git a/packages/glibc/0054-linux-Use-rseq-area-unconditionally-in-sched_getcpu-.patch b/packages/glibc/0054-linux-Use-rseq-area-unconditionally-in-sched_getcpu-.patch deleted file mode 100644 index b37744266e4..00000000000 --- a/packages/glibc/0054-linux-Use-rseq-area-unconditionally-in-sched_getcpu-.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 5753cda1ca0749002c4718122a9b6d5177087b7b Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Fri, 15 Mar 2024 19:08:24 +0100 -Subject: [PATCH] linux: Use rseq area unconditionally in sched_getcpu (bug - 31479) - -Originally, nptl/descr.h included , but we removed that -in commit 2c6b4b272e6b4d07303af25709051c3e96288f2d ("nptl: -Unconditionally use a 32-byte rseq area"). After that, it was -not ensured that the RSEQ_SIG macro was defined during sched_getcpu.c -compilation that provided a definition. This commit always checks -the rseq area for CPU number information before using the other -approaches. - -This adds an unnecessary (but well-predictable) branch on -architectures which do not define RSEQ_SIG, but its cost is small -compared to the system call. Most architectures that have vDSO -acceleration for getcpu also have rseq support. - -Fixes: 2c6b4b272e6b4d07303af25709051c3e96288f2d -Fixes: 1d350aa06091211863e41169729cee1bca39f72f -Reviewed-by: Arjun Shankar -(cherry picked from commit 7a76f218677d149d8b7875b336722108239f7ee9) ---- - sysdeps/unix/sysv/linux/sched_getcpu.c | 8 -------- - 1 file changed, 8 deletions(-) - -diff --git a/sysdeps/unix/sysv/linux/sched_getcpu.c b/sysdeps/unix/sysv/linux/sched_getcpu.c -index 4457d714bc..22700ef846 100644 ---- a/sysdeps/unix/sysv/linux/sched_getcpu.c -+++ b/sysdeps/unix/sysv/linux/sched_getcpu.c -@@ -33,17 +33,9 @@ vsyscall_sched_getcpu (void) - return r == -1 ? r : cpu; - } - --#ifdef RSEQ_SIG - int - sched_getcpu (void) - { - int cpu_id = THREAD_GETMEM_VOLATILE (THREAD_SELF, rseq_area.cpu_id); - return __glibc_likely (cpu_id >= 0) ? cpu_id : vsyscall_sched_getcpu (); - } --#else /* RSEQ_SIG */ --int --sched_getcpu (void) --{ -- return vsyscall_sched_getcpu (); --} --#endif /* RSEQ_SIG */ --- -2.44.0 - diff --git a/packages/glibc/0055-LoongArch-Correct-__ieee754-_-_scalb-__ieee754-_-_sc.patch b/packages/glibc/0055-LoongArch-Correct-__ieee754-_-_scalb-__ieee754-_-_sc.patch deleted file mode 100644 index 680771022f9..00000000000 --- a/packages/glibc/0055-LoongArch-Correct-__ieee754-_-_scalb-__ieee754-_-_sc.patch +++ /dev/null @@ -1,23 +0,0 @@ -From 0518bb0c16cb5986aaf35cf5e634964d7a06978b Mon Sep 17 00:00:00 2001 -From: caiyinyu -Date: Mon, 11 Mar 2024 16:07:48 +0800 -Subject: [PATCH] LoongArch: Correct {__ieee754, _}_scalb -> {__ieee754, - _}_scalbf - ---- - sysdeps/loongarch/fpu/e_scalbf.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sysdeps/loongarch/fpu/e_scalbf.c b/sysdeps/loongarch/fpu/e_scalbf.c -index c37b0fd19d..4690224621 100644 ---- a/sysdeps/loongarch/fpu/e_scalbf.c -+++ b/sysdeps/loongarch/fpu/e_scalbf.c -@@ -57,4 +57,4 @@ __ieee754_scalbf (float x, float fn) - - return x; - } --libm_alias_finite (__ieee754_scalb, __scalb) -+libm_alias_finite (__ieee754_scalbf, __scalbf) --- -2.44.0 - diff --git a/packages/glibc/0056-Add-HWCAP2_MOPS-from-Linux-6.5-to-AArch64-bits-hwcap.patch b/packages/glibc/0056-Add-HWCAP2_MOPS-from-Linux-6.5-to-AArch64-bits-hwcap.patch deleted file mode 100644 index e2d66ab8789..00000000000 --- a/packages/glibc/0056-Add-HWCAP2_MOPS-from-Linux-6.5-to-AArch64-bits-hwcap.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 5456ff5d80e45741a73cf9fa792d789a1ed17a09 Mon Sep 17 00:00:00 2001 -From: Joseph Myers -Date: Tue, 17 Oct 2023 13:13:27 +0000 -Subject: [PATCH] Add HWCAP2_MOPS from Linux 6.5 to AArch64 bits/hwcap.h - -Linux 6.5 adds a new AArch64 HWCAP2 value, HWCAP2_MOPS. Add it to -glibc's bits/hwcap.h. - -Tested with build-many-glibcs.py for aarch64-linux-gnu. - -(cherry picked from commit ff5d2abd18629e0efac41e31699cdff3be0e08fa) ---- - sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h b/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h -index 55c7ed39be..b251c2d417 100644 ---- a/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h -+++ b/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h -@@ -98,3 +98,4 @@ - #define HWCAP2_SME_BI32I32 (1UL << 40) - #define HWCAP2_SME_B16B16 (1UL << 41) - #define HWCAP2_SME_F16F16 (1UL << 42) -+#define HWCAP2_MOPS (1UL << 43) --- -2.44.0 - diff --git a/packages/glibc/0057-AArch64-Add-support-for-MOPS-memcpy-memmove-memset.patch b/packages/glibc/0057-AArch64-Add-support-for-MOPS-memcpy-memmove-memset.patch deleted file mode 100644 index 1b0008c9141..00000000000 --- a/packages/glibc/0057-AArch64-Add-support-for-MOPS-memcpy-memmove-memset.patch +++ /dev/null @@ -1,314 +0,0 @@ -From d8a2b56b4fdf39488eb8a94f8b1064e262708b6f Mon Sep 17 00:00:00 2001 -From: Wilco Dijkstra -Date: Tue, 17 Oct 2023 16:54:21 +0100 -Subject: [PATCH] AArch64: Add support for MOPS memcpy/memmove/memset - -Add support for MOPS in cpu_features and INIT_ARCH. Add ifuncs using MOPS for -memcpy, memmove and memset (use .inst for now so it works with all binutils -versions without needing complex configure and conditional compilation). - -Reviewed-by: Szabolcs Nagy -(cherry picked from commit 2bd00179885928fd95fcabfafc50e7b5c6e660d2) ---- - sysdeps/aarch64/multiarch/Makefile | 3 ++ - sysdeps/aarch64/multiarch/ifunc-impl-list.c | 3 ++ - sysdeps/aarch64/multiarch/init-arch.h | 4 +- - sysdeps/aarch64/multiarch/memcpy.c | 4 ++ - sysdeps/aarch64/multiarch/memcpy_mops.S | 39 +++++++++++++++++++ - sysdeps/aarch64/multiarch/memmove.c | 4 ++ - sysdeps/aarch64/multiarch/memmove_mops.S | 39 +++++++++++++++++++ - sysdeps/aarch64/multiarch/memset.c | 4 ++ - sysdeps/aarch64/multiarch/memset_mops.S | 38 ++++++++++++++++++ - .../unix/sysv/linux/aarch64/cpu-features.c | 3 ++ - .../unix/sysv/linux/aarch64/cpu-features.h | 1 + - 11 files changed, 141 insertions(+), 1 deletion(-) - create mode 100644 sysdeps/aarch64/multiarch/memcpy_mops.S - create mode 100644 sysdeps/aarch64/multiarch/memmove_mops.S - create mode 100644 sysdeps/aarch64/multiarch/memset_mops.S - -diff --git a/sysdeps/aarch64/multiarch/Makefile b/sysdeps/aarch64/multiarch/Makefile -index 223777d94e..e6099548b9 100644 ---- a/sysdeps/aarch64/multiarch/Makefile -+++ b/sysdeps/aarch64/multiarch/Makefile -@@ -5,14 +5,17 @@ sysdep_routines += \ - memcpy_a64fx \ - memcpy_falkor \ - memcpy_generic \ -+ memcpy_mops \ - memcpy_sve \ - memcpy_thunderx \ - memcpy_thunderx2 \ -+ memmove_mops \ - memset_a64fx \ - memset_emag \ - memset_falkor \ - memset_generic \ - memset_kunpeng \ -+ memset_mops \ - strlen_asimd \ - strlen_mte \ - # sysdep_routines -diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c -index d274f01fdb..da7f115377 100644 ---- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c -+++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c -@@ -41,6 +41,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, - IFUNC_IMPL_ADD (array, i, memcpy, sve, __memcpy_a64fx) - IFUNC_IMPL_ADD (array, i, memcpy, sve, __memcpy_sve) - #endif -+ IFUNC_IMPL_ADD (array, i, memcpy, mops, __memcpy_mops) - IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_generic)) - IFUNC_IMPL (i, name, memmove, - IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_thunderx) -@@ -50,6 +51,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, - IFUNC_IMPL_ADD (array, i, memmove, sve, __memmove_a64fx) - IFUNC_IMPL_ADD (array, i, memmove, sve, __memmove_sve) - #endif -+ IFUNC_IMPL_ADD (array, i, memmove, mops, __memmove_mops) - IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_generic)) - IFUNC_IMPL (i, name, memset, - /* Enable this on non-falkor processors too so that other cores -@@ -60,6 +62,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, - #if HAVE_AARCH64_SVE_ASM - IFUNC_IMPL_ADD (array, i, memset, sve && zva_size == 256, __memset_a64fx) - #endif -+ IFUNC_IMPL_ADD (array, i, memset, mops, __memset_mops) - IFUNC_IMPL_ADD (array, i, memset, 1, __memset_generic)) - IFUNC_IMPL (i, name, memchr, - IFUNC_IMPL_ADD (array, i, memchr, !mte, __memchr_nosimd) -diff --git a/sysdeps/aarch64/multiarch/init-arch.h b/sysdeps/aarch64/multiarch/init-arch.h -index 6de081e381..e23e6ff290 100644 ---- a/sysdeps/aarch64/multiarch/init-arch.h -+++ b/sysdeps/aarch64/multiarch/init-arch.h -@@ -35,4 +35,6 @@ - bool __attribute__((unused)) mte = \ - MTE_ENABLED (); \ - bool __attribute__((unused)) sve = \ -- GLRO(dl_aarch64_cpu_features).sve; -+ GLRO(dl_aarch64_cpu_features).sve; \ -+ bool __attribute__((unused)) mops = \ -+ GLRO(dl_aarch64_cpu_features).mops; -diff --git a/sysdeps/aarch64/multiarch/memcpy.c b/sysdeps/aarch64/multiarch/memcpy.c -index 3aae915c5f..9aace954cb 100644 ---- a/sysdeps/aarch64/multiarch/memcpy.c -+++ b/sysdeps/aarch64/multiarch/memcpy.c -@@ -34,12 +34,16 @@ extern __typeof (__redirect_memcpy) __memcpy_thunderx2 attribute_hidden; - extern __typeof (__redirect_memcpy) __memcpy_falkor attribute_hidden; - extern __typeof (__redirect_memcpy) __memcpy_a64fx attribute_hidden; - extern __typeof (__redirect_memcpy) __memcpy_sve attribute_hidden; -+extern __typeof (__redirect_memcpy) __memcpy_mops attribute_hidden; - - static inline __typeof (__redirect_memcpy) * - select_memcpy_ifunc (void) - { - INIT_ARCH (); - -+ if (mops) -+ return __memcpy_mops; -+ - if (sve && HAVE_AARCH64_SVE_ASM) - { - if (IS_A64FX (midr)) -diff --git a/sysdeps/aarch64/multiarch/memcpy_mops.S b/sysdeps/aarch64/multiarch/memcpy_mops.S -new file mode 100644 -index 0000000000..4685629664 ---- /dev/null -+++ b/sysdeps/aarch64/multiarch/memcpy_mops.S -@@ -0,0 +1,39 @@ -+/* Optimized memcpy for MOPS. -+ Copyright (C) 2023 Free Software Foundation, Inc. -+ -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library. If not, see -+ . */ -+ -+#include -+ -+/* Assumptions: -+ * -+ * AArch64, MOPS. -+ * -+ */ -+ -+ENTRY (__memcpy_mops) -+ PTR_ARG (0) -+ PTR_ARG (1) -+ SIZE_ARG (2) -+ -+ mov x3, x0 -+ .inst 0x19010443 /* cpyfp [x3]!, [x1]!, x2! */ -+ .inst 0x19410443 /* cpyfm [x3]!, [x1]!, x2! */ -+ .inst 0x19810443 /* cpyfe [x3]!, [x1]!, x2! */ -+ ret -+ -+END (__memcpy_mops) -diff --git a/sysdeps/aarch64/multiarch/memmove.c b/sysdeps/aarch64/multiarch/memmove.c -index 312f90f111..fd346e7b73 100644 ---- a/sysdeps/aarch64/multiarch/memmove.c -+++ b/sysdeps/aarch64/multiarch/memmove.c -@@ -34,12 +34,16 @@ extern __typeof (__redirect_memmove) __memmove_thunderx2 attribute_hidden; - extern __typeof (__redirect_memmove) __memmove_falkor attribute_hidden; - extern __typeof (__redirect_memmove) __memmove_a64fx attribute_hidden; - extern __typeof (__redirect_memmove) __memmove_sve attribute_hidden; -+extern __typeof (__redirect_memmove) __memmove_mops attribute_hidden; - - static inline __typeof (__redirect_memmove) * - select_memmove_ifunc (void) - { - INIT_ARCH (); - -+ if (mops) -+ return __memmove_mops; -+ - if (sve && HAVE_AARCH64_SVE_ASM) - { - if (IS_A64FX (midr)) -diff --git a/sysdeps/aarch64/multiarch/memmove_mops.S b/sysdeps/aarch64/multiarch/memmove_mops.S -new file mode 100644 -index 0000000000..c5ea66be3a ---- /dev/null -+++ b/sysdeps/aarch64/multiarch/memmove_mops.S -@@ -0,0 +1,39 @@ -+/* Optimized memmove for MOPS. -+ Copyright (C) 2023 Free Software Foundation, Inc. -+ -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library. If not, see -+ . */ -+ -+#include -+ -+/* Assumptions: -+ * -+ * AArch64, MOPS. -+ * -+ */ -+ -+ENTRY (__memmove_mops) -+ PTR_ARG (0) -+ PTR_ARG (1) -+ SIZE_ARG (2) -+ -+ mov x3, x0 -+ .inst 0x1d010443 /* cpyp [x3]!, [x1]!, x2! */ -+ .inst 0x1d410443 /* cpym [x3]!, [x1]!, x2! */ -+ .inst 0x1d810443 /* cpye [x3]!, [x1]!, x2! */ -+ ret -+ -+END (__memmove_mops) -diff --git a/sysdeps/aarch64/multiarch/memset.c b/sysdeps/aarch64/multiarch/memset.c -index f9c81d3d8e..23fc66e158 100644 ---- a/sysdeps/aarch64/multiarch/memset.c -+++ b/sysdeps/aarch64/multiarch/memset.c -@@ -33,12 +33,16 @@ extern __typeof (__redirect_memset) __memset_emag attribute_hidden; - extern __typeof (__redirect_memset) __memset_kunpeng attribute_hidden; - extern __typeof (__redirect_memset) __memset_a64fx attribute_hidden; - extern __typeof (__redirect_memset) __memset_generic attribute_hidden; -+extern __typeof (__redirect_memset) __memset_mops attribute_hidden; - - static inline __typeof (__redirect_memset) * - select_memset_ifunc (void) - { - INIT_ARCH (); - -+ if (mops) -+ return __memset_mops; -+ - if (sve && HAVE_AARCH64_SVE_ASM) - { - if (IS_A64FX (midr) && zva_size == 256) -diff --git a/sysdeps/aarch64/multiarch/memset_mops.S b/sysdeps/aarch64/multiarch/memset_mops.S -new file mode 100644 -index 0000000000..ca820b8636 ---- /dev/null -+++ b/sysdeps/aarch64/multiarch/memset_mops.S -@@ -0,0 +1,38 @@ -+/* Optimized memset for MOPS. -+ Copyright (C) 2023 Free Software Foundation, Inc. -+ -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library. If not, see -+ . */ -+ -+#include -+ -+/* Assumptions: -+ * -+ * AArch64, MOPS. -+ * -+ */ -+ -+ENTRY (__memset_mops) -+ PTR_ARG (0) -+ SIZE_ARG (2) -+ -+ mov x3, x0 -+ .inst 0x19c10443 /* setp [x3]!, x2!, x1 */ -+ .inst 0x19c14443 /* setm [x3]!, x2!, x1 */ -+ .inst 0x19c18443 /* sete [x3]!, x2!, x1 */ -+ ret -+ -+END (__memset_mops) -diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c -index dc09c1c827..233d5b2407 100644 ---- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c -+++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c -@@ -120,4 +120,7 @@ init_cpu_features (struct cpu_features *cpu_features) - - /* Check if SVE is supported. */ - cpu_features->sve = GLRO (dl_hwcap) & HWCAP_SVE; -+ -+ /* Check if MOPS is supported. */ -+ cpu_features->mops = GLRO (dl_hwcap2) & HWCAP2_MOPS; - } -diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h -index d67d286b53..40b709677d 100644 ---- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h -+++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h -@@ -76,6 +76,7 @@ struct cpu_features - /* Currently, the GLIBC memory tagging tunable only defines 8 bits. */ - uint8_t mte_state; - bool sve; -+ bool mops; - }; - - #endif /* _CPU_FEATURES_AARCH64_H */ --- -2.44.0 - diff --git a/packages/glibc/0058-AArch64-Cleanup-ifuncs.patch b/packages/glibc/0058-AArch64-Cleanup-ifuncs.patch deleted file mode 100644 index f2e56815ba9..00000000000 --- a/packages/glibc/0058-AArch64-Cleanup-ifuncs.patch +++ /dev/null @@ -1,540 +0,0 @@ -From 25b66e8c4a75b51b0122089cf6b99860fb05470d Mon Sep 17 00:00:00 2001 -From: Wilco Dijkstra -Date: Tue, 24 Oct 2023 13:51:07 +0100 -Subject: [PATCH] AArch64: Cleanup ifuncs - -Cleanup ifuncs. Remove uses of libc_hidden_builtin_def, use ENTRY rather than -ENTRY_ALIGN, remove unnecessary defines and conditional compilation. Rename -strlen_mte to strlen_generic. Remove rtld-memset. - -Reviewed-by: Szabolcs Nagy -(cherry picked from commit 9fd3409842b3e2d31cff5dbd6f96066c430f0aa2) ---- - sysdeps/aarch64/memset.S | 2 +- - sysdeps/aarch64/multiarch/Makefile | 2 +- - sysdeps/aarch64/multiarch/ifunc-impl-list.c | 2 +- - sysdeps/aarch64/multiarch/memchr_nosimd.S | 9 ++---- - sysdeps/aarch64/multiarch/memcpy_a64fx.S | 14 +++------- - sysdeps/aarch64/multiarch/memcpy_falkor.S | 6 ++-- - sysdeps/aarch64/multiarch/memcpy_sve.S | 2 -- - sysdeps/aarch64/multiarch/memcpy_thunderx.S | 27 ++++-------------- - sysdeps/aarch64/multiarch/memcpy_thunderx2.S | 28 +++---------------- - sysdeps/aarch64/multiarch/memset_a64fx.S | 8 ++---- - sysdeps/aarch64/multiarch/memset_base64.S | 3 +- - sysdeps/aarch64/multiarch/memset_emag.S | 8 ++---- - sysdeps/aarch64/multiarch/memset_generic.S | 8 +++++- - sysdeps/aarch64/multiarch/memset_kunpeng.S | 9 ++---- - sysdeps/aarch64/multiarch/rtld-memset.S | 25 ----------------- - sysdeps/aarch64/multiarch/strlen.c | 4 +-- - sysdeps/aarch64/multiarch/strlen_asimd.S | 1 - - .../{strlen_mte.S => strlen_generic.S} | 8 +++--- - 18 files changed, 41 insertions(+), 125 deletions(-) - delete mode 100644 sysdeps/aarch64/multiarch/rtld-memset.S - rename sysdeps/aarch64/multiarch/{strlen_mte.S => strlen_generic.S} (85%) - -diff --git a/sysdeps/aarch64/memset.S b/sysdeps/aarch64/memset.S -index 50e5da3e7a..bf3cf85c8a 100644 ---- a/sysdeps/aarch64/memset.S -+++ b/sysdeps/aarch64/memset.S -@@ -29,7 +29,7 @@ - * - */ - --ENTRY_ALIGN (MEMSET, 6) -+ENTRY (MEMSET) - - PTR_ARG (0) - SIZE_ARG (2) -diff --git a/sysdeps/aarch64/multiarch/Makefile b/sysdeps/aarch64/multiarch/Makefile -index e6099548b9..a1a4de3cd9 100644 ---- a/sysdeps/aarch64/multiarch/Makefile -+++ b/sysdeps/aarch64/multiarch/Makefile -@@ -17,6 +17,6 @@ sysdep_routines += \ - memset_kunpeng \ - memset_mops \ - strlen_asimd \ -- strlen_mte \ -+ strlen_generic \ - # sysdep_routines - endif -diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c -index da7f115377..836e8317a5 100644 ---- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c -+++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c -@@ -70,7 +70,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, - - IFUNC_IMPL (i, name, strlen, - IFUNC_IMPL_ADD (array, i, strlen, !mte, __strlen_asimd) -- IFUNC_IMPL_ADD (array, i, strlen, 1, __strlen_mte)) -+ IFUNC_IMPL_ADD (array, i, strlen, 1, __strlen_generic)) - - return 0; - } -diff --git a/sysdeps/aarch64/multiarch/memchr_nosimd.S b/sysdeps/aarch64/multiarch/memchr_nosimd.S -index 57e48375e9..7800751899 100644 ---- a/sysdeps/aarch64/multiarch/memchr_nosimd.S -+++ b/sysdeps/aarch64/multiarch/memchr_nosimd.S -@@ -26,10 +26,6 @@ - * Use base integer registers. - */ - --#ifndef MEMCHR --# define MEMCHR __memchr_nosimd --#endif -- - /* Arguments and results. */ - #define srcin x0 - #define chrin x1 -@@ -62,7 +58,7 @@ - #define REP8_7f 0x7f7f7f7f7f7f7f7f - - --ENTRY_ALIGN (MEMCHR, 6) -+ENTRY (__memchr_nosimd) - - PTR_ARG (0) - SIZE_ARG (2) -@@ -219,5 +215,4 @@ L(none_chr): - mov result, 0 - ret - --END (MEMCHR) --libc_hidden_builtin_def (MEMCHR) -+END (__memchr_nosimd) -diff --git a/sysdeps/aarch64/multiarch/memcpy_a64fx.S b/sysdeps/aarch64/multiarch/memcpy_a64fx.S -index f89b5b670a..baff7e96d0 100644 ---- a/sysdeps/aarch64/multiarch/memcpy_a64fx.S -+++ b/sysdeps/aarch64/multiarch/memcpy_a64fx.S -@@ -39,9 +39,6 @@ - #define vlen8 x8 - - #if HAVE_AARCH64_SVE_ASM --# if IS_IN (libc) --# define MEMCPY __memcpy_a64fx --# define MEMMOVE __memmove_a64fx - - .arch armv8.2-a+sve - -@@ -97,7 +94,7 @@ - #undef BTI_C - #define BTI_C - --ENTRY (MEMCPY) -+ENTRY (__memcpy_a64fx) - - PTR_ARG (0) - PTR_ARG (1) -@@ -234,11 +231,10 @@ L(last_bytes): - st1b z3.b, p0, [dstend, -1, mul vl] - ret - --END (MEMCPY) --libc_hidden_builtin_def (MEMCPY) -+END (__memcpy_a64fx) - - --ENTRY_ALIGN (MEMMOVE, 4) -+ENTRY_ALIGN (__memmove_a64fx, 4) - - PTR_ARG (0) - PTR_ARG (1) -@@ -307,7 +303,5 @@ L(full_overlap): - mov dst, dstin - b L(last_bytes) - --END (MEMMOVE) --libc_hidden_builtin_def (MEMMOVE) --# endif /* IS_IN (libc) */ -+END (__memmove_a64fx) - #endif /* HAVE_AARCH64_SVE_ASM */ -diff --git a/sysdeps/aarch64/multiarch/memcpy_falkor.S b/sysdeps/aarch64/multiarch/memcpy_falkor.S -index ec0e4ade24..67c4ab34eb 100644 ---- a/sysdeps/aarch64/multiarch/memcpy_falkor.S -+++ b/sysdeps/aarch64/multiarch/memcpy_falkor.S -@@ -71,7 +71,7 @@ - The non-temporal stores help optimize cache utilization. */ - - #if IS_IN (libc) --ENTRY_ALIGN (__memcpy_falkor, 6) -+ENTRY (__memcpy_falkor) - - PTR_ARG (0) - PTR_ARG (1) -@@ -198,7 +198,6 @@ L(loop64): - ret - - END (__memcpy_falkor) --libc_hidden_builtin_def (__memcpy_falkor) - - - /* RATIONALE: -@@ -216,7 +215,7 @@ libc_hidden_builtin_def (__memcpy_falkor) - - For small and medium cases memcpy is used. */ - --ENTRY_ALIGN (__memmove_falkor, 6) -+ENTRY (__memmove_falkor) - - PTR_ARG (0) - PTR_ARG (1) -@@ -311,5 +310,4 @@ L(move_long): - 3: ret - - END (__memmove_falkor) --libc_hidden_builtin_def (__memmove_falkor) - #endif -diff --git a/sysdeps/aarch64/multiarch/memcpy_sve.S b/sysdeps/aarch64/multiarch/memcpy_sve.S -index d11be6a443..2f14f91366 100644 ---- a/sysdeps/aarch64/multiarch/memcpy_sve.S -+++ b/sysdeps/aarch64/multiarch/memcpy_sve.S -@@ -141,7 +141,6 @@ L(copy64_from_end): - ret - - END (__memcpy_sve) --libc_hidden_builtin_def (__memcpy_sve) - - - ENTRY (__memmove_sve) -@@ -208,5 +207,4 @@ L(return): - ret - - END (__memmove_sve) --libc_hidden_builtin_def (__memmove_sve) - #endif -diff --git a/sysdeps/aarch64/multiarch/memcpy_thunderx.S b/sysdeps/aarch64/multiarch/memcpy_thunderx.S -index 366287587f..14269b1a47 100644 ---- a/sysdeps/aarch64/multiarch/memcpy_thunderx.S -+++ b/sysdeps/aarch64/multiarch/memcpy_thunderx.S -@@ -65,21 +65,7 @@ - Overlapping large forward memmoves use a loop that copies backwards. - */ - --#ifndef MEMMOVE --# define MEMMOVE memmove --#endif --#ifndef MEMCPY --# define MEMCPY memcpy --#endif -- --#if IS_IN (libc) -- --# undef MEMCPY --# define MEMCPY __memcpy_thunderx --# undef MEMMOVE --# define MEMMOVE __memmove_thunderx -- --ENTRY_ALIGN (MEMMOVE, 6) -+ENTRY (__memmove_thunderx) - - PTR_ARG (0) - PTR_ARG (1) -@@ -91,9 +77,9 @@ ENTRY_ALIGN (MEMMOVE, 6) - b.lo L(move_long) - - /* Common case falls through into memcpy. */ --END (MEMMOVE) --libc_hidden_builtin_def (MEMMOVE) --ENTRY (MEMCPY) -+END (__memmove_thunderx) -+ -+ENTRY (__memcpy_thunderx) - - PTR_ARG (0) - PTR_ARG (1) -@@ -316,7 +302,4 @@ L(move_long): - stp C_l, C_h, [dstin] - 3: ret - --END (MEMCPY) --libc_hidden_builtin_def (MEMCPY) -- --#endif -+END (__memcpy_thunderx) -diff --git a/sysdeps/aarch64/multiarch/memcpy_thunderx2.S b/sysdeps/aarch64/multiarch/memcpy_thunderx2.S -index d3d6f1debc..93993b9e03 100644 ---- a/sysdeps/aarch64/multiarch/memcpy_thunderx2.S -+++ b/sysdeps/aarch64/multiarch/memcpy_thunderx2.S -@@ -75,27 +75,12 @@ - #define I_v v16 - #define J_v v17 - --#ifndef MEMMOVE --# define MEMMOVE memmove --#endif --#ifndef MEMCPY --# define MEMCPY memcpy --#endif -- --#if IS_IN (libc) -- --#undef MEMCPY --#define MEMCPY __memcpy_thunderx2 --#undef MEMMOVE --#define MEMMOVE __memmove_thunderx2 -- -- - /* Overlapping large forward memmoves use a loop that copies backwards. - Otherwise memcpy is used. Small moves branch to memcopy16 directly. - The longer memcpy cases fall through to the memcpy head. - */ - --ENTRY_ALIGN (MEMMOVE, 6) -+ENTRY (__memmove_thunderx2) - - PTR_ARG (0) - PTR_ARG (1) -@@ -109,8 +94,7 @@ ENTRY_ALIGN (MEMMOVE, 6) - ccmp tmp1, count, 2, hi - b.lo L(move_long) - --END (MEMMOVE) --libc_hidden_builtin_def (MEMMOVE) -+END (__memmove_thunderx2) - - - /* Copies are split into 3 main cases: small copies of up to 16 bytes, -@@ -124,8 +108,7 @@ libc_hidden_builtin_def (MEMMOVE) - - #define MEMCPY_PREFETCH_LDR 640 - -- .p2align 4 --ENTRY (MEMCPY) -+ENTRY (__memcpy_thunderx2) - - PTR_ARG (0) - PTR_ARG (1) -@@ -449,7 +432,7 @@ L(move_long): - 3: ret - - --END (MEMCPY) -+END (__memcpy_thunderx2) - .section .rodata - .p2align 4 - -@@ -472,6 +455,3 @@ L(ext_table): - .word L(ext_size_13) -. - .word L(ext_size_14) -. - .word L(ext_size_15) -. -- --libc_hidden_builtin_def (MEMCPY) --#endif -diff --git a/sysdeps/aarch64/multiarch/memset_a64fx.S b/sysdeps/aarch64/multiarch/memset_a64fx.S -index d520355143..7176f3d284 100644 ---- a/sysdeps/aarch64/multiarch/memset_a64fx.S -+++ b/sysdeps/aarch64/multiarch/memset_a64fx.S -@@ -33,8 +33,6 @@ - #define vector_length x9 - - #if HAVE_AARCH64_SVE_ASM --# if IS_IN (libc) --# define MEMSET __memset_a64fx - - .arch armv8.2-a+sve - -@@ -49,7 +47,7 @@ - #undef BTI_C - #define BTI_C - --ENTRY (MEMSET) -+ENTRY (__memset_a64fx) - PTR_ARG (0) - SIZE_ARG (2) - -@@ -166,8 +164,6 @@ L(L2): - add count, count, CACHE_LINE_SIZE - b L(last) - --END (MEMSET) --libc_hidden_builtin_def (MEMSET) -+END (__memset_a64fx) - --#endif /* IS_IN (libc) */ - #endif /* HAVE_AARCH64_SVE_ASM */ -diff --git a/sysdeps/aarch64/multiarch/memset_base64.S b/sysdeps/aarch64/multiarch/memset_base64.S -index 35296a6dec..0e8f709fa5 100644 ---- a/sysdeps/aarch64/multiarch/memset_base64.S -+++ b/sysdeps/aarch64/multiarch/memset_base64.S -@@ -34,7 +34,7 @@ - * - */ - --ENTRY_ALIGN (MEMSET, 6) -+ENTRY (MEMSET) - - PTR_ARG (0) - SIZE_ARG (2) -@@ -183,4 +183,3 @@ L(zva_64): - #endif - - END (MEMSET) --libc_hidden_builtin_def (MEMSET) -diff --git a/sysdeps/aarch64/multiarch/memset_emag.S b/sysdeps/aarch64/multiarch/memset_emag.S -index 17d609cead..6fecad4fae 100644 ---- a/sysdeps/aarch64/multiarch/memset_emag.S -+++ b/sysdeps/aarch64/multiarch/memset_emag.S -@@ -19,8 +19,7 @@ - - #include - --#if IS_IN (libc) --# define MEMSET __memset_emag -+#define MEMSET __memset_emag - - /* - * Using DC ZVA to zero memory does not produce better performance if -@@ -30,7 +29,6 @@ - * workloads. - */ - --# define DC_ZVA_THRESHOLD 0 -+#define DC_ZVA_THRESHOLD 0 - --# include "./memset_base64.S" --#endif -+#include "./memset_base64.S" -diff --git a/sysdeps/aarch64/multiarch/memset_generic.S b/sysdeps/aarch64/multiarch/memset_generic.S -index 9c23e482bf..6c1f0daac8 100644 ---- a/sysdeps/aarch64/multiarch/memset_generic.S -+++ b/sysdeps/aarch64/multiarch/memset_generic.S -@@ -21,9 +21,15 @@ - - #if IS_IN (libc) - # define MEMSET __memset_generic -+ -+/* Do not hide the generic version of memset, we use it internally. */ -+# undef libc_hidden_builtin_def -+# define libc_hidden_builtin_def(name) -+ - /* Add a hidden definition for use within libc.so. */ - # ifdef SHARED - .globl __GI_memset; __GI_memset = __memset_generic - # endif --# include - #endif -+ -+#include <../memset.S> -diff --git a/sysdeps/aarch64/multiarch/memset_kunpeng.S b/sysdeps/aarch64/multiarch/memset_kunpeng.S -index 86c46434fd..4a54373398 100644 ---- a/sysdeps/aarch64/multiarch/memset_kunpeng.S -+++ b/sysdeps/aarch64/multiarch/memset_kunpeng.S -@@ -20,16 +20,13 @@ - #include - #include - --#if IS_IN (libc) --# define MEMSET __memset_kunpeng -- - /* Assumptions: - * - * ARMv8-a, AArch64, unaligned accesses - * - */ - --ENTRY_ALIGN (MEMSET, 6) -+ENTRY (__memset_kunpeng) - - PTR_ARG (0) - SIZE_ARG (2) -@@ -108,6 +105,4 @@ L(set_long): - stp q0, q0, [dstend, -32] - ret - --END (MEMSET) --libc_hidden_builtin_def (MEMSET) --#endif -+END (__memset_kunpeng) -diff --git a/sysdeps/aarch64/multiarch/rtld-memset.S b/sysdeps/aarch64/multiarch/rtld-memset.S -deleted file mode 100644 -index 4b035ed8b2..0000000000 ---- a/sysdeps/aarch64/multiarch/rtld-memset.S -+++ /dev/null -@@ -1,25 +0,0 @@ --/* Memset for aarch64, for the dynamic linker. -- Copyright (C) 2017-2023 Free Software Foundation, Inc. -- -- This file is part of the GNU C Library. -- -- The GNU C Library is free software; you can redistribute it and/or -- modify it under the terms of the GNU Lesser General Public -- License as published by the Free Software Foundation; either -- version 2.1 of the License, or (at your option) any later version. -- -- The GNU C Library is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -- Lesser General Public License for more details. -- -- You should have received a copy of the GNU Lesser General Public -- License along with the GNU C Library. If not, see -- . */ -- --#include -- --#if IS_IN (rtld) --# define MEMSET memset --# include --#endif -diff --git a/sysdeps/aarch64/multiarch/strlen.c b/sysdeps/aarch64/multiarch/strlen.c -index bbdd3de8c4..728bd1936a 100644 ---- a/sysdeps/aarch64/multiarch/strlen.c -+++ b/sysdeps/aarch64/multiarch/strlen.c -@@ -28,10 +28,10 @@ - - extern __typeof (__redirect_strlen) __strlen; - --extern __typeof (__redirect_strlen) __strlen_mte attribute_hidden; -+extern __typeof (__redirect_strlen) __strlen_generic attribute_hidden; - extern __typeof (__redirect_strlen) __strlen_asimd attribute_hidden; - --libc_ifunc (__strlen, (mte ? __strlen_mte : __strlen_asimd)); -+libc_ifunc (__strlen, (mte ? __strlen_generic : __strlen_asimd)); - - # undef strlen - strong_alias (__strlen, strlen); -diff --git a/sysdeps/aarch64/multiarch/strlen_asimd.S b/sysdeps/aarch64/multiarch/strlen_asimd.S -index 490439491d..aee5ef9f78 100644 ---- a/sysdeps/aarch64/multiarch/strlen_asimd.S -+++ b/sysdeps/aarch64/multiarch/strlen_asimd.S -@@ -203,4 +203,3 @@ L(page_cross): - ret - - END (__strlen_asimd) --libc_hidden_builtin_def (__strlen_asimd) -diff --git a/sysdeps/aarch64/multiarch/strlen_mte.S b/sysdeps/aarch64/multiarch/strlen_generic.S -similarity index 85% -rename from sysdeps/aarch64/multiarch/strlen_mte.S -rename to sysdeps/aarch64/multiarch/strlen_generic.S -index 1c1220b767..2346296a18 100644 ---- a/sysdeps/aarch64/multiarch/strlen_mte.S -+++ b/sysdeps/aarch64/multiarch/strlen_generic.S -@@ -17,14 +17,14 @@ - . */ - - /* The actual strlen code is in ../strlen.S. If we are building libc this file -- defines __strlen_mte. Otherwise the include of ../strlen.S will define -- the normal __strlen entry points. */ -+ defines __strlen_generic. Otherwise the include of ../strlen.S will define -+ the normal __strlen entry points. */ - - #include - - #if IS_IN (libc) - --# define STRLEN __strlen_mte -+# define STRLEN __strlen_generic - - /* Do not hide the generic version of strlen, we use it internally. */ - # undef libc_hidden_builtin_def -@@ -32,7 +32,7 @@ - - # ifdef SHARED - /* It doesn't make sense to send libc-internal strlen calls through a PLT. */ -- .globl __GI_strlen; __GI_strlen = __strlen_mte -+ .globl __GI_strlen; __GI_strlen = __strlen_generic - # endif - #endif - --- -2.44.0 - diff --git a/packages/glibc/0059-AArch64-Cleanup-emag-memset.patch b/packages/glibc/0059-AArch64-Cleanup-emag-memset.patch deleted file mode 100644 index 4be0348df85..00000000000 --- a/packages/glibc/0059-AArch64-Cleanup-emag-memset.patch +++ /dev/null @@ -1,348 +0,0 @@ -From 1521237c3211bb0b1a8f7a9c5793d382789b2b68 Mon Sep 17 00:00:00 2001 -From: Wilco Dijkstra -Date: Thu, 26 Oct 2023 16:34:47 +0100 -Subject: [PATCH] AArch64: Cleanup emag memset - -Cleanup emag memset - merge the memset_base64.S file, remove -the unused ZVA code (since it is disabled on emag). - -Reviewed-by: Adhemerval Zanella -(cherry picked from commit 9627ab99b50d250c6dd3001a3355aa03692f7fe5) ---- - sysdeps/aarch64/multiarch/ifunc-impl-list.c | 2 +- - sysdeps/aarch64/multiarch/memset.c | 2 +- - sysdeps/aarch64/multiarch/memset_base64.S | 185 -------------------- - sysdeps/aarch64/multiarch/memset_emag.S | 98 +++++++++-- - 4 files changed, 90 insertions(+), 197 deletions(-) - delete mode 100644 sysdeps/aarch64/multiarch/memset_base64.S - -diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c -index 836e8317a5..3596d3c8d3 100644 ---- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c -+++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c -@@ -57,7 +57,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, - /* Enable this on non-falkor processors too so that other cores - can do a comparative analysis with __memset_generic. */ - IFUNC_IMPL_ADD (array, i, memset, (zva_size == 64), __memset_falkor) -- IFUNC_IMPL_ADD (array, i, memset, (zva_size == 64), __memset_emag) -+ IFUNC_IMPL_ADD (array, i, memset, 1, __memset_emag) - IFUNC_IMPL_ADD (array, i, memset, 1, __memset_kunpeng) - #if HAVE_AARCH64_SVE_ASM - IFUNC_IMPL_ADD (array, i, memset, sve && zva_size == 256, __memset_a64fx) -diff --git a/sysdeps/aarch64/multiarch/memset.c b/sysdeps/aarch64/multiarch/memset.c -index 23fc66e158..9193b197dd 100644 ---- a/sysdeps/aarch64/multiarch/memset.c -+++ b/sysdeps/aarch64/multiarch/memset.c -@@ -56,7 +56,7 @@ select_memset_ifunc (void) - if ((IS_FALKOR (midr) || IS_PHECDA (midr)) && zva_size == 64) - return __memset_falkor; - -- if (IS_EMAG (midr) && zva_size == 64) -+ if (IS_EMAG (midr)) - return __memset_emag; - - return __memset_generic; -diff --git a/sysdeps/aarch64/multiarch/memset_base64.S b/sysdeps/aarch64/multiarch/memset_base64.S -deleted file mode 100644 -index 0e8f709fa5..0000000000 ---- a/sysdeps/aarch64/multiarch/memset_base64.S -+++ /dev/null -@@ -1,185 +0,0 @@ --/* Copyright (C) 2018-2023 Free Software Foundation, Inc. -- -- This file is part of the GNU C Library. -- -- The GNU C Library is free software; you can redistribute it and/or -- modify it under the terms of the GNU Lesser General Public -- License as published by the Free Software Foundation; either -- version 2.1 of the License, or (at your option) any later version. -- -- The GNU C Library is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -- Lesser General Public License for more details. -- -- You should have received a copy of the GNU Lesser General Public -- License along with the GNU C Library. If not, see -- . */ -- --#include --#include "memset-reg.h" -- --#ifndef MEMSET --# define MEMSET __memset_base64 --#endif -- --/* To disable DC ZVA, set this threshold to 0. */ --#ifndef DC_ZVA_THRESHOLD --# define DC_ZVA_THRESHOLD 512 --#endif -- --/* Assumptions: -- * -- * ARMv8-a, AArch64, unaligned accesses -- * -- */ -- --ENTRY (MEMSET) -- -- PTR_ARG (0) -- SIZE_ARG (2) -- -- bfi valw, valw, 8, 8 -- bfi valw, valw, 16, 16 -- bfi val, val, 32, 32 -- -- add dstend, dstin, count -- -- cmp count, 96 -- b.hi L(set_long) -- cmp count, 16 -- b.hs L(set_medium) -- -- /* Set 0..15 bytes. */ -- tbz count, 3, 1f -- str val, [dstin] -- str val, [dstend, -8] -- ret -- -- .p2align 3 --1: tbz count, 2, 2f -- str valw, [dstin] -- str valw, [dstend, -4] -- ret --2: cbz count, 3f -- strb valw, [dstin] -- tbz count, 1, 3f -- strh valw, [dstend, -2] --3: ret -- -- .p2align 3 -- /* Set 16..96 bytes. */ --L(set_medium): -- stp val, val, [dstin] -- tbnz count, 6, L(set96) -- stp val, val, [dstend, -16] -- tbz count, 5, 1f -- stp val, val, [dstin, 16] -- stp val, val, [dstend, -32] --1: ret -- -- .p2align 4 -- /* Set 64..96 bytes. Write 64 bytes from the start and -- 32 bytes from the end. */ --L(set96): -- stp val, val, [dstin, 16] -- stp val, val, [dstin, 32] -- stp val, val, [dstin, 48] -- stp val, val, [dstend, -32] -- stp val, val, [dstend, -16] -- ret -- -- .p2align 4 --L(set_long): -- stp val, val, [dstin] -- bic dst, dstin, 15 --#if DC_ZVA_THRESHOLD -- cmp count, DC_ZVA_THRESHOLD -- ccmp val, 0, 0, cs -- b.eq L(zva_64) --#endif -- /* Small-size or non-zero memset does not use DC ZVA. */ -- sub count, dstend, dst -- -- /* -- * Adjust count and bias for loop. By subtracting extra 1 from count, -- * it is easy to use tbz instruction to check whether loop tailing -- * count is less than 33 bytes, so as to bypass 2 unnecessary stps. -- */ -- sub count, count, 64+16+1 -- --#if DC_ZVA_THRESHOLD -- /* Align loop on 16-byte boundary, this might be friendly to i-cache. */ -- nop --#endif -- --1: stp val, val, [dst, 16] -- stp val, val, [dst, 32] -- stp val, val, [dst, 48] -- stp val, val, [dst, 64]! -- subs count, count, 64 -- b.hs 1b -- -- tbz count, 5, 1f /* Remaining count is less than 33 bytes? */ -- stp val, val, [dst, 16] -- stp val, val, [dst, 32] --1: stp val, val, [dstend, -32] -- stp val, val, [dstend, -16] -- ret -- --#if DC_ZVA_THRESHOLD -- .p2align 3 --L(zva_64): -- stp val, val, [dst, 16] -- stp val, val, [dst, 32] -- stp val, val, [dst, 48] -- bic dst, dst, 63 -- -- /* -- * Previous memory writes might cross cache line boundary, and cause -- * cache line partially dirty. Zeroing this kind of cache line using -- * DC ZVA will incur extra cost, for it requires loading untouched -- * part of the line from memory before zeoring. -- * -- * So, write the first 64 byte aligned block using stp to force -- * fully dirty cache line. -- */ -- stp val, val, [dst, 64] -- stp val, val, [dst, 80] -- stp val, val, [dst, 96] -- stp val, val, [dst, 112] -- -- sub count, dstend, dst -- /* -- * Adjust count and bias for loop. By subtracting extra 1 from count, -- * it is easy to use tbz instruction to check whether loop tailing -- * count is less than 33 bytes, so as to bypass 2 unnecessary stps. -- */ -- sub count, count, 128+64+64+1 -- add dst, dst, 128 -- nop -- -- /* DC ZVA sets 64 bytes each time. */ --1: dc zva, dst -- add dst, dst, 64 -- subs count, count, 64 -- b.hs 1b -- -- /* -- * Write the last 64 byte aligned block using stp to force fully -- * dirty cache line. -- */ -- stp val, val, [dst, 0] -- stp val, val, [dst, 16] -- stp val, val, [dst, 32] -- stp val, val, [dst, 48] -- -- tbz count, 5, 1f /* Remaining count is less than 33 bytes? */ -- stp val, val, [dst, 64] -- stp val, val, [dst, 80] --1: stp val, val, [dstend, -32] -- stp val, val, [dstend, -16] -- ret --#endif -- --END (MEMSET) -diff --git a/sysdeps/aarch64/multiarch/memset_emag.S b/sysdeps/aarch64/multiarch/memset_emag.S -index 6fecad4fae..bbfa815925 100644 ---- a/sysdeps/aarch64/multiarch/memset_emag.S -+++ b/sysdeps/aarch64/multiarch/memset_emag.S -@@ -18,17 +18,95 @@ - . */ - - #include -+#include "memset-reg.h" - --#define MEMSET __memset_emag -- --/* -- * Using DC ZVA to zero memory does not produce better performance if -- * memory size is not very large, especially when there are multiple -- * processes/threads contending memory/cache. Here we set threshold to -- * zero to disable using DC ZVA, which is good for multi-process/thread -- * workloads. -+/* Assumptions: -+ * -+ * ARMv8-a, AArch64, unaligned accesses -+ * - */ - --#define DC_ZVA_THRESHOLD 0 -+ENTRY (__memset_emag) -+ -+ PTR_ARG (0) -+ SIZE_ARG (2) -+ -+ bfi valw, valw, 8, 8 -+ bfi valw, valw, 16, 16 -+ bfi val, val, 32, 32 -+ -+ add dstend, dstin, count -+ -+ cmp count, 96 -+ b.hi L(set_long) -+ cmp count, 16 -+ b.hs L(set_medium) -+ -+ /* Set 0..15 bytes. */ -+ tbz count, 3, 1f -+ str val, [dstin] -+ str val, [dstend, -8] -+ ret -+ -+ .p2align 3 -+1: tbz count, 2, 2f -+ str valw, [dstin] -+ str valw, [dstend, -4] -+ ret -+2: cbz count, 3f -+ strb valw, [dstin] -+ tbz count, 1, 3f -+ strh valw, [dstend, -2] -+3: ret -+ -+ .p2align 3 -+ /* Set 16..96 bytes. */ -+L(set_medium): -+ stp val, val, [dstin] -+ tbnz count, 6, L(set96) -+ stp val, val, [dstend, -16] -+ tbz count, 5, 1f -+ stp val, val, [dstin, 16] -+ stp val, val, [dstend, -32] -+1: ret -+ -+ .p2align 4 -+ /* Set 64..96 bytes. Write 64 bytes from the start and -+ 32 bytes from the end. */ -+L(set96): -+ stp val, val, [dstin, 16] -+ stp val, val, [dstin, 32] -+ stp val, val, [dstin, 48] -+ stp val, val, [dstend, -32] -+ stp val, val, [dstend, -16] -+ ret -+ -+ .p2align 4 -+L(set_long): -+ stp val, val, [dstin] -+ bic dst, dstin, 15 -+ /* Small-size or non-zero memset does not use DC ZVA. */ -+ sub count, dstend, dst -+ -+ /* -+ * Adjust count and bias for loop. By subtracting extra 1 from count, -+ * it is easy to use tbz instruction to check whether loop tailing -+ * count is less than 33 bytes, so as to bypass 2 unnecessary stps. -+ */ -+ sub count, count, 64+16+1 -+ -+1: stp val, val, [dst, 16] -+ stp val, val, [dst, 32] -+ stp val, val, [dst, 48] -+ stp val, val, [dst, 64]! -+ subs count, count, 64 -+ b.hs 1b -+ -+ tbz count, 5, 1f /* Remaining count is less than 33 bytes? */ -+ stp val, val, [dst, 16] -+ stp val, val, [dst, 32] -+1: stp val, val, [dstend, -32] -+ stp val, val, [dstend, -16] -+ ret - --#include "./memset_base64.S" -+END (__memset_emag) --- -2.44.0 - diff --git a/packages/glibc/0060-AArch64-Add-memset_zva64.patch b/packages/glibc/0060-AArch64-Add-memset_zva64.patch deleted file mode 100644 index 0fe266d83fb..00000000000 --- a/packages/glibc/0060-AArch64-Add-memset_zva64.patch +++ /dev/null @@ -1,228 +0,0 @@ -From 156e44845f4137d6d3ea6c2824dd459652a7efda Mon Sep 17 00:00:00 2001 -From: Wilco Dijkstra -Date: Thu, 26 Oct 2023 17:07:21 +0100 -Subject: [PATCH] AArch64: Add memset_zva64 - -Add a specialized memset for the common ZVA size of 64 to avoid the -overhead of reading the ZVA size. Since the code is identical to -__memset_falkor, remove the latter. - -Reviewed-by: Adhemerval Zanella -(cherry picked from commit 3d7090f14b13312320e425b27dcf0fe72de026fd) ---- - sysdeps/aarch64/memset.S | 10 ++-- - sysdeps/aarch64/multiarch/Makefile | 2 +- - sysdeps/aarch64/multiarch/ifunc-impl-list.c | 4 +- - sysdeps/aarch64/multiarch/memset.c | 9 ++-- - sysdeps/aarch64/multiarch/memset_falkor.S | 54 --------------------- - sysdeps/aarch64/multiarch/memset_zva64.S | 27 +++++++++++ - 6 files changed, 38 insertions(+), 68 deletions(-) - delete mode 100644 sysdeps/aarch64/multiarch/memset_falkor.S - create mode 100644 sysdeps/aarch64/multiarch/memset_zva64.S - -diff --git a/sysdeps/aarch64/memset.S b/sysdeps/aarch64/memset.S -index bf3cf85c8a..bbfb7184c3 100644 ---- a/sysdeps/aarch64/memset.S -+++ b/sysdeps/aarch64/memset.S -@@ -101,19 +101,19 @@ L(tail64): - ret - - L(try_zva): --#ifdef ZVA_MACRO -- zva_macro --#else -+#ifndef ZVA64_ONLY - .p2align 3 - mrs tmp1, dczid_el0 - tbnz tmp1w, 4, L(no_zva) - and tmp1w, tmp1w, 15 - cmp tmp1w, 4 /* ZVA size is 64 bytes. */ - b.ne L(zva_128) -- -+ nop -+#endif - /* Write the first and last 64 byte aligned block using stp rather - than using DC ZVA. This is faster on some cores. - */ -+ .p2align 4 - L(zva_64): - str q0, [dst, 16] - stp q0, q0, [dst, 32] -@@ -123,7 +123,6 @@ L(zva_64): - sub count, dstend, dst /* Count is now 128 too large. */ - sub count, count, 128+64+64 /* Adjust count and bias for loop. */ - add dst, dst, 128 -- nop - 1: dc zva, dst - add dst, dst, 64 - subs count, count, 64 -@@ -134,6 +133,7 @@ L(zva_64): - stp q0, q0, [dstend, -32] - ret - -+#ifndef ZVA64_ONLY - .p2align 3 - L(zva_128): - cmp tmp1w, 5 /* ZVA size is 128 bytes. */ -diff --git a/sysdeps/aarch64/multiarch/Makefile b/sysdeps/aarch64/multiarch/Makefile -index a1a4de3cd9..171ca5e4cf 100644 ---- a/sysdeps/aarch64/multiarch/Makefile -+++ b/sysdeps/aarch64/multiarch/Makefile -@@ -12,10 +12,10 @@ sysdep_routines += \ - memmove_mops \ - memset_a64fx \ - memset_emag \ -- memset_falkor \ - memset_generic \ - memset_kunpeng \ - memset_mops \ -+ memset_zva64 \ - strlen_asimd \ - strlen_generic \ - # sysdep_routines -diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c -index 3596d3c8d3..fdd9ea9246 100644 ---- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c -+++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c -@@ -54,9 +54,7 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, - IFUNC_IMPL_ADD (array, i, memmove, mops, __memmove_mops) - IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_generic)) - IFUNC_IMPL (i, name, memset, -- /* Enable this on non-falkor processors too so that other cores -- can do a comparative analysis with __memset_generic. */ -- IFUNC_IMPL_ADD (array, i, memset, (zva_size == 64), __memset_falkor) -+ IFUNC_IMPL_ADD (array, i, memset, (zva_size == 64), __memset_zva64) - IFUNC_IMPL_ADD (array, i, memset, 1, __memset_emag) - IFUNC_IMPL_ADD (array, i, memset, 1, __memset_kunpeng) - #if HAVE_AARCH64_SVE_ASM -diff --git a/sysdeps/aarch64/multiarch/memset.c b/sysdeps/aarch64/multiarch/memset.c -index 9193b197dd..6deb6865e5 100644 ---- a/sysdeps/aarch64/multiarch/memset.c -+++ b/sysdeps/aarch64/multiarch/memset.c -@@ -28,7 +28,7 @@ - - extern __typeof (__redirect_memset) __libc_memset; - --extern __typeof (__redirect_memset) __memset_falkor attribute_hidden; -+extern __typeof (__redirect_memset) __memset_zva64 attribute_hidden; - extern __typeof (__redirect_memset) __memset_emag attribute_hidden; - extern __typeof (__redirect_memset) __memset_kunpeng attribute_hidden; - extern __typeof (__redirect_memset) __memset_a64fx attribute_hidden; -@@ -47,18 +47,17 @@ select_memset_ifunc (void) - { - if (IS_A64FX (midr) && zva_size == 256) - return __memset_a64fx; -- return __memset_generic; - } - - if (IS_KUNPENG920 (midr)) - return __memset_kunpeng; - -- if ((IS_FALKOR (midr) || IS_PHECDA (midr)) && zva_size == 64) -- return __memset_falkor; -- - if (IS_EMAG (midr)) - return __memset_emag; - -+ if (zva_size == 64) -+ return __memset_zva64; -+ - return __memset_generic; - } - -diff --git a/sysdeps/aarch64/multiarch/memset_falkor.S b/sysdeps/aarch64/multiarch/memset_falkor.S -deleted file mode 100644 -index c6946a8072..0000000000 ---- a/sysdeps/aarch64/multiarch/memset_falkor.S -+++ /dev/null -@@ -1,54 +0,0 @@ --/* Memset for falkor. -- Copyright (C) 2017-2023 Free Software Foundation, Inc. -- -- This file is part of the GNU C Library. -- -- The GNU C Library is free software; you can redistribute it and/or -- modify it under the terms of the GNU Lesser General Public -- License as published by the Free Software Foundation; either -- version 2.1 of the License, or (at your option) any later version. -- -- The GNU C Library is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -- Lesser General Public License for more details. -- -- You should have received a copy of the GNU Lesser General Public -- License along with the GNU C Library. If not, see -- . */ -- --#include --#include -- --/* Reading dczid_el0 is expensive on falkor so move it into the ifunc -- resolver and assume ZVA size of 64 bytes. The IFUNC resolver takes care to -- use this function only when ZVA is enabled. */ -- --#if IS_IN (libc) --.macro zva_macro -- .p2align 4 -- /* Write the first and last 64 byte aligned block using stp rather -- than using DC ZVA. This is faster on some cores. */ -- str q0, [dst, 16] -- stp q0, q0, [dst, 32] -- bic dst, dst, 63 -- stp q0, q0, [dst, 64] -- stp q0, q0, [dst, 96] -- sub count, dstend, dst /* Count is now 128 too large. */ -- sub count, count, 128+64+64 /* Adjust count and bias for loop. */ -- add dst, dst, 128 --1: dc zva, dst -- add dst, dst, 64 -- subs count, count, 64 -- b.hi 1b -- stp q0, q0, [dst, 0] -- stp q0, q0, [dst, 32] -- stp q0, q0, [dstend, -64] -- stp q0, q0, [dstend, -32] -- ret --.endm -- --# define ZVA_MACRO zva_macro --# define MEMSET __memset_falkor --# include --#endif -diff --git a/sysdeps/aarch64/multiarch/memset_zva64.S b/sysdeps/aarch64/multiarch/memset_zva64.S -new file mode 100644 -index 0000000000..13f45fd3d8 ---- /dev/null -+++ b/sysdeps/aarch64/multiarch/memset_zva64.S -@@ -0,0 +1,27 @@ -+/* Optimized memset for zva size = 64. -+ Copyright (C) 2023 Free Software Foundation, Inc. -+ -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library. If not, see -+ . */ -+ -+#include -+ -+#define ZVA64_ONLY 1 -+#define MEMSET __memset_zva64 -+#undef libc_hidden_builtin_def -+#define libc_hidden_builtin_def(X) -+ -+#include "../memset.S" --- -2.44.0 - diff --git a/packages/glibc/0061-AArch64-Remove-Falkor-memcpy.patch b/packages/glibc/0061-AArch64-Remove-Falkor-memcpy.patch deleted file mode 100644 index acd48cfb69d..00000000000 --- a/packages/glibc/0061-AArch64-Remove-Falkor-memcpy.patch +++ /dev/null @@ -1,468 +0,0 @@ -From a08ff922946dca0303a270bbfa2557f74caa47aa Mon Sep 17 00:00:00 2001 -From: Wilco Dijkstra -Date: Thu, 26 Oct 2023 17:30:36 +0100 -Subject: [PATCH] AArch64: Remove Falkor memcpy - -The latest implementations of memcpy are actually faster than the Falkor -implementations [1], so remove the falkor/phecda ifuncs for memcpy and -the now unused IS_FALKOR/IS_PHECDA defines. - -[1] https://sourceware.org/pipermail/libc-alpha/2022-December/144227.html - -Reviewed-by: Adhemerval Zanella -(cherry picked from commit 2f5524cc5381eb75fef55f7901bb907bd5628333) ---- - manual/tunables.texi | 2 +- - sysdeps/aarch64/multiarch/Makefile | 1 - - sysdeps/aarch64/multiarch/ifunc-impl-list.c | 2 - - sysdeps/aarch64/multiarch/memcpy.c | 4 - - sysdeps/aarch64/multiarch/memcpy_falkor.S | 313 ------------------ - sysdeps/aarch64/multiarch/memmove.c | 4 - - .../unix/sysv/linux/aarch64/cpu-features.c | 2 - - .../unix/sysv/linux/aarch64/cpu-features.h | 5 - - 8 files changed, 1 insertion(+), 332 deletions(-) - delete mode 100644 sysdeps/aarch64/multiarch/memcpy_falkor.S - -diff --git a/manual/tunables.texi b/manual/tunables.texi -index 4ca0e42a11..bb17fef5bd 100644 ---- a/manual/tunables.texi -+++ b/manual/tunables.texi -@@ -529,7 +529,7 @@ This tunable is specific to powerpc, powerpc64 and powerpc64le. - @deftp Tunable glibc.cpu.name - The @code{glibc.cpu.name=xxx} tunable allows the user to tell @theglibc{} to - assume that the CPU is @code{xxx} where xxx may have one of these values: --@code{generic}, @code{falkor}, @code{thunderxt88}, @code{thunderx2t99}, -+@code{generic}, @code{thunderxt88}, @code{thunderx2t99}, - @code{thunderx2t99p1}, @code{ares}, @code{emag}, @code{kunpeng}, - @code{a64fx}. - -diff --git a/sysdeps/aarch64/multiarch/Makefile b/sysdeps/aarch64/multiarch/Makefile -index 171ca5e4cf..e4720b7468 100644 ---- a/sysdeps/aarch64/multiarch/Makefile -+++ b/sysdeps/aarch64/multiarch/Makefile -@@ -3,7 +3,6 @@ sysdep_routines += \ - memchr_generic \ - memchr_nosimd \ - memcpy_a64fx \ -- memcpy_falkor \ - memcpy_generic \ - memcpy_mops \ - memcpy_sve \ -diff --git a/sysdeps/aarch64/multiarch/ifunc-impl-list.c b/sysdeps/aarch64/multiarch/ifunc-impl-list.c -index fdd9ea9246..73038ac810 100644 ---- a/sysdeps/aarch64/multiarch/ifunc-impl-list.c -+++ b/sysdeps/aarch64/multiarch/ifunc-impl-list.c -@@ -36,7 +36,6 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, - IFUNC_IMPL (i, name, memcpy, - IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_thunderx) - IFUNC_IMPL_ADD (array, i, memcpy, !bti, __memcpy_thunderx2) -- IFUNC_IMPL_ADD (array, i, memcpy, 1, __memcpy_falkor) - #if HAVE_AARCH64_SVE_ASM - IFUNC_IMPL_ADD (array, i, memcpy, sve, __memcpy_a64fx) - IFUNC_IMPL_ADD (array, i, memcpy, sve, __memcpy_sve) -@@ -46,7 +45,6 @@ __libc_ifunc_impl_list (const char *name, struct libc_ifunc_impl *array, - IFUNC_IMPL (i, name, memmove, - IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_thunderx) - IFUNC_IMPL_ADD (array, i, memmove, !bti, __memmove_thunderx2) -- IFUNC_IMPL_ADD (array, i, memmove, 1, __memmove_falkor) - #if HAVE_AARCH64_SVE_ASM - IFUNC_IMPL_ADD (array, i, memmove, sve, __memmove_a64fx) - IFUNC_IMPL_ADD (array, i, memmove, sve, __memmove_sve) -diff --git a/sysdeps/aarch64/multiarch/memcpy.c b/sysdeps/aarch64/multiarch/memcpy.c -index 9aace954cb..6471fe82e3 100644 ---- a/sysdeps/aarch64/multiarch/memcpy.c -+++ b/sysdeps/aarch64/multiarch/memcpy.c -@@ -31,7 +31,6 @@ extern __typeof (__redirect_memcpy) __libc_memcpy; - extern __typeof (__redirect_memcpy) __memcpy_generic attribute_hidden; - extern __typeof (__redirect_memcpy) __memcpy_thunderx attribute_hidden; - extern __typeof (__redirect_memcpy) __memcpy_thunderx2 attribute_hidden; --extern __typeof (__redirect_memcpy) __memcpy_falkor attribute_hidden; - extern __typeof (__redirect_memcpy) __memcpy_a64fx attribute_hidden; - extern __typeof (__redirect_memcpy) __memcpy_sve attribute_hidden; - extern __typeof (__redirect_memcpy) __memcpy_mops attribute_hidden; -@@ -57,9 +56,6 @@ select_memcpy_ifunc (void) - if (IS_THUNDERX2 (midr) || IS_THUNDERX2PA (midr)) - return __memcpy_thunderx2; - -- if (IS_FALKOR (midr) || IS_PHECDA (midr)) -- return __memcpy_falkor; -- - return __memcpy_generic; - } - -diff --git a/sysdeps/aarch64/multiarch/memcpy_falkor.S b/sysdeps/aarch64/multiarch/memcpy_falkor.S -deleted file mode 100644 -index 67c4ab34eb..0000000000 ---- a/sysdeps/aarch64/multiarch/memcpy_falkor.S -+++ /dev/null -@@ -1,313 +0,0 @@ --/* Optimized memcpy for Qualcomm Falkor processor. -- Copyright (C) 2017-2023 Free Software Foundation, Inc. -- -- This file is part of the GNU C Library. -- -- The GNU C Library is free software; you can redistribute it and/or -- modify it under the terms of the GNU Lesser General Public -- License as published by the Free Software Foundation; either -- version 2.1 of the License, or (at your option) any later version. -- -- The GNU C Library is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -- Lesser General Public License for more details. -- -- You should have received a copy of the GNU Lesser General Public -- License along with the GNU C Library. If not, see -- . */ -- --#include -- --/* Assumptions: -- -- ARMv8-a, AArch64, falkor, unaligned accesses. */ -- --#define dstin x0 --#define src x1 --#define count x2 --#define dst x3 --#define srcend x4 --#define dstend x5 --#define tmp1 x14 --#define A_x x6 --#define B_x x7 --#define A_w w6 --#define B_w w7 -- --#define A_q q0 --#define B_q q1 --#define C_q q2 --#define D_q q3 --#define E_q q4 --#define F_q q5 --#define G_q q6 --#define H_q q7 --#define Q_q q6 --#define S_q q22 -- --/* Copies are split into 3 main cases: -- -- 1. Small copies of up to 32 bytes -- 2. Medium copies of 33..128 bytes which are fully unrolled -- 3. Large copies of more than 128 bytes. -- -- Large copies align the source to a quad word and use an unrolled loop -- processing 64 bytes per iteration. -- -- FALKOR-SPECIFIC DESIGN: -- -- The smallest copies (32 bytes or less) focus on optimal pipeline usage, -- which is why the redundant copies of 0-3 bytes have been replaced with -- conditionals, since the former would unnecessarily break across multiple -- issue groups. The medium copy group has been enlarged to 128 bytes since -- bumping up the small copies up to 32 bytes allows us to do that without -- cost and also allows us to reduce the size of the prep code before loop64. -- -- The copy loop uses only one register q0. This is to ensure that all loads -- hit a single hardware prefetcher which can get correctly trained to prefetch -- a single stream. -- -- The non-temporal stores help optimize cache utilization. */ -- --#if IS_IN (libc) --ENTRY (__memcpy_falkor) -- -- PTR_ARG (0) -- PTR_ARG (1) -- SIZE_ARG (2) -- -- cmp count, 32 -- add srcend, src, count -- add dstend, dstin, count -- b.ls L(copy32) -- cmp count, 128 -- b.hi L(copy_long) -- -- /* Medium copies: 33..128 bytes. */ --L(copy128): -- sub tmp1, count, 1 -- ldr A_q, [src] -- ldr B_q, [src, 16] -- ldr C_q, [srcend, -32] -- ldr D_q, [srcend, -16] -- tbz tmp1, 6, 1f -- ldr E_q, [src, 32] -- ldr F_q, [src, 48] -- ldr G_q, [srcend, -64] -- ldr H_q, [srcend, -48] -- str G_q, [dstend, -64] -- str H_q, [dstend, -48] -- str E_q, [dstin, 32] -- str F_q, [dstin, 48] --1: -- str A_q, [dstin] -- str B_q, [dstin, 16] -- str C_q, [dstend, -32] -- str D_q, [dstend, -16] -- ret -- -- .p2align 4 -- /* Small copies: 0..32 bytes. */ --L(copy32): -- /* 16-32 */ -- cmp count, 16 -- b.lo 1f -- ldr A_q, [src] -- ldr B_q, [srcend, -16] -- str A_q, [dstin] -- str B_q, [dstend, -16] -- ret -- .p2align 4 --1: -- /* 8-15 */ -- tbz count, 3, 1f -- ldr A_x, [src] -- ldr B_x, [srcend, -8] -- str A_x, [dstin] -- str B_x, [dstend, -8] -- ret -- .p2align 4 --1: -- /* 4-7 */ -- tbz count, 2, 1f -- ldr A_w, [src] -- ldr B_w, [srcend, -4] -- str A_w, [dstin] -- str B_w, [dstend, -4] -- ret -- .p2align 4 --1: -- /* 2-3 */ -- tbz count, 1, 1f -- ldrh A_w, [src] -- ldrh B_w, [srcend, -2] -- strh A_w, [dstin] -- strh B_w, [dstend, -2] -- ret -- .p2align 4 --1: -- /* 0-1 */ -- tbz count, 0, 1f -- ldrb A_w, [src] -- strb A_w, [dstin] --1: -- ret -- -- /* Align SRC to 16 bytes and copy; that way at least one of the -- accesses is aligned throughout the copy sequence. -- -- The count is off by 0 to 15 bytes, but this is OK because we trim -- off the last 64 bytes to copy off from the end. Due to this the -- loop never runs out of bounds. */ -- -- .p2align 4 -- nop /* Align loop64 below. */ --L(copy_long): -- ldr A_q, [src] -- sub count, count, 64 + 16 -- and tmp1, src, 15 -- str A_q, [dstin] -- bic src, src, 15 -- sub dst, dstin, tmp1 -- add count, count, tmp1 -- --L(loop64): -- ldr A_q, [src, 16]! -- str A_q, [dst, 16] -- ldr A_q, [src, 16]! -- subs count, count, 64 -- str A_q, [dst, 32] -- ldr A_q, [src, 16]! -- str A_q, [dst, 48] -- ldr A_q, [src, 16]! -- str A_q, [dst, 64]! -- b.hi L(loop64) -- -- /* Write the last full set of 64 bytes. The remainder is at most 64 -- bytes, so it is safe to always copy 64 bytes from the end even if -- there is just 1 byte left. */ -- ldr E_q, [srcend, -64] -- str E_q, [dstend, -64] -- ldr D_q, [srcend, -48] -- str D_q, [dstend, -48] -- ldr C_q, [srcend, -32] -- str C_q, [dstend, -32] -- ldr B_q, [srcend, -16] -- str B_q, [dstend, -16] -- ret -- --END (__memcpy_falkor) -- -- --/* RATIONALE: -- -- The move has 4 distinct parts: -- * Small moves of 32 bytes and under. -- * Medium sized moves of 33-128 bytes (fully unrolled). -- * Large moves where the source address is higher than the destination -- (forward copies) -- * Large moves where the destination address is higher than the source -- (copy backward, or move). -- -- We use only two registers q6 and q22 for the moves and move 32 bytes at a -- time to correctly train the hardware prefetcher for better throughput. -- -- For small and medium cases memcpy is used. */ -- --ENTRY (__memmove_falkor) -- -- PTR_ARG (0) -- PTR_ARG (1) -- SIZE_ARG (2) -- -- cmp count, 32 -- add srcend, src, count -- add dstend, dstin, count -- b.ls L(copy32) -- cmp count, 128 -- b.ls L(copy128) -- sub tmp1, dstin, src -- ccmp tmp1, count, 2, hi -- b.lo L(move_long) -- -- /* CASE: Copy Forwards -- -- Align src to 16 byte alignment so that we don't cross cache line -- boundaries on both loads and stores. There are at least 128 bytes -- to copy, so copy 16 bytes unaligned and then align. The loop -- copies 32 bytes per iteration and prefetches one iteration ahead. */ -- -- ldr S_q, [src] -- and tmp1, src, 15 -- bic src, src, 15 -- sub dst, dstin, tmp1 -- add count, count, tmp1 /* Count is now 16 too large. */ -- ldr Q_q, [src, 16]! -- str S_q, [dstin] -- ldr S_q, [src, 16]! -- sub count, count, 32 + 32 + 16 /* Test and readjust count. */ -- -- .p2align 4 --1: -- subs count, count, 32 -- str Q_q, [dst, 16] -- ldr Q_q, [src, 16]! -- str S_q, [dst, 32]! -- ldr S_q, [src, 16]! -- b.hi 1b -- -- /* Copy 32 bytes from the end before writing the data prefetched in the -- last loop iteration. */ --2: -- ldr B_q, [srcend, -32] -- ldr C_q, [srcend, -16] -- str Q_q, [dst, 16] -- str S_q, [dst, 32] -- str B_q, [dstend, -32] -- str C_q, [dstend, -16] -- ret -- -- /* CASE: Copy Backwards -- -- Align srcend to 16 byte alignment so that we don't cross cache line -- boundaries on both loads and stores. There are at least 128 bytes -- to copy, so copy 16 bytes unaligned and then align. The loop -- copies 32 bytes per iteration and prefetches one iteration ahead. */ -- -- .p2align 4 -- nop -- nop --L(move_long): -- cbz tmp1, 3f /* Return early if src == dstin */ -- ldr S_q, [srcend, -16] -- and tmp1, srcend, 15 -- sub srcend, srcend, tmp1 -- ldr Q_q, [srcend, -16]! -- str S_q, [dstend, -16] -- sub count, count, tmp1 -- ldr S_q, [srcend, -16]! -- sub dstend, dstend, tmp1 -- sub count, count, 32 + 32 -- --1: -- subs count, count, 32 -- str Q_q, [dstend, -16] -- ldr Q_q, [srcend, -16]! -- str S_q, [dstend, -32]! -- ldr S_q, [srcend, -16]! -- b.hi 1b -- -- /* Copy 32 bytes from the start before writing the data prefetched in the -- last loop iteration. */ -- -- ldr B_q, [src, 16] -- ldr C_q, [src] -- str Q_q, [dstend, -16] -- str S_q, [dstend, -32] -- str B_q, [dstin, 16] -- str C_q, [dstin] --3: ret -- --END (__memmove_falkor) --#endif -diff --git a/sysdeps/aarch64/multiarch/memmove.c b/sysdeps/aarch64/multiarch/memmove.c -index fd346e7b73..7602a5d57d 100644 ---- a/sysdeps/aarch64/multiarch/memmove.c -+++ b/sysdeps/aarch64/multiarch/memmove.c -@@ -31,7 +31,6 @@ extern __typeof (__redirect_memmove) __libc_memmove; - extern __typeof (__redirect_memmove) __memmove_generic attribute_hidden; - extern __typeof (__redirect_memmove) __memmove_thunderx attribute_hidden; - extern __typeof (__redirect_memmove) __memmove_thunderx2 attribute_hidden; --extern __typeof (__redirect_memmove) __memmove_falkor attribute_hidden; - extern __typeof (__redirect_memmove) __memmove_a64fx attribute_hidden; - extern __typeof (__redirect_memmove) __memmove_sve attribute_hidden; - extern __typeof (__redirect_memmove) __memmove_mops attribute_hidden; -@@ -57,9 +56,6 @@ select_memmove_ifunc (void) - if (IS_THUNDERX2 (midr) || IS_THUNDERX2PA (midr)) - return __memmove_thunderx2; - -- if (IS_FALKOR (midr) || IS_PHECDA (midr)) -- return __memmove_falkor; -- - return __memmove_generic; - } - -diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c -index 233d5b2407..a11a86efab 100644 ---- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c -+++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c -@@ -37,11 +37,9 @@ struct cpu_list - }; - - static struct cpu_list cpu_list[] = { -- {"falkor", 0x510FC000}, - {"thunderxt88", 0x430F0A10}, - {"thunderx2t99", 0x431F0AF0}, - {"thunderx2t99p1", 0x420F5160}, -- {"phecda", 0x680F0000}, - {"ares", 0x411FD0C0}, - {"emag", 0x503F0001}, - {"kunpeng920", 0x481FD010}, -diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h -index 40b709677d..2cf745cd19 100644 ---- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h -+++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h -@@ -47,11 +47,6 @@ - #define IS_THUNDERX2(midr) (MIDR_IMPLEMENTOR(midr) == 'C' \ - && MIDR_PARTNUM(midr) == 0xaf) - --#define IS_FALKOR(midr) (MIDR_IMPLEMENTOR(midr) == 'Q' \ -- && MIDR_PARTNUM(midr) == 0xc00) -- --#define IS_PHECDA(midr) (MIDR_IMPLEMENTOR(midr) == 'h' \ -- && MIDR_PARTNUM(midr) == 0x000) - #define IS_NEOVERSE_N1(midr) (MIDR_IMPLEMENTOR(midr) == 'A' \ - && MIDR_PARTNUM(midr) == 0xd0c) - #define IS_NEOVERSE_N2(midr) (MIDR_IMPLEMENTOR(midr) == 'A' \ --- -2.44.0 - diff --git a/packages/glibc/0062-aarch64-correct-CFI-in-rawmemchr-bug-31113.patch b/packages/glibc/0062-aarch64-correct-CFI-in-rawmemchr-bug-31113.patch deleted file mode 100644 index 755afe28df5..00000000000 --- a/packages/glibc/0062-aarch64-correct-CFI-in-rawmemchr-bug-31113.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 168ae58e6e705a53a71850ee63ba5514fd5d7b70 Mon Sep 17 00:00:00 2001 -From: Andreas Schwab -Date: Thu, 23 Nov 2023 18:23:46 +0100 -Subject: [PATCH] aarch64: correct CFI in rawmemchr (bug 31113) - -The .cfi_return_column directive changes the return column for the whole -FDE range. But the actual intent is to tell the unwinder that the value -in x30 (lr) now resides in x15 after the move, and that is expressed by -the .cfi_register directive. - -(cherry picked from commit 3f798427884fa57770e8e2291cf58d5918254bb5) ---- - sysdeps/aarch64/rawmemchr.S | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sysdeps/aarch64/rawmemchr.S b/sysdeps/aarch64/rawmemchr.S -index efc4b7007b..1fff094215 100644 ---- a/sysdeps/aarch64/rawmemchr.S -+++ b/sysdeps/aarch64/rawmemchr.S -@@ -31,7 +31,7 @@ ENTRY (__rawmemchr) - - L(do_strlen): - mov x15, x30 -- cfi_return_column (x15) -+ cfi_register (x30, x15) - mov x14, x0 - bl __strlen - add x0, x14, x0 --- -2.44.0 - diff --git a/packages/glibc/0063-aarch64-fix-check-for-SVE-support-in-assembler.patch b/packages/glibc/0063-aarch64-fix-check-for-SVE-support-in-assembler.patch deleted file mode 100644 index 1ae32ab169e..00000000000 --- a/packages/glibc/0063-aarch64-fix-check-for-SVE-support-in-assembler.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 1bf17ce978da71431dbd1fc3660cfae3dff0672f Mon Sep 17 00:00:00 2001 -From: Szabolcs Nagy -Date: Wed, 13 Mar 2024 14:34:14 +0000 -Subject: [PATCH] aarch64: fix check for SVE support in assembler - -Due to GCC bug 110901 -mcpu can override -march setting when compiling -asm code and thus a compiler targetting a specific cpu can fail the -configure check even when binutils gas supports SVE. - -The workaround is that explicit .arch directive overrides both -mcpu -and -march, and since that's what the actual SVE memcpy uses the -configure check should use that too even if the GCC issue is fixed -independently. - -Reviewed-by: Florian Weimer -(cherry picked from commit 73c26018ed0ecd9c807bb363cc2c2ab4aca66a82) ---- - sysdeps/aarch64/configure | 5 +++-- - sysdeps/aarch64/configure.ac | 5 +++-- - 2 files changed, 6 insertions(+), 4 deletions(-) - mode change 100644 => 100755 sysdeps/aarch64/configure - -diff --git a/sysdeps/aarch64/configure b/sysdeps/aarch64/configure -old mode 100644 -new mode 100755 -index ca57edce47..9606137e8d ---- a/sysdeps/aarch64/configure -+++ b/sysdeps/aarch64/configure -@@ -325,9 +325,10 @@ then : - printf %s "(cached) " >&6 - else $as_nop - cat > conftest.s <<\EOF -- ptrue p0.b -+ .arch armv8.2-a+sve -+ ptrue p0.b - EOF --if { ac_try='${CC-cc} -c -march=armv8.2-a+sve conftest.s 1>&5' -+if { ac_try='${CC-cc} -c conftest.s 1>&5' - { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5 - (eval $ac_try) 2>&5 - ac_status=$? -diff --git a/sysdeps/aarch64/configure.ac b/sysdeps/aarch64/configure.ac -index 27874eceb4..56d12d661d 100644 ---- a/sysdeps/aarch64/configure.ac -+++ b/sysdeps/aarch64/configure.ac -@@ -90,9 +90,10 @@ LIBC_CONFIG_VAR([aarch64-variant-pcs], [$libc_cv_aarch64_variant_pcs]) - # Check if asm support armv8.2-a+sve - AC_CACHE_CHECK([for SVE support in assembler], [libc_cv_aarch64_sve_asm], [dnl - cat > conftest.s <<\EOF -- ptrue p0.b -+ .arch armv8.2-a+sve -+ ptrue p0.b - EOF --if AC_TRY_COMMAND(${CC-cc} -c -march=armv8.2-a+sve conftest.s 1>&AS_MESSAGE_LOG_FD); then -+if AC_TRY_COMMAND(${CC-cc} -c conftest.s 1>&AS_MESSAGE_LOG_FD); then - libc_cv_aarch64_sve_asm=yes - else - libc_cv_aarch64_sve_asm=no --- -2.44.0 - diff --git a/packages/glibc/0064-AArch64-Check-kernel-version-for-SVE-ifuncs.patch b/packages/glibc/0064-AArch64-Check-kernel-version-for-SVE-ifuncs.patch deleted file mode 100644 index 634c3aab01b..00000000000 --- a/packages/glibc/0064-AArch64-Check-kernel-version-for-SVE-ifuncs.patch +++ /dev/null @@ -1,153 +0,0 @@ -From 92da7c2cfeeea36d651142f47e570dd5076bc166 Mon Sep 17 00:00:00 2001 -From: Wilco Dijkstra -Date: Thu, 21 Mar 2024 16:48:33 +0000 -Subject: [PATCH] AArch64: Check kernel version for SVE ifuncs - -Old Linux kernels disable SVE after every system call. Calling the -SVE-optimized memcpy afterwards will then cause a trap to reenable SVE. -As a result, applications with a high use of syscalls may run slower with -the SVE memcpy. This is true for kernels between 4.15.0 and before 6.2.0, -except for 5.14.0 which was patched. Avoid this by checking the kernel -version and selecting the SVE ifunc on modern kernels. - -Parse the kernel version reported by uname() into a 24-bit kernel.major.minor -value without calling any library functions. If uname() is not supported or -if the version format is not recognized, assume the kernel is modern. - -Tested-by: Florian Weimer -Reviewed-by: Szabolcs Nagy -(cherry picked from commit 2e94e2f5d2bf2de124c8ad7da85463355e54ccb2) ---- - sysdeps/aarch64/multiarch/init-arch.h | 2 + - sysdeps/aarch64/multiarch/memcpy.c | 2 +- - sysdeps/aarch64/multiarch/memmove.c | 2 +- - .../unix/sysv/linux/aarch64/cpu-features.c | 48 +++++++++++++++++++ - .../unix/sysv/linux/aarch64/cpu-features.h | 1 + - 5 files changed, 53 insertions(+), 2 deletions(-) - -diff --git a/sysdeps/aarch64/multiarch/init-arch.h b/sysdeps/aarch64/multiarch/init-arch.h -index e23e6ff290..daef631e04 100644 ---- a/sysdeps/aarch64/multiarch/init-arch.h -+++ b/sysdeps/aarch64/multiarch/init-arch.h -@@ -36,5 +36,7 @@ - MTE_ENABLED (); \ - bool __attribute__((unused)) sve = \ - GLRO(dl_aarch64_cpu_features).sve; \ -+ bool __attribute__((unused)) prefer_sve_ifuncs = \ -+ GLRO(dl_aarch64_cpu_features).prefer_sve_ifuncs; \ - bool __attribute__((unused)) mops = \ - GLRO(dl_aarch64_cpu_features).mops; -diff --git a/sysdeps/aarch64/multiarch/memcpy.c b/sysdeps/aarch64/multiarch/memcpy.c -index 6471fe82e3..e7c7795db6 100644 ---- a/sysdeps/aarch64/multiarch/memcpy.c -+++ b/sysdeps/aarch64/multiarch/memcpy.c -@@ -47,7 +47,7 @@ select_memcpy_ifunc (void) - { - if (IS_A64FX (midr)) - return __memcpy_a64fx; -- return __memcpy_sve; -+ return prefer_sve_ifuncs ? __memcpy_sve : __memcpy_generic; - } - - if (IS_THUNDERX (midr)) -diff --git a/sysdeps/aarch64/multiarch/memmove.c b/sysdeps/aarch64/multiarch/memmove.c -index 7602a5d57d..6b77166851 100644 ---- a/sysdeps/aarch64/multiarch/memmove.c -+++ b/sysdeps/aarch64/multiarch/memmove.c -@@ -47,7 +47,7 @@ select_memmove_ifunc (void) - { - if (IS_A64FX (midr)) - return __memmove_a64fx; -- return __memmove_sve; -+ return prefer_sve_ifuncs ? __memmove_sve : __memmove_generic; - } - - if (IS_THUNDERX (midr)) -diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c -index a11a86efab..4a205a6b35 100644 ---- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c -+++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c -@@ -20,6 +20,7 @@ - #include - #include - #include -+#include - - #define DCZID_DZP_MASK (1 << 4) - #define DCZID_BS_MASK (0xf) -@@ -57,6 +58,46 @@ get_midr_from_mcpu (const char *mcpu) - return UINT64_MAX; - } - -+#if __LINUX_KERNEL_VERSION < 0x060200 -+ -+/* Return true if we prefer using SVE in string ifuncs. Old kernels disable -+ SVE after every system call which results in unnecessary traps if memcpy -+ uses SVE. This is true for kernels between 4.15.0 and before 6.2.0, except -+ for 5.14.0 which was patched. For these versions return false to avoid using -+ SVE ifuncs. -+ Parse the kernel version into a 24-bit kernel.major.minor value without -+ calling any library functions. If uname() is not supported or if the version -+ format is not recognized, assume the kernel is modern and return true. */ -+ -+static inline bool -+prefer_sve_ifuncs (void) -+{ -+ struct utsname buf; -+ const char *p = &buf.release[0]; -+ int kernel = 0; -+ int val; -+ -+ if (__uname (&buf) < 0) -+ return true; -+ -+ for (int shift = 16; shift >= 0; shift -= 8) -+ { -+ for (val = 0; *p >= '0' && *p <= '9'; p++) -+ val = val * 10 + *p - '0'; -+ kernel |= (val & 255) << shift; -+ if (*p++ != '.') -+ break; -+ } -+ -+ if (kernel >= 0x060200 || kernel == 0x050e00) -+ return true; -+ if (kernel >= 0x040f00) -+ return false; -+ return true; -+} -+ -+#endif -+ - static inline void - init_cpu_features (struct cpu_features *cpu_features) - { -@@ -119,6 +160,13 @@ init_cpu_features (struct cpu_features *cpu_features) - /* Check if SVE is supported. */ - cpu_features->sve = GLRO (dl_hwcap) & HWCAP_SVE; - -+ cpu_features->prefer_sve_ifuncs = cpu_features->sve; -+ -+#if __LINUX_KERNEL_VERSION < 0x060200 -+ if (cpu_features->sve) -+ cpu_features->prefer_sve_ifuncs = prefer_sve_ifuncs (); -+#endif -+ - /* Check if MOPS is supported. */ - cpu_features->mops = GLRO (dl_hwcap2) & HWCAP2_MOPS; - } -diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h -index 2cf745cd19..351a619dcb 100644 ---- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h -+++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h -@@ -71,6 +71,7 @@ struct cpu_features - /* Currently, the GLIBC memory tagging tunable only defines 8 bits. */ - uint8_t mte_state; - bool sve; -+ bool prefer_sve_ifuncs; - bool mops; - }; - --- -2.44.0 - diff --git a/packages/glibc/0065-powerpc-Fix-ld.so-address-determination-for-PCREL-mo.patch b/packages/glibc/0065-powerpc-Fix-ld.so-address-determination-for-PCREL-mo.patch deleted file mode 100644 index d31d839a1af..00000000000 --- a/packages/glibc/0065-powerpc-Fix-ld.so-address-determination-for-PCREL-mo.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 20534f81760635f3a71fb11ba251568cdc11c6a0 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Sun, 14 Apr 2024 08:24:51 +0200 -Subject: [PATCH] powerpc: Fix ld.so address determination for PCREL mode (bug - 31640) - -This seems to have stopped working with some GCC 14 versions, -which clobber r2. With other compilers, the kernel-provided -r2 value is still available at this point. - -Reviewed-by: Peter Bergner -(cherry picked from commit 14e56bd4ce15ac2d1cc43f762eb2e6b83fec1afe) ---- - sysdeps/powerpc/powerpc64/dl-machine.h | 19 +++++++++++++++++++ - 1 file changed, 19 insertions(+) - -diff --git a/sysdeps/powerpc/powerpc64/dl-machine.h b/sysdeps/powerpc/powerpc64/dl-machine.h -index 9b8943bc91..7fa8a355b5 100644 ---- a/sysdeps/powerpc/powerpc64/dl-machine.h -+++ b/sysdeps/powerpc/powerpc64/dl-machine.h -@@ -79,6 +79,7 @@ elf_host_tolerates_class (const Elf64_Ehdr *ehdr) - static inline Elf64_Addr - elf_machine_load_address (void) __attribute__ ((const)); - -+#ifndef __PCREL__ - static inline Elf64_Addr - elf_machine_load_address (void) - { -@@ -106,6 +107,24 @@ elf_machine_dynamic (void) - /* Then subtract off the load address offset. */ - return runtime_dynamic - elf_machine_load_address() ; - } -+#else /* __PCREL__ */ -+/* In PCREL mode, r2 may have been clobbered. Rely on relative -+ relocations instead. */ -+ -+static inline ElfW(Addr) -+elf_machine_load_address (void) -+{ -+ extern const ElfW(Ehdr) __ehdr_start attribute_hidden; -+ return (ElfW(Addr)) &__ehdr_start; -+} -+ -+static inline ElfW(Addr) -+elf_machine_dynamic (void) -+{ -+ extern ElfW(Dyn) _DYNAMIC[] attribute_hidden; -+ return (ElfW(Addr)) _DYNAMIC - elf_machine_load_address (); -+} -+#endif /* __PCREL__ */ - - /* The PLT uses Elf64_Rela relocs. */ - #define elf_machine_relplt elf_machine_rela --- -2.44.0 - diff --git a/packages/glibc/0066-iconv-ISO-2022-CN-EXT-fix-out-of-bound-writes-when-w.patch b/packages/glibc/0066-iconv-ISO-2022-CN-EXT-fix-out-of-bound-writes-when-w.patch deleted file mode 100644 index bfc742ecce1..00000000000 --- a/packages/glibc/0066-iconv-ISO-2022-CN-EXT-fix-out-of-bound-writes-when-w.patch +++ /dev/null @@ -1,216 +0,0 @@ -From e1135387deded5d73924f6ca20c72a35dc8e1bda Mon Sep 17 00:00:00 2001 -From: Charles Fol -Date: Thu, 28 Mar 2024 12:25:38 -0300 -Subject: [PATCH] iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing - escape sequence (CVE-2024-2961) - -ISO-2022-CN-EXT uses escape sequences to indicate character set changes -(as specified by RFC 1922). While the SOdesignation has the expected -bounds checks, neither SS2designation nor SS3designation have its; -allowing a write overflow of 1, 2, or 3 bytes with fixed values: -'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'. - -Checked on aarch64-linux-gnu. - -Co-authored-by: Adhemerval Zanella -Reviewed-by: Carlos O'Donell -Tested-by: Carlos O'Donell - -(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada) ---- - iconvdata/Makefile | 5 +- - iconvdata/iso-2022-cn-ext.c | 12 +++ - iconvdata/tst-iconv-iso-2022-cn-ext.c | 128 ++++++++++++++++++++++++++ - 3 files changed, 144 insertions(+), 1 deletion(-) - create mode 100644 iconvdata/tst-iconv-iso-2022-cn-ext.c - -diff --git a/iconvdata/Makefile b/iconvdata/Makefile -index dd5cafab21..075098dce8 100644 ---- a/iconvdata/Makefile -+++ b/iconvdata/Makefile -@@ -75,7 +75,8 @@ ifeq (yes,$(build-shared)) - tests = bug-iconv1 bug-iconv2 tst-loading tst-e2big tst-iconv4 bug-iconv4 \ - tst-iconv6 bug-iconv5 bug-iconv6 tst-iconv7 bug-iconv8 bug-iconv9 \ - bug-iconv10 bug-iconv11 bug-iconv12 tst-iconv-big5-hkscs-to-2ucs4 \ -- bug-iconv13 bug-iconv14 bug-iconv15 -+ bug-iconv13 bug-iconv14 bug-iconv15 \ -+ tst-iconv-iso-2022-cn-ext - ifeq ($(have-thread-library),yes) - tests += bug-iconv3 - endif -@@ -330,6 +331,8 @@ $(objpfx)bug-iconv14.out: $(addprefix $(objpfx), $(gconv-modules)) \ - $(addprefix $(objpfx),$(modules.so)) - $(objpfx)bug-iconv15.out: $(addprefix $(objpfx), $(gconv-modules)) \ - $(addprefix $(objpfx),$(modules.so)) -+$(objpfx)tst-iconv-iso-2022-cn-ext.out: $(addprefix $(objpfx), $(gconv-modules)) \ -+ $(addprefix $(objpfx),$(modules.so)) - - $(objpfx)iconv-test.out: run-iconv-test.sh \ - $(addprefix $(objpfx), $(gconv-modules)) \ -diff --git a/iconvdata/iso-2022-cn-ext.c b/iconvdata/iso-2022-cn-ext.c -index 36727f0865..9bb02238a3 100644 ---- a/iconvdata/iso-2022-cn-ext.c -+++ b/iconvdata/iso-2022-cn-ext.c -@@ -574,6 +574,12 @@ DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized"); - { \ - const char *escseq; \ - \ -+ if (outptr + 4 > outend) \ -+ { \ -+ result = __GCONV_FULL_OUTPUT; \ -+ break; \ -+ } \ -+ \ - assert (used == CNS11643_2_set); /* XXX */ \ - escseq = "*H"; \ - *outptr++ = ESC; \ -@@ -587,6 +593,12 @@ DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized"); - { \ - const char *escseq; \ - \ -+ if (outptr + 4 > outend) \ -+ { \ -+ result = __GCONV_FULL_OUTPUT; \ -+ break; \ -+ } \ -+ \ - assert ((used >> 5) >= 3 && (used >> 5) <= 7); \ - escseq = "+I+J+K+L+M" + ((used >> 5) - 3) * 2; \ - *outptr++ = ESC; \ -diff --git a/iconvdata/tst-iconv-iso-2022-cn-ext.c b/iconvdata/tst-iconv-iso-2022-cn-ext.c -new file mode 100644 -index 0000000000..96a8765fd5 ---- /dev/null -+++ b/iconvdata/tst-iconv-iso-2022-cn-ext.c -@@ -0,0 +1,128 @@ -+/* Verify ISO-2022-CN-EXT does not write out of the bounds. -+ Copyright (C) 2024 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+ -+#include -+#include -+#include -+ -+#include -+#include -+#include -+ -+/* The test sets up a two memory page buffer with the second page marked -+ PROT_NONE to trigger a fault if the conversion writes beyond the exact -+ expected amount. Then we carry out various conversions and precisely -+ place the start of the output buffer in order to trigger a SIGSEGV if the -+ process writes anywhere between 1 and page sized bytes more (only one -+ PROT_NONE page is setup as a canary) than expected. These tests exercise -+ all three of the cases in ISO-2022-CN-EXT where the converter must switch -+ character sets and may run out of buffer space while doing the -+ operation. */ -+ -+static int -+do_test (void) -+{ -+ iconv_t cd = iconv_open ("ISO-2022-CN-EXT", "UTF-8"); -+ TEST_VERIFY_EXIT (cd != (iconv_t) -1); -+ -+ char *ntf; -+ size_t ntfsize; -+ char *outbufbase; -+ { -+ int pgz = getpagesize (); -+ TEST_VERIFY_EXIT (pgz > 0); -+ ntfsize = 2 * pgz; -+ -+ ntf = xmmap (NULL, ntfsize, PROT_READ | PROT_WRITE, MAP_PRIVATE -+ | MAP_ANONYMOUS, -1); -+ xmprotect (ntf + pgz, pgz, PROT_NONE); -+ -+ outbufbase = ntf + pgz; -+ } -+ -+ /* Check if SOdesignation escape sequence does not trigger an OOB write. */ -+ { -+ char inbuf[] = "\xe4\xba\xa4\xe6\x8d\xa2"; -+ -+ for (int i = 0; i < 9; i++) -+ { -+ char *inp = inbuf; -+ size_t inleft = sizeof (inbuf) - 1; -+ -+ char *outp = outbufbase - i; -+ size_t outleft = i; -+ -+ TEST_VERIFY_EXIT (iconv (cd, &inp, &inleft, &outp, &outleft) -+ == (size_t) -1); -+ TEST_COMPARE (errno, E2BIG); -+ -+ TEST_VERIFY_EXIT (iconv (cd, NULL, NULL, NULL, NULL) == 0); -+ } -+ } -+ -+ /* Same as before for SS2designation. */ -+ { -+ char inbuf[] = "㴽 \xe3\xb4\xbd"; -+ -+ for (int i = 0; i < 14; i++) -+ { -+ char *inp = inbuf; -+ size_t inleft = sizeof (inbuf) - 1; -+ -+ char *outp = outbufbase - i; -+ size_t outleft = i; -+ -+ TEST_VERIFY_EXIT (iconv (cd, &inp, &inleft, &outp, &outleft) -+ == (size_t) -1); -+ TEST_COMPARE (errno, E2BIG); -+ -+ TEST_VERIFY_EXIT (iconv (cd, NULL, NULL, NULL, NULL) == 0); -+ } -+ } -+ -+ /* Same as before for SS3designation. */ -+ { -+ char inbuf[] = "劄 \xe5\x8a\x84"; -+ -+ for (int i = 0; i < 14; i++) -+ { -+ char *inp = inbuf; -+ size_t inleft = sizeof (inbuf) - 1; -+ -+ char *outp = outbufbase - i; -+ size_t outleft = i; -+ -+ TEST_VERIFY_EXIT (iconv (cd, &inp, &inleft, &outp, &outleft) -+ == (size_t) -1); -+ TEST_COMPARE (errno, E2BIG); -+ -+ TEST_VERIFY_EXIT (iconv (cd, NULL, NULL, NULL, NULL) == 0); -+ } -+ } -+ -+ TEST_VERIFY_EXIT (iconv_close (cd) != -1); -+ -+ xmunmap (ntf, ntfsize); -+ -+ return 0; -+} -+ -+#include --- -2.44.0 - diff --git a/packages/glibc/0067-sparc-Remove-64-bit-check-on-sparc32-wordsize-BZ-275.patch b/packages/glibc/0067-sparc-Remove-64-bit-check-on-sparc32-wordsize-BZ-275.patch deleted file mode 100644 index fa3ee72951f..00000000000 --- a/packages/glibc/0067-sparc-Remove-64-bit-check-on-sparc32-wordsize-BZ-275.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 61484011e76d2bfafbe401f7058717c2029dd155 Mon Sep 17 00:00:00 2001 -From: Adhemerval Zanella -Date: Wed, 17 Jan 2024 10:13:06 -0300 -Subject: [PATCH] sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574) - -The sparc32 is always 32 bits. - -Checked on sparcv9-linux-gnu. - -(cherry picked from commit dd57f5e7b652772499cb220d78157c1038d24f06) ---- - sysdeps/sparc/sparc32/bits/wordsize.h | 13 ++++--------- - 1 file changed, 4 insertions(+), 9 deletions(-) - -diff --git a/sysdeps/sparc/sparc32/bits/wordsize.h b/sysdeps/sparc/sparc32/bits/wordsize.h -index 2f66f10d72..4bbd2e63b4 100644 ---- a/sysdeps/sparc/sparc32/bits/wordsize.h -+++ b/sysdeps/sparc/sparc32/bits/wordsize.h -@@ -1,11 +1,6 @@ - /* Determine the wordsize from the preprocessor defines. */ - --#if defined __arch64__ || defined __sparcv9 --# define __WORDSIZE 64 --# define __WORDSIZE_TIME64_COMPAT32 1 --#else --# define __WORDSIZE 32 --# define __WORDSIZE_TIME64_COMPAT32 0 --# define __WORDSIZE32_SIZE_ULONG 0 --# define __WORDSIZE32_PTRDIFF_LONG 0 --#endif -+#define __WORDSIZE 32 -+#define __WORDSIZE_TIME64_COMPAT32 0 -+#define __WORDSIZE32_SIZE_ULONG 0 -+#define __WORDSIZE32_PTRDIFF_LONG 0 --- -2.44.0 - diff --git a/packages/glibc/0068-login-Check-default-sizes-of-structs-utmp-utmpx-last.patch b/packages/glibc/0068-login-Check-default-sizes-of-structs-utmp-utmpx-last.patch deleted file mode 100644 index 4f6f1e2ed31..00000000000 --- a/packages/glibc/0068-login-Check-default-sizes-of-structs-utmp-utmpx-last.patch +++ /dev/null @@ -1,246 +0,0 @@ -From 78d9f91da6682f4073f05abaf309e4ca2b746003 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Fri, 19 Apr 2024 14:38:17 +0200 -Subject: [PATCH] login: Check default sizes of structs utmp, utmpx, lastlog - -The default is for ports with a 64-bit time_t. -Ports with a 32-bit time_t or with __WORDSIZE_TIME64_COMPAT32=1 -need to override it. - -Reviewed-by: Adhemerval Zanella -(cherry picked from commit 4d4da5aab936504b2d3eca3146e109630d9093c4) ---- - login/Makefile | 2 +- - login/tst-utmp-size.c | 33 +++++++++++++++++++++++++++++++++ - sysdeps/arc/utmp-size.h | 3 +++ - sysdeps/arm/utmp-size.h | 2 ++ - sysdeps/csky/utmp-size.h | 2 ++ - sysdeps/generic/utmp-size.h | 23 +++++++++++++++++++++++ - sysdeps/hppa/utmp-size.h | 2 ++ - sysdeps/m68k/utmp-size.h | 3 +++ - sysdeps/microblaze/utmp-size.h | 2 ++ - sysdeps/mips/utmp-size.h | 2 ++ - sysdeps/nios2/utmp-size.h | 2 ++ - sysdeps/or1k/utmp-size.h | 3 +++ - sysdeps/powerpc/utmp-size.h | 2 ++ - sysdeps/riscv/utmp-size.h | 2 ++ - sysdeps/sh/utmp-size.h | 2 ++ - sysdeps/sparc/utmp-size.h | 2 ++ - sysdeps/x86/utmp-size.h | 2 ++ - 17 files changed, 88 insertions(+), 1 deletion(-) - create mode 100644 login/tst-utmp-size.c - create mode 100644 sysdeps/arc/utmp-size.h - create mode 100644 sysdeps/arm/utmp-size.h - create mode 100644 sysdeps/csky/utmp-size.h - create mode 100644 sysdeps/generic/utmp-size.h - create mode 100644 sysdeps/hppa/utmp-size.h - create mode 100644 sysdeps/m68k/utmp-size.h - create mode 100644 sysdeps/microblaze/utmp-size.h - create mode 100644 sysdeps/mips/utmp-size.h - create mode 100644 sysdeps/nios2/utmp-size.h - create mode 100644 sysdeps/or1k/utmp-size.h - create mode 100644 sysdeps/powerpc/utmp-size.h - create mode 100644 sysdeps/riscv/utmp-size.h - create mode 100644 sysdeps/sh/utmp-size.h - create mode 100644 sysdeps/sparc/utmp-size.h - create mode 100644 sysdeps/x86/utmp-size.h - -diff --git a/login/Makefile b/login/Makefile -index 74216cbcb2..1cca663769 100644 ---- a/login/Makefile -+++ b/login/Makefile -@@ -44,7 +44,7 @@ subdir-dirs = programs - vpath %.c programs - - tests := tst-utmp tst-utmpx tst-grantpt tst-ptsname tst-getlogin tst-updwtmpx \ -- tst-pututxline-lockfail tst-pututxline-cache -+ tst-pututxline-lockfail tst-pututxline-cache tst-utmp-size - - # Empty compatibility library for old binaries. - extra-libs := libutil -diff --git a/login/tst-utmp-size.c b/login/tst-utmp-size.c -new file mode 100644 -index 0000000000..1b7f7ff042 ---- /dev/null -+++ b/login/tst-utmp-size.c -@@ -0,0 +1,33 @@ -+/* Check expected sizes of struct utmp, struct utmpx, struct lastlog. -+ Copyright (C) 2024 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+#include -+ -+static int -+do_test (void) -+{ -+ _Static_assert (sizeof (struct utmp) == UTMP_SIZE, "struct utmp size"); -+ _Static_assert (sizeof (struct utmpx) == UTMP_SIZE, "struct utmpx size"); -+ _Static_assert (sizeof (struct lastlog) == LASTLOG_SIZE, -+ "struct lastlog size"); -+ return 0; -+} -+ -+#include -diff --git a/sysdeps/arc/utmp-size.h b/sysdeps/arc/utmp-size.h -new file mode 100644 -index 0000000000..a247fcd3da ---- /dev/null -+++ b/sysdeps/arc/utmp-size.h -@@ -0,0 +1,3 @@ -+/* arc has less padding than other architectures with 64-bit time_t. */ -+#define UTMP_SIZE 392 -+#define LASTLOG_SIZE 296 -diff --git a/sysdeps/arm/utmp-size.h b/sysdeps/arm/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/arm/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/csky/utmp-size.h b/sysdeps/csky/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/csky/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/generic/utmp-size.h b/sysdeps/generic/utmp-size.h -new file mode 100644 -index 0000000000..89dbe878b0 ---- /dev/null -+++ b/sysdeps/generic/utmp-size.h -@@ -0,0 +1,23 @@ -+/* Expected sizes of utmp-related structures stored in files. 64-bit version. -+ Copyright (C) 2024 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+/* Expected size, in bytes, of struct utmp and struct utmpx. */ -+#define UTMP_SIZE 400 -+ -+/* Expected size, in bytes, of struct lastlog. */ -+#define LASTLOG_SIZE 296 -diff --git a/sysdeps/hppa/utmp-size.h b/sysdeps/hppa/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/hppa/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/m68k/utmp-size.h b/sysdeps/m68k/utmp-size.h -new file mode 100644 -index 0000000000..5946685819 ---- /dev/null -+++ b/sysdeps/m68k/utmp-size.h -@@ -0,0 +1,3 @@ -+/* m68k has 2-byte alignment. */ -+#define UTMP_SIZE 382 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/microblaze/utmp-size.h b/sysdeps/microblaze/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/microblaze/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/mips/utmp-size.h b/sysdeps/mips/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/mips/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/nios2/utmp-size.h b/sysdeps/nios2/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/nios2/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/or1k/utmp-size.h b/sysdeps/or1k/utmp-size.h -new file mode 100644 -index 0000000000..6b3653aa4d ---- /dev/null -+++ b/sysdeps/or1k/utmp-size.h -@@ -0,0 +1,3 @@ -+/* or1k has less padding than other architectures with 64-bit time_t. */ -+#define UTMP_SIZE 392 -+#define LASTLOG_SIZE 296 -diff --git a/sysdeps/powerpc/utmp-size.h b/sysdeps/powerpc/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/powerpc/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/riscv/utmp-size.h b/sysdeps/riscv/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/riscv/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/sh/utmp-size.h b/sysdeps/sh/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/sh/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/sparc/utmp-size.h b/sysdeps/sparc/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/sparc/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 -diff --git a/sysdeps/x86/utmp-size.h b/sysdeps/x86/utmp-size.h -new file mode 100644 -index 0000000000..8f21ebe1b6 ---- /dev/null -+++ b/sysdeps/x86/utmp-size.h -@@ -0,0 +1,2 @@ -+#define UTMP_SIZE 384 -+#define LASTLOG_SIZE 292 --- -2.44.0 - diff --git a/packages/glibc/0069-login-structs-utmp-utmpx-lastlog-_TIME_BITS-independ.patch b/packages/glibc/0069-login-structs-utmp-utmpx-lastlog-_TIME_BITS-independ.patch deleted file mode 100644 index 8d8f7053a30..00000000000 --- a/packages/glibc/0069-login-structs-utmp-utmpx-lastlog-_TIME_BITS-independ.patch +++ /dev/null @@ -1,399 +0,0 @@ -From 68bff8859231787f7e19b01788cc59b673c14046 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Fri, 19 Apr 2024 14:38:17 +0200 -Subject: [PATCH] login: structs utmp, utmpx, lastlog _TIME_BITS independence - (bug 30701) - -These structs describe file formats under /var/log, and should not -depend on the definition of _TIME_BITS. This is achieved by -defining __WORDSIZE_TIME64_COMPAT32 to 1 on 32-bit ports that -support 32-bit time_t values (where __time_t is 32 bits). - -Reviewed-by: Adhemerval Zanella -(cherry picked from commit 9abdae94c7454c45e02e97e4ed1eb1b1915d13d8) ---- - bits/wordsize.h | 6 ++++-- - login/Makefile | 4 +++- - login/tst-utmp-size-64.c | 2 ++ - sysdeps/arm/bits/wordsize.h | 21 +++++++++++++++++++ - sysdeps/csky/bits/wordsize.h | 21 +++++++++++++++++++ - sysdeps/m68k/bits/wordsize.h | 21 +++++++++++++++++++ - sysdeps/microblaze/bits/wordsize.h | 21 +++++++++++++++++++ - sysdeps/mips/bits/wordsize.h | 6 +----- - sysdeps/nios2/bits/wordsize.h | 21 +++++++++++++++++++ - sysdeps/powerpc/powerpc32/bits/wordsize.h | 3 +-- - sysdeps/powerpc/powerpc64/bits/wordsize.h | 3 +-- - sysdeps/sh/bits/wordsize.h | 21 +++++++++++++++++++ - sysdeps/sparc/sparc32/bits/wordsize.h | 2 +- - sysdeps/sparc/sparc64/bits/wordsize.h | 3 +-- - sysdeps/unix/sysv/linux/hppa/bits/wordsize.h | 21 +++++++++++++++++++ - .../unix/sysv/linux/powerpc/bits/wordsize.h | 3 +-- - sysdeps/unix/sysv/linux/sparc/bits/wordsize.h | 3 +-- - sysdeps/x86/bits/wordsize.h | 5 ++--- - 18 files changed, 165 insertions(+), 22 deletions(-) - create mode 100644 login/tst-utmp-size-64.c - create mode 100644 sysdeps/arm/bits/wordsize.h - create mode 100644 sysdeps/csky/bits/wordsize.h - create mode 100644 sysdeps/m68k/bits/wordsize.h - create mode 100644 sysdeps/microblaze/bits/wordsize.h - create mode 100644 sysdeps/nios2/bits/wordsize.h - create mode 100644 sysdeps/sh/bits/wordsize.h - create mode 100644 sysdeps/unix/sysv/linux/hppa/bits/wordsize.h - -diff --git a/bits/wordsize.h b/bits/wordsize.h -index 14edae3a11..53013a9275 100644 ---- a/bits/wordsize.h -+++ b/bits/wordsize.h -@@ -21,7 +21,9 @@ - #define __WORDSIZE32_PTRDIFF_LONG - - /* Set to 1 in order to force time types to be 32 bits instead of 64 bits in -- struct lastlog and struct utmp{,x} on 64-bit ports. This may be done in -+ struct lastlog and struct utmp{,x}. This may be done in - order to make 64-bit ports compatible with 32-bit ports. Set to 0 for -- 64-bit ports where the time types are 64-bits or for any 32-bit ports. */ -+ 64-bit ports where the time types are 64-bits and new 32-bit ports -+ where time_t is 64 bits, and there is no companion architecture with -+ 32-bit time_t. */ - #define __WORDSIZE_TIME64_COMPAT32 -diff --git a/login/Makefile b/login/Makefile -index 1cca663769..7dd6cab9c9 100644 ---- a/login/Makefile -+++ b/login/Makefile -@@ -44,7 +44,9 @@ subdir-dirs = programs - vpath %.c programs - - tests := tst-utmp tst-utmpx tst-grantpt tst-ptsname tst-getlogin tst-updwtmpx \ -- tst-pututxline-lockfail tst-pututxline-cache tst-utmp-size -+ tst-pututxline-lockfail tst-pututxline-cache tst-utmp-size tst-utmp-size-64 -+ -+CFLAGS-tst-utmp-size-64.c += -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64 - - # Empty compatibility library for old binaries. - extra-libs := libutil -diff --git a/login/tst-utmp-size-64.c b/login/tst-utmp-size-64.c -new file mode 100644 -index 0000000000..7a581a4c12 ---- /dev/null -+++ b/login/tst-utmp-size-64.c -@@ -0,0 +1,2 @@ -+/* The on-disk layout must not change in time64 mode. */ -+#include "tst-utmp-size.c" -diff --git a/sysdeps/arm/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h -new file mode 100644 -index 0000000000..6ecbfe7c86 ---- /dev/null -+++ b/sysdeps/arm/bits/wordsize.h -@@ -0,0 +1,21 @@ -+/* Copyright (C) 1999-2024 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#define __WORDSIZE 32 -+#define __WORDSIZE_TIME64_COMPAT32 1 -+#define __WORDSIZE32_SIZE_ULONG 0 -+#define __WORDSIZE32_PTRDIFF_LONG 0 -diff --git a/sysdeps/csky/bits/wordsize.h b/sysdeps/csky/bits/wordsize.h -new file mode 100644 -index 0000000000..6ecbfe7c86 ---- /dev/null -+++ b/sysdeps/csky/bits/wordsize.h -@@ -0,0 +1,21 @@ -+/* Copyright (C) 1999-2024 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#define __WORDSIZE 32 -+#define __WORDSIZE_TIME64_COMPAT32 1 -+#define __WORDSIZE32_SIZE_ULONG 0 -+#define __WORDSIZE32_PTRDIFF_LONG 0 -diff --git a/sysdeps/m68k/bits/wordsize.h b/sysdeps/m68k/bits/wordsize.h -new file mode 100644 -index 0000000000..6ecbfe7c86 ---- /dev/null -+++ b/sysdeps/m68k/bits/wordsize.h -@@ -0,0 +1,21 @@ -+/* Copyright (C) 1999-2024 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#define __WORDSIZE 32 -+#define __WORDSIZE_TIME64_COMPAT32 1 -+#define __WORDSIZE32_SIZE_ULONG 0 -+#define __WORDSIZE32_PTRDIFF_LONG 0 -diff --git a/sysdeps/microblaze/bits/wordsize.h b/sysdeps/microblaze/bits/wordsize.h -new file mode 100644 -index 0000000000..6ecbfe7c86 ---- /dev/null -+++ b/sysdeps/microblaze/bits/wordsize.h -@@ -0,0 +1,21 @@ -+/* Copyright (C) 1999-2024 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#define __WORDSIZE 32 -+#define __WORDSIZE_TIME64_COMPAT32 1 -+#define __WORDSIZE32_SIZE_ULONG 0 -+#define __WORDSIZE32_PTRDIFF_LONG 0 -diff --git a/sysdeps/mips/bits/wordsize.h b/sysdeps/mips/bits/wordsize.h -index 9d7d961f3e..cb72a0869a 100644 ---- a/sysdeps/mips/bits/wordsize.h -+++ b/sysdeps/mips/bits/wordsize.h -@@ -19,11 +19,7 @@ - - #define __WORDSIZE _MIPS_SZPTR - --#if _MIPS_SIM == _ABI64 --# define __WORDSIZE_TIME64_COMPAT32 1 --#else --# define __WORDSIZE_TIME64_COMPAT32 0 --#endif -+#define __WORDSIZE_TIME64_COMPAT32 1 - - #if __WORDSIZE == 32 - #define __WORDSIZE32_SIZE_ULONG 0 -diff --git a/sysdeps/nios2/bits/wordsize.h b/sysdeps/nios2/bits/wordsize.h -new file mode 100644 -index 0000000000..6ecbfe7c86 ---- /dev/null -+++ b/sysdeps/nios2/bits/wordsize.h -@@ -0,0 +1,21 @@ -+/* Copyright (C) 1999-2024 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#define __WORDSIZE 32 -+#define __WORDSIZE_TIME64_COMPAT32 1 -+#define __WORDSIZE32_SIZE_ULONG 0 -+#define __WORDSIZE32_PTRDIFF_LONG 0 -diff --git a/sysdeps/powerpc/powerpc32/bits/wordsize.h b/sysdeps/powerpc/powerpc32/bits/wordsize.h -index 04ca9debf0..6993fb6b29 100644 ---- a/sysdeps/powerpc/powerpc32/bits/wordsize.h -+++ b/sysdeps/powerpc/powerpc32/bits/wordsize.h -@@ -2,10 +2,9 @@ - - #if defined __powerpc64__ - # define __WORDSIZE 64 --# define __WORDSIZE_TIME64_COMPAT32 1 - #else - # define __WORDSIZE 32 --# define __WORDSIZE_TIME64_COMPAT32 0 - # define __WORDSIZE32_SIZE_ULONG 0 - # define __WORDSIZE32_PTRDIFF_LONG 0 - #endif -+#define __WORDSIZE_TIME64_COMPAT32 1 -diff --git a/sysdeps/powerpc/powerpc64/bits/wordsize.h b/sysdeps/powerpc/powerpc64/bits/wordsize.h -index 04ca9debf0..6993fb6b29 100644 ---- a/sysdeps/powerpc/powerpc64/bits/wordsize.h -+++ b/sysdeps/powerpc/powerpc64/bits/wordsize.h -@@ -2,10 +2,9 @@ - - #if defined __powerpc64__ - # define __WORDSIZE 64 --# define __WORDSIZE_TIME64_COMPAT32 1 - #else - # define __WORDSIZE 32 --# define __WORDSIZE_TIME64_COMPAT32 0 - # define __WORDSIZE32_SIZE_ULONG 0 - # define __WORDSIZE32_PTRDIFF_LONG 0 - #endif -+#define __WORDSIZE_TIME64_COMPAT32 1 -diff --git a/sysdeps/sh/bits/wordsize.h b/sysdeps/sh/bits/wordsize.h -new file mode 100644 -index 0000000000..6ecbfe7c86 ---- /dev/null -+++ b/sysdeps/sh/bits/wordsize.h -@@ -0,0 +1,21 @@ -+/* Copyright (C) 1999-2024 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#define __WORDSIZE 32 -+#define __WORDSIZE_TIME64_COMPAT32 1 -+#define __WORDSIZE32_SIZE_ULONG 0 -+#define __WORDSIZE32_PTRDIFF_LONG 0 -diff --git a/sysdeps/sparc/sparc32/bits/wordsize.h b/sysdeps/sparc/sparc32/bits/wordsize.h -index 4bbd2e63b4..a2e79e0fa9 100644 ---- a/sysdeps/sparc/sparc32/bits/wordsize.h -+++ b/sysdeps/sparc/sparc32/bits/wordsize.h -@@ -1,6 +1,6 @@ - /* Determine the wordsize from the preprocessor defines. */ - - #define __WORDSIZE 32 --#define __WORDSIZE_TIME64_COMPAT32 0 -+#define __WORDSIZE_TIME64_COMPAT32 1 - #define __WORDSIZE32_SIZE_ULONG 0 - #define __WORDSIZE32_PTRDIFF_LONG 0 -diff --git a/sysdeps/sparc/sparc64/bits/wordsize.h b/sysdeps/sparc/sparc64/bits/wordsize.h -index 2f66f10d72..ea103e5970 100644 ---- a/sysdeps/sparc/sparc64/bits/wordsize.h -+++ b/sysdeps/sparc/sparc64/bits/wordsize.h -@@ -2,10 +2,9 @@ - - #if defined __arch64__ || defined __sparcv9 - # define __WORDSIZE 64 --# define __WORDSIZE_TIME64_COMPAT32 1 - #else - # define __WORDSIZE 32 --# define __WORDSIZE_TIME64_COMPAT32 0 - # define __WORDSIZE32_SIZE_ULONG 0 - # define __WORDSIZE32_PTRDIFF_LONG 0 - #endif -+#define __WORDSIZE_TIME64_COMPAT32 1 -diff --git a/sysdeps/unix/sysv/linux/hppa/bits/wordsize.h b/sysdeps/unix/sysv/linux/hppa/bits/wordsize.h -new file mode 100644 -index 0000000000..6ecbfe7c86 ---- /dev/null -+++ b/sysdeps/unix/sysv/linux/hppa/bits/wordsize.h -@@ -0,0 +1,21 @@ -+/* Copyright (C) 1999-2024 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#define __WORDSIZE 32 -+#define __WORDSIZE_TIME64_COMPAT32 1 -+#define __WORDSIZE32_SIZE_ULONG 0 -+#define __WORDSIZE32_PTRDIFF_LONG 0 -diff --git a/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h b/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h -index 04ca9debf0..6993fb6b29 100644 ---- a/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h -+++ b/sysdeps/unix/sysv/linux/powerpc/bits/wordsize.h -@@ -2,10 +2,9 @@ - - #if defined __powerpc64__ - # define __WORDSIZE 64 --# define __WORDSIZE_TIME64_COMPAT32 1 - #else - # define __WORDSIZE 32 --# define __WORDSIZE_TIME64_COMPAT32 0 - # define __WORDSIZE32_SIZE_ULONG 0 - # define __WORDSIZE32_PTRDIFF_LONG 0 - #endif -+#define __WORDSIZE_TIME64_COMPAT32 1 -diff --git a/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h b/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h -index 7562875ee2..ea103e5970 100644 ---- a/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h -+++ b/sysdeps/unix/sysv/linux/sparc/bits/wordsize.h -@@ -2,10 +2,9 @@ - - #if defined __arch64__ || defined __sparcv9 - # define __WORDSIZE 64 --# define __WORDSIZE_TIME64_COMPAT32 1 - #else - # define __WORDSIZE 32 - # define __WORDSIZE32_SIZE_ULONG 0 - # define __WORDSIZE32_PTRDIFF_LONG 0 --# define __WORDSIZE_TIME64_COMPAT32 0 - #endif -+#define __WORDSIZE_TIME64_COMPAT32 1 -diff --git a/sysdeps/x86/bits/wordsize.h b/sysdeps/x86/bits/wordsize.h -index 70f652bca1..3f40aa76f9 100644 ---- a/sysdeps/x86/bits/wordsize.h -+++ b/sysdeps/x86/bits/wordsize.h -@@ -8,10 +8,9 @@ - #define __WORDSIZE32_PTRDIFF_LONG 0 - #endif - -+#define __WORDSIZE_TIME64_COMPAT32 1 -+ - #ifdef __x86_64__ --# define __WORDSIZE_TIME64_COMPAT32 1 - /* Both x86-64 and x32 use the 64-bit system call interface. */ - # define __SYSCALL_WORDSIZE 64 --#else --# define __WORDSIZE_TIME64_COMPAT32 0 - #endif --- -2.44.0 - diff --git a/packages/glibc/0070-nptl-Fix-tst-cancel30-on-kernels-without-ppoll_time6.patch b/packages/glibc/0070-nptl-Fix-tst-cancel30-on-kernels-without-ppoll_time6.patch deleted file mode 100644 index abeef473251..00000000000 --- a/packages/glibc/0070-nptl-Fix-tst-cancel30-on-kernels-without-ppoll_time6.patch +++ /dev/null @@ -1,55 +0,0 @@ -From decc9f504ae78bbee6faa49b9bca71c7eae62ea9 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Tue, 23 Apr 2024 21:16:32 +0200 -Subject: [PATCH] nptl: Fix tst-cancel30 on kernels without ppoll_time64 - support - -Fall back to ppoll if ppoll_time64 fails with ENOSYS. -Fixes commit 370da8a121c3ba9eeb2f13da15fc0f21f4136b25 ("nptl: Fix -tst-cancel30 on sparc64"). - -Reviewed-by: Adhemerval Zanella -(cherry picked from commit f4724843ada64a51d66f65d3199fe431f9d4c254) ---- - sysdeps/pthread/tst-cancel30.c | 15 +++++++++++---- - 1 file changed, 11 insertions(+), 4 deletions(-) - -diff --git a/sysdeps/pthread/tst-cancel30.c b/sysdeps/pthread/tst-cancel30.c -index ff803386be..ace925ca67 100644 ---- a/sysdeps/pthread/tst-cancel30.c -+++ b/sysdeps/pthread/tst-cancel30.c -@@ -18,6 +18,7 @@ - License along with the GNU C Library; if not, see - . */ - -+#include - #include - #include - #include -@@ -46,13 +47,19 @@ tf (void *arg) - - /* Wait indefinitely for cancellation, which only works if asynchronous - cancellation is enabled. */ --#if defined SYS_ppoll || defined SYS_ppoll_time64 --# ifndef SYS_ppoll_time64 --# define SYS_ppoll_time64 SYS_ppoll -+#ifdef SYS_ppoll_time64 -+ long int ret = syscall (SYS_ppoll_time64, NULL, 0, NULL, NULL); -+ (void) ret; -+# ifdef SYS_ppoll -+ if (ret == -1 && errno == ENOSYS) -+ syscall (SYS_ppoll, NULL, 0, NULL, NULL); - # endif -- syscall (SYS_ppoll_time64, NULL, 0, NULL, NULL); - #else -+# ifdef SYS_ppoll -+ syscall (SYS_ppoll, NULL, 0, NULL, NULL); -+# else - for (;;); -+# endif - #endif - - return 0; --- -2.44.0 - diff --git a/packages/glibc/9001-move-ldconfig-cache-to-ephemeral-storage.patch b/packages/glibc/9001-move-ldconfig-cache-to-ephemeral-storage.patch deleted file mode 100644 index 862187cae96..00000000000 --- a/packages/glibc/9001-move-ldconfig-cache-to-ephemeral-storage.patch +++ /dev/null @@ -1,26 +0,0 @@ -From b7ddf0e1d55f4f59696ff42504511d0030accd2a Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Mon, 16 Sep 2019 17:00:50 +0000 -Subject: [PATCH] move ldconfig cache to ephemeral storage - -Signed-off-by: Ben Cressey ---- - sysdeps/generic/ldconfig.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sysdeps/generic/ldconfig.h b/sysdeps/generic/ldconfig.h -index 59da12ad89..18d080be0d 100644 ---- a/sysdeps/generic/ldconfig.h -+++ b/sysdeps/generic/ldconfig.h -@@ -49,7 +49,7 @@ - #define FLAG_LARCH_FLOAT_ABI_DOUBLE 0x1200 - - /* Name of auxiliary cache. */ --#define _PATH_LDCONFIG_AUX_CACHE "/var/cache/ldconfig/aux-cache" -+#define _PATH_LDCONFIG_AUX_CACHE "/run/cache/ldconfig/aux-cache" - - /* Declared in cache.c. */ - extern void print_cache (const char *cache_name); --- -2.39.2 - diff --git a/packages/glibc/Cargo.toml b/packages/glibc/Cargo.toml deleted file mode 100644 index 3af50c4daf1..00000000000 --- a/packages/glibc/Cargo.toml +++ /dev/null @@ -1,16 +0,0 @@ -[package] -name = "glibc" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://ftp.gnu.org/gnu/glibc" - -[[package.metadata.build-package.external-files]] -url = "https://ftp.gnu.org/gnu/glibc/glibc-2.38.tar.xz" -sha512 = "a6dd5e42dcd63d58e2820c783522c8c895890b6e8c8e6c83b025553de0cc77cdf227e7044e431ead98c89c68a9ce4dd63509b47e647775fb2075f011849c1900" diff --git a/packages/glibc/HACK-only-build-and-install-localedef.patch b/packages/glibc/HACK-only-build-and-install-localedef.patch deleted file mode 100644 index c38977cf7f9..00000000000 --- a/packages/glibc/HACK-only-build-and-install-localedef.patch +++ /dev/null @@ -1,81 +0,0 @@ -From e0ee1ec4eccbfd91f56a8c9967cd1fb79fc4a744 Mon Sep 17 00:00:00 2001 -From: Michael Olbrich -Date: Mon, 21 May 2018 16:45:02 +0200 -Subject: [PATCH] HACK: only build and install localedef - -Signed-off-by: Michael Olbrich - -Upstream: https://git.pengutronix.de/cgit/ptxdist/plain/patches/localedef-glibc-2.27/0001-HACK-only-build-and-install-localedef.patch?id=47116f66f411d4dadfce42c2fdd6d41b351ccfd4 -Signed-off-by: Peter Seiderer -["fixed" a build failure after 64924422a99690d147a166b4de3103f3bf3eaf6c] -Signed-off-by: Ben Cressey ---- - Rules | 14 ++++++++++---- - include/features.h | 2 +- - locale/Makefile | 6 +++--- - 3 files changed, 14 insertions(+), 8 deletions(-) - -diff --git a/Rules b/Rules -index 279ae490ac..1321956be6 100644 ---- a/Rules -+++ b/Rules -@@ -221,10 +221,16 @@ binaries-shared-notests = $(filter-out $(binaries-pie) $(binaries-static), \ - $(binaries-all-notests)) - - ifneq "$(strip $(binaries-shared-notests))" "" --$(addprefix $(objpfx),$(binaries-shared-notests)): %: %.o \ -- $(sort $(filter $(common-objpfx)lib%,$(link-libc))) \ -- $(addprefix $(csu-objpfx),start.o) $(+preinit) $(+postinit) -- $(+link) -+$(addprefix $(objpfx),$(binaries-shared-notests)): %: %.o -+ $(CC) -o $@ \ -+ $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \ -+ $(combreloc-LDFLAGS) $(relro-LDFLAGS) $(hashstyle-LDFLAGS) \ -+ $(filter-out $(addprefix $(csu-objpfx),start.o \ -+ $(start-installed-name))\ -+ $(+preinit) \ -+ $(link-extra-libs) \ -+ $(common-objpfx)libc% $(+postinit),$^) \ -+ $(link-extra-libs) - endif - - ifneq "$(strip $(binaries-shared-tests))" "" -diff --git a/include/features.h b/include/features.h -index 7c51b4a2e4..8522197511 100644 ---- a/include/features.h -+++ b/include/features.h -@@ -471,7 +471,7 @@ - to be disabled when building those functions, despite _GNU_SOURCE - being defined. */ - #if __GLIBC_USE (ISOC2X) --# define __GLIBC_USE_C2X_STRTOL 1 -+# define __GLIBC_USE_C2X_STRTOL 0 - #else - # define __GLIBC_USE_C2X_STRTOL 0 - #endif -diff --git a/locale/Makefile b/locale/Makefile -index d7036b0855..68afdddc7f 100644 ---- a/locale/Makefile -+++ b/locale/Makefile -@@ -33,15 +33,15 @@ categories = ctype messages monetary numeric time paper name \ - address telephone measurement identification collate - aux = $(categories:%=lc-%) $(categories:%=C-%) SYS_libc C_name \ - xlocale localename global-locale coll-lookup --others = localedef locale -+others = localedef - #others-static = localedef locale --install-bin = localedef locale -+install-bin = localedef - extra-objs = $(localedef-modules:=.o) $(localedef-aux:=.o) \ - $(locale-modules:=.o) $(lib-modules:=.o) - generated += C-translit.h - before-compile += $(objpfx)C-translit.h - --extra-libs = libBrokenLocale -+#extra-libs = libBrokenLocale - extra-libs-others = $(extra-libs) - - libBrokenLocale-routines = broken_cur_max --- -2.40.1 - diff --git a/packages/glibc/glibc-cs-path.patch b/packages/glibc/glibc-cs-path.patch deleted file mode 100644 index aafa74196d3..00000000000 --- a/packages/glibc/glibc-cs-path.patch +++ /dev/null @@ -1,15 +0,0 @@ -Short description: Adjust CS_PATH return value. -Author(s): Fedora glibc team -Origin: PATCH -Upstream status: not-needed - -In Fedora we should return only /usr/bin because /bin is just a symlink -to /usr/bin after MoveToUsr transition (which glibc has not really -completed). - -diff -pruN a/sysdeps/unix/confstr.h b/sysdeps/unix/confstr.h ---- a/sysdeps/unix/confstr.h 2012-12-25 08:32:13.000000000 +0530 -+++ b/sysdeps/unix/confstr.h 2014-09-05 20:02:55.698275219 +0530 -@@ -1 +1 @@ --#define CS_PATH "/bin:/usr/bin" -+#define CS_PATH "/usr/bin" diff --git a/packages/glibc/glibc-tmpfiles.conf b/packages/glibc/glibc-tmpfiles.conf deleted file mode 100644 index 6c6a67e22ad..00000000000 --- a/packages/glibc/glibc-tmpfiles.conf +++ /dev/null @@ -1,5 +0,0 @@ -C /etc/ld.so.conf 0644 root root - -f /etc/ld.so.cache 0644 root root - -d /etc/ld.so.conf.d/ 0644 root root - -d /run/cache/ldconfig 0700 root root - -f /run/cache/ldconfig/aux-cache 0600 root root - diff --git a/packages/glibc/glibc.spec b/packages/glibc/glibc.spec deleted file mode 100644 index 66015de15eb..00000000000 --- a/packages/glibc/glibc.spec +++ /dev/null @@ -1,315 +0,0 @@ -Name: %{_cross_os}glibc -Version: 2.38 -Release: 1%{?dist} -Summary: The GNU libc libraries -License: LGPL-2.1-or-later AND (LGPL-2.1-or-later WITH GCC-exception-2.0) AND GPL-2.0-or-later AND (GPL-2.0-or-later WITH GCC-exception-2.0) AND BSD-3-Clause AND ISC -URL: http://www.gnu.org/software/glibc/ -Source0: https://ftp.gnu.org/gnu/glibc/glibc-%{version}.tar.xz -Source1: glibc-tmpfiles.conf -Source2: ld.so.conf -Source3: ldconfig-service.conf -Source4: tz-utc.txt - -# We include this patch as a source file to have more control over how it's -# applied and reverted during the build. -Source99: HACK-only-build-and-install-localedef.patch - -# Upstream patches from 2.38 release branch: -# ``` -# git checkout origin/release/2.38/master -# git format-patch --no-numbered glibc-2.38.. -# ``` -Patch0001: 0001-stdlib-Improve-tst-realpath-compatibility-with-sourc.patch -Patch0002: 0002-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch -Patch0003: 0003-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch -Patch0004: 0004-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch -Patch0005: 0005-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch -Patch0006: 0006-i686-Fix-build-with-disable-multiarch.patch -Patch0007: 0007-malloc-Enable-merging-of-remainders-in-memalign-bug-.patch -Patch0008: 0008-malloc-Remove-bin-scanning-from-memalign-bug-30723.patch -Patch0009: 0009-sysdeps-tst-bz21269-fix-test-parameter.patch -Patch0010: 0010-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch -Patch0011: 0011-sysdeps-tst-bz21269-fix-Wreturn-type.patch -Patch0012: 0012-io-Fix-record-locking-contants-for-powerpc64-with-__.patch -Patch0013: 0013-libio-Fix-oversized-__io_vtables.patch -Patch0014: 0014-elf-Do-not-run-constructors-for-proxy-objects.patch -Patch0015: 0015-elf-Always-call-destructors-in-reverse-constructor-o.patch -Patch0016: 0016-elf-Remove-unused-l_text_end-field-from-struct-link_.patch -Patch0017: 0017-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch -Patch0018: 0018-NEWS-Add-the-2.38.1-bug-list.patch -Patch0019: 0019-CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch -Patch0020: 0020-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch -Patch0021: 0021-iconv-restore-verbosity-with-unrecognized-encoding-n.patch -Patch0022: 0022-string-Fix-tester-build-with-fortify-enable-with-gcc.patch -Patch0023: 0023-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch -Patch0024: 0024-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch -Patch0025: 0025-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch -Patch0026: 0026-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch -Patch0027: 0027-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch -Patch0028: 0028-Revert-elf-Remove-unused-l_text_end-field-from-struc.patch -Patch0029: 0029-Revert-elf-Always-call-destructors-in-reverse-constr.patch -Patch0030: 0030-Revert-elf-Move-l_init_called_next-to-old-place-of-l.patch -Patch0031: 0031-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch -Patch0032: 0032-elf-Fix-wrong-break-removal-from-8ee878592c.patch -Patch0033: 0033-LoongArch-Delete-excessively-allocated-memory.patch -Patch0034: 0034-elf-Fix-TLS-modid-reuse-generation-assignment-BZ-290.patch -Patch0035: 0035-elf-Add-TLS-modid-reuse-test-for-bug-29039.patch -Patch0036: 0036-x86-64-Fix-the-dtv-field-load-for-x32-BZ-31184.patch -Patch0037: 0037-x86-64-Fix-the-tcb-field-load-for-x32-BZ-31185.patch -Patch0038: 0038-NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch -Patch0039: 0039-NEWS-Mention-bug-fixes-for-30745-30843.patch -Patch0040: 0040-getaddrinfo-translate-ENOMEM-to-EAI_MEMORY-bug-31163.patch -Patch0041: 0041-libio-Check-remaining-buffer-size-in-_IO_wdo_write-b.patch -Patch0042: 0042-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch -Patch0043: 0043-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch -Patch0044: 0044-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch -Patch0045: 0045-x86_64-Optimize-ffsll-function-code-size.patch -Patch0046: 0046-S390-Fix-building-with-disable-mutli-arch-BZ-31196.patch -Patch0047: 0047-sparc-Fix-broken-memset-for-sparc32-BZ-31068.patch -Patch0048: 0048-sparc64-Remove-unwind-information-from-signal-return.patch -Patch0049: 0049-sparc-Fix-sparc64-memmove-length-comparison-BZ-31266.patch -Patch0050: 0050-sparc-Remove-unwind-information-from-signal-return-s.patch -Patch0051: 0051-arm-Remove-wrong-ldr-from-_dl_start_user-BZ-31339.patch -Patch0052: 0052-malloc-Use-__get_nprocs-on-arena_get2-BZ-30945.patch -Patch0053: 0053-S390-Do-not-clobber-r7-in-clone-BZ-31402.patch -Patch0054: 0054-linux-Use-rseq-area-unconditionally-in-sched_getcpu-.patch -Patch0055: 0055-LoongArch-Correct-__ieee754-_-_scalb-__ieee754-_-_sc.patch -Patch0056: 0056-Add-HWCAP2_MOPS-from-Linux-6.5-to-AArch64-bits-hwcap.patch -Patch0057: 0057-AArch64-Add-support-for-MOPS-memcpy-memmove-memset.patch -Patch0058: 0058-AArch64-Cleanup-ifuncs.patch -Patch0059: 0059-AArch64-Cleanup-emag-memset.patch -Patch0060: 0060-AArch64-Add-memset_zva64.patch -Patch0061: 0061-AArch64-Remove-Falkor-memcpy.patch -Patch0062: 0062-aarch64-correct-CFI-in-rawmemchr-bug-31113.patch -Patch0063: 0063-aarch64-fix-check-for-SVE-support-in-assembler.patch -Patch0064: 0064-AArch64-Check-kernel-version-for-SVE-ifuncs.patch -Patch0065: 0065-powerpc-Fix-ld.so-address-determination-for-PCREL-mo.patch -Patch0066: 0066-iconv-ISO-2022-CN-EXT-fix-out-of-bound-writes-when-w.patch -Patch0067: 0067-sparc-Remove-64-bit-check-on-sparc32-wordsize-BZ-275.patch -Patch0068: 0068-login-Check-default-sizes-of-structs-utmp-utmpx-last.patch -Patch0069: 0069-login-structs-utmp-utmpx-lastlog-_TIME_BITS-independ.patch -Patch0070: 0070-nptl-Fix-tst-cancel30-on-kernels-without-ppoll_time6.patch - -# Fedora patches -Patch1001: glibc-cs-path.patch - -# Local patches -Patch9001: 9001-move-ldconfig-cache-to-ephemeral-storage.patch - -%description -%{summary}. - -%package devel -Summary: Files for development using the GNU libc libraries. -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -Sgit -n glibc-%{version} -p1 - -%global glibc_configure %{shrink: \ -BUILDFLAGS="-O2 -g -Wp,-D_GLIBCXX_ASSERTIONS -fstack-clash-protection" \ -CFLAGS="${BUILDFLAGS}" CPPFLAGS="" CXXFLAGS="${BUILDFLAGS}" \ -../configure \ - --prefix="%{_cross_prefix}" \ - --sysconfdir="%{_cross_sysconfdir}" \ - --localstatedir="%{_cross_localstatedir}" \ - --enable-bind-now \ - --enable-fortify-source \ - --enable-multi-arch \ - --enable-shared \ - --enable-stack-protector=strong \ - --disable-build-nscd \ - --disable-crypt \ - --disable-nscd \ - --disable-profile \ - --disable-systemtap \ - --disable-timezone-tools \ - --without-gd \ - --without-selinux - %{nil}} - -%build - -# First build the host tools we need, namely `localedef`. Apply a patch from -# Buildroot that allows us to build just this program and not everything. -patch -p1 < %{S:99} - -mkdir build -pushd build -%glibc_configure -make %{?_smp_mflags} -O -r locale/others -mv locale/localedef %{_builddir}/localedef -popd - -# Remove the previous build, revert the patch, and verify that the tree is -# clean, since we don't want to contaminate our target build. -rm -rf build -patch -p1 -R < %{S:99} -git diff --quiet - -# Now build for the target. This is what will end up in the package, except -# for the C.UTF-8 locale, which we need `localedef` to generate. -mkdir build -pushd build -%glibc_configure \ - --target="%{_cross_target}" \ - --host="%{_cross_target}" \ - --build="%{_build}" \ - --with-headers="%{_cross_includedir}" \ - --enable-kernel="5.10.0" -make %{?_smp_mflags} -O -r -popd - -%install -pushd build -make -j1 install_root=%{buildroot} install -# By default, LOCALEDEF refers to the target binary, and is invoked by the -# dynamic linker that was just built for the target. Neither will run on a -# build host with a different architecture. The locale format is compatible -# across architectures but not across glibc versions, so we can't rely on -# the binary in the SDK and must use the one we built earlier. -make -j1 install_root=%{buildroot} install-files-C.UTF-8/UTF-8 -C ../localedata objdir="$(pwd)" \ - LOCALEDEF="I18NPATH=. GCONV_PATH=$(pwd)/../iconvdata LC_ALL=C %{_builddir}/localedef" -popd - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir} -install -d %{buildroot}%{_cross_unitdir}/ldconfig.service.d - -install -p -m 0644 %{S:1} %{buildroot}%{_cross_tmpfilesdir}/glibc.conf -install -p -m 0644 %{S:2} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/ld.so.conf -install -p -m 0644 %{S:3} %{buildroot}%{_cross_unitdir}/ldconfig.service.d/ldconfig.conf - -truncate -s 0 %{buildroot}%{_cross_libdir}/gconv/gconv-modules -chmod 644 %{buildroot}%{_cross_libdir}/gconv/gconv-modules -truncate -s 0 %{buildroot}%{_cross_libdir}/gconv/gconv-modules.cache -chmod 644 %{buildroot}%{_cross_libdir}/gconv/gconv-modules.cache - -truncate -s 0 %{buildroot}%{_cross_datadir}/locale/locale.alias -chmod 644 %{buildroot}%{_cross_datadir}/locale/locale.alias - -install -d %{buildroot}%{_cross_datadir}/zoneinfo -base64 --decode %{S:4} > %{buildroot}%{_cross_datadir}/zoneinfo/UTC - -%files -%license COPYING COPYING.LIB LICENSES -%{_cross_attribution_file} -%{_cross_tmpfilesdir}/glibc.conf -%exclude %{_cross_sysconfdir}/rpc - -%{_cross_bindir}/getconf -%{_cross_bindir}/getent -%exclude %{_cross_bindir}/gencat -%exclude %{_cross_bindir}/iconv -%exclude %{_cross_bindir}/ld.so -%exclude %{_cross_bindir}/ldd -%exclude %{_cross_bindir}/locale -%exclude %{_cross_bindir}/localedef -%exclude %{_cross_bindir}/makedb -%exclude %{_cross_bindir}/mtrace -%exclude %{_cross_bindir}/pldd -%exclude %{_cross_bindir}/pcprofiledump -%exclude %{_cross_bindir}/sotruss -%exclude %{_cross_bindir}/sprof -%exclude %{_cross_bindir}/xtrace - -%{_cross_sbindir}/ldconfig -%exclude %{_cross_sbindir}/iconvconfig -%exclude %{_cross_sbindir}/sln - -%dir %{_cross_libexecdir}/getconf -%{_cross_libexecdir}/getconf/* - -%{_cross_libdir}/ld-linux-*.so.* -%{_cross_libdir}/libBrokenLocale.so.* -%{_cross_libdir}/libanl.so.* -%{_cross_libdir}/libc.so.* -%{_cross_libdir}/libdl.so.* -%{_cross_libdir}/libm.so.* -%{_cross_libdir}/libnss_dns.so.* -%{_cross_libdir}/libnss_files.so.* -%{_cross_libdir}/libpthread.so.* -%{_cross_libdir}/libresolv.so.* -%{_cross_libdir}/librt.so.* -%{_cross_libdir}/libthread_db.so.* -%{_cross_libdir}/libutil.so.* -%{_cross_libdir}/libmvec.so.* -%exclude %{_cross_libdir}/audit/sotruss-lib.so -%exclude %{_cross_libdir}/libc_malloc_debug.so.* -%exclude %{_cross_libdir}/libmemusage.so -%exclude %{_cross_libdir}/libpcprofile.so -%exclude %{_cross_libdir}/libnsl.so.* -%exclude %{_cross_libdir}/libnss_compat.so.* -%exclude %{_cross_libdir}/libnss_db.so.* -%exclude %{_cross_libdir}/libnss_hesiod.so.* - -%dir %{_cross_libdir}/gconv -%dir %{_cross_libdir}/gconv/gconv-modules.d -%{_cross_libdir}/gconv/gconv-modules -%{_cross_libdir}/gconv/gconv-modules.cache -%exclude %{_cross_libdir}/gconv/*.so -%exclude %{_cross_libdir}/gconv/gconv-modules.d/*.conf - -%dir %{_cross_libdir}/locale -%dir %{_cross_libdir}/locale/C.utf8 -%{_cross_libdir}/locale/C.utf8/LC_* - -%dir %{_cross_datadir}/i18n -%dir %{_cross_datadir}/i18n/charmaps -%dir %{_cross_datadir}/i18n/locales -%dir %{_cross_datadir}/locale -%{_cross_datadir}/locale/locale.alias -%dir %{_cross_datadir}/zoneinfo -%{_cross_datadir}/zoneinfo/UTC -%exclude %{_cross_datadir}/i18n/charmaps/* -%exclude %{_cross_datadir}/i18n/locales/* -%exclude %{_cross_datadir}/locale/* -%exclude %{_cross_localstatedir}/db/Makefile - -%dir %{_cross_factorydir} -%{_cross_factorydir}%{_cross_sysconfdir}/ld.so.conf - -%dir %{_cross_unitdir}/ldconfig.service.d -%{_cross_libdir}/systemd/system/ldconfig.service.d/ldconfig.conf - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.o -%{_cross_libdir}/libBrokenLocale.so -%{_cross_libdir}/libanl.so -%{_cross_libdir}/libc.so -%{_cross_libdir}/libm.so -%{_cross_libdir}/libresolv.so -%{_cross_libdir}/libthread_db.so -%{_cross_libdir}/libmvec.so -%exclude %{_cross_libdir}/libc_malloc_debug.so -%exclude %{_cross_libdir}/libnss_compat.so -%exclude %{_cross_libdir}/libnss_db.so -%exclude %{_cross_libdir}/libnss_hesiod.so - -%dir %{_cross_includedir}/arpa -%dir %{_cross_includedir}/bits -%dir %{_cross_includedir}/gnu -%dir %{_cross_includedir}/net -%dir %{_cross_includedir}/netinet -%dir %{_cross_includedir}/netipx -%dir %{_cross_includedir}/netiucv -%dir %{_cross_includedir}/netpacket -%dir %{_cross_includedir}/netrose -%dir %{_cross_includedir}/nfs -%dir %{_cross_includedir}/protocols -%dir %{_cross_includedir}/rpc -%dir %{_cross_includedir}/scsi -%dir %{_cross_includedir}/sys -%dir %{_cross_includedir}/netash -%dir %{_cross_includedir}/netatalk -%dir %{_cross_includedir}/netax25 -%dir %{_cross_includedir}/neteconet -%dir %{_cross_includedir}/netrom -%{_cross_includedir}/*.h -%{_cross_includedir}/*/* - -%changelog diff --git a/packages/glibc/ld.so.conf b/packages/glibc/ld.so.conf deleted file mode 100644 index 44f88096aff..00000000000 --- a/packages/glibc/ld.so.conf +++ /dev/null @@ -1 +0,0 @@ -include ld.so.conf.d/*.conf diff --git a/packages/glibc/ldconfig-service.conf b/packages/glibc/ldconfig-service.conf deleted file mode 100644 index bf77ef373a5..00000000000 --- a/packages/glibc/ldconfig-service.conf +++ /dev/null @@ -1,4 +0,0 @@ -[Unit] -# Run `ldconfig.service` after `tmpfilesd`, since `ldconfig` will attempt to -# read files from `/etc/ld.so.conf.d`, which are created by `tmpfilesd` -After=systemd-tmpfiles-setup.service diff --git a/packages/glibc/tz-utc.txt b/packages/glibc/tz-utc.txt deleted file mode 100644 index 82b9d78521c..00000000000 --- a/packages/glibc/tz-utc.txt +++ /dev/null @@ -1 +0,0 @@ -VFppZjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAQAAAAAAABVVEMAVFppZjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAQAAAAAAABVVEMAClVUQzAK \ No newline at end of file diff --git a/packages/grep/Cargo.toml b/packages/grep/Cargo.toml deleted file mode 100644 index 64e3334ead9..00000000000 --- a/packages/grep/Cargo.toml +++ /dev/null @@ -1,23 +0,0 @@ -[package] -name = "grep" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://mirrors.kernel.org/gnu/grep" - -[[package.metadata.build-package.external-files]] -url = "https://mirrors.kernel.org/gnu/grep/grep-3.9.tar.xz" -sha512 = "38aaa28bded9f6d1d527356e9e63bb1dafb4ec8f09e83f2d3bc86c1d6af1a5a8cb9895067375b5b8929ec2cba6ab71c369ed4c6e2a0f7a01dec3c11a6f4c1836" - -[dependencies] -libpcre = { path = "../libpcre" } - -[build-dependencies] -libpcre = { path = "../libpcre" } -glibc = { path = "../glibc" } diff --git a/packages/grep/grep.spec b/packages/grep/grep.spec deleted file mode 100644 index 4d7a9323751..00000000000 --- a/packages/grep/grep.spec +++ /dev/null @@ -1,34 +0,0 @@ -Name: %{_cross_os}grep -Version: 3.9 -Release: 1%{?dist} -Summary: GNU grep utility -URL: https://www.gnu.org/software/grep/ -License: GPL-3.0-or-later -Source: https://mirrors.kernel.org/gnu/grep/grep-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libpcre-devel -Requires: %{_cross_os}libpcre - -%description -%{summary}. - -%prep -%setup -n grep-%{version} - -%build -%cross_configure --without-included-regex --disable-silent-rules -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_bindir}/grep -%{_cross_attribution_file} -# Exclude fgrep and egrep because they are shell scripts -%exclude %{_cross_bindir}/fgrep -%exclude %{_cross_bindir}/egrep -%exclude %{_cross_infodir} -%exclude %{_cross_localedir} -%exclude %{_cross_mandir} diff --git a/packages/grub/0001-setup-Add-root-device-argument-to-grub-setup.patch b/packages/grub/0001-setup-Add-root-device-argument-to-grub-setup.patch deleted file mode 100644 index 797be2631e3..00000000000 --- a/packages/grub/0001-setup-Add-root-device-argument-to-grub-setup.patch +++ /dev/null @@ -1,147 +0,0 @@ -From fa856e9d6cce8cac8f55bb00392725961c264b8f Mon Sep 17 00:00:00 2001 -From: iliana destroyer of worlds -Date: Tue, 6 Aug 2019 17:37:19 +0000 -Subject: [PATCH] setup: Add root device argument to grub-setup - -This patch originates from the OpenWRT tree: -https://github.com/openwrt/openwrt/blob/65c8f2890ca4f41f5b933b5bc1e43de86cc1bd54/package/boot/grub2/patches/100-grub_setup_root.patch ---- - include/grub/util/install.h | 4 ++-- - util/grub-install.c | 4 ++-- - util/grub-setup.c | 12 +++++++++++- - util/setup.c | 10 +++++++--- - 4 files changed, 22 insertions(+), 8 deletions(-) - -[bcressey: updated for grub 2.06] -Signed-off-by: Ben Cressey - -diff --git a/include/grub/util/install.h b/include/grub/util/install.h -index 51f3b13..18cd28f 100644 ---- a/include/grub/util/install.h -+++ b/include/grub/util/install.h -@@ -205,13 +205,13 @@ grub_install_get_image_target (const char *arg); - void - grub_util_bios_setup (const char *dir, - const char *boot_file, const char *core_file, -- const char *dest, int force, -+ const char *root, const char *dest, int force, - int fs_probe, int allow_floppy, - int add_rs_codes, int warn_short_mbr_gap); - void - grub_util_sparc_setup (const char *dir, - const char *boot_file, const char *core_file, -- const char *dest, int force, -+ const char *root, const char *dest, int force, - int fs_probe, int allow_floppy, - int add_rs_codes, int warn_short_mbr_gap); - -diff --git a/util/grub-install.c b/util/grub-install.c -index 5babc7a..4233ac8 100644 ---- a/util/grub-install.c -+++ b/util/grub-install.c -@@ -1770,7 +1770,7 @@ main (int argc, char *argv[]) - if (install_bootsector) - { - grub_util_bios_setup (platdir, "boot.img", "core.img", -- install_drive, force, -+ NULL, install_drive, force, - fs_probe, allow_floppy, add_rs_codes, - !grub_install_is_short_mbrgap_supported ()); - -@@ -1801,7 +1801,7 @@ main (int argc, char *argv[]) - if (install_bootsector) - { - grub_util_sparc_setup (platdir, "boot.img", "core.img", -- install_drive, force, -+ NULL, install_drive, force, - fs_probe, allow_floppy, - 0 /* unused */, 0 /* unused */ ); - -diff --git a/util/grub-setup.c b/util/grub-setup.c -index 1783224..48cde49 100644 ---- a/util/grub-setup.c -+++ b/util/grub-setup.c -@@ -87,6 +87,8 @@ static struct argp_option options[] = { - N_("install even if problems are detected"), 0}, - {"skip-fs-probe",'s',0, 0, - N_("do not probe for filesystems in DEVICE"), 0}, -+ {"root-device", 'r', N_("DEVICE"), 0, -+ N_("use DEVICE as the root device"), 0}, - {"verbose", 'v', 0, 0, N_("print verbose messages."), 0}, - {"allow-floppy", 'a', 0, 0, - /* TRANSLATORS: The potential breakage isn't limited to floppies but it's -@@ -130,6 +132,7 @@ struct arguments - char *core_file; - char *dir; - char *dev_map; -+ char *root_dev; - int force; - int fs_probe; - int allow_floppy; -@@ -178,6 +181,13 @@ argp_parser (int key, char *arg, struct argp_state *state) - arguments->dev_map = xstrdup (arg); - break; - -+ case 'r': -+ if (arguments->root_dev) -+ free (arguments->root_dev); -+ -+ arguments->root_dev = xstrdup (arg); -+ break; -+ - case 'f': - arguments->force = 1; - break; -@@ -313,7 +323,7 @@ main (int argc, char *argv[]) - GRUB_SETUP_FUNC (arguments.dir ? : DEFAULT_DIRECTORY, - arguments.boot_file ? : DEFAULT_BOOT_FILE, - arguments.core_file ? : DEFAULT_CORE_FILE, -- dest_dev, arguments.force, -+ arguments.root_dev, dest_dev, arguments.force, - arguments.fs_probe, arguments.allow_floppy, - arguments.add_rs_codes, 0); - -diff --git a/util/setup.c b/util/setup.c -index 8b22bb8..960aeda 100644 ---- a/util/setup.c -+++ b/util/setup.c -@@ -252,14 +252,13 @@ identify_partmap (grub_disk_t disk __attribute__ ((unused)), - void - SETUP (const char *dir, - const char *boot_file, const char *core_file, -- const char *dest, int force, -+ const char *root, const char *dest, int force, - int fs_probe, int allow_floppy, - int add_rs_codes __attribute__ ((unused)), /* unused on sparc64 */ - int warn_small) - { - char *core_path; - char *boot_img, *core_img, *boot_path; -- char *root = 0; - size_t boot_size, core_size; - grub_uint16_t core_sectors; - grub_device_t root_dev = 0, dest_dev, core_dev; -@@ -311,7 +310,10 @@ SETUP (const char *dir, - - core_dev = dest_dev; - -- { -+ if (root) -+ root_dev = grub_device_open(root); -+ -+ if (!root_dev) { - char **root_devices = grub_guess_root_devices (dir); - char **cur; - int found = 0; -@@ -324,6 +326,8 @@ SETUP (const char *dir, - char *drive; - grub_device_t try_dev; - -+ if (root_dev) -+ break; - drive = grub_util_get_grub_dev (*cur); - if (!drive) - continue; --- -2.21.3 - diff --git a/packages/grub/0002-gpt-start-new-GPT-module.patch b/packages/grub/0002-gpt-start-new-GPT-module.patch deleted file mode 100644 index d6d32c8894e..00000000000 --- a/packages/grub/0002-gpt-start-new-GPT-module.patch +++ /dev/null @@ -1,923 +0,0 @@ -From b0aec16d82a40c58ed47235c8b10612d07645eaa Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Sun, 28 Sep 2014 21:26:21 -0700 -Subject: [PATCH] gpt: start new GPT module - -This module is a new implementation for reading GUID Partition Tables -which is much stricter than the existing part_gpt module and exports GPT -data directly instead of the generic grub_partition structure. It will -be the basis for modules that need to read/write/update GPT data. - -The current code does nothing more than read and verify the table. ---- - Makefile.util.def | 16 ++ - grub-core/Makefile.core.def | 5 + - grub-core/lib/gpt.c | 288 +++++++++++++++++++++ - include/grub/gpt_partition.h | 60 +++++ - tests/gpt_unit_test.c | 467 +++++++++++++++++++++++++++++++++++ - 5 files changed, 836 insertions(+) - create mode 100644 grub-core/lib/gpt.c - create mode 100644 tests/gpt_unit_test.c - -diff --git a/Makefile.util.def b/Makefile.util.def -index 3f191aa..c7efe17 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -1389,6 +1389,22 @@ program = { - ldadd = '$(LIBDEVMAPPER) $(LIBZFS) $(LIBNVPAIR) $(LIBGEOM)'; - }; - -+program = { -+ testcase; -+ name = gpt_unit_test; -+ common = tests/gpt_unit_test.c; -+ common = tests/lib/unit_test.c; -+ common = grub-core/disk/host.c; -+ common = grub-core/kern/emu/hostfs.c; -+ common = grub-core/lib/gpt.c; -+ common = grub-core/tests/lib/test.c; -+ ldadd = libgrubmods.a; -+ ldadd = libgrubgcry.a; -+ ldadd = libgrubkern.a; -+ ldadd = grub-core/gnulib/libgnu.a; -+ ldadd = '$(LIBDEVMAPPER) $(LIBZFS) $(LIBNVPAIR) $(LIBGEOM)'; -+}; -+ - program = { - name = grub-menulst2cfg; - mansection = 1; -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 5212faf..e9cce06 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -942,6 +942,11 @@ module = { - common = commands/gptsync.c; - }; - -+module = { -+ name = gpt; -+ common = lib/gpt.c; -+}; -+ - module = { - name = halt; - nopc = commands/halt.c; -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -new file mode 100644 -index 0000000..a308e85 ---- /dev/null -+++ b/grub-core/lib/gpt.c -@@ -0,0 +1,288 @@ -+/* gpt.c - Read/Verify/Write GUID Partition Tables (GPT). */ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2002,2005,2006,2007,2008 Free Software Foundation, Inc. -+ * Copyright (C) 2014 CoreOS, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static grub_uint8_t grub_gpt_magic[] = GRUB_GPT_HEADER_MAGIC; -+ -+ -+static grub_err_t -+grub_gpt_header_crc32 (struct grub_gpt_header *gpt, grub_uint32_t *crc) -+{ -+ grub_uint8_t *crc32_context; -+ grub_uint32_t old; -+ -+ crc32_context = grub_zalloc (GRUB_MD_CRC32->contextsize); -+ if (!crc32_context) -+ return grub_errno; -+ -+ /* crc32 must be computed with the field cleared. */ -+ old = gpt->crc32; -+ gpt->crc32 = 0; -+ GRUB_MD_CRC32->init (crc32_context); -+ GRUB_MD_CRC32->write (crc32_context, gpt, sizeof (*gpt)); -+ GRUB_MD_CRC32->final (crc32_context); -+ gpt->crc32 = old; -+ -+ /* GRUB_MD_CRC32 always uses big endian, gpt is always little. */ -+ *crc = grub_swap_bytes32 (*(grub_uint32_t *) -+ GRUB_MD_CRC32->read (crc32_context)); -+ -+ grub_free (crc32_context); -+ -+ return GRUB_ERR_NONE; -+} -+ -+/* Make sure the MBR is a protective MBR and not a normal MBR. */ -+grub_err_t -+grub_gpt_pmbr_check (struct grub_msdos_partition_mbr *mbr) -+{ -+ unsigned int i; -+ -+ if (mbr->signature != -+ grub_cpu_to_le16_compile_time (GRUB_PC_PARTITION_SIGNATURE)) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid MBR signature"); -+ -+ for (i = 0; i < sizeof (mbr->entries); i++) -+ if (mbr->entries[i].type == GRUB_PC_PARTITION_TYPE_GPT_DISK) -+ return GRUB_ERR_NONE; -+ -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid protective MBR"); -+} -+ -+grub_err_t -+grub_gpt_header_check (struct grub_gpt_header *gpt, -+ unsigned int log_sector_size) -+{ -+ grub_uint32_t crc = 0, size; -+ -+ if (grub_memcmp (gpt->magic, grub_gpt_magic, sizeof (grub_gpt_magic)) != 0) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT signature"); -+ -+ if (gpt->version != GRUB_GPT_HEADER_VERSION) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "unknown GPT version"); -+ -+ if (grub_gpt_header_crc32 (gpt, &crc)) -+ return grub_errno; -+ -+ if (gpt->crc32 != crc) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT header crc32"); -+ -+ /* The header size must be between 92 and the sector size. */ -+ size = grub_le_to_cpu32 (gpt->headersize); -+ if (size < 92U || size > (1U << log_sector_size)) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT header size"); -+ -+ /* The partition entry size must be a multiple of 128. */ -+ size = grub_le_to_cpu32 (gpt->partentry_size); -+ if (size < 128 || size % 128) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT entry size"); -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_gpt_read_primary (grub_disk_t disk, grub_gpt_t gpt) -+{ -+ grub_disk_addr_t addr; -+ -+ /* TODO: The gpt partmap module searches for the primary header instead -+ * of relying on the disk's sector size. For now trust the disk driver -+ * but eventually this code should match the existing behavior. */ -+ gpt->log_sector_size = disk->log_sector_size; -+ -+ addr = grub_gpt_sector_to_addr (gpt, 1); -+ if (grub_disk_read (disk, addr, 0, sizeof (gpt->primary), &gpt->primary)) -+ return grub_errno; -+ -+ if (grub_gpt_header_check (&gpt->primary, gpt->log_sector_size)) -+ return grub_errno; -+ -+ gpt->status |= GRUB_GPT_PRIMARY_HEADER_VALID; -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_gpt_read_backup (grub_disk_t disk, grub_gpt_t gpt) -+{ -+ grub_uint64_t sector; -+ grub_disk_addr_t addr; -+ -+ /* Assumes gpt->log_sector_size == disk->log_sector_size */ -+ if (disk->total_sectors != GRUB_DISK_SIZE_UNKNOWN) -+ sector = disk->total_sectors - 1; -+ else if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -+ sector = grub_le_to_cpu64 (gpt->primary.backup); -+ else -+ return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -+ "Unable to locate backup GPT"); -+ -+ addr = grub_gpt_sector_to_addr (gpt, sector); -+ if (grub_disk_read (disk, addr, 0, sizeof (gpt->backup), &gpt->backup)) -+ return grub_errno; -+ -+ if (grub_gpt_header_check (&gpt->backup, gpt->log_sector_size)) -+ return grub_errno; -+ -+ gpt->status |= GRUB_GPT_BACKUP_HEADER_VALID; -+ return GRUB_ERR_NONE; -+} -+ -+static struct grub_gpt_partentry * -+grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, -+ struct grub_gpt_header *header) -+{ -+ struct grub_gpt_partentry *entries = NULL; -+ grub_uint8_t *crc32_context = NULL; -+ grub_uint32_t count, size, crc; -+ grub_disk_addr_t addr; -+ grub_size_t entries_size; -+ -+ /* Grub doesn't include calloc, hence the manual overflow check. */ -+ count = grub_le_to_cpu32 (header->maxpart); -+ size = grub_le_to_cpu32 (header->partentry_size); -+ entries_size = count *size; -+ if (size && entries_size / size != count) -+ { -+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory")); -+ goto fail; -+ } -+ -+ entries = grub_malloc (entries_size); -+ if (!entries) -+ goto fail; -+ -+ addr = grub_gpt_sector_to_addr (gpt, grub_le_to_cpu64 (header->partitions)); -+ if (grub_disk_read (disk, addr, 0, entries_size, entries)) -+ goto fail; -+ -+ crc32_context = grub_zalloc (GRUB_MD_CRC32->contextsize); -+ if (!crc32_context) -+ goto fail; -+ -+ GRUB_MD_CRC32->init (crc32_context); -+ GRUB_MD_CRC32->write (crc32_context, entries, entries_size); -+ GRUB_MD_CRC32->final (crc32_context); -+ -+ crc = *(grub_uint32_t *) GRUB_MD_CRC32->read (crc32_context); -+ if (grub_swap_bytes32 (crc) != header->partentry_crc32) -+ { -+ grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT entry crc32"); -+ goto fail; -+ } -+ -+ grub_free (crc32_context); -+ return entries; -+ -+fail: -+ grub_free (entries); -+ grub_free (crc32_context); -+ return NULL; -+} -+ -+grub_gpt_t -+grub_gpt_read (grub_disk_t disk) -+{ -+ grub_gpt_t gpt; -+ struct grub_gpt_partentry *backup_entries; -+ -+ gpt = grub_zalloc (sizeof (*gpt)); -+ if (!gpt) -+ goto fail; -+ -+ if (grub_disk_read (disk, 0, 0, sizeof (gpt->mbr), &gpt->mbr)) -+ goto fail; -+ -+ /* Check the MBR but errors aren't reported beyond the status bit. */ -+ if (grub_gpt_pmbr_check (&gpt->mbr)) -+ grub_errno = GRUB_ERR_NONE; -+ else -+ gpt->status |= GRUB_GPT_PROTECTIVE_MBR; -+ -+ /* If both the primary and backup fail report the primary's error. */ -+ if (grub_gpt_read_primary (disk, gpt)) -+ { -+ grub_error_push (); -+ grub_gpt_read_backup (disk, gpt); -+ grub_error_pop (); -+ } -+ else -+ grub_gpt_read_backup (disk, gpt); -+ -+ /* If either succeeded clear any possible error from the other. */ -+ if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID || -+ gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) -+ grub_errno = GRUB_ERR_NONE; -+ else -+ goto fail; -+ -+ /* Same error handling scheme for the entry tables. */ -+ gpt->entries = grub_gpt_read_entries (disk, gpt, &gpt->primary); -+ if (!gpt->entries) -+ { -+ grub_error_push (); -+ backup_entries = grub_gpt_read_entries (disk, gpt, &gpt->backup); -+ grub_error_pop (); -+ } -+ else -+ { -+ gpt->status |= GRUB_GPT_PRIMARY_ENTRIES_VALID; -+ backup_entries = grub_gpt_read_entries (disk, gpt, &gpt->backup); -+ } -+ -+ if (backup_entries) -+ { -+ gpt->status |= GRUB_GPT_BACKUP_ENTRIES_VALID; -+ -+ if (gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID) -+ grub_free (backup_entries); -+ else -+ gpt->entries = backup_entries; -+ } -+ -+ if (gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID || -+ gpt->status & GRUB_GPT_BACKUP_ENTRIES_VALID) -+ { -+ grub_errno = GRUB_ERR_NONE; -+ return gpt; -+ } -+ -+fail: -+ grub_gpt_free (gpt); -+ return NULL; -+} -+ -+void -+grub_gpt_free (grub_gpt_t gpt) -+{ -+ if (!gpt) -+ return; -+ -+ grub_free (gpt->entries); -+ grub_free (gpt); -+} -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 8212697..8cffe16 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -21,6 +21,7 @@ - - #include - #include -+#include - - struct grub_gpt_part_guid - { -@@ -50,6 +51,12 @@ typedef struct grub_gpt_part_guid grub_gpt_part_guid_t; - { 0x85, 0xD2, 0xE1, 0xE9, 0x04, 0x34, 0xCF, 0xB3 } \ - } - -+#define GRUB_GPT_HEADER_MAGIC \ -+ { 0x45, 0x46, 0x49, 0x20, 0x50, 0x41, 0x52, 0x54 } -+ -+#define GRUB_GPT_HEADER_VERSION \ -+ grub_cpu_to_le32_compile_time (0x00010000U) -+ - struct grub_gpt_header - { - grub_uint8_t magic[8]; -@@ -78,10 +85,63 @@ struct grub_gpt_partentry - char name[72]; - } GRUB_PACKED __attribute__ ((aligned(8))); - -+/* Basic GPT partmap module. */ - grub_err_t - grub_gpt_partition_map_iterate (grub_disk_t disk, - grub_partition_iterate_hook_t hook, - void *hook_data); - -+/* Advanced GPT library. */ -+typedef enum grub_gpt_status -+ { -+ GRUB_GPT_PROTECTIVE_MBR = 0x01, -+ GRUB_GPT_HYBRID_MBR = 0x02, -+ GRUB_GPT_PRIMARY_HEADER_VALID = 0x04, -+ GRUB_GPT_PRIMARY_ENTRIES_VALID = 0x08, -+ GRUB_GPT_BACKUP_HEADER_VALID = 0x10, -+ GRUB_GPT_BACKUP_ENTRIES_VALID = 0x20, -+ } grub_gpt_status_t; -+ -+#define GRUB_GPT_MBR_VALID (GRUB_GPT_PROTECTIVE_MBR|GRUB_GPT_HYBRID_MBR) -+ -+/* UEFI requires the entries table to be at least 16384 bytes for a -+ * total of 128 entries given the standard 128 byte entry size. */ -+#define GRUB_GPT_DEFAULT_ENTRIES_LENGTH 128 -+ -+struct grub_gpt -+{ -+ /* Bit field indicating which structures on disk are valid. */ -+ grub_gpt_status_t status; -+ -+ /* Protective or hybrid MBR. */ -+ struct grub_msdos_partition_mbr mbr; -+ -+ /* Each of the two GPT headers. */ -+ struct grub_gpt_header primary; -+ struct grub_gpt_header backup; -+ -+ /* Only need one entries table, on disk both copies are identical. */ -+ struct grub_gpt_partentry *entries; -+ -+ /* Logarithm of sector size, in case GPT and disk driver disagree. */ -+ unsigned int log_sector_size; -+}; -+typedef struct grub_gpt *grub_gpt_t; -+ -+/* Translate GPT sectors to GRUB's 512 byte block addresses. */ -+static inline grub_disk_addr_t -+grub_gpt_sector_to_addr (grub_gpt_t gpt, grub_uint64_t sector) -+{ -+ return (sector << (gpt->log_sector_size - GRUB_DISK_SECTOR_BITS)); -+} -+ -+/* Allocates and fills new grub_gpt structure, free with grub_gpt_free. */ -+grub_gpt_t grub_gpt_read (grub_disk_t disk); -+ -+void grub_gpt_free (grub_gpt_t gpt); -+ -+grub_err_t grub_gpt_pmbr_check (struct grub_msdos_partition_mbr *mbr); -+grub_err_t grub_gpt_header_check (struct grub_gpt_header *gpt, -+ unsigned int log_sector_size); - - #endif /* ! GRUB_GPT_PARTITION_HEADER */ -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -new file mode 100644 -index 0000000..a824cd9 ---- /dev/null -+++ b/tests/gpt_unit_test.c -@@ -0,0 +1,467 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2014 CoreOS, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+/* from gnulib */ -+#include -+ -+ -+/* GPT section sizes. */ -+#define HEADER_SIZE (sizeof (struct grub_gpt_header)) -+#define HEADER_PAD (GRUB_DISK_SECTOR_SIZE - HEADER_SIZE) -+#define ENTRY_SIZE (sizeof (struct grub_gpt_partentry)) -+#define TABLE_ENTRIES 0x80 -+#define TABLE_SIZE (TABLE_ENTRIES * ENTRY_SIZE) -+#define TABLE_SECTORS (TABLE_SIZE / GRUB_DISK_SECTOR_SIZE) -+ -+/* Double check that the table size calculation was valid. */ -+verify (TABLE_SECTORS * GRUB_DISK_SECTOR_SIZE == TABLE_SIZE); -+ -+/* GPT section locations for a 1MiB disk. */ -+#define DISK_SECTORS 0x800 -+#define DISK_SIZE (GRUB_DISK_SECTOR_SIZE * DISK_SECTORS) -+#define PRIMARY_HEADER_SECTOR 0x1 -+#define PRIMARY_TABLE_SECTOR 0x2 -+#define BACKUP_HEADER_SECTOR (DISK_SECTORS - 0x1) -+#define BACKUP_TABLE_SECTOR (BACKUP_HEADER_SECTOR - TABLE_SECTORS) -+ -+#define DATA_START_SECTOR (PRIMARY_TABLE_SECTOR + TABLE_SECTORS) -+#define DATA_END_SECTOR (BACKUP_TABLE_SECTOR - 0x1) -+#define DATA_SECTORS (BACKUP_TABLE_SECTOR - DATA_START_SECTOR) -+#define DATA_SIZE (GRUB_DISK_SECTOR_SIZE * DATA_SECTORS) -+ -+struct test_disk -+{ -+ struct grub_msdos_partition_mbr mbr; -+ -+ struct grub_gpt_header primary_header; -+ grub_uint8_t primary_header_pad[HEADER_PAD]; -+ struct grub_gpt_partentry primary_entries[TABLE_ENTRIES]; -+ -+ grub_uint8_t data[DATA_SIZE]; -+ -+ struct grub_gpt_partentry backup_entries[TABLE_ENTRIES]; -+ struct grub_gpt_header backup_header; -+ grub_uint8_t backup_header_pad[HEADER_PAD]; -+} GRUB_PACKED; -+ -+/* Sanity check that all the above ugly math was correct. */ -+verify (sizeof (struct test_disk) == DISK_SIZE); -+ -+struct test_data -+{ -+ int fd; -+ grub_device_t dev; -+ struct test_disk *raw; -+}; -+ -+ -+/* Sample primary GPT header for an empty 1MB disk. */ -+static const struct grub_gpt_header example_primary = { -+ .magic = GRUB_GPT_HEADER_MAGIC, -+ .version = GRUB_GPT_HEADER_VERSION, -+ .headersize = sizeof (struct grub_gpt_header), -+ .crc32 = grub_cpu_to_le32_compile_time (0x7cd8642c), -+ .primary = grub_cpu_to_le64_compile_time (PRIMARY_HEADER_SECTOR), -+ .backup = grub_cpu_to_le64_compile_time (BACKUP_HEADER_SECTOR), -+ .start = grub_cpu_to_le64_compile_time (DATA_START_SECTOR), -+ .end = grub_cpu_to_le64_compile_time (DATA_END_SECTOR), -+ .guid = {0xad, 0x31, 0xc1, 0x69, 0xd6, 0x67, 0xc6, 0x46, -+ 0x93, 0xc4, 0x12, 0x4c, 0x75, 0x52, 0x56, 0xac}, -+ .partitions = grub_cpu_to_le64_compile_time (PRIMARY_TABLE_SECTOR), -+ .maxpart = grub_cpu_to_le32_compile_time (TABLE_ENTRIES), -+ .partentry_size = grub_cpu_to_le32_compile_time (ENTRY_SIZE), -+ .partentry_crc32 = grub_cpu_to_le32_compile_time (0xab54d286), -+}; -+ -+/* And the backup header. */ -+static const struct grub_gpt_header example_backup = { -+ .magic = GRUB_GPT_HEADER_MAGIC, -+ .version = GRUB_GPT_HEADER_VERSION, -+ .headersize = sizeof (struct grub_gpt_header), -+ .crc32 = grub_cpu_to_le32_compile_time (0xcfaa4a27), -+ .primary = grub_cpu_to_le64_compile_time (BACKUP_HEADER_SECTOR), -+ .backup = grub_cpu_to_le64_compile_time (PRIMARY_HEADER_SECTOR), -+ .start = grub_cpu_to_le64_compile_time (DATA_START_SECTOR), -+ .end = grub_cpu_to_le64_compile_time (DATA_END_SECTOR), -+ .guid = {0xad, 0x31, 0xc1, 0x69, 0xd6, 0x67, 0xc6, 0x46, -+ 0x93, 0xc4, 0x12, 0x4c, 0x75, 0x52, 0x56, 0xac}, -+ .partitions = grub_cpu_to_le64_compile_time (BACKUP_TABLE_SECTOR), -+ .maxpart = grub_cpu_to_le32_compile_time (TABLE_ENTRIES), -+ .partentry_size = grub_cpu_to_le32_compile_time (ENTRY_SIZE), -+ .partentry_crc32 = grub_cpu_to_le32_compile_time (0xab54d286), -+}; -+ -+/* Sample protective MBR for the same 1MB disk. Note, this matches -+ * parted and fdisk behavior. The UEFI spec uses different values. */ -+static const struct grub_msdos_partition_mbr example_pmbr = { -+ .entries = {{.flag = 0x00, -+ .start_head = 0x00, -+ .start_sector = 0x01, -+ .start_cylinder = 0x00, -+ .type = 0xee, -+ .end_head = 0xfe, -+ .end_sector = 0xff, -+ .end_cylinder = 0xff, -+ .start = grub_cpu_to_le32_compile_time (0x1), -+ .length = grub_cpu_to_le32_compile_time (DISK_SECTORS - 0x1), -+ }}, -+ .signature = grub_cpu_to_le16_compile_time (GRUB_PC_PARTITION_SIGNATURE), -+}; -+ -+/* If errors are left in grub's error stack things can get confused. */ -+static void -+assert_error_stack_empty (void) -+{ -+ do -+ { -+ grub_test_assert (grub_errno == GRUB_ERR_NONE, -+ "error on stack: %s", grub_errmsg); -+ } -+ while (grub_error_pop ()); -+} -+ -+static grub_err_t -+execute_command2 (const char *name, const char *arg1, const char *arg2) -+{ -+ grub_command_t cmd; -+ grub_err_t err; -+ char *argv[2]; -+ -+ cmd = grub_command_find (name); -+ if (!cmd) -+ grub_fatal ("can't find command %s", name); -+ -+ argv[0] = strdup (arg1); -+ argv[1] = strdup (arg2); -+ err = (cmd->func) (cmd, 2, argv); -+ free (argv[0]); -+ free (argv[1]); -+ -+ return err; -+} -+ -+static void -+sync_disk (struct test_data *data) -+{ -+ if (msync (data->raw, DISK_SIZE, MS_SYNC | MS_INVALIDATE) < 0) -+ grub_fatal ("Syncing disk failed: %s", strerror (errno)); -+ -+ grub_disk_cache_invalidate_all (); -+} -+ -+static void -+reset_disk (struct test_data *data) -+{ -+ memset (data->raw, 0, DISK_SIZE); -+ -+ /* Initialize image with valid example tables. */ -+ memcpy (&data->raw->mbr, &example_pmbr, sizeof (data->raw->mbr)); -+ memcpy (&data->raw->primary_header, &example_primary, -+ sizeof (data->raw->primary_header)); -+ memcpy (&data->raw->backup_header, &example_backup, -+ sizeof (data->raw->backup_header)); -+ -+ sync_disk (data); -+} -+ -+static void -+open_disk (struct test_data *data) -+{ -+ const char *loop = "loop0"; -+ char template[] = "/tmp/grub_gpt_test.XXXXXX"; -+ char host[sizeof ("(host)") + sizeof (template)]; -+ -+ data->fd = mkstemp (template); -+ if (data->fd < 0) -+ grub_fatal ("Creating %s failed: %s", template, strerror (errno)); -+ -+ if (ftruncate (data->fd, DISK_SIZE) < 0) -+ { -+ int err = errno; -+ unlink (template); -+ grub_fatal ("Resizing %s failed: %s", template, strerror (err)); -+ } -+ -+ data->raw = mmap (NULL, DISK_SIZE, PROT_READ | PROT_WRITE, -+ MAP_SHARED, data->fd, 0); -+ if (data->raw == MAP_FAILED) -+ { -+ int err = errno; -+ unlink (template); -+ grub_fatal ("Maping %s failed: %s", template, strerror (err)); -+ } -+ -+ snprintf (host, sizeof (host), "(host)%s", template); -+ if (execute_command2 ("loopback", loop, host) != GRUB_ERR_NONE) -+ { -+ unlink (template); -+ grub_fatal ("loopback %s %s failed: %s", loop, host, grub_errmsg); -+ } -+ -+ if (unlink (template) < 0) -+ grub_fatal ("Unlinking %s failed: %s", template, strerror (errno)); -+ -+ reset_disk (data); -+ -+ data->dev = grub_device_open (loop); -+ if (!data->dev) -+ grub_fatal ("Opening %s failed: %s", loop, grub_errmsg); -+} -+ -+static void -+close_disk (struct test_data *data) -+{ -+ char *loop; -+ -+ assert_error_stack_empty (); -+ -+ if (munmap (data->raw, DISK_SIZE) || close (data->fd)) -+ grub_fatal ("Closing disk image failed: %s", strerror (errno)); -+ -+ loop = strdup (data->dev->disk->name); -+ grub_test_assert (grub_device_close (data->dev) == GRUB_ERR_NONE, -+ "Closing disk device failed: %s", grub_errmsg); -+ -+ grub_test_assert (execute_command2 ("loopback", "-d", loop) == -+ GRUB_ERR_NONE, "loopback -d %s failed: %s", loop, -+ grub_errmsg); -+ -+ free (loop); -+} -+ -+static grub_gpt_t -+read_disk (struct test_data *data) -+{ -+ grub_gpt_t gpt; -+ -+ gpt = grub_gpt_read (data->dev->disk); -+ if (gpt == NULL) -+ { -+ grub_print_error (); -+ grub_fatal ("grub_gpt_read failed"); -+ } -+ -+ -+ return gpt; -+} -+ -+static void -+pmbr_test (void) -+{ -+ struct grub_msdos_partition_mbr mbr; -+ -+ memset (&mbr, 0, sizeof (mbr)); -+ -+ /* Empty is invalid. */ -+ grub_gpt_pmbr_check (&mbr); -+ grub_test_assert (grub_errno == GRUB_ERR_BAD_PART_TABLE, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+ -+ /* A table without a protective partition is invalid. */ -+ mbr.signature = grub_cpu_to_le16_compile_time (GRUB_PC_PARTITION_SIGNATURE); -+ grub_gpt_pmbr_check (&mbr); -+ grub_test_assert (grub_errno == GRUB_ERR_BAD_PART_TABLE, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+ -+ /* A table with a protective type is ok. */ -+ memcpy (&mbr, &example_pmbr, sizeof (mbr)); -+ grub_gpt_pmbr_check (&mbr); -+ grub_test_assert (grub_errno == GRUB_ERR_NONE, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+} -+ -+static void -+header_test (void) -+{ -+ struct grub_gpt_header primary, backup; -+ -+ /* Example headers should be valid. */ -+ memcpy (&primary, &example_primary, sizeof (primary)); -+ grub_gpt_header_check (&primary, GRUB_DISK_SECTOR_BITS); -+ grub_test_assert (grub_errno == GRUB_ERR_NONE, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+ -+ memcpy (&backup, &example_backup, sizeof (backup)); -+ grub_gpt_header_check (&backup, GRUB_DISK_SECTOR_BITS); -+ grub_test_assert (grub_errno == GRUB_ERR_NONE, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+ -+ /* Twiddle the GUID to invalidate the CRC. */ -+ primary.guid[0] = 0; -+ grub_gpt_header_check (&primary, GRUB_DISK_SECTOR_BITS); -+ grub_test_assert (grub_errno == GRUB_ERR_BAD_PART_TABLE, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+ -+ backup.guid[0] = 0; -+ grub_gpt_header_check (&backup, GRUB_DISK_SECTOR_BITS); -+ grub_test_assert (grub_errno == GRUB_ERR_BAD_PART_TABLE, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+} -+ -+static void -+read_valid_test (void) -+{ -+ struct test_data data; -+ grub_gpt_t gpt; -+ -+ open_disk (&data); -+ gpt = read_disk (&data); -+ grub_test_assert (gpt->status == (GRUB_GPT_PROTECTIVE_MBR | -+ GRUB_GPT_PRIMARY_HEADER_VALID | -+ GRUB_GPT_PRIMARY_ENTRIES_VALID | -+ GRUB_GPT_BACKUP_HEADER_VALID | -+ GRUB_GPT_BACKUP_ENTRIES_VALID), -+ "unexpected status: 0x%02x", gpt->status); -+ grub_gpt_free (gpt); -+ close_disk (&data); -+} -+ -+static void -+read_invalid_entries_test (void) -+{ -+ struct test_data data; -+ grub_gpt_t gpt; -+ -+ open_disk (&data); -+ -+ /* Corrupt the first entry in both tables. */ -+ memset (&data.raw->primary_entries[0], 0x55, -+ sizeof (data.raw->primary_entries[0])); -+ memset (&data.raw->backup_entries[0], 0x55, -+ sizeof (data.raw->backup_entries[0])); -+ sync_disk (&data); -+ -+ gpt = grub_gpt_read (data.dev->disk); -+ grub_test_assert (gpt == NULL, "no error reported for corrupt entries"); -+ grub_test_assert (grub_errno == GRUB_ERR_BAD_PART_TABLE, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+ -+ close_disk (&data); -+} -+ -+static void -+read_fallback_test (void) -+{ -+ struct test_data data; -+ grub_gpt_t gpt; -+ -+ open_disk (&data); -+ -+ /* Corrupt the primary header. */ -+ memset (&data.raw->primary_header.guid, 0x55, -+ sizeof (data.raw->primary_header.guid)); -+ sync_disk (&data); -+ gpt = read_disk (&data); -+ grub_test_assert ((gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) == 0, -+ "unreported corrupt primary header"); -+ grub_gpt_free (gpt); -+ reset_disk (&data); -+ -+ /* Corrupt the backup header. */ -+ memset (&data.raw->backup_header.guid, 0x55, -+ sizeof (data.raw->backup_header.guid)); -+ sync_disk (&data); -+ gpt = read_disk (&data); -+ grub_test_assert ((gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) == 0, -+ "unreported corrupt backup header"); -+ grub_gpt_free (gpt); -+ reset_disk (&data); -+ -+ /* Corrupt the primary entry table. */ -+ memset (&data.raw->primary_entries[0], 0x55, -+ sizeof (data.raw->primary_entries[0])); -+ sync_disk (&data); -+ gpt = read_disk (&data); -+ grub_test_assert ((gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID) == 0, -+ "unreported corrupt primary entries table"); -+ grub_gpt_free (gpt); -+ reset_disk (&data); -+ -+ /* Corrupt the backup entry table. */ -+ memset (&data.raw->backup_entries[0], 0x55, -+ sizeof (data.raw->backup_entries[0])); -+ sync_disk (&data); -+ gpt = read_disk (&data); -+ grub_test_assert ((gpt->status & GRUB_GPT_BACKUP_ENTRIES_VALID) == 0, -+ "unreported corrupt backup entries table"); -+ grub_gpt_free (gpt); -+ reset_disk (&data); -+ -+ /* If primary is corrupt and disk size is unknown fallback fails. */ -+ memset (&data.raw->primary_header.guid, 0x55, -+ sizeof (data.raw->primary_header.guid)); -+ sync_disk (&data); -+ data.dev->disk->total_sectors = GRUB_DISK_SIZE_UNKNOWN; -+ gpt = grub_gpt_read (data.dev->disk); -+ grub_test_assert (gpt == NULL, "no error reported"); -+ grub_test_assert (grub_errno == GRUB_ERR_BAD_PART_TABLE, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+ -+ close_disk (&data); -+} -+ -+void -+grub_unit_test_init (void) -+{ -+ grub_init_all (); -+ grub_hostfs_init (); -+ grub_host_init (); -+ grub_test_register ("gpt_pmbr_test", pmbr_test); -+ grub_test_register ("gpt_header_test", header_test); -+ grub_test_register ("gpt_read_valid_test", read_valid_test); -+ grub_test_register ("gpt_read_invalid_test", read_invalid_entries_test); -+ grub_test_register ("gpt_read_fallback_test", read_fallback_test); -+} -+ -+void -+grub_unit_test_fini (void) -+{ -+ grub_test_unregister ("gpt_pmbr_test"); -+ grub_test_unregister ("gpt_header_test"); -+ grub_test_unregister ("gpt_read_valid_test"); -+ grub_test_unregister ("gpt_read_invalid_test"); -+ grub_test_unregister ("gpt_read_fallback_test"); -+ grub_fini_all (); -+} --- -2.36.1 - diff --git a/packages/grub/0003-gpt-rename-misnamed-header-location-fields.patch b/packages/grub/0003-gpt-rename-misnamed-header-location-fields.patch deleted file mode 100644 index d6351a569f0..00000000000 --- a/packages/grub/0003-gpt-rename-misnamed-header-location-fields.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 7bf95046b9123cd7d57df6dee81cbbd75ca722f6 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Sat, 18 Oct 2014 15:39:13 -0700 -Subject: [PATCH] gpt: rename misnamed header location fields - -The header location fields refer to 'this header' and 'alternate header' -respectively, not 'primary header' and 'backup header'. The previous -field names are backwards for the backup header. ---- - grub-core/lib/gpt.c | 2 +- - include/grub/gpt_partition.h | 4 ++-- - tests/gpt_unit_test.c | 8 ++++---- - 3 files changed, 7 insertions(+), 7 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index a308e85..705bd77 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -137,7 +137,7 @@ grub_gpt_read_backup (grub_disk_t disk, grub_gpt_t gpt) - if (disk->total_sectors != GRUB_DISK_SIZE_UNKNOWN) - sector = disk->total_sectors - 1; - else if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -- sector = grub_le_to_cpu64 (gpt->primary.backup); -+ sector = grub_le_to_cpu64 (gpt->primary.alternate_lba); - else - return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, - "Unable to locate backup GPT"); -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 8cffe16..1101d85 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -64,8 +64,8 @@ struct grub_gpt_header - grub_uint32_t headersize; - grub_uint32_t crc32; - grub_uint32_t unused1; -- grub_uint64_t primary; -- grub_uint64_t backup; -+ grub_uint64_t header_lba; -+ grub_uint64_t alternate_lba; - grub_uint64_t start; - grub_uint64_t end; - grub_uint8_t guid[16]; -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -index a824cd9..4d70868 100644 ---- a/tests/gpt_unit_test.c -+++ b/tests/gpt_unit_test.c -@@ -94,8 +94,8 @@ static const struct grub_gpt_header example_primary = { - .version = GRUB_GPT_HEADER_VERSION, - .headersize = sizeof (struct grub_gpt_header), - .crc32 = grub_cpu_to_le32_compile_time (0x7cd8642c), -- .primary = grub_cpu_to_le64_compile_time (PRIMARY_HEADER_SECTOR), -- .backup = grub_cpu_to_le64_compile_time (BACKUP_HEADER_SECTOR), -+ .header_lba = grub_cpu_to_le64_compile_time (PRIMARY_HEADER_SECTOR), -+ .alternate_lba = grub_cpu_to_le64_compile_time (BACKUP_HEADER_SECTOR), - .start = grub_cpu_to_le64_compile_time (DATA_START_SECTOR), - .end = grub_cpu_to_le64_compile_time (DATA_END_SECTOR), - .guid = {0xad, 0x31, 0xc1, 0x69, 0xd6, 0x67, 0xc6, 0x46, -@@ -112,8 +112,8 @@ static const struct grub_gpt_header example_backup = { - .version = GRUB_GPT_HEADER_VERSION, - .headersize = sizeof (struct grub_gpt_header), - .crc32 = grub_cpu_to_le32_compile_time (0xcfaa4a27), -- .primary = grub_cpu_to_le64_compile_time (BACKUP_HEADER_SECTOR), -- .backup = grub_cpu_to_le64_compile_time (PRIMARY_HEADER_SECTOR), -+ .header_lba = grub_cpu_to_le64_compile_time (BACKUP_HEADER_SECTOR), -+ .alternate_lba = grub_cpu_to_le64_compile_time (PRIMARY_HEADER_SECTOR), - .start = grub_cpu_to_le64_compile_time (DATA_START_SECTOR), - .end = grub_cpu_to_le64_compile_time (DATA_END_SECTOR), - .guid = {0xad, 0x31, 0xc1, 0x69, 0xd6, 0x67, 0xc6, 0x46, --- -2.21.3 - diff --git a/packages/grub/0004-gpt-record-size-of-of-the-entries-table.patch b/packages/grub/0004-gpt-record-size-of-of-the-entries-table.patch deleted file mode 100644 index e0c931b8259..00000000000 --- a/packages/grub/0004-gpt-record-size-of-of-the-entries-table.patch +++ /dev/null @@ -1,137 +0,0 @@ -From 42ad151307ad12ca85ae1865f4abc79d25673ae3 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Sat, 18 Oct 2014 16:46:17 -0700 -Subject: [PATCH] gpt: record size of of the entries table - -The size of the entries table will be needed later when writing it back -to disk. Restructure the entries reading code to flow a little better. ---- - grub-core/lib/gpt.c | 53 ++++++++++++++++-------------------- - include/grub/gpt_partition.h | 5 +++- - 2 files changed, 27 insertions(+), 31 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 705bd77..01df7f3 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -153,7 +153,7 @@ grub_gpt_read_backup (grub_disk_t disk, grub_gpt_t gpt) - return GRUB_ERR_NONE; - } - --static struct grub_gpt_partentry * -+static grub_err_t - grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - struct grub_gpt_header *header) - { -@@ -173,6 +173,10 @@ grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - goto fail; - } - -+ /* Double check that the header was validated properly. */ -+ if (entries_size < GRUB_GPT_DEFAULT_ENTRIES_SIZE) -+ return grub_error (GRUB_ERR_BUG, "invalid GPT entries table size"); -+ - entries = grub_malloc (entries_size); - if (!entries) - goto fail; -@@ -197,19 +201,21 @@ grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - } - - grub_free (crc32_context); -- return entries; -+ grub_free (gpt->entries); -+ gpt->entries = entries; -+ gpt->entries_size = entries_size; -+ return GRUB_ERR_NONE; - - fail: - grub_free (entries); - grub_free (crc32_context); -- return NULL; -+ return grub_errno; - } - - grub_gpt_t - grub_gpt_read (grub_disk_t disk) - { - grub_gpt_t gpt; -- struct grub_gpt_partentry *backup_entries; - - gpt = grub_zalloc (sizeof (*gpt)); - if (!gpt) -@@ -241,36 +247,23 @@ grub_gpt_read (grub_disk_t disk) - else - goto fail; - -- /* Same error handling scheme for the entry tables. */ -- gpt->entries = grub_gpt_read_entries (disk, gpt, &gpt->primary); -- if (!gpt->entries) -- { -- grub_error_push (); -- backup_entries = grub_gpt_read_entries (disk, gpt, &gpt->backup); -- grub_error_pop (); -- } -- else -- { -- gpt->status |= GRUB_GPT_PRIMARY_ENTRIES_VALID; -- backup_entries = grub_gpt_read_entries (disk, gpt, &gpt->backup); -- } -+ /* Similarly, favor the value or error from the primary table. */ -+ if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID && -+ !grub_gpt_read_entries (disk, gpt, &gpt->backup)) -+ gpt->status |= GRUB_GPT_BACKUP_ENTRIES_VALID; - -- if (backup_entries) -- { -- gpt->status |= GRUB_GPT_BACKUP_ENTRIES_VALID; -- -- if (gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID) -- grub_free (backup_entries); -- else -- gpt->entries = backup_entries; -- } -+ grub_errno = GRUB_ERR_NONE; -+ if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID && -+ !grub_gpt_read_entries (disk, gpt, &gpt->primary)) -+ gpt->status |= GRUB_GPT_PRIMARY_ENTRIES_VALID; - - if (gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID || - gpt->status & GRUB_GPT_BACKUP_ENTRIES_VALID) -- { -- grub_errno = GRUB_ERR_NONE; -- return gpt; -- } -+ grub_errno = GRUB_ERR_NONE; -+ else -+ goto fail; -+ -+ return gpt; - - fail: - grub_gpt_free (gpt); -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 1101d85..21ea08d 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -106,7 +106,9 @@ typedef enum grub_gpt_status - - /* UEFI requires the entries table to be at least 16384 bytes for a - * total of 128 entries given the standard 128 byte entry size. */ --#define GRUB_GPT_DEFAULT_ENTRIES_LENGTH 128 -+#define GRUB_GPT_DEFAULT_ENTRIES_SIZE 16384 -+#define GRUB_GPT_DEFAULT_ENTRIES_LENGTH \ -+ (GRUB_GPT_DEFAULT_ENTRIES_SIZE / sizeof (struct grub_gpt_partentry)) - - struct grub_gpt - { -@@ -122,6 +124,7 @@ struct grub_gpt - - /* Only need one entries table, on disk both copies are identical. */ - struct grub_gpt_partentry *entries; -+ grub_size_t entries_size; - - /* Logarithm of sector size, in case GPT and disk driver disagree. */ - unsigned int log_sector_size; --- -2.21.3 - diff --git a/packages/grub/0005-gpt-consolidate-crc32-computation-code.patch b/packages/grub/0005-gpt-consolidate-crc32-computation-code.patch deleted file mode 100644 index 9c9918dd400..00000000000 --- a/packages/grub/0005-gpt-consolidate-crc32-computation-code.patch +++ /dev/null @@ -1,119 +0,0 @@ -From a0481ec20cd8f99f973385b6dcacff6201aa5661 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Sat, 18 Oct 2014 18:18:17 -0700 -Subject: [PATCH] gpt: consolidate crc32 computation code - -The gcrypt API is overly verbose, wrap it up in a helper function to -keep this rather common operation easy to use. ---- - grub-core/lib/gpt.c | 43 ++++++++++++++++++++++++------------------- - 1 file changed, 24 insertions(+), 19 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 01df7f3..43a1509 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -32,22 +32,17 @@ static grub_uint8_t grub_gpt_magic[] = GRUB_GPT_HEADER_MAGIC; - - - static grub_err_t --grub_gpt_header_crc32 (struct grub_gpt_header *gpt, grub_uint32_t *crc) -+grub_gpt_lecrc32 (void *data, grub_size_t len, grub_uint32_t *crc) - { - grub_uint8_t *crc32_context; -- grub_uint32_t old; - - crc32_context = grub_zalloc (GRUB_MD_CRC32->contextsize); - if (!crc32_context) - return grub_errno; - -- /* crc32 must be computed with the field cleared. */ -- old = gpt->crc32; -- gpt->crc32 = 0; - GRUB_MD_CRC32->init (crc32_context); -- GRUB_MD_CRC32->write (crc32_context, gpt, sizeof (*gpt)); -+ GRUB_MD_CRC32->write (crc32_context, data, len); - GRUB_MD_CRC32->final (crc32_context); -- gpt->crc32 = old; - - /* GRUB_MD_CRC32 always uses big endian, gpt is always little. */ - *crc = grub_swap_bytes32 (*(grub_uint32_t *) -@@ -58,6 +53,25 @@ grub_gpt_header_crc32 (struct grub_gpt_header *gpt, grub_uint32_t *crc) - return GRUB_ERR_NONE; - } - -+static grub_err_t -+grub_gpt_header_lecrc32 (struct grub_gpt_header *header, grub_uint32_t *crc) -+{ -+ grub_uint32_t old, new; -+ grub_err_t err; -+ -+ /* crc32 must be computed with the field cleared. */ -+ old = header->crc32; -+ header->crc32 = 0; -+ err = grub_gpt_lecrc32 (header, sizeof (*header), &new); -+ header->crc32 = old; -+ -+ if (err) -+ return err; -+ -+ *crc = new; -+ return GRUB_ERR_NONE; -+} -+ - /* Make sure the MBR is a protective MBR and not a normal MBR. */ - grub_err_t - grub_gpt_pmbr_check (struct grub_msdos_partition_mbr *mbr) -@@ -87,7 +101,7 @@ grub_gpt_header_check (struct grub_gpt_header *gpt, - if (gpt->version != GRUB_GPT_HEADER_VERSION) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "unknown GPT version"); - -- if (grub_gpt_header_crc32 (gpt, &crc)) -+ if (grub_gpt_header_lecrc32 (gpt, &crc)) - return grub_errno; - - if (gpt->crc32 != crc) -@@ -158,7 +172,6 @@ grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - struct grub_gpt_header *header) - { - struct grub_gpt_partentry *entries = NULL; -- grub_uint8_t *crc32_context = NULL; - grub_uint32_t count, size, crc; - grub_disk_addr_t addr; - grub_size_t entries_size; -@@ -185,22 +198,15 @@ grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - if (grub_disk_read (disk, addr, 0, entries_size, entries)) - goto fail; - -- crc32_context = grub_zalloc (GRUB_MD_CRC32->contextsize); -- if (!crc32_context) -+ if (grub_gpt_lecrc32 (entries, entries_size, &crc)) - goto fail; - -- GRUB_MD_CRC32->init (crc32_context); -- GRUB_MD_CRC32->write (crc32_context, entries, entries_size); -- GRUB_MD_CRC32->final (crc32_context); -- -- crc = *(grub_uint32_t *) GRUB_MD_CRC32->read (crc32_context); -- if (grub_swap_bytes32 (crc) != header->partentry_crc32) -+ if (crc != header->partentry_crc32) - { - grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT entry crc32"); - goto fail; - } - -- grub_free (crc32_context); - grub_free (gpt->entries); - gpt->entries = entries; - gpt->entries_size = entries_size; -@@ -208,7 +214,6 @@ grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - - fail: - grub_free (entries); -- grub_free (crc32_context); - return grub_errno; - } - --- -2.21.3 - diff --git a/packages/grub/0006-gpt-add-new-repair-function-to-sync-up-primary-and-b.patch b/packages/grub/0006-gpt-add-new-repair-function-to-sync-up-primary-and-b.patch deleted file mode 100644 index f683671bfe5..00000000000 --- a/packages/grub/0006-gpt-add-new-repair-function-to-sync-up-primary-and-b.patch +++ /dev/null @@ -1,217 +0,0 @@ -From 36fc577048523438ffbf51291a40fe59eb479724 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Sat, 18 Oct 2014 18:21:07 -0700 -Subject: [PATCH] gpt: add new repair function to sync up primary and backup - tables. - ---- - grub-core/lib/gpt.c | 90 ++++++++++++++++++++++++++++++++++++ - include/grub/gpt_partition.h | 3 ++ - tests/gpt_unit_test.c | 49 ++++++++++++++++++++ - 3 files changed, 142 insertions(+) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 43a1509..2d61df4 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -31,6 +31,20 @@ GRUB_MOD_LICENSE ("GPLv3+"); - static grub_uint8_t grub_gpt_magic[] = GRUB_GPT_HEADER_MAGIC; - - -+static grub_uint64_t -+grub_gpt_size_to_sectors (grub_gpt_t gpt, grub_size_t size) -+{ -+ unsigned int sector_size; -+ grub_uint64_t sectors; -+ -+ sector_size = 1U << gpt->log_sector_size; -+ sectors = size / sector_size; -+ if (size % sector_size) -+ sectors++; -+ -+ return sectors; -+} -+ - static grub_err_t - grub_gpt_lecrc32 (void *data, grub_size_t len, grub_uint32_t *crc) - { -@@ -275,6 +289,82 @@ fail: - return NULL; - } - -+grub_err_t -+grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) -+{ -+ grub_uint64_t backup_header, backup_entries; -+ grub_uint32_t crc; -+ -+ if (disk->log_sector_size != gpt->log_sector_size) -+ return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -+ "GPT sector size must match disk sector size"); -+ -+ if (!(gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID || -+ gpt->status & GRUB_GPT_BACKUP_ENTRIES_VALID)) -+ return grub_error (GRUB_ERR_BUG, "No valid GPT entries"); -+ -+ if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -+ { -+ backup_header = grub_le_to_cpu64 (gpt->primary.alternate_lba); -+ grub_memcpy (&gpt->backup, &gpt->primary, sizeof (gpt->backup)); -+ } -+ else if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) -+ { -+ backup_header = grub_le_to_cpu64 (gpt->backup.header_lba); -+ grub_memcpy (&gpt->primary, &gpt->backup, sizeof (gpt->primary)); -+ } -+ else -+ return grub_error (GRUB_ERR_BUG, "No valid GPT header"); -+ -+ /* Relocate backup to end if disk whenever possible. */ -+ if (disk->total_sectors != GRUB_DISK_SIZE_UNKNOWN) -+ backup_header = disk->total_sectors - 1; -+ -+ backup_entries = backup_header - -+ grub_gpt_size_to_sectors (gpt, gpt->entries_size); -+ -+ /* Update/fixup header and partition table locations. */ -+ gpt->primary.header_lba = grub_cpu_to_le64_compile_time (1); -+ gpt->primary.alternate_lba = grub_cpu_to_le64 (backup_header); -+ gpt->primary.partitions = grub_cpu_to_le64_compile_time (2); -+ gpt->backup.header_lba = gpt->primary.alternate_lba; -+ gpt->backup.alternate_lba = gpt->primary.header_lba; -+ gpt->backup.partitions = grub_cpu_to_le64 (backup_entries); -+ -+ /* Writing headers larger than our header structure are unsupported. */ -+ gpt->primary.headersize = -+ grub_cpu_to_le32_compile_time (sizeof (gpt->primary)); -+ gpt->backup.headersize = -+ grub_cpu_to_le32_compile_time (sizeof (gpt->backup)); -+ -+ /* Recompute checksums. */ -+ if (grub_gpt_lecrc32 (gpt->entries, gpt->entries_size, &crc)) -+ return grub_errno; -+ -+ gpt->primary.partentry_crc32 = crc; -+ gpt->backup.partentry_crc32 = crc; -+ -+ if (grub_gpt_header_lecrc32 (&gpt->primary, &gpt->primary.crc32)) -+ return grub_errno; -+ -+ if (grub_gpt_header_lecrc32 (&gpt->backup, &gpt->backup.crc32)) -+ return grub_errno; -+ -+ /* Sanity check. */ -+ if (grub_gpt_header_check (&gpt->primary, gpt->log_sector_size)) -+ return grub_error (GRUB_ERR_BUG, "Generated invalid GPT primary header"); -+ -+ if (grub_gpt_header_check (&gpt->backup, gpt->log_sector_size)) -+ return grub_error (GRUB_ERR_BUG, "Generated invalid GPT backup header"); -+ -+ gpt->status |= (GRUB_GPT_PRIMARY_HEADER_VALID | -+ GRUB_GPT_PRIMARY_ENTRIES_VALID | -+ GRUB_GPT_BACKUP_HEADER_VALID | -+ GRUB_GPT_BACKUP_ENTRIES_VALID); -+ -+ return GRUB_ERR_NONE; -+} -+ - void - grub_gpt_free (grub_gpt_t gpt) - { -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 21ea08d..b45acbd 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -141,6 +141,9 @@ grub_gpt_sector_to_addr (grub_gpt_t gpt, grub_uint64_t sector) - /* Allocates and fills new grub_gpt structure, free with grub_gpt_free. */ - grub_gpt_t grub_gpt_read (grub_disk_t disk); - -+/* Sync up primary and backup headers, recompute checksums. */ -+grub_err_t grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt); -+ - void grub_gpt_free (grub_gpt_t gpt); - - grub_err_t grub_gpt_pmbr_check (struct grub_msdos_partition_mbr *mbr); -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -index 4d70868..83198be 100644 ---- a/tests/gpt_unit_test.c -+++ b/tests/gpt_unit_test.c -@@ -24,6 +24,7 @@ - #include - #include - #include -+#include - #include - - #include -@@ -442,6 +443,52 @@ read_fallback_test (void) - close_disk (&data); - } - -+static void -+repair_test (void) -+{ -+ struct test_data data; -+ grub_gpt_t gpt; -+ -+ open_disk (&data); -+ -+ /* Erase/Repair primary. */ -+ memset (&data.raw->primary_header, 0, sizeof (data.raw->primary_header)); -+ sync_disk (&data); -+ gpt = read_disk (&data); -+ grub_gpt_repair (data.dev->disk, gpt); -+ grub_test_assert (grub_errno == GRUB_ERR_NONE, -+ "repair failed: %s", grub_errmsg); -+ if (memcmp (&gpt->primary, &example_primary, sizeof (gpt->primary))) -+ { -+ printf ("Invalid restored primary header:\n"); -+ hexdump (16, (char*)&gpt->primary, sizeof (gpt->primary)); -+ printf ("Expected primary header:\n"); -+ hexdump (16, (char*)&example_primary, sizeof (example_primary)); -+ grub_test_assert (0, "repair did not restore primary header"); -+ } -+ grub_gpt_free (gpt); -+ reset_disk (&data); -+ -+ /* Erase/Repair backup. */ -+ memset (&data.raw->backup_header, 0, sizeof (data.raw->backup_header)); -+ sync_disk (&data); -+ gpt = read_disk (&data); -+ grub_gpt_repair (data.dev->disk, gpt); -+ grub_test_assert (grub_errno == GRUB_ERR_NONE, -+ "repair failed: %s", grub_errmsg); -+ if (memcmp (&gpt->backup, &example_backup, sizeof (gpt->backup))) -+ { -+ printf ("Invalid restored backup header:\n"); -+ hexdump (16, (char*)&gpt->backup, sizeof (gpt->backup)); -+ printf ("Expected backup header:\n"); -+ hexdump (16, (char*)&example_backup, sizeof (example_backup)); -+ grub_test_assert (0, "repair did not restore backup header"); -+ } -+ grub_gpt_free (gpt); -+ reset_disk (&data); -+ -+ close_disk (&data); -+} - void - grub_unit_test_init (void) - { -@@ -453,6 +500,7 @@ grub_unit_test_init (void) - grub_test_register ("gpt_read_valid_test", read_valid_test); - grub_test_register ("gpt_read_invalid_test", read_invalid_entries_test); - grub_test_register ("gpt_read_fallback_test", read_fallback_test); -+ grub_test_register ("gpt_repair_test", repair_test); - } - - void -@@ -463,5 +511,6 @@ grub_unit_test_fini (void) - grub_test_unregister ("gpt_read_valid_test"); - grub_test_unregister ("gpt_read_invalid_test"); - grub_test_unregister ("gpt_read_fallback_test"); -+ grub_test_unregister ("gpt_repair_test"); - grub_fini_all (); - } --- -2.21.3 - diff --git a/packages/grub/0007-gpt-add-write-function-and-gptrepair-command.patch b/packages/grub/0007-gpt-add-write-function-and-gptrepair-command.patch deleted file mode 100644 index a3fd35e5326..00000000000 --- a/packages/grub/0007-gpt-add-write-function-and-gptrepair-command.patch +++ /dev/null @@ -1,367 +0,0 @@ -From 822c0cb2c9d6cd7b0e4be0362bbc5804417e479f Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Sun, 19 Oct 2014 14:21:29 -0700 -Subject: [PATCH] gpt: add write function and gptrepair command - -The first hint of something practical, a command that can restore any of -the GPT structures from the alternate location. New test case must run -under QEMU because the loopback device used by the other unit tests does -not support writing. ---- - Makefile.util.def | 6 ++ - grub-core/Makefile.core.def | 5 ++ - grub-core/commands/gptrepair.c | 116 +++++++++++++++++++++++++++++++++ - grub-core/lib/gpt.c | 44 +++++++++++-- - include/grub/gpt_partition.h | 8 +++ - tests/gptrepair_test.in | 102 +++++++++++++++++++++++++++++ - 6 files changed, 277 insertions(+), 4 deletions(-) - create mode 100644 grub-core/commands/gptrepair.c - create mode 100644 tests/gptrepair_test.in - -diff --git a/Makefile.util.def b/Makefile.util.def -index c7efe17..a2ca51d 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -1288,6 +1288,12 @@ script = { - common = tests/grub_cmd_tr.in; - }; - -+script = { -+ testcase; -+ name = gptrepair_test; -+ common = tests/gptrepair_test.in; -+}; -+ - script = { - testcase; - name = file_filter_test; -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index e9cce06..c040652 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -942,6 +942,11 @@ module = { - common = commands/gptsync.c; - }; - -+module = { -+ name = gptrepair; -+ common = commands/gptrepair.c; -+}; -+ - module = { - name = gpt; - common = lib/gpt.c; -diff --git a/grub-core/commands/gptrepair.c b/grub-core/commands/gptrepair.c -new file mode 100644 -index 0000000..38392fd ---- /dev/null -+++ b/grub-core/commands/gptrepair.c -@@ -0,0 +1,116 @@ -+/* gptrepair.c - verify and restore GPT info from alternate location. */ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2009 Free Software Foundation, Inc. -+ * Copyright (C) 2014 CoreOS, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static char * -+trim_dev_name (char *name) -+{ -+ grub_size_t len = grub_strlen (name); -+ if (len && name[0] == '(' && name[len - 1] == ')') -+ { -+ name[len - 1] = '\0'; -+ name = name + 1; -+ } -+ return name; -+} -+ -+static grub_err_t -+grub_cmd_gptrepair (grub_command_t cmd __attribute__ ((unused)), -+ int argc, char **args) -+{ -+ grub_device_t dev = NULL; -+ grub_gpt_t gpt = NULL; -+ char *dev_name; -+ grub_uint32_t primary_crc, backup_crc; -+ enum grub_gpt_status old_status; -+ -+ if (argc != 1 || !grub_strlen(args[0])) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, "device name required"); -+ -+ dev_name = trim_dev_name (args[0]); -+ dev = grub_device_open (dev_name); -+ if (!dev) -+ goto done; -+ -+ if (!dev->disk) -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, "not a disk"); -+ goto done; -+ } -+ -+ gpt = grub_gpt_read (dev->disk); -+ if (!gpt) -+ goto done; -+ -+ primary_crc = gpt->primary.crc32; -+ backup_crc = gpt->backup.crc32; -+ old_status = gpt->status; -+ -+ if (grub_gpt_repair (dev->disk, gpt)) -+ goto done; -+ -+ if (primary_crc == gpt->primary.crc32 && -+ backup_crc == gpt->backup.crc32 && -+ old_status && gpt->status) -+ { -+ grub_printf_ (N_("GPT already valid, %s unmodified.\n"), dev_name); -+ goto done; -+ } -+ -+ if (grub_gpt_write (dev->disk, gpt)) -+ goto done; -+ -+ if (!(old_status & GRUB_GPT_PRIMARY_VALID)) -+ grub_printf_ (N_("Primary GPT for %s repaired.\n"), dev_name); -+ -+ if (!(old_status & GRUB_GPT_BACKUP_VALID)) -+ grub_printf_ (N_("Backup GPT for %s repaired.\n"), dev_name); -+ -+done: -+ if (gpt) -+ grub_gpt_free (gpt); -+ -+ if (dev) -+ grub_device_close (dev); -+ -+ return grub_errno; -+} -+ -+static grub_command_t cmd; -+ -+GRUB_MOD_INIT(gptrepair) -+{ -+ cmd = grub_register_command ("gptrepair", grub_cmd_gptrepair, -+ N_("DEVICE"), -+ N_("Verify and repair GPT on drive DEVICE.")); -+} -+ -+GRUB_MOD_FINI(gptrepair) -+{ -+ grub_unregister_command (cmd); -+} -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 2d61df4..67ffdf7 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -357,10 +357,46 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - if (grub_gpt_header_check (&gpt->backup, gpt->log_sector_size)) - return grub_error (GRUB_ERR_BUG, "Generated invalid GPT backup header"); - -- gpt->status |= (GRUB_GPT_PRIMARY_HEADER_VALID | -- GRUB_GPT_PRIMARY_ENTRIES_VALID | -- GRUB_GPT_BACKUP_HEADER_VALID | -- GRUB_GPT_BACKUP_ENTRIES_VALID); -+ gpt->status |= GRUB_GPT_BOTH_VALID; -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_gpt_write_table (grub_disk_t disk, grub_gpt_t gpt, -+ struct grub_gpt_header *header) -+{ -+ grub_disk_addr_t addr; -+ -+ if (grub_le_to_cpu32 (header->headersize) != sizeof (*header)) -+ return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -+ "Header size is %u, must be %u", -+ grub_le_to_cpu32 (header->headersize), -+ sizeof (*header)); -+ -+ addr = grub_gpt_sector_to_addr (gpt, grub_le_to_cpu64 (header->header_lba)); -+ if (grub_disk_write (disk, addr, 0, sizeof (*header), header)) -+ return grub_errno; -+ -+ addr = grub_gpt_sector_to_addr (gpt, grub_le_to_cpu64 (header->partitions)); -+ if (grub_disk_write (disk, addr, 0, gpt->entries_size, gpt->entries)) -+ return grub_errno; -+ -+ return GRUB_ERR_NONE; -+} -+ -+grub_err_t -+grub_gpt_write (grub_disk_t disk, grub_gpt_t gpt) -+{ -+ /* TODO: update/repair protective MBRs too. */ -+ -+ if (!(gpt->status & GRUB_GPT_BOTH_VALID)) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "Invalid GPT data"); -+ -+ if (grub_gpt_write_table (disk, gpt, &gpt->primary)) -+ return grub_errno; -+ -+ if (grub_gpt_write_table (disk, gpt, &gpt->backup)) -+ return grub_errno; - - return GRUB_ERR_NONE; - } -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index b45acbd..5c2b535 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -103,6 +103,11 @@ typedef enum grub_gpt_status - } grub_gpt_status_t; - - #define GRUB_GPT_MBR_VALID (GRUB_GPT_PROTECTIVE_MBR|GRUB_GPT_HYBRID_MBR) -+#define GRUB_GPT_PRIMARY_VALID \ -+ (GRUB_GPT_PRIMARY_HEADER_VALID|GRUB_GPT_PRIMARY_ENTRIES_VALID) -+#define GRUB_GPT_BACKUP_VALID \ -+ (GRUB_GPT_BACKUP_HEADER_VALID|GRUB_GPT_BACKUP_ENTRIES_VALID) -+#define GRUB_GPT_BOTH_VALID (GRUB_GPT_PRIMARY_VALID|GRUB_GPT_BACKUP_VALID) - - /* UEFI requires the entries table to be at least 16384 bytes for a - * total of 128 entries given the standard 128 byte entry size. */ -@@ -144,6 +149,9 @@ grub_gpt_t grub_gpt_read (grub_disk_t disk); - /* Sync up primary and backup headers, recompute checksums. */ - grub_err_t grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt); - -+/* Write headers and entry tables back to disk. */ -+grub_err_t grub_gpt_write (grub_disk_t disk, grub_gpt_t gpt); -+ - void grub_gpt_free (grub_gpt_t gpt); - - grub_err_t grub_gpt_pmbr_check (struct grub_msdos_partition_mbr *mbr); -diff --git a/tests/gptrepair_test.in b/tests/gptrepair_test.in -new file mode 100644 -index 0000000..80b2de6 ---- /dev/null -+++ b/tests/gptrepair_test.in -@@ -0,0 +1,102 @@ -+#! /bin/sh -+set -e -+ -+# Copyright (C) 2010 Free Software Foundation, Inc. -+# Copyright (C) 2014 CoreOS, Inc. -+# -+# GRUB is free software: you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation, either version 3 of the License, or -+# (at your option) any later version. -+# -+# GRUB is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with GRUB. If not, see . -+ -+parted=parted -+grubshell=@builddir@/grub-shell -+ -+. "@builddir@/grub-core/modinfo.sh" -+ -+case "${grub_modinfo_target_cpu}-${grub_modinfo_platform}" in -+ mips-qemu_mips | mipsel-qemu_mips | i386-qemu | i386-multiboot | i386-coreboot | mipsel-loongson) -+ disk=ata0 -+ ;; -+ powerpc-ieee1275) -+ disk=ieee1275//pci@80000000/mac-io@4/ata-3@20000/disk@0 -+ # FIXME: QEMU firmware has bugs which prevent it from accessing hard disk w/o recognised label. -+ exit 0 -+ ;; -+ sparc64-ieee1275) -+ disk=ieee1275//pci@1fe\,0/pci-ata@5/ide0@500/disk@0 -+ # FIXME: QEMU firmware has bugs which prevent it from accessing hard disk w/o recognised label. -+ exit 0 -+ ;; -+ i386-ieee1275) -+ disk=ieee1275/d -+ # FIXME: QEMU firmware has bugs which prevent it from accessing hard disk w/o recognised label. -+ exit 0 -+ ;; -+ mips-arc) -+ # FIXME: ARC firmware has bugs which prevent it from accessing hard disk w/o dvh disklabel. -+ exit 0 ;; -+ mipsel-arc) -+ disk=arc/scsi0/disk0/rdisk0 -+ ;; -+ *) -+ disk=hd0 -+ ;; -+esac -+img1="`mktemp "${TMPDIR:-/tmp}/tmp.XXXXXXXXXX"`" || exit 1 -+img2="`mktemp "${TMPDIR:-/tmp}/tmp.XXXXXXXXXX"`" || exit 1 -+trap "rm -f '${img1}' '${ing2}'" EXIT -+ -+create_disk_image () { -+ size=$1 -+ rm -f "${img1}" -+ dd if=/dev/zero of="${img1}" bs=512 count=1 seek=$((size - 1)) status=none -+ ${parted} -a none -s "${img1}" mklabel gpt -+ cp "${img1}" "${img2}" -+} -+ -+wipe_disk_area () { -+ sector=$1 -+ size=$2 -+ dd if=/dev/zero of="${img2}" bs=512 count=${size} seek=${sector} conv=notrunc status=none -+} -+ -+do_repair () { -+ output="`echo "gptrepair ($disk)" | "${grubshell}" --disk="${img2}"`" -+ if echo "${output}" | grep ^error; then -+ return 1 -+ fi -+ if echo "${output}" | grep -v GPT; then -+ echo "Unexpected output ${output}" -+ return 1 -+ fi -+ echo "${output}" -+} -+ -+echo "Nothing to repair:" -+create_disk_image 100 -+do_repair -+cmp "${img1}" "${img2}" -+echo -+ -+echo "Repair primary (MBR left intact)" -+create_disk_image 100 -+wipe_disk_area 1 1 -+do_repair -+cmp "${img1}" "${img2}" -+echo -+ -+echo "Repair backup" -+create_disk_image 100 -+wipe_disk_area 99 1 -+do_repair -+cmp "${img1}" "${img2}" -+echo --- -2.36.1 - diff --git a/packages/grub/0008-gpt-add-a-new-generic-GUID-type.patch b/packages/grub/0008-gpt-add-a-new-generic-GUID-type.patch deleted file mode 100644 index c68642a734b..00000000000 --- a/packages/grub/0008-gpt-add-a-new-generic-GUID-type.patch +++ /dev/null @@ -1,125 +0,0 @@ -From d5520178578153d5b1c79bfba014d388acc6cf75 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Thu, 30 Oct 2014 20:55:21 -0700 -Subject: [PATCH] gpt: add a new generic GUID type - -In order to do anything with partition GUIDs they need to be stored in a -proper structure like the partition type GUIDs. Additionally add an -initializer macro to simplify defining both GUID types. - -[iweller: use new type name from a16f4a822] -Signed-off-by: iliana destroyer of worlds ---- - include/grub/gpt_partition.h | 34 ++++++++++++++++++---------------- - tests/gpt_unit_test.c | 12 ++++++------ - 2 files changed, 24 insertions(+), 22 deletions(-) - -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 5c2b535..d13ea0b 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -23,33 +23,35 @@ - #include - #include - --struct grub_gpt_part_guid -+struct grub_gpt_guid - { - grub_uint32_t data1; - grub_uint16_t data2; - grub_uint16_t data3; - grub_uint8_t data4[8]; - } GRUB_PACKED; --typedef struct grub_gpt_part_guid grub_gpt_part_guid_t; -+typedef struct grub_gpt_guid grub_gpt_guid_t; -+typedef struct grub_gpt_guid grub_gpt_part_guid_t; -+ -+#define GRUB_GPT_GUID_INIT(a, b, c, d1, d2, d3, d4, d5, d6, d7, d8) \ -+ { \ -+ grub_cpu_to_le32_compile_time (a), \ -+ grub_cpu_to_le16_compile_time (b), \ -+ grub_cpu_to_le16_compile_time (c), \ -+ { d1, d2, d3, d4, d5, d6, d7, d8 } \ -+ } - - #define GRUB_GPT_PARTITION_TYPE_EMPTY \ -- { 0x0, 0x0, 0x0, \ -- { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 } \ -- } -+ GRUB_GPT_GUID_INIT (0x0, 0x0, 0x0, \ -+ 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) - - #define GRUB_GPT_PARTITION_TYPE_BIOS_BOOT \ -- { grub_cpu_to_le32_compile_time (0x21686148), \ -- grub_cpu_to_le16_compile_time (0x6449), \ -- grub_cpu_to_le16_compile_time (0x6e6f), \ -- { 0x74, 0x4e, 0x65, 0x65, 0x64, 0x45, 0x46, 0x49 } \ -- } -+ GRUB_GPT_GUID_INIT (0x21686148, 0x6449, 0x6e6f, \ -+ 0x74, 0x4e, 0x65, 0x65, 0x64, 0x45, 0x46, 0x49) - - #define GRUB_GPT_PARTITION_TYPE_LDM \ -- { grub_cpu_to_le32_compile_time (0x5808C8AAU),\ -- grub_cpu_to_le16_compile_time (0x7E8F), \ -- grub_cpu_to_le16_compile_time (0x42E0), \ -- { 0x85, 0xD2, 0xE1, 0xE9, 0x04, 0x34, 0xCF, 0xB3 } \ -- } -+ GRUB_GPT_GUID_INIT (0x5808c8aa, 0x7e8f, 0x42e0, \ -+ 0x85, 0xd2, 0xe1, 0xe9, 0x04, 0x34, 0xcf, 0xb3) - - #define GRUB_GPT_HEADER_MAGIC \ - { 0x45, 0x46, 0x49, 0x20, 0x50, 0x41, 0x52, 0x54 } -@@ -68,7 +70,7 @@ struct grub_gpt_header - grub_uint64_t alternate_lba; - grub_uint64_t start; - grub_uint64_t end; -- grub_uint8_t guid[16]; -+ grub_gpt_guid_t guid; - grub_uint64_t partitions; - grub_uint32_t maxpart; - grub_uint32_t partentry_size; -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -index 83198be..86e4364 100644 ---- a/tests/gpt_unit_test.c -+++ b/tests/gpt_unit_test.c -@@ -99,8 +99,8 @@ static const struct grub_gpt_header example_primary = { - .alternate_lba = grub_cpu_to_le64_compile_time (BACKUP_HEADER_SECTOR), - .start = grub_cpu_to_le64_compile_time (DATA_START_SECTOR), - .end = grub_cpu_to_le64_compile_time (DATA_END_SECTOR), -- .guid = {0xad, 0x31, 0xc1, 0x69, 0xd6, 0x67, 0xc6, 0x46, -- 0x93, 0xc4, 0x12, 0x4c, 0x75, 0x52, 0x56, 0xac}, -+ .guid = GRUB_GPT_GUID_INIT(0x69c131ad, 0x67d6, 0x46c6, -+ 0x93, 0xc4, 0x12, 0x4c, 0x75, 0x52, 0x56, 0xac), - .partitions = grub_cpu_to_le64_compile_time (PRIMARY_TABLE_SECTOR), - .maxpart = grub_cpu_to_le32_compile_time (TABLE_ENTRIES), - .partentry_size = grub_cpu_to_le32_compile_time (ENTRY_SIZE), -@@ -117,8 +117,8 @@ static const struct grub_gpt_header example_backup = { - .alternate_lba = grub_cpu_to_le64_compile_time (PRIMARY_HEADER_SECTOR), - .start = grub_cpu_to_le64_compile_time (DATA_START_SECTOR), - .end = grub_cpu_to_le64_compile_time (DATA_END_SECTOR), -- .guid = {0xad, 0x31, 0xc1, 0x69, 0xd6, 0x67, 0xc6, 0x46, -- 0x93, 0xc4, 0x12, 0x4c, 0x75, 0x52, 0x56, 0xac}, -+ .guid = GRUB_GPT_GUID_INIT(0x69c131ad, 0x67d6, 0x46c6, -+ 0x93, 0xc4, 0x12, 0x4c, 0x75, 0x52, 0x56, 0xac), - .partitions = grub_cpu_to_le64_compile_time (BACKUP_TABLE_SECTOR), - .maxpart = grub_cpu_to_le32_compile_time (TABLE_ENTRIES), - .partentry_size = grub_cpu_to_le32_compile_time (ENTRY_SIZE), -@@ -326,13 +326,13 @@ header_test (void) - grub_errno = GRUB_ERR_NONE; - - /* Twiddle the GUID to invalidate the CRC. */ -- primary.guid[0] = 0; -+ primary.guid.data1 = 0; - grub_gpt_header_check (&primary, GRUB_DISK_SECTOR_BITS); - grub_test_assert (grub_errno == GRUB_ERR_BAD_PART_TABLE, - "unexpected error: %s", grub_errmsg); - grub_errno = GRUB_ERR_NONE; - -- backup.guid[0] = 0; -+ backup.guid.data1 = 0; - grub_gpt_header_check (&backup, GRUB_DISK_SECTOR_BITS); - grub_test_assert (grub_errno == GRUB_ERR_BAD_PART_TABLE, - "unexpected error: %s", grub_errmsg); --- -2.21.3 - diff --git a/packages/grub/0009-gpt-new-gptprio.next-command-for-selecting-priority-.patch b/packages/grub/0009-gpt-new-gptprio.next-command-for-selecting-priority-.patch deleted file mode 100644 index 67b6ca536ef..00000000000 --- a/packages/grub/0009-gpt-new-gptprio.next-command-for-selecting-priority-.patch +++ /dev/null @@ -1,529 +0,0 @@ -From 06eff592def149c09fa42fee4e5d98b7abf00717 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Mon, 3 Nov 2014 17:14:37 -0800 -Subject: [PATCH] gpt: new gptprio.next command for selecting priority based - partitions - -Basic usage would look something like this: - - gptprio.next -d usr_dev -u usr_uuid - linuxefi ($usr_dev)/boot/vmlinuz mount.usr=PARTUUID=$usr_uuid - -After booting the system should set the 'successful' bit on the -partition that was used. - -[iweller: use new type name from a16f4a822] -Signed-off-by: iliana destroyer of worlds ---- - Makefile.util.def | 6 + - grub-core/Makefile.core.def | 5 + - grub-core/commands/gptprio.c | 238 +++++++++++++++++++++++++++++++++++ - include/grub/gpt_partition.h | 49 ++++++++ - tests/gptprio_test.in | 150 ++++++++++++++++++++++ - 5 files changed, 448 insertions(+) - create mode 100644 grub-core/commands/gptprio.c - create mode 100644 tests/gptprio_test.in - -diff --git a/Makefile.util.def b/Makefile.util.def -index a2ca51d..eb4bc90 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -1294,6 +1294,12 @@ script = { - common = tests/gptrepair_test.in; - }; - -+script = { -+ testcase; -+ name = gptprio_test; -+ common = tests/gptprio_test.in; -+}; -+ - script = { - testcase; - name = file_filter_test; -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index c040652..393aecd 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -947,6 +947,11 @@ module = { - common = commands/gptrepair.c; - }; - -+module = { -+ name = gptprio; -+ common = commands/gptprio.c; -+}; -+ - module = { - name = gpt; - common = lib/gpt.c; -diff --git a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c -new file mode 100644 -index 0000000..1e2e06c ---- /dev/null -+++ b/grub-core/commands/gptprio.c -@@ -0,0 +1,238 @@ -+/* gptprio.c - manage priority based partition selection. */ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2009 Free Software Foundation, Inc. -+ * Copyright (C) 2014 CoreOS, Inc. -+ * -+ * GRUB is free software: you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation, either version 3 of the License, or -+ * (at your option) any later version. -+ * -+ * GRUB is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with GRUB. If not, see . -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+GRUB_MOD_LICENSE ("GPLv3+"); -+ -+static const struct grub_arg_option options_next[] = { -+ {"set-device", 'd', 0, -+ N_("Set a variable to the name of selected partition."), -+ N_("VARNAME"), ARG_TYPE_STRING}, -+ {"set-uuid", 'u', 0, -+ N_("Set a variable to the GPT UUID of selected partition."), -+ N_("VARNAME"), ARG_TYPE_STRING}, -+ {0, 0, 0, 0, 0, 0} -+}; -+ -+enum options_next -+{ -+ NEXT_SET_DEVICE, -+ NEXT_SET_UUID, -+}; -+ -+static unsigned int -+grub_gptprio_priority (struct grub_gpt_partentry *entry) -+{ -+ return (unsigned int) grub_gpt_entry_attribute -+ (entry, GRUB_GPT_PART_ATTR_OFFSET_GPTPRIO_PRIORITY, 4); -+} -+ -+static unsigned int -+grub_gptprio_tries_left (struct grub_gpt_partentry *entry) -+{ -+ return (unsigned int) grub_gpt_entry_attribute -+ (entry, GRUB_GPT_PART_ATTR_OFFSET_GPTPRIO_TRIES_LEFT, 4); -+} -+ -+static void -+grub_gptprio_set_tries_left (struct grub_gpt_partentry *entry, -+ unsigned int tries_left) -+{ -+ grub_gpt_entry_set_attribute -+ (entry, tries_left, GRUB_GPT_PART_ATTR_OFFSET_GPTPRIO_TRIES_LEFT, 4); -+} -+ -+static unsigned int -+grub_gptprio_successful (struct grub_gpt_partentry *entry) -+{ -+ return (unsigned int) grub_gpt_entry_attribute -+ (entry, GRUB_GPT_PART_ATTR_OFFSET_GPTPRIO_SUCCESSFUL, 1); -+} -+ -+static grub_err_t -+grub_find_next (const char *disk_name, -+ const grub_gpt_part_guid_t *part_type, -+ char **part_name, char **part_guid) -+{ -+ struct grub_gpt_partentry *part_found = NULL; -+ grub_device_t dev = NULL; -+ grub_gpt_t gpt = NULL; -+ grub_uint32_t i, part_index; -+ -+ dev = grub_device_open (disk_name); -+ if (!dev) -+ goto done; -+ -+ gpt = grub_gpt_read (dev->disk); -+ if (!gpt) -+ goto done; -+ -+ if (!(gpt->status & GRUB_GPT_BOTH_VALID)) -+ if (grub_gpt_repair (dev->disk, gpt)) -+ goto done; -+ -+ for (i = 0; i < grub_le_to_cpu32 (gpt->primary.maxpart); i++) -+ { -+ struct grub_gpt_partentry *part = &gpt->entries[i]; -+ -+ if (grub_memcmp (part_type, &part->type, sizeof (*part_type)) == 0) -+ { -+ unsigned int priority, tries_left, successful, old_priority = 0; -+ -+ priority = grub_gptprio_priority (part); -+ tries_left = grub_gptprio_tries_left (part); -+ successful = grub_gptprio_successful (part); -+ -+ if (part_found) -+ old_priority = grub_gptprio_priority (part_found); -+ -+ if ((tries_left || successful) && priority > old_priority) -+ { -+ part_index = i; -+ part_found = part; -+ } -+ } -+ } -+ -+ if (!part_found) -+ { -+ grub_error (GRUB_ERR_UNKNOWN_DEVICE, N_("no such partition")); -+ goto done; -+ } -+ -+ if (grub_gptprio_tries_left (part_found)) -+ { -+ unsigned int tries_left = grub_gptprio_tries_left (part_found); -+ -+ grub_gptprio_set_tries_left (part_found, tries_left - 1); -+ -+ if (grub_gpt_update_checksums (gpt)) -+ goto done; -+ -+ if (grub_gpt_write (dev->disk, gpt)) -+ goto done; -+ } -+ -+ *part_name = grub_xasprintf ("%s,gpt%u", disk_name, part_index + 1); -+ if (!*part_name) -+ goto done; -+ -+ *part_guid = -+ grub_xasprintf ("%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", -+ grub_le_to_cpu32 (part_found->guid.data1), -+ grub_le_to_cpu16 (part_found->guid.data2), -+ grub_le_to_cpu16 (part_found->guid.data3), -+ part_found->guid.data4[0], -+ part_found->guid.data4[1], -+ part_found->guid.data4[2], -+ part_found->guid.data4[3], -+ part_found->guid.data4[4], -+ part_found->guid.data4[5], -+ part_found->guid.data4[6], -+ part_found->guid.data4[7]); -+ if (!*part_name) -+ goto done; -+ -+ grub_errno = GRUB_ERR_NONE; -+ -+done: -+ grub_gpt_free (gpt); -+ -+ if (dev) -+ grub_device_close (dev); -+ -+ return grub_errno; -+} -+ -+ -+ -+static grub_err_t -+grub_cmd_next (grub_extcmd_context_t ctxt, int argc, char **args) -+{ -+ struct grub_arg_list *state = ctxt->state; -+ char *p, *root = NULL, *part_name = NULL, *part_guid = NULL; -+ -+ /* TODO: Add a uuid parser and a command line flag for providing type. */ -+ grub_gpt_part_guid_t part_type = GRUB_GPT_PARTITION_TYPE_USR_X86_64; -+ -+ if (!state[NEXT_SET_DEVICE].set || !state[NEXT_SET_UUID].set) -+ { -+ grub_error (GRUB_ERR_INVALID_COMMAND, N_("-d and -u are required")); -+ goto done; -+ } -+ -+ if (argc == 0) -+ root = grub_strdup (grub_env_get ("root")); -+ else if (argc == 1) -+ root = grub_strdup (args[0]); -+ else -+ { -+ grub_error (GRUB_ERR_BAD_ARGUMENT, N_("unexpected arguments")); -+ goto done; -+ } -+ -+ if (!root) -+ goto done; -+ -+ /* To make using $root practical strip off the partition name. */ -+ p = grub_strchr (root, ','); -+ if (p) -+ *p = '\0'; -+ -+ if (grub_find_next (root, &part_type, &part_name, &part_guid)) -+ goto done; -+ -+ if (grub_env_set (state[NEXT_SET_DEVICE].arg, part_name)) -+ goto done; -+ -+ if (grub_env_set (state[NEXT_SET_UUID].arg, part_guid)) -+ goto done; -+ -+ grub_errno = GRUB_ERR_NONE; -+ -+done: -+ grub_free (root); -+ grub_free (part_name); -+ grub_free (part_guid); -+ -+ return grub_errno; -+} -+ -+static grub_extcmd_t cmd_next; -+ -+GRUB_MOD_INIT(gptprio) -+{ -+ cmd_next = grub_register_extcmd ("gptprio.next", grub_cmd_next, 0, -+ N_("-d VARNAME -u VARNAME [DEVICE]"), -+ N_("Select next partition to boot."), -+ options_next); -+} -+ -+GRUB_MOD_FINI(gptprio) -+{ -+ grub_unregister_extcmd (cmd_next); -+} -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index d13ea0b..fc4f0f5 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -53,6 +53,10 @@ typedef struct grub_gpt_guid grub_gpt_part_guid_t; - GRUB_GPT_GUID_INIT (0x5808c8aa, 0x7e8f, 0x42e0, \ - 0x85, 0xd2, 0xe1, 0xe9, 0x04, 0x34, 0xcf, 0xb3) - -+#define GRUB_GPT_PARTITION_TYPE_USR_X86_64 \ -+ GRUB_GPT_GUID_INIT (0x5dfbf5f4, 0x2848, 0x4bac, \ -+ 0xaa, 0x5e, 0x0d, 0x9a, 0x20, 0xb7, 0x45, 0xa6) -+ - #define GRUB_GPT_HEADER_MAGIC \ - { 0x45, 0x46, 0x49, 0x20, 0x50, 0x41, 0x52, 0x54 } - -@@ -87,6 +91,51 @@ struct grub_gpt_partentry - char name[72]; - } GRUB_PACKED __attribute__ ((aligned(8))); - -+enum grub_gpt_part_attr_offset -+{ -+ /* Standard partition attribute bits defined by UEFI. */ -+ GRUB_GPT_PART_ATTR_OFFSET_REQUIRED = 0, -+ GRUB_GPT_PART_ATTR_OFFSET_NO_BLOCK_IO_PROTOCOL = 1, -+ GRUB_GPT_PART_ATTR_OFFSET_LEGACY_BIOS_BOOTABLE = 2, -+ -+ /* De facto standard attribute bits defined by Microsoft and reused by -+ * http://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec */ -+ GRUB_GPT_PART_ATTR_OFFSET_READ_ONLY = 60, -+ GRUB_GPT_PART_ATTR_OFFSET_NO_AUTO = 63, -+ -+ /* Partition attributes for priority based selection, -+ * Currently only valid for PARTITION_TYPE_USR_X86_64. -+ * TRIES_LEFT and PRIORITY are 4 bit wide fields. */ -+ GRUB_GPT_PART_ATTR_OFFSET_GPTPRIO_PRIORITY = 48, -+ GRUB_GPT_PART_ATTR_OFFSET_GPTPRIO_TRIES_LEFT = 52, -+ GRUB_GPT_PART_ATTR_OFFSET_GPTPRIO_SUCCESSFUL = 56, -+}; -+ -+/* Helpers for reading/writing partition attributes. */ -+static inline grub_uint64_t -+grub_gpt_entry_attribute (struct grub_gpt_partentry *entry, -+ enum grub_gpt_part_attr_offset offset, -+ unsigned int bits) -+{ -+ grub_uint64_t attrib = grub_le_to_cpu64 (entry->attrib); -+ -+ return (attrib >> offset) & ((1ULL << bits) - 1); -+} -+ -+static inline void -+grub_gpt_entry_set_attribute (struct grub_gpt_partentry *entry, -+ grub_uint64_t value, -+ enum grub_gpt_part_attr_offset offset, -+ unsigned int bits) -+{ -+ grub_uint64_t attrib, mask; -+ -+ mask = (((1ULL << bits) - 1) << offset); -+ attrib = grub_le_to_cpu64 (entry->attrib) & ~mask; -+ attrib |= ((value << offset) & mask); -+ entry->attrib = grub_cpu_to_le64 (attrib); -+} -+ - /* Basic GPT partmap module. */ - grub_err_t - grub_gpt_partition_map_iterate (grub_disk_t disk, -diff --git a/tests/gptprio_test.in b/tests/gptprio_test.in -new file mode 100644 -index 0000000..f4aea0d ---- /dev/null -+++ b/tests/gptprio_test.in -@@ -0,0 +1,150 @@ -+#! /bin/bash -+set -e -+ -+# Copyright (C) 2010 Free Software Foundation, Inc. -+# Copyright (C) 2014 CoreOS, Inc. -+# -+# GRUB is free software: you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation, either version 3 of the License, or -+# (at your option) any later version. -+# -+# GRUB is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with GRUB. If not, see . -+ -+sgdisk=sgdisk -+grubshell=@builddir@/grub-shell -+ -+if ! which "${sgdisk}" >/dev/null 2>&1; then -+ echo "sgdisk not installed; cannot test gptprio." -+ exit 77 -+fi -+ -+. "@builddir@/grub-core/modinfo.sh" -+ -+case "${grub_modinfo_target_cpu}-${grub_modinfo_platform}" in -+ mips-qemu_mips | mipsel-qemu_mips | i386-qemu | i386-multiboot | i386-coreboot | mipsel-loongson) -+ disk=ata0 -+ ;; -+ powerpc-ieee1275) -+ disk=ieee1275//pci@80000000/mac-io@4/ata-3@20000/disk@0 -+ # FIXME: QEMU firmware has bugs which prevent it from accessing hard disk w/o recognised label. -+ exit 0 -+ ;; -+ sparc64-ieee1275) -+ disk=ieee1275//pci@1fe\,0/pci-ata@5/ide0@500/disk@0 -+ # FIXME: QEMU firmware has bugs which prevent it from accessing hard disk w/o recognised label. -+ exit 0 -+ ;; -+ i386-ieee1275) -+ disk=ieee1275/d -+ # FIXME: QEMU firmware has bugs which prevent it from accessing hard disk w/o recognised label. -+ exit 0 -+ ;; -+ mips-arc) -+ # FIXME: ARC firmware has bugs which prevent it from accessing hard disk w/o dvh disklabel. -+ exit 0 ;; -+ mipsel-arc) -+ disk=arc/scsi0/disk0/rdisk0 -+ ;; -+ *) -+ disk=hd0 -+ ;; -+esac -+img1="`mktemp "${TMPDIR:-/tmp}/tmp.XXXXXXXXXX"`" || exit 1 -+trap "rm -f '${img1}'" EXIT -+ -+prio_type="5dfbf5f4-2848-4bac-aa5e-0d9a20b745a6" -+declare -a prio_uuid -+prio_uuid[2]="9b003904-d006-4ab3-97f1-73f547b7af1a" -+prio_uuid[3]="1aa5a658-5b02-414d-9b71-f7e6c151f0cd" -+prio_uuid[4]="8aa0240d-98af-42b0-b32a-ccbe0572d62b" -+ -+create_disk_image () { -+ rm -f "${img1}" -+ dd if=/dev/zero of="${img1}" bs=512 count=1 seek=100 status=none -+ ${sgdisk} \ -+ -n 1:0:+1 -c 1:ESP -t 1:ef00 \ -+ -n 2:0:+1 -c 2:A -t 2:"${prio_type}" -u 2:"${prio_uuid[2]}" \ -+ -n 3:0:+1 -c 3:B -t 3:"${prio_type}" -u 3:"${prio_uuid[3]}" \ -+ -n 4:0:+1 -c 4:C -t 4:"${prio_type}" -u 4:"${prio_uuid[4]}" \ -+ "${img1}" >/dev/null -+} -+ -+ -+fmt_prio () { -+ priority=$(( ( $1 & 15 ) << 48 )) -+ tries=$(( ( $2 & 15 ) << 52 )) -+ success=$(( ( $3 & 1 ) << 56 )) -+ printf %016x $(( priority | tries | success )) -+} -+ -+set_prio () { -+ part="$1" -+ attr=$(fmt_prio $2 $3 $4) -+ ${sgdisk} -A "${part}:=:${attr}" "${img1}" >/dev/null -+} -+ -+check_prio () { -+ part="$1" -+ expect=$(fmt_prio $2 $3 $4) -+ result=$(LANG=C ${sgdisk} -i "${part}" "${img1}" \ -+ | awk '/^Attribute flags: / {print $3}') -+ if [[ "${expect}" != "${result}" ]]; then -+ echo "Partition ${part} has attributes ${result}, not ${expect}" >&2 -+ exit 1 -+ fi -+} -+ -+run_next() { -+ "${grubshell}" --disk="${img1}" --modules=gptprio < -Date: Sat, 15 Nov 2014 13:27:13 -0800 -Subject: [PATCH] gpt: split out checksum recomputation - -For basic data modifications the full repair function is overkill. ---- - grub-core/lib/gpt.c | 30 ++++++++++++++++++++---------- - include/grub/gpt_partition.h | 3 +++ - 2 files changed, 23 insertions(+), 10 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 67ffdf7..1982340 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -293,7 +293,6 @@ grub_err_t - grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - { - grub_uint64_t backup_header, backup_entries; -- grub_uint32_t crc; - - if (disk->log_sector_size != gpt->log_sector_size) - return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -@@ -331,13 +330,32 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - gpt->backup.alternate_lba = gpt->primary.header_lba; - gpt->backup.partitions = grub_cpu_to_le64 (backup_entries); - -+ /* Recompute checksums. */ -+ if (grub_gpt_update_checksums (gpt)) -+ return grub_errno; -+ -+ /* Sanity check. */ -+ if (grub_gpt_header_check (&gpt->primary, gpt->log_sector_size)) -+ return grub_error (GRUB_ERR_BUG, "Generated invalid GPT primary header"); -+ -+ if (grub_gpt_header_check (&gpt->backup, gpt->log_sector_size)) -+ return grub_error (GRUB_ERR_BUG, "Generated invalid GPT backup header"); -+ -+ gpt->status |= GRUB_GPT_BOTH_VALID; -+ return GRUB_ERR_NONE; -+} -+ -+grub_err_t -+grub_gpt_update_checksums (grub_gpt_t gpt) -+{ -+ grub_uint32_t crc; -+ - /* Writing headers larger than our header structure are unsupported. */ - gpt->primary.headersize = - grub_cpu_to_le32_compile_time (sizeof (gpt->primary)); - gpt->backup.headersize = - grub_cpu_to_le32_compile_time (sizeof (gpt->backup)); - -- /* Recompute checksums. */ - if (grub_gpt_lecrc32 (gpt->entries, gpt->entries_size, &crc)) - return grub_errno; - -@@ -350,14 +368,6 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - if (grub_gpt_header_lecrc32 (&gpt->backup, &gpt->backup.crc32)) - return grub_errno; - -- /* Sanity check. */ -- if (grub_gpt_header_check (&gpt->primary, gpt->log_sector_size)) -- return grub_error (GRUB_ERR_BUG, "Generated invalid GPT primary header"); -- -- if (grub_gpt_header_check (&gpt->backup, gpt->log_sector_size)) -- return grub_error (GRUB_ERR_BUG, "Generated invalid GPT backup header"); -- -- gpt->status |= GRUB_GPT_BOTH_VALID; - return GRUB_ERR_NONE; - } - -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index fc4f0f5..7fbdf4c 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -200,6 +200,9 @@ grub_gpt_t grub_gpt_read (grub_disk_t disk); - /* Sync up primary and backup headers, recompute checksums. */ - grub_err_t grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt); - -+/* Recompute checksums, must be called after modifying GPT data. */ -+grub_err_t grub_gpt_update_checksums (grub_gpt_t gpt); -+ - /* Write headers and entry tables back to disk. */ - grub_err_t grub_gpt_write (grub_disk_t disk, grub_gpt_t gpt); - --- -2.21.3 - diff --git a/packages/grub/0011-gpt-move-gpt-guid-printing-function-to-common-librar.patch b/packages/grub/0011-gpt-move-gpt-guid-printing-function-to-common-librar.patch deleted file mode 100644 index b91b5ae583a..00000000000 --- a/packages/grub/0011-gpt-move-gpt-guid-printing-function-to-common-librar.patch +++ /dev/null @@ -1,80 +0,0 @@ -From 44c916ad1a8ae8fbd3743f269fd13cc677a932da Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Thu, 27 Nov 2014 12:55:53 -0800 -Subject: [PATCH] gpt: move gpt guid printing function to common library - ---- - grub-core/commands/gptprio.c | 16 ++-------------- - grub-core/lib/gpt.c | 13 +++++++++++++ - include/grub/gpt_partition.h | 4 ++++ - 3 files changed, 19 insertions(+), 14 deletions(-) - -diff --git a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c -index 1e2e06c..2415747 100644 ---- a/grub-core/commands/gptprio.c -+++ b/grub-core/commands/gptprio.c -@@ -141,20 +141,8 @@ grub_find_next (const char *disk_name, - if (!*part_name) - goto done; - -- *part_guid = -- grub_xasprintf ("%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", -- grub_le_to_cpu32 (part_found->guid.data1), -- grub_le_to_cpu16 (part_found->guid.data2), -- grub_le_to_cpu16 (part_found->guid.data3), -- part_found->guid.data4[0], -- part_found->guid.data4[1], -- part_found->guid.data4[2], -- part_found->guid.data4[3], -- part_found->guid.data4[4], -- part_found->guid.data4[5], -- part_found->guid.data4[6], -- part_found->guid.data4[7]); -- if (!*part_name) -+ *part_guid = grub_gpt_guid_to_str (&part_found->guid); -+ if (!*part_guid) - goto done; - - grub_errno = GRUB_ERR_NONE; -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 1982340..9a1835b 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -31,6 +31,19 @@ GRUB_MOD_LICENSE ("GPLv3+"); - static grub_uint8_t grub_gpt_magic[] = GRUB_GPT_HEADER_MAGIC; - - -+char * -+grub_gpt_guid_to_str (grub_gpt_guid_t *guid) -+{ -+ return grub_xasprintf ("%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", -+ grub_le_to_cpu32 (guid->data1), -+ grub_le_to_cpu16 (guid->data2), -+ grub_le_to_cpu16 (guid->data3), -+ guid->data4[0], guid->data4[1], -+ guid->data4[2], guid->data4[3], -+ guid->data4[4], guid->data4[5], -+ guid->data4[6], guid->data4[7]); -+} -+ - static grub_uint64_t - grub_gpt_size_to_sectors (grub_gpt_t gpt, grub_size_t size) - { -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 7fbdf4c..dc1bcca 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -33,6 +33,10 @@ struct grub_gpt_guid - typedef struct grub_gpt_guid grub_gpt_guid_t; - typedef struct grub_gpt_guid grub_gpt_part_guid_t; - -+/* Format the raw little-endian GUID as a newly allocated string. */ -+char * grub_gpt_guid_to_str (grub_gpt_guid_t *guid); -+ -+ - #define GRUB_GPT_GUID_INIT(a, b, c, d1, d2, d3, d4, d5, d6, d7, d8) \ - { \ - grub_cpu_to_le32_compile_time (a), \ --- -2.21.3 - diff --git a/packages/grub/0012-gpt-switch-partition-names-to-a-16-bit-type.patch b/packages/grub/0012-gpt-switch-partition-names-to-a-16-bit-type.patch deleted file mode 100644 index 7383f4f7c12..00000000000 --- a/packages/grub/0012-gpt-switch-partition-names-to-a-16-bit-type.patch +++ /dev/null @@ -1,27 +0,0 @@ -From d424d55607bdfbbd0f5f0a220ea582ff88106931 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Thu, 27 Nov 2014 14:54:27 -0800 -Subject: [PATCH] gpt: switch partition names to a 16 bit type - -In UEFI/GPT strings are UTF-16 so use a uint16 to make dealing with the -string practical. ---- - include/grub/gpt_partition.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index dc1bcca..a44c0d5 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -92,7 +92,7 @@ struct grub_gpt_partentry - grub_uint64_t start; - grub_uint64_t end; - grub_uint64_t attrib; -- char name[72]; -+ grub_uint16_t name[36]; - } GRUB_PACKED __attribute__ ((aligned(8))); - - enum grub_gpt_part_attr_offset --- -2.21.3 - diff --git a/packages/grub/0013-tests-add-some-partitions-to-the-gpt-unit-test-data.patch b/packages/grub/0013-tests-add-some-partitions-to-the-gpt-unit-test-data.patch deleted file mode 100644 index aefdd71fa47..00000000000 --- a/packages/grub/0013-tests-add-some-partitions-to-the-gpt-unit-test-data.patch +++ /dev/null @@ -1,127 +0,0 @@ -From 564616c70c7a914f385cfa36e0bb214cf75723a3 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Thu, 27 Nov 2014 15:49:57 -0800 -Subject: [PATCH] tests: add some partitions to the gpt unit test data - ---- - tests/gpt_unit_test.c | 65 ++++++++++++++++++++++++++++++++++++------- - 1 file changed, 55 insertions(+), 10 deletions(-) - -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -index 86e4364..5692a5a 100644 ---- a/tests/gpt_unit_test.c -+++ b/tests/gpt_unit_test.c -@@ -89,12 +89,12 @@ struct test_data - }; - - --/* Sample primary GPT header for an empty 1MB disk. */ -+/* Sample primary GPT header for a 1MB disk. */ - static const struct grub_gpt_header example_primary = { - .magic = GRUB_GPT_HEADER_MAGIC, - .version = GRUB_GPT_HEADER_VERSION, - .headersize = sizeof (struct grub_gpt_header), -- .crc32 = grub_cpu_to_le32_compile_time (0x7cd8642c), -+ .crc32 = grub_cpu_to_le32_compile_time (0xb985abe0), - .header_lba = grub_cpu_to_le64_compile_time (PRIMARY_HEADER_SECTOR), - .alternate_lba = grub_cpu_to_le64_compile_time (BACKUP_HEADER_SECTOR), - .start = grub_cpu_to_le64_compile_time (DATA_START_SECTOR), -@@ -104,7 +104,52 @@ static const struct grub_gpt_header example_primary = { - .partitions = grub_cpu_to_le64_compile_time (PRIMARY_TABLE_SECTOR), - .maxpart = grub_cpu_to_le32_compile_time (TABLE_ENTRIES), - .partentry_size = grub_cpu_to_le32_compile_time (ENTRY_SIZE), -- .partentry_crc32 = grub_cpu_to_le32_compile_time (0xab54d286), -+ .partentry_crc32 = grub_cpu_to_le32_compile_time (0x074e052c), -+}; -+ -+static const struct grub_gpt_partentry example_entries[TABLE_ENTRIES] = { -+ { -+ .type = GRUB_GPT_PARTITION_TYPE_EFI_SYSTEM, -+ .guid = GRUB_GPT_GUID_INIT (0xa0f1792e, 0xb4ce, 0x4136, 0xbc, 0xf2, -+ 0x1a, 0xfc, 0x13, 0x3c, 0x28, 0x28), -+ .start = grub_cpu_to_le64_compile_time (DATA_START_SECTOR), -+ .end = grub_cpu_to_le64_compile_time (0x3f), -+ .attrib = 0x0, -+ .name = { -+ grub_cpu_to_le16_compile_time ('E'), -+ grub_cpu_to_le16_compile_time ('F'), -+ grub_cpu_to_le16_compile_time ('I'), -+ grub_cpu_to_le16_compile_time (' '), -+ grub_cpu_to_le16_compile_time ('S'), -+ grub_cpu_to_le16_compile_time ('Y'), -+ grub_cpu_to_le16_compile_time ('S'), -+ grub_cpu_to_le16_compile_time ('T'), -+ grub_cpu_to_le16_compile_time ('E'), -+ grub_cpu_to_le16_compile_time ('M'), -+ 0x0, -+ } -+ }, -+ { -+ .type = GRUB_GPT_PARTITION_TYPE_BIOS_BOOT, -+ .guid = GRUB_GPT_GUID_INIT (0x876c898d, 0x1b40, 0x4727, 0xa1, 0x61, -+ 0xed, 0xf9, 0xb5, 0x48, 0x66, 0x74), -+ .start = grub_cpu_to_le64_compile_time (0x40), -+ .end = grub_cpu_to_le64_compile_time (0x7f), -+ .attrib = grub_cpu_to_le64_compile_time ( -+ 1ULL << GRUB_GPT_PART_ATTR_OFFSET_LEGACY_BIOS_BOOTABLE), -+ .name = { -+ grub_cpu_to_le16_compile_time ('B'), -+ grub_cpu_to_le16_compile_time ('I'), -+ grub_cpu_to_le16_compile_time ('O'), -+ grub_cpu_to_le16_compile_time ('S'), -+ grub_cpu_to_le16_compile_time (' '), -+ grub_cpu_to_le16_compile_time ('B'), -+ grub_cpu_to_le16_compile_time ('O'), -+ grub_cpu_to_le16_compile_time ('O'), -+ grub_cpu_to_le16_compile_time ('T'), -+ 0x0, -+ } -+ }, - }; - - /* And the backup header. */ -@@ -112,7 +157,7 @@ static const struct grub_gpt_header example_backup = { - .magic = GRUB_GPT_HEADER_MAGIC, - .version = GRUB_GPT_HEADER_VERSION, - .headersize = sizeof (struct grub_gpt_header), -- .crc32 = grub_cpu_to_le32_compile_time (0xcfaa4a27), -+ .crc32 = grub_cpu_to_le32_compile_time (0x0af785eb), - .header_lba = grub_cpu_to_le64_compile_time (BACKUP_HEADER_SECTOR), - .alternate_lba = grub_cpu_to_le64_compile_time (PRIMARY_HEADER_SECTOR), - .start = grub_cpu_to_le64_compile_time (DATA_START_SECTOR), -@@ -122,7 +167,7 @@ static const struct grub_gpt_header example_backup = { - .partitions = grub_cpu_to_le64_compile_time (BACKUP_TABLE_SECTOR), - .maxpart = grub_cpu_to_le32_compile_time (TABLE_ENTRIES), - .partentry_size = grub_cpu_to_le32_compile_time (ENTRY_SIZE), -- .partentry_crc32 = grub_cpu_to_le32_compile_time (0xab54d286), -+ .partentry_crc32 = grub_cpu_to_le32_compile_time (0x074e052c), - }; - - /* Sample protective MBR for the same 1MB disk. Note, this matches -@@ -192,6 +237,10 @@ reset_disk (struct test_data *data) - memcpy (&data->raw->mbr, &example_pmbr, sizeof (data->raw->mbr)); - memcpy (&data->raw->primary_header, &example_primary, - sizeof (data->raw->primary_header)); -+ memcpy (&data->raw->primary_entries, &example_entries, -+ sizeof (data->raw->primary_entries)); -+ memcpy (&data->raw->backup_entries, &example_entries, -+ sizeof (data->raw->backup_entries)); - memcpy (&data->raw->backup_header, &example_backup, - sizeof (data->raw->backup_header)); - -@@ -270,11 +319,7 @@ read_disk (struct test_data *data) - - gpt = grub_gpt_read (data->dev->disk); - if (gpt == NULL) -- { -- grub_print_error (); -- grub_fatal ("grub_gpt_read failed"); -- } -- -+ grub_fatal ("grub_gpt_read failed: %s", grub_errmsg); - - return gpt; - } --- -2.21.3 - diff --git a/packages/grub/0014-gpt-add-search-by-partition-label-and-uuid-commands.patch b/packages/grub/0014-gpt-add-search-by-partition-label-and-uuid-commands.patch deleted file mode 100644 index 0e7697c0649..00000000000 --- a/packages/grub/0014-gpt-add-search-by-partition-label-and-uuid-commands.patch +++ /dev/null @@ -1,452 +0,0 @@ -From 334b58a122bad34c7efa1b1ea6d58389477fd255 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Thu, 27 Nov 2014 16:34:21 -0800 -Subject: [PATCH] gpt: add search by partition label and uuid commands - -Builds on the existing filesystem search code. Only for GPT right now. - -[markubo: Update to grub-2.06-42.amzn2022. Search functions take a more -general search_flags parameter now instead of a no_floppy flag.] - -Signed-off-by: Markus Boehme - ---- - Makefile.util.def | 2 + - grub-core/Makefile.core.def | 10 +++ - grub-core/commands/search.c | 49 +++++++++++++++ - grub-core/commands/search_part_label.c | 5 ++ - grub-core/commands/search_part_uuid.c | 5 ++ - grub-core/commands/search_wrap.c | 10 +++ - grub-core/lib/gpt.c | 64 ++++++++++++++++++++ - include/grub/gpt_partition.h | 16 +++++ - include/grub/search.h | 6 ++ - tests/gpt_unit_test.c | 84 ++++++++++++++++++++++++++ - 10 files changed, 251 insertions(+) - create mode 100644 grub-core/commands/search_part_label.c - create mode 100644 grub-core/commands/search_part_uuid.c - -diff --git a/Makefile.util.def b/Makefile.util.def -index eb4bc90..8f74405 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -1406,6 +1406,8 @@ program = { - name = gpt_unit_test; - common = tests/gpt_unit_test.c; - common = tests/lib/unit_test.c; -+ common = grub-core/commands/search_part_label.c; -+ common = grub-core/commands/search_part_uuid.c; - common = grub-core/disk/host.c; - common = grub-core/kern/emu/hostfs.c; - common = grub-core/lib/gpt.c; -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 393aecd..3cde624 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -1152,6 +1152,16 @@ module = { - common = commands/search_label.c; - }; - -+module = { -+ name = search_part_uuid; -+ common = commands/search_part_uuid.c; -+}; -+ -+module = { -+ name = search_part_label; -+ common = commands/search_part_label.c; -+}; -+ - module = { - name = setpci; - common = commands/setpci.c; -diff --git a/grub-core/commands/search.c b/grub-core/commands/search.c -index 57d26ce..bb0c7cb 100644 ---- a/grub-core/commands/search.c -+++ b/grub-core/commands/search.c -@@ -30,6 +30,9 @@ - #include - #include - #include -+#if defined(DO_SEARCH_PART_UUID) || defined(DO_SEARCH_PART_LABEL) -+#include -+#endif - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -109,6 +112,44 @@ iterate_device (const char *name, void *data) - } - grub_free (buf); - } -+#elif defined(DO_SEARCH_PART_UUID) -+ { -+ grub_device_t dev; -+ char *quid; -+ -+ dev = grub_device_open (name); -+ if (dev) -+ { -+ if (grub_gpt_part_uuid (dev, &quid) == GRUB_ERR_NONE) -+ { -+ if (grub_strcasecmp (quid, ctx->key) == 0) -+ found = 1; -+ -+ grub_free (quid); -+ } -+ -+ grub_device_close (dev); -+ } -+ } -+#elif defined(DO_SEARCH_PART_LABEL) -+ { -+ grub_device_t dev; -+ char *quid; -+ -+ dev = grub_device_open (name); -+ if (dev) -+ { -+ if (grub_gpt_part_label (dev, &quid) == GRUB_ERR_NONE) -+ { -+ if (grub_strcmp (quid, ctx->key) == 0) -+ found = 1; -+ -+ grub_free (quid); -+ } -+ -+ grub_device_close (dev); -+ } -+ } - #else - { - /* SEARCH_FS_UUID or SEARCH_LABEL */ -@@ -332,6 +373,10 @@ static grub_command_t cmd; - - #ifdef DO_SEARCH_FILE - GRUB_MOD_INIT(search_fs_file) -+#elif defined(DO_SEARCH_PART_UUID) -+GRUB_MOD_INIT(search_part_uuid) -+#elif defined(DO_SEARCH_PART_LABEL) -+GRUB_MOD_INIT(search_part_label) - #elif defined (DO_SEARCH_FS_UUID) - GRUB_MOD_INIT(search_fs_uuid) - #else -@@ -346,6 +391,10 @@ GRUB_MOD_INIT(search_label) - - #ifdef DO_SEARCH_FILE - GRUB_MOD_FINI(search_fs_file) -+#elif defined(DO_SEARCH_PART_UUID) -+GRUB_MOD_FINI(search_part_uuid) -+#elif defined(DO_SEARCH_PART_LABEL) -+GRUB_MOD_FINI(search_part_label) - #elif defined (DO_SEARCH_FS_UUID) - GRUB_MOD_FINI(search_fs_uuid) - #else -diff --git a/grub-core/commands/search_part_label.c b/grub-core/commands/search_part_label.c -new file mode 100644 -index 0000000..ca906cb ---- /dev/null -+++ b/grub-core/commands/search_part_label.c -@@ -0,0 +1,5 @@ -+#define DO_SEARCH_PART_LABEL 1 -+#define FUNC_NAME grub_search_part_label -+#define COMMAND_NAME "search.part_label" -+#define HELP_MESSAGE N_("Search devices by partition label. If VARIABLE is specified, the first device found is set to a variable.") -+#include "search.c" -diff --git a/grub-core/commands/search_part_uuid.c b/grub-core/commands/search_part_uuid.c -new file mode 100644 -index 0000000..2d1d3d0 ---- /dev/null -+++ b/grub-core/commands/search_part_uuid.c -@@ -0,0 +1,5 @@ -+#define DO_SEARCH_PART_UUID 1 -+#define FUNC_NAME grub_search_part_uuid -+#define COMMAND_NAME "search.part_uuid" -+#define HELP_MESSAGE N_("Search devices by partition UUID. If VARIABLE is specified, the first device found is set to a variable.") -+#include "search.c" -diff --git a/grub-core/commands/search_wrap.c b/grub-core/commands/search_wrap.c -index 0b62acf..82f8e63 100644 ---- a/grub-core/commands/search_wrap.c -+++ b/grub-core/commands/search_wrap.c -@@ -36,6 +36,10 @@ static const struct grub_arg_option options[] = - 0, 0}, - {"fs-uuid", 'u', 0, N_("Search devices by a filesystem UUID."), - 0, 0}, -+ {"part-label", 'L', 0, N_("Search devices by a partition label."), -+ 0, 0}, -+ {"part-uuid", 'U', 0, N_("Search devices by a partition UUID."), -+ 0, 0}, - {"set", 's', GRUB_ARG_OPTION_OPTIONAL, - N_("Set a variable to the first device found."), N_("VARNAME"), - ARG_TYPE_STRING}, -@@ -72,6 +76,8 @@ enum options - SEARCH_FILE, - SEARCH_LABEL, - SEARCH_FS_UUID, -+ SEARCH_PART_LABEL, -+ SEARCH_PART_UUID, - SEARCH_SET, - SEARCH_NO_FLOPPY, - SEARCH_EFIDISK_ONLY, -@@ -193,6 +199,10 @@ grub_cmd_search (grub_extcmd_context_t ctxt, int argc, char **args) - grub_search_label (id, var, flags, hints, nhints); - else if (state[SEARCH_FS_UUID].set) - grub_search_fs_uuid (id, var, flags, hints, nhints); -+ else if (state[SEARCH_PART_LABEL].set) -+ grub_search_part_label (id, var, flags, hints, nhints); -+ else if (state[SEARCH_PART_UUID].set) -+ grub_search_part_uuid (id, var, flags, hints, nhints); - else if (state[SEARCH_FILE].set) - grub_search_fs_file (id, var, flags, hints, nhints); - else -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 9a1835b..10a4b85 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -18,7 +18,9 @@ - * along with GRUB. If not, see . - */ - -+#include - #include -+#include - #include - #include - #include -@@ -44,6 +46,68 @@ grub_gpt_guid_to_str (grub_gpt_guid_t *guid) - guid->data4[6], guid->data4[7]); - } - -+static grub_err_t -+grub_gpt_device_partentry (grub_device_t device, -+ struct grub_gpt_partentry *entry) -+{ -+ grub_disk_t disk = device->disk; -+ grub_partition_t p; -+ grub_err_t err; -+ -+ if (!disk || !disk->partition) -+ return grub_error (GRUB_ERR_BUG, "not a partition"); -+ -+ if (grub_strcmp (disk->partition->partmap->name, "gpt")) -+ return grub_error (GRUB_ERR_BAD_ARGUMENT, "not a GPT partition"); -+ -+ p = disk->partition; -+ disk->partition = p->parent; -+ err = grub_disk_read (disk, p->offset, p->index, sizeof (*entry), entry); -+ disk->partition = p; -+ -+ return err; -+} -+ -+grub_err_t -+grub_gpt_part_label (grub_device_t device, char **label) -+{ -+ struct grub_gpt_partentry entry; -+ const grub_size_t name_len = ARRAY_SIZE (entry.name); -+ const grub_size_t label_len = name_len * GRUB_MAX_UTF8_PER_UTF16 + 1; -+ grub_size_t i; -+ grub_uint8_t *end; -+ -+ if (grub_gpt_device_partentry (device, &entry)) -+ return grub_errno; -+ -+ *label = grub_malloc (label_len); -+ if (!*label) -+ return grub_errno; -+ -+ for (i = 0; i < name_len; i++) -+ entry.name[i] = grub_le_to_cpu16 (entry.name[i]); -+ -+ end = grub_utf16_to_utf8 ((grub_uint8_t *) *label, entry.name, name_len); -+ *end = '\0'; -+ -+ return GRUB_ERR_NONE; -+} -+ -+grub_err_t -+grub_gpt_part_uuid (grub_device_t device, char **uuid) -+{ -+ struct grub_gpt_partentry entry; -+ -+ if (grub_gpt_device_partentry (device, &entry)) -+ return grub_errno; -+ -+ *uuid = grub_gpt_guid_to_str (&entry.guid); -+ if (!*uuid) -+ return grub_errno; -+ -+ return GRUB_ERR_NONE; -+} -+ - static grub_uint64_t - grub_gpt_size_to_sectors (grub_gpt_t gpt, grub_size_t size) - { -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index a44c0d5..7b04080 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -49,6 +49,10 @@ char * grub_gpt_guid_to_str (grub_gpt_guid_t *guid); - GRUB_GPT_GUID_INIT (0x0, 0x0, 0x0, \ - 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) - -+#define GRUB_GPT_PARTITION_TYPE_EFI_SYSTEM \ -+ GRUB_GPT_GUID_INIT (0xc12a7328, 0xf81f, 0x11d2, \ -+ 0xba, 0x4b, 0x00, 0xa0, 0xc9, 0x3e, 0xc9, 0x3b) -+ - #define GRUB_GPT_PARTITION_TYPE_BIOS_BOOT \ - GRUB_GPT_GUID_INIT (0x21686148, 0x6449, 0x6e6f, \ - 0x74, 0x4e, 0x65, 0x65, 0x64, 0x45, 0x46, 0x49) -@@ -216,4 +220,16 @@ grub_err_t grub_gpt_pmbr_check (struct grub_msdos_partition_mbr *mbr); - grub_err_t grub_gpt_header_check (struct grub_gpt_header *gpt, - unsigned int log_sector_size); - -+ -+/* Utilities for simple partition data lookups, usage is intended to -+ * be similar to fs->label and fs->uuid functions. */ -+ -+/* Return the partition label of the device DEVICE in LABEL. -+ * The label is in a new buffer and should be freed by the caller. */ -+grub_err_t grub_gpt_part_label (grub_device_t device, char **label); -+ -+/* Return the partition uuid of the device DEVICE in UUID. -+ * The label is in a new buffer and should be freed by the caller. */ -+grub_err_t grub_gpt_part_uuid (grub_device_t device, char **uuid); -+ - #endif /* ! GRUB_GPT_PARTITION_HEADER */ -diff --git a/include/grub/search.h b/include/grub/search.h -index 4190aeb..66722a6 100644 ---- a/include/grub/search.h -+++ b/include/grub/search.h -@@ -34,5 +34,11 @@ void grub_search_fs_uuid (const char *key, const char *var, - void grub_search_label (const char *key, const char *var, - enum search_flags flags, - char **hints, unsigned nhints); -+void grub_search_part_uuid (const char *key, const char *var, -+ enum search_flags flags, -+ char **hints, unsigned nhints); -+void grub_search_part_label (const char *key, const char *var, -+ enum search_flags flags, -+ char **hints, unsigned nhints); - - #endif -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -index 5692a5a..deb55a9 100644 ---- a/tests/gpt_unit_test.c -+++ b/tests/gpt_unit_test.c -@@ -21,10 +21,12 @@ - #include - #include - #include -+#include - #include - #include - #include - #include -+#include - #include - - #include -@@ -534,6 +536,84 @@ repair_test (void) - - close_disk (&data); - } -+ -+static void -+search_label_test (void) -+{ -+ struct test_data data; -+ const char *test_result; -+ char *expected_result; -+ -+ open_disk (&data); -+ -+ expected_result = grub_xasprintf ("%s,gpt1", data.dev->disk->name); -+ grub_env_unset ("test_result"); -+ grub_search_part_label ("EFI SYSTEM", "test_result", 0, NULL, 0); -+ test_result = grub_env_get ("test_result"); -+ grub_test_assert (test_result && strcmp (test_result, expected_result) == 0, -+ "wrong device: %s (%s)", test_result, expected_result); -+ grub_free (expected_result); -+ -+ expected_result = grub_xasprintf ("%s,gpt2", data.dev->disk->name); -+ grub_env_unset ("test_result"); -+ grub_search_part_label ("BIOS BOOT", "test_result", 0, NULL, 0); -+ test_result = grub_env_get ("test_result"); -+ grub_test_assert (test_result && strcmp (test_result, expected_result) == 0, -+ "wrong device: %s (%s)", test_result, expected_result); -+ grub_free (expected_result); -+ -+ grub_env_unset ("test_result"); -+ grub_search_part_label ("bogus name", "test_result", 0, NULL, 0); -+ test_result = grub_env_get ("test_result"); -+ grub_test_assert (test_result == NULL, -+ "unexpected device: %s", test_result); -+ grub_test_assert (grub_errno == GRUB_ERR_FILE_NOT_FOUND, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+ -+ close_disk (&data); -+} -+ -+static void -+search_uuid_test (void) -+{ -+ struct test_data data; -+ const char gpt1_uuid[] = "A0F1792E-B4CE-4136-BCF2-1AFC133C2828"; -+ const char gpt2_uuid[] = "876c898d-1b40-4727-a161-edf9b5486674"; -+ const char bogus_uuid[] = "1534c928-c50e-4866-9daf-6a9fd7918a76"; -+ const char *test_result; -+ char *expected_result; -+ -+ open_disk (&data); -+ -+ expected_result = grub_xasprintf ("%s,gpt1", data.dev->disk->name); -+ grub_env_unset ("test_result"); -+ grub_search_part_uuid (gpt1_uuid, "test_result", 0, NULL, 0); -+ test_result = grub_env_get ("test_result"); -+ grub_test_assert (test_result && strcmp (test_result, expected_result) == 0, -+ "wrong device: %s (%s)", test_result, expected_result); -+ grub_free (expected_result); -+ -+ expected_result = grub_xasprintf ("%s,gpt2", data.dev->disk->name); -+ grub_env_unset ("test_result"); -+ grub_search_part_uuid (gpt2_uuid, "test_result", 0, NULL, 0); -+ test_result = grub_env_get ("test_result"); -+ grub_test_assert (test_result && strcmp (test_result, expected_result) == 0, -+ "wrong device: %s (%s)", test_result, expected_result); -+ grub_free (expected_result); -+ -+ grub_env_unset ("test_result"); -+ grub_search_part_uuid (bogus_uuid, "test_result", 0, NULL, 0); -+ test_result = grub_env_get ("test_result"); -+ grub_test_assert (test_result == NULL, -+ "unexpected device: %s", test_result); -+ grub_test_assert (grub_errno == GRUB_ERR_FILE_NOT_FOUND, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+ -+ close_disk (&data); -+} -+ - void - grub_unit_test_init (void) - { -@@ -546,6 +626,8 @@ grub_unit_test_init (void) - grub_test_register ("gpt_read_invalid_test", read_invalid_entries_test); - grub_test_register ("gpt_read_fallback_test", read_fallback_test); - grub_test_register ("gpt_repair_test", repair_test); -+ grub_test_register ("gpt_search_label_test", search_label_test); -+ grub_test_register ("gpt_search_uuid_test", search_uuid_test); - } - - void -@@ -557,5 +639,7 @@ grub_unit_test_fini (void) - grub_test_unregister ("gpt_read_invalid_test"); - grub_test_unregister ("gpt_read_fallback_test"); - grub_test_unregister ("gpt_repair_test"); -+ grub_test_unregister ("gpt_search_label_test"); -+ grub_test_unregister ("gpt_search_uuid_test"); - grub_fini_all (); - } --- -2.36.1 - diff --git a/packages/grub/0015-gpt-clean-up-little-endian-crc32-computation.patch b/packages/grub/0015-gpt-clean-up-little-endian-crc32-computation.patch deleted file mode 100644 index 82831f0d29f..00000000000 --- a/packages/grub/0015-gpt-clean-up-little-endian-crc32-computation.patch +++ /dev/null @@ -1,116 +0,0 @@ -From 7ed137907dfccfcd738ec7371ded51af39d48006 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Fri, 31 Jul 2015 15:03:11 -0700 -Subject: [PATCH] gpt: clean up little-endian crc32 computation - - - Remove problematic cast from *uint8_t to *uint32_t (alignment issue). - - Remove dynamic allocation and associated error handling paths. - - Match parameter ordering to existing grub_crypto_hash function. ---- - grub-core/lib/gpt.c | 51 ++++++++++++--------------------------------- - 1 file changed, 13 insertions(+), 38 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 10a4b85..aedc4f7 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -122,45 +122,29 @@ grub_gpt_size_to_sectors (grub_gpt_t gpt, grub_size_t size) - return sectors; - } - --static grub_err_t --grub_gpt_lecrc32 (void *data, grub_size_t len, grub_uint32_t *crc) -+static void -+grub_gpt_lecrc32 (grub_uint32_t *crc, const void *data, grub_size_t len) - { -- grub_uint8_t *crc32_context; -- -- crc32_context = grub_zalloc (GRUB_MD_CRC32->contextsize); -- if (!crc32_context) -- return grub_errno; -+ grub_uint32_t crc32_val; - -- GRUB_MD_CRC32->init (crc32_context); -- GRUB_MD_CRC32->write (crc32_context, data, len); -- GRUB_MD_CRC32->final (crc32_context); -+ grub_crypto_hash (GRUB_MD_CRC32, &crc32_val, data, len); - - /* GRUB_MD_CRC32 always uses big endian, gpt is always little. */ -- *crc = grub_swap_bytes32 (*(grub_uint32_t *) -- GRUB_MD_CRC32->read (crc32_context)); -- -- grub_free (crc32_context); -- -- return GRUB_ERR_NONE; -+ *crc = grub_swap_bytes32 (crc32_val); - } - --static grub_err_t --grub_gpt_header_lecrc32 (struct grub_gpt_header *header, grub_uint32_t *crc) -+static void -+grub_gpt_header_lecrc32 (grub_uint32_t *crc, struct grub_gpt_header *header) - { - grub_uint32_t old, new; -- grub_err_t err; - - /* crc32 must be computed with the field cleared. */ - old = header->crc32; - header->crc32 = 0; -- err = grub_gpt_lecrc32 (header, sizeof (*header), &new); -+ grub_gpt_lecrc32 (&new, header, sizeof (*header)); - header->crc32 = old; - -- if (err) -- return err; -- - *crc = new; -- return GRUB_ERR_NONE; - } - - /* Make sure the MBR is a protective MBR and not a normal MBR. */ -@@ -192,9 +176,7 @@ grub_gpt_header_check (struct grub_gpt_header *gpt, - if (gpt->version != GRUB_GPT_HEADER_VERSION) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "unknown GPT version"); - -- if (grub_gpt_header_lecrc32 (gpt, &crc)) -- return grub_errno; -- -+ grub_gpt_header_lecrc32 (&crc, gpt); - if (gpt->crc32 != crc) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT header crc32"); - -@@ -289,9 +271,7 @@ grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - if (grub_disk_read (disk, addr, 0, entries_size, entries)) - goto fail; - -- if (grub_gpt_lecrc32 (entries, entries_size, &crc)) -- goto fail; -- -+ grub_gpt_lecrc32 (&crc, entries, entries_size); - if (crc != header->partentry_crc32) - { - grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT entry crc32"); -@@ -433,17 +413,12 @@ grub_gpt_update_checksums (grub_gpt_t gpt) - gpt->backup.headersize = - grub_cpu_to_le32_compile_time (sizeof (gpt->backup)); - -- if (grub_gpt_lecrc32 (gpt->entries, gpt->entries_size, &crc)) -- return grub_errno; -- -+ grub_gpt_lecrc32 (&crc, gpt->entries, gpt->entries_size); - gpt->primary.partentry_crc32 = crc; - gpt->backup.partentry_crc32 = crc; - -- if (grub_gpt_header_lecrc32 (&gpt->primary, &gpt->primary.crc32)) -- return grub_errno; -- -- if (grub_gpt_header_lecrc32 (&gpt->backup, &gpt->backup.crc32)) -- return grub_errno; -+ grub_gpt_header_lecrc32 (&gpt->primary.crc32, &gpt->primary); -+ grub_gpt_header_lecrc32 (&gpt->backup.crc32, &gpt->backup); - - return GRUB_ERR_NONE; - } --- -2.21.3 - diff --git a/packages/grub/0016-gpt-minor-cleanup.patch b/packages/grub/0016-gpt-minor-cleanup.patch deleted file mode 100644 index ca7aec897bd..00000000000 --- a/packages/grub/0016-gpt-minor-cleanup.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 6563a1739f3ae9e06002682b4455f78df67fbf32 Mon Sep 17 00:00:00 2001 -From: Alex Crawford -Date: Mon, 31 Aug 2015 15:23:39 -0700 -Subject: [PATCH] gpt: minor cleanup - ---- - include/grub/gpt_partition.h | 2 +- - tests/gpt_unit_test.c | 12 ++++++------ - 2 files changed, 7 insertions(+), 7 deletions(-) - -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 7b04080..1eb2f7b 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -229,7 +229,7 @@ grub_err_t grub_gpt_header_check (struct grub_gpt_header *gpt, - grub_err_t grub_gpt_part_label (grub_device_t device, char **label); - - /* Return the partition uuid of the device DEVICE in UUID. -- * The label is in a new buffer and should be freed by the caller. */ -+ * The uuid is in a new buffer and should be freed by the caller. */ - grub_err_t grub_gpt_part_uuid (grub_device_t device, char **uuid); - - #endif /* ! GRUB_GPT_PARTITION_HEADER */ -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -index deb55a9..7a1af46 100644 ---- a/tests/gpt_unit_test.c -+++ b/tests/gpt_unit_test.c -@@ -538,7 +538,7 @@ repair_test (void) - } - - static void --search_label_test (void) -+search_part_label_test (void) - { - struct test_data data; - const char *test_result; -@@ -575,7 +575,7 @@ search_label_test (void) - } - - static void --search_uuid_test (void) -+search_part_uuid_test (void) - { - struct test_data data; - const char gpt1_uuid[] = "A0F1792E-B4CE-4136-BCF2-1AFC133C2828"; -@@ -626,8 +626,8 @@ grub_unit_test_init (void) - grub_test_register ("gpt_read_invalid_test", read_invalid_entries_test); - grub_test_register ("gpt_read_fallback_test", read_fallback_test); - grub_test_register ("gpt_repair_test", repair_test); -- grub_test_register ("gpt_search_label_test", search_label_test); -- grub_test_register ("gpt_search_uuid_test", search_uuid_test); -+ grub_test_register ("gpt_search_part_label_test", search_part_label_test); -+ grub_test_register ("gpt_search_uuid_test", search_part_uuid_test); - } - - void -@@ -639,7 +639,7 @@ grub_unit_test_fini (void) - grub_test_unregister ("gpt_read_invalid_test"); - grub_test_unregister ("gpt_read_fallback_test"); - grub_test_unregister ("gpt_repair_test"); -- grub_test_unregister ("gpt_search_label_test"); -- grub_test_unregister ("gpt_search_uuid_test"); -+ grub_test_unregister ("gpt_search_part_label_test"); -+ grub_test_unregister ("gpt_search_part_uuid_test"); - grub_fini_all (); - } --- -2.21.3 - diff --git a/packages/grub/0017-gpt-add-search-by-disk-uuid-command.patch b/packages/grub/0017-gpt-add-search-by-disk-uuid-command.patch deleted file mode 100644 index 03d860f80c4..00000000000 --- a/packages/grub/0017-gpt-add-search-by-disk-uuid-command.patch +++ /dev/null @@ -1,277 +0,0 @@ -From a4ecd2c5ff6cb23af51977a622dca5fc2a9b7cef Mon Sep 17 00:00:00 2001 -From: Alex Crawford -Date: Mon, 31 Aug 2015 15:15:48 -0700 -Subject: [PATCH] gpt: add search by disk uuid command - -[markubo: Update to grub-2.06-42.amzn2022. Search functions take a more -general search_flags parameter now instead of a no_floppy flag.] - -Signed-off-by: Markus Boehme - ---- - Makefile.util.def | 1 + - grub-core/Makefile.core.def | 5 ++++ - grub-core/commands/search.c | 28 +++++++++++++++++++++-- - grub-core/commands/search_disk_uuid.c | 5 ++++ - grub-core/commands/search_wrap.c | 5 ++++ - grub-core/lib/gpt.c | 21 +++++++++++++++++ - include/grub/gpt_partition.h | 4 ++++ - include/grub/search.h | 3 +++ - tests/gpt_unit_test.c | 33 +++++++++++++++++++++++++++ - 9 files changed, 103 insertions(+), 2 deletions(-) - create mode 100644 grub-core/commands/search_disk_uuid.c - -diff --git a/Makefile.util.def b/Makefile.util.def -index 8f74405..33ce60d 100644 ---- a/Makefile.util.def -+++ b/Makefile.util.def -@@ -1408,6 +1408,7 @@ program = { - common = tests/lib/unit_test.c; - common = grub-core/commands/search_part_label.c; - common = grub-core/commands/search_part_uuid.c; -+ common = grub-core/commands/search_disk_uuid.c; - common = grub-core/disk/host.c; - common = grub-core/kern/emu/hostfs.c; - common = grub-core/lib/gpt.c; -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 3cde624..3096cd4 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -1162,6 +1162,11 @@ module = { - common = commands/search_part_label.c; - }; - -+module = { -+ name = search_disk_uuid; -+ common = commands/search_disk_uuid.c; -+}; -+ - module = { - name = setpci; - common = commands/setpci.c; -diff --git a/grub-core/commands/search.c b/grub-core/commands/search.c -index bb0c7cb..ec03c75 100644 ---- a/grub-core/commands/search.c -+++ b/grub-core/commands/search.c -@@ -30,7 +30,8 @@ - #include - #include - #include --#if defined(DO_SEARCH_PART_UUID) || defined(DO_SEARCH_PART_LABEL) -+#if defined(DO_SEARCH_PART_UUID) || defined(DO_SEARCH_PART_LABEL) || \ -+ defined(DO_SEARCH_DISK_UUID) - #include - #endif - -@@ -88,7 +89,7 @@ iterate_device (const char *name, void *data) - grub_device_close (dev); - } - --#ifdef DO_SEARCH_FS_UUID -+#if defined(DO_SEARCH_FS_UUID) || defined(DO_SEARCH_DISK_UUID) - #define compare_fn grub_strcasecmp - #else - #define compare_fn grub_strcmp -@@ -128,6 +129,25 @@ iterate_device (const char *name, void *data) - grub_free (quid); - } - -+ grub_device_close (dev); -+ } -+ } -+#elif defined(DO_SEARCH_DISK_UUID) -+ { -+ grub_device_t dev; -+ char *quid; -+ -+ dev = grub_device_open (name); -+ if (dev) -+ { -+ if (grub_gpt_disk_uuid (dev, &quid) == GRUB_ERR_NONE) -+ { -+ if (grub_strcmp (quid, ctx->key) == 0) -+ found = 1; -+ -+ grub_free (quid); -+ } -+ - grub_device_close (dev); - } - } -@@ -379,6 +399,8 @@ GRUB_MOD_INIT(search_part_uuid) - GRUB_MOD_INIT(search_part_label) - #elif defined (DO_SEARCH_FS_UUID) - GRUB_MOD_INIT(search_fs_uuid) -+#elif defined (DO_SEARCH_DISK_UUID) -+GRUB_MOD_INIT(search_disk_uuid) - #else - GRUB_MOD_INIT(search_label) - #endif -@@ -397,6 +419,8 @@ GRUB_MOD_FINI(search_part_uuid) - GRUB_MOD_FINI(search_part_label) - #elif defined (DO_SEARCH_FS_UUID) - GRUB_MOD_FINI(search_fs_uuid) -+#elif defined (DO_SEARCH_DISK_UUID) -+GRUB_MOD_FINI(search_disk_uuid) - #else - GRUB_MOD_FINI(search_label) - #endif -diff --git a/grub-core/commands/search_disk_uuid.c b/grub-core/commands/search_disk_uuid.c -new file mode 100644 -index 0000000..fba96f6 ---- /dev/null -+++ b/grub-core/commands/search_disk_uuid.c -@@ -0,0 +1,5 @@ -+#define DO_SEARCH_DISK_UUID 1 -+#define FUNC_NAME grub_search_disk_uuid -+#define COMMAND_NAME "search.disk_uuid" -+#define HELP_MESSAGE N_("Search devices by disk UUID. If VARIABLE is specified, the first device found is set to a variable.") -+#include "search.c" -diff --git a/grub-core/commands/search_wrap.c b/grub-core/commands/search_wrap.c -index 82f8e63..c8152b1 100644 ---- a/grub-core/commands/search_wrap.c -+++ b/grub-core/commands/search_wrap.c -@@ -40,6 +40,8 @@ static const struct grub_arg_option options[] = - 0, 0}, - {"part-uuid", 'U', 0, N_("Search devices by a partition UUID."), - 0, 0}, -+ {"disk-uuid", 'U', 0, N_("Search devices by a disk UUID."), -+ 0, 0}, - {"set", 's', GRUB_ARG_OPTION_OPTIONAL, - N_("Set a variable to the first device found."), N_("VARNAME"), - ARG_TYPE_STRING}, -@@ -78,6 +80,7 @@ enum options - SEARCH_FS_UUID, - SEARCH_PART_LABEL, - SEARCH_PART_UUID, -+ SEARCH_DISK_UUID, - SEARCH_SET, - SEARCH_NO_FLOPPY, - SEARCH_EFIDISK_ONLY, -@@ -203,6 +206,8 @@ grub_cmd_search (grub_extcmd_context_t ctxt, int argc, char **args) - grub_search_part_label (id, var, flags, hints, nhints); - else if (state[SEARCH_PART_UUID].set) - grub_search_part_uuid (id, var, flags, hints, nhints); -+ else if (state[SEARCH_DISK_UUID].set) -+ grub_search_disk_uuid (id, var, flags, hints, nhints); - else if (state[SEARCH_FILE].set) - grub_search_fs_file (id, var, flags, hints, nhints); - else -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index aedc4f7..e162baf 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -108,6 +108,27 @@ grub_gpt_part_uuid (grub_device_t device, char **uuid) - return GRUB_ERR_NONE; - } - -+grub_err_t -+grub_gpt_disk_uuid (grub_device_t device, char **uuid) -+{ -+ grub_gpt_t gpt = grub_gpt_read (device->disk); -+ if (!gpt) -+ goto done; -+ -+ grub_errno = GRUB_ERR_NONE; -+ -+ if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -+ *uuid = grub_gpt_guid_to_str (&gpt->primary.guid); -+ else if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) -+ *uuid = grub_gpt_guid_to_str (&gpt->backup.guid); -+ else -+ grub_errno = grub_error (GRUB_ERR_BUG, "No valid GPT header"); -+ -+done: -+ grub_gpt_free (gpt); -+ return grub_errno; -+} -+ - static grub_uint64_t - grub_gpt_size_to_sectors (grub_gpt_t gpt, grub_size_t size) - { -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 1eb2f7b..16fdd7f 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -232,4 +232,8 @@ grub_err_t grub_gpt_part_label (grub_device_t device, char **label); - * The uuid is in a new buffer and should be freed by the caller. */ - grub_err_t grub_gpt_part_uuid (grub_device_t device, char **uuid); - -+/* Return the disk uuid of the device DEVICE in UUID. -+ * The uuid is in a new buffer and should be freed by the caller. */ -+grub_err_t grub_gpt_disk_uuid (grub_device_t device, char **uuid); -+ - #endif /* ! GRUB_GPT_PARTITION_HEADER */ -diff --git a/include/grub/search.h b/include/grub/search.h -index 66722a6..a5f56b2 100644 ---- a/include/grub/search.h -+++ b/include/grub/search.h -@@ -40,5 +40,8 @@ void grub_search_part_uuid (const char *key, const char *var, - void grub_search_part_label (const char *key, const char *var, - enum search_flags flags, - char **hints, unsigned nhints); -+void grub_search_disk_uuid (const char *key, const char *var, -+ enum search_flags flags, -+ char **hints, unsigned nhints); - - #endif -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -index 7a1af46..60f6017 100644 ---- a/tests/gpt_unit_test.c -+++ b/tests/gpt_unit_test.c -@@ -614,6 +614,37 @@ search_part_uuid_test (void) - close_disk (&data); - } - -+static void -+search_disk_uuid_test (void) -+{ -+ struct test_data data; -+ const char disk_uuid[] = "69c131ad-67d6-46c6-93c4-124c755256ac"; -+ const char bogus_uuid[] = "1534c928-c50e-4866-9daf-6a9fd7918a76"; -+ const char *test_result; -+ char *expected_result; -+ -+ open_disk (&data); -+ -+ expected_result = grub_xasprintf ("%s", data.dev->disk->name); -+ grub_env_unset ("test_result"); -+ grub_search_disk_uuid (disk_uuid, "test_result", 0, NULL, 0); -+ test_result = grub_env_get ("test_result"); -+ grub_test_assert (test_result && strcmp (test_result, expected_result) == 0, -+ "wrong device: %s (%s)", test_result, expected_result); -+ grub_free (expected_result); -+ -+ grub_env_unset ("test_result"); -+ grub_search_disk_uuid (bogus_uuid, "test_result", 0, NULL, 0); -+ test_result = grub_env_get ("test_result"); -+ grub_test_assert (test_result == NULL, -+ "unexpected device: %s", test_result); -+ grub_test_assert (grub_errno == GRUB_ERR_FILE_NOT_FOUND, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+ -+ close_disk (&data); -+} -+ - void - grub_unit_test_init (void) - { -@@ -628,6 +659,7 @@ grub_unit_test_init (void) - grub_test_register ("gpt_repair_test", repair_test); - grub_test_register ("gpt_search_part_label_test", search_part_label_test); - grub_test_register ("gpt_search_uuid_test", search_part_uuid_test); -+ grub_test_register ("gpt_search_disk_uuid_test", search_disk_uuid_test); - } - - void -@@ -641,5 +673,6 @@ grub_unit_test_fini (void) - grub_test_unregister ("gpt_repair_test"); - grub_test_unregister ("gpt_search_part_label_test"); - grub_test_unregister ("gpt_search_part_uuid_test"); -+ grub_test_unregister ("gpt_search_disk_uuid_test"); - grub_fini_all (); - } --- -2.36.1 - diff --git a/packages/grub/0018-gpt-do-not-use-disk-sizes-GRUB-will-reject-as-invali.patch b/packages/grub/0018-gpt-do-not-use-disk-sizes-GRUB-will-reject-as-invali.patch deleted file mode 100644 index c8087ee6864..00000000000 --- a/packages/grub/0018-gpt-do-not-use-disk-sizes-GRUB-will-reject-as-invali.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 2d1291ab5c4c814b961c1dc8f3a6541bf9aa8d32 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Mon, 25 Jul 2016 14:59:29 -0700 -Subject: [PATCH] gpt: do not use disk sizes GRUB will reject as invalid later - on - -GRUB assumes that no disk is ever larger than 1EiB and rejects -reads/writes to such locations. Unfortunately this is not conveyed in -the usual way with the special GRUB_DISK_SIZE_UNKNOWN value. ---- - grub-core/lib/gpt.c | 26 ++++++++++++++++++++++++-- - 1 file changed, 24 insertions(+), 2 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index e162baf..3e17f27 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -143,6 +143,28 @@ grub_gpt_size_to_sectors (grub_gpt_t gpt, grub_size_t size) - return sectors; - } - -+/* Copied from grub-core/kern/disk_common.c grub_disk_adjust_range so we can -+ * avoid attempting to use disk->total_sectors when GRUB won't let us. -+ * TODO: Why is disk->total_sectors not set to GRUB_DISK_SIZE_UNKNOWN? */ -+static int -+grub_gpt_disk_size_valid (grub_disk_t disk) -+{ -+ grub_disk_addr_t total_sectors; -+ -+ /* Transform total_sectors to number of 512B blocks. */ -+ total_sectors = disk->total_sectors << (disk->log_sector_size - GRUB_DISK_SECTOR_BITS); -+ -+ /* Some drivers have problems with disks above reasonable. -+ Treat unknown as 1EiB disk. While on it, clamp the size to 1EiB. -+ Just one condition is enough since GRUB_DISK_UNKNOWN_SIZE << ls is always -+ above 9EiB. -+ */ -+ if (total_sectors > (1ULL << 51)) -+ return 0; -+ -+ return 1; -+} -+ - static void - grub_gpt_lecrc32 (grub_uint32_t *crc, const void *data, grub_size_t len) - { -@@ -242,7 +264,7 @@ grub_gpt_read_backup (grub_disk_t disk, grub_gpt_t gpt) - grub_disk_addr_t addr; - - /* Assumes gpt->log_sector_size == disk->log_sector_size */ -- if (disk->total_sectors != GRUB_DISK_SIZE_UNKNOWN) -+ if (grub_gpt_disk_size_valid(disk)) - sector = disk->total_sectors - 1; - else if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) - sector = grub_le_to_cpu64 (gpt->primary.alternate_lba); -@@ -394,7 +416,7 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - return grub_error (GRUB_ERR_BUG, "No valid GPT header"); - - /* Relocate backup to end if disk whenever possible. */ -- if (disk->total_sectors != GRUB_DISK_SIZE_UNKNOWN) -+ if (grub_gpt_disk_size_valid(disk)) - backup_header = disk->total_sectors - 1; - - backup_entries = backup_header - --- -2.21.3 - diff --git a/packages/grub/0019-gpt-add-verbose-debug-logging.patch b/packages/grub/0019-gpt-add-verbose-debug-logging.patch deleted file mode 100644 index 40a24543347..00000000000 --- a/packages/grub/0019-gpt-add-verbose-debug-logging.patch +++ /dev/null @@ -1,254 +0,0 @@ -From acc91512edec9cae77efc51df8418ae9fdba4a0e Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 10 Aug 2016 18:26:03 -0700 -Subject: [PATCH] gpt: add verbose debug logging - ---- - grub-core/lib/gpt.c | 117 +++++++++++++++++++++++++++++++++++++++++--- - 1 file changed, 109 insertions(+), 8 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 3e17f27..c2821b5 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -207,6 +207,18 @@ grub_gpt_pmbr_check (struct grub_msdos_partition_mbr *mbr) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid protective MBR"); - } - -+static grub_uint64_t -+grub_gpt_entries_sectors (struct grub_gpt_header *gpt, -+ unsigned int log_sector_size) -+{ -+ grub_uint64_t sector_bytes, entries_bytes; -+ -+ sector_bytes = 1ULL << log_sector_size; -+ entries_bytes = (grub_uint64_t) grub_le_to_cpu32 (gpt->maxpart) * -+ (grub_uint64_t) grub_le_to_cpu32 (gpt->partentry_size); -+ return grub_divmod64(entries_bytes + sector_bytes - 1, sector_bytes, NULL); -+} -+ - grub_err_t - grub_gpt_header_check (struct grub_gpt_header *gpt, - unsigned int log_sector_size) -@@ -236,6 +248,64 @@ grub_gpt_header_check (struct grub_gpt_header *gpt, - return GRUB_ERR_NONE; - } - -+static grub_err_t -+grub_gpt_check_primary (grub_gpt_t gpt) -+{ -+ grub_uint64_t backup, primary, entries, entries_len, start, end; -+ -+ primary = grub_le_to_cpu64 (gpt->primary.header_lba); -+ backup = grub_le_to_cpu64 (gpt->primary.alternate_lba); -+ entries = grub_le_to_cpu64 (gpt->primary.partitions); -+ entries_len = grub_gpt_entries_sectors(&gpt->primary, gpt->log_sector_size); -+ start = grub_le_to_cpu64 (gpt->primary.start); -+ end = grub_le_to_cpu64 (gpt->primary.end); -+ -+ grub_dprintf ("gpt", "Primary GPT layout:\n" -+ "primary header = 0x%llx backup header = 0x%llx\n" -+ "entries location = 0x%llx length = 0x%llx\n" -+ "first usable = 0x%llx last usable = 0x%llx\n", -+ (unsigned long long) primary, -+ (unsigned long long) backup, -+ (unsigned long long) entries, -+ (unsigned long long) entries_len, -+ (unsigned long long) start, -+ (unsigned long long) end); -+ -+ if (grub_gpt_header_check (&gpt->primary, gpt->log_sector_size)) -+ return grub_errno; -+ -+ return GRUB_ERR_NONE; -+} -+ -+static grub_err_t -+grub_gpt_check_backup (grub_gpt_t gpt) -+{ -+ grub_uint64_t backup, primary, entries, entries_len, start, end; -+ -+ backup = grub_le_to_cpu64 (gpt->backup.header_lba); -+ primary = grub_le_to_cpu64 (gpt->backup.alternate_lba); -+ entries = grub_le_to_cpu64 (gpt->backup.partitions); -+ entries_len = grub_gpt_entries_sectors(&gpt->backup, gpt->log_sector_size); -+ start = grub_le_to_cpu64 (gpt->backup.start); -+ end = grub_le_to_cpu64 (gpt->backup.end); -+ -+ grub_dprintf ("gpt", "Backup GPT layout:\n" -+ "primary header = 0x%llx backup header = 0x%llx\n" -+ "entries location = 0x%llx length = 0x%llx\n" -+ "first usable = 0x%llx last usable = 0x%llx\n", -+ (unsigned long long) primary, -+ (unsigned long long) backup, -+ (unsigned long long) entries, -+ (unsigned long long) entries_len, -+ (unsigned long long) start, -+ (unsigned long long) end); -+ -+ if (grub_gpt_header_check (&gpt->backup, gpt->log_sector_size)) -+ return grub_errno; -+ -+ return GRUB_ERR_NONE; -+} -+ - static grub_err_t - grub_gpt_read_primary (grub_disk_t disk, grub_gpt_t gpt) - { -@@ -246,11 +316,13 @@ grub_gpt_read_primary (grub_disk_t disk, grub_gpt_t gpt) - * but eventually this code should match the existing behavior. */ - gpt->log_sector_size = disk->log_sector_size; - -+ grub_dprintf ("gpt", "reading primary GPT from sector 0x1\n"); -+ - addr = grub_gpt_sector_to_addr (gpt, 1); - if (grub_disk_read (disk, addr, 0, sizeof (gpt->primary), &gpt->primary)) - return grub_errno; - -- if (grub_gpt_header_check (&gpt->primary, gpt->log_sector_size)) -+ if (grub_gpt_check_primary (gpt)) - return grub_errno; - - gpt->status |= GRUB_GPT_PRIMARY_HEADER_VALID; -@@ -272,11 +344,14 @@ grub_gpt_read_backup (grub_disk_t disk, grub_gpt_t gpt) - return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, - "Unable to locate backup GPT"); - -+ grub_dprintf ("gpt", "reading backup GPT from sector 0x%llx\n", -+ (unsigned long long) sector); -+ - addr = grub_gpt_sector_to_addr (gpt, sector); - if (grub_disk_read (disk, addr, 0, sizeof (gpt->backup), &gpt->backup)) - return grub_errno; - -- if (grub_gpt_header_check (&gpt->backup, gpt->log_sector_size)) -+ if (grub_gpt_check_backup (gpt)) - return grub_errno; - - gpt->status |= GRUB_GPT_BACKUP_HEADER_VALID; -@@ -289,6 +364,7 @@ grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - { - struct grub_gpt_partentry *entries = NULL; - grub_uint32_t count, size, crc; -+ grub_uint64_t sector; - grub_disk_addr_t addr; - grub_size_t entries_size; - -@@ -310,7 +386,12 @@ grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - if (!entries) - goto fail; - -- addr = grub_gpt_sector_to_addr (gpt, grub_le_to_cpu64 (header->partitions)); -+ sector = grub_le_to_cpu64 (header->partitions); -+ grub_dprintf ("gpt", "reading GPT %lu entries from sector 0x%llx\n", -+ (unsigned long) count, -+ (unsigned long long) sector); -+ -+ addr = grub_gpt_sector_to_addr (gpt, sector); - if (grub_disk_read (disk, addr, 0, entries_size, entries)) - goto fail; - -@@ -336,6 +417,8 @@ grub_gpt_read (grub_disk_t disk) - { - grub_gpt_t gpt; - -+ grub_dprintf ("gpt", "reading GPT from %s\n", disk->name); -+ - gpt = grub_zalloc (sizeof (*gpt)); - if (!gpt) - goto fail; -@@ -369,12 +452,18 @@ grub_gpt_read (grub_disk_t disk) - /* Similarly, favor the value or error from the primary table. */ - if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID && - !grub_gpt_read_entries (disk, gpt, &gpt->backup)) -- gpt->status |= GRUB_GPT_BACKUP_ENTRIES_VALID; -+ { -+ grub_dprintf ("gpt", "read valid backup GPT from %s\n", disk->name); -+ gpt->status |= GRUB_GPT_BACKUP_ENTRIES_VALID; -+ } - - grub_errno = GRUB_ERR_NONE; - if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID && - !grub_gpt_read_entries (disk, gpt, &gpt->primary)) -- gpt->status |= GRUB_GPT_PRIMARY_ENTRIES_VALID; -+ { -+ grub_dprintf ("gpt", "read valid primary GPT from %s\n", disk->name); -+ gpt->status |= GRUB_GPT_PRIMARY_ENTRIES_VALID; -+ } - - if (gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID || - gpt->status & GRUB_GPT_BACKUP_ENTRIES_VALID) -@@ -394,21 +483,25 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - { - grub_uint64_t backup_header, backup_entries; - -+ grub_dprintf ("gpt", "repairing GPT for %s\n", disk->name); -+ - if (disk->log_sector_size != gpt->log_sector_size) - return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, - "GPT sector size must match disk sector size"); - - if (!(gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID || -- gpt->status & GRUB_GPT_BACKUP_ENTRIES_VALID)) -+ gpt->status & GRUB_GPT_BACKUP_ENTRIES_VALID)) - return grub_error (GRUB_ERR_BUG, "No valid GPT entries"); - - if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) - { -+ grub_dprintf ("gpt", "primary GPT header is valid\n"); - backup_header = grub_le_to_cpu64 (gpt->primary.alternate_lba); - grub_memcpy (&gpt->backup, &gpt->primary, sizeof (gpt->backup)); - } - else if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) - { -+ grub_dprintf ("gpt", "backup GPT header is valid\n"); - backup_header = grub_le_to_cpu64 (gpt->backup.header_lba); - grub_memcpy (&gpt->primary, &gpt->backup, sizeof (gpt->primary)); - } -@@ -418,9 +511,13 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - /* Relocate backup to end if disk whenever possible. */ - if (grub_gpt_disk_size_valid(disk)) - backup_header = disk->total_sectors - 1; -+ grub_dprintf ("gpt", "backup GPT header will be located at 0x%llx\n", -+ (unsigned long long) backup_header); - - backup_entries = backup_header - - grub_gpt_size_to_sectors (gpt, gpt->entries_size); -+ grub_dprintf ("gpt", "backup GPT entries will be located at 0x%llx\n", -+ (unsigned long long) backup_entries); - - /* Update/fixup header and partition table locations. */ - gpt->primary.header_lba = grub_cpu_to_le64_compile_time (1); -@@ -435,13 +532,15 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - return grub_errno; - - /* Sanity check. */ -- if (grub_gpt_header_check (&gpt->primary, gpt->log_sector_size)) -+ if (grub_gpt_check_primary (gpt)) - return grub_error (GRUB_ERR_BUG, "Generated invalid GPT primary header"); - -- if (grub_gpt_header_check (&gpt->backup, gpt->log_sector_size)) -+ if (grub_gpt_check_backup (gpt)) - return grub_error (GRUB_ERR_BUG, "Generated invalid GPT backup header"); - - gpt->status |= GRUB_GPT_BOTH_VALID; -+ grub_dprintf ("gpt", "repairing GPT for %s successful\n", disk->name); -+ - return GRUB_ERR_NONE; - } - -@@ -497,9 +596,11 @@ grub_gpt_write (grub_disk_t disk, grub_gpt_t gpt) - if (!(gpt->status & GRUB_GPT_BOTH_VALID)) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "Invalid GPT data"); - -+ grub_dprintf ("gpt", "writing primary GPT to %s\n", disk->name); - if (grub_gpt_write_table (disk, gpt, &gpt->primary)) - return grub_errno; - -+ grub_dprintf ("gpt", "writing backup GPT to %s\n", disk->name); - if (grub_gpt_write_table (disk, gpt, &gpt->backup)) - return grub_errno; - --- -2.21.3 - diff --git a/packages/grub/0020-gpt-improve-validation-of-GPT-headers.patch b/packages/grub/0020-gpt-improve-validation-of-GPT-headers.patch deleted file mode 100644 index dbc80463251..00000000000 --- a/packages/grub/0020-gpt-improve-validation-of-GPT-headers.patch +++ /dev/null @@ -1,104 +0,0 @@ -From 4a037b26a09886e33f281e968f0be4545a6d2c57 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 10 Aug 2016 18:26:03 -0700 -Subject: [PATCH] gpt: improve validation of GPT headers - -Adds basic validation of all the disk locations in the headers, reducing -the chance of corrupting weird locations on disk. ---- - grub-core/lib/gpt.c | 48 +++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 48 insertions(+) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index c2821b5..f83fe29 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -224,6 +224,7 @@ grub_gpt_header_check (struct grub_gpt_header *gpt, - unsigned int log_sector_size) - { - grub_uint32_t crc = 0, size; -+ grub_uint64_t start, end; - - if (grub_memcmp (gpt->magic, grub_gpt_magic, sizeof (grub_gpt_magic)) != 0) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT signature"); -@@ -245,9 +246,35 @@ grub_gpt_header_check (struct grub_gpt_header *gpt, - if (size < 128 || size % 128) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT entry size"); - -+ /* And of course there better be some space for partitions! */ -+ start = grub_le_to_cpu64 (gpt->start); -+ end = grub_le_to_cpu64 (gpt->end); -+ if (start > end) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid usable sectors"); -+ - return GRUB_ERR_NONE; - } - -+static int -+grub_gpt_headers_equal (grub_gpt_t gpt) -+{ -+ /* Assume headers passed grub_gpt_header_check so skip magic and version. -+ * Individual fields must be checked instead of just using memcmp because -+ * crc32, header, alternate, and partitions will all normally differ. */ -+ -+ if (gpt->primary.headersize != gpt->backup.headersize || -+ gpt->primary.header_lba != gpt->backup.alternate_lba || -+ gpt->primary.start != gpt->backup.start || -+ gpt->primary.end != gpt->backup.end || -+ gpt->primary.maxpart != gpt->backup.maxpart || -+ gpt->primary.partentry_size != gpt->backup.partentry_size || -+ gpt->primary.partentry_crc32 != gpt->backup.partentry_crc32) -+ return 0; -+ -+ return grub_memcmp(&gpt->primary.guid, &gpt->backup.guid, -+ sizeof(grub_gpt_guid_t)) == 0; -+} -+ - static grub_err_t - grub_gpt_check_primary (grub_gpt_t gpt) - { -@@ -273,6 +300,12 @@ grub_gpt_check_primary (grub_gpt_t gpt) - - if (grub_gpt_header_check (&gpt->primary, gpt->log_sector_size)) - return grub_errno; -+ if (primary != 1) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid primary GPT LBA"); -+ if (entries <= 1 || entries+entries_len > start) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid entries location"); -+ if (backup <= end) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid backup GPT LBA"); - - return GRUB_ERR_NONE; - } -@@ -302,6 +335,12 @@ grub_gpt_check_backup (grub_gpt_t gpt) - - if (grub_gpt_header_check (&gpt->backup, gpt->log_sector_size)) - return grub_errno; -+ if (primary != 1) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid primary GPT LBA"); -+ if (entries <= end || entries+entries_len > backup) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid entries location"); -+ if (backup <= end) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid backup GPT LBA"); - - return GRUB_ERR_NONE; - } -@@ -354,6 +393,15 @@ grub_gpt_read_backup (grub_disk_t disk, grub_gpt_t gpt) - if (grub_gpt_check_backup (gpt)) - return grub_errno; - -+ /* Ensure the backup header thinks it is located where we found it. */ -+ if (grub_le_to_cpu64 (gpt->backup.header_lba) != sector) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid backup GPT LBA"); -+ -+ /* If both primary and backup are valid but differ prefer the primary. */ -+ if ((gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) && -+ !grub_gpt_headers_equal(gpt)) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "backup GPT of of sync"); -+ - gpt->status |= GRUB_GPT_BACKUP_HEADER_VALID; - return GRUB_ERR_NONE; - } --- -2.21.3 - diff --git a/packages/grub/0021-gpt-refuse-to-write-to-sector-0.patch b/packages/grub/0021-gpt-refuse-to-write-to-sector-0.patch deleted file mode 100644 index 787d0dbb045..00000000000 --- a/packages/grub/0021-gpt-refuse-to-write-to-sector-0.patch +++ /dev/null @@ -1,34 +0,0 @@ -From d81aa092c0eb91ec618a6f0879426e8fcbdae0d4 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Thu, 11 Aug 2016 15:02:21 -0700 -Subject: [PATCH] gpt: refuse to write to sector 0 - ---- - grub-core/lib/gpt.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index f83fe29..b744991 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -626,10 +626,17 @@ grub_gpt_write_table (grub_disk_t disk, grub_gpt_t gpt, - sizeof (*header)); - - addr = grub_gpt_sector_to_addr (gpt, grub_le_to_cpu64 (header->header_lba)); -+ if (addr == 0) -+ return grub_error (GRUB_ERR_BUG, -+ "Refusing to write GPT header to address 0x0"); - if (grub_disk_write (disk, addr, 0, sizeof (*header), header)) - return grub_errno; - - addr = grub_gpt_sector_to_addr (gpt, grub_le_to_cpu64 (header->partitions)); -+ if (addr < 2) -+ return grub_error (GRUB_ERR_BUG, -+ "Refusing to write GPT entries to address 0x%llx", -+ (unsigned long long) addr); - if (grub_disk_write (disk, addr, 0, gpt->entries_size, gpt->entries)) - return grub_errno; - --- -2.21.3 - diff --git a/packages/grub/0022-gpt-properly-detect-and-repair-invalid-tables.patch b/packages/grub/0022-gpt-properly-detect-and-repair-invalid-tables.patch deleted file mode 100644 index fbee57b85ec..00000000000 --- a/packages/grub/0022-gpt-properly-detect-and-repair-invalid-tables.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 29d1ef938cc64d87b09955645b46f947bfcf7b60 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Sat, 20 Aug 2016 17:42:12 -0700 -Subject: [PATCH] gpt: properly detect and repair invalid tables - -GPT_BOTH_VALID is 4 bits so simple a boolean check is not sufficient. -This broken condition allowed gptprio to trust bogus disk locations in -headers that were marked invalid causing arbitrary disk corruption. ---- - grub-core/commands/gptprio.c | 2 +- - grub-core/lib/gpt.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c -index 2415747..2021cb2 100644 ---- a/grub-core/commands/gptprio.c -+++ b/grub-core/commands/gptprio.c -@@ -91,7 +91,7 @@ grub_find_next (const char *disk_name, - if (!gpt) - goto done; - -- if (!(gpt->status & GRUB_GPT_BOTH_VALID)) -+ if ((gpt->status & GRUB_GPT_BOTH_VALID) != GRUB_GPT_BOTH_VALID) - if (grub_gpt_repair (dev->disk, gpt)) - goto done; - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index b744991..0daf3f8 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -648,7 +648,7 @@ grub_gpt_write (grub_disk_t disk, grub_gpt_t gpt) - { - /* TODO: update/repair protective MBRs too. */ - -- if (!(gpt->status & GRUB_GPT_BOTH_VALID)) -+ if ((gpt->status & GRUB_GPT_BOTH_VALID) != GRUB_GPT_BOTH_VALID) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "Invalid GPT data"); - - grub_dprintf ("gpt", "writing primary GPT to %s\n", disk->name); --- -2.21.3 - diff --git a/packages/grub/0023-gptrepair_test-fix-typo-in-cleanup-trap.patch b/packages/grub/0023-gptrepair_test-fix-typo-in-cleanup-trap.patch deleted file mode 100644 index 1fe747da99c..00000000000 --- a/packages/grub/0023-gptrepair_test-fix-typo-in-cleanup-trap.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 725982e848e600ed6f5028fb2197a5ffe0070806 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Mon, 22 Aug 2016 16:44:30 -0700 -Subject: [PATCH] gptrepair_test: fix typo in cleanup trap - ---- - tests/gptrepair_test.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/gptrepair_test.in b/tests/gptrepair_test.in -index 80b2de6..805dc17 100644 ---- a/tests/gptrepair_test.in -+++ b/tests/gptrepair_test.in -@@ -53,7 +53,7 @@ case "${grub_modinfo_target_cpu}-${grub_modinfo_platform}" in - esac - img1="`mktemp "${TMPDIR:-/tmp}/tmp.XXXXXXXXXX"`" || exit 1 - img2="`mktemp "${TMPDIR:-/tmp}/tmp.XXXXXXXXXX"`" || exit 1 --trap "rm -f '${img1}' '${ing2}'" EXIT -+trap "rm -f '${img1}' '${img2}'" EXIT - - create_disk_image () { - size=$1 --- -2.21.3 - diff --git a/packages/grub/0024-gptprio_test-check-GPT-is-repaired-when-appropriate.patch b/packages/grub/0024-gptprio_test-check-GPT-is-repaired-when-appropriate.patch deleted file mode 100644 index b2176e0ab34..00000000000 --- a/packages/grub/0024-gptprio_test-check-GPT-is-repaired-when-appropriate.patch +++ /dev/null @@ -1,110 +0,0 @@ -From 9b3da48085a4437f6915fee3e0d6b74de4ee714c Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Mon, 22 Aug 2016 16:45:10 -0700 -Subject: [PATCH] gptprio_test: check GPT is repaired when appropriate - ---- - tests/gptprio_test.in | 63 ++++++++++++++++++++++++++++++++++++++++--- - 1 file changed, 60 insertions(+), 3 deletions(-) - -diff --git a/tests/gptprio_test.in b/tests/gptprio_test.in -index f4aea0d..c5cf0f3 100644 ---- a/tests/gptprio_test.in -+++ b/tests/gptprio_test.in -@@ -66,8 +66,9 @@ prio_uuid[3]="1aa5a658-5b02-414d-9b71-f7e6c151f0cd" - prio_uuid[4]="8aa0240d-98af-42b0-b32a-ccbe0572d62b" - - create_disk_image () { -+ size=$1 - rm -f "${img1}" -- dd if=/dev/zero of="${img1}" bs=512 count=1 seek=100 status=none -+ dd if=/dev/zero of="${img1}" bs=512 count=1 seek=$((size - 1)) status=none - ${sgdisk} \ - -n 1:0:+1 -c 1:ESP -t 1:ef00 \ - -n 2:0:+1 -c 2:A -t 2:"${prio_type}" -u 2:"${prio_uuid[2]}" \ -@@ -76,6 +77,35 @@ create_disk_image () { - "${img1}" >/dev/null - } - -+wipe_disk_area () { -+ sector=$1 -+ size=$2 -+ dd if=/dev/zero of="${img1}" bs=512 count=${size} seek=${sector} conv=notrunc status=none -+} -+ -+is_zero () { -+ sector=$1 -+ size=$2 -+ cmp -s -i $((sector * 512)) -n $((size * 512)) /dev/zero "${img1}" -+} -+ -+check_is_zero () { -+ sector=$1 -+ size=$2 -+ if ! is_zero "$@"; then -+ echo "$size sector(s) starting at $sector should be all zero" -+ exit 1 -+ fi -+} -+ -+check_not_zero () { -+ sector=$1 -+ size=$2 -+ if is_zero "$@"; then -+ echo "$size sector(s) starting at $sector should not be all zero" -+ exit 1 -+ fi -+} - - fmt_prio () { - priority=$(( ( $1 & 15 ) << 48 )) -@@ -93,10 +123,10 @@ set_prio () { - check_prio () { - part="$1" - expect=$(fmt_prio $2 $3 $4) -- result=$(LANG=C ${sgdisk} -i "${part}" "${img1}" \ -+ result=$(LANG=C ${sgdisk} -i "${part}" "${img1}" 2>&1 \ - | awk '/^Attribute flags: / {print $3}') - if [[ "${expect}" != "${result}" ]]; then -- echo "Partition ${part} has attributes ${result}, not ${expect}" >&2 -+ echo "Partition ${part} has attributes ${result:-??}, not ${expect}" - exit 1 - fi - } -@@ -133,6 +163,33 @@ create_disk_image 100 - set_prio 2 3 2 1 - check_prio 2 3 2 1 - -+# Check gptprio works without modifying the disk when no update is required. -+# Leaves any existing corruption as is, repairing in the OS is better. -+create_disk_image 100 -+set_prio 2 1 0 1 -+wipe_disk_area 99 1 -+check_next 2 1 0 1 -+check_is_zero 99 1 -+ -+create_disk_image 100 -+set_prio 2 1 0 1 -+wipe_disk_area 1 1 -+check_next 2 1 0 1 -+check_is_zero 1 1 -+ -+# When writes do need to be made go ahead and perform the repair. -+create_disk_image 100 -+set_prio 2 1 1 0 -+wipe_disk_area 99 1 -+check_next 2 1 0 0 -+check_not_zero 99 1 -+ -+create_disk_image 100 -+set_prio 2 1 1 0 -+wipe_disk_area 1 1 -+check_next 2 1 0 0 -+check_not_zero 1 1 -+ - # Try two partitions before falling before falling back to a third - create_disk_image 100 - set_prio 2 3 3 0 --- -2.21.3 - diff --git a/packages/grub/0025-gpt-fix-partition-table-indexing-and-validation.patch b/packages/grub/0025-gpt-fix-partition-table-indexing-and-validation.patch deleted file mode 100644 index 13bbf90124d..00000000000 --- a/packages/grub/0025-gpt-fix-partition-table-indexing-and-validation.patch +++ /dev/null @@ -1,326 +0,0 @@ -From f5639101bd80e1246a155b7d1b576efb6fe716f4 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 24 Aug 2016 16:14:20 -0700 -Subject: [PATCH] gpt: fix partition table indexing and validation - -Portions of the code attempted to handle the fact that GPT entries on -disk may be larger than the currently defined struct while others -assumed the data could be indexed by the struct size directly. This -never came up because no utility uses a size larger than 128 bytes but -for the sake of safety we need to do this by the spec. ---- - grub-core/commands/gptprio.c | 6 +- - grub-core/lib/gpt.c | 51 +++++++++++++-- - include/grub/gpt_partition.h | 11 +++- - tests/gpt_unit_test.c | 120 +++++++++++++++++++++++++++++++++++ - 4 files changed, 176 insertions(+), 12 deletions(-) - -diff --git a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c -index 2021cb2..eebca7a 100644 ---- a/grub-core/commands/gptprio.c -+++ b/grub-core/commands/gptprio.c -@@ -78,7 +78,7 @@ grub_find_next (const char *disk_name, - const grub_gpt_part_guid_t *part_type, - char **part_name, char **part_guid) - { -- struct grub_gpt_partentry *part_found = NULL; -+ struct grub_gpt_partentry *part, *part_found = NULL; - grub_device_t dev = NULL; - grub_gpt_t gpt = NULL; - grub_uint32_t i, part_index; -@@ -95,10 +95,8 @@ grub_find_next (const char *disk_name, - if (grub_gpt_repair (dev->disk, gpt)) - goto done; - -- for (i = 0; i < grub_le_to_cpu32 (gpt->primary.maxpart); i++) -+ for (i = 0; (part = grub_gpt_get_partentry (gpt, i)) != NULL; i++) - { -- struct grub_gpt_partentry *part = &gpt->entries[i]; -- - if (grub_memcmp (part_type, &part->type, sizeof (*part_type)) == 0) - { - unsigned int priority, tries_left, successful, old_priority = 0; -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 0daf3f8..2057791 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -207,6 +207,13 @@ grub_gpt_pmbr_check (struct grub_msdos_partition_mbr *mbr) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid protective MBR"); - } - -+static grub_uint64_t -+grub_gpt_entries_size (struct grub_gpt_header *gpt) -+{ -+ return (grub_uint64_t) grub_le_to_cpu32 (gpt->maxpart) * -+ (grub_uint64_t) grub_le_to_cpu32 (gpt->partentry_size); -+} -+ - static grub_uint64_t - grub_gpt_entries_sectors (struct grub_gpt_header *gpt, - unsigned int log_sector_size) -@@ -214,11 +221,16 @@ grub_gpt_entries_sectors (struct grub_gpt_header *gpt, - grub_uint64_t sector_bytes, entries_bytes; - - sector_bytes = 1ULL << log_sector_size; -- entries_bytes = (grub_uint64_t) grub_le_to_cpu32 (gpt->maxpart) * -- (grub_uint64_t) grub_le_to_cpu32 (gpt->partentry_size); -+ entries_bytes = grub_gpt_entries_size (gpt); - return grub_divmod64(entries_bytes + sector_bytes - 1, sector_bytes, NULL); - } - -+static int -+is_pow2 (grub_uint32_t n) -+{ -+ return (n & (n - 1)) == 0; -+} -+ - grub_err_t - grub_gpt_header_check (struct grub_gpt_header *gpt, - unsigned int log_sector_size) -@@ -236,16 +248,23 @@ grub_gpt_header_check (struct grub_gpt_header *gpt, - if (gpt->crc32 != crc) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT header crc32"); - -- /* The header size must be between 92 and the sector size. */ -+ /* The header size "must be greater than or equal to 92 and must be less -+ * than or equal to the logical block size." */ - size = grub_le_to_cpu32 (gpt->headersize); - if (size < 92U || size > (1U << log_sector_size)) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT header size"); - -- /* The partition entry size must be a multiple of 128. */ -+ /* The partition entry size must be "a value of 128*(2^n) where n is an -+ * integer greater than or equal to zero (e.g., 128, 256, 512, etc.)." */ - size = grub_le_to_cpu32 (gpt->partentry_size); -- if (size < 128 || size % 128) -+ if (size < 128U || size % 128U || !is_pow2 (size / 128U)) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT entry size"); - -+ /* The minimum entries table size is specified in terms of bytes, -+ * regardless of how large the individual entry size is. */ -+ if (grub_gpt_entries_size (gpt) < GRUB_GPT_DEFAULT_ENTRIES_SIZE) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid GPT entry table size"); -+ - /* And of course there better be some space for partitions! */ - start = grub_le_to_cpu64 (gpt->start); - end = grub_le_to_cpu64 (gpt->end); -@@ -410,7 +429,7 @@ static grub_err_t - grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - struct grub_gpt_header *header) - { -- struct grub_gpt_partentry *entries = NULL; -+ void *entries = NULL; - grub_uint32_t count, size, crc; - grub_uint64_t sector; - grub_disk_addr_t addr; -@@ -526,6 +545,26 @@ fail: - return NULL; - } - -+struct grub_gpt_partentry * -+grub_gpt_get_partentry (grub_gpt_t gpt, grub_uint32_t n) -+{ -+ struct grub_gpt_header *header; -+ grub_size_t offset; -+ -+ if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -+ header = &gpt->primary; -+ else if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) -+ header = &gpt->backup; -+ else -+ return NULL; -+ -+ if (n >= grub_le_to_cpu32 (header->maxpart)) -+ return NULL; -+ -+ offset = (grub_size_t) grub_le_to_cpu32 (header->partentry_size) * n; -+ return (struct grub_gpt_partentry *) ((char *) gpt->entries + offset); -+} -+ - grub_err_t - grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - { -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 16fdd7f..1a215f8 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -186,8 +186,10 @@ struct grub_gpt - struct grub_gpt_header primary; - struct grub_gpt_header backup; - -- /* Only need one entries table, on disk both copies are identical. */ -- struct grub_gpt_partentry *entries; -+ /* Only need one entries table, on disk both copies are identical. -+ * The on disk entry size may be larger than our partentry struct so -+ * the table cannot be indexed directly. */ -+ void *entries; - grub_size_t entries_size; - - /* Logarithm of sector size, in case GPT and disk driver disagree. */ -@@ -205,6 +207,11 @@ grub_gpt_sector_to_addr (grub_gpt_t gpt, grub_uint64_t sector) - /* Allocates and fills new grub_gpt structure, free with grub_gpt_free. */ - grub_gpt_t grub_gpt_read (grub_disk_t disk); - -+/* Helper for indexing into the entries table. -+ * Returns NULL when the end of the table has been reached. */ -+struct grub_gpt_partentry * grub_gpt_get_partentry (grub_gpt_t gpt, -+ grub_uint32_t n); -+ - /* Sync up primary and backup headers, recompute checksums. */ - grub_err_t grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt); - -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -index 60f6017..9cf3414 100644 ---- a/tests/gpt_unit_test.c -+++ b/tests/gpt_unit_test.c -@@ -40,6 +40,13 @@ - /* from gnulib */ - #include - -+/* Confirm that the GPT structures conform to the sizes in the spec: -+ * The header size "must be greater than or equal to 92 and must be less -+ * than or equal to the logical block size." -+ * The partition entry size must be "a value of 128*(2^n) where n is an -+ * integer greater than or equal to zero (e.g., 128, 256, 512, etc.)." */ -+verify (sizeof (struct grub_gpt_header) == 92); -+verify (sizeof (struct grub_gpt_partentry) == 128); - - /* GPT section sizes. */ - #define HEADER_SIZE (sizeof (struct grub_gpt_header)) -@@ -537,6 +544,113 @@ repair_test (void) - close_disk (&data); - } - -+static void -+iterate_partitions_test (void) -+{ -+ struct test_data data; -+ struct grub_gpt_partentry *p; -+ grub_gpt_t gpt; -+ grub_uint32_t n; -+ -+ open_disk (&data); -+ gpt = read_disk (&data); -+ -+ for (n = 0; (p = grub_gpt_get_partentry (gpt, n)) != NULL; n++) -+ grub_test_assert (memcmp (p, &example_entries[n], sizeof (*p)) == 0, -+ "unexpected partition %d data", n); -+ -+ grub_test_assert (n == TABLE_ENTRIES, "unexpected partition limit: %d", n); -+ -+ grub_gpt_free (gpt); -+ close_disk (&data); -+} -+ -+static void -+large_partitions_test (void) -+{ -+ struct test_data data; -+ struct grub_gpt_partentry *p; -+ grub_gpt_t gpt; -+ grub_uint32_t n; -+ -+ open_disk (&data); -+ -+ /* Double the entry size, cut the number of entries in half. */ -+ data.raw->primary_header.maxpart = -+ data.raw->backup_header.maxpart = -+ grub_cpu_to_le32_compile_time (TABLE_ENTRIES/2); -+ data.raw->primary_header.partentry_size = -+ data.raw->backup_header.partentry_size = -+ grub_cpu_to_le32_compile_time (ENTRY_SIZE*2); -+ data.raw->primary_header.partentry_crc32 = -+ data.raw->backup_header.partentry_crc32 = -+ grub_cpu_to_le32_compile_time (0xf2c45af8); -+ data.raw->primary_header.crc32 = grub_cpu_to_le32_compile_time (0xde00cc8f); -+ data.raw->backup_header.crc32 = grub_cpu_to_le32_compile_time (0x6d72e284); -+ -+ memset (&data.raw->primary_entries, 0, -+ sizeof (data.raw->primary_entries)); -+ for (n = 0; n < TABLE_ENTRIES/2; n++) -+ memcpy (&data.raw->primary_entries[n*2], &example_entries[n], -+ sizeof (data.raw->primary_entries[0])); -+ memcpy (&data.raw->backup_entries, &data.raw->primary_entries, -+ sizeof (data.raw->backup_entries)); -+ -+ sync_disk(&data); -+ gpt = read_disk (&data); -+ -+ for (n = 0; (p = grub_gpt_get_partentry (gpt, n)) != NULL; n++) -+ grub_test_assert (memcmp (p, &example_entries[n], sizeof (*p)) == 0, -+ "unexpected partition %d data", n); -+ -+ grub_test_assert (n == TABLE_ENTRIES/2, "unexpected partition limit: %d", n); -+ -+ grub_gpt_free (gpt); -+ -+ /* Editing memory beyond the entry structure should still change the crc. */ -+ data.raw->primary_entries[1].attrib = 0xff; -+ -+ sync_disk(&data); -+ gpt = read_disk (&data); -+ grub_test_assert (gpt->status == (GRUB_GPT_PROTECTIVE_MBR | -+ GRUB_GPT_PRIMARY_HEADER_VALID | -+ GRUB_GPT_BACKUP_HEADER_VALID | -+ GRUB_GPT_BACKUP_ENTRIES_VALID), -+ "unexpected status: 0x%02x", gpt->status); -+ grub_gpt_free (gpt); -+ -+ close_disk (&data); -+} -+ -+static void -+invalid_partsize_test (void) -+{ -+ struct grub_gpt_header header = { -+ .magic = GRUB_GPT_HEADER_MAGIC, -+ .version = GRUB_GPT_HEADER_VERSION, -+ .headersize = sizeof (struct grub_gpt_header), -+ .crc32 = grub_cpu_to_le32_compile_time (0x1ff2a054), -+ .header_lba = grub_cpu_to_le64_compile_time (PRIMARY_HEADER_SECTOR), -+ .alternate_lba = grub_cpu_to_le64_compile_time (BACKUP_HEADER_SECTOR), -+ .start = grub_cpu_to_le64_compile_time (DATA_START_SECTOR), -+ .end = grub_cpu_to_le64_compile_time (DATA_END_SECTOR), -+ .guid = GRUB_GPT_GUID_INIT(0x69c131ad, 0x67d6, 0x46c6, -+ 0x93, 0xc4, 0x12, 0x4c, 0x75, 0x52, 0x56, 0xac), -+ .partitions = grub_cpu_to_le64_compile_time (PRIMARY_TABLE_SECTOR), -+ .maxpart = grub_cpu_to_le32_compile_time (TABLE_ENTRIES), -+ /* Triple the entry size, which is not valid. */ -+ .partentry_size = grub_cpu_to_le32_compile_time (ENTRY_SIZE*3), -+ .partentry_crc32 = grub_cpu_to_le32_compile_time (0x074e052c), -+ }; -+ -+ grub_gpt_header_check(&header, GRUB_DISK_SECTOR_BITS); -+ grub_test_assert (grub_errno == GRUB_ERR_BAD_PART_TABLE, -+ "unexpected error: %s", grub_errmsg); -+ grub_test_assert (strcmp(grub_errmsg, "invalid GPT entry size") == 0, -+ "unexpected error: %s", grub_errmsg); -+ grub_errno = GRUB_ERR_NONE; -+} -+ - static void - search_part_label_test (void) - { -@@ -657,6 +771,9 @@ grub_unit_test_init (void) - grub_test_register ("gpt_read_invalid_test", read_invalid_entries_test); - grub_test_register ("gpt_read_fallback_test", read_fallback_test); - grub_test_register ("gpt_repair_test", repair_test); -+ grub_test_register ("gpt_iterate_partitions_test", iterate_partitions_test); -+ grub_test_register ("gpt_large_partitions_test", large_partitions_test); -+ grub_test_register ("gpt_invalid_partsize_test", invalid_partsize_test); - grub_test_register ("gpt_search_part_label_test", search_part_label_test); - grub_test_register ("gpt_search_uuid_test", search_part_uuid_test); - grub_test_register ("gpt_search_disk_uuid_test", search_disk_uuid_test); -@@ -671,6 +788,9 @@ grub_unit_test_fini (void) - grub_test_unregister ("gpt_read_invalid_test"); - grub_test_unregister ("gpt_read_fallback_test"); - grub_test_unregister ("gpt_repair_test"); -+ grub_test_unregister ("gpt_iterate_partitions_test"); -+ grub_test_unregister ("gpt_large_partitions_test"); -+ grub_test_unregister ("gpt_invalid_partsize_test"); - grub_test_unregister ("gpt_search_part_label_test"); - grub_test_unregister ("gpt_search_part_uuid_test"); - grub_test_unregister ("gpt_search_disk_uuid_test"); --- -2.21.3 - diff --git a/packages/grub/0026-gpt-prefer-disk-size-from-header-over-firmware.patch b/packages/grub/0026-gpt-prefer-disk-size-from-header-over-firmware.patch deleted file mode 100644 index 2772aad955f..00000000000 --- a/packages/grub/0026-gpt-prefer-disk-size-from-header-over-firmware.patch +++ /dev/null @@ -1,117 +0,0 @@ -From 09b0254a01a4433bd6d58e0c7386e750834b19d5 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Tue, 23 Aug 2016 13:09:14 -0700 -Subject: [PATCH] gpt: prefer disk size from header over firmware - -The firmware and the OS may disagree on the disk configuration and size. -Although such a setup should be avoided users are unlikely to know about -the problem, assuming everything behaves like the OS. Tolerate this as -best we can and trust the reported on-disk location over the firmware -when looking for the backup GPT. If the location is inaccessible report -the error as best we can and move on. ---- - grub-core/lib/gpt.c | 18 +++++++++++++----- - tests/gpt_unit_test.c | 42 ++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 55 insertions(+), 5 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 2057791..f0c71bd 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -394,13 +394,21 @@ grub_gpt_read_backup (grub_disk_t disk, grub_gpt_t gpt) - grub_disk_addr_t addr; - - /* Assumes gpt->log_sector_size == disk->log_sector_size */ -- if (grub_gpt_disk_size_valid(disk)) -+ if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -+ { -+ sector = grub_le_to_cpu64 (gpt->primary.alternate_lba); -+ if (grub_gpt_disk_size_valid (disk) && sector >= disk->total_sectors) -+ return grub_error (GRUB_ERR_OUT_OF_RANGE, -+ "backup GPT located at 0x%llx, " -+ "beyond last disk sector at 0x%llx", -+ (unsigned long long) sector, -+ (unsigned long long) disk->total_sectors - 1); -+ } -+ else if (grub_gpt_disk_size_valid (disk)) - sector = disk->total_sectors - 1; -- else if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -- sector = grub_le_to_cpu64 (gpt->primary.alternate_lba); - else -- return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, -- "Unable to locate backup GPT"); -+ return grub_error (GRUB_ERR_OUT_OF_RANGE, -+ "size of disk unknown, cannot locate backup GPT"); - - grub_dprintf ("gpt", "reading backup GPT from sector 0x%llx\n", - (unsigned long long) sector); -diff --git a/tests/gpt_unit_test.c b/tests/gpt_unit_test.c -index 9cf3414..218b186 100644 ---- a/tests/gpt_unit_test.c -+++ b/tests/gpt_unit_test.c -@@ -544,6 +544,46 @@ repair_test (void) - close_disk (&data); - } - -+/* Finding/reading/writing the backup GPT may be difficult if the OS and -+ * BIOS report different sizes for the same disk. We need to gracefully -+ * recognize this and avoid causing trouble for the OS. */ -+static void -+weird_disk_size_test (void) -+{ -+ struct test_data data; -+ grub_gpt_t gpt; -+ -+ open_disk (&data); -+ -+ /* Chop off 65536 bytes (128 512B sectors) which may happen when the -+ * BIOS thinks you are using a software RAID system that reserves that -+ * area for metadata when in fact you are not and using the bare disk. */ -+ grub_test_assert(data.dev->disk->total_sectors == DISK_SECTORS, -+ "unexpected disk size: 0x%llx", -+ (unsigned long long) data.dev->disk->total_sectors); -+ data.dev->disk->total_sectors -= 128; -+ -+ gpt = read_disk (&data); -+ assert_error_stack_empty (); -+ /* Reading the alternate_lba should have been blocked and reading -+ * the (new) end of disk should have found no useful data. */ -+ grub_test_assert ((gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) == 0, -+ "unreported missing backup header"); -+ -+ /* We should be able to reconstruct the backup header and the location -+ * of the backup should remain unchanged, trusting the GPT data over -+ * what the BIOS is telling us. Further changes are left to the OS. */ -+ grub_gpt_repair (data.dev->disk, gpt); -+ grub_test_assert (grub_errno == GRUB_ERR_NONE, -+ "repair failed: %s", grub_errmsg); -+ grub_test_assert (memcmp (&gpt->primary, &example_primary, -+ sizeof (gpt->primary)) == 0, -+ "repair corrupted primary header"); -+ -+ grub_gpt_free (gpt); -+ close_disk (&data); -+} -+ - static void - iterate_partitions_test (void) - { -@@ -774,6 +814,7 @@ grub_unit_test_init (void) - grub_test_register ("gpt_iterate_partitions_test", iterate_partitions_test); - grub_test_register ("gpt_large_partitions_test", large_partitions_test); - grub_test_register ("gpt_invalid_partsize_test", invalid_partsize_test); -+ grub_test_register ("gpt_weird_disk_size_test", weird_disk_size_test); - grub_test_register ("gpt_search_part_label_test", search_part_label_test); - grub_test_register ("gpt_search_uuid_test", search_part_uuid_test); - grub_test_register ("gpt_search_disk_uuid_test", search_disk_uuid_test); -@@ -791,6 +832,7 @@ grub_unit_test_fini (void) - grub_test_unregister ("gpt_iterate_partitions_test"); - grub_test_unregister ("gpt_large_partitions_test"); - grub_test_unregister ("gpt_invalid_partsize_test"); -+ grub_test_unregister ("gpt_weird_disk_size_test"); - grub_test_unregister ("gpt_search_part_label_test"); - grub_test_unregister ("gpt_search_part_uuid_test"); - grub_test_unregister ("gpt_search_disk_uuid_test"); --- -2.21.3 - diff --git a/packages/grub/0027-gpt-add-helper-for-picking-a-valid-header.patch b/packages/grub/0027-gpt-add-helper-for-picking-a-valid-header.patch deleted file mode 100644 index 0d429c4faa4..00000000000 --- a/packages/grub/0027-gpt-add-helper-for-picking-a-valid-header.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 974f79ff5cfff8b37f6377d55c2e090f9c5c6251 Mon Sep 17 00:00:00 2001 -From: Vito Caputo -Date: Thu, 25 Aug 2016 17:21:18 -0700 -Subject: [PATCH] gpt: add helper for picking a valid header - -Eliminate some repetition in primary vs. backup header acquisition. ---- - grub-core/lib/gpt.c | 32 ++++++++++++++++++++------------ - 1 file changed, 20 insertions(+), 12 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index f0c71bd..2550ed8 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -108,21 +108,32 @@ grub_gpt_part_uuid (grub_device_t device, char **uuid) - return GRUB_ERR_NONE; - } - -+static struct grub_gpt_header * -+grub_gpt_get_header (grub_gpt_t gpt) -+{ -+ if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -+ return &gpt->primary; -+ else if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) -+ return &gpt->backup; -+ -+ grub_error (GRUB_ERR_BUG, "No valid GPT header"); -+ return NULL; -+} -+ - grub_err_t - grub_gpt_disk_uuid (grub_device_t device, char **uuid) - { -+ struct grub_gpt_header *header; -+ - grub_gpt_t gpt = grub_gpt_read (device->disk); - if (!gpt) - goto done; - -- grub_errno = GRUB_ERR_NONE; -+ header = grub_gpt_get_header (gpt); -+ if (!header) -+ goto done; - -- if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -- *uuid = grub_gpt_guid_to_str (&gpt->primary.guid); -- else if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) -- *uuid = grub_gpt_guid_to_str (&gpt->backup.guid); -- else -- grub_errno = grub_error (GRUB_ERR_BUG, "No valid GPT header"); -+ *uuid = grub_gpt_guid_to_str (&header->guid); - - done: - grub_gpt_free (gpt); -@@ -559,11 +570,8 @@ grub_gpt_get_partentry (grub_gpt_t gpt, grub_uint32_t n) - struct grub_gpt_header *header; - grub_size_t offset; - -- if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -- header = &gpt->primary; -- else if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) -- header = &gpt->backup; -- else -+ header = grub_gpt_get_header (gpt); -+ if (!header) - return NULL; - - if (n >= grub_le_to_cpu32 (header->maxpart)) --- -2.21.3 - diff --git a/packages/grub/0028-gptrepair-fix-status-checking.patch b/packages/grub/0028-gptrepair-fix-status-checking.patch deleted file mode 100644 index 5fe003affcd..00000000000 --- a/packages/grub/0028-gptrepair-fix-status-checking.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 0969dfbba2274221ece397dc4dedfb9b03f8577b Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Tue, 20 Sep 2016 13:06:05 -0700 -Subject: [PATCH] gptrepair: fix status checking - -None of these status bit checks were correct. Fix and simplify. ---- - grub-core/commands/gptrepair.c | 28 +++++++++++----------------- - 1 file changed, 11 insertions(+), 17 deletions(-) - -diff --git a/grub-core/commands/gptrepair.c b/grub-core/commands/gptrepair.c -index 38392fd..66ac3f7 100644 ---- a/grub-core/commands/gptrepair.c -+++ b/grub-core/commands/gptrepair.c -@@ -46,8 +46,6 @@ grub_cmd_gptrepair (grub_command_t cmd __attribute__ ((unused)), - grub_device_t dev = NULL; - grub_gpt_t gpt = NULL; - char *dev_name; -- grub_uint32_t primary_crc, backup_crc; -- enum grub_gpt_status old_status; - - if (argc != 1 || !grub_strlen(args[0])) - return grub_error (GRUB_ERR_BAD_ARGUMENT, "device name required"); -@@ -67,29 +65,25 @@ grub_cmd_gptrepair (grub_command_t cmd __attribute__ ((unused)), - if (!gpt) - goto done; - -- primary_crc = gpt->primary.crc32; -- backup_crc = gpt->backup.crc32; -- old_status = gpt->status; -- -- if (grub_gpt_repair (dev->disk, gpt)) -- goto done; -- -- if (primary_crc == gpt->primary.crc32 && -- backup_crc == gpt->backup.crc32 && -- old_status && gpt->status) -+ if ((gpt->status & GRUB_GPT_BOTH_VALID) == GRUB_GPT_BOTH_VALID) - { - grub_printf_ (N_("GPT already valid, %s unmodified.\n"), dev_name); - goto done; - } - -- if (grub_gpt_write (dev->disk, gpt)) -+ if ((gpt->status & GRUB_GPT_PRIMARY_VALID) != GRUB_GPT_PRIMARY_VALID) -+ grub_printf_ (N_("Found invalid primary GPT on %s\n"), dev_name); -+ -+ if ((gpt->status & GRUB_GPT_BACKUP_VALID) != GRUB_GPT_BACKUP_VALID) -+ grub_printf_ (N_("Found invalid backup GPT on %s\n"), dev_name); -+ -+ if (grub_gpt_repair (dev->disk, gpt)) - goto done; - -- if (!(old_status & GRUB_GPT_PRIMARY_VALID)) -- grub_printf_ (N_("Primary GPT for %s repaired.\n"), dev_name); -+ if (grub_gpt_write (dev->disk, gpt)) -+ goto done; - -- if (!(old_status & GRUB_GPT_BACKUP_VALID)) -- grub_printf_ (N_("Backup GPT for %s repaired.\n"), dev_name); -+ grub_printf_ (N_("Repaired GPT on %s\n"), dev_name); - - done: - if (gpt) --- -2.21.3 - diff --git a/packages/grub/0029-gpt-use-inline-functions-for-checking-status-bits.patch b/packages/grub/0029-gpt-use-inline-functions-for-checking-status-bits.patch deleted file mode 100644 index 1c2bf9b7a8d..00000000000 --- a/packages/grub/0029-gpt-use-inline-functions-for-checking-status-bits.patch +++ /dev/null @@ -1,136 +0,0 @@ -From 7f6fb19999b3b825a9c04cee20c8c1dee1590813 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Tue, 20 Sep 2016 12:43:01 -0700 -Subject: [PATCH] gpt: use inline functions for checking status bits - -This should prevent bugs like 6078f836 and 4268f3da. ---- - grub-core/commands/gptprio.c | 2 +- - grub-core/commands/gptrepair.c | 6 +++--- - grub-core/lib/gpt.c | 9 +++++++-- - include/grub/gpt_partition.h | 35 +++++++++++++++++++++++++++------- - 4 files changed, 39 insertions(+), 13 deletions(-) - -diff --git a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c -index eebca7a..59bc4fd 100644 ---- a/grub-core/commands/gptprio.c -+++ b/grub-core/commands/gptprio.c -@@ -91,7 +91,7 @@ grub_find_next (const char *disk_name, - if (!gpt) - goto done; - -- if ((gpt->status & GRUB_GPT_BOTH_VALID) != GRUB_GPT_BOTH_VALID) -+ if (!grub_gpt_both_valid(gpt)) - if (grub_gpt_repair (dev->disk, gpt)) - goto done; - -diff --git a/grub-core/commands/gptrepair.c b/grub-core/commands/gptrepair.c -index 66ac3f7..c17c734 100644 ---- a/grub-core/commands/gptrepair.c -+++ b/grub-core/commands/gptrepair.c -@@ -65,16 +65,16 @@ grub_cmd_gptrepair (grub_command_t cmd __attribute__ ((unused)), - if (!gpt) - goto done; - -- if ((gpt->status & GRUB_GPT_BOTH_VALID) == GRUB_GPT_BOTH_VALID) -+ if (grub_gpt_both_valid (gpt)) - { - grub_printf_ (N_("GPT already valid, %s unmodified.\n"), dev_name); - goto done; - } - -- if ((gpt->status & GRUB_GPT_PRIMARY_VALID) != GRUB_GPT_PRIMARY_VALID) -+ if (!grub_gpt_primary_valid (gpt)) - grub_printf_ (N_("Found invalid primary GPT on %s\n"), dev_name); - -- if ((gpt->status & GRUB_GPT_BACKUP_VALID) != GRUB_GPT_BACKUP_VALID) -+ if (!grub_gpt_backup_valid (gpt)) - grub_printf_ (N_("Found invalid backup GPT on %s\n"), dev_name); - - if (grub_gpt_repair (dev->disk, gpt)) -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 2550ed8..3e077c4 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -638,10 +638,15 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - if (grub_gpt_check_primary (gpt)) - return grub_error (GRUB_ERR_BUG, "Generated invalid GPT primary header"); - -+ gpt->status |= (GRUB_GPT_PRIMARY_HEADER_VALID | -+ GRUB_GPT_PRIMARY_ENTRIES_VALID); -+ - if (grub_gpt_check_backup (gpt)) - return grub_error (GRUB_ERR_BUG, "Generated invalid GPT backup header"); - -- gpt->status |= GRUB_GPT_BOTH_VALID; -+ gpt->status |= (GRUB_GPT_BACKUP_HEADER_VALID | -+ GRUB_GPT_BACKUP_ENTRIES_VALID); -+ - grub_dprintf ("gpt", "repairing GPT for %s successful\n", disk->name); - - return GRUB_ERR_NONE; -@@ -703,7 +708,7 @@ grub_gpt_write (grub_disk_t disk, grub_gpt_t gpt) - { - /* TODO: update/repair protective MBRs too. */ - -- if ((gpt->status & GRUB_GPT_BOTH_VALID) != GRUB_GPT_BOTH_VALID) -+ if (!grub_gpt_both_valid (gpt)) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "Invalid GPT data"); - - grub_dprintf ("gpt", "writing primary GPT to %s\n", disk->name); -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 1a215f8..b7fbb7a 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -161,13 +161,6 @@ typedef enum grub_gpt_status - GRUB_GPT_BACKUP_ENTRIES_VALID = 0x20, - } grub_gpt_status_t; - --#define GRUB_GPT_MBR_VALID (GRUB_GPT_PROTECTIVE_MBR|GRUB_GPT_HYBRID_MBR) --#define GRUB_GPT_PRIMARY_VALID \ -- (GRUB_GPT_PRIMARY_HEADER_VALID|GRUB_GPT_PRIMARY_ENTRIES_VALID) --#define GRUB_GPT_BACKUP_VALID \ -- (GRUB_GPT_BACKUP_HEADER_VALID|GRUB_GPT_BACKUP_ENTRIES_VALID) --#define GRUB_GPT_BOTH_VALID (GRUB_GPT_PRIMARY_VALID|GRUB_GPT_BACKUP_VALID) -- - /* UEFI requires the entries table to be at least 16384 bytes for a - * total of 128 entries given the standard 128 byte entry size. */ - #define GRUB_GPT_DEFAULT_ENTRIES_SIZE 16384 -@@ -197,6 +190,34 @@ struct grub_gpt - }; - typedef struct grub_gpt *grub_gpt_t; - -+/* Helpers for checking the gpt status field. */ -+static inline int -+grub_gpt_mbr_valid (grub_gpt_t gpt) -+{ -+ return ((gpt->status & GRUB_GPT_PROTECTIVE_MBR) || -+ (gpt->status & GRUB_GPT_HYBRID_MBR)); -+} -+ -+static inline int -+grub_gpt_primary_valid (grub_gpt_t gpt) -+{ -+ return ((gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) && -+ (gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID)); -+} -+ -+static inline int -+grub_gpt_backup_valid (grub_gpt_t gpt) -+{ -+ return ((gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) && -+ (gpt->status & GRUB_GPT_BACKUP_ENTRIES_VALID)); -+} -+ -+static inline int -+grub_gpt_both_valid (grub_gpt_t gpt) -+{ -+ return grub_gpt_primary_valid (gpt) && grub_gpt_backup_valid (gpt); -+} -+ - /* Translate GPT sectors to GRUB's 512 byte block addresses. */ - static inline grub_disk_addr_t - grub_gpt_sector_to_addr (grub_gpt_t gpt, grub_uint64_t sector) --- -2.21.3 - diff --git a/packages/grub/0030-gpt-allow-repair-function-to-noop.patch b/packages/grub/0030-gpt-allow-repair-function-to-noop.patch deleted file mode 100644 index 5e8c07b71a3..00000000000 --- a/packages/grub/0030-gpt-allow-repair-function-to-noop.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 661ed965cb87ede5c83956cc5710dbeeb97e4abf Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Tue, 20 Sep 2016 13:40:11 -0700 -Subject: [PATCH] gpt: allow repair function to noop - -Simplifies usage a little. ---- - grub-core/commands/gptprio.c | 5 ++--- - grub-core/lib/gpt.c | 4 ++++ - 2 files changed, 6 insertions(+), 3 deletions(-) - -diff --git a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c -index 59bc4fd..b799faa 100644 ---- a/grub-core/commands/gptprio.c -+++ b/grub-core/commands/gptprio.c -@@ -91,9 +91,8 @@ grub_find_next (const char *disk_name, - if (!gpt) - goto done; - -- if (!grub_gpt_both_valid(gpt)) -- if (grub_gpt_repair (dev->disk, gpt)) -- goto done; -+ if (grub_gpt_repair (dev->disk, gpt)) -+ goto done; - - for (i = 0; (part = grub_gpt_get_partentry (gpt, i)) != NULL; i++) - { -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 3e077c4..9bb1967 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -586,6 +586,10 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - { - grub_uint64_t backup_header, backup_entries; - -+ /* Skip if there is nothing to do. */ -+ if (grub_gpt_both_valid (gpt)) -+ return GRUB_ERR_NONE; -+ - grub_dprintf ("gpt", "repairing GPT for %s\n", disk->name); - - if (disk->log_sector_size != gpt->log_sector_size) --- -2.21.3 - diff --git a/packages/grub/0031-gpt-do-not-use-an-enum-for-status-bit-values.patch b/packages/grub/0031-gpt-do-not-use-an-enum-for-status-bit-values.patch deleted file mode 100644 index 1d712234374..00000000000 --- a/packages/grub/0031-gpt-do-not-use-an-enum-for-status-bit-values.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 16c295c98aebfe855b7cd169420fa659dfb8d327 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 21 Sep 2016 13:22:06 -0700 -Subject: [PATCH] gpt: do not use an enum for status bit values - ---- - include/grub/gpt_partition.h | 19 +++++++++---------- - 1 file changed, 9 insertions(+), 10 deletions(-) - -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index b7fbb7a..d94b93a 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -151,15 +151,14 @@ grub_gpt_partition_map_iterate (grub_disk_t disk, - void *hook_data); - - /* Advanced GPT library. */ --typedef enum grub_gpt_status -- { -- GRUB_GPT_PROTECTIVE_MBR = 0x01, -- GRUB_GPT_HYBRID_MBR = 0x02, -- GRUB_GPT_PRIMARY_HEADER_VALID = 0x04, -- GRUB_GPT_PRIMARY_ENTRIES_VALID = 0x08, -- GRUB_GPT_BACKUP_HEADER_VALID = 0x10, -- GRUB_GPT_BACKUP_ENTRIES_VALID = 0x20, -- } grub_gpt_status_t; -+ -+/* Status bits for the grub_gpt.status field. */ -+#define GRUB_GPT_PROTECTIVE_MBR 0x01 -+#define GRUB_GPT_HYBRID_MBR 0x02 -+#define GRUB_GPT_PRIMARY_HEADER_VALID 0x04 -+#define GRUB_GPT_PRIMARY_ENTRIES_VALID 0x08 -+#define GRUB_GPT_BACKUP_HEADER_VALID 0x10 -+#define GRUB_GPT_BACKUP_ENTRIES_VALID 0x20 - - /* UEFI requires the entries table to be at least 16384 bytes for a - * total of 128 entries given the standard 128 byte entry size. */ -@@ -170,7 +169,7 @@ typedef enum grub_gpt_status - struct grub_gpt - { - /* Bit field indicating which structures on disk are valid. */ -- grub_gpt_status_t status; -+ unsigned status; - - /* Protective or hybrid MBR. */ - struct grub_msdos_partition_mbr mbr; --- -2.21.3 - diff --git a/packages/grub/0032-gpt-check-header-and-entries-status-bits-together.patch b/packages/grub/0032-gpt-check-header-and-entries-status-bits-together.patch deleted file mode 100644 index f37eaad4675..00000000000 --- a/packages/grub/0032-gpt-check-header-and-entries-status-bits-together.patch +++ /dev/null @@ -1,49 +0,0 @@ -From ac788c40bb54691731a317217c9d5a7e241888ca Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 21 Sep 2016 13:44:11 -0700 -Subject: [PATCH] gpt: check header and entries status bits together - -Use the new status function which checks *_HEADER_VALID and -*_ENTRIES_VALID bits together. It doesn't make sense for the header and -entries bits to mismatch so don't allow for it. ---- - grub-core/lib/gpt.c | 14 +++++--------- - 1 file changed, 5 insertions(+), 9 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 9bb1967..3c6ff35 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -596,24 +596,20 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, - "GPT sector size must match disk sector size"); - -- if (!(gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID || -- gpt->status & GRUB_GPT_BACKUP_ENTRIES_VALID)) -- return grub_error (GRUB_ERR_BUG, "No valid GPT entries"); -- -- if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) -+ if (grub_gpt_primary_valid (gpt)) - { -- grub_dprintf ("gpt", "primary GPT header is valid\n"); -+ grub_dprintf ("gpt", "primary GPT is valid\n"); - backup_header = grub_le_to_cpu64 (gpt->primary.alternate_lba); - grub_memcpy (&gpt->backup, &gpt->primary, sizeof (gpt->backup)); - } -- else if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) -+ else if (grub_gpt_backup_valid (gpt)) - { -- grub_dprintf ("gpt", "backup GPT header is valid\n"); -+ grub_dprintf ("gpt", "backup GPT is valid\n"); - backup_header = grub_le_to_cpu64 (gpt->backup.header_lba); - grub_memcpy (&gpt->primary, &gpt->backup, sizeof (gpt->primary)); - } - else -- return grub_error (GRUB_ERR_BUG, "No valid GPT header"); -+ return grub_error (GRUB_ERR_BUG, "No valid GPT"); - - /* Relocate backup to end if disk whenever possible. */ - if (grub_gpt_disk_size_valid(disk)) --- -2.21.3 - diff --git a/packages/grub/0033-gpt-be-more-careful-about-relocating-backup-header.patch b/packages/grub/0033-gpt-be-more-careful-about-relocating-backup-header.patch deleted file mode 100644 index 1edb3716c7b..00000000000 --- a/packages/grub/0033-gpt-be-more-careful-about-relocating-backup-header.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 53e4e887d6ca11fc302bae2c417ecab94ced1252 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 21 Sep 2016 13:52:52 -0700 -Subject: [PATCH] gpt: be more careful about relocating backup header - -The header was being relocated without checking the new location is -actually safe. If the BIOS thinks the disk is smaller than the OS then -repair may relocate the header into allocated space, failing the final -validation check. So only move it if the disk has grown. - -Additionally, if the backup is valid then we can assume its current -location is good enough and leave it as-is. ---- - grub-core/lib/gpt.c | 16 ++++++++++------ - 1 file changed, 10 insertions(+), 6 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 3c6ff35..35e65d8 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -599,7 +599,17 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - if (grub_gpt_primary_valid (gpt)) - { - grub_dprintf ("gpt", "primary GPT is valid\n"); -+ -+ /* Relocate backup to end if disk if the disk has grown. */ - backup_header = grub_le_to_cpu64 (gpt->primary.alternate_lba); -+ if (grub_gpt_disk_size_valid (disk) && -+ disk->total_sectors - 1 > backup_header) -+ { -+ backup_header = disk->total_sectors - 1; -+ grub_dprintf ("gpt", "backup GPT header relocated to 0x%llx\n", -+ (unsigned long long) backup_header); -+ } -+ - grub_memcpy (&gpt->backup, &gpt->primary, sizeof (gpt->backup)); - } - else if (grub_gpt_backup_valid (gpt)) -@@ -611,12 +621,6 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - else - return grub_error (GRUB_ERR_BUG, "No valid GPT"); - -- /* Relocate backup to end if disk whenever possible. */ -- if (grub_gpt_disk_size_valid(disk)) -- backup_header = disk->total_sectors - 1; -- grub_dprintf ("gpt", "backup GPT header will be located at 0x%llx\n", -- (unsigned long long) backup_header); -- - backup_entries = backup_header - - grub_gpt_size_to_sectors (gpt, gpt->entries_size); - grub_dprintf ("gpt", "backup GPT entries will be located at 0x%llx\n", --- -2.21.3 - diff --git a/packages/grub/0034-gpt-selectively-update-fields-during-repair.patch b/packages/grub/0034-gpt-selectively-update-fields-during-repair.patch deleted file mode 100644 index d68198905ef..00000000000 --- a/packages/grub/0034-gpt-selectively-update-fields-during-repair.patch +++ /dev/null @@ -1,78 +0,0 @@ -From d1eb127676eb180eaf211d3a6cd9806a3e30c734 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 21 Sep 2016 14:33:48 -0700 -Subject: [PATCH] gpt: selectively update fields during repair - -Just a little cleanup/refactor to skip touching data we don't need to. ---- - grub-core/lib/gpt.c | 28 ++++++++++++---------------- - 1 file changed, 12 insertions(+), 16 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 35e65d8..03e807b 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -584,8 +584,6 @@ grub_gpt_get_partentry (grub_gpt_t gpt, grub_uint32_t n) - grub_err_t - grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - { -- grub_uint64_t backup_header, backup_entries; -- - /* Skip if there is nothing to do. */ - if (grub_gpt_both_valid (gpt)) - return GRUB_ERR_NONE; -@@ -598,6 +596,8 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - - if (grub_gpt_primary_valid (gpt)) - { -+ grub_uint64_t backup_header; -+ - grub_dprintf ("gpt", "primary GPT is valid\n"); - - /* Relocate backup to end if disk if the disk has grown. */ -@@ -608,32 +608,28 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - backup_header = disk->total_sectors - 1; - grub_dprintf ("gpt", "backup GPT header relocated to 0x%llx\n", - (unsigned long long) backup_header); -+ -+ gpt->primary.alternate_lba = grub_cpu_to_le64 (backup_header); - } - - grub_memcpy (&gpt->backup, &gpt->primary, sizeof (gpt->backup)); -+ gpt->backup.header_lba = gpt->primary.alternate_lba; -+ gpt->backup.alternate_lba = gpt->primary.header_lba; -+ gpt->backup.partitions = grub_cpu_to_le64 (backup_header - -+ grub_gpt_size_to_sectors (gpt, gpt->entries_size)); - } - else if (grub_gpt_backup_valid (gpt)) - { - grub_dprintf ("gpt", "backup GPT is valid\n"); -- backup_header = grub_le_to_cpu64 (gpt->backup.header_lba); -+ - grub_memcpy (&gpt->primary, &gpt->backup, sizeof (gpt->primary)); -+ gpt->primary.header_lba = gpt->backup.alternate_lba; -+ gpt->primary.alternate_lba = gpt->backup.header_lba; -+ gpt->primary.partitions = grub_cpu_to_le64_compile_time (2); - } - else - return grub_error (GRUB_ERR_BUG, "No valid GPT"); - -- backup_entries = backup_header - -- grub_gpt_size_to_sectors (gpt, gpt->entries_size); -- grub_dprintf ("gpt", "backup GPT entries will be located at 0x%llx\n", -- (unsigned long long) backup_entries); -- -- /* Update/fixup header and partition table locations. */ -- gpt->primary.header_lba = grub_cpu_to_le64_compile_time (1); -- gpt->primary.alternate_lba = grub_cpu_to_le64 (backup_header); -- gpt->primary.partitions = grub_cpu_to_le64_compile_time (2); -- gpt->backup.header_lba = gpt->primary.alternate_lba; -- gpt->backup.alternate_lba = gpt->primary.header_lba; -- gpt->backup.partitions = grub_cpu_to_le64 (backup_entries); -- - /* Recompute checksums. */ - if (grub_gpt_update_checksums (gpt)) - return grub_errno; --- -2.21.3 - diff --git a/packages/grub/0035-gpt-always-revalidate-when-recomputing-checksums.patch b/packages/grub/0035-gpt-always-revalidate-when-recomputing-checksums.patch deleted file mode 100644 index b535efd8720..00000000000 --- a/packages/grub/0035-gpt-always-revalidate-when-recomputing-checksums.patch +++ /dev/null @@ -1,75 +0,0 @@ -From 6065f2a049bfe5f8ef6f90b77d2f8ab738004c50 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 21 Sep 2016 14:55:19 -0700 -Subject: [PATCH] gpt: always revalidate when recomputing checksums - -This ensures all code modifying GPT data include the same sanity check -that repair does. If revalidation fails the status flags are left in the -appropriate state. ---- - grub-core/lib/gpt.c | 32 ++++++++++++++++++-------------- - 1 file changed, 18 insertions(+), 14 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 03e807b..3ac2987 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -630,23 +630,9 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - else - return grub_error (GRUB_ERR_BUG, "No valid GPT"); - -- /* Recompute checksums. */ - if (grub_gpt_update_checksums (gpt)) - return grub_errno; - -- /* Sanity check. */ -- if (grub_gpt_check_primary (gpt)) -- return grub_error (GRUB_ERR_BUG, "Generated invalid GPT primary header"); -- -- gpt->status |= (GRUB_GPT_PRIMARY_HEADER_VALID | -- GRUB_GPT_PRIMARY_ENTRIES_VALID); -- -- if (grub_gpt_check_backup (gpt)) -- return grub_error (GRUB_ERR_BUG, "Generated invalid GPT backup header"); -- -- gpt->status |= (GRUB_GPT_BACKUP_HEADER_VALID | -- GRUB_GPT_BACKUP_ENTRIES_VALID); -- - grub_dprintf ("gpt", "repairing GPT for %s successful\n", disk->name); - - return GRUB_ERR_NONE; -@@ -657,6 +643,12 @@ grub_gpt_update_checksums (grub_gpt_t gpt) - { - grub_uint32_t crc; - -+ /* Clear status bits, require revalidation of everything. */ -+ gpt->status &= ~(GRUB_GPT_PRIMARY_HEADER_VALID | -+ GRUB_GPT_PRIMARY_ENTRIES_VALID | -+ GRUB_GPT_BACKUP_HEADER_VALID | -+ GRUB_GPT_BACKUP_ENTRIES_VALID); -+ - /* Writing headers larger than our header structure are unsupported. */ - gpt->primary.headersize = - grub_cpu_to_le32_compile_time (sizeof (gpt->primary)); -@@ -670,6 +662,18 @@ grub_gpt_update_checksums (grub_gpt_t gpt) - grub_gpt_header_lecrc32 (&gpt->primary.crc32, &gpt->primary); - grub_gpt_header_lecrc32 (&gpt->backup.crc32, &gpt->backup); - -+ if (grub_gpt_check_primary (gpt)) -+ return grub_error (GRUB_ERR_BUG, "Generated invalid GPT primary header"); -+ -+ gpt->status |= (GRUB_GPT_PRIMARY_HEADER_VALID | -+ GRUB_GPT_PRIMARY_ENTRIES_VALID); -+ -+ if (grub_gpt_check_backup (gpt)) -+ return grub_error (GRUB_ERR_BUG, "Generated invalid GPT backup header"); -+ -+ gpt->status |= (GRUB_GPT_BACKUP_HEADER_VALID | -+ GRUB_GPT_BACKUP_ENTRIES_VALID); -+ - return GRUB_ERR_NONE; - } - --- -2.21.3 - diff --git a/packages/grub/0036-gpt-include-backup-in-sync-check-in-revalidation.patch b/packages/grub/0036-gpt-include-backup-in-sync-check-in-revalidation.patch deleted file mode 100644 index 86c6ba38d18..00000000000 --- a/packages/grub/0036-gpt-include-backup-in-sync-check-in-revalidation.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 23ce2d3a2b0422c725b1cfb0c61fccba595f8b9b Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 21 Sep 2016 15:01:09 -0700 -Subject: [PATCH] gpt: include backup-in-sync check in revalidation - ---- - grub-core/lib/gpt.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 3ac2987..c27bcc5 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -372,6 +372,11 @@ grub_gpt_check_backup (grub_gpt_t gpt) - if (backup <= end) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid backup GPT LBA"); - -+ /* If both primary and backup are valid but differ prefer the primary. */ -+ if ((gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) && -+ !grub_gpt_headers_equal (gpt)) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "backup GPT out of sync"); -+ - return GRUB_ERR_NONE; - } - -@@ -435,11 +440,6 @@ grub_gpt_read_backup (grub_disk_t disk, grub_gpt_t gpt) - if (grub_le_to_cpu64 (gpt->backup.header_lba) != sector) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid backup GPT LBA"); - -- /* If both primary and backup are valid but differ prefer the primary. */ -- if ((gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID) && -- !grub_gpt_headers_equal(gpt)) -- return grub_error (GRUB_ERR_BAD_PART_TABLE, "backup GPT of of sync"); -- - gpt->status |= GRUB_GPT_BACKUP_HEADER_VALID; - return GRUB_ERR_NONE; - } --- -2.21.3 - diff --git a/packages/grub/0037-gpt-read-entries-table-at-the-same-time-as-the-heade.patch b/packages/grub/0037-gpt-read-entries-table-at-the-same-time-as-the-heade.patch deleted file mode 100644 index ffade3c2d8e..00000000000 --- a/packages/grub/0037-gpt-read-entries-table-at-the-same-time-as-the-heade.patch +++ /dev/null @@ -1,134 +0,0 @@ -From d9f966bfcdfbe8fe1ccb08c512e26a9deae4f60c Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 21 Sep 2016 15:29:55 -0700 -Subject: [PATCH] gpt: read entries table at the same time as the header - -I personally think this reads easier. Also has the side effect of -directly comparing the primary and backup tables instead of presuming -they are equal if the crc32 matches. ---- - grub-core/lib/gpt.c | 69 +++++++++++++++++++++++++++------------------ - 1 file changed, 41 insertions(+), 28 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index c27bcc5..b93cede 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -32,6 +32,11 @@ GRUB_MOD_LICENSE ("GPLv3+"); - - static grub_uint8_t grub_gpt_magic[] = GRUB_GPT_HEADER_MAGIC; - -+static grub_err_t -+grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, -+ struct grub_gpt_header *header, -+ void **ret_entries, -+ grub_size_t *ret_entries_size); - - char * - grub_gpt_guid_to_str (grub_gpt_guid_t *guid) -@@ -400,12 +405,21 @@ grub_gpt_read_primary (grub_disk_t disk, grub_gpt_t gpt) - return grub_errno; - - gpt->status |= GRUB_GPT_PRIMARY_HEADER_VALID; -+ -+ if (grub_gpt_read_entries (disk, gpt, &gpt->primary, -+ &gpt->entries, &gpt->entries_size)) -+ return grub_errno; -+ -+ gpt->status |= GRUB_GPT_PRIMARY_ENTRIES_VALID; -+ - return GRUB_ERR_NONE; - } - - static grub_err_t - grub_gpt_read_backup (grub_disk_t disk, grub_gpt_t gpt) - { -+ void *entries = NULL; -+ grub_size_t entries_size; - grub_uint64_t sector; - grub_disk_addr_t addr; - -@@ -441,12 +455,35 @@ grub_gpt_read_backup (grub_disk_t disk, grub_gpt_t gpt) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "invalid backup GPT LBA"); - - gpt->status |= GRUB_GPT_BACKUP_HEADER_VALID; -+ -+ if (grub_gpt_read_entries (disk, gpt, &gpt->backup, -+ &entries, &entries_size)) -+ return grub_errno; -+ -+ if (gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID) -+ { -+ if (entries_size != gpt->entries_size || -+ grub_memcmp (entries, gpt->entries, entries_size) != 0) -+ return grub_error (GRUB_ERR_BAD_PART_TABLE, "backup GPT out of sync"); -+ -+ grub_free (entries); -+ } -+ else -+ { -+ gpt->entries = entries; -+ gpt->entries_size = entries_size; -+ } -+ -+ gpt->status |= GRUB_GPT_BACKUP_ENTRIES_VALID; -+ - return GRUB_ERR_NONE; - } - - static grub_err_t - grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, -- struct grub_gpt_header *header) -+ struct grub_gpt_header *header, -+ void **ret_entries, -+ grub_size_t *ret_entries_size) - { - void *entries = NULL; - grub_uint32_t count, size, crc; -@@ -488,9 +525,8 @@ grub_gpt_read_entries (grub_disk_t disk, grub_gpt_t gpt, - goto fail; - } - -- grub_free (gpt->entries); -- gpt->entries = entries; -- gpt->entries_size = entries_size; -+ *ret_entries = entries; -+ *ret_entries_size = entries_size; - return GRUB_ERR_NONE; - - fail: -@@ -529,30 +565,7 @@ grub_gpt_read (grub_disk_t disk) - grub_gpt_read_backup (disk, gpt); - - /* If either succeeded clear any possible error from the other. */ -- if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID || -- gpt->status & GRUB_GPT_BACKUP_HEADER_VALID) -- grub_errno = GRUB_ERR_NONE; -- else -- goto fail; -- -- /* Similarly, favor the value or error from the primary table. */ -- if (gpt->status & GRUB_GPT_BACKUP_HEADER_VALID && -- !grub_gpt_read_entries (disk, gpt, &gpt->backup)) -- { -- grub_dprintf ("gpt", "read valid backup GPT from %s\n", disk->name); -- gpt->status |= GRUB_GPT_BACKUP_ENTRIES_VALID; -- } -- -- grub_errno = GRUB_ERR_NONE; -- if (gpt->status & GRUB_GPT_PRIMARY_HEADER_VALID && -- !grub_gpt_read_entries (disk, gpt, &gpt->primary)) -- { -- grub_dprintf ("gpt", "read valid primary GPT from %s\n", disk->name); -- gpt->status |= GRUB_GPT_PRIMARY_ENTRIES_VALID; -- } -- -- if (gpt->status & GRUB_GPT_PRIMARY_ENTRIES_VALID || -- gpt->status & GRUB_GPT_BACKUP_ENTRIES_VALID) -+ if (grub_gpt_primary_valid (gpt) || grub_gpt_backup_valid (gpt)) - grub_errno = GRUB_ERR_NONE; - else - goto fail; --- -2.21.3 - diff --git a/packages/grub/0038-gpt-report-all-revalidation-errors.patch b/packages/grub/0038-gpt-report-all-revalidation-errors.patch deleted file mode 100644 index d89937e9d50..00000000000 --- a/packages/grub/0038-gpt-report-all-revalidation-errors.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 48243011b5cffdbfb49c2b3d377754459a0a46a3 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Wed, 21 Sep 2016 16:02:53 -0700 -Subject: [PATCH] gpt: report all revalidation errors - -Before returning an error that the primary or backup GPT is invalid push -the existing error onto the stack so the user will be told what is bad. ---- - grub-core/lib/gpt.c | 10 ++++++++-- - 1 file changed, 8 insertions(+), 2 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index b93cede..f6f8533 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -676,13 +676,19 @@ grub_gpt_update_checksums (grub_gpt_t gpt) - grub_gpt_header_lecrc32 (&gpt->backup.crc32, &gpt->backup); - - if (grub_gpt_check_primary (gpt)) -- return grub_error (GRUB_ERR_BUG, "Generated invalid GPT primary header"); -+ { -+ grub_error_push (); -+ return grub_error (GRUB_ERR_BUG, "Generated invalid GPT primary header"); -+ } - - gpt->status |= (GRUB_GPT_PRIMARY_HEADER_VALID | - GRUB_GPT_PRIMARY_ENTRIES_VALID); - - if (grub_gpt_check_backup (gpt)) -- return grub_error (GRUB_ERR_BUG, "Generated invalid GPT backup header"); -+ { -+ grub_error_push (); -+ return grub_error (GRUB_ERR_BUG, "Generated invalid GPT backup header"); -+ } - - gpt->status |= (GRUB_GPT_BACKUP_HEADER_VALID | - GRUB_GPT_BACKUP_ENTRIES_VALID); --- -2.21.3 - diff --git a/packages/grub/0039-gpt-rename-and-update-documentation-for-grub_gpt_upd.patch b/packages/grub/0039-gpt-rename-and-update-documentation-for-grub_gpt_upd.patch deleted file mode 100644 index 7490f1d549b..00000000000 --- a/packages/grub/0039-gpt-rename-and-update-documentation-for-grub_gpt_upd.patch +++ /dev/null @@ -1,71 +0,0 @@ -From ed3b92445adb3f2b73d22f5c0ca65447944b023f Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Thu, 22 Sep 2016 10:00:27 -0700 -Subject: [PATCH] gpt: rename and update documentation for grub_gpt_update - -The function now does more than just recompute checksums so give it a -more general name to reflect that. ---- - grub-core/commands/gptprio.c | 2 +- - grub-core/lib/gpt.c | 4 ++-- - include/grub/gpt_partition.h | 7 ++++--- - 3 files changed, 7 insertions(+), 6 deletions(-) - -diff --git a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c -index b799faa..8908d8b 100644 ---- a/grub-core/commands/gptprio.c -+++ b/grub-core/commands/gptprio.c -@@ -127,7 +127,7 @@ grub_find_next (const char *disk_name, - - grub_gptprio_set_tries_left (part_found, tries_left - 1); - -- if (grub_gpt_update_checksums (gpt)) -+ if (grub_gpt_update (gpt)) - goto done; - - if (grub_gpt_write (dev->disk, gpt)) -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index f6f8533..4304048 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -643,7 +643,7 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - else - return grub_error (GRUB_ERR_BUG, "No valid GPT"); - -- if (grub_gpt_update_checksums (gpt)) -+ if (grub_gpt_update (gpt)) - return grub_errno; - - grub_dprintf ("gpt", "repairing GPT for %s successful\n", disk->name); -@@ -652,7 +652,7 @@ grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt) - } - - grub_err_t --grub_gpt_update_checksums (grub_gpt_t gpt) -+grub_gpt_update (grub_gpt_t gpt) - { - grub_uint32_t crc; - -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index d94b93a..797692c 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -232,11 +232,12 @@ grub_gpt_t grub_gpt_read (grub_disk_t disk); - struct grub_gpt_partentry * grub_gpt_get_partentry (grub_gpt_t gpt, - grub_uint32_t n); - --/* Sync up primary and backup headers, recompute checksums. */ -+/* Sync and update primary and backup headers if either are invalid. */ - grub_err_t grub_gpt_repair (grub_disk_t disk, grub_gpt_t gpt); - --/* Recompute checksums, must be called after modifying GPT data. */ --grub_err_t grub_gpt_update_checksums (grub_gpt_t gpt); -+/* Recompute checksums and revalidate everything, must be called after -+ * modifying any GPT data. */ -+grub_err_t grub_gpt_update (grub_gpt_t gpt); - - /* Write headers and entry tables back to disk. */ - grub_err_t grub_gpt_write (grub_disk_t disk, grub_gpt_t gpt); --- -2.21.3 - diff --git a/packages/grub/0040-gpt-write-backup-GPT-first-skip-if-inaccessible.patch b/packages/grub/0040-gpt-write-backup-GPT-first-skip-if-inaccessible.patch deleted file mode 100644 index e723c0eb30b..00000000000 --- a/packages/grub/0040-gpt-write-backup-GPT-first-skip-if-inaccessible.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 114dc2c20130ebe232fb52f02ddb14d06a6ac890 Mon Sep 17 00:00:00 2001 -From: Michael Marineau -Date: Thu, 22 Sep 2016 11:18:42 -0700 -Subject: [PATCH] gpt: write backup GPT first, skip if inaccessible. - -Writing the primary GPT before the backup may lead to a confusing -situation: booting a freshly updated system could consistently fail and -next boot will fall back to the old system if writing the primary works -but writing the backup fails. If the backup is written first and fails -the primary is left in the old state so the next boot will re-try and -possibly fail in the exact same way. Making that repeatable should make -it easier for users to identify the error. - -Additionally if the firmware and OS disagree on the disk size, making -the backup inaccessible to GRUB, then just skip writing the backup. -When this happens the automatic call to `coreos-setgoodroot` after boot -will take care of repairing the backup. ---- - grub-core/lib/gpt.c | 28 ++++++++++++++++++++++++---- - 1 file changed, 24 insertions(+), 4 deletions(-) - -diff --git a/grub-core/lib/gpt.c b/grub-core/lib/gpt.c -index 4304048..c3e3a25 100644 ---- a/grub-core/lib/gpt.c -+++ b/grub-core/lib/gpt.c -@@ -729,19 +729,39 @@ grub_gpt_write_table (grub_disk_t disk, grub_gpt_t gpt, - grub_err_t - grub_gpt_write (grub_disk_t disk, grub_gpt_t gpt) - { -+ grub_uint64_t backup_header; -+ - /* TODO: update/repair protective MBRs too. */ - - if (!grub_gpt_both_valid (gpt)) - return grub_error (GRUB_ERR_BAD_PART_TABLE, "Invalid GPT data"); - -+ /* Write the backup GPT first so if writing fails the update is aborted -+ * and the primary is left intact. However if the backup location is -+ * inaccessible we have to just skip and hope for the best, the backup -+ * will need to be repaired in the OS. */ -+ backup_header = grub_le_to_cpu64 (gpt->backup.header_lba); -+ if (grub_gpt_disk_size_valid (disk) && -+ backup_header >= disk->total_sectors) -+ { -+ grub_printf ("warning: backup GPT located at 0x%llx, " -+ "beyond last disk sector at 0x%llx\n", -+ (unsigned long long) backup_header, -+ (unsigned long long) disk->total_sectors - 1); -+ grub_printf ("warning: only writing primary GPT, " -+ "the backup GPT must be repaired from the OS\n"); -+ } -+ else -+ { -+ grub_dprintf ("gpt", "writing backup GPT to %s\n", disk->name); -+ if (grub_gpt_write_table (disk, gpt, &gpt->backup)) -+ return grub_errno; -+ } -+ - grub_dprintf ("gpt", "writing primary GPT to %s\n", disk->name); - if (grub_gpt_write_table (disk, gpt, &gpt->primary)) - return grub_errno; - -- grub_dprintf ("gpt", "writing backup GPT to %s\n", disk->name); -- if (grub_gpt_write_table (disk, gpt, &gpt->backup)) -- return grub_errno; -- - return GRUB_ERR_NONE; - } - --- -2.21.3 - diff --git a/packages/grub/0041-gptprio-Use-Bottlerocket-boot-partition-type-GUID.patch b/packages/grub/0041-gptprio-Use-Bottlerocket-boot-partition-type-GUID.patch deleted file mode 100644 index 57f8aeda0a8..00000000000 --- a/packages/grub/0041-gptprio-Use-Bottlerocket-boot-partition-type-GUID.patch +++ /dev/null @@ -1,58 +0,0 @@ -From b6ae405132d795bfbb405dbf15fcb5721428b435 Mon Sep 17 00:00:00 2001 -From: iliana destroyer of worlds -Date: Thu, 28 Mar 2019 16:28:41 -0700 -Subject: [PATCH] gptprio: Use Bottlerocket boot partition type GUID - -Signed-off-by: iliana destroyer of worlds ---- - grub-core/commands/gptprio.c | 2 +- - include/grub/gpt_partition.h | 6 +++--- - tests/gptprio_test.in | 2 +- - 3 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/grub-core/commands/gptprio.c b/grub-core/commands/gptprio.c -index 8908d8b..761aea4 100644 ---- a/grub-core/commands/gptprio.c -+++ b/grub-core/commands/gptprio.c -@@ -162,7 +162,7 @@ grub_cmd_next (grub_extcmd_context_t ctxt, int argc, char **args) - char *p, *root = NULL, *part_name = NULL, *part_guid = NULL; - - /* TODO: Add a uuid parser and a command line flag for providing type. */ -- grub_gpt_part_guid_t part_type = GRUB_GPT_PARTITION_TYPE_USR_X86_64; -+ grub_gpt_part_guid_t part_type = GRUB_GPT_PARTITION_TYPE_BOTTLEROCKET_BOOT; - - if (!state[NEXT_SET_DEVICE].set || !state[NEXT_SET_UUID].set) - { -diff --git a/include/grub/gpt_partition.h b/include/grub/gpt_partition.h -index 797692c..2bbfd33 100644 ---- a/include/grub/gpt_partition.h -+++ b/include/grub/gpt_partition.h -@@ -61,9 +61,9 @@ char * grub_gpt_guid_to_str (grub_gpt_guid_t *guid); - GRUB_GPT_GUID_INIT (0x5808c8aa, 0x7e8f, 0x42e0, \ - 0x85, 0xd2, 0xe1, 0xe9, 0x04, 0x34, 0xcf, 0xb3) - --#define GRUB_GPT_PARTITION_TYPE_USR_X86_64 \ -- GRUB_GPT_GUID_INIT (0x5dfbf5f4, 0x2848, 0x4bac, \ -- 0xaa, 0x5e, 0x0d, 0x9a, 0x20, 0xb7, 0x45, 0xa6) -+#define GRUB_GPT_PARTITION_TYPE_BOTTLEROCKET_BOOT \ -+ GRUB_GPT_GUID_INIT (0x6b636168, 0x7420, 0x6568, \ -+ 0x20, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x74, 0x21) - - #define GRUB_GPT_HEADER_MAGIC \ - { 0x45, 0x46, 0x49, 0x20, 0x50, 0x41, 0x52, 0x54 } -diff --git a/tests/gptprio_test.in b/tests/gptprio_test.in -index c5cf0f3..9df4dd3 100644 ---- a/tests/gptprio_test.in -+++ b/tests/gptprio_test.in -@@ -59,7 +59,7 @@ esac - img1="`mktemp "${TMPDIR:-/tmp}/tmp.XXXXXXXXXX"`" || exit 1 - trap "rm -f '${img1}'" EXIT - --prio_type="5dfbf5f4-2848-4bac-aa5e-0d9a20b745a6" -+prio_type="6b636168-7420-6568-2070-6c616e657421" - declare -a prio_uuid - prio_uuid[2]="9b003904-d006-4ab3-97f1-73f547b7af1a" - prio_uuid[3]="1aa5a658-5b02-414d-9b71-f7e6c151f0cd" --- -2.21.3 - diff --git a/packages/grub/0042-util-mkimage-Bump-EFI-PE-header-size-to-accommodate-.patch b/packages/grub/0042-util-mkimage-Bump-EFI-PE-header-size-to-accommodate-.patch deleted file mode 100644 index 2a61a1302d7..00000000000 --- a/packages/grub/0042-util-mkimage-Bump-EFI-PE-header-size-to-accommodate-.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 2dd65e321c9786dbec249e0826c58f530bcb5883 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Fri, 28 Oct 2022 13:39:03 +0000 -Subject: [PATCH] util/mkimage: Bump EFI PE header size to accommodate .sbat - section - -With the --sbat option mkimage can embed SBAT metadata into a dedicated -.sbat section of the EFI image. However, no space was explicitly -reserved for this section in the section table of the PE header. - -The miss has no adverse effects since there was enough padding in the -header anyway due to alignment constraints. An earlier commit, -a51f953f4ee8 ("mkimage: Align efi sections on 4k boundary"), increased -alignment to 4 KiB, so that the extra section table entry fit -comfortably inside the space reserved for the entire header anyway. - -Fixes: b11547137703 ("util/mkimage: Add an option to import SBAT metadata into a .sbat section") -Signed-off-by: Markus Boehme ---- - util/mkimage.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/util/mkimage.c b/util/mkimage.c -index c3d33aa..2db1045 100644 ---- a/util/mkimage.c -+++ b/util/mkimage.c -@@ -65,14 +65,14 @@ - + GRUB_PE32_SIGNATURE_SIZE \ - + sizeof (struct grub_pe32_coff_header) \ - + sizeof (struct grub_pe32_optional_header) \ -- + 4 * sizeof (struct grub_pe32_section_table), \ -+ + 5 * sizeof (struct grub_pe32_section_table), \ - GRUB_PE32_FILE_ALIGNMENT) - - #define EFI64_HEADER_SIZE ALIGN_UP (GRUB_PE32_MSDOS_STUB_SIZE \ - + GRUB_PE32_SIGNATURE_SIZE \ - + sizeof (struct grub_pe32_coff_header) \ - + sizeof (struct grub_pe64_optional_header) \ -- + 4 * sizeof (struct grub_pe32_section_table), \ -+ + 5 * sizeof (struct grub_pe32_section_table), \ - GRUB_PE32_FILE_ALIGNMENT) - - static const struct grub_install_image_target_desc image_targets[] = --- -2.39.0 - diff --git a/packages/grub/0043-util-mkimage-avoid-adding-section-table-entry-outsid.patch b/packages/grub/0043-util-mkimage-avoid-adding-section-table-entry-outsid.patch deleted file mode 100644 index 820313f41b2..00000000000 --- a/packages/grub/0043-util-mkimage-avoid-adding-section-table-entry-outsid.patch +++ /dev/null @@ -1,98 +0,0 @@ -From 45468642affc3d641b5d73c5d6e63e1578bf9150 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Fri, 28 Oct 2022 16:09:05 +0000 -Subject: [PATCH] util/mkimage: avoid adding section table entry outside PE EFI - header - -The number of sections in a PE EFI image can vary depending on the -options passed to mkimage, but their maximum number must be known at -compile time. Potentially adding a new section to a PE EFI image -therefore requires changes in at least two places of the code. - -The prior commit fixed a situation where the maximum number of sections -was not bumped while implementing support for an new section. Catch -these situations at runtime rather than silently relying on sufficient -padding being available for the new section table entry or overwriting -part of the image. - -Signed-off-by: Markus Boehme ---- - util/mkimage.c | 20 +++++++++++++++----- - 1 file changed, 15 insertions(+), 5 deletions(-) - -diff --git a/util/mkimage.c b/util/mkimage.c -index 2db1045..1455c94 100644 ---- a/util/mkimage.c -+++ b/util/mkimage.c -@@ -821,6 +821,7 @@ grub_install_get_image_targets_string (void) - */ - static struct grub_pe32_section_table * - init_pe_section(const struct grub_install_image_target_desc *image_target, -+ const char *pe_img, - struct grub_pe32_section_table *section, - const char * const name, - grub_uint32_t *vma, grub_uint32_t vsz, grub_uint32_t valign, -@@ -828,6 +829,15 @@ init_pe_section(const struct grub_install_image_target_desc *image_target, - grub_uint32_t characteristics) - { - size_t len = strlen (name); -+ const char *pe_header_end; -+ -+ if (image_target->voidp_sizeof == 4) -+ pe_header_end = pe_img + EFI32_HEADER_SIZE; -+ else -+ pe_header_end = pe_img + EFI64_HEADER_SIZE; -+ -+ if ((char *) section >= pe_header_end) -+ grub_util_error (_("section table space exhausted trying to add %s"), name); - - if (len > sizeof (section->name)) - grub_util_error (_("section name %s length is bigger than %lu"), -@@ -1438,7 +1448,7 @@ grub_install_generate_image (const char *dir, const char *prefix, - /* The sections. */ - PE_OHDR (o32, o64, code_base) = grub_host_to_target32 (vma); - PE_OHDR (o32, o64, code_size) = grub_host_to_target32 (layout.exec_size); -- section = init_pe_section (image_target, section, ".text", -+ section = init_pe_section (image_target, pe_img, section, ".text", - &vma, layout.exec_size, - image_target->section_align, - &raw_data, layout.exec_size, -@@ -1452,7 +1462,7 @@ grub_install_generate_image (const char *dir, const char *prefix, - ALIGN_UP (total_module_size, - GRUB_PE32_FILE_ALIGNMENT)); - -- section = init_pe_section (image_target, section, ".data", -+ section = init_pe_section (image_target, pe_img, section, ".data", - &vma, scn_size, image_target->section_align, - &raw_data, scn_size, - GRUB_PE32_SCN_CNT_INITIALIZED_DATA | -@@ -1460,7 +1470,7 @@ grub_install_generate_image (const char *dir, const char *prefix, - GRUB_PE32_SCN_MEM_WRITE); - - scn_size = pe_size - layout.reloc_size - sbat_size - raw_data; -- section = init_pe_section (image_target, section, "mods", -+ section = init_pe_section (image_target, pe_img, section, "mods", - &vma, scn_size, image_target->section_align, - &raw_data, scn_size, - GRUB_PE32_SCN_CNT_INITIALIZED_DATA | -@@ -1472,7 +1482,7 @@ grub_install_generate_image (const char *dir, const char *prefix, - pe_sbat = pe_img + raw_data; - grub_util_load_image (sbat_path, pe_sbat); - -- section = init_pe_section (image_target, section, ".sbat", -+ section = init_pe_section (image_target, pe_img, section, ".sbat", - &vma, sbat_size, - image_target->section_align, - &raw_data, sbat_size, -@@ -1484,7 +1494,7 @@ grub_install_generate_image (const char *dir, const char *prefix, - PE_OHDR (o32, o64, base_relocation_table.rva) = grub_host_to_target32 (vma); - PE_OHDR (o32, o64, base_relocation_table.size) = grub_host_to_target32 (scn_size); - memcpy (pe_img + raw_data, layout.reloc_section, scn_size); -- init_pe_section (image_target, section, ".reloc", -+ init_pe_section (image_target, pe_img, section, ".reloc", - &vma, scn_size, image_target->section_align, - &raw_data, scn_size, - GRUB_PE32_SCN_CNT_INITIALIZED_DATA | --- -2.39.0 - diff --git a/packages/grub/0044-efi-return-virtual-size-of-section-found-by-grub_efi.patch b/packages/grub/0044-efi-return-virtual-size-of-section-found-by-grub_efi.patch deleted file mode 100644 index 404baa3f9e9..00000000000 --- a/packages/grub/0044-efi-return-virtual-size-of-section-found-by-grub_efi.patch +++ /dev/null @@ -1,93 +0,0 @@ -From 076f520ec85198e82ddc0615e596df2a1ce4264b Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Wed, 2 Nov 2022 11:43:32 +0000 -Subject: [PATCH] efi: return virtual size of section found by - grub_efi_section_addr - -Return the virtual size of a section found by grub_efi_section_addr if -the caller asked for it. Modify the few existing callers who don't care -about the section size to fit the extended interface. - -This is close to the point where the implementation could do with a -refactoring, e.g. have a separate grub_efi_find_section that returns the -entire section table entry, and more focused convenience functions to -access those. However, grub_efi_find_section itself is already the -result of a Fedora refactoring, so I'm keeping the changes minimal. - -Signed-off-by: Markus Boehme ---- - grub-core/kern/efi/efi.c | 8 ++++++-- - grub-core/kern/efi/init.c | 6 +++--- - include/grub/efi/efi.h | 2 +- - 3 files changed, 10 insertions(+), 6 deletions(-) - -diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c -index 4ac2b27..3a4475c 100644 ---- a/grub-core/kern/efi/efi.c -+++ b/grub-core/kern/efi/efi.c -@@ -310,9 +310,11 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid, - #pragma GCC diagnostic ignored "-Wcast-align" - - /* Search the mods section from the PE32/PE32+ image. This code uses -- a PE32 header, but should work with PE32+ as well. */ -+ a PE32 header, but should work with PE32+ as well. If vsz is not -+ NULL and the section is found, the virtual size of the section -+ is written to *vsz. */ - grub_addr_t --grub_efi_section_addr (const char *section_name) -+grub_efi_section_addr (const char *section_name, grub_uint32_t *vsz) - { - grub_efi_loaded_image_t *image; - struct grub_pe32_header *header; -@@ -359,6 +361,8 @@ grub_efi_section_addr (const char *section_name) - - grub_dprintf("sections", "returning section info for section %d: \"%s\"\n", - i, section->name); -+ if (vsz) -+ *vsz = section->virtual_size; - return (grub_addr_t) info; - } - -diff --git a/grub-core/kern/efi/init.c b/grub-core/kern/efi/init.c -index 0574d8d..533de93 100644 ---- a/grub-core/kern/efi/init.c -+++ b/grub-core/kern/efi/init.c -@@ -116,11 +116,11 @@ grub_efi_print_gdb_info (void) - grub_addr_t text; - grub_addr_t data; - -- text = grub_efi_section_addr (".text"); -+ text = grub_efi_section_addr (".text", NULL); - if (!text) - return; - -- data = grub_efi_section_addr (".data"); -+ data = grub_efi_section_addr (".data", NULL); - if (data) - grub_qdprintf ("gdb", - "add-symbol-file /usr/lib/debug/usr/lib/grub/%s-%s/" -@@ -136,7 +136,7 @@ grub_efi_print_gdb_info (void) - void - grub_efi_init (void) - { -- grub_modbase = grub_efi_section_addr ("mods"); -+ grub_modbase = grub_efi_section_addr ("mods", NULL); - /* First of all, initialize the console so that GRUB can display - messages. */ - grub_console_init (); -diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h -index 449e552..5841a2e 100644 ---- a/include/grub/efi/efi.h -+++ b/include/grub/efi/efi.h -@@ -152,7 +152,7 @@ grub_err_t grub_arch_efi_linux_boot_image(grub_addr_t addr, grub_size_t size, - char *args, int nx_enabled); - #endif - --grub_addr_t grub_efi_section_addr (const char *section); -+grub_addr_t grub_efi_section_addr (const char *section, grub_uint32_t *vsz); - - void grub_efi_mm_init (void); - void grub_efi_mm_fini (void); --- -2.39.0 - diff --git a/packages/grub/0045-mkimage-pgp-move-single-public-key-into-its-own-sect.patch b/packages/grub/0045-mkimage-pgp-move-single-public-key-into-its-own-sect.patch deleted file mode 100644 index 537f53bc14a..00000000000 --- a/packages/grub/0045-mkimage-pgp-move-single-public-key-into-its-own-sect.patch +++ /dev/null @@ -1,261 +0,0 @@ -From eaa371d26be8f76f9d7ce7e9c4b5d30684a48f11 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Mon, 24 Oct 2022 15:20:23 +0000 -Subject: [PATCH] mkimage, pgp: move single public key into its own section of - EFI image - -If mkimage is asked to embed a single public key for signature checking -into an EFI image, move that key into a new .pubkey section of the PE -file. Moving the key into its dedicated section allows for easily -swapping the public key, e.g. using objcopy, without having to rebuild -the image. - -If more than one key is to be embedded, no new section is created and -all keys are embedded as modules just as before. The PGP signature -verification will check both of these sources for valid keys. - -Signed-off-by: Markus Boehme ---- - grub-core/commands/pgp.c | 28 ++++++++++++++ - include/grub/efi/efi.h | 2 +- - util/mkimage.c | 84 +++++++++++++++++++++++++++------------- - 3 files changed, 87 insertions(+), 27 deletions(-) - -diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c -index b81ac0a..5fa1e8e 100644 ---- a/grub-core/commands/pgp.c -+++ b/grub-core/commands/pgp.c -@@ -32,6 +32,7 @@ - #include - #include - #include -+#include - - GRUB_MOD_LICENSE ("GPLv3+"); - -@@ -959,6 +960,33 @@ GRUB_MOD_INIT(pgp) - grub_pk_trusted = pk; - } - -+#ifdef GRUB_MACHINE_EFI -+ { -+ grub_addr_t pubkey_section; -+ grub_uint32_t pubkey_vsz; -+ -+ pubkey_section = grub_efi_section_addr (".pubkey", &pubkey_vsz); -+ if (pubkey_section) -+ { -+ struct grub_file pseudo_file; -+ struct grub_public_key *pk; -+ -+ grub_memset (&pseudo_file, 0, sizeof (pseudo_file)); -+ -+ pseudo_file.fs = &pseudo_fs; -+ pseudo_file.size = pubkey_vsz; -+ pseudo_file.data = (char *) pubkey_section; -+ -+ pk = grub_load_public_key (&pseudo_file); -+ if (!pk) -+ grub_fatal ("error loading key from .pubkey section: %s\n", grub_errmsg); -+ -+ pk->next = grub_pk_trusted; -+ grub_pk_trusted = pk; -+ } -+ } -+#endif /* GRUB_MACHINE_EFI */ -+ - if (!val) - grub_env_set ("check_signatures", grub_pk_trusted ? "enforce" : "no"); - -diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h -index 5841a2e..d580b6b 100644 ---- a/include/grub/efi/efi.h -+++ b/include/grub/efi/efi.h -@@ -152,7 +152,7 @@ grub_err_t grub_arch_efi_linux_boot_image(grub_addr_t addr, grub_size_t size, - char *args, int nx_enabled); - #endif - --grub_addr_t grub_efi_section_addr (const char *section, grub_uint32_t *vsz); -+grub_addr_t EXPORT_FUNC(grub_efi_section_addr) (const char *section, grub_uint32_t *vsz); - - void grub_efi_mm_init (void); - void grub_efi_mm_fini (void); -diff --git a/util/mkimage.c b/util/mkimage.c -index 1455c94..01362d1 100644 ---- a/util/mkimage.c -+++ b/util/mkimage.c -@@ -65,14 +65,14 @@ - + GRUB_PE32_SIGNATURE_SIZE \ - + sizeof (struct grub_pe32_coff_header) \ - + sizeof (struct grub_pe32_optional_header) \ -- + 5 * sizeof (struct grub_pe32_section_table), \ -+ + 6 * sizeof (struct grub_pe32_section_table), \ - GRUB_PE32_FILE_ALIGNMENT) - - #define EFI64_HEADER_SIZE ALIGN_UP (GRUB_PE32_MSDOS_STUB_SIZE \ - + GRUB_PE32_SIGNATURE_SIZE \ - + sizeof (struct grub_pe32_coff_header) \ - + sizeof (struct grub_pe64_optional_header) \ -- + 5 * sizeof (struct grub_pe32_section_table), \ -+ + 6 * sizeof (struct grub_pe32_section_table), \ - GRUB_PE32_FILE_ALIGNMENT) - - static const struct grub_install_image_target_desc image_targets[] = -@@ -887,12 +887,13 @@ grub_install_generate_image (const char *dir, const char *prefix, - char *kernel_img, *core_img; - size_t total_module_size, core_size; - size_t memdisk_size = 0, config_size = 0; -- size_t prefix_size = 0, dtb_size = 0, sbat_size = 0; -+ size_t prefix_size = 0, dtb_size = 0, pubkey_size = 0, sbat_size = 0; - char *kernel_path; - size_t offset; - struct grub_util_path_list *path_list, *p; - size_t decompress_size = 0; - struct grub_mkimage_layout layout; -+ int pubkey_section = 0; - - if (comp == GRUB_COMPRESSION_AUTO) - comp = image_target->default_compression; -@@ -911,7 +912,10 @@ grub_install_generate_image (const char *dir, const char *prefix, - else - total_module_size = sizeof (struct grub_module_info32); - -- { -+ if (npubkeys == 1 && image_target->id == IMAGE_EFI) -+ pubkey_section = 1; -+ -+ if (!pubkey_section) { - size_t i; - for (i = 0; i < npubkeys; i++) - { -@@ -1048,24 +1052,25 @@ grub_install_generate_image (const char *dir, const char *prefix, - offset += mod_size; - } - -- { -- size_t i; -- for (i = 0; i < npubkeys; i++) -- { -- size_t curs; -- struct grub_module_header *header; -- -- curs = grub_util_get_image_size (pubkey_paths[i]); -- -- header = (struct grub_module_header *) (kernel_img + offset); -- header->type = grub_host_to_target32 (OBJ_TYPE_GPG_PUBKEY); -- header->size = grub_host_to_target32 (curs + sizeof (*header)); -- offset += sizeof (*header); -- -- grub_util_load_image (pubkey_paths[i], kernel_img + offset); -- offset += ALIGN_ADDR (curs); -- } -- } -+ if (!pubkey_section) -+ { -+ size_t i; -+ for (i = 0; i < npubkeys; i++) -+ { -+ size_t curs; -+ struct grub_module_header *header; -+ -+ curs = grub_util_get_image_size (pubkey_paths[i]); -+ -+ header = (struct grub_module_header *) (kernel_img + offset); -+ header->type = grub_host_to_target32 (OBJ_TYPE_GPG_PUBKEY); -+ header->size = grub_host_to_target32 (curs + sizeof (*header)); -+ offset += sizeof (*header); -+ -+ grub_util_load_image (pubkey_paths[i], kernel_img + offset); -+ offset += ALIGN_ADDR (curs); -+ } -+ } - - { - size_t i; -@@ -1351,7 +1356,7 @@ grub_install_generate_image (const char *dir, const char *prefix, - break; - case IMAGE_EFI: - { -- char *pe_img, *pe_sbat, *header; -+ char *pe_img, *pe_pubkey, *pe_sbat, *header; - struct grub_pe32_section_table *section; - size_t n_sections = 4; - size_t scn_size; -@@ -1369,6 +1374,16 @@ grub_install_generate_image (const char *dir, const char *prefix, - - vma = raw_data = header_size; - -+ if (pubkey_section) -+ { -+ pubkey_size = ALIGN_ADDR (grub_util_get_image_size (pubkey_paths[0])); -+ pubkey_size = ALIGN_UP (pubkey_size, GRUB_PE32_FILE_ALIGNMENT); -+ if (pubkey_size == 0) -+ grub_util_error ( -+ _("embedding public key '%s' would result in invalid empty section"), -+ pubkey_paths[0]); -+ } -+ - if (sbat_path != NULL) - { - sbat_size = ALIGN_ADDR (grub_util_get_image_size (sbat_path)); -@@ -1376,7 +1391,8 @@ grub_install_generate_image (const char *dir, const char *prefix, - } - - pe_size = ALIGN_UP (header_size + core_size, GRUB_PE32_FILE_ALIGNMENT) + -- ALIGN_UP (layout.reloc_size, GRUB_PE32_FILE_ALIGNMENT) + sbat_size; -+ ALIGN_UP (layout.reloc_size, GRUB_PE32_FILE_ALIGNMENT) + -+ pubkey_size + sbat_size; - header = pe_img = xcalloc (1, pe_size); - - memcpy (pe_img + raw_data, core_img, core_size); -@@ -1391,6 +1407,9 @@ grub_install_generate_image (const char *dir, const char *prefix, - + GRUB_PE32_SIGNATURE_SIZE); - c->machine = grub_host_to_target16 (image_target->pe_target); - -+ if (pubkey_section) -+ n_sections++; -+ - if (sbat_path != NULL) - n_sections++; - -@@ -1458,7 +1477,7 @@ grub_install_generate_image (const char *dir, const char *prefix, - - scn_size = ALIGN_UP (layout.kernel_size - layout.exec_size, GRUB_PE32_FILE_ALIGNMENT); - /* ALIGN_UP (sbat_size, GRUB_PE32_FILE_ALIGNMENT) is done earlier. */ -- PE_OHDR (o32, o64, data_size) = grub_host_to_target32 (scn_size + sbat_size + -+ PE_OHDR (o32, o64, data_size) = grub_host_to_target32 (scn_size + pubkey_size + sbat_size + - ALIGN_UP (total_module_size, - GRUB_PE32_FILE_ALIGNMENT)); - -@@ -1469,7 +1488,7 @@ grub_install_generate_image (const char *dir, const char *prefix, - GRUB_PE32_SCN_MEM_READ | - GRUB_PE32_SCN_MEM_WRITE); - -- scn_size = pe_size - layout.reloc_size - sbat_size - raw_data; -+ scn_size = pe_size - layout.reloc_size - pubkey_size - sbat_size - raw_data; - section = init_pe_section (image_target, pe_img, section, "mods", - &vma, scn_size, image_target->section_align, - &raw_data, scn_size, -@@ -1477,6 +1496,19 @@ grub_install_generate_image (const char *dir, const char *prefix, - GRUB_PE32_SCN_MEM_READ | - GRUB_PE32_SCN_MEM_WRITE); - -+ if (pubkey_section) -+ { -+ pe_pubkey = pe_img + raw_data; -+ grub_util_load_image (pubkey_paths[0], pe_pubkey); -+ -+ section = init_pe_section (image_target, pe_img, section, ".pubkey", -+ &vma, pubkey_size, -+ image_target->section_align, -+ &raw_data, pubkey_size, -+ GRUB_PE32_SCN_CNT_INITIALIZED_DATA | -+ GRUB_PE32_SCN_MEM_READ); -+ } -+ - if (sbat_path != NULL) - { - pe_sbat = pe_img + raw_data; --- -2.39.0 - diff --git a/packages/grub/0046-Revert-sb-Add-fallback-to-EFI-LoadImage-if-shim_lock.patch b/packages/grub/0046-Revert-sb-Add-fallback-to-EFI-LoadImage-if-shim_lock.patch deleted file mode 100644 index 217d3895057..00000000000 --- a/packages/grub/0046-Revert-sb-Add-fallback-to-EFI-LoadImage-if-shim_lock.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 2773f01f5d9292c68b08f9392a8ae0bf9c2e3e30 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Tue, 13 Feb 2024 22:20:16 +0000 -Subject: [PATCH] Revert "sb: Add fallback to EFI LoadImage if shim_lock is - absent" - -For Secure Boot in Bottlerocket, we expect that shim_lock will always -be present, and don't need a fallback. - -Signed-off-by: Ben Cressey ---- - grub-core/Makefile.core.def | 1 - - grub-core/kern/efi/sb.c | 43 +++---------------------------------- - 2 files changed, 3 insertions(+), 41 deletions(-) - -diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def -index 5b8728e..3096cd4 100644 ---- a/grub-core/Makefile.core.def -+++ b/grub-core/Makefile.core.def -@@ -214,7 +214,6 @@ kernel = { - efi = kern/efi/sb.c; - efi = kern/lockdown.c; - efi = lib/envblk.c; -- efi = lib/crc.c; - i386_coreboot = kern/i386/pc/acpi.c; - i386_multiboot = kern/i386/pc/acpi.c; - i386_coreboot = kern/acpi.c; -diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c -index 70f9d9d..db42c25 100644 ---- a/grub-core/kern/efi/sb.c -+++ b/grub-core/kern/efi/sb.c -@@ -29,7 +29,6 @@ - #include - #include - #include --#include - - static grub_efi_guid_t shim_lock_guid = GRUB_EFI_SHIM_LOCK_GUID; - -@@ -171,50 +170,14 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)), - } - } - --static int grub_shim_lock_load_image_fallback(void *data, grub_uint32_t size) --{ -- grub_efi_memory_mapped_device_path_t *mempath; -- grub_efi_handle_t image_handle = 0; -- grub_efi_boot_services_t *b; -- grub_efi_status_t status; -- int len; -- -- mempath = grub_malloc (2 * sizeof (grub_efi_memory_mapped_device_path_t)); -- if (!mempath) -- return grub_errno; -- -- mempath[0].header.type = GRUB_EFI_HARDWARE_DEVICE_PATH_TYPE; -- mempath[0].header.subtype = GRUB_EFI_MEMORY_MAPPED_DEVICE_PATH_SUBTYPE; -- mempath[0].header.length = grub_cpu_to_le16_compile_time (sizeof (*mempath)); -- mempath[0].memory_type = GRUB_EFI_LOADER_DATA; -- mempath[0].start_address = (grub_addr_t)data; -- mempath[0].end_address = (grub_addr_t)data + size; -- -- mempath[1].header.type = GRUB_EFI_END_DEVICE_PATH_TYPE; -- mempath[1].header.subtype = GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE; -- mempath[1].header.length = sizeof (grub_efi_device_path_t); -- -- b = grub_efi_system_table->boot_services; -- status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, -- (grub_efi_device_path_t *) mempath, -- data, size, &image_handle); -- if (status != GRUB_EFI_SUCCESS) { -- return grub_error (GRUB_ERR_ACCESS_DENIED, -- "Cannot verify image, EFI err: %ld", (long)status); -- } -- efi_call_1 (b->unload_image, image_handle); -- return GRUB_ERR_NONE; --} -- - static grub_err_t - shim_lock_verifier_write (void *context __attribute__ ((unused)), void *buf, grub_size_t size) - { - grub_efi_shim_lock_protocol_t *sl = grub_efi_locate_protocol (&shim_lock_guid, 0); - -- if (!sl) { -- grub_dprintf ("secureboot", "shim not available, trying UEFI validation\n"); -- return grub_shim_lock_load_image_fallback(buf, size); -- } -+ if (!sl) -+ return grub_error (GRUB_ERR_ACCESS_DENIED, N_("shim_lock protocol not found")); -+ - if (sl->verify (buf, size) != GRUB_EFI_SUCCESS) - return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad shim signature")); - --- -2.43.0 - diff --git a/packages/grub/0047-Revert-UBUNTU-Move-verifiers-after-decompressors.patch b/packages/grub/0047-Revert-UBUNTU-Move-verifiers-after-decompressors.patch deleted file mode 100644 index d657801b691..00000000000 --- a/packages/grub/0047-Revert-UBUNTU-Move-verifiers-after-decompressors.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 95cafe6cf7dd2a02bd33ddee624bb9b7c3a931ae Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Tue, 13 Feb 2024 22:21:41 +0000 -Subject: [PATCH] Revert "UBUNTU: Move verifiers after decompressors" - -We use the PGP verifier to validate the signature of grub.cfg, and do -not want to expose the decompressors to untrusted input. - -Signed-off-by: Ben Cressey ---- - include/grub/file.h | 4 ++-- - tests/file_filter/test.cfg | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/include/grub/file.h b/include/grub/file.h -index fa23688..96827a4 100644 ---- a/include/grub/file.h -+++ b/include/grub/file.h -@@ -180,13 +180,13 @@ extern grub_disk_read_hook_t EXPORT_VAR(grub_file_progress_hook); - /* Filters with lower ID are executed first. */ - typedef enum grub_file_filter_id - { -+ GRUB_FILE_FILTER_VERIFY, - GRUB_FILE_FILTER_GZIO, - GRUB_FILE_FILTER_XZIO, - GRUB_FILE_FILTER_LZOPIO, -+ GRUB_FILE_FILTER_MAX, - GRUB_FILE_FILTER_COMPRESSION_FIRST = GRUB_FILE_FILTER_GZIO, - GRUB_FILE_FILTER_COMPRESSION_LAST = GRUB_FILE_FILTER_LZOPIO, -- GRUB_FILE_FILTER_VERIFY, -- GRUB_FILE_FILTER_MAX, - } grub_file_filter_id_t; - - typedef grub_file_t (*grub_file_filter_t) (grub_file_t in, enum grub_file_type type); -diff --git a/tests/file_filter/test.cfg b/tests/file_filter/test.cfg -index 17dc4a8..4308aac 100644 ---- a/tests/file_filter/test.cfg -+++ b/tests/file_filter/test.cfg -@@ -1,5 +1,5 @@ - trust /keys.pub --set check_signatures= -+set check_signatures=enforce - cat /file.gz - cat /file.xz - cat /file.lzop --- -2.43.0 - diff --git a/packages/grub/0048-add-flag-to-only-search-root-dev.patch b/packages/grub/0048-add-flag-to-only-search-root-dev.patch deleted file mode 100644 index a92993b5678..00000000000 --- a/packages/grub/0048-add-flag-to-only-search-root-dev.patch +++ /dev/null @@ -1,163 +0,0 @@ -From 115f44e341b8f204bccaf63686579a66507c2ded Mon Sep 17 00:00:00 2001 -From: Marta Lewandowska -Date: Mon, 9 Oct 2023 08:53:18 +0200 -Subject: [PATCH] add flag to only search root dev - -fixes bz#2223437 - -Signed-off-by: Marta Lewandowska ---- - grub-core/commands/search.c | 36 ++++++++++++++++++++++++++++++++ - grub-core/commands/search_wrap.c | 5 +++++ - grub-core/kern/misc.c | 30 ++++++++++++++++++++++++++ - include/grub/misc.h | 1 + - include/grub/search.h | 3 ++- - 5 files changed, 74 insertions(+), 1 deletion(-) - -diff --git a/grub-core/commands/search.c b/grub-core/commands/search.c -index ec03c75..e0a3b22 100644 ---- a/grub-core/commands/search.c -+++ b/grub-core/commands/search.c -@@ -89,6 +89,42 @@ iterate_device (const char *name, void *data) - grub_device_close (dev); - } - -+ /* Skip it if it's not the root device when requested. */ -+ if (ctx->flags & SEARCH_FLAGS_ROOTDEV_ONLY) -+ { -+ const char *root_dev; -+ root_dev = grub_env_get ("root"); -+ if (root_dev != NULL && *root_dev != '\0') -+ { -+ char *root_disk = grub_malloc (grub_strlen(root_dev) + 1); -+ char *name_disk = grub_malloc (grub_strlen(name) + 1); -+ char *rem_1 = grub_malloc(grub_strlen(root_dev) + 1); -+ char *rem_2 = grub_malloc(grub_strlen(name) + 1); -+ -+ if (root_disk != NULL && name_disk != NULL && -+ rem_1 != NULL && rem_2 != NULL) -+ { -+ /* get just the disk name; partitions will be different. */ -+ grub_str_sep (root_dev, root_disk, ',', rem_1); -+ grub_str_sep (name, name_disk, ',', rem_2); -+ if (root_disk != NULL && *root_disk != '\0' && -+ name_disk != NULL && *name_disk != '\0') -+ if (grub_strcmp(root_disk, name_disk) != 0) -+ { -+ grub_free (root_disk); -+ grub_free (name_disk); -+ grub_free (rem_1); -+ grub_free (rem_2); -+ return 0; -+ } -+ } -+ grub_free (root_disk); -+ grub_free (name_disk); -+ grub_free (rem_1); -+ grub_free (rem_2); -+ } -+ } -+ - #if defined(DO_SEARCH_FS_UUID) || defined(DO_SEARCH_DISK_UUID) - #define compare_fn grub_strcasecmp - #else -diff --git a/grub-core/commands/search_wrap.c b/grub-core/commands/search_wrap.c -index c8152b1..fd77b1c 100644 ---- a/grub-core/commands/search_wrap.c -+++ b/grub-core/commands/search_wrap.c -@@ -47,6 +47,7 @@ static const struct grub_arg_option options[] = - ARG_TYPE_STRING}, - {"no-floppy", 'n', 0, N_("Do not probe any floppy drive."), 0, 0}, - {"efidisk-only", 0, 0, N_("Only probe EFI disks."), 0, 0}, -+ {"root-dev-only", 'r', 0, N_("Only probe root device."), 0, 0}, - {"hint", 'h', GRUB_ARG_OPTION_REPEATABLE, - N_("First try the device HINT. If HINT ends in comma, " - "also try subpartitions"), N_("HINT"), ARG_TYPE_STRING}, -@@ -84,6 +85,7 @@ enum options - SEARCH_SET, - SEARCH_NO_FLOPPY, - SEARCH_EFIDISK_ONLY, -+ SEARCH_ROOTDEV_ONLY, - SEARCH_HINT, - SEARCH_HINT_IEEE1275, - SEARCH_HINT_BIOS, -@@ -198,6 +200,9 @@ grub_cmd_search (grub_extcmd_context_t ctxt, int argc, char **args) - if (state[SEARCH_EFIDISK_ONLY].set) - flags |= SEARCH_FLAGS_EFIDISK_ONLY; - -+ if (state[SEARCH_ROOTDEV_ONLY].set) -+ flags |= SEARCH_FLAGS_ROOTDEV_ONLY; -+ - if (state[SEARCH_LABEL].set) - grub_search_label (id, var, flags, hints, nhints); - else if (state[SEARCH_FS_UUID].set) -diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c -index 5d2b246..a95d182 100644 ---- a/grub-core/kern/misc.c -+++ b/grub-core/kern/misc.c -@@ -598,6 +598,36 @@ grub_reverse (char *str) - } - } - -+/* Separate string into two parts, broken up by delimiter delim. */ -+void -+grub_str_sep (const char *s, char *p, char delim, char *r) -+{ -+ char* t = grub_strndup(s, grub_strlen(s)); -+ -+ if (t != NULL && *t != '\0') -+ { -+ char* tmp = t; -+ -+ while (((*p = *t) != '\0') && ((*p = *t) != delim)) -+ { -+ p++; -+ t++; -+ } -+ *p = '\0'; -+ -+ if (*t != '\0') -+ { -+ t++; -+ while ((*r++ = *t++) != '\0') -+ ; -+ *r = '\0'; -+ } -+ grub_free (tmp); -+ } -+ else -+ grub_free (t); -+} -+ - /* Divide N by D, return the quotient, and store the remainder in *R. */ - grub_uint64_t - grub_divmod64 (grub_uint64_t n, grub_uint64_t d, grub_uint64_t *r) -diff --git a/include/grub/misc.h b/include/grub/misc.h -index 0a26855..a359b0d 100644 ---- a/include/grub/misc.h -+++ b/include/grub/misc.h -@@ -314,6 +314,7 @@ void *EXPORT_FUNC(grub_memset) (void *s, int c, grub_size_t n); - grub_size_t EXPORT_FUNC(grub_strlen) (const char *s) WARN_UNUSED_RESULT; - int EXPORT_FUNC(grub_printf) (const char *fmt, ...) __attribute__ ((format (GNU_PRINTF, 1, 2))); - int EXPORT_FUNC(grub_printf_) (const char *fmt, ...) __attribute__ ((format (GNU_PRINTF, 1, 2))); -+void EXPORT_FUNC(grub_str_sep) (const char *s, char *p, char delim, char *r); - - /* Replace all `ch' characters of `input' with `with' and copy the - result into `output'; return EOS address of `output'. */ -diff --git a/include/grub/search.h b/include/grub/search.h -index a5f56b2..8727409 100644 ---- a/include/grub/search.h -+++ b/include/grub/search.h -@@ -22,7 +22,8 @@ - enum search_flags - { - SEARCH_FLAGS_NO_FLOPPY = 1, -- SEARCH_FLAGS_EFIDISK_ONLY = 2 -+ SEARCH_FLAGS_EFIDISK_ONLY = 2, -+ SEARCH_FLAGS_ROOTDEV_ONLY = 4 - }; - - void grub_search_fs_file (const char *key, const char *var, --- -2.43.0 - diff --git a/packages/grub/Cargo.toml b/packages/grub/Cargo.toml deleted file mode 100644 index c61feae9d05..00000000000 --- a/packages/grub/Cargo.toml +++ /dev/null @@ -1,13 +0,0 @@ -[package] -name = "grub" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -url = "https://cdn.amazonlinux.com/al2023/blobstore/f4fa28cb4e1586d622925449b1e24748c6ab09ccebe0fd8ddfa20cf5e7ce182a/grub2-2.06-61.amzn2023.0.9.src.rpm" -sha512 = "57886df0580f166bd741126f19109a0e464bc2408aafca38e68def077a2ab1f64c239d85015c44162b88d787da7ec55a623f4e7d2601942391f0996038393f99" diff --git a/packages/grub/bios.cfg b/packages/grub/bios.cfg deleted file mode 100644 index f3b46aa50c0..00000000000 --- a/packages/grub/bios.cfg +++ /dev/null @@ -1,13 +0,0 @@ -set no_modules=y -serial -terminal_output serial console -gptprio.next -d boot_dev -u boot_uuid -set root=$boot_dev -set prefix=($root)/grub -export boot_uuid -search --no-floppy --root-dev-only --set private --part-label BOTTLEROCKET-PRIVATE -configfile /grub/grub.cfg -echo "boot failed (device ($boot_dev), uuid $boot_uuid)" -echo "rebooting in 30 seconds..." -sleep 30 -reboot diff --git a/packages/grub/efi.cfg b/packages/grub/efi.cfg deleted file mode 100644 index fa2e5574df2..00000000000 --- a/packages/grub/efi.cfg +++ /dev/null @@ -1,12 +0,0 @@ -set no_modules=y -terminal_output console -gptprio.next -d boot_dev -u boot_uuid -set root=$boot_dev -set prefix=($root)/grub -export boot_uuid -search --no-floppy --root-dev-only --set private --part-label BOTTLEROCKET-PRIVATE -configfile /grub/grub.cfg -echo "boot failed (device ($boot_dev), uuid $boot_uuid)" -echo "rebooting in 30 seconds..." -sleep 30 -reboot diff --git a/packages/grub/grub.spec b/packages/grub/grub.spec deleted file mode 100644 index a4a7e314edf..00000000000 --- a/packages/grub/grub.spec +++ /dev/null @@ -1,279 +0,0 @@ -%global debug_package %{nil} -%global __strip %{_bindir}/true - -%global efidir /boot/efi/EFI/BOOT -%global efi_image grub%{_cross_efi_arch}.efi -%global biosdir /boot/grub - -# This is specific to the upstream source RPM, and will likely need to be -# updated for each new version. -%global gnulib_version gnulib-9f48fb992a3d7e96610c4ce8be969cff2d61a01b - -Name: %{_cross_os}grub -Version: 2.06 -Release: 1%{?dist} -Summary: Bootloader with support for Linux and more -License: GPL-3.0-or-later AND Unicode-DFS-2015 -URL: https://www.gnu.org/software/grub/ -Source0: https://cdn.amazonlinux.com/al2023/blobstore/f4fa28cb4e1586d622925449b1e24748c6ab09ccebe0fd8ddfa20cf5e7ce182a/grub2-2.06-61.amzn2023.0.9.src.rpm -Source1: bios.cfg -Source2: efi.cfg -Source3: sbat.csv.in -Patch0001: 0001-setup-Add-root-device-argument-to-grub-setup.patch -Patch0002: 0002-gpt-start-new-GPT-module.patch -Patch0003: 0003-gpt-rename-misnamed-header-location-fields.patch -Patch0004: 0004-gpt-record-size-of-of-the-entries-table.patch -Patch0005: 0005-gpt-consolidate-crc32-computation-code.patch -Patch0006: 0006-gpt-add-new-repair-function-to-sync-up-primary-and-b.patch -Patch0007: 0007-gpt-add-write-function-and-gptrepair-command.patch -Patch0008: 0008-gpt-add-a-new-generic-GUID-type.patch -Patch0009: 0009-gpt-new-gptprio.next-command-for-selecting-priority-.patch -Patch0010: 0010-gpt-split-out-checksum-recomputation.patch -Patch0011: 0011-gpt-move-gpt-guid-printing-function-to-common-librar.patch -Patch0012: 0012-gpt-switch-partition-names-to-a-16-bit-type.patch -Patch0013: 0013-tests-add-some-partitions-to-the-gpt-unit-test-data.patch -Patch0014: 0014-gpt-add-search-by-partition-label-and-uuid-commands.patch -Patch0015: 0015-gpt-clean-up-little-endian-crc32-computation.patch -Patch0016: 0016-gpt-minor-cleanup.patch -Patch0017: 0017-gpt-add-search-by-disk-uuid-command.patch -Patch0018: 0018-gpt-do-not-use-disk-sizes-GRUB-will-reject-as-invali.patch -Patch0019: 0019-gpt-add-verbose-debug-logging.patch -Patch0020: 0020-gpt-improve-validation-of-GPT-headers.patch -Patch0021: 0021-gpt-refuse-to-write-to-sector-0.patch -Patch0022: 0022-gpt-properly-detect-and-repair-invalid-tables.patch -Patch0023: 0023-gptrepair_test-fix-typo-in-cleanup-trap.patch -Patch0024: 0024-gptprio_test-check-GPT-is-repaired-when-appropriate.patch -Patch0025: 0025-gpt-fix-partition-table-indexing-and-validation.patch -Patch0026: 0026-gpt-prefer-disk-size-from-header-over-firmware.patch -Patch0027: 0027-gpt-add-helper-for-picking-a-valid-header.patch -Patch0028: 0028-gptrepair-fix-status-checking.patch -Patch0029: 0029-gpt-use-inline-functions-for-checking-status-bits.patch -Patch0030: 0030-gpt-allow-repair-function-to-noop.patch -Patch0031: 0031-gpt-do-not-use-an-enum-for-status-bit-values.patch -Patch0032: 0032-gpt-check-header-and-entries-status-bits-together.patch -Patch0033: 0033-gpt-be-more-careful-about-relocating-backup-header.patch -Patch0034: 0034-gpt-selectively-update-fields-during-repair.patch -Patch0035: 0035-gpt-always-revalidate-when-recomputing-checksums.patch -Patch0036: 0036-gpt-include-backup-in-sync-check-in-revalidation.patch -Patch0037: 0037-gpt-read-entries-table-at-the-same-time-as-the-heade.patch -Patch0038: 0038-gpt-report-all-revalidation-errors.patch -Patch0039: 0039-gpt-rename-and-update-documentation-for-grub_gpt_upd.patch -Patch0040: 0040-gpt-write-backup-GPT-first-skip-if-inaccessible.patch -Patch0041: 0041-gptprio-Use-Bottlerocket-boot-partition-type-GUID.patch -Patch0042: 0042-util-mkimage-Bump-EFI-PE-header-size-to-accommodate-.patch -Patch0043: 0043-util-mkimage-avoid-adding-section-table-entry-outsid.patch -Patch0044: 0044-efi-return-virtual-size-of-section-found-by-grub_efi.patch -Patch0045: 0045-mkimage-pgp-move-single-public-key-into-its-own-sect.patch -Patch0046: 0046-Revert-sb-Add-fallback-to-EFI-LoadImage-if-shim_lock.patch -Patch0047: 0047-Revert-UBUNTU-Move-verifiers-after-decompressors.patch -Patch0048: 0048-add-flag-to-only-search-root-dev.patch - -BuildRequires: automake -BuildRequires: bison -BuildRequires: flex -BuildRequires: gettext-devel - -%description -%{summary}. - -%package modules -Summary: Modules for the bootloader with support for Linux and more - -%description modules -%{summary}. - -%package tools -Summary: Tools for the bootloader with support for Linux and more - -%description tools -%{summary}. - -%prep -rpm2cpio %{S:0} | cpio -iu grub-%{version}.tar.xz \ - bootstrap bootstrap.conf \ - gitignore %{gnulib_version}.tar.gz \ - "*.patch" - -# Mimic prep from upstream spec to prepare for patching. -tar -xof grub-%{version}.tar.xz; rm grub-%{version}.tar.xz -%setup -TDn grub-%{version} -mv ../bootstrap{,.conf} . -mv ../gitignore .gitignore -tar -xof ../%{gnulib_version}.tar.gz; rm ../%{gnulib_version}.tar.gz -mv %{gnulib_version} gnulib -cp unicode/COPYING COPYING.unicode -rm -f configure - -# Apply upstream and local patches. -git init -git config user.email 'user@localhost' -git config user.name 'user' -git add . -git commit -a -q -m "base" -git am --whitespace=nowarn ../*.patch %{patches} - -# Let bootstrap start from a clean slate and freshly copy in the relevant -# parts from gnulib. In particular remove the configure macros that aren't -# compatible with the copied in version of gnulib. -rm -r build-aux m4 - -./bootstrap - -%global grub_cflags -pipe -fno-stack-protector -fno-strict-aliasing -%global grub_ldflags -static -%global _configure ../configure - -%build -export \ - TARGET_CPP="%{_cross_target}-gcc -E" \ - TARGET_CC="%{_cross_target}-gcc" \ - TARGET_CFLAGS="%{grub_cflags}" \ - TARGET_CPPFLAGS="%{grub_cflags}" \ - TARGET_LDFLAGS="%{grub_ldflags}" \ - TARGET_NM="%{_cross_target}-nm" \ - TARGET_OBJCOPY="%{_cross_target}-objcopy" \ - TARGET_STRIP="%{_cross_target}-strip" \ - PYTHON="python3" \ - -%if "%{_cross_arch}" == "x86_64" -mkdir bios-build -pushd bios-build - -%cross_configure \ - CFLAGS="" \ - LDFLAGS="" \ - --host="%{_build}" \ - --target="i386" \ - --with-platform="pc" \ - --with-utils=host \ - --disable-grub-mkfont \ - --disable-rpm-sort \ - --disable-werror \ - --enable-efiemu=no \ - --enable-device-mapper=no \ - --enable-libzfs=no \ - -%make_build -popd -%endif - -mkdir efi-build -pushd efi-build - -sed -e "s,__VERSION__,%{version},g" %{S:3} > sbat.csv - -%cross_configure \ - CFLAGS="" \ - LDFLAGS="" \ - --host="%{_build}" \ - --target="%{_cross_arch}" \ - --with-platform="efi" \ - --with-utils=host \ - --disable-grub-mkfont \ - --disable-rpm-sort \ - --disable-werror \ - --enable-efiemu=no \ - --enable-device-mapper=no \ - --enable-libzfs=no \ - -%make_build -popd - -%install -MODS=(configfile echo ext2 gptprio linux normal part_gpt reboot sleep zstd search) - -# These modules are needed for signature verification, which is currently only -# done for the EFI build of GRUB. -VERIFY_MODS=(pgp crypto gcry_sha256 gcry_sha512 gcry_dsa gcry_rsa) - -%if "%{_cross_arch}" == "x86_64" -pushd bios-build -%make_install -mkdir -p %{buildroot}%{biosdir} -%{buildroot}%{_cross_bindir}/grub-mkimage \ - -c %{S:1} \ - -d ./grub-core/ \ - -O "i386-pc" \ - -o "%{buildroot}%{biosdir}/core.img" \ - -p "(hd0,gpt2)/boot/grub" \ - biosdisk serial ${MODS[@]} -install -m 0644 ./grub-core/boot.img \ - %{buildroot}%{biosdir}/boot.img -popd -%endif - -pushd efi-build -%make_install -mkdir -p %{buildroot}%{efidir} - -# Make sure the `.pubkey` section is large enough to cover a replacement -# certificate, or `objcopy` may silently retain the existing section. -truncate -s 4096 empty.pubkey - -%{buildroot}%{_cross_bindir}/grub-mkimage \ - -c %{S:2} \ - -d ./grub-core/ \ - -O "%{_cross_grub_efi_format}" \ - -o "%{buildroot}%{efidir}/%{efi_image}" \ - -p "/EFI/BOOT" \ - --pubkey empty.pubkey \ - --sbat sbat.csv \ - efi_gop ${MODS[@]} ${VERIFY_MODS[@]} -popd - -%files -%license COPYING COPYING.unicode -%{_cross_attribution_file} -%if "%{_cross_arch}" == "x86_64" -%dir %{biosdir} -%{biosdir}/boot.img -%{biosdir}/core.img -%endif -%dir %{efidir} -%{efidir}/%{efi_image} -%{_cross_sbindir}/grub-bios-setup -%exclude %{_cross_bashdir} -%exclude %{_cross_infodir} -%exclude %{_cross_libexecdir} -%exclude %{_cross_localedir} -%exclude %{_cross_sysconfdir} -%exclude %{_cross_unitdir} - -%files modules -%dir %{_cross_libdir}/grub -%{_cross_libdir}/grub/* - -%files tools -%{_cross_bindir}/grub-editenv -%{_cross_bindir}/grub-file -%{_cross_bindir}/grub-fstest -%{_cross_bindir}/grub-glue-efi -%{_cross_bindir}/grub-kbdcomp -%{_cross_bindir}/grub-menulst2cfg -%{_cross_bindir}/grub-mkimage -%{_cross_bindir}/grub-mklayout -%{_cross_bindir}/grub-mknetdir -%{_cross_bindir}/grub-mkpasswd-pbkdf2 -%{_cross_bindir}/grub-mkrelpath -%{_cross_bindir}/grub-mkrescue -%{_cross_bindir}/grub-mkstandalone -%{_cross_bindir}/grub-render-label -%{_cross_bindir}/grub-script-check -%{_cross_bindir}/grub-syslinux2cfg -%{_cross_sbindir}/grub-get-kernel-settings -%{_cross_sbindir}/grub-install -%{_cross_sbindir}/grub-macbless -%{_cross_sbindir}/grub-mkconfig -%{_cross_sbindir}/grub-ofpathname -%{_cross_sbindir}/grub-probe -%{_cross_sbindir}/grub-reboot -%{_cross_sbindir}/grub-set-bootflag -%{_cross_sbindir}/grub-set-default -%{_cross_sbindir}/grub-set-password -%{_cross_sbindir}/grub-sparc64-setup -%{_cross_sbindir}/grub-switch-to-blscfg - -%dir %{_cross_datadir}/grub -%{_cross_datadir}/grub/grub-mkconfig_lib - -%changelog diff --git a/packages/grub/latest-srpm-url.sh b/packages/grub/latest-srpm-url.sh deleted file mode 100755 index 2c5e313e910..00000000000 --- a/packages/grub/latest-srpm-url.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -cmd='dnf install -q -y --releasever=latest yum-utils && yumdownloader -q --releasever=latest --source --urls grub2' -docker run --rm amazonlinux:2023 sh -c "${cmd}" \ - | grep '^http' \ - | xargs --max-args=1 --no-run-if-empty realpath --canonicalize-missing --relative-to=. \ - | sed 's_:/_://_' diff --git a/packages/grub/replace-grub-pubkey b/packages/grub/replace-grub-pubkey deleted file mode 100755 index 7d8a69b583e..00000000000 --- a/packages/grub/replace-grub-pubkey +++ /dev/null @@ -1,45 +0,0 @@ -#!/usr/bin/env bash - -set -e - -readonly grub_image="${1:?expecting GRUB image as first argument}" -readonly public_key="${2:?expecting GPG public key file as second argument}" -readonly local_keys="${3:?expecting directory containing local signing keys as third argument}" - - -# -# Create unsigned image with embedded key replaced -# - -rm -f "${grub_image}.unsigned" -pesign -r -u 0 -i "${grub_image}" -o "${grub_image}.unsigned" -objcopy --update-section .pubkey="${public_key}" "${grub_image}.unsigned" - - -# -# Re-sign resulting image (steps copied from rpm2img) -# - -# Generate the PKCS12 archive for import. -openssl pkcs12 \ - -export \ - -passout pass: \ - -inkey "${local_keys}/code-sign.key" \ - -in "${local_keys}/code-sign.crt" \ - -certfile "${local_keys}/CA.crt" \ - -out "${local_keys}/code-sign.p12" - -# Import certificates and private key archive. -PEDB="/etc/pki/pesign" -certutil -d "${PEDB}" -A -n CA -i "${local_keys}/CA.crt" -t "CT,C,C" -certutil -d "${PEDB}" -A -n code-sign-key -i "${local_keys}/code-sign.crt" -t ",,P" -pk12util -d "${PEDB}" -i "${local_keys}/code-sign.p12" -W "" -certutil -d "${PEDB}" -L -PESIGN_KEY="-c code-sign-key" - -openssl x509 \ - -inform PEM -in "${local_keys}/CA.crt" \ - -outform DER -out "${local_keys}/CA.der" - -pesign -i "${grub_image}.unsigned" -o "${grub_image}" -f -s ${PESIGN_KEY} -pesigcheck -i "${grub_image}" -n 0 -c "${local_keys}/CA.der" diff --git a/packages/grub/sbat.csv.in b/packages/grub/sbat.csv.in deleted file mode 100644 index dabc2612440..00000000000 --- a/packages/grub/sbat.csv.in +++ /dev/null @@ -1,3 +0,0 @@ -sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md -grub,4,Free Software Foundation,grub,__VERSION__,https://www.gnu.org/software/grub/ -grub.bottlerocket,1,Bottlerocket,grub,__VERSION__,https://github.com/bottlerocket-os/bottlerocket/blob/develop/SECURITY.md diff --git a/packages/host-ctr/Cargo.toml b/packages/host-ctr/Cargo.toml deleted file mode 100644 index 25311677873..00000000000 --- a/packages/host-ctr/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "host-ctr" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] -source-groups = [ "host-ctr" ] - -[lib] -path = "../packages.rs" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -# `containerd` is only needed at runtime, and is pulled in by `release`. -# containerd = { path = "../containerd" } diff --git a/packages/host-ctr/etc-host-containers.mount.in b/packages/host-ctr/etc-host-containers.mount.in deleted file mode 100644 index ec71d53aeeb..00000000000 --- a/packages/host-ctr/etc-host-containers.mount.in +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Host containers Configuration Directory (/etc/host-containers) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/host-containers -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,mode=0750,context=system_u:object_r:secret_t:s0 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/host-ctr/host-containerd-config.toml b/packages/host-ctr/host-containerd-config.toml deleted file mode 100644 index 82bbfd0ba08..00000000000 --- a/packages/host-ctr/host-containerd-config.toml +++ /dev/null @@ -1,14 +0,0 @@ -version = 2 -root = "/var/lib/host-containerd" -state = "/run/host-containerd" -disabled_plugins = [ - "io.containerd.internal.v1.opt", - "io.containerd.snapshotter.v1.aufs", - "io.containerd.snapshotter.v1.devmapper", - "io.containerd.snapshotter.v1.native", - "io.containerd.snapshotter.v1.zfs", - "io.containerd.grpc.v1.cri", -] - -[grpc] -address = "/run/host-containerd/containerd.sock" diff --git a/packages/host-ctr/host-containerd-tmpfiles.conf b/packages/host-ctr/host-containerd-tmpfiles.conf deleted file mode 100644 index 51cfa4d7b7b..00000000000 --- a/packages/host-ctr/host-containerd-tmpfiles.conf +++ /dev/null @@ -1 +0,0 @@ -C /etc/host-containerd/config.toml - - - - diff --git a/packages/host-ctr/host-containerd.service b/packages/host-ctr/host-containerd.service deleted file mode 100644 index 7eea9bccf83..00000000000 --- a/packages/host-ctr/host-containerd.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=containerd runtime for host containers -Documentation=https://containerd.io -After=network-online.target preconfigured.target -Wants=network-online.target preconfigured.target - -[Service] -EnvironmentFile=/etc/network/proxy.env -ExecStart=/usr/bin/containerd --config /etc/host-containerd/config.toml -Type=notify -Delegate=yes -KillMode=process -TimeoutSec=0 -RestartSec=2 -Restart=always -LimitNPROC=infinity -LimitCORE=infinity -LimitNOFILE=infinity -TasksMax=infinity - -[Install] -WantedBy=configured.target diff --git a/packages/host-ctr/host-ctr.spec b/packages/host-ctr/host-ctr.spec deleted file mode 100644 index f6220b98f4b..00000000000 --- a/packages/host-ctr/host-ctr.spec +++ /dev/null @@ -1,86 +0,0 @@ -%global _cross_first_party 1 -%global workspace_name host-ctr - -Name: %{_cross_os}%{workspace_name} -Version: 0.0 -Release: 0%{?dist} -Summary: Bottlerocket host container runner -License: Apache-2.0 OR MIT -URL: https://github.com/bottlerocket-os/bottlerocket -BuildRequires: %{_cross_os}glibc-devel -Requires: %{_cross_os}containerd -Requires: %{name}(binaries) - -Source10: host-containerd.service -Source11: host-containerd-tmpfiles.conf -Source12: host-containerd-config.toml - -# Mount for writing host-ctr configuration -Source100: etc-host-containers.mount.in - -%description -%{summary}. - -%package bin -Summary: Bottlerocket host container runner binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Bottlerocket host container runner binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%setup -T -c -cp -r %{_builddir}/sources/%{workspace_name}/* . - -%build -export GO_VERSION="1.22.2" - -%set_cross_go_flags -go build -ldflags="${GOLDFLAGS}" -o host-ctr ./cmd/host-ctr -gofips build -ldflags="${GOLDFLAGS}" -o fips/host-ctr ./cmd/host-ctr - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 host-ctr %{buildroot}%{_cross_bindir} - -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 fips/host-ctr %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:10} %{buildroot}%{_cross_unitdir} -ETC_HOST_CONTAINERS=$(systemd-escape --path /etc/host-containers) -install -p -m 0644 %{S:100} %{buildroot}%{_cross_unitdir}/${ETC_HOST_CONTAINERS}.mount - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:11} %{buildroot}%{_cross_tmpfilesdir}/host-containerd.conf - -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/host-containerd -install -p -m 0644 %{S:12} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/host-containerd/config.toml - -%cross_scan_attribution go-vendor vendor - -%files -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/host-containerd.service -%{_cross_unitdir}/*.mount -%{_cross_tmpfilesdir}/host-containerd.conf -%{_cross_factorydir}%{_cross_sysconfdir}/host-containerd/config.toml - -%files bin -%{_cross_bindir}/host-ctr - -%files fips-bin -%{_cross_fips_bindir}/host-ctr - -%changelog diff --git a/packages/iproute/0001-skip-libelf-check.patch b/packages/iproute/0001-skip-libelf-check.patch deleted file mode 100644 index 38111ecee10..00000000000 --- a/packages/iproute/0001-skip-libelf-check.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 83c4c40aa5a8b1fc7573f2b7a4e37c84427d148a Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Fri, 23 Aug 2019 22:14:50 +0000 -Subject: [PATCH] skip libelf check - -The host library is detected, but it is not available for the target. - -Signed-off-by: Ben Cressey -Signed-off-by: Sean P. Kelly ---- - configure | 3 --- - 1 file changed, 3 deletions(-) - -diff --git a/configure b/configure -index 440facb..0d78271 100755 ---- a/configure -+++ b/configure -@@ -619,9 +619,6 @@ check_tirpc - echo -n "libbpf support: " - check_libbpf - --echo -n "ELF support: " --check_elf -- - echo -n "libmnl support: " - check_mnl - --- -2.32.0 - diff --git a/packages/iproute/Cargo.toml b/packages/iproute/Cargo.toml deleted file mode 100644 index 7470cfe418c..00000000000 --- a/packages/iproute/Cargo.toml +++ /dev/null @@ -1,22 +0,0 @@ -[package] -name = "iproute" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "http://kernel.org/pub/linux/utils/net/iproute2" - -[[package.metadata.build-package.external-files]] -url = "https://kernel.org/pub/linux/utils/net/iproute2/iproute2-6.4.0.tar.xz" -sha512 = "42330be6e061302694ea301765ff8d3cbfaeca4b1d06e39778861e4390ed211c03cb2d41498190202b659f7f5647b1ca4857410ef8c16fd601a35e7162788d21" - -[build-dependencies] -glibc = { path = "../glibc" } -libcap = { path = "../libcap" } -libmnl = { path = "../libmnl" } -libselinux = { path = "../libselinux" } diff --git a/packages/iproute/iproute.spec b/packages/iproute/iproute.spec deleted file mode 100644 index d980b3f26ea..00000000000 --- a/packages/iproute/iproute.spec +++ /dev/null @@ -1,87 +0,0 @@ -Name: %{_cross_os}iproute -Version: 6.4.0 -Release: 1%{?dist} -Summary: Tools for advanced IP routing and network device configuration -License: GPL-2.0-or-later AND GPL-2.0-only -URL: https://kernel.org/pub/linux/utils/net/iproute2/ -Source0: https://kernel.org/pub/linux/utils/net/iproute2/iproute2-%{version}.tar.xz -Patch1: 0001-skip-libelf-check.patch - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libcap-devel -BuildRequires: %{_cross_os}libmnl-devel -BuildRequires: %{_cross_os}libselinux-devel -Requires: %{_cross_os}libcap -Requires: %{_cross_os}libmnl -Requires: %{_cross_os}libselinux - -%description -%{summary}. - -%prep -%autosetup -n iproute2-%{version} -p1 - -%global set_env \ -export CC="%{_cross_target}-gcc" \\\ -export HOSTCC="gcc" \\\ -export DESTDIR='%{buildroot}' \\\ -export SBINDIR='%{_cross_sbindir}' \\\ -export MANDIR='%{_cross_mandir}' \\\ -export LIBDIR='%{_cross_libdir}' \\\ -export CONFDIR='%{_cross_sysconfdir}/iproute2' \\\ -export DOCDIR='%{_cross_docdir}' \\\ -export HDRDIR='%{_cross_includedir}' \\\ -export BASH_COMPDIR='%{_cross_bashdir}' \\\ -export PKG_CONFIG_PATH='%{_cross_pkgconfigdir}' \\\ -%{nil} - -%build -%set_env -%set_cross_build_flags -./configure --libdir '%{_cross_libdir}' -%make_build - -%install -%set_env -%make_install - -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir} -mv %{buildroot}%{_cross_sysconfdir}/iproute2 %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir} - -install -d %{buildroot}%{_cross_tmpfilesdir} -for f in %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/iproute2/* ; do - echo "C %{_cross_sysconfdir}/iproute2/${f##*/} - - - -" >> %{buildroot}%{_cross_tmpfilesdir}/iproute2.conf -done - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_sbindir}/bridge -%{_cross_sbindir}/ctstat -%{_cross_sbindir}/dcb -%{_cross_sbindir}/devlink -%{_cross_sbindir}/genl -%{_cross_sbindir}/ifstat -%{_cross_sbindir}/ip -%{_cross_sbindir}/lnstat -%{_cross_sbindir}/nstat -%{_cross_sbindir}/rdma -%{_cross_sbindir}/routel -%{_cross_sbindir}/rtacct -%{_cross_sbindir}/rtmon -%{_cross_sbindir}/rtstat -%{_cross_sbindir}/ss -%{_cross_sbindir}/tc -%{_cross_sbindir}/tipc -%{_cross_sbindir}/vdpa -%dir %{_cross_libdir}/tc -%{_cross_libdir}/tc/* -%dir %{_cross_factorydir}%{_cross_sysconfdir}/iproute2 -%{_cross_factorydir}%{_cross_sysconfdir}/iproute2/* -%{_cross_tmpfilesdir}/iproute2.conf -%exclude %{_cross_bashdir}/* -%exclude %{_cross_docdir}/* -%exclude %{_cross_mandir}/* -%exclude %{_cross_includedir}/* - -%changelog diff --git a/packages/iptables/1001-extensions-NAT-Fix-for-Werror-format-security.patch b/packages/iptables/1001-extensions-NAT-Fix-for-Werror-format-security.patch deleted file mode 100644 index 339a312f8cd..00000000000 --- a/packages/iptables/1001-extensions-NAT-Fix-for-Werror-format-security.patch +++ /dev/null @@ -1,29 +0,0 @@ -From ed4082a7405a5838c205a34c1559e289949200cc Mon Sep 17 00:00:00 2001 -From: Phil Sutter -Date: Thu, 12 Jan 2023 14:38:44 +0100 -Subject: extensions: NAT: Fix for -Werror=format-security - -Have to pass either a string literal or format string to xt_xlate_add(). - -Fixes: f30c5edce0413 ("extensions: Merge SNAT, DNAT, REDIRECT and MASQUERADE") -Signed-off-by: Phil Sutter ---- - extensions/libxt_NAT.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/extensions/libxt_NAT.c b/extensions/libxt_NAT.c -index da9f2201..2a634398 100644 ---- a/extensions/libxt_NAT.c -+++ b/extensions/libxt_NAT.c -@@ -424,7 +424,7 @@ __NAT_xlate(struct xt_xlate *xl, const struct nf_nat_range2 *r, - if (r->flags & NF_NAT_RANGE_PROTO_OFFSET) - return 0; - -- xt_xlate_add(xl, tgt); -+ xt_xlate_add(xl, "%s", tgt); - if (strlen(range_str)) - xt_xlate_add(xl, " to %s", range_str); - if (r->flags & NF_NAT_RANGE_PROTO_RANDOM) { --- -cgit v1.2.3 - diff --git a/packages/iptables/1002-ip6tables-Fix-checking-existence-of-rule.patch b/packages/iptables/1002-ip6tables-Fix-checking-existence-of-rule.patch deleted file mode 100644 index d0a88ebd27e..00000000000 --- a/packages/iptables/1002-ip6tables-Fix-checking-existence-of-rule.patch +++ /dev/null @@ -1,31 +0,0 @@ -From ba75342ff3e01605258810eb7f5683d8e326ffd8 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Mon, 3 Apr 2023 22:20:23 +0200 -Subject: [PATCH] ip6tables: Fix checking existence of rule - -Pass the proper entry size when creating a match mask for checking the -existence of a rule. Failing to do so causes wrong results. - -Reported-by: Jonathan Caicedo -Fixes: eb2546a846776 ("xshared: Share make_delete_mask() between ip{,6}tables") -Signed-off-by: Markus Boehme ---- - iptables/ip6tables.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c -index 345af451..9afc32c1 100644 ---- a/iptables/ip6tables.c -+++ b/iptables/ip6tables.c -@@ -331,7 +331,7 @@ check_entry(const xt_chainlabel chain, struct ip6t_entry *fw, - int ret = 1; - unsigned char *mask; - -- mask = make_delete_mask(matches, target, sizeof(fw)); -+ mask = make_delete_mask(matches, target, sizeof(*fw)); - for (i = 0; i < nsaddrs; i++) { - fw->ipv6.src = saddrs[i]; - fw->ipv6.smsk = smasks[i]; --- -2.25.1 - diff --git a/packages/iptables/Cargo.toml b/packages/iptables/Cargo.toml deleted file mode 100644 index b004f145803..00000000000 --- a/packages/iptables/Cargo.toml +++ /dev/null @@ -1,23 +0,0 @@ -[package] -name = "iptables" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://www.netfilter.org/projects/iptables/files" - -[[package.metadata.build-package.external-files]] -url = "https://www.netfilter.org/projects/iptables/files/iptables-1.8.9.tar.xz" -sha512 = "e367bf286135e39b7401e852de25c1ed06d44befdffd92ed1566eb2ae9704b48ac9196cb971f43c6c83c6ad4d910443d32064bcdf618cfcef6bcab113e31ff70" - -[build-dependencies] -glibc = { path = "../glibc" } -libmnl = { path = "../libmnl" } -libnetfilter_conntrack = { path = "../libnetfilter_conntrack" } -libnfnetlink = { path = "../libnfnetlink" } -libnftnl = { path = "../libnftnl" } diff --git a/packages/iptables/iptables.spec b/packages/iptables/iptables.spec deleted file mode 100644 index 8b6b4ad3bc0..00000000000 --- a/packages/iptables/iptables.spec +++ /dev/null @@ -1,88 +0,0 @@ -Name: %{_cross_os}iptables -Version: 1.8.9 -Release: 1%{?dist} -Summary: Tools for managing Linux kernel packet filtering capabilities -License: GPL-2.0-or-later AND GPL-2.0-only -URL: http://www.netfilter.org/ -Source0: https://www.netfilter.org/projects/iptables/files/iptables-%{version}.tar.xz - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libmnl-devel -BuildRequires: %{_cross_os}libnfnetlink-devel -BuildRequires: %{_cross_os}libnftnl-devel -BuildRequires: %{_cross_os}libnetfilter_conntrack-devel -Requires: %{_cross_os}libmnl -Requires: %{_cross_os}libnfnetlink -Requires: %{_cross_os}libnftnl -Requires: %{_cross_os}libnetfilter_conntrack - -Patch1001: 1001-extensions-NAT-Fix-for-Werror-format-security.patch -Patch1002: 1002-ip6tables-Fix-checking-existence-of-rule.patch - -%description -%{summary}. - -%package devel -Summary: Files for development using the tools for managing Linux kernel packet filtering capabilities -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n iptables-%{version} -p1 - -%build -%cross_configure \ - --with-kernel=%{_cross_prefix} \ - --with-kbuild=%{_cross_prefix} \ - --with-ksource=%{_cross_prefix} \ - --disable-bpf-compiler \ - --disable-connlabel \ - --disable-libipq \ - --disable-nftables \ - --disable-nfsynproxy \ - --disable-static \ - -%force_disable_rpath - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_sbindir}/xtables-legacy-multi -%{_cross_sbindir}/iptables -%{_cross_sbindir}/iptables-legacy -%{_cross_sbindir}/iptables-legacy-restore -%{_cross_sbindir}/iptables-legacy-save -%{_cross_sbindir}/iptables-restore -%{_cross_sbindir}/iptables-save -%{_cross_sbindir}/ip6tables -%{_cross_sbindir}/ip6tables-legacy -%{_cross_sbindir}/ip6tables-legacy-restore -%{_cross_sbindir}/ip6tables-legacy-save -%{_cross_sbindir}/ip6tables-restore -%{_cross_sbindir}/ip6tables-save -%{_cross_bindir}/iptables-xml -%{_cross_libdir}/*.so.* -%dir %{_cross_libdir}/xtables -%{_cross_libdir}/xtables/*.so -%exclude %{_cross_mandir}/* -%exclude %{_cross_datadir}/xtables/pf.os -%exclude %{_cross_datadir}/xtables/iptables.xslt -%exclude %{_cross_sbindir}/iptables-apply -%exclude %{_cross_sbindir}/ip6tables-apply -%exclude %{_cross_sbindir}/nfnl_osf - -%files devel -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h -%dir %{_cross_includedir}/libiptc -%{_cross_includedir}/libiptc/*.h -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/iputils/Cargo.toml b/packages/iputils/Cargo.toml deleted file mode 100644 index 07d767b6235..00000000000 --- a/packages/iputils/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "iputils" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/iputils/iputils/releases" - -[[package.metadata.build-package.external-files]] -path = "iputils-20240117.tar.gz" -url = "https://github.com/iputils/iputils/archive/20240117.tar.gz" -sha512 = "1755de6adb509418507c3f10521715ff3bf7ba38d3bbd9a102a48ae0a9f88fcb1f457bcb38624dce2281912e0e0ffc3fbf74e0e618ed2d21014710e967c7dad3" - -[build-dependencies] -glibc = { path = "../glibc" } -libcap = { path = "../libcap" } diff --git a/packages/iputils/iputils.spec b/packages/iputils/iputils.spec deleted file mode 100644 index 3699e57fbcf..00000000000 --- a/packages/iputils/iputils.spec +++ /dev/null @@ -1,48 +0,0 @@ -Name: %{_cross_os}iputils -Version: 20240117 -Release: 1%{?dist} -Summary: A set of network monitoring tools -License: GPL-2.0-or-later AND BSD-3-Clause -URL: https://github.com/iputils/iputils -Source0: https://github.com/iputils/iputils/archive/%{version}.tar.gz#/iputils-%{version}.tar.gz - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libcap-devel -Requires: %{_cross_os}libcap - -%description -%{summary}. - -%prep -%autosetup -n iputils-%{version} -p1 - -%build -CONFIGURE_OPTS=( - -DUSE_CAP=true - -DUSE_GETTEXT=false - -DUSE_IDN=false - - -DBUILD_ARPING=true - -DBUILD_PING=true - -DBUILD_TRACEPATH=true - - -DBUILD_CLOCKDIFF=false - - -DBUILD_MANS=false - -DBUILD_HTML_MANS=false -) - -%cross_meson "${CONFIGURE_OPTS[@]}" -%cross_meson_build - -%install -%cross_meson_install - -%files -%license LICENSE Documentation/LICENSE.GPL2 Documentation/LICENSE.BSD3 -%{_cross_attribution_file} -%attr(0755,root,root) %caps(cap_net_raw=p) %{_cross_bindir}/arping -%attr(0755,root,root) %caps(cap_net_raw=p cap_net_admin=p) %{_cross_bindir}/ping -%{_cross_bindir}/tracepath - -%changelog diff --git a/packages/kernel-5.10/1001-Makefile-add-prepare-target-for-external-modules.patch b/packages/kernel-5.10/1001-Makefile-add-prepare-target-for-external-modules.patch deleted file mode 100644 index 474a7aec698..00000000000 --- a/packages/kernel-5.10/1001-Makefile-add-prepare-target-for-external-modules.patch +++ /dev/null @@ -1,50 +0,0 @@ -From b6d859b7089dd68d3186f2a088823c322ad4852e Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Mon, 19 Apr 2021 18:46:04 +0000 -Subject: [PATCH] Makefile: add prepare target for external modules - -We need to ensure that native versions of programs like `objtool` are -built before trying to build out-of-tree modules, or else the build -will fail. - -Unlike other distributions, we cannot include these programs in our -kernel-devel archive, because we rely on cross-compilation: these are -"host" programs and may not match the architecture of the target. - -Ideally, out-of-tree builds would run `make prepare` first, so that -these programs could be compiled in the normal fashion. We ship all -the files needed for this to work. However, this requirement is -specific to our use case, and DKMS does not support it. - -Adding a minimal prepare target to the dependency graph causes the -programs to be built automatically and improves compatibility with -existing solutions. - -Signed-off-by: Ben Cressey ---- - Makefile | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/Makefile b/Makefile -index aba2651d0..6f0cb64df 100644 ---- a/Makefile -+++ b/Makefile -@@ -1706,6 +1706,15 @@ else # KBUILD_EXTMOD - KBUILD_BUILTIN := - KBUILD_MODULES := 1 - -+PHONY += modules_prepare -+modules_prepare: $(objtool_target) -+ $(Q)$(MAKE) $(build)=scripts/basic -+ $(Q)$(MAKE) $(build)=scripts/dtc -+ $(Q)$(MAKE) $(build)=scripts/mod -+ $(Q)$(MAKE) $(build)=scripts -+ -+prepare: modules_prepare -+ - build-dirs := $(KBUILD_EXTMOD) - $(MODORDER): descend - @: --- -2.39.1 - diff --git a/packages/kernel-5.10/1002-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch b/packages/kernel-5.10/1002-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch deleted file mode 100644 index d174535771e..00000000000 --- a/packages/kernel-5.10/1002-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 4e00f4850eaf84e1e638c467f444b8f4fb8c67f8 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Tue, 18 Oct 2022 22:24:52 +0000 -Subject: [PATCH] initramfs: unlink INITRAMFS_FORCE from CMDLINE_{EXTEND,FORCE} - -The motivation given in cff75e0b6fe83 for tying INITRAMFS_FORCE to -either of CMDLINE_{EXTEND,FORCE} was that these options imply an -inflexible bootloader, and that overriding the initramfs image would -also only be necessary for inflexible bootloaders. - -However, with the advent of Boot Config support, distributions that do -not normally use an initramfs may still want to allow an "initrd" to be -passed by the bootloader in order to accept boot configuration data. In -such cases, the CMDLINE_{EXTEND,FORCE} options are not desired because -the bootloader is actually expected to control the kernel command line. - -Unlinking the INITRAMFS_FORCE config option allows Boot Config data to -be passed by the bootloader while still preventing an unexpected -initramfs from overriding the built-in initramfs (if any). - -Signed-off-by: Ben Cressey ---- - usr/Kconfig | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/usr/Kconfig b/usr/Kconfig -index 8bbcf699fe3b..06aac19063ee 100644 ---- a/usr/Kconfig -+++ b/usr/Kconfig -@@ -24,7 +24,7 @@ config INITRAMFS_SOURCE - - config INITRAMFS_FORCE - bool "Ignore the initramfs passed by the bootloader" -- depends on CMDLINE_EXTEND || CMDLINE_FORCE -+ default n - help - This option causes the kernel to ignore the initramfs image - (or initrd image) passed to it by the bootloader. This is -@@ -32,6 +32,8 @@ config INITRAMFS_FORCE - and is useful if you cannot or don't want to change the image - your bootloader passes to the kernel. - -+ If unsure, say N. -+ - config INITRAMFS_ROOT_UID - int "User ID to map to 0 (user root)" - depends on INITRAMFS_SOURCE!="" --- -2.37.2 - diff --git a/packages/kernel-5.10/1003-af_unix-increase-default-max_dgram_qlen-to-512.patch b/packages/kernel-5.10/1003-af_unix-increase-default-max_dgram_qlen-to-512.patch deleted file mode 100644 index 9363ddadcab..00000000000 --- a/packages/kernel-5.10/1003-af_unix-increase-default-max_dgram_qlen-to-512.patch +++ /dev/null @@ -1,47 +0,0 @@ -From b3983ebbfa2dc231a2b61092b0a936bd25294239 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Tue, 23 May 2023 21:24:38 +0000 -Subject: [PATCH] af_unix: increase default max_dgram_qlen to 512 - -The net.unix.max_dgram_qlen sysctl has been defined with a default value of -10 since before the current Git history started in 2005. Systems have more -resources these days, and while the default values for other sysctls like -net.core.somaxconn have been adapted, max_dgram_qlen never was. - -Increase the default value for max_dgram_qlen to 512. A large number of -hosts effectively already run with this or a larger value, since systemd -has been making sure it is set to at least 512 since 2015. - -Signed-off-by: Markus Boehme ---- - Documentation/networking/ip-sysctl.rst | 2 +- - net/unix/af_unix.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst -index 252212998..164a65667 100644 ---- a/Documentation/networking/ip-sysctl.rst -+++ b/Documentation/networking/ip-sysctl.rst -@@ -2688,5 +2688,5 @@ addr_scope_policy - INTEGER - max_dgram_qlen - INTEGER - The maximum length of dgram socket receive queue - -- Default: 10 -+ Default: 512 - -diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c -index 28721e957..a5f081ad8 100644 ---- a/net/unix/af_unix.c -+++ b/net/unix/af_unix.c -@@ -2948,7 +2948,7 @@ static int __net_init unix_net_init(struct net *net) - { - int error = -ENOMEM; - -- net->unx.sysctl_max_dgram_qlen = 10; -+ net->unx.sysctl_max_dgram_qlen = 512; - if (unix_sysctl_register(net)) - goto out; - --- -2.39.2 - diff --git a/packages/kernel-5.10/2000-kbuild-move-module-strip-compression-code-into-scrip.patch b/packages/kernel-5.10/2000-kbuild-move-module-strip-compression-code-into-scrip.patch deleted file mode 100644 index 7e0050bd6e7..00000000000 --- a/packages/kernel-5.10/2000-kbuild-move-module-strip-compression-code-into-scrip.patch +++ /dev/null @@ -1,184 +0,0 @@ -From 4fc601b61092b4a7608a3d79d32663d9d167caf4 Mon Sep 17 00:00:00 2001 -From: Masahiro Yamada -Date: Wed, 31 Mar 2021 22:38:08 +0900 -Subject: [PATCH 2000/2001] kbuild: move module strip/compression code into - scripts/Makefile.modinst - -Both mod_strip_cmd and mod_compress_cmd are only used in -scripts/Makefile.modinst, hence there is no good reason to define them -in the top Makefile. Move the relevant code to scripts/Makefile.modinst. - -Also, show separate log messages for each of install, strip, sign, and -compress. - -Signed-off-by: Masahiro Yamada -(cherry picked from commit 65ce9c38326e2588fcd1a3a4817c14b4660f430b) -[fixed a merge conflict in Makefile and script/Makefile.modinst while cherry-picking] -Signed-off-by: Arnaldo Garcia Rincon ---- - Makefile | 32 ------------- - scripts/Makefile.modinst | 98 +++++++++++++++++++++++++++++++++------- - 2 files changed, 81 insertions(+), 49 deletions(-) - -diff --git a/Makefile b/Makefile -index 2931104182e7..bf6f6e3074da 100644 ---- a/Makefile -+++ b/Makefile -@@ -1028,38 +1028,6 @@ export INSTALL_DTBS_PATH ?= $(INSTALL_PATH)/dtbs/$(KERNELRELEASE) - MODLIB = $(INSTALL_MOD_PATH)/lib/modules/$(KERNELRELEASE) - export MODLIB - --# --# INSTALL_MOD_STRIP, if defined, will cause modules to be --# stripped after they are installed. If INSTALL_MOD_STRIP is '1', then --# the default option --strip-debug will be used. Otherwise, --# INSTALL_MOD_STRIP value will be used as the options to the strip command. -- --ifdef INSTALL_MOD_STRIP --ifeq ($(INSTALL_MOD_STRIP),1) --mod_strip_cmd = $(STRIP) --strip-debug --else --mod_strip_cmd = $(STRIP) $(INSTALL_MOD_STRIP) --endif # INSTALL_MOD_STRIP=1 --else --mod_strip_cmd = true --endif # INSTALL_MOD_STRIP --export mod_strip_cmd -- --# CONFIG_MODULE_COMPRESS, if defined, will cause module to be compressed --# after they are installed in agreement with CONFIG_MODULE_COMPRESS_GZIP --# or CONFIG_MODULE_COMPRESS_XZ. -- --mod_compress_cmd = true --ifdef CONFIG_MODULE_COMPRESS -- ifdef CONFIG_MODULE_COMPRESS_GZIP -- mod_compress_cmd = $(KGZIP) -n -f -- endif # CONFIG_MODULE_COMPRESS_GZIP -- ifdef CONFIG_MODULE_COMPRESS_XZ -- mod_compress_cmd = $(XZ) -f -- endif # CONFIG_MODULE_COMPRESS_XZ --endif # CONFIG_MODULE_COMPRESS --export mod_compress_cmd -- - ifdef CONFIG_MODULE_SIG_ALL - $(eval $(call config_filename,MODULE_SIG_KEY)) - -diff --git a/scripts/Makefile.modinst b/scripts/Makefile.modinst -index 5a4579e76485..84696ef99df7 100644 ---- a/scripts/Makefile.modinst -+++ b/scripts/Makefile.modinst -@@ -6,30 +6,94 @@ - PHONY := __modinst - __modinst: - --include scripts/Kbuild.include -+include include/config/auto.conf -+include $(srctree)/scripts/Kbuild.include - --modules := $(sort $(shell cat $(if $(KBUILD_EXTMOD),$(KBUILD_EXTMOD)/)modules.order)) -+modules := $(sort $(shell cat $(MODORDER))) -+ -+ifeq ($(KBUILD_EXTMOD),) -+dst := $(MODLIB)/kernel -+else -+INSTALL_MOD_DIR ?= extra -+dst := $(MODLIB)/$(INSTALL_MOD_DIR) -+endif -+ -+suffix-y := -+suffix-$(CONFIG_MODULE_COMPRESS_GZIP) := .gz -+suffix-$(CONFIG_MODULE_COMPRESS_XZ) := .xz -+ -+modules := $(patsubst $(extmod_prefix)%, $(dst)/%$(suffix-y), $(modules)) - --PHONY += $(modules) - __modinst: $(modules) - @: - --# Don't stop modules_install if we can't sign external modules. --quiet_cmd_modules_install = INSTALL $@ -- cmd_modules_install = \ -- mkdir -p $(2) ; \ -- cp $@ $(2) ; \ -- $(mod_strip_cmd) $(2)/$(notdir $@) ; \ -- $(mod_sign_cmd) $(2)/$(notdir $@) $(patsubst %,|| true,$(KBUILD_EXTMOD)) ; \ -- $(mod_compress_cmd) $(2)/$(notdir $@) -+quiet_cmd_none = -+ cmd_none = : - --# Modules built outside the kernel source tree go into extra by default --INSTALL_MOD_DIR ?= extra --ext-mod-dir = $(INSTALL_MOD_DIR)$(subst $(patsubst %/,%,$(KBUILD_EXTMOD)),,$(@D)) -+# -+# Installation -+# -+quiet_cmd_install = INSTALL $@ -+ cmd_install = mkdir -p $(dir $@); cp $< $@ -+ -+# Strip -+# -+# INSTALL_MOD_STRIP, if defined, will cause modules to be stripped after they -+# are installed. If INSTALL_MOD_STRIP is '1', then the default option -+# --strip-debug will be used. Otherwise, INSTALL_MOD_STRIP value will be used -+# as the options to the strip command. -+ifdef INSTALL_MOD_STRIP -+ -+ifeq ($(INSTALL_MOD_STRIP),1) -+strip-option := --strip-debug -+else -+strip-option := $(INSTALL_MOD_STRIP) -+endif -+ -+quiet_cmd_strip = STRIP $@ -+ cmd_strip = $(STRIP) $(strip-option) $@ -+ -+else -+ -+quiet_cmd_strip = -+ cmd_strip = : -+ -+endif -+ -+# -+# Signing -+# Don't stop modules_install even if we can't sign external modules. -+# -+ifeq ($(CONFIG_MODULE_SIG_ALL),y) -+quiet_cmd_sign = SIGN $@ -+$(eval $(call config_filename,MODULE_SIG_KEY)) -+ cmd_sign = scripts/sign-file $(CONFIG_MODULE_SIG_HASH) $(MODULE_SIG_KEY_SRCPREFIX)$(CONFIG_MODULE_SIG_KEY) certs/signing_key.x509 $@ \ -+ $(if $(KBUILD_EXTMOD),|| true) -+else -+quiet_cmd_sign := -+ cmd_sign := : -+endif -+ -+$(dst)/%.ko: $(extmod_prefix)%.ko FORCE -+ $(call cmd,install) -+ $(call cmd,strip) -+ $(call cmd,sign) -+ -+# -+# Compression -+# -+quiet_cmd_gzip = GZIP $@ -+ cmd_gzip = $(KGZIP) -n -f $< -+quiet_cmd_xz = XZ $@ -+ cmd_xz = $(XZ) --lzma2=dict=2MiB -f $< -+ -+$(dst)/%.ko.gz: $(dst)/%.ko FORCE -+ $(call cmd,gzip) - --modinst_dir = $(if $(KBUILD_EXTMOD),$(ext-mod-dir),kernel/$(@D)) -+$(dst)/%.ko.xz: $(dst)/%.ko FORCE -+ $(call cmd,xz) - --$(modules): -- $(call cmd,modules_install,$(MODLIB)/$(modinst_dir)) -+PHONY += FORCE -+FORCE: - - .PHONY: $(PHONY) --- -2.30.2 - diff --git a/packages/kernel-5.10/2001-kbuild-add-support-for-zstd-compressed-modules.patch b/packages/kernel-5.10/2001-kbuild-add-support-for-zstd-compressed-modules.patch deleted file mode 100644 index 9cd6a36b6b3..00000000000 --- a/packages/kernel-5.10/2001-kbuild-add-support-for-zstd-compressed-modules.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 35822be50c3068a660331b82a6d37db42bc78126 Mon Sep 17 00:00:00 2001 -From: Piotr Gorski -Date: Wed, 7 Apr 2021 18:09:27 +0200 -Subject: [PATCH 2001/2001] kbuild: add support for zstd compressed modules - -kmod 28 supports modules compressed in zstd format so let's add this -possibility to kernel. - -Signed-off-by: Piotr Gorski -Reviewed-by: Oleksandr Natalenko -Signed-off-by: Masahiro Yamada -(cherry picked from commit c3d7ef377eb2564b165b1e8fdb4646952c90ac17) -[fixed a merge conflict in init/Kconfig] -Signed-off-by: Arnaldo Garcia Rincon ---- - init/Kconfig | 11 +++++++++-- - scripts/Makefile.modinst | 6 ++++++ - 2 files changed, 15 insertions(+), 2 deletions(-) - -diff --git a/init/Kconfig b/init/Kconfig -index fc4c9f416fad..113481826737 100644 ---- a/init/Kconfig -+++ b/init/Kconfig -@@ -2234,8 +2234,9 @@ config MODULE_COMPRESS - Out-of-tree kernel modules installed using Kbuild will also be - compressed upon installation. - -- Note: for modules inside an initrd or initramfs, it's more efficient -- to compress the whole initrd or initramfs instead. -+ Please note that the tool used to load modules needs to support the -+ corresponding algorithm. module-init-tools MAY support gzip, and kmod -+ MAY support gzip, xz and zstd. - - Note: This is fully compatible with signed modules. - -@@ -2257,6 +2258,12 @@ config MODULE_COMPRESS_GZIP - config MODULE_COMPRESS_XZ - bool "XZ" - -+config MODULE_COMPRESS_ZSTD -+ bool "ZSTD" -+ help -+ Compress modules with ZSTD. The installed modules are suffixed -+ with .ko.zst. -+ - endchoice - - config MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS -diff --git a/scripts/Makefile.modinst b/scripts/Makefile.modinst -index 84696ef99df7..59f613aa08b4 100644 ---- a/scripts/Makefile.modinst -+++ b/scripts/Makefile.modinst -@@ -21,6 +21,7 @@ endif - suffix-y := - suffix-$(CONFIG_MODULE_COMPRESS_GZIP) := .gz - suffix-$(CONFIG_MODULE_COMPRESS_XZ) := .xz -+suffix-$(CONFIG_MODULE_COMPRESS_ZSTD) := .zst - - modules := $(patsubst $(extmod_prefix)%, $(dst)/%$(suffix-y), $(modules)) - -@@ -86,6 +87,8 @@ quiet_cmd_gzip = GZIP $@ - cmd_gzip = $(KGZIP) -n -f $< - quiet_cmd_xz = XZ $@ - cmd_xz = $(XZ) --lzma2=dict=2MiB -f $< -+quiet_cmd_zstd = ZSTD $@ -+ cmd_zstd = $(ZSTD) -T0 --rm -f -q $< - - $(dst)/%.ko.gz: $(dst)/%.ko FORCE - $(call cmd,gzip) -@@ -93,6 +96,9 @@ $(dst)/%.ko.gz: $(dst)/%.ko FORCE - $(dst)/%.ko.xz: $(dst)/%.ko FORCE - $(call cmd,xz) - -+$(dst)/%.ko.zst: $(dst)/%.ko FORCE -+ $(call cmd,zstd) -+ - PHONY += FORCE - FORCE: - --- -2.30.2 - diff --git a/packages/kernel-5.10/5001-Revert-netfilter-nf_tables-drop-map-element-referenc.patch b/packages/kernel-5.10/5001-Revert-netfilter-nf_tables-drop-map-element-referenc.patch deleted file mode 100644 index 1768d2d55ce..00000000000 --- a/packages/kernel-5.10/5001-Revert-netfilter-nf_tables-drop-map-element-referenc.patch +++ /dev/null @@ -1,75 +0,0 @@ -From e499042e36f6b00fcf68452c2d7bfdcf124203c5 Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Mon, 11 Sep 2023 11:17:18 +0000 -Subject: [PATCH] Revert "netfilter: nf_tables: drop map element references - from preparation phase" - -This reverts commit 9ff6253cea9cf567bc899164405f437212eb59f2. - -This reverts an AL downstream patch that is not adding any value and is -cluttering the patch queue unnecessarily. This seems to have started as -a downstream backport of the original commit 628bd3e49cba1 introduced -upstream in v6.4.13, but ended picking up an extra function -`nft_setelem_validate` which was introduced in d46fc894147cf in v6.3.20. -That additional patch has not been backported to the 5.10 series as it -fixes a bug introduced only in 5.13. - -When the original patch was introduced in upstream stable 5.10 series as -a136b7942ad2a in 5.10.188 that single additional function stayed around -in AL as this patch I am reverting here. The function it adds is never -referenced in the assembled linux tree, so remove it in an attempy to -improve our code hygiene. - -Letting it stay in would also confuse here, as before this revert we -have two patches with the same name and same commit message, but -completely disjunct diffs claiming to be a backport of 628bd3e49cba1. - -Signed-off-by: Leonard Foerster ---- - net/netfilter/nf_tables_api.c | 30 ------------------------------ - 1 file changed, 30 deletions(-) - -diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c -index 96fd4e68973b..2669999d1bc9 100644 ---- a/net/netfilter/nf_tables_api.c -+++ b/net/netfilter/nf_tables_api.c -@@ -3311,36 +3311,6 @@ static int nft_table_validate(struct net *net, const struct nft_table *table) - return 0; - } - --int nft_setelem_validate(const struct nft_ctx *ctx, struct nft_set *set, -- const struct nft_set_iter *iter, -- struct nft_set_elem *elem) --{ -- const struct nft_set_ext *ext = nft_set_elem_ext(set, elem->priv); -- struct nft_ctx *pctx = (struct nft_ctx *)ctx; -- const struct nft_data *data; -- int err; -- -- if (nft_set_ext_exists(ext, NFT_SET_EXT_FLAGS) && -- *nft_set_ext_flags(ext) & NFT_SET_ELEM_INTERVAL_END) -- return 0; -- -- data = nft_set_ext_data(ext); -- switch (data->verdict.code) { -- case NFT_JUMP: -- case NFT_GOTO: -- pctx->level++; -- err = nft_chain_validate(ctx, data->verdict.chain); -- if (err < 0) -- return err; -- pctx->level--; -- break; -- default: -- break; -- } -- -- return 0; --} -- - static struct nft_rule *nft_rule_lookup_byid(const struct net *net, - const struct nft_chain *chain, - const struct nlattr *nla); --- -2.40.1 - diff --git a/packages/kernel-5.10/Cargo.toml b/packages/kernel-5.10/Cargo.toml deleted file mode 100644 index 8fd8a3e85d6..00000000000 --- a/packages/kernel-5.10/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "kernel-5_10" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] -package-name = "kernel-5.10" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -# Use latest-srpm-url.sh to get this. -url = "https://cdn.amazonlinux.com/blobstore/0e8dd42b36d60da0f50a2bce7fecca30610adf37e5a35585e39d2f318cdb1e76/kernel-5.10.217-205.860.amzn2.src.rpm" -sha512 = "e10c0099384cc5ee8b153594101aea35df8541ec06829472650bb15af72550006d8c436756ebfaa7a40a206bc823dd1edd5a37b076086d8fc860ee2ac4c441c8" - -[build-dependencies] -microcode = { path = "../microcode" } diff --git a/packages/kernel-5.10/README.md b/packages/kernel-5.10/README.md deleted file mode 100644 index 6d05729e41c..00000000000 --- a/packages/kernel-5.10/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# kernel-5.10 - -This package contains the Bottlerocket Linux kernel of the 5.10 series. - - -## Testing of Configuration Changes - -Bottlerocket kernels are built in multiple flavors (e.g. cloud, bare metal) and for multiple architectures (e.g. aarch64, x86_64). -The kernel configuration for any of those combinations might change independently of the others. -Please use `tools/diff-kernel-config` from the main Bottlerocket repository to ensure the configuration for any of the combinations does not change inadvertently. -Changes that can have an effect on the resulting kernel configuration include: - -* explicit kernel configuration changes -* package updates/kernel rebases - -Reviewers on a pull request potentially changing the kernel configuration will appreciate having the report produced by `diff-kernel-config` included in the PR description. diff --git a/packages/kernel-5.10/config-bottlerocket b/packages/kernel-5.10/config-bottlerocket deleted file mode 100644 index b7b4baa0510..00000000000 --- a/packages/kernel-5.10/config-bottlerocket +++ /dev/null @@ -1,192 +0,0 @@ -# Because Bottlerocket does not have an initramfs, modules required to mount -# the root filesystem must be set to y. - -# The root filesystem is ext4 -CONFIG_EXT4_FS=y - -# NVMe support -CONFIG_BLK_DEV_NVME=y -CONFIG_NVME_CORE=y - -# Xen blkfront for Xen-based EC2 platforms -CONFIG_XEN_BLKDEV_FRONTEND=y - -# virtio for local testing with QEMU -CONFIG_VIRTIO=y -CONFIG_VIRTIO_BLK=y -CONFIG_VIRTIO_PCI=y - -# dm-verity and enabling it on the kernel command line -CONFIG_BLK_DEV_DM=y -CONFIG_DAX=y -CONFIG_DM_INIT=y -CONFIG_DM_VERITY=y - -# TCMU/LIO -CONFIG_TCM_USER2=m - -# EFI -CONFIG_EFI=y -CONFIG_EFI_STUB=y -CONFIG_EFI_MIXED=y - -# EFI video -CONFIG_FB=y -CONFIG_FB_EFI=y -CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER=y - -# yama LSM for ptrace restrictions -CONFIG_SECURITY_YAMA=y - -# Do not allow SELinux to be disabled at boot. -# CONFIG_SECURITY_SELINUX_BOOTPARAM is not set - -# Do not allow SELinux to be disabled at runtime. -# CONFIG_SECURITY_SELINUX_DISABLE is not set - -# Do not allow SELinux to use `enforcing=0` behavior. -# CONFIG_SECURITY_SELINUX_DEVELOP is not set - -# Check the protection applied by the kernel for mmap and mprotect, -# rather than the protection requested by userspace. -CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0 - -# Enable support for the kernel lockdown security module. -CONFIG_SECURITY_LOCKDOWN_LSM=y - -# Enable lockdown early so that if the option is present on the -# kernel command line, it can be enforced. -CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y - -# Enable zstd compression for squashfs. -CONFIG_SQUASHFS_ZSTD=y - -# enable /proc/config.gz -CONFIG_IKCONFIG=y -CONFIG_IKCONFIG_PROC=y - -# kernel headers at /sys/kernel/kheaders.tar.xz -CONFIG_IKHEADERS=y - -# BTF debug info at /sys/kernel/btf/vmlinux -CONFIG_DEBUG_INFO_BTF=y - -# We don't want to extend the kernel command line with any upstream defaults; -# Bottlerocket uses a fairly custom setup that needs tight control over it. -# CONFIG_CMDLINE_EXTEND is not set - -# We don't want to unpack the initramfs passed by the bootloader. The intent of -# this option is to ensure that the built-in initramfs is used. Since we do not -# have a built-in initramfs, in practice this means we will never unpack any -# initramfs. -# -# We rely on `CONFIG_BLK_DEV_INITRD` for boot config support, so we can't just -# disable the functionality altogether. -CONFIG_INITRAMFS_FORCE=y - -# Enable ZSTD kernel image compression -CONFIG_HAVE_KERNEL_ZSTD=y -CONFIG_KERNEL_ZSTD=y -CONFIG_ZSTD_COMPRESS=y -CONFIG_ZSTD_DECOMPRESS=y -CONFIG_DECOMPRESS_ZSTD=y - -# Enable gz modules compression -CONFIG_MODULE_COMPRESS=y -CONFIG_MODULE_COMPRESS_GZIP=y - -# Load i8042 controller, keyboard, and mouse as modules, to avoid waiting for -# them before mounting the root device. -CONFIG_SERIO_I8042=m -CONFIG_KEYBOARD_ATKBD=m -CONFIG_MOUSE_PS2=m - -# Add support for the basic IPMI handler. While Bottlerocket does not ship with -# any specific IPMI interfaces, the basic IPMI handler interface is used by the -# nvidia drivers, which makes this necessary. -CONFIG_IPMI_HANDLER=m -# Disable more specialized IPMI drivers that are not relevant for our use-cases -# CONFIG_IPMI_DEVICE_INTERFACE is not set -# CONFIG_IPMI_PANIC_EVENT is not set -# CONFIG_IPMI_POWEROFF is not set -# CONFIG_IPMI_SI is not set -# CONFIG_IPMI_WATCHDOG is not set -# CONFIG_ACPI_IPMI is not set - -# Add support for bootconfig -CONFIG_BOOT_CONFIG=y - -# Enables support for checkpoint/restore -CONFIG_CHECKPOINT_RESTORE=y - -# Disable unused filesystems. -# CONFIG_AFS_FS is not set -# CONFIG_CRAMFS is not set -# CONFIG_ECRYPT_FS is not set -# CONFIG_EXT2_FS is not set -# CONFIG_EXT3_FS is not set -CONFIG_EXT4_USE_FOR_EXT2=y -# CONFIG_GFS2_FS is not set -# CONFIG_HFS_FS is not set -# CONFIG_HFSPLUS_FS is not set -# CONFIG_JFS_FS is not set -# CONFIG_JFFS2_FS is not set -# CONFIG_NFS_V2 is not set -# CONFIG_NILFS2_FS is not set -# CONFIG_NTFS_FS is not set -# CONFIG_ROMFS_FS is not set -# CONFIG_UFS_FS is not set -# CONFIG_ZONEFS_FS is not set - -# Disable unused network protocols. -# CONFIG_AF_RXRPC is not set -# CONFIG_ATM is not set -# CONFIG_CAN is not set -# CONFIG_HSR is not set -# CONFIG_IP_DCCP is not set -# CONFIG_L2TP is not set -# CONFIG_RDS is not set -# CONFIG_RFKILL is not set -# CONFIG_TIPC is not set - -# Disable USB-attached network interfaces, unused in the cloud and on server-grade hardware. -# CONFIG_USB_NET_DRIVERS is not set - -# Disable obsolete NIC drivers -# CONFIG_QLGE is not set -# CONFIG_MLX4_CORE is not set -# CONFIG_MLX4_EN is not set -# CONFIG_MLX4_INFINIBAND is not set -# CONFIG_MLXSW_CORE is not set -# CONFIG_MLXFW is not set - -# Disable unused qdiscs -# - sch_cake targets home routers and residential links -# CONFIG_NET_SCH_CAKE is not set - -# Disable unused MPI3MR driver AL carries as a backport -# CONFIG_SCSI_MPI3MR is not set - -# Work with the previously used in-tree version of SMARTPQI instead of AL backport -# CONFIG_AMAZON_SCSI_SMARTPQI is not set -CONFIG_SCSI_SMARTPQI=m - -# Disable edac driver for intel 10nm memory controllers -# CONFIG_EDAC_I10NM is not set - -# Disable AL port of BBR2 congestion algorithm -# CONFIG_TCP_CONG_BBR2 is not set - -# Support boot from IDE disks -CONFIG_ATA=y -CONFIG_ATA_PIIX=y -CONFIG_SCSI=y -CONFIG_BLK_DEV_SD=y - -# Mellanox network support -CONFIG_NET_SWITCHDEV=y -CONFIG_NET_VENDOR_MELLANOX=y -CONFIG_MLX5_CORE=m -CONFIG_MLX5_CORE_EN=y -CONFIG_MLX5_INFINIBAND=m -CONFIG_MLXFW=m diff --git a/packages/kernel-5.10/kernel-5.10.spec b/packages/kernel-5.10/kernel-5.10.spec deleted file mode 100644 index d3ddb1367d0..00000000000 --- a/packages/kernel-5.10/kernel-5.10.spec +++ /dev/null @@ -1,278 +0,0 @@ -%global debug_package %{nil} - -Name: %{_cross_os}kernel-5.10 -Version: 5.10.217 -Release: 1%{?dist} -Summary: The Linux kernel -License: GPL-2.0 WITH Linux-syscall-note -URL: https://www.kernel.org/ -# Use latest-srpm-url.sh to get this. -Source0: https://cdn.amazonlinux.com/blobstore/0e8dd42b36d60da0f50a2bce7fecca30610adf37e5a35585e39d2f318cdb1e76/kernel-5.10.217-205.860.amzn2.src.rpm -Source100: config-bottlerocket - -# Help out-of-tree module builds run `make prepare` automatically. -Patch1001: 1001-Makefile-add-prepare-target-for-external-modules.patch -# Enable INITRAMFS_FORCE config option for our use case. -Patch1002: 1002-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch -# Increase default of sysctl net.unix.max_dgram_qlen to 512. -Patch1003: 1003-af_unix-increase-default-max_dgram_qlen-to-512.patch - -# Add zstd support for compressed kernel modules -Patch2000: 2000-kbuild-move-module-strip-compression-code-into-scrip.patch -Patch2001: 2001-kbuild-add-support-for-zstd-compressed-modules.patch - -# Fixup unused code inherited from AL -Patch5001: 5001-Revert-netfilter-nf_tables-drop-map-element-referenc.patch - -BuildRequires: bc -BuildRequires: elfutils-devel -BuildRequires: hostname -BuildRequires: kmod -BuildRequires: openssl-devel - -# CPU microcode updates are included as "extra firmware" so the files don't -# need to be installed on the root filesystem. However, we want the license and -# attribution files to be available in the usual place. -%if "%{_cross_arch}" == "x86_64" -BuildRequires: %{_cross_os}microcode -Requires: %{_cross_os}microcode-licenses -%endif - -# Pull in expected modules and development files. -Requires: %{name}-modules = %{version}-%{release} -Requires: %{name}-devel = %{version}-%{release} - -# The 5.10 kernel is not FIPS certified. -Conflicts: %{_cross_os}image-feature(fips) - -%global kernel_sourcedir %{_cross_usrsrc}/kernels -%global kernel_libdir %{_cross_libdir}/modules/%{version} - -%description -%{summary}. - -%package devel -Summary: Configured Linux kernel source for module building - -%description devel -%{summary}. - -%package archive -Summary: Archived Linux kernel source for module building - -%description archive -%{summary}. - -%package modules -Summary: Modules for the Linux kernel - -%description modules -%{summary}. - -%package headers -Summary: Header files for the Linux kernel for use by glibc - -%description headers -%{summary}. - -%prep -rpm2cpio %{SOURCE0} | cpio -iu linux-%{version}.tar config-%{_cross_arch} "*.patch" -tar -xof linux-%{version}.tar; rm linux-%{version}.tar -%setup -TDn linux-%{version} -# Patches from the Source0 SRPM -for patch in ../*.patch; do - patch -p1 <"$patch" -done -# Patches listed in this spec (Patch0001...) -%autopatch -p1 - -%if "%{_cross_arch}" == "x86_64" -microcode="$(find %{_cross_libdir}/firmware -type f -path '*/*-ucode/*' -printf '%%P ')" -cat < ../config-microcode -CONFIG_EXTRA_FIRMWARE="${microcode}" -CONFIG_EXTRA_FIRMWARE_DIR="%{_cross_libdir}/firmware" -EOF -%endif - -export ARCH="%{_cross_karch}" -export CROSS_COMPILE="%{_cross_target}-" - -KCONFIG_CONFIG="arch/%{_cross_karch}/configs/%{_cross_vendor}_defconfig" \ -scripts/kconfig/merge_config.sh \ - ../config-%{_cross_arch} \ -%if "%{_cross_arch}" == "x86_64" - ../config-microcode \ -%endif - %{SOURCE100} - -rm -f ../config-* ../*.patch - -%global kmake \ -make -s\\\ - ARCH="%{_cross_karch}"\\\ - CROSS_COMPILE="%{_cross_target}-"\\\ - INSTALL_HDR_PATH="%{buildroot}%{_cross_prefix}"\\\ - INSTALL_MOD_PATH="%{buildroot}%{_cross_prefix}"\\\ - INSTALL_MOD_STRIP=1\\\ -%{nil} - -%build -%kmake mrproper -%kmake %{_cross_vendor}_defconfig -%kmake %{?_smp_mflags} %{_cross_kimage} -%kmake %{?_smp_mflags} modules - -%install -%kmake %{?_smp_mflags} headers_install -%kmake %{?_smp_mflags} modules_install - -install -d %{buildroot}/boot -install -T -m 0755 arch/%{_cross_karch}/boot/%{_cross_kimage} %{buildroot}/boot/vmlinuz -install -m 0644 .config %{buildroot}/boot/config - -find %{buildroot}%{_cross_prefix} \ - \( -name .install -o -name .check -o \ - -name ..install.cmd -o -name ..check.cmd \) -delete - -# For out-of-tree kmod builds, we need to support the following targets: -# make scripts -> make prepare -> make modules -# -# This requires enough of the kernel tree to build host programs under the -# "scripts" and "tools" directories. - -# Any existing ELF objects will not work properly if we're cross-compiling for -# a different architecture, so get rid of them to avoid confusing errors. -find arch scripts tools -type f -executable \ - -exec sh -c "head -c4 {} | grep -q ELF && rm {}" \; - -# We don't need to include these files. -find -type f \( -name \*.cmd -o -name \*.gitignore \) -delete - -# Avoid an OpenSSL dependency by stubbing out options for module signing and -# trusted keyrings, so `sign-file` and `extract-cert` won't be built. External -# kernel modules do not have access to the keys they would need to make use of -# these tools. -sed -i \ - -e 's,$(CONFIG_MODULE_SIG_FORMAT),n,g' \ - -e 's,$(CONFIG_SYSTEM_TRUSTED_KEYRING),n,g' \ - scripts/Makefile - -# Restrict permissions on System.map. -chmod 600 System.map - -( - find * \ - -type f \ - \( -name Build\* -o -name Kbuild\* -o -name Kconfig\* -o -name Makefile\* \) \ - -print - - find arch/%{_cross_karch}/ \ - -type f \ - \( -name module.lds -o -name vmlinux.lds.S -o -name Platform -o -name \*.tbl \) \ - -print - - find arch/%{_cross_karch}/{include,lib}/ -type f ! -name \*.o ! -name \*.o.d -print - echo arch/%{_cross_karch}/kernel/asm-offsets.s - echo lib/vdso/gettimeofday.c - - for d in \ - arch/%{_cross_karch}/tools \ - arch/%{_cross_karch}/kernel/vdso ; do - [ -d "${d}" ] && find "${d}/" -type f -print - done - - find include -type f -print - find scripts -type f ! -name \*.l ! -name \*.y ! -name \*.o -print - - find tools/{arch/%{_cross_karch},include,objtool,scripts}/ -type f ! -name \*.o -print - echo tools/build/fixdep.c - find tools/lib/subcmd -type f -print - find tools/lib/{ctype,hweight,rbtree,string,str_error_r}.c - - echo kernel/bounds.c - echo kernel/time/timeconst.bc - echo security/selinux/include/classmap.h - echo security/selinux/include/initial_sid_to_string.h - echo security/selinux/include/policycap.h - echo security/selinux/include/policycap_names.h - - echo .config - echo Module.symvers - echo System.map -) | sort -u > kernel_devel_files - -# Create squashfs of kernel-devel files (ie. /usr/src/kernels/). -# -# -no-exports: -# The filesystem does not need to be exported via NFS. -# -# -all-root: -# Make all files owned by root rather than the build user. -# -# -comp zstd: -# zstd offers compression ratios like xz and decompression speeds like lz4. -SQUASHFS_OPTS="-no-exports -all-root -comp zstd" -mkdir -p src_squashfs/%{version} -tar c -T kernel_devel_files | tar x -C src_squashfs/%{version} -mksquashfs src_squashfs kernel-devel.squashfs ${SQUASHFS_OPTS} - -# Create a tarball of the same files, for use outside the running system. -# In theory we could extract these files with `unsquashfs`, but we do not want -# to require it to be installed on the build host, and it errors out when run -# inside Docker unless the limit for open files is lowered. -tar cf kernel-devel.tar src_squashfs/%{version} --transform='s|src_squashfs/%{version}|kernel-devel|' -xz -T0 kernel-devel.tar - -install -D kernel-devel.squashfs %{buildroot}%{_cross_datadir}/bottlerocket/kernel-devel.squashfs -install -D kernel-devel.tar.xz %{buildroot}%{_cross_datadir}/bottlerocket/kernel-devel.tar.xz -install -d %{buildroot}%{kernel_sourcedir} - -# Replace the incorrect links from modules_install. These will be bound -# into a host container (and unused in the host) so they must not point -# to %{_cross_usrsrc} (eg. /x86_64-bottlerocket-linux-gnu/sys-root/...) -rm -f %{buildroot}%{kernel_libdir}/build %{buildroot}%{kernel_libdir}/source -ln -sf %{_usrsrc}/kernels/%{version} %{buildroot}%{kernel_libdir}/build -ln -sf %{_usrsrc}/kernels/%{version} %{buildroot}%{kernel_libdir}/source - -%files -%license COPYING LICENSES/preferred/GPL-2.0 LICENSES/exceptions/Linux-syscall-note -%{_cross_attribution_file} -/boot/vmlinuz -/boot/config - -%files modules -%dir %{_cross_libdir}/modules -%{_cross_libdir}/modules/* - -%files headers -%dir %{_cross_includedir}/asm -%dir %{_cross_includedir}/asm-generic -%dir %{_cross_includedir}/drm -%dir %{_cross_includedir}/linux -%dir %{_cross_includedir}/misc -%dir %{_cross_includedir}/mtd -%dir %{_cross_includedir}/rdma -%dir %{_cross_includedir}/scsi -%dir %{_cross_includedir}/sound -%dir %{_cross_includedir}/video -%dir %{_cross_includedir}/xen -%{_cross_includedir}/asm/* -%{_cross_includedir}/asm-generic/* -%{_cross_includedir}/drm/* -%{_cross_includedir}/linux/* -%{_cross_includedir}/misc/* -%{_cross_includedir}/mtd/* -%{_cross_includedir}/rdma/* -%{_cross_includedir}/scsi/* -%{_cross_includedir}/sound/* -%{_cross_includedir}/video/* -%{_cross_includedir}/xen/* - -%files devel -%dir %{kernel_sourcedir} -%{_cross_datadir}/bottlerocket/kernel-devel.squashfs - -%files archive -%{_cross_datadir}/bottlerocket/kernel-devel.tar.xz - -%changelog diff --git a/packages/kernel-5.10/latest-srpm-url.sh b/packages/kernel-5.10/latest-srpm-url.sh deleted file mode 100755 index 46001c3385f..00000000000 --- a/packages/kernel-5.10/latest-srpm-url.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -docker run --rm amazonlinux:2 sh -c 'amazon-linux-extras enable kernel-5.10 >/dev/null && yum install -q -y yum-utils && yumdownloader -q --source --urls kernel | grep ^http' diff --git a/packages/kernel-5.15/1001-Makefile-add-prepare-target-for-external-modules.patch b/packages/kernel-5.15/1001-Makefile-add-prepare-target-for-external-modules.patch deleted file mode 100644 index 3134803b32a..00000000000 --- a/packages/kernel-5.15/1001-Makefile-add-prepare-target-for-external-modules.patch +++ /dev/null @@ -1,51 +0,0 @@ -From fe8de462eb7edaccae54c31766dc5a2ffd254ab9 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Mon, 19 Apr 2021 18:46:04 +0000 -Subject: [PATCH] Makefile: add prepare target for external modules - -We need to ensure that native versions of programs like `objtool` are -built before trying to build out-of-tree modules, or else the build -will fail. - -Unlike other distributions, we cannot include these programs in our -kernel-devel archive, because we rely on cross-compilation: these are -"host" programs and may not match the architecture of the target. - -Ideally, out-of-tree builds would run `make prepare` first, so that -these programs could be compiled in the normal fashion. We ship all -the files needed for this to work. However, this requirement is -specific to our use case, and DKMS does not support it. - -Adding a minimal prepare target to the dependency graph causes the -programs to be built automatically and improves compatibility with -existing solutions. - -Signed-off-by: Ben Cressey -Signed-off-by: Arnaldo Garcia Rincon ---- - Makefile | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/Makefile b/Makefile -index 86b6ca862e39..fbe9b66f4f27 100644 ---- a/Makefile -+++ b/Makefile -@@ -1766,6 +1766,15 @@ else # KBUILD_EXTMOD - KBUILD_BUILTIN := - KBUILD_MODULES := 1 - -+PHONY += modules_prepare -+modules_prepare: tools/objtool -+ $(Q)$(MAKE) $(build)=scripts/basic -+ $(Q)$(MAKE) $(build)=scripts/dtc -+ $(Q)$(MAKE) $(build)=scripts/mod -+ $(Q)$(MAKE) $(build)=scripts -+ -+prepare: modules_prepare -+ - build-dirs := $(KBUILD_EXTMOD) - $(MODORDER): descend - @: --- -2.37.2 - diff --git a/packages/kernel-5.15/1002-Revert-kbuild-hide-tools-build-targets-from-external.patch b/packages/kernel-5.15/1002-Revert-kbuild-hide-tools-build-targets-from-external.patch deleted file mode 100644 index c27b3a9f8d9..00000000000 --- a/packages/kernel-5.15/1002-Revert-kbuild-hide-tools-build-targets-from-external.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 33d06503d0b131ca4475d77383d28f1569002ce0 Mon Sep 17 00:00:00 2001 -From: Arnaldo Garcia Rincon -Date: Wed, 22 Jun 2022 19:26:43 +0000 -Subject: [PATCH] Revert "kbuild: hide tools/ build targets from external - module builds" - -This reverts commit 1bb0b18a06dceee1fdc32161a72e28eab6f011c4 in which -the targets to build "tools/*" were hidden for external modules, but -they are required by the kmod kit since the 'tools/*' binaries are not -distributed as part of the archive. - -Signed-off-by: Arnaldo Garcia Rincon ---- - Makefile | 27 ++++++++++++++------------- - 1 file changed, 14 insertions(+), 13 deletions(-) - -diff --git a/Makefile b/Makefile -index fbe9b66f4f27..81191e5bffcb 100644 ---- a/Makefile -+++ b/Makefile -@@ -1387,19 +1387,6 @@ ifneq ($(wildcard $(resolve_btfids_O)),) - $(Q)$(MAKE) -sC $(srctree)/tools/bpf/resolve_btfids O=$(resolve_btfids_O) clean - endif - --# Clear a bunch of variables before executing the submake --ifeq ($(quiet),silent_) --tools_silent=s --endif -- --tools/: FORCE -- $(Q)mkdir -p $(objtree)/tools -- $(Q)$(MAKE) LDFLAGS= MAKEFLAGS="$(tools_silent) $(filter --j% -j,$(MAKEFLAGS))" O=$(abspath $(objtree)) subdir=tools -C $(srctree)/tools/ -- --tools/%: FORCE -- $(Q)mkdir -p $(objtree)/tools -- $(Q)$(MAKE) LDFLAGS= MAKEFLAGS="$(tools_silent) $(filter --j% -j,$(MAKEFLAGS))" O=$(abspath $(objtree)) subdir=tools -C $(srctree)/tools/ $* -- - # --------------------------------------------------------------------------- - # Kernel selftest - -@@ -2019,6 +2006,20 @@ kernelversion: - image_name: - @echo $(KBUILD_IMAGE) - -+# Clear a bunch of variables before executing the submake -+ -+ifeq ($(quiet),silent_) -+tools_silent=s -+endif -+ -+tools/: FORCE -+ $(Q)mkdir -p $(objtree)/tools -+ $(Q)$(MAKE) LDFLAGS= MAKEFLAGS="$(tools_silent) $(filter --j% -j,$(MAKEFLAGS))" O=$(abspath $(objtree)) subdir=tools -C $(srctree)/tools/ -+ -+tools/%: FORCE -+ $(Q)mkdir -p $(objtree)/tools -+ $(Q)$(MAKE) LDFLAGS= MAKEFLAGS="$(tools_silent) $(filter --j% -j,$(MAKEFLAGS))" O=$(abspath $(objtree)) subdir=tools -C $(srctree)/tools/ $* -+ - quiet_cmd_rmfiles = $(if $(wildcard $(rm-files)),CLEAN $(wildcard $(rm-files))) - cmd_rmfiles = rm -rf $(rm-files) - --- -2.37.2 - diff --git a/packages/kernel-5.15/1003-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch b/packages/kernel-5.15/1003-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch deleted file mode 100644 index d174535771e..00000000000 --- a/packages/kernel-5.15/1003-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 4e00f4850eaf84e1e638c467f444b8f4fb8c67f8 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Tue, 18 Oct 2022 22:24:52 +0000 -Subject: [PATCH] initramfs: unlink INITRAMFS_FORCE from CMDLINE_{EXTEND,FORCE} - -The motivation given in cff75e0b6fe83 for tying INITRAMFS_FORCE to -either of CMDLINE_{EXTEND,FORCE} was that these options imply an -inflexible bootloader, and that overriding the initramfs image would -also only be necessary for inflexible bootloaders. - -However, with the advent of Boot Config support, distributions that do -not normally use an initramfs may still want to allow an "initrd" to be -passed by the bootloader in order to accept boot configuration data. In -such cases, the CMDLINE_{EXTEND,FORCE} options are not desired because -the bootloader is actually expected to control the kernel command line. - -Unlinking the INITRAMFS_FORCE config option allows Boot Config data to -be passed by the bootloader while still preventing an unexpected -initramfs from overriding the built-in initramfs (if any). - -Signed-off-by: Ben Cressey ---- - usr/Kconfig | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/usr/Kconfig b/usr/Kconfig -index 8bbcf699fe3b..06aac19063ee 100644 ---- a/usr/Kconfig -+++ b/usr/Kconfig -@@ -24,7 +24,7 @@ config INITRAMFS_SOURCE - - config INITRAMFS_FORCE - bool "Ignore the initramfs passed by the bootloader" -- depends on CMDLINE_EXTEND || CMDLINE_FORCE -+ default n - help - This option causes the kernel to ignore the initramfs image - (or initrd image) passed to it by the bootloader. This is -@@ -32,6 +32,8 @@ config INITRAMFS_FORCE - and is useful if you cannot or don't want to change the image - your bootloader passes to the kernel. - -+ If unsure, say N. -+ - config INITRAMFS_ROOT_UID - int "User ID to map to 0 (user root)" - depends on INITRAMFS_SOURCE!="" --- -2.37.2 - diff --git a/packages/kernel-5.15/1004-af_unix-increase-default-max_dgram_qlen-to-512.patch b/packages/kernel-5.15/1004-af_unix-increase-default-max_dgram_qlen-to-512.patch deleted file mode 100644 index 888ebbd3628..00000000000 --- a/packages/kernel-5.15/1004-af_unix-increase-default-max_dgram_qlen-to-512.patch +++ /dev/null @@ -1,47 +0,0 @@ -From e36140bfb2795377360bb92c343b10c717567c62 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Tue, 23 May 2023 17:16:44 +0000 -Subject: [PATCH] af_unix: increase default max_dgram_qlen to 512 - -The net.unix.max_dgram_qlen sysctl has been defined with a default value of -10 since before the current Git history started in 2005. Systems have more -resources these days, and while the default values for other sysctls like -net.core.somaxconn have been adapted, max_dgram_qlen never was. - -Increase the default value for max_dgram_qlen to 512. A large number of -hosts effectively already run with this or a larger value, since systemd -has been making sure it is set to at least 512 since 2015. - -Signed-off-by: Markus Boehme ---- - Documentation/networking/ip-sysctl.rst | 2 +- - net/unix/af_unix.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst -index 7890b395e..54a0be396 100644 ---- a/Documentation/networking/ip-sysctl.rst -+++ b/Documentation/networking/ip-sysctl.rst -@@ -2885,5 +2885,5 @@ plpmtud_probe_interval - INTEGER - max_dgram_qlen - INTEGER - The maximum length of dgram socket receive queue - -- Default: 10 -+ Default: 512 - -diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c -index a96026dbd..267ee6d29 100644 ---- a/net/unix/af_unix.c -+++ b/net/unix/af_unix.c -@@ -3343,7 +3343,7 @@ static int __net_init unix_net_init(struct net *net) - { - int error = -ENOMEM; - -- net->unx.sysctl_max_dgram_qlen = 10; -+ net->unx.sysctl_max_dgram_qlen = 512; - if (unix_sysctl_register(net)) - goto out; - --- -2.39.2 - diff --git a/packages/kernel-5.15/Cargo.toml b/packages/kernel-5.15/Cargo.toml deleted file mode 100644 index 05d3d0a9beb..00000000000 --- a/packages/kernel-5.15/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "kernel-5_15" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] -package-name = "kernel-5.15" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -# Use latest-srpm-url.sh to get this. -url = "https://cdn.amazonlinux.com/blobstore/f75f72cbdb5b3da04159fef0093b7ca471b95b58172bc9630600bc94668e247a/kernel-5.15.158-103.164.amzn2.src.rpm" -sha512 = "3ba3616cfcbc230208c84dffbbe1648e57a295dd828288e1e330e988f1f14a9a10fc6e6f251573d20e6679e802ac3b3ca53dfef39d1e19f61af4ede42a035af0" - -[build-dependencies] -microcode = { path = "../microcode" } diff --git a/packages/kernel-5.15/README.md b/packages/kernel-5.15/README.md deleted file mode 100644 index 4cd4f58df9d..00000000000 --- a/packages/kernel-5.15/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# kernel-5.15 - -This package contains the Bottlerocket Linux kernel of the 5.15 series. - - -## Testing of Configuration Changes - -Bottlerocket kernels are built in multiple flavors (e.g. cloud, bare metal) and for multiple architectures (e.g. aarch64, x86_64). -The kernel configuration for any of those combinations might change independently of the others. -Please use `tools/diff-kernel-config` from the main Bottlerocket repository to ensure the configuration for any of the combinations does not change inadvertently. -Changes that can have an effect on the resulting kernel configuration include: - -* explicit kernel configuration changes -* package updates/kernel rebases - -Reviewers on a pull request potentially changing the kernel configuration will appreciate having the report produced by `diff-kernel-config` included in the PR description. diff --git a/packages/kernel-5.15/config-bottlerocket b/packages/kernel-5.15/config-bottlerocket deleted file mode 100644 index 454d16665a1..00000000000 --- a/packages/kernel-5.15/config-bottlerocket +++ /dev/null @@ -1,210 +0,0 @@ -# Because Bottlerocket does not have an initramfs, modules required to mount -# the root filesystem must be set to y. - -# The root filesystem is ext4 -CONFIG_EXT4_FS=y - -# btrfs support for compatibility -CONFIG_BTRFS_FS=m -CONFIG_BTRFS_FS_POSIX_ACL=y - -# Support for squashfs used to provide kernel headers with zstd compression -CONFIG_SQUASHFS=m -CONFIG_SQUASHFS_FILE_CACHE=y -# CONFIG_SQUASHFS_FILE_DIRECT is not set -CONFIG_SQUASHFS_DECOMP_SINGLE=y -# CONFIG_SQUASHFS_DECOMP_MULTI is not set -# CONFIG_SQUASHFS_DECOMP_MULTI_PERCPU is not set -CONFIG_SQUASHFS_XATTR=y -CONFIG_SQUASHFS_ZLIB=y -CONFIG_SQUASHFS_LZ4=y -CONFIG_SQUASHFS_LZO=y -CONFIG_SQUASHFS_XZ=y -CONFIG_SQUASHFS_ZSTD=y -# CONFIG_SQUASHFS_4K_DEVBLK_SIZE is not set -# CONFIG_SQUASHFS_EMBEDDED is not set -CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 - -# NVMe support -CONFIG_BLK_DEV_NVME=y -CONFIG_NVME_CORE=y - -# Xen blkfront for Xen-based EC2 platforms -CONFIG_XEN_BLKDEV_FRONTEND=y - -# virtio for local testing with QEMU -CONFIG_VIRTIO=y -CONFIG_VIRTIO_BLK=y -CONFIG_VIRTIO_PCI=y - -# dm-verity and enabling it on the kernel command line -CONFIG_BLK_DEV_DM=y -CONFIG_DAX=y -CONFIG_DM_INIT=y -CONFIG_DM_VERITY=y - -# TCMU/LIO -CONFIG_TCM_USER2=m - -# EFI -CONFIG_EFI=y -CONFIG_EFI_STUB=y -CONFIG_EFI_MIXED=y - -# EFI video -CONFIG_FB=y -CONFIG_FB_EFI=y -CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER=y - -# yama LSM for ptrace restrictions -CONFIG_SECURITY_YAMA=y - -# Do not allow SELinux to be disabled at boot. -# CONFIG_SECURITY_SELINUX_BOOTPARAM is not set - -# Do not allow SELinux to be disabled at runtime. -# CONFIG_SECURITY_SELINUX_DISABLE is not set - -# Do not allow SELinux to use `enforcing=0` behavior. -# CONFIG_SECURITY_SELINUX_DEVELOP is not set - -# Check the protection applied by the kernel for mmap and mprotect, -# rather than the protection requested by userspace. -CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0 - -# Enable support for the kernel lockdown security module. -CONFIG_SECURITY_LOCKDOWN_LSM=y - -# Enable lockdown early so that if the option is present on the -# kernel command line, it can be enforced. -CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y - -# disable integrity measurement architecture -# CONFIG_IMA is not set - -# Disable SafeSetID LSM -# CONFIG_SECURITY_SAFESETID is not set - -# enable /proc/config.gz -CONFIG_IKCONFIG=y -CONFIG_IKCONFIG_PROC=y - -# kernel headers at /sys/kernel/kheaders.tar.xz -CONFIG_IKHEADERS=y - -# BTF debug info at /sys/kernel/btf/vmlinux -CONFIG_DEBUG_INFO_BTF=y - -# We don't want to extend the kernel command line with any upstream defaults; -# Bottlerocket uses a fairly custom setup that needs tight control over it. -# CONFIG_CMDLINE_EXTEND is not set - -# We don't want to unpack the initramfs passed by the bootloader. The intent of -# this option is to ensure that the built-in initramfs is used. Since we do not -# have a built-in initramfs, in practice this means we will never unpack any -# initramfs. -# -# We rely on `CONFIG_BLK_DEV_INITRD` for boot config support, so we can't just -# disable the functionality altogether. -CONFIG_INITRAMFS_FORCE=y - -# Enable ZSTD kernel image compression -CONFIG_HAVE_KERNEL_ZSTD=y -CONFIG_KERNEL_ZSTD=y -CONFIG_ZSTD_COMPRESS=y -CONFIG_ZSTD_DECOMPRESS=y -CONFIG_DECOMPRESS_ZSTD=y - -# Enable gz modules compression -# CONFIG_MODULE_COMPRESS_NONE is not set -CONFIG_MODULE_COMPRESS_GZIP=y - -# Add virtio drivers for development setups running as guests in qemu -CONFIG_VIRTIO_CONSOLE=m -CONFIG_HW_RANDOM_VIRTIO=m - -# Add support for IPMI drivers -CONFIG_IPMI_HANDLER=m - -# Add support for bootconfig -CONFIG_BOOT_CONFIG=y - -# Enables support for checkpoint/restore -CONFIG_CHECKPOINT_RESTORE=y - -# Disable unused filesystems. -# CONFIG_AFS_FS is not set -# CONFIG_CRAMFS is not set -# CONFIG_ECRYPT_FS is not set -# CONFIG_EXT2_FS is not set -# CONFIG_EXT3_FS is not set -CONFIG_EXT4_USE_FOR_EXT2=y -# CONFIG_GFS2_FS is not set -# CONFIG_HFS_FS is not set -# CONFIG_HFSPLUS_FS is not set -# CONFIG_JFS_FS is not set -# CONFIG_JFFS2_FS is not set -# CONFIG_NFS_V2 is not set -# CONFIG_NILFS2_FS is not set -# CONFIG_NTFS_FS is not set -# CONFIG_ROMFS_FS is not set -# CONFIG_UFS_FS is not set -# CONFIG_ZONEFS_FS is not set -# CONFIG_NTFS3_FS is not set - -# Disable unused network protocols. -# CONFIG_AF_RXRPC is not set -# CONFIG_ATM is not set -# CONFIG_CAN is not set -# CONFIG_HSR is not set -# CONFIG_IP_DCCP is not set -# CONFIG_L2TP is not set -# CONFIG_RDS is not set -# CONFIG_RFKILL is not set -# CONFIG_TIPC is not set - -# Disable USB-attached network interfaces, unused in the cloud and on server-grade hardware. -# CONFIG_USB_NET_DRIVERS is not set - -# Disable unused qdiscs -# - sch_cake targets home routers and residential links -# CONFIG_NET_SCH_CAKE is not set - -# Provide minimal iSCSI via TCP support for initiator and target mode -# initiator side -CONFIG_ISCSI_TCP=m -CONFIG_ISCSI_BOOT_SYSFS=m -CONFIG_SCSI_ISCSI_ATTRS=m -# target side -CONFIG_ISCSI_TARGET=m -# CONFIG_INFINIBAND_ISERT is not set - -# Disable panic on hung and lockup conditions by default -# CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set -# CONFIG_BOOTPARAM_HARDLOCKUP_PANIC is not set -# CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set - -# Disable edac driver for intel 10nm memory controllers -# CONFIG_EDAC_I10NM is not set - -# Support boot from IDE disks -CONFIG_ATA=y -CONFIG_ATA_PIIX=y -CONFIG_SCSI=y -CONFIG_BLK_DEV_SD=y - -# Mellanox network support -CONFIG_NET_SWITCHDEV=y -CONFIG_NET_VENDOR_MELLANOX=y -CONFIG_MLX5_CORE=m -CONFIG_MLX5_CORE_EN=y -CONFIG_MLX5_INFINIBAND=m -CONFIG_MLXFW=m -# CONFIG_MLX5_FPGA is not set -# CONFIG_MLX5_IPSEC is not set -# CONFIG_MLX5_CORE_IPOIB is not set -# CONFIG_MLX5_SF is not set - -# Support filesystem encryption for ext4 -CONFIG_FS_ENCRYPTION=y -CONFIG_FS_ENCRYPTION_INLINE_CRYPT=y diff --git a/packages/kernel-5.15/kernel-5.15.spec b/packages/kernel-5.15/kernel-5.15.spec deleted file mode 100644 index 356f331521f..00000000000 --- a/packages/kernel-5.15/kernel-5.15.spec +++ /dev/null @@ -1,273 +0,0 @@ -%global debug_package %{nil} - -Name: %{_cross_os}kernel-5.15 -Version: 5.15.158 -Release: 1%{?dist} -Summary: The Linux kernel -License: GPL-2.0 WITH Linux-syscall-note -URL: https://www.kernel.org/ -# Use latest-srpm-url.sh to get this. -Source0: https://cdn.amazonlinux.com/blobstore/f75f72cbdb5b3da04159fef0093b7ca471b95b58172bc9630600bc94668e247a/kernel-5.15.158-103.164.amzn2.src.rpm -Source100: config-bottlerocket - -# Help out-of-tree module builds run `make prepare` automatically. -Patch1001: 1001-Makefile-add-prepare-target-for-external-modules.patch -# Expose tools/* targets for out-of-tree module builds. -Patch1002: 1002-Revert-kbuild-hide-tools-build-targets-from-external.patch -# Enable INITRAMFS_FORCE config option for our use case. -Patch1003: 1003-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch -# Increase default of sysctl net.unix.max_dgram_qlen to 512. -Patch1004: 1004-af_unix-increase-default-max_dgram_qlen-to-512.patch - -BuildRequires: bc -BuildRequires: elfutils-devel -BuildRequires: hostname -BuildRequires: kmod -BuildRequires: openssl-devel - -# CPU microcode updates are included as "extra firmware" so the files don't -# need to be installed on the root filesystem. However, we want the license and -# attribution files to be available in the usual place. -%if "%{_cross_arch}" == "x86_64" -BuildRequires: %{_cross_os}microcode -Requires: %{_cross_os}microcode-licenses -%endif - -# Pull in expected modules and development files. -Requires: %{name}-modules = %{version}-%{release} -Requires: %{name}-devel = %{version}-%{release} - -# The 5.15 kernel is not FIPS certified. -Conflicts: %{_cross_os}image-feature(fips) - -%global kernel_sourcedir %{_cross_usrsrc}/kernels -%global kernel_libdir %{_cross_libdir}/modules/%{version} - -%description -%{summary}. - -%package devel -Summary: Configured Linux kernel source for module building - -%description devel -%{summary}. - -%package archive -Summary: Archived Linux kernel source for module building - -%description archive -%{summary}. - -%package modules -Summary: Modules for the Linux kernel - -%description modules -%{summary}. - -%package headers -Summary: Header files for the Linux kernel for use by glibc - -%description headers -%{summary}. - -%prep -rpm2cpio %{SOURCE0} | cpio -iu linux-%{version}.tar config-%{_cross_arch} "*.patch" -tar -xof linux-%{version}.tar; rm linux-%{version}.tar -%setup -TDn linux-%{version} -# Patches from the Source0 SRPM -for patch in ../*.patch; do - patch -p1 <"$patch" -done -# Patches listed in this spec (Patch0001...) -%autopatch -p1 - -%if "%{_cross_arch}" == "x86_64" -microcode="$(find %{_cross_libdir}/firmware -type f -path '*/*-ucode/*' -printf '%%P ')" -cat < ../config-microcode -CONFIG_EXTRA_FIRMWARE="${microcode}" -CONFIG_EXTRA_FIRMWARE_DIR="%{_cross_libdir}/firmware" -EOF -%endif - -export ARCH="%{_cross_karch}" -export CROSS_COMPILE="%{_cross_target}-" - -KCONFIG_CONFIG="arch/%{_cross_karch}/configs/%{_cross_vendor}_defconfig" \ -scripts/kconfig/merge_config.sh \ - ../config-%{_cross_arch} \ -%if "%{_cross_arch}" == "x86_64" - ../config-microcode \ -%endif - %{SOURCE100} - -rm -f ../config-* ../*.patch - -%global kmake \ -make -s\\\ - ARCH="%{_cross_karch}"\\\ - CROSS_COMPILE="%{_cross_target}-"\\\ - INSTALL_HDR_PATH="%{buildroot}%{_cross_prefix}"\\\ - INSTALL_MOD_PATH="%{buildroot}%{_cross_prefix}"\\\ - INSTALL_MOD_STRIP=1\\\ -%{nil} - -%build -%kmake mrproper -%kmake %{_cross_vendor}_defconfig -%kmake %{?_smp_mflags} %{_cross_kimage} -%kmake %{?_smp_mflags} modules - -%install -%kmake %{?_smp_mflags} headers_install -%kmake %{?_smp_mflags} modules_install - -install -d %{buildroot}/boot -install -T -m 0755 arch/%{_cross_karch}/boot/%{_cross_kimage} %{buildroot}/boot/vmlinuz -install -m 0644 .config %{buildroot}/boot/config - -find %{buildroot}%{_cross_prefix} \ - \( -name .install -o -name .check -o \ - -name ..install.cmd -o -name ..check.cmd \) -delete - -# For out-of-tree kmod builds, we need to support the following targets: -# make scripts -> make prepare -> make modules -# -# This requires enough of the kernel tree to build host programs under the -# "scripts" and "tools" directories. - -# Any existing ELF objects will not work properly if we're cross-compiling for -# a different architecture, so get rid of them to avoid confusing errors. -find arch scripts tools -type f -executable \ - -exec sh -c "head -c4 {} | grep -q ELF && rm {}" \; - -# We don't need to include these files. -find -type f \( -name \*.cmd -o -name \*.gitignore \) -delete - -# Avoid an OpenSSL dependency by stubbing out options for module signing and -# trusted keyrings, so `sign-file` and `extract-cert` won't be built. External -# kernel modules do not have access to the keys they would need to make use of -# these tools. -sed -i \ - -e 's,$(CONFIG_MODULE_SIG_FORMAT),n,g' \ - -e 's,$(CONFIG_SYSTEM_TRUSTED_KEYRING),n,g' \ - scripts/Makefile - -# Restrict permissions on System.map. -chmod 600 System.map - -( - find * \ - -type f \ - \( -name Build\* -o -name Kbuild\* -o -name Kconfig\* -o -name Makefile\* \) \ - -print - - find arch/%{_cross_karch}/ \ - -type f \ - \( -name module.lds -o -name vmlinux.lds.S -o -name Platform -o -name \*.tbl \) \ - -print - - find arch/%{_cross_karch}/{include,lib}/ -type f ! -name \*.o ! -name \*.o.d -print - echo arch/%{_cross_karch}/kernel/asm-offsets.s - echo lib/vdso/gettimeofday.c - - for d in \ - arch/%{_cross_karch}/tools \ - arch/%{_cross_karch}/kernel/vdso ; do - [ -d "${d}" ] && find "${d}/" -type f -print - done - - find include -type f -print - find scripts -type f ! -name \*.l ! -name \*.y ! -name \*.o -print - - find tools/{arch/%{_cross_karch},include,objtool,scripts}/ -type f ! -name \*.o -print - echo tools/build/fixdep.c - find tools/lib/subcmd -type f -print - find tools/lib/{ctype,hweight,rbtree,string,str_error_r}.c - - echo kernel/bounds.c - echo kernel/time/timeconst.bc - echo security/selinux/include/classmap.h - echo security/selinux/include/initial_sid_to_string.h - echo security/selinux/include/policycap.h - echo security/selinux/include/policycap_names.h - - echo .config - echo Module.symvers - echo System.map -) | sort -u > kernel_devel_files - -# Create squashfs of kernel-devel files (ie. /usr/src/kernels/). -# -# -no-exports: -# The filesystem does not need to be exported via NFS. -# -# -all-root: -# Make all files owned by root rather than the build user. -# -# -comp zstd: -# zstd offers compression ratios like xz and decompression speeds like lz4. -SQUASHFS_OPTS="-no-exports -all-root -comp zstd" -mkdir -p src_squashfs/%{version} -tar c -T kernel_devel_files | tar x -C src_squashfs/%{version} -mksquashfs src_squashfs kernel-devel.squashfs ${SQUASHFS_OPTS} - -# Create a tarball of the same files, for use outside the running system. -# In theory we could extract these files with `unsquashfs`, but we do not want -# to require it to be installed on the build host, and it errors out when run -# inside Docker unless the limit for open files is lowered. -tar cf kernel-devel.tar src_squashfs/%{version} --transform='s|src_squashfs/%{version}|kernel-devel|' -xz -T0 kernel-devel.tar - -install -D kernel-devel.squashfs %{buildroot}%{_cross_datadir}/bottlerocket/kernel-devel.squashfs -install -D kernel-devel.tar.xz %{buildroot}%{_cross_datadir}/bottlerocket/kernel-devel.tar.xz -install -d %{buildroot}%{kernel_sourcedir} - -# Replace the incorrect links from modules_install. These will be bound -# into a host container (and unused in the host) so they must not point -# to %{_cross_usrsrc} (eg. /x86_64-bottlerocket-linux-gnu/sys-root/...) -rm -f %{buildroot}%{kernel_libdir}/build %{buildroot}%{kernel_libdir}/source -ln -sf %{_usrsrc}/kernels/%{version} %{buildroot}%{kernel_libdir}/build -ln -sf %{_usrsrc}/kernels/%{version} %{buildroot}%{kernel_libdir}/source - -%files -%license COPYING LICENSES/preferred/GPL-2.0 LICENSES/exceptions/Linux-syscall-note -%{_cross_attribution_file} -/boot/vmlinuz -/boot/config - -%files modules -%dir %{_cross_libdir}/modules -%{_cross_libdir}/modules/* - -%files headers -%dir %{_cross_includedir}/asm -%dir %{_cross_includedir}/asm-generic -%dir %{_cross_includedir}/drm -%dir %{_cross_includedir}/linux -%dir %{_cross_includedir}/misc -%dir %{_cross_includedir}/mtd -%dir %{_cross_includedir}/rdma -%dir %{_cross_includedir}/scsi -%dir %{_cross_includedir}/sound -%dir %{_cross_includedir}/video -%dir %{_cross_includedir}/xen -%{_cross_includedir}/asm/* -%{_cross_includedir}/asm-generic/* -%{_cross_includedir}/drm/* -%{_cross_includedir}/linux/* -%{_cross_includedir}/misc/* -%{_cross_includedir}/mtd/* -%{_cross_includedir}/rdma/* -%{_cross_includedir}/scsi/* -%{_cross_includedir}/sound/* -%{_cross_includedir}/video/* -%{_cross_includedir}/xen/* - -%files devel -%dir %{kernel_sourcedir} -%{_cross_datadir}/bottlerocket/kernel-devel.squashfs - -%files archive -%{_cross_datadir}/bottlerocket/kernel-devel.tar.xz - -%changelog diff --git a/packages/kernel-5.15/latest-srpm-url.sh b/packages/kernel-5.15/latest-srpm-url.sh deleted file mode 100755 index 91ba10e6f03..00000000000 --- a/packages/kernel-5.15/latest-srpm-url.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -docker run --rm amazonlinux:2 sh -c 'amazon-linux-extras enable kernel-5.15 >/dev/null && yum install -q -y yum-utils && yumdownloader -q --source --urls kernel | grep ^http' diff --git a/packages/kernel-6.1/1001-Makefile-add-prepare-target-for-external-modules.patch b/packages/kernel-6.1/1001-Makefile-add-prepare-target-for-external-modules.patch deleted file mode 100644 index 84f46d6322f..00000000000 --- a/packages/kernel-6.1/1001-Makefile-add-prepare-target-for-external-modules.patch +++ /dev/null @@ -1,55 +0,0 @@ -From e6e9b5adc830c0924d81c348c8d5b12e3dc4242e Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Mon, 19 Apr 2021 18:46:04 +0000 -Subject: [PATCH] Makefile: add prepare target for external modules - -We need to ensure that native versions of programs like `objtool` are -built before trying to build out-of-tree modules, or else the build -will fail. - -Unlike other distributions, we cannot include these programs in our -kernel-devel archive, because we rely on cross-compilation: these are -"host" programs and may not match the architecture of the target. - -Ideally, out-of-tree builds would run `make prepare` first, so that -these programs could be compiled in the normal fashion. We ship all -the files needed for this to work. However, this requirement is -specific to our use case, and DKMS does not support it. - -Adding a minimal prepare target to the dependency graph causes the -programs to be built automatically and improves compatibility with -existing solutions. - -Signed-off-by: Ben Cressey -Signed-off-by: Arnaldo Garcia Rincon ---- - Makefile | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/Makefile b/Makefile -index 23390805e..2f78ac123 100644 ---- a/Makefile -+++ b/Makefile -@@ -1874,6 +1874,19 @@ else # KBUILD_EXTMOD - KBUILD_BUILTIN := - KBUILD_MODULES := 1 - -+PHONY += modules_prepare -+modules_prepare: -+ $(Q)$(MAKE) $(build)=scripts/basic -+ $(Q)$(MAKE) $(build)=scripts/dtc -+ $(Q)$(MAKE) $(build)=scripts/mod -+ $(Q)$(MAKE) $(build)=scripts -+ -+ifdef CONFIG_OBJTOOL -+prepare: tools/objtool -+endif -+ -+prepare: modules_prepare -+ - build-dir := $(KBUILD_EXTMOD) - - compile_commands.json: $(extmod_prefix)compile_commands.json --- -2.40.0 - diff --git a/packages/kernel-6.1/1002-Revert-kbuild-hide-tools-build-targets-from-external.patch b/packages/kernel-6.1/1002-Revert-kbuild-hide-tools-build-targets-from-external.patch deleted file mode 100644 index ef3330859b7..00000000000 --- a/packages/kernel-6.1/1002-Revert-kbuild-hide-tools-build-targets-from-external.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 05a7163507930b56804896818c80e92a2454ef4d Mon Sep 17 00:00:00 2001 -From: Arnaldo Garcia Rincon -Date: Wed, 22 Jun 2022 19:26:43 +0000 -Subject: [PATCH] Revert "kbuild: hide tools/ build targets from external - module builds" - -This reverts commit 1bb0b18a06dceee1fdc32161a72e28eab6f011c4 in which -the targets to build "tools/*" were hidden for external modules, but -they are required by the kmod kit since the 'tools/*' binaries are not -distributed as part of the archive. - -Signed-off-by: Arnaldo Garcia Rincon ---- - Makefile | 27 ++++++++++++++------------- - 1 file changed, 14 insertions(+), 13 deletions(-) - -diff --git a/Makefile b/Makefile -index 346b898eb..e3d39f7c3 100644 ---- a/Makefile -+++ b/Makefile -@@ -1421,19 +1421,6 @@ ifneq ($(wildcard $(resolve_btfids_O)),) - $(Q)$(MAKE) -sC $(srctree)/tools/bpf/resolve_btfids O=$(resolve_btfids_O) clean - endif - --# Clear a bunch of variables before executing the submake --ifeq ($(quiet),silent_) --tools_silent=s --endif -- --tools/: FORCE -- $(Q)mkdir -p $(objtree)/tools -- $(Q)$(MAKE) LDFLAGS= MAKEFLAGS="$(tools_silent) $(filter --j% -j,$(MAKEFLAGS))" O=$(abspath $(objtree)) subdir=tools -C $(srctree)/tools/ -- --tools/%: FORCE -- $(Q)mkdir -p $(objtree)/tools -- $(Q)$(MAKE) LDFLAGS= MAKEFLAGS="$(tools_silent) $(filter --j% -j,$(MAKEFLAGS))" O=$(abspath $(objtree)) subdir=tools -C $(srctree)/tools/ $* -- - # --------------------------------------------------------------------------- - # Kernel selftest - -@@ -2124,6 +2111,20 @@ kernelversion: - image_name: - @echo $(KBUILD_IMAGE) - -+# Clear a bunch of variables before executing the submake -+ -+ifeq ($(quiet),silent_) -+tools_silent=s -+endif -+ -+tools/: FORCE -+ $(Q)mkdir -p $(objtree)/tools -+ $(Q)$(MAKE) LDFLAGS= MAKEFLAGS="$(tools_silent) $(filter --j% -j,$(MAKEFLAGS))" O=$(abspath $(objtree)) subdir=tools -C $(srctree)/tools/ -+ -+tools/%: FORCE -+ $(Q)mkdir -p $(objtree)/tools -+ $(Q)$(MAKE) LDFLAGS= MAKEFLAGS="$(tools_silent) $(filter --j% -j,$(MAKEFLAGS))" O=$(abspath $(objtree)) subdir=tools -C $(srctree)/tools/ $* -+ - quiet_cmd_rmfiles = $(if $(wildcard $(rm-files)),CLEAN $(wildcard $(rm-files))) - cmd_rmfiles = rm -rf $(rm-files) - --- -2.39.1 - diff --git a/packages/kernel-6.1/1003-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch b/packages/kernel-6.1/1003-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch deleted file mode 100644 index ce4578b7c9b..00000000000 --- a/packages/kernel-6.1/1003-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 002d1909e18b7ca876edd4680ffcf8b59dea6c1b Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Tue, 18 Oct 2022 22:24:52 +0000 -Subject: [PATCH] initramfs: unlink INITRAMFS_FORCE from CMDLINE_{EXTEND,FORCE} - -The motivation given in cff75e0b6fe83 for tying INITRAMFS_FORCE to -either of CMDLINE_{EXTEND,FORCE} was that these options imply an -inflexible bootloader, and that overriding the initramfs image would -also only be necessary for inflexible bootloaders. - -However, with the advent of Boot Config support, distributions that do -not normally use an initramfs may still want to allow an "initrd" to be -passed by the bootloader in order to accept boot configuration data. In -such cases, the CMDLINE_{EXTEND,FORCE} options are not desired because -the bootloader is actually expected to control the kernel command line. - -Unlinking the INITRAMFS_FORCE config option allows Boot Config data to -be passed by the bootloader while still preventing an unexpected -initramfs from overriding the built-in initramfs (if any). - -Signed-off-by: Ben Cressey ---- - usr/Kconfig | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/usr/Kconfig b/usr/Kconfig -index 8bbcf699f..06aac1906 100644 ---- a/usr/Kconfig -+++ b/usr/Kconfig -@@ -24,7 +24,7 @@ config INITRAMFS_SOURCE - - config INITRAMFS_FORCE - bool "Ignore the initramfs passed by the bootloader" -- depends on CMDLINE_EXTEND || CMDLINE_FORCE -+ default n - help - This option causes the kernel to ignore the initramfs image - (or initrd image) passed to it by the bootloader. This is -@@ -32,6 +32,8 @@ config INITRAMFS_FORCE - and is useful if you cannot or don't want to change the image - your bootloader passes to the kernel. - -+ If unsure, say N. -+ - config INITRAMFS_ROOT_UID - int "User ID to map to 0 (user root)" - depends on INITRAMFS_SOURCE!="" --- -2.39.1 - diff --git a/packages/kernel-6.1/1004-af_unix-increase-default-max_dgram_qlen-to-512.patch b/packages/kernel-6.1/1004-af_unix-increase-default-max_dgram_qlen-to-512.patch deleted file mode 100644 index 57eb675816f..00000000000 --- a/packages/kernel-6.1/1004-af_unix-increase-default-max_dgram_qlen-to-512.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 1faecf19a86dbb29b62607b1740ef59a5c35acb2 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Tue, 23 May 2023 17:16:44 +0000 -Subject: [PATCH] af_unix: increase default max_dgram_qlen to 512 - -The net.unix.max_dgram_qlen sysctl has been defined with a default value of -10 since before the current Git history started in 2005. Systems have more -resources these days, and while the default values for other sysctls like -net.core.somaxconn have been adapted, max_dgram_qlen never was. - -Increase the default value for max_dgram_qlen to 512. A large number of -hosts effectively already run with this or a larger value, since systemd -has been making sure it is set to at least 512 since 2015. - -Signed-off-by: Markus Boehme ---- - Documentation/networking/ip-sysctl.rst | 2 +- - net/unix/af_unix.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst -index e7b3fa7bb..f20837a92 100644 ---- a/Documentation/networking/ip-sysctl.rst -+++ b/Documentation/networking/ip-sysctl.rst -@@ -3038,5 +3038,5 @@ ecn_enable - BOOLEAN - max_dgram_qlen - INTEGER - The maximum length of dgram socket receive queue - -- Default: 10 -+ Default: 512 - -diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c -index f0c2293f1..3962a66c5 100644 ---- a/net/unix/af_unix.c -+++ b/net/unix/af_unix.c -@@ -3600,7 +3600,7 @@ static int __net_init unix_net_init(struct net *net) - { - int i; - -- net->unx.sysctl_max_dgram_qlen = 10; -+ net->unx.sysctl_max_dgram_qlen = 512; - if (unix_sysctl_register(net)) - goto out; - --- -2.40.0 - diff --git a/packages/kernel-6.1/1005-Revert-Revert-drm-fb_helper-improve-CONFIG_FB-depend.patch b/packages/kernel-6.1/1005-Revert-Revert-drm-fb_helper-improve-CONFIG_FB-depend.patch deleted file mode 100644 index 01a3d1b8a8c..00000000000 --- a/packages/kernel-6.1/1005-Revert-Revert-drm-fb_helper-improve-CONFIG_FB-depend.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 97942a7563e670dbc481a322b34f29010a1ed9ec Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Fri, 11 Aug 2023 06:41:44 +0000 -Subject: [PATCH] Revert "Revert "drm: fb_helper: improve CONFIG_FB - dependency"" - -This reverts commit 9200a3864170e49e8d076870ee18fad6de4fd356. - -Amazon Linux has reverted this upstream commit in order to have -certain DRM options set to allow building nvidia DKMS. Instead -of reverting an upstream commit, we added DRM_SIMPLEDRM with -Bottlerocket commit fd73bff24a78 in order to supply the necessary -dependecies for nvidia drivers. ---- - drivers/gpu/drm/Kconfig | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/drivers/gpu/drm/Kconfig b/drivers/gpu/drm/Kconfig -index e0264211ca84..f30f99166531 100644 ---- a/drivers/gpu/drm/Kconfig -+++ b/drivers/gpu/drm/Kconfig -@@ -124,9 +124,8 @@ config DRM_DEBUG_MODESET_LOCK - - config DRM_FBDEV_EMULATION - bool "Enable legacy fbdev support for your modesetting driver" -- depends on DRM -- depends on FB=y || FB=DRM -- select DRM_KMS_HELPER -+ depends on DRM_KMS_HELPER -+ depends on FB=y || FB=DRM_KMS_HELPER - select FB_CFB_FILLRECT - select FB_CFB_COPYAREA - select FB_CFB_IMAGEBLIT --- -2.40.1 - diff --git a/packages/kernel-6.1/Cargo.toml b/packages/kernel-6.1/Cargo.toml deleted file mode 100644 index 4a973e080d9..00000000000 --- a/packages/kernel-6.1/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "kernel-6_1" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] -package-name = "kernel-6.1" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -# Use latest-srpm-url.sh to get this. -url = "https://cdn.amazonlinux.com/al2023/blobstore/56c452d9992a4b8c25e5ff09f38a1464761196c1462a341e438301b6d56bfe50/kernel-6.1.92-99.174.amzn2023.src.rpm" -sha512 = "134d231c7c87e9136a6ceb2f125bd7d2163d7b73590d821f0d2192effd1a5f0850c612e0f9e03bcbd92f47014fd99fe6e9e8a1b45c5e01dab6d074faf74b4df4" - -[build-dependencies] -microcode = { path = "../microcode" } diff --git a/packages/kernel-6.1/README.md b/packages/kernel-6.1/README.md deleted file mode 100644 index a999af73b24..00000000000 --- a/packages/kernel-6.1/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# kernel-6.1 - -This package contains the Bottlerocket Linux kernel of the 6.1 series. - - -## Testing of Configuration Changes - -Bottlerocket kernels are built in multiple flavors (e.g. cloud, bare metal) and for multiple architectures (e.g. aarch64, x86_64). -The kernel configuration for any of those combinations might change independently of the others. -Please use `tools/diff-kernel-config` from the main Bottlerocket repository to ensure the configuration for any of the combinations does not change inadvertently. -Changes that can have an effect on the resulting kernel configuration include: - -* explicit kernel configuration changes -* package updates/kernel rebases - -Reviewers on a pull request potentially changing the kernel configuration will appreciate having the report produced by `diff-kernel-config` included in the PR description. diff --git a/packages/kernel-6.1/bootconfig-aws.conf b/packages/kernel-6.1/bootconfig-aws.conf deleted file mode 100644 index 90bd5c25629..00000000000 --- a/packages/kernel-6.1/bootconfig-aws.conf +++ /dev/null @@ -1,2 +0,0 @@ -kernel.initcall_blacklist = vmd_drv_init, megasas_init, mpt3sas_init, pqi_init -kernel.module_blacklist = i8042 diff --git a/packages/kernel-6.1/bootconfig-metal.conf b/packages/kernel-6.1/bootconfig-metal.conf deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/packages/kernel-6.1/bootconfig-vmware.conf b/packages/kernel-6.1/bootconfig-vmware.conf deleted file mode 100644 index 8d7ae016ca6..00000000000 --- a/packages/kernel-6.1/bootconfig-vmware.conf +++ /dev/null @@ -1 +0,0 @@ -kernel.initcall_blacklist = vmd_drv_init, megasas_init, mpt3sas_init, pqi_init diff --git a/packages/kernel-6.1/check-fips-modules.drop-in.conf.in b/packages/kernel-6.1/check-fips-modules.drop-in.conf.in deleted file mode 100644 index c55854796c9..00000000000 --- a/packages/kernel-6.1/check-fips-modules.drop-in.conf.in +++ /dev/null @@ -1,3 +0,0 @@ -[Unit] -Requires=fips-modprobe@__FIPS_MODULE__.service -After=fips-modprobe@__FIPS_MODULE__.service diff --git a/packages/kernel-6.1/config-bottlerocket b/packages/kernel-6.1/config-bottlerocket deleted file mode 100644 index c4ae543bdc7..00000000000 --- a/packages/kernel-6.1/config-bottlerocket +++ /dev/null @@ -1,354 +0,0 @@ -# Because Bottlerocket does not have an initramfs, modules required to mount -# the root filesystem must be set to y. - -# The root filesystem is ext4 -CONFIG_EXT4_FS=y - -# btrfs support for compatibility -CONFIG_BTRFS_FS=m -CONFIG_BTRFS_FS_POSIX_ACL=y - -# Support for squashfs used to provide kernel headers with zstd compression -CONFIG_SQUASHFS=m -CONFIG_SQUASHFS_FILE_CACHE=y -# CONFIG_SQUASHFS_FILE_DIRECT is not set -CONFIG_SQUASHFS_DECOMP_SINGLE=y -# CONFIG_SQUASHFS_DECOMP_MULTI is not set -# CONFIG_SQUASHFS_DECOMP_MULTI_PERCPU is not set -CONFIG_SQUASHFS_XATTR=y -CONFIG_SQUASHFS_ZLIB=y -CONFIG_SQUASHFS_LZ4=y -CONFIG_SQUASHFS_LZO=y -CONFIG_SQUASHFS_XZ=y -CONFIG_SQUASHFS_ZSTD=y -# CONFIG_SQUASHFS_4K_DEVBLK_SIZE is not set -# CONFIG_SQUASHFS_EMBEDDED is not set -CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 - -# NVMe support -CONFIG_BLK_DEV_NVME=y -CONFIG_NVME_CORE=y - -# Xen blkfront for Xen-based EC2 platforms -CONFIG_XEN_BLKDEV_FRONTEND=y - -# virtio for local testing with QEMU -CONFIG_VIRTIO=y -CONFIG_VIRTIO_BLK=y -CONFIG_VIRTIO_PCI=y - -# Support for virtio scsi boot devices for other cloud providers -CONFIG_SCSI_VIRTIO=y - -# IDE, SCSI, and SATA disks -CONFIG_ATA=y -CONFIG_ATA_PIIX=y -CONFIG_SCSI=y -CONFIG_BLK_DEV_SD=y -CONFIG_SATA_AHCI=y - -# Disable specific SCSI drivers. -# CONFIG_SCSI_MPI3MR is not set - -# LSI Logic's SAS based RAID controllers -CONFIG_SCSI_MPT3SAS=y -CONFIG_MEGARAID_SAS=y - -# Microsemi PQI controllers -CONFIG_SCSI_SMARTPQI=y - -# Intel Volume Management Device driver, to support boot disks in a separate -# PCI domain. -CONFIG_VMD=y - -# dm-verity and enabling it on the kernel command line -CONFIG_BLK_DEV_DM=y -CONFIG_DAX=y -CONFIG_DM_INIT=y -CONFIG_DM_VERITY=y - -# TCMU/LIO -CONFIG_TCM_USER2=m - -# EFI -CONFIG_EFI=y -CONFIG_EFI_STUB=y -CONFIG_EFI_MIXED=y - -# EFI video -CONFIG_FB=y -CONFIG_FB_EFI=y -CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER=y - -# yama LSM for ptrace restrictions -CONFIG_SECURITY_YAMA=y - -# Do not allow SELinux to be disabled at boot. -# CONFIG_SECURITY_SELINUX_BOOTPARAM is not set - -# Do not allow SELinux to be disabled at runtime. -# CONFIG_SECURITY_SELINUX_DISABLE is not set - -# Do not allow SELinux to use `enforcing=0` behavior. -# CONFIG_SECURITY_SELINUX_DEVELOP is not set - -# Check the protection applied by the kernel for mmap and mprotect, -# rather than the protection requested by userspace. -CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0 - -# Enable support for the kernel lockdown security module. -CONFIG_SECURITY_LOCKDOWN_LSM=y - -# Enable lockdown early so that if the option is present on the -# kernel command line, it can be enforced. -CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y - -# disable integrity measurement architecture -# CONFIG_IMA is not set - -# Disable SafeSetID LSM -# CONFIG_SECURITY_SAFESETID is not set - -# enable /proc/config.gz -CONFIG_IKCONFIG=y -CONFIG_IKCONFIG_PROC=y - -# kernel headers at /sys/kernel/kheaders.tar.xz -CONFIG_IKHEADERS=y - -# BTF debug info at /sys/kernel/btf/vmlinux -CONFIG_DEBUG_INFO_BTF=y - -# We don't want to extend the kernel command line with any upstream defaults; -# Bottlerocket uses a fairly custom setup that needs tight control over it. -# CONFIG_CMDLINE_EXTEND is not set - -# We don't want to unpack the initramfs passed by the bootloader. The intent of -# this option is to ensure that the built-in initramfs is used. Since we do not -# have a built-in initramfs, in practice this means we will never unpack any -# initramfs. -# -# We rely on `CONFIG_BLK_DEV_INITRD` for boot config support, so we can't just -# disable the functionality altogether. -CONFIG_INITRAMFS_FORCE=y - -# Enable ZSTD kernel image compression -CONFIG_HAVE_KERNEL_ZSTD=y -CONFIG_KERNEL_ZSTD=y -CONFIG_ZSTD_COMPRESS=y -CONFIG_ZSTD_DECOMPRESS=y -CONFIG_DECOMPRESS_ZSTD=y - -# Enable gz modules compression -# CONFIG_MODULE_COMPRESS_NONE is not set -CONFIG_MODULE_COMPRESS_GZIP=y - -# Support handling of compressed firmware -CONFIG_FW_LOADER_COMPRESS=y -# CONFIG_FW_LOADER_COMPRESS_XZ is not set -CONFIG_FW_LOADER_COMPRESS_ZSTD=y - -# Add virtio drivers for development setups running as guests in qemu -CONFIG_VIRTIO_CONSOLE=m -CONFIG_HW_RANDOM_VIRTIO=m - -# Add support for IPMI drivers -CONFIG_IPMI_HANDLER=m - -# Add support for bootconfig -CONFIG_BOOT_CONFIG=y - -# Enables support for checkpoint/restore -CONFIG_CHECKPOINT_RESTORE=y - -# Disable unused filesystems. -# CONFIG_AFS_FS is not set -# CONFIG_CRAMFS is not set -# CONFIG_ECRYPT_FS is not set -# CONFIG_EXT2_FS is not set -# CONFIG_EXT3_FS is not set -CONFIG_EXT4_USE_FOR_EXT2=y -# CONFIG_GFS2_FS is not set -# CONFIG_HFS_FS is not set -# CONFIG_HFSPLUS_FS is not set -# CONFIG_JFS_FS is not set -# CONFIG_JFFS2_FS is not set -# CONFIG_NFS_V2 is not set -# CONFIG_NILFS2_FS is not set -# CONFIG_NTFS_FS is not set -# CONFIG_ROMFS_FS is not set -# CONFIG_UFS_FS is not set -# CONFIG_ZONEFS_FS is not set -# CONFIG_NTFS3_FS is not set - -# Disable unused network protocols. -# CONFIG_AF_RXRPC is not set -# CONFIG_ATM is not set -# CONFIG_CAN is not set -# CONFIG_HSR is not set -# CONFIG_IP_DCCP is not set -# CONFIG_L2TP is not set -# CONFIG_RDS is not set -# CONFIG_RFKILL is not set -# CONFIG_TIPC is not set - -# Disable USB-attached network interfaces, unused in the cloud and on server-grade hardware. -# CONFIG_USB_NET_DRIVERS is not set - -# Disable unused qdiscs -# - sch_cake targets home routers and residential links -# CONFIG_NET_SCH_CAKE is not set - -# Provide minimal iSCSI via TCP support for initiator and target mode -# initiator side -CONFIG_ISCSI_TCP=m -CONFIG_ISCSI_BOOT_SYSFS=m -CONFIG_SCSI_ISCSI_ATTRS=m -# target side -CONFIG_ISCSI_TARGET=m -# CONFIG_INFINIBAND_ISERT is not set - -# Disable DAMON subsystem. We currently do not have a good use-case for DAMON. -# CONFIG_DAMON is not set - -# Load i8042 controller, keyboard, and mouse as modules, to avoid waiting for -# them before mounting the root device. -CONFIG_SERIO_I8042=m -CONFIG_KEYBOARD_ATKBD=m -CONFIG_MOUSE_PS2=m -# CONFIG_MOUSE_PS2_ALPS is not set -# CONFIG_MOUSE_PS2_BYD is not set -# CONFIG_MOUSE_PS2_CYPRESS is not set -# CONFIG_MOUSE_PS2_ELANTECH is not set -# CONFIG_MOUSE_PS2_FOCALTECH is not set -# CONFIG_MOUSE_PS2_LIFEBOOK is not set -# CONFIG_MOUSE_PS2_LOGIPS2PP is not set -# CONFIG_MOUSE_PS2_SENTELIC is not set -# CONFIG_MOUSE_PS2_SYNAPTICS is not set -# CONFIG_MOUSE_PS2_SYNAPTICS_SMBUS is not set -# CONFIG_MOUSE_PS2_TOUCHKIT is not set -# CONFIG_MOUSE_PS2_TRACKPOINT is not set -# CONFIG_MOUSE_PS2_VMMOUSE is not set - -# Disable unnecessary framebuffer/drm drivers -# CONFIG_DRM_BOCHS is not set -# CONFIG_SYSFB_SIMPLEFB is not set - -# With 6.1 some of the functionalities used by the nvidia driver have moved behind -# some extra config options CONFIG_DRM_KMS_HELPER and CONFIG_DRM_DISPLAY_HELPER. -# These config options can not be selected individually, but are selected by certain -# drivers. Enable the SIMPLEDRM driver, which is a minimal drm driver enabling -# those helpers for platform provided framebuffers. -CONFIG_DRM_SIMPLEDRM=m - -# =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= - -# Enable various network vendors for bare metal usage. - -# Mellanox network support -CONFIG_NET_SWITCHDEV=y -CONFIG_NET_VENDOR_MELLANOX=y -CONFIG_MLX5_CORE=m -CONFIG_MLX5_CORE_EN=y -CONFIG_MLX5_INFINIBAND=m -CONFIG_MLXFW=m - -# AMD network support -CONFIG_NET_VENDOR_AMD=y -CONFIG_AMD_XGBE=m -# CONFIG_AMD_XGBE_DCB is not set - -# Broadcom network support -CONFIG_NET_VENDOR_BROADCOM=y -CONFIG_TIGON3_HWMON=y -CONFIG_TIGON3=m -CONFIG_BNX2X=m -CONFIG_BNX2X_SRIOV=y -CONFIG_BNXT=m - -# Chelsio network support -CONFIG_NET_VENDOR_CHELSIO=y -CONFIG_CHELSIO_T4=m -CONFIG_CHELSIO_T4VF=m -# CONFIG_CHELSIO_T4_DCB is not set -# CONFIG_CHELSIO_INLINE_CRYPTO is not set -# CONFIG_INFINIBAND_CXGB4 is not set -# CONFIG_ISCSI_TARGET_CXGB4 is not set - -# Cisco UCS network support -CONFIG_NET_VENDOR_CISCO=y -CONFIG_ENIC=m -CONFIG_INFINIBAND_USNIC=m - -# Emulex network support -CONFIG_NET_VENDOR_EMULEX=y -CONFIG_BE2NET=m -CONFIG_BE2NET_BE2=y -CONFIG_BE2NET_BE3=y -CONFIG_BE2NET_LANCER=y -CONFIG_BE2NET_SKYHAWK=y -CONFIG_BE2NET_HWMON=y - -# Huawei network support -CONFIG_NET_VENDOR_HUAWEI=y -CONFIG_HINIC=m - -# Intel network support -CONFIG_NET_VENDOR_INTEL=y -CONFIG_E1000=m -CONFIG_E1000E=m -CONFIG_E1000E_HWTS=y -CONFIG_IGB=m -CONFIG_IGB_HWMON=y -CONFIG_IGBVF=m - -# Intel 10G network support -CONFIG_I40E=m -# CONFIG_I40E_DCB is not set -CONFIG_ICE=m -# CONFIG_ICE_HWTS is not set -# CONFIG_ICE_SWITCHDEV is not set -# CONFIG_INFINIBAND_IRDMA is not set -CONFIG_PLDMFW=y -CONFIG_IXGB=m -CONFIG_IXGBE=m -CONFIG_IXGBE_HWMON=y -CONFIG_IXGBE_DCB=y -CONFIG_IXGBEVF=m -CONFIG_FM10K=m - -# Myricom network support -CONFIG_NET_VENDOR_MYRI=y -CONFIG_MYRI10GE=m -CONFIG_MYRI10GE_DCA=y - -# Pensando network support -CONFIG_NET_VENDOR_PENSANDO=y -CONFIG_IONIC=m - -# Solarflare network support -CONFIG_NET_VENDOR_SOLARFLARE=y -CONFIG_SFC=m -CONFIG_SFC_SRIOV=y -# CONFIG_SFC_MCDI_LOGGING is not set -CONFIG_SFC_MCDI_MON=y -CONFIG_SFC_FALCON=m - -# QLogic network support -CONFIG_NET_VENDOR_QLOGIC=y -CONFIG_QED=m -CONFIG_QED_SRIOV=y -CONFIG_QEDE=m -# CONFIG_INFINIBAND_QEDR is not set -# CONFIG_QEDF is not set -# CONFIG_QEDI is not set -# CONFIG_QLA3XXX is not set -CONFIG_QLCNIC=m -CONFIG_QLCNIC_SRIOV=y -# CONFIG_QLCNIC_DCB is not set -# CONFIG_QLCNIC_HWMON is not set -# CONFIG_NETXEN_NIC is not set - -# Cisco UCS HBA support -CONFIG_FCOE_FNIC=m -CONFIG_SCSI_SNIC=m diff --git a/packages/kernel-6.1/fipsmodules-aarch64 b/packages/kernel-6.1/fipsmodules-aarch64 deleted file mode 100644 index 16831394a07..00000000000 --- a/packages/kernel-6.1/fipsmodules-aarch64 +++ /dev/null @@ -1,52 +0,0 @@ -sha1 -sha224 -sha256 -sha384 -sha512 -sha3-224 -sha3-256 -sha3-384 -sha3-512 -crc32c -crct10dif -ghash -xxhash64 -ghash-ce -sha1-ce -sha2-ce -sha256-arm64 -sha3-ce -sha512-arm64 -sha512-ce -cipher_null -des3_ede -aes -cfb -dh -ecdh -aes-arm64 -aes-ce-blk -aes-ce-ccm -aes-ce-cipher -aes-neon-blk -aes-neon-bs -ecb -cbc -ctr -xts -gcm -ccm -authenc -hmac -cmac -ofb -cts -lzo -essiv -seqiv -drbg -aead -cryptomgr -tcrypt -crypto_user -rsa diff --git a/packages/kernel-6.1/fipsmodules-x86_64 b/packages/kernel-6.1/fipsmodules-x86_64 deleted file mode 100644 index a674fe5726c..00000000000 --- a/packages/kernel-6.1/fipsmodules-x86_64 +++ /dev/null @@ -1,44 +0,0 @@ -sha1 -sha224 -sha256 -sha384 -sha512 -sha3-224 -sha3-256 -sha3-384 -sha3-512 -crc32c -crct10dif -ghash -xxhash64 -ghash_clmulni_intel -sha1-ssse3 -sha256-ssse3 -sha512-ssse3 -cipher_null -des3_ede -aes -cfb -dh -ecdh -aesni-intel -ecb -cbc -ctr -xts -gcm -ccm -authenc -hmac -cmac -ofb -cts -lzo -essiv -seqiv -drbg -aead -cryptomgr -tcrypt -crypto_user -rsa diff --git a/packages/kernel-6.1/kernel-6.1.spec b/packages/kernel-6.1/kernel-6.1.spec deleted file mode 100644 index ce68c408b9a..00000000000 --- a/packages/kernel-6.1/kernel-6.1.spec +++ /dev/null @@ -1,1345 +0,0 @@ -%global debug_package %{nil} - -Name: %{_cross_os}kernel-6.1 -Version: 6.1.92 -Release: 1%{?dist} -Summary: The Linux kernel -License: GPL-2.0 WITH Linux-syscall-note -URL: https://www.kernel.org/ -# Use latest-srpm-url.sh to get this. -Source0: https://cdn.amazonlinux.com/al2023/blobstore/56c452d9992a4b8c25e5ff09f38a1464761196c1462a341e438301b6d56bfe50/kernel-6.1.92-99.174.amzn2023.src.rpm -Source100: config-bottlerocket - -# This list of FIPS modules is extracted from /etc/fipsmodules in the initramfs -# after placing AL2023 in FIPS mode. -Source200: check-fips-modules.drop-in.conf.in -Source201: fipsmodules-x86_64 -Source202: fipsmodules-aarch64 - -# Bootconfig snippets to adjust the default kernel command line for the platform. -Source300: bootconfig-aws.conf -Source301: bootconfig-vmware.conf -Source302: bootconfig-metal.conf - -# Help out-of-tree module builds run `make prepare` automatically. -Patch1001: 1001-Makefile-add-prepare-target-for-external-modules.patch -# Expose tools/* targets for out-of-tree module builds. -Patch1002: 1002-Revert-kbuild-hide-tools-build-targets-from-external.patch -# Enable INITRAMFS_FORCE config option for our use case. -Patch1003: 1003-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch -# Increase default of sysctl net.unix.max_dgram_qlen to 512. -Patch1004: 1004-af_unix-increase-default-max_dgram_qlen-to-512.patch -# Drop AL revert of upstream patch to minimize delta. The necessary dependency -# options for nvidia are instead included through DRM_SIMPLE -Patch1005: 1005-Revert-Revert-drm-fb_helper-improve-CONFIG_FB-depend.patch - -BuildRequires: bc -BuildRequires: elfutils-devel -BuildRequires: hostname -BuildRequires: kmod -BuildRequires: openssl-devel - -# CPU microcode updates are included as "extra firmware" so the files don't -# need to be installed on the root filesystem. However, we want the license and -# attribution files to be available in the usual place. -%if "%{_cross_arch}" == "x86_64" -BuildRequires: %{_cross_os}microcode -Requires: %{_cross_os}microcode-licenses -%endif - -# Pull in expected modules and development files. -Requires: %{name}-modules = %{version}-%{release} -Requires: %{name}-devel = %{version}-%{release} - -# Pull in platform-dependent boot config snippets. -Requires: (%{name}-bootconfig-aws if %{_cross_os}variant-platform(aws)) -Requires: (%{name}-bootconfig-vmware if %{_cross_os}variant-platform(vmware)) -Requires: (%{name}-bootconfig-metal if %{_cross_os}variant-platform(vmware)) - -# Pull in platform-dependent modules. -Requires: (%{name}-modules-metal if %{_cross_os}variant-platform(metal)) - -# Pull in FIPS-related files if needed. -Requires: (%{name}-fips if %{_cross_os}image-feature(fips)) - -%global _cross_ksrcdir %{_cross_usrsrc}/kernels -%global _cross_kmoddir %{_cross_libdir}/modules/%{version} - -%description -%{summary}. - -%package devel -Summary: Configured Linux kernel source for module building - -%description devel -%{summary}. - -%package archive -Summary: Archived Linux kernel source for module building - -%description archive -%{summary}. - -%package bootconfig-aws -Summary: Boot config snippet for the Linux kernel on AWS - -%description bootconfig-aws -%{summary}. - -%package bootconfig-vmware -Summary: Boot config snippet for the Linux kernel on VMware - -%description bootconfig-vmware -%{summary}. - -%package bootconfig-metal -Summary: Boot config snippet for the Linux kernel on bare metal - -%description bootconfig-metal -%{summary}. - -%package modules -Summary: Modules for the Linux kernel - -%description modules -%{summary}. - -%package modules-metal -Summary: Modules for the Linux kernel on bare metal - -%description modules-metal -%{summary}. - -%package headers -Summary: Header files for the Linux kernel for use by glibc - -%description headers -%{summary}. - -%package fips -Summary: FIPS related configuration for the Linux kernel -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: %{_cross_os}image-feature(no-fips) - -%description fips -%{summary}. - -%prep -rpm2cpio %{SOURCE0} | cpio -iu linux-%{version}.tar config-%{_cross_arch} "*.patch" -tar -xof linux-%{version}.tar; rm linux-%{version}.tar -%setup -TDn linux-%{version} -# Patches from the Source0 SRPM -for patch in ../*.patch; do - patch -p1 <"$patch" -done -# Patches listed in this spec (Patch0001...) -%autopatch -p1 - -%if "%{_cross_arch}" == "x86_64" -microcode="$(find %{_cross_libdir}/firmware -type f -path '*/*-ucode/*' -printf '%%P ')" -cat < ../config-microcode -CONFIG_EXTRA_FIRMWARE="${microcode}" -CONFIG_EXTRA_FIRMWARE_DIR="%{_cross_libdir}/firmware" -EOF -%endif - -export ARCH="%{_cross_karch}" -export CROSS_COMPILE="%{_cross_target}-" - -KCONFIG_CONFIG="arch/%{_cross_karch}/configs/%{_cross_vendor}_defconfig" \ -scripts/kconfig/merge_config.sh \ - ../config-%{_cross_arch} \ -%if "%{_cross_arch}" == "x86_64" - ../config-microcode \ -%endif - %{SOURCE100} - -rm -f ../config-* ../*.patch - -%global kmake \ -make -s\\\ - ARCH="%{_cross_karch}"\\\ - CROSS_COMPILE="%{_cross_target}-"\\\ - INSTALL_HDR_PATH="%{buildroot}%{_cross_prefix}"\\\ - INSTALL_MOD_PATH="%{buildroot}%{_cross_prefix}"\\\ - INSTALL_MOD_STRIP=1\\\ -%{nil} - -%build -%kmake mrproper -%kmake %{_cross_vendor}_defconfig -%kmake %{?_smp_mflags} %{_cross_kimage} -%kmake %{?_smp_mflags} modules - -%install -%kmake %{?_smp_mflags} headers_install -%kmake %{?_smp_mflags} modules_install - -install -d %{buildroot}/boot -install -T -m 0755 arch/%{_cross_karch}/boot/%{_cross_kimage} %{buildroot}/boot/vmlinuz -install -m 0644 .config %{buildroot}/boot/config - -find %{buildroot}%{_cross_prefix} \ - \( -name .install -o -name .check -o \ - -name ..install.cmd -o -name ..check.cmd \) -delete - -# For out-of-tree kmod builds, we need to support the following targets: -# make scripts -> make prepare -> make modules -# -# This requires enough of the kernel tree to build host programs under the -# "scripts" and "tools" directories. - -# Any existing ELF objects will not work properly if we're cross-compiling for -# a different architecture, so get rid of them to avoid confusing errors. -find arch scripts tools -type f -executable \ - -exec sh -c "head -c4 {} | grep -q ELF && rm {}" \; - -# We don't need to include these files. -find -type f \( -name \*.cmd -o -name \*.gitignore \) -delete - -# Avoid an OpenSSL dependency by stubbing out options for module signing and -# trusted keyrings, so `sign-file` and `extract-cert` won't be built. External -# kernel modules do not have access to the keys they would need to make use of -# these tools. -sed -i \ - -e 's,$(CONFIG_MODULE_SIG_FORMAT),n,g' \ - -e 's,$(CONFIG_SYSTEM_TRUSTED_KEYRING),n,g' \ - scripts/Makefile - -# Restrict permissions on System.map. -chmod 600 System.map - -( - find * \ - -type f \ - \( -name Build\* -o -name Kbuild\* -o -name Kconfig\* -o -name Makefile\* \) \ - -print - - find arch/%{_cross_karch}/ \ - -type f \ - \( -name module.lds -o -name vmlinux.lds.S -o -name Platform -o -name \*.tbl \) \ - -print - - find arch/%{_cross_karch}/{include,lib}/ -type f ! -name \*.o ! -name \*.o.d -print - echo arch/%{_cross_karch}/kernel/asm-offsets.s - echo lib/vdso/gettimeofday.c - - for d in \ - arch/%{_cross_karch}/tools \ - arch/%{_cross_karch}/kernel/vdso ; do - [ -d "${d}" ] && find "${d}/" -type f -print - done - - find include -type f -print - find scripts -type f ! -name \*.l ! -name \*.y ! -name \*.o -print - - find tools/{arch/%{_cross_karch},include,objtool,scripts}/ -type f ! -name \*.o -print - echo tools/build/fixdep.c - find tools/lib/subcmd -type f -print - find tools/lib/{ctype,hweight,rbtree,string,str_error_r}.c - - echo kernel/bounds.c - echo kernel/time/timeconst.bc - echo security/selinux/include/classmap.h - echo security/selinux/include/initial_sid_to_string.h - echo security/selinux/include/policycap.h - echo security/selinux/include/policycap_names.h - - echo .config - echo Module.symvers - echo System.map -) | sort -u > kernel_devel_files - -# Create squashfs of kernel-devel files (ie. /usr/src/kernels/). -# -# -no-exports: -# The filesystem does not need to be exported via NFS. -# -# -all-root: -# Make all files owned by root rather than the build user. -# -# -comp zstd: -# zstd offers compression ratios like xz and decompression speeds like lz4. -SQUASHFS_OPTS="-no-exports -all-root -comp zstd" -mkdir -p src_squashfs/%{version} -tar c -T kernel_devel_files | tar x -C src_squashfs/%{version} -mksquashfs src_squashfs kernel-devel.squashfs ${SQUASHFS_OPTS} - -# Create a tarball of the same files, for use outside the running system. -# In theory we could extract these files with `unsquashfs`, but we do not want -# to require it to be installed on the build host, and it errors out when run -# inside Docker unless the limit for open files is lowered. -tar cf kernel-devel.tar src_squashfs/%{version} --transform='s|src_squashfs/%{version}|kernel-devel|' -xz -T0 kernel-devel.tar - -install -D kernel-devel.squashfs %{buildroot}%{_cross_datadir}/bottlerocket/kernel-devel.squashfs -install -D kernel-devel.tar.xz %{buildroot}%{_cross_datadir}/bottlerocket/kernel-devel.tar.xz -install -d %{buildroot}%{_cross_ksrcdir} - -# Replace the incorrect links from modules_install. These will be bound -# into a host container (and unused in the host) so they must not point -# to %{_cross_usrsrc} (eg. /x86_64-bottlerocket-linux-gnu/sys-root/...) -rm -f %{buildroot}%{_cross_kmoddir}/build %{buildroot}%{_cross_kmoddir}/source -ln -sf %{_usrsrc}/kernels/%{version} %{buildroot}%{_cross_kmoddir}/build -ln -sf %{_usrsrc}/kernels/%{version} %{buildroot}%{_cross_kmoddir}/source - -# Install a copy of System.map so that module dependencies can be regenerated. -install -p -m 0600 System.map %{buildroot}%{_cross_kmoddir} - -# Ensure that each required FIPS module is loaded as a dependency of the -# check-fips-module.service. The list of FIPS modules is different across -# kernels but the check is consistent: it loads the "tcrypt" module after -# the other modules are loaded. -mkdir -p %{buildroot}%{_cross_unitdir}/check-fips-modules.service.d -i=0 -for fipsmod in $(cat %{_sourcedir}/fipsmodules-%{_cross_arch}) ; do - [ "${fipsmod}" == "tcrypt" ] && continue - drop_in="$(printf "%03d\n" "${i}")-${fipsmod}.conf" - sed -e "s|__FIPS_MODULE__|${fipsmod}|g" %{S:200} \ - > %{buildroot}%{_cross_unitdir}/check-fips-modules.service.d/"${drop_in}" - (( i+=1 )) -done - -# Install platform-specific bootconfig snippets. -install -d %{buildroot}%{_cross_bootconfigdir} -install -p -m 0644 %{S:300} %{buildroot}%{_cross_bootconfigdir}/05-aws.conf -install -p -m 0644 %{S:301} %{buildroot}%{_cross_bootconfigdir}/05-vmware.conf -install -p -m 0644 %{S:302} %{buildroot}%{_cross_bootconfigdir}/05-metal.conf - -%files -%license COPYING LICENSES/preferred/GPL-2.0 LICENSES/exceptions/Linux-syscall-note -%{_cross_attribution_file} -/boot/vmlinuz -/boot/config - -%files headers -%dir %{_cross_includedir}/asm -%dir %{_cross_includedir}/asm-generic -%dir %{_cross_includedir}/drm -%dir %{_cross_includedir}/linux -%dir %{_cross_includedir}/misc -%dir %{_cross_includedir}/mtd -%dir %{_cross_includedir}/rdma -%dir %{_cross_includedir}/scsi -%dir %{_cross_includedir}/sound -%dir %{_cross_includedir}/video -%dir %{_cross_includedir}/xen -%{_cross_includedir}/asm/* -%{_cross_includedir}/asm-generic/* -%{_cross_includedir}/drm/* -%{_cross_includedir}/linux/* -%{_cross_includedir}/misc/* -%{_cross_includedir}/mtd/* -%{_cross_includedir}/rdma/* -%{_cross_includedir}/scsi/* -%{_cross_includedir}/sound/* -%{_cross_includedir}/video/* -%{_cross_includedir}/xen/* - -%files devel -%dir %{_cross_ksrcdir} -%{_cross_datadir}/bottlerocket/kernel-devel.squashfs -%{_cross_kmoddir}/source -%{_cross_kmoddir}/build - -%files archive -%{_cross_datadir}/bottlerocket/kernel-devel.tar.xz - -%files fips -%{_cross_unitdir}/check-fips-modules.service.d/*.conf - -%files bootconfig-aws -%{_cross_bootconfigdir}/05-aws.conf - -%files bootconfig-vmware -%{_cross_bootconfigdir}/05-vmware.conf - -%files bootconfig-metal -%{_cross_bootconfigdir}/05-metal.conf - -%files modules -%dir %{_cross_libdir}/modules -%dir %{_cross_kmoddir} -%{_cross_kmoddir}/modules.alias -%{_cross_kmoddir}/modules.alias.bin -%{_cross_kmoddir}/modules.builtin -%{_cross_kmoddir}/modules.builtin.alias.bin -%{_cross_kmoddir}/modules.builtin.bin -%{_cross_kmoddir}/modules.builtin.modinfo -%{_cross_kmoddir}/modules.dep -%{_cross_kmoddir}/modules.dep.bin -%{_cross_kmoddir}/modules.devname -%{_cross_kmoddir}/modules.order -%{_cross_kmoddir}/modules.softdep -%{_cross_kmoddir}/modules.symbols -%{_cross_kmoddir}/modules.symbols.bin -%{_cross_kmoddir}/System.map - -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/arch/x86/crypto/aesni-intel.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/blowfish-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/camellia-aesni-avx2.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/camellia-aesni-avx-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/camellia-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/cast5-avx-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/cast6-avx-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/chacha-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/crc32c-intel.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/crc32-pclmul.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/curve25519-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/des3_ede-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/ghash-clmulni-intel.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/poly1305-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/serpent-avx2.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/serpent-avx-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/serpent-sse2-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/twofish-avx-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/twofish-x86_64-3way.ko.* -%{_cross_kmoddir}/kernel/arch/x86/crypto/twofish-x86_64.ko.* -%{_cross_kmoddir}/kernel/arch/x86/kvm/kvm-amd.ko.* -%{_cross_kmoddir}/kernel/arch/x86/kvm/kvm-intel.ko.* -%{_cross_kmoddir}/kernel/arch/x86/kvm/kvm.ko.* -%{_cross_kmoddir}/kernel/arch/x86/platform/intel/iosf_mbi.ko.* -%endif -%if "%{_cross_arch}" == "aarch64" -%{_cross_kmoddir}/kernel/arch/arm64/crypto/aes-arm64.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/aes-ce-blk.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/aes-ce-ccm.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/aes-ce-cipher.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/aes-neon-blk.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/aes-neon-bs.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/chacha-neon.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/ghash-ce.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/poly1305-neon.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/sha1-ce.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/sha256-arm64.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/sha2-ce.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/sha3-ce.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/sha512-arm64.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/sha512-ce.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/sm3-ce.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/crypto/sm4-ce-cipher.ko.* -%{_cross_kmoddir}/kernel/arch/arm64/lib/xor-neon.ko.* -%endif -%{_cross_kmoddir}/kernel/crypto/af_alg.ko.* -%{_cross_kmoddir}/kernel/crypto/algif_aead.ko.* -%{_cross_kmoddir}/kernel/crypto/algif_hash.ko.* -%{_cross_kmoddir}/kernel/crypto/algif_rng.ko.* -%{_cross_kmoddir}/kernel/crypto/algif_skcipher.ko.* -%{_cross_kmoddir}/kernel/crypto/ansi_cprng.ko.* -%{_cross_kmoddir}/kernel/crypto/anubis.ko.* -%{_cross_kmoddir}/kernel/crypto/arc4.ko.* -%{_cross_kmoddir}/kernel/crypto/asymmetric_keys/pkcs7_test_key.ko.* -%{_cross_kmoddir}/kernel/crypto/async_tx/async_memcpy.ko.* -%{_cross_kmoddir}/kernel/crypto/async_tx/async_pq.ko.* -%{_cross_kmoddir}/kernel/crypto/async_tx/async_raid6_recov.ko.* -%{_cross_kmoddir}/kernel/crypto/async_tx/async_tx.ko.* -%{_cross_kmoddir}/kernel/crypto/async_tx/async_xor.ko.* -%{_cross_kmoddir}/kernel/crypto/authencesn.ko.* -%{_cross_kmoddir}/kernel/crypto/authenc.ko.* -%{_cross_kmoddir}/kernel/crypto/blake2b_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/blowfish_common.ko.* -%{_cross_kmoddir}/kernel/crypto/blowfish_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/camellia_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/cast5_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/cast6_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/cast_common.ko.* -%{_cross_kmoddir}/kernel/crypto/cbc.ko.* -%{_cross_kmoddir}/kernel/crypto/ccm.ko.* -%{_cross_kmoddir}/kernel/crypto/cfb.ko.* -%{_cross_kmoddir}/kernel/crypto/chacha20poly1305.ko.* -%{_cross_kmoddir}/kernel/crypto/chacha_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/cmac.ko.* -%{_cross_kmoddir}/kernel/crypto/crc32_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/cryptd.ko.* -%{_cross_kmoddir}/kernel/crypto/crypto_user.ko.* -%{_cross_kmoddir}/kernel/crypto/cts.ko.* -%{_cross_kmoddir}/kernel/crypto/des_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/ecb.ko.* -%{_cross_kmoddir}/kernel/crypto/echainiv.ko.* -%{_cross_kmoddir}/kernel/crypto/essiv.ko.* -%{_cross_kmoddir}/kernel/crypto/fcrypt.ko.* -%{_cross_kmoddir}/kernel/crypto/gcm.ko.* -%{_cross_kmoddir}/kernel/crypto/keywrap.ko.* -%{_cross_kmoddir}/kernel/crypto/khazad.ko.* -%{_cross_kmoddir}/kernel/crypto/lrw.ko.* -%{_cross_kmoddir}/kernel/crypto/lz4hc.ko.* -%{_cross_kmoddir}/kernel/crypto/lz4.ko.* -%{_cross_kmoddir}/kernel/crypto/md4.ko.* -%{_cross_kmoddir}/kernel/crypto/michael_mic.ko.* -%{_cross_kmoddir}/kernel/crypto/ofb.ko.* -%{_cross_kmoddir}/kernel/crypto/pcbc.ko.* -%{_cross_kmoddir}/kernel/crypto/pcrypt.ko.* -%{_cross_kmoddir}/kernel/crypto/poly1305_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/rmd160.ko.* -%{_cross_kmoddir}/kernel/crypto/seed.ko.* -%{_cross_kmoddir}/kernel/crypto/serpent_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/tcrypt.ko.* -%{_cross_kmoddir}/kernel/crypto/tea.ko.* -%{_cross_kmoddir}/kernel/crypto/twofish_common.ko.* -%{_cross_kmoddir}/kernel/crypto/twofish_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/vmac.ko.* -%{_cross_kmoddir}/kernel/crypto/wp512.ko.* -%{_cross_kmoddir}/kernel/crypto/xcbc.ko.* -%{_cross_kmoddir}/kernel/crypto/xor.ko.* -%{_cross_kmoddir}/kernel/crypto/xts.ko.* -%{_cross_kmoddir}/kernel/crypto/xxhash_generic.ko.* -%{_cross_kmoddir}/kernel/crypto/zstd.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/crypto/crypto_simd.ko.* -%endif -%if "%{_cross_arch}" == "aarch64" -%{_cross_kmoddir}/kernel/crypto/sm3.ko.* -%{_cross_kmoddir}/kernel/crypto/sm4.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/acpi/ac.ko.* -%{_cross_kmoddir}/kernel/drivers/acpi/button.ko.* -%{_cross_kmoddir}/kernel/drivers/acpi/thermal.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/acpi/acpi_extlog.ko.* -%{_cross_kmoddir}/kernel/drivers/acpi/acpi_pad.ko.* -%{_cross_kmoddir}/kernel/drivers/acpi/video.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/amazon/net/efa/efa.ko.* -%{_cross_kmoddir}/kernel/drivers/amazon/net/ena/ena.ko.* -%if "%{_cross_arch}" == "aarch64" -%{_cross_kmoddir}/kernel/drivers/ata/ahci_platform.ko.* -%{_cross_kmoddir}/kernel/drivers/ata/libahci_platform.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/block/brd.ko.* -%{_cross_kmoddir}/kernel/drivers/block/drbd/drbd.ko.* -%{_cross_kmoddir}/kernel/drivers/block/loop.ko.* -%{_cross_kmoddir}/kernel/drivers/block/nbd.ko.* -%{_cross_kmoddir}/kernel/drivers/block/null_blk/null_blk.ko.* -%{_cross_kmoddir}/kernel/drivers/block/pktcdvd.ko.* -%{_cross_kmoddir}/kernel/drivers/block/rbd.ko.* -%{_cross_kmoddir}/kernel/drivers/block/zram/zram.ko.* -%{_cross_kmoddir}/kernel/drivers/cdrom/cdrom.ko.* -%{_cross_kmoddir}/kernel/drivers/char/ipmi/ipmi_msghandler.ko.* -%{_cross_kmoddir}/kernel/drivers/char/virtio_console.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/char/agp/intel-gtt.ko.* -%{_cross_kmoddir}/kernel/drivers/char/hangcheck-timer.ko.* -%{_cross_kmoddir}/kernel/drivers/char/nvram.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/char/hw_random/rng-core.ko.* -%{_cross_kmoddir}/kernel/drivers/char/hw_random/virtio-rng.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/char/hw_random/amd-rng.ko.* -%{_cross_kmoddir}/kernel/drivers/char/hw_random/intel-rng.ko.* -%endif -%if "%{_cross_arch}" == "aarch64" -%{_cross_kmoddir}/kernel/drivers/char/hw_random/arm_smccc_trng.ko.* -%{_cross_kmoddir}/kernel/drivers/char/hw_random/cn10k-rng.ko.* -%{_cross_kmoddir}/kernel/drivers/char/hw_random/graviton-rng.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/cpufreq/cpufreq_conservative.ko.* -%{_cross_kmoddir}/kernel/drivers/cpufreq/cpufreq_ondemand.ko.* -%{_cross_kmoddir}/kernel/drivers/cpufreq/cpufreq_powersave.ko.* -%{_cross_kmoddir}/kernel/drivers/cpufreq/cpufreq_userspace.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/cpufreq/acpi-cpufreq.ko.* -%{_cross_kmoddir}/kernel/drivers/cpufreq/pcc-cpufreq.ko.* -%{_cross_kmoddir}/kernel/drivers/dca/dca.ko.* -%{_cross_kmoddir}/kernel/drivers/dma/ioat/ioatdma.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/amd64_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/e752x_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/i3000_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/i3200_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/i5000_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/i5100_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/i5400_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/i7300_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/i7core_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/i82975x_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/ie31200_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/pnd2_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/sb_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/skx_edac.ko.* -%{_cross_kmoddir}/kernel/drivers/edac/x38_edac.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/firmware/dmi-sysfs.ko.* -%if "%{_cross_arch}" == "aarch64" -%{_cross_kmoddir}/kernel/drivers/firmware/arm_scpi.ko.* -%{_cross_kmoddir}/kernel/drivers/firmware/scpi_pm_domain.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/gpu/drm/drm_kms_helper.ko.* -%{_cross_kmoddir}/kernel/drivers/gpu/drm/drm.ko.* -%{_cross_kmoddir}/kernel/drivers/gpu/drm/drm_shmem_helper.ko.* -%{_cross_kmoddir}/kernel/drivers/gpu/drm/tiny/simpledrm.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/gpu/drm/drm_buddy.ko.* -%{_cross_kmoddir}/kernel/drivers/gpu/drm/display/drm_display_helper.ko.* -%{_cross_kmoddir}/kernel/drivers/gpu/drm/i915/i915.ko.* -%{_cross_kmoddir}/kernel/drivers/gpu/drm/ttm/ttm.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/hid/hid-generic.ko.* -%{_cross_kmoddir}/kernel/drivers/hid/hid-multitouch.ko.* -%{_cross_kmoddir}/kernel/drivers/hid/uhid.ko.* -%{_cross_kmoddir}/kernel/drivers/hid/usbhid/usbhid.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/hid/hid-hyperv.ko.* -%{_cross_kmoddir}/kernel/drivers/hv/hv_balloon.ko.* -%{_cross_kmoddir}/kernel/drivers/hv/hv_utils.ko.* -%{_cross_kmoddir}/kernel/drivers/hv/hv_vmbus.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/hwmon/acpi_power_meter.ko.* -%{_cross_kmoddir}/kernel/drivers/hwmon/hwmon.ko.* -%{_cross_kmoddir}/kernel/drivers/i2c/algos/i2c-algo-bit.ko.* -%{_cross_kmoddir}/kernel/drivers/i2c/i2c-core.ko.* -%{_cross_kmoddir}/kernel/drivers/infiniband/core/ib_cm.ko.* -%{_cross_kmoddir}/kernel/drivers/infiniband/core/ib_core.ko.* -%{_cross_kmoddir}/kernel/drivers/infiniband/core/ib_uverbs.ko.* -%{_cross_kmoddir}/kernel/drivers/infiniband/core/iw_cm.ko.* -%{_cross_kmoddir}/kernel/drivers/infiniband/core/rdma_cm.ko.* -%{_cross_kmoddir}/kernel/drivers/infiniband/core/rdma_ucm.ko.* -%{_cross_kmoddir}/kernel/drivers/infiniband/hw/mlx5/mlx5_ib.ko.* -%{_cross_kmoddir}/kernel/drivers/input/misc/uinput.ko.* -%{_cross_kmoddir}/kernel/drivers/input/mousedev.ko.* -%{_cross_kmoddir}/kernel/drivers/input/keyboard/atkbd.ko.* -%{_cross_kmoddir}/kernel/drivers/input/mouse/psmouse.ko.* -%{_cross_kmoddir}/kernel/drivers/input/serio/libps2.ko.* -%{_cross_kmoddir}/kernel/drivers/input/serio/serio.ko.* -%{_cross_kmoddir}/kernel/drivers/input/serio/serport.ko.* -%{_cross_kmoddir}/kernel/drivers/input/sparse-keymap.ko.* -%{_cross_kmoddir}/kernel/drivers/input/vivaldi-fmap.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/input/serio/hyperv-keyboard.ko.* -%{_cross_kmoddir}/kernel/drivers/input/serio/i8042.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/iommu/virtio-iommu.ko.* -%if "%{_cross_arch}" == "aarch64" -%{_cross_kmoddir}/kernel/drivers/mailbox/arm_mhu_db.ko.* -%{_cross_kmoddir}/kernel/drivers/mailbox/arm_mhu.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/md/bcache/bcache.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-bio-prison.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-cache.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-cache-smq.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-crypt.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-delay.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-dust.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-flakey.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-integrity.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-log.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-log-userspace.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-log-writes.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-mirror.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-multipath.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-queue-length.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-raid.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-region-hash.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-round-robin.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-service-time.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-snapshot.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-thin-pool.ko.* -%{_cross_kmoddir}/kernel/drivers/md/dm-zero.ko.* -%{_cross_kmoddir}/kernel/drivers/md/faulty.ko.* -%{_cross_kmoddir}/kernel/drivers/md/linear.ko.* -%{_cross_kmoddir}/kernel/drivers/md/persistent-data/dm-persistent-data.ko.* -%{_cross_kmoddir}/kernel/drivers/md/raid0.ko.* -%{_cross_kmoddir}/kernel/drivers/md/raid10.ko.* -%{_cross_kmoddir}/kernel/drivers/md/raid1.ko.* -%{_cross_kmoddir}/kernel/drivers/md/raid456.ko.* -%{_cross_kmoddir}/kernel/drivers/mfd/lpc_ich.ko.* -%{_cross_kmoddir}/kernel/drivers/mfd/lpc_sch.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/mfd/mfd-core.ko.* -%{_cross_kmoddir}/kernel/drivers/misc/vmw_balloon.ko.* -%{_cross_kmoddir}/kernel/drivers/misc/vmw_vmci/vmw_vmci.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/net/bonding/bonding.ko.* -%{_cross_kmoddir}/kernel/drivers/net/dummy.ko.* -%{_cross_kmoddir}/kernel/drivers/net/ethernet/intel/e1000/e1000.ko.* -%{_cross_kmoddir}/kernel/drivers/net/ethernet/intel/e1000e/e1000e.ko.* -%{_cross_kmoddir}/kernel/drivers/net/ethernet/intel/igb/igb.ko.* -%{_cross_kmoddir}/kernel/drivers/net/ethernet/intel/ixgbevf/ixgbevf.ko.* -%{_cross_kmoddir}/kernel/drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko.* -%{_cross_kmoddir}/kernel/drivers/net/ethernet/mellanox/mlxfw/mlxfw.ko.* -%{_cross_kmoddir}/kernel/drivers/net/geneve.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/net/hyperv/hv_netvsc.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/net/ifb.ko.* -%{_cross_kmoddir}/kernel/drivers/net/ipvlan/ipvlan.ko.* -%{_cross_kmoddir}/kernel/drivers/net/ipvlan/ipvtap.ko.* -%{_cross_kmoddir}/kernel/drivers/net/macvlan.ko.* -%{_cross_kmoddir}/kernel/drivers/net/macvtap.ko.* -%{_cross_kmoddir}/kernel/drivers/net/mdio/acpi_mdio.ko.* -%{_cross_kmoddir}/kernel/drivers/net/mdio/fwnode_mdio.ko.* -%{_cross_kmoddir}/kernel/drivers/net/netdevsim/netdevsim.ko.* -%{_cross_kmoddir}/kernel/drivers/net/net_failover.ko.* -%{_cross_kmoddir}/kernel/drivers/net/nlmon.ko.* -%{_cross_kmoddir}/kernel/drivers/net/phy/fixed_phy.ko.* -%{_cross_kmoddir}/kernel/drivers/net/phy/libphy.ko.* -%{_cross_kmoddir}/kernel/drivers/net/phy/mdio_devres.ko.* -%{_cross_kmoddir}/kernel/drivers/net/tap.ko.* -%{_cross_kmoddir}/kernel/drivers/net/team/team.ko.* -%{_cross_kmoddir}/kernel/drivers/net/team/team_mode_activebackup.ko.* -%{_cross_kmoddir}/kernel/drivers/net/team/team_mode_broadcast.ko.* -%{_cross_kmoddir}/kernel/drivers/net/team/team_mode_loadbalance.ko.* -%{_cross_kmoddir}/kernel/drivers/net/team/team_mode_roundrobin.ko.* -%{_cross_kmoddir}/kernel/drivers/net/tun.ko.* -%{_cross_kmoddir}/kernel/drivers/net/veth.ko.* -%{_cross_kmoddir}/kernel/drivers/net/virtio_net.ko.* -%{_cross_kmoddir}/kernel/drivers/net/vmxnet3/vmxnet3.ko.* -%{_cross_kmoddir}/kernel/drivers/net/vrf.ko.* -%{_cross_kmoddir}/kernel/drivers/net/vxlan/vxlan.ko.* -%{_cross_kmoddir}/kernel/drivers/net/wireguard/wireguard.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/net/xen-netback/xen-netback.ko.* -%endif -%if "%{_cross_arch}" == "aarch64" -%{_cross_kmoddir}/kernel/drivers/net/mdio/of_mdio.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/nvme/host/nvme-fabrics.ko.* -%{_cross_kmoddir}/kernel/drivers/nvme/host/nvme-tcp.ko.* -%{_cross_kmoddir}/kernel/drivers/pci/hotplug/acpiphp_ibm.ko.* -%{_cross_kmoddir}/kernel/drivers/pci/pci-stub.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/pci/hotplug/cpcihp_generic.ko.* -%{_cross_kmoddir}/kernel/drivers/platform/x86/wmi-bmof.ko.* -%{_cross_kmoddir}/kernel/drivers/platform/x86/wmi.ko.* -%endif -%if "%{_cross_arch}" == "aarch64" -%{_cross_kmoddir}/kernel/drivers/perf/arm-cmn.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/pps/clients/pps-gpio.ko.* -%{_cross_kmoddir}/kernel/drivers/pps/clients/pps-ldisc.ko.* -%{_cross_kmoddir}/kernel/drivers/pps/pps_core.ko.* -%{_cross_kmoddir}/kernel/drivers/ptp/ptp.ko.* -%{_cross_kmoddir}/kernel/drivers/ptp/ptp_kvm.ko.* -%{_cross_kmoddir}/kernel/drivers/scsi/ch.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/scsi/hv_storvsc.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/scsi/iscsi_boot_sysfs.ko.* -%{_cross_kmoddir}/kernel/drivers/scsi/iscsi_tcp.ko.* -%{_cross_kmoddir}/kernel/drivers/scsi/libiscsi.ko.* -%{_cross_kmoddir}/kernel/drivers/scsi/libiscsi_tcp.ko.* -%{_cross_kmoddir}/kernel/drivers/scsi/scsi_transport_iscsi.ko.* -%{_cross_kmoddir}/kernel/drivers/scsi/sg.ko.* -%{_cross_kmoddir}/kernel/drivers/scsi/sr_mod.ko.* -%{_cross_kmoddir}/kernel/drivers/scsi/st.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/scsi/vmw_pvscsi.ko.* -%{_cross_kmoddir}/kernel/drivers/scsi/xen-scsifront.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/libcfs/libcfs/libcfs.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lnet/klnds/o2iblnd/ko2iblnd.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lnet/klnds/socklnd/ksocklnd.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lnet/lnet/lnet.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lnet/selftest/lnet_selftest.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/fid/fid.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/fld/fld.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/llite/lustre.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/lmv/lmv.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/lov/lov.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/mdc/mdc.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/mgc/mgc.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/obdclass/obdclass.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/obdecho/obdecho.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/osc/osc.ko.* -%{_cross_kmoddir}/kernel/drivers/staging/lustrefsx/lustre/ptlrpc/ptlrpc.ko.* -%{_cross_kmoddir}/kernel/drivers/target/iscsi/iscsi_target_mod.ko.* -%{_cross_kmoddir}/kernel/drivers/target/loopback/tcm_loop.ko.* -%{_cross_kmoddir}/kernel/drivers/target/target_core_file.ko.* -%{_cross_kmoddir}/kernel/drivers/target/target_core_iblock.ko.* -%{_cross_kmoddir}/kernel/drivers/target/target_core_mod.ko.* -%{_cross_kmoddir}/kernel/drivers/target/target_core_user.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/thermal/intel/x86_pkg_temp_thermal.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/tty/serial/8250/8250_exar.ko.* -%{_cross_kmoddir}/kernel/drivers/uio/uio_dmem_genirq.ko.* -%{_cross_kmoddir}/kernel/drivers/uio/uio.ko.* -%{_cross_kmoddir}/kernel/drivers/uio/uio_pci_generic.ko.* -%{_cross_kmoddir}/kernel/drivers/uio/uio_pdrv_genirq.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/uio/uio_hv_generic.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/usb/class/cdc-acm.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/common/usb-common.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/core/usbcore.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/host/ehci-hcd.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/host/ehci-pci.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/host/ehci-platform.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/host/ohci-hcd.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/host/ohci-pci.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/host/ohci-platform.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/host/uhci-hcd.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/host/xhci-hcd.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/host/xhci-pci.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/host/xhci-plat-hcd.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/mon/usbmon.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/serial/cp210x.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/serial/ftdi_sio.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/serial/usbserial.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/storage/uas.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/storage/usb-storage.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/usbip/usbip-core.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/usbip/usbip-host.ko.* -%{_cross_kmoddir}/kernel/drivers/usb/usbip/vhci-hcd.ko.* -%{_cross_kmoddir}/kernel/drivers/vfio/pci/vfio-pci-core.ko.* -%{_cross_kmoddir}/kernel/drivers/vfio/pci/vfio-pci.ko.* -%{_cross_kmoddir}/kernel/drivers/vfio/vfio_iommu_type1.ko.* -%{_cross_kmoddir}/kernel/drivers/vfio/vfio.ko.* -%{_cross_kmoddir}/kernel/drivers/vfio/vfio_virqfd.ko.* -%{_cross_kmoddir}/kernel/drivers/vhost/vhost_iotlb.ko.* -%{_cross_kmoddir}/kernel/drivers/vhost/vhost.ko.* -%{_cross_kmoddir}/kernel/drivers/vhost/vhost_net.ko.* -%{_cross_kmoddir}/kernel/drivers/vhost/vhost_vsock.ko.* -%{_cross_kmoddir}/kernel/drivers/video/backlight/backlight.ko.* -%{_cross_kmoddir}/kernel/drivers/video/backlight/lcd.ko.* -%{_cross_kmoddir}/kernel/drivers/video/fbdev/core/fb_sys_fops.ko.* -%{_cross_kmoddir}/kernel/drivers/video/fbdev/core/syscopyarea.ko.* -%{_cross_kmoddir}/kernel/drivers/video/fbdev/core/sysfillrect.ko.* -%{_cross_kmoddir}/kernel/drivers/video/fbdev/core/sysimgblt.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/virt/coco/sev-guest/sev-guest.ko.* -%{_cross_kmoddir}/kernel/drivers/virt/vboxguest/vboxguest.ko.* -%endif -%if "%{_cross_arch}" == "aarch64" -%{_cross_kmoddir}/kernel/drivers/virt/nitro_enclaves/nitro_enclaves.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/virtio/virtio_balloon.ko.* -%{_cross_kmoddir}/kernel/drivers/virtio/virtio_mmio.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/virtio/virtio_mem.ko.* -%endif -%{_cross_kmoddir}/kernel/drivers/watchdog/softdog.ko.* -%if "%{_cross_arch}" == "aarch64" -%{_cross_kmoddir}/kernel/drivers/watchdog/gpio_wdt.ko.* -%{_cross_kmoddir}/kernel/drivers/watchdog/sbsa_gwdt.ko.* -%{_cross_kmoddir}/kernel/drivers/watchdog/sp805_wdt.ko.* -%endif -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/xen/xen-evtchn.ko.* -%{_cross_kmoddir}/kernel/drivers/xen/xenfs/xenfs.ko.* -%{_cross_kmoddir}/kernel/drivers/xen/xen-gntalloc.ko.* -%{_cross_kmoddir}/kernel/drivers/xen/xen-gntdev.ko.* -%{_cross_kmoddir}/kernel/drivers/xen/xen-pciback/xen-pciback.ko.* -%{_cross_kmoddir}/kernel/drivers/xen/xen-privcmd.ko.* -%endif -%{_cross_kmoddir}/kernel/fs/binfmt_misc.ko.* -%{_cross_kmoddir}/kernel/fs/btrfs/btrfs.ko.* -%{_cross_kmoddir}/kernel/fs/cachefiles/cachefiles.ko.* -%{_cross_kmoddir}/kernel/fs/ceph/ceph.ko.* -%{_cross_kmoddir}/kernel/fs/configfs/configfs.ko.* -%{_cross_kmoddir}/kernel/fs/efivarfs/efivarfs.ko.* -%{_cross_kmoddir}/kernel/fs/exfat/exfat.ko.* -%{_cross_kmoddir}/kernel/fs/fat/fat.ko.* -%{_cross_kmoddir}/kernel/fs/fat/msdos.ko.* -%{_cross_kmoddir}/kernel/fs/fat/vfat.ko.* -%{_cross_kmoddir}/kernel/fs/fscache/fscache.ko.* -%{_cross_kmoddir}/kernel/fs/fuse/cuse.ko.* -%{_cross_kmoddir}/kernel/fs/fuse/fuse.ko.* -%{_cross_kmoddir}/kernel/fs/fuse/virtiofs.ko.* -%{_cross_kmoddir}/kernel/fs/isofs/isofs.ko.* -%{_cross_kmoddir}/kernel/fs/lockd/lockd.ko.* -%{_cross_kmoddir}/kernel/fs/netfs/netfs.ko.* -%{_cross_kmoddir}/kernel/fs/nfs/blocklayout/blocklayoutdriver.ko.* -%{_cross_kmoddir}/kernel/fs/nfs_common/grace.ko.* -%{_cross_kmoddir}/kernel/fs/nfs_common/nfs_acl.ko.* -%{_cross_kmoddir}/kernel/fs/nfsd/nfsd.ko.* -%{_cross_kmoddir}/kernel/fs/nfs/filelayout/nfs_layout_nfsv41_files.ko.* -%{_cross_kmoddir}/kernel/fs/nfs/flexfilelayout/nfs_layout_flexfiles.ko.* -%{_cross_kmoddir}/kernel/fs/nfs/nfs.ko.* -%{_cross_kmoddir}/kernel/fs/nfs/nfsv3.ko.* -%{_cross_kmoddir}/kernel/fs/nfs/nfsv4.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-celtic.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-centeuro.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-croatian.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-cyrillic.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-gaelic.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-greek.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-iceland.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-inuit.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-romanian.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-roman.ko.* -%{_cross_kmoddir}/kernel/fs/nls/mac-turkish.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_ascii.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp1250.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp1251.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp1255.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp437.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp737.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp775.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp850.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp852.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp855.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp857.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp860.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp861.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp862.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp863.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp864.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp865.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp866.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp869.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp874.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp932.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp936.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp949.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_cp950.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_euc-jp.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-13.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-14.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-15.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-1.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-2.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-3.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-4.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-5.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-6.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-7.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_iso8859-9.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_koi8-r.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_koi8-ru.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_koi8-u.ko.* -%{_cross_kmoddir}/kernel/fs/nls/nls_utf8.ko.* -%{_cross_kmoddir}/kernel/fs/overlayfs/overlay.ko.* -%{_cross_kmoddir}/kernel/fs/pstore/ramoops.ko.* -%{_cross_kmoddir}/kernel/fs/quota/quota_tree.ko.* -%{_cross_kmoddir}/kernel/fs/quota/quota_v2.ko.* -%{_cross_kmoddir}/kernel/fs/smb/client/cifs.ko.* -%{_cross_kmoddir}/kernel/fs/smb/common/cifs_arc4.ko.* -%{_cross_kmoddir}/kernel/fs/smb/common/cifs_md4.ko.* -%{_cross_kmoddir}/kernel/fs/squashfs/squashfs.ko.* -%{_cross_kmoddir}/kernel/fs/udf/udf.ko.* -%{_cross_kmoddir}/kernel/kernel/bpf/preload/bpf_preload.ko.* -%{_cross_kmoddir}/kernel/lib/asn1_encoder.ko.* -%{_cross_kmoddir}/kernel/lib/crc4.ko.* -%{_cross_kmoddir}/kernel/lib/crc7.ko.* -%{_cross_kmoddir}/kernel/lib/crc8.ko.* -%{_cross_kmoddir}/kernel/lib/crc-itu-t.ko.* -%{_cross_kmoddir}/kernel/lib/crypto/libarc4.ko.* -%{_cross_kmoddir}/kernel/lib/crypto/libchacha20poly1305.ko.* -%{_cross_kmoddir}/kernel/lib/crypto/libchacha.ko.* -%{_cross_kmoddir}/kernel/lib/crypto/libcurve25519-generic.ko.* -%{_cross_kmoddir}/kernel/lib/crypto/libcurve25519.ko.* -%{_cross_kmoddir}/kernel/lib/crypto/libdes.ko.* -%{_cross_kmoddir}/kernel/lib/crypto/libpoly1305.ko.* -%{_cross_kmoddir}/kernel/lib/lru_cache.ko.* -%{_cross_kmoddir}/kernel/lib/lz4/lz4_compress.ko.* -%{_cross_kmoddir}/kernel/lib/lz4/lz4_decompress.ko.* -%{_cross_kmoddir}/kernel/lib/lz4/lz4hc_compress.ko.* -%{_cross_kmoddir}/kernel/lib/raid6/raid6_pq.ko.* -%{_cross_kmoddir}/kernel/lib/reed_solomon/reed_solomon.ko.* -%{_cross_kmoddir}/kernel/lib/test_lockup.ko.* -%{_cross_kmoddir}/kernel/lib/ts_bm.ko.* -%{_cross_kmoddir}/kernel/lib/ts_fsm.ko.* -%{_cross_kmoddir}/kernel/lib/ts_kmp.ko.* -%{_cross_kmoddir}/kernel/lib/zstd/zstd_compress.ko.* -%{_cross_kmoddir}/kernel/mm/z3fold.ko.* -%{_cross_kmoddir}/kernel/mm/zsmalloc.ko.* -%{_cross_kmoddir}/kernel/net/8021q/8021q.ko.* -%{_cross_kmoddir}/kernel/net/802/garp.ko.* -%{_cross_kmoddir}/kernel/net/802/mrp.ko.* -%{_cross_kmoddir}/kernel/net/802/p8022.ko.* -%{_cross_kmoddir}/kernel/net/802/psnap.ko.* -%{_cross_kmoddir}/kernel/net/802/stp.ko.* -%{_cross_kmoddir}/kernel/net/bridge/bridge.ko.* -%{_cross_kmoddir}/kernel/net/bridge/br_netfilter.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_802_3.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebtable_broute.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebtable_filter.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebtable_nat.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebtables.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_among.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_arp.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_arpreply.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_dnat.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_ip6.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_ip.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_limit.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_log.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_mark.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_mark_m.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_nflog.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_pkttype.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_redirect.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_snat.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_stp.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/ebt_vlan.ko.* -%{_cross_kmoddir}/kernel/net/bridge/netfilter/nft_reject_bridge.ko.* -%{_cross_kmoddir}/kernel/net/ceph/libceph.ko.* -%{_cross_kmoddir}/kernel/net/core/failover.ko.* -%{_cross_kmoddir}/kernel/net/core/selftests.ko.* -%{_cross_kmoddir}/kernel/net/dns_resolver/dns_resolver.ko.* -%{_cross_kmoddir}/kernel/net/ife/ife.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/ah4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/esp4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/esp4_offload.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/fou.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/gre.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/inet_diag.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/ipcomp.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/ip_gre.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/ipip.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/ip_tunnel.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/ip_vti.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/arptable_filter.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/arp_tables.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/arpt_mangle.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/iptable_filter.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/iptable_mangle.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/iptable_nat.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/iptable_raw.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/iptable_security.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/ipt_ah.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/ipt_CLUSTERIP.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/ipt_ECN.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/ipt_REJECT.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/ipt_rpfilter.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/ipt_SYNPROXY.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nf_defrag_ipv4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nf_dup_ipv4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nf_nat_h323.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nf_nat_pptp.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nf_nat_snmp_basic.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nf_reject_ipv4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nf_socket_ipv4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nft_dup_ipv4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nft_fib_ipv4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nf_tproxy_ipv4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/netfilter/nft_reject_ipv4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/raw_diag.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_bbr.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_bic.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_dctcp.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_diag.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_highspeed.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_htcp.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_hybla.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_illinois.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_lp.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_scalable.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_vegas.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_veno.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_westwood.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tcp_yeah.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/tunnel4.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/udp_diag.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/udp_tunnel.ko.* -%{_cross_kmoddir}/kernel/net/ipv4/xfrm4_tunnel.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/ah6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/esp6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/esp6_offload.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/fou6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/ila/ila.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/ip6_gre.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/ip6_tunnel.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/ip6_udp_tunnel.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/ip6_vti.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/ipcomp6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/mip6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6table_filter.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6table_mangle.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6table_nat.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6table_raw.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6table_security.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_ah.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_eui64.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_frag.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_hbh.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_ipv6header.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_mh.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_REJECT.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_rpfilter.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_rt.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_srh.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/ip6t_SYNPROXY.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/nf_defrag_ipv6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/nf_dup_ipv6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/nf_reject_ipv6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/nf_socket_ipv6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/nft_dup_ipv6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/nft_fib_ipv6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/nf_tproxy_ipv6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/netfilter/nft_reject_ipv6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/sit.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/tunnel6.ko.* -%{_cross_kmoddir}/kernel/net/ipv6/xfrm6_tunnel.ko.* -%{_cross_kmoddir}/kernel/net/key/af_key.ko.* -%{_cross_kmoddir}/kernel/net/llc/llc.ko.* -%{_cross_kmoddir}/kernel/net/mpls/mpls_gso.ko.* -%{_cross_kmoddir}/kernel/net/mpls/mpls_iptunnel.ko.* -%{_cross_kmoddir}/kernel/net/mpls/mpls_router.ko.* -%{_cross_kmoddir}/kernel/net/mptcp/mptcp_diag.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_bitmap_ip.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_bitmap_ipmac.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_bitmap_port.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_ip.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_ipmac.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_ipmark.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_ipportip.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_ipport.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_ipportnet.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_mac.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_netiface.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_net.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_netnet.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_netport.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_hash_netportnet.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipset/ip_set_list_set.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_dh.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_fo.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_ftp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_lblc.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_lblcr.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_lc.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_mh.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_nq.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_ovf.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_pe_sip.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_rr.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_sed.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_sh.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_wlc.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/ipvs/ip_vs_wrr.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conncount.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_amanda.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_broadcast.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_ftp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_h323.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_irc.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_netbios_ns.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_netlink.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_pptp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_sane.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_sip.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_snmp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_conntrack_tftp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_dup_netdev.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_flow_table_inet.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_flow_table.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_log_syslog.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_nat_amanda.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_nat_ftp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_nat_irc.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_nat.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_nat_sip.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_nat_tftp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nfnetlink_acct.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nfnetlink_cthelper.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nfnetlink_cttimeout.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nfnetlink.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nfnetlink_log.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nfnetlink_osf.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nfnetlink_queue.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_synproxy_core.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nf_tables.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_chain_nat.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_compat.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_connlimit.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_ct.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_dup_netdev.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_fib_inet.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_fib.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_fib_netdev.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_flow_offload.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_fwd_netdev.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_hash.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_limit.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_log.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_masq.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_nat.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_numgen.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_objref.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_osf.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_queue.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_quota.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_redir.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_reject_inet.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_reject.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_socket.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_synproxy.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_tproxy.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_tunnel.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/nft_xfrm.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_addrtype.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_AUDIT.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_bpf.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_cgroup.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_CHECKSUM.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_CLASSIFY.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_cluster.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_comment.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_connbytes.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_connlabel.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_connlimit.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_connmark.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_CONNSECMARK.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_conntrack.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_cpu.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_CT.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_devgroup.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_dscp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_DSCP.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_ecn.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_esp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_hashlimit.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_helper.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_hl.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_HL.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_HMARK.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_IDLETIMER.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_ipcomp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_iprange.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_ipvs.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_l2tp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_length.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_limit.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_LOG.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_mac.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_mark.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_MASQUERADE.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_multiport.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_nat.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_NETMAP.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_nfacct.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_NFLOG.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_NFQUEUE.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_osf.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_owner.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_physdev.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_pkttype.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_policy.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_quota.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_rateest.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_RATEEST.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_realm.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_recent.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_REDIRECT.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_sctp.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_SECMARK.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_set.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_socket.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_state.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_statistic.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_string.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_tcpmss.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_TCPMSS.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_TCPOPTSTRIP.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_TEE.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_time.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_TPROXY.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_TRACE.ko.* -%{_cross_kmoddir}/kernel/net/netfilter/xt_u32.ko.* -%{_cross_kmoddir}/kernel/net/nsh/nsh.ko.* -%{_cross_kmoddir}/kernel/net/openvswitch/openvswitch.ko.* -%{_cross_kmoddir}/kernel/net/openvswitch/vport-geneve.ko.* -%{_cross_kmoddir}/kernel/net/openvswitch/vport-gre.ko.* -%{_cross_kmoddir}/kernel/net/openvswitch/vport-vxlan.ko.* -%{_cross_kmoddir}/kernel/net/packet/af_packet_diag.ko.* -%{_cross_kmoddir}/kernel/net/psample/psample.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_bpf.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_connmark.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_csum.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_gact.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_ipt.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_mirred.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_nat.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_pedit.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_police.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_sample.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_simple.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_skbedit.ko.* -%{_cross_kmoddir}/kernel/net/sched/act_vlan.ko.* -%{_cross_kmoddir}/kernel/net/sched/cls_basic.ko.* -%{_cross_kmoddir}/kernel/net/sched/cls_bpf.ko.* -%{_cross_kmoddir}/kernel/net/sched/cls_cgroup.ko.* -%{_cross_kmoddir}/kernel/net/sched/cls_flower.ko.* -%{_cross_kmoddir}/kernel/net/sched/cls_flow.ko.* -%{_cross_kmoddir}/kernel/net/sched/cls_fw.ko.* -%{_cross_kmoddir}/kernel/net/sched/cls_route.ko.* -%{_cross_kmoddir}/kernel/net/sched/cls_u32.ko.* -%{_cross_kmoddir}/kernel/net/sched/em_cmp.ko.* -%{_cross_kmoddir}/kernel/net/sched/em_ipset.ko.* -%{_cross_kmoddir}/kernel/net/sched/em_ipt.ko.* -%{_cross_kmoddir}/kernel/net/sched/em_meta.ko.* -%{_cross_kmoddir}/kernel/net/sched/em_nbyte.ko.* -%{_cross_kmoddir}/kernel/net/sched/em_text.ko.* -%{_cross_kmoddir}/kernel/net/sched/em_u32.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_cbs.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_choke.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_codel.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_drr.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_fq_codel.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_fq.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_gred.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_hfsc.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_hhf.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_htb.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_ingress.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_mqprio.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_multiq.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_netem.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_pie.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_plug.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_prio.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_qfq.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_red.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_sfb.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_sfq.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_tbf.ko.* -%{_cross_kmoddir}/kernel/net/sched/sch_teql.ko.* -%{_cross_kmoddir}/kernel/net/sctp/sctp_diag.ko.* -%{_cross_kmoddir}/kernel/net/sctp/sctp.ko.* -%{_cross_kmoddir}/kernel/net/sunrpc/auth_gss/auth_rpcgss.ko.* -%{_cross_kmoddir}/kernel/net/sunrpc/auth_gss/rpcsec_gss_krb5.ko.* -%{_cross_kmoddir}/kernel/net/sunrpc/sunrpc.ko.* -%{_cross_kmoddir}/kernel/net/tls/tls.ko.* -%{_cross_kmoddir}/kernel/net/unix/unix_diag.ko.* -%{_cross_kmoddir}/kernel/net/vmw_vsock/vmw_vsock_virtio_transport_common.ko.* -%{_cross_kmoddir}/kernel/net/vmw_vsock/vmw_vsock_virtio_transport.ko.* -%{_cross_kmoddir}/kernel/net/vmw_vsock/vsock_diag.ko.* -%{_cross_kmoddir}/kernel/net/vmw_vsock/vsock.ko.* -%{_cross_kmoddir}/kernel/net/vmw_vsock/vsock_loopback.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/net/vmw_vsock/hv_sock.ko.* -%{_cross_kmoddir}/kernel/net/vmw_vsock/vmw_vsock_vmci_transport.ko.* -%endif -%{_cross_kmoddir}/kernel/net/xfrm/xfrm_algo.ko.* -%{_cross_kmoddir}/kernel/net/xfrm/xfrm_ipcomp.ko.* -%{_cross_kmoddir}/kernel/net/xfrm/xfrm_user.ko.* -%{_cross_kmoddir}/kernel/security/keys/encrypted-keys/encrypted-keys.ko.* -%{_cross_kmoddir}/kernel/security/keys/trusted-keys/trusted.ko.* -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/virt/lib/irqbypass.ko.* -%endif - -%files modules-metal -%if "%{_cross_arch}" == "x86_64" -%{_cross_kmoddir}/kernel/drivers/infiniband/hw/usnic/usnic_verbs.ko.gz -%endif -%{_cross_kmoddir}/kernel/drivers/net/ethernet/amd/xgbe/amd-xgbe.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/broadcom/bnx2x/bnx2x.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/broadcom/bnxt/bnxt_en.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/broadcom/tg3.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/chelsio/cxgb4/cxgb4.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/chelsio/cxgb4vf/cxgb4vf.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/cisco/enic/enic.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/emulex/benet/be2net.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/huawei/hinic/hinic.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/intel/fm10k/fm10k.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/intel/i40e/i40e.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/intel/ice/ice.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/intel/igbvf/igbvf.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/intel/ixgb/ixgb.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/intel/ixgbe/ixgbe.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/myricom/myri10ge/myri10ge.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/pensando/ionic/ionic.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/qlogic/qed/qed.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/qlogic/qede/qede.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/qlogic/qlcnic/qlcnic.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/sfc/falcon/sfc-falcon.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/ethernet/sfc/sfc.ko.gz -%{_cross_kmoddir}/kernel/drivers/net/mdio.ko.gz -%{_cross_kmoddir}/kernel/drivers/scsi/snic/snic.ko.gz - -%changelog diff --git a/packages/kernel-6.1/latest-srpm-url.sh b/packages/kernel-6.1/latest-srpm-url.sh deleted file mode 100755 index b13fcbf9b39..00000000000 --- a/packages/kernel-6.1/latest-srpm-url.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -cmd='dnf install -q -y --releasever=latest yum-utils && yumdownloader -q --releasever=latest --source --urls kernel' -docker run --rm amazonlinux:2023 sh -c "${cmd}" \ - | grep '^http' \ - | xargs --max-args=1 --no-run-if-empty realpath --canonicalize-missing --relative-to=. \ - | sed 's_:/_://_' diff --git a/packages/kexec-tools/Cargo.toml b/packages/kexec-tools/Cargo.toml deleted file mode 100644 index 97581924061..00000000000 --- a/packages/kexec-tools/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "kexec-tools" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://kernel.org/pub/linux/utils/kernel/kexec" - -[[package.metadata.build-package.external-files]] -url = "https://kernel.org/pub/linux/utils/kernel/kexec/kexec-tools-2.0.28.tar.xz" -sha512 = "889a7bf1d26bb309e4ff7ce1c8dbcf48c01e47221ea3acf1c4ef2a98a652c496e31bddcdb627d3adebd85f7541d1fb9122c60e741e10b3726e31a9733cadc753" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/kexec-tools/kexec-tools.spec b/packages/kexec-tools/kexec-tools.spec deleted file mode 100644 index d3b3969338b..00000000000 --- a/packages/kexec-tools/kexec-tools.spec +++ /dev/null @@ -1,31 +0,0 @@ -Name: %{_cross_os}kexec-tools -Version: 2.0.28 -Release: 1%{?dist} -Summary: Linux tool to load kernels from the running system -License: GPL-2.0-or-later AND GPL-2.0-only -URL: https://www.kernel.org/doc/html/latest/admin-guide/kdump/kdump.html -Source0: https://kernel.org/pub/linux/utils/kernel/kexec/kexec-tools-%{version}.tar.xz - -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%prep -%setup -n kexec-tools-%{version} -rm -f kexec-tools.spec.in - -%build -%cross_configure -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_sbindir}/kexec -%exclude %{_cross_libdir} -%exclude %{_cross_mandir} -%exclude %{_cross_sbindir}/vmcore-dmesg diff --git a/packages/keyutils/Cargo.toml b/packages/keyutils/Cargo.toml deleted file mode 100644 index 64bc1acf5a8..00000000000 --- a/packages/keyutils/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "keyutils" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://people.redhat.com/~dhowells/keyutils/" - -[[package.metadata.build-package.external-files]] -url = "https://people.redhat.com/~dhowells/keyutils/keyutils-1.6.1.tar.bz2" -sha512 = "ea6e20b2594234c7f51581eef2b8fd19c109fa9eacaaef8dfbb4f237bd1d6fdf071ec23b4ff334cb22a46461d09d17cf499987fd1f00e66f27506888876961e1" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/keyutils/keyutils-tmpfiles.conf b/packages/keyutils/keyutils-tmpfiles.conf deleted file mode 100644 index 1fd06a6fe43..00000000000 --- a/packages/keyutils/keyutils-tmpfiles.conf +++ /dev/null @@ -1 +0,0 @@ -C /etc/request-key.conf - - - - diff --git a/packages/keyutils/keyutils.spec b/packages/keyutils/keyutils.spec deleted file mode 100644 index d4289b3b9fa..00000000000 --- a/packages/keyutils/keyutils.spec +++ /dev/null @@ -1,78 +0,0 @@ -Name: %{_cross_os}keyutils -Version: 1.6.1 -Release: 1%{?dist} -Summary: Linux key management utilities -License: GPL-2.0-or-later AND GPL-2.1-or-later -Url: http://people.redhat.com/~dhowells/keyutils/ -Source0: http://people.redhat.com/~dhowells/keyutils/keyutils-%{version}.tar.bz2 -Source1: keyutils-tmpfiles.conf -Source2: request-key.conf - -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Development package for building Linux key management utilities - -%description devel -%{summary}. - -%prep -%setup -n keyutils-%{version} -q - -%global keyutilsmake \ -%set_cross_build_flags \\\ -export CC=%{_cross_target}-gcc ; \ -%make_build \\\ - NO_ARLIB=1 \\\ - ETCDIR=%{_cross_sysconfdir} \\\ - LIBDIR=%{_cross_libdir} \\\ - USRLIBDIR=%{_cross_libdir} \\\ - BINDIR=%{_cross_bindir} \\\ - SBINDIR=%{_cross_sbindir} \\\ - MANDIR=%{_cross_mandir} \\\ - INCLUDEDIR=%{_cross_includedir} \\\ - SHAREDIR=%{_cross_datadir}/keyutils \\\ - RELEASE=.%{release} \\\ - NO_GLIBC_KEYERR=1 \\\ - CC="${CC}" \\\ - CFLAGS="${CFLAGS}" \\\ - LDFLAGS="${LDFLAGS}" \\\ - DESTDIR=%{buildroot} \\\ -%{nil} - - -%build -%keyutilsmake - -%install -%keyutilsmake install - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir} - -install -p -m 0644 %{S:1} %{buildroot}%{_cross_tmpfilesdir}/keyutils.conf -install -p -m 0644 %{S:2} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/request-key.conf - -%files -%{_cross_attribution_file} -%license LICENCE.GPL LICENCE.LGPL -%{_cross_tmpfilesdir}/keyutils.conf -%{_cross_bindir}/keyctl -%{_cross_sbindir}/key.dns_resolver -%{_cross_sbindir}/request-key -%{_cross_datadir}/keyutils -%{_cross_libdir}/libkeyutils.so.* -%{_cross_factorydir}%{_cross_sysconfdir}/request-key.conf - -%exclude %{_cross_mandir} -%exclude %{_cross_sysconfdir}/request-key.conf - -%files devel -%{_cross_libdir}/libkeyutils.so -%{_cross_includedir}/keyutils.h -%{_cross_libdir}/pkgconfig/libkeyutils.pc - -%changelog diff --git a/packages/keyutils/request-key.conf b/packages/keyutils/request-key.conf deleted file mode 100644 index 6a541b5c868..00000000000 --- a/packages/keyutils/request-key.conf +++ /dev/null @@ -1,2 +0,0 @@ -create dns_resolver * * /sbin/key.dns_resolver %k -negate * * * /bin/keyctl negate %k 30 %S diff --git a/packages/kmod-5.10-nvidia/.gitignore b/packages/kmod-5.10-nvidia/.gitignore deleted file mode 100644 index 0bcfb52fdbc..00000000000 --- a/packages/kmod-5.10-nvidia/.gitignore +++ /dev/null @@ -1 +0,0 @@ -NVidiaEULAforAWS.pdf diff --git a/packages/kmod-5.10-nvidia/Cargo.toml b/packages/kmod-5.10-nvidia/Cargo.toml deleted file mode 100644 index 07cc9b7243d..00000000000 --- a/packages/kmod-5.10-nvidia/Cargo.toml +++ /dev/null @@ -1,31 +0,0 @@ -[package] -name = "kmod-5_10-nvidia" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kmod-5.10-nvidia" -releases-url = "https://docs.nvidia.com/datacenter/tesla/" - -[[package.metadata.build-package.external-files]] -url = "https://s3.amazonaws.com/EULA/NVidiaEULAforAWS.pdf" -sha512 = "e1926fe99afc3ab5b2f2744fcd53b4046465aefb2793e2e06c4a19455a3fde895e00af1415ff1a5804c32e6a2ed0657e475de63da6c23a0e9c59feeef52f3f58" - -[[package.metadata.build-package.external-files]] -url = "https://us.download.nvidia.com/tesla/470.256.02/NVIDIA-Linux-x86_64-470.256.02.run" -sha512 = "a837946dd24d7945c1962a695f1f31965f3ceb6927f52cd08fd51b8db138b7a888bbeab69243f5c8468a7bd7ccd47f5dbdb48a1ca81264866c1ebb7d88628f88" -force-upstream = true - -[[package.metadata.build-package.external-files]] -url = "https://us.download.nvidia.com/tesla/470.256.02/NVIDIA-Linux-aarch64-470.256.02.run" -sha512 = "38eee5933355c34ca816a2ac0fbc4f55c19c20e1322891bfc98cb6b37d99a31218eea9314877ab0e3cf3ac6eb61f9d9d4d09d0af304b689f18b4efa721b65d5c" -force-upstream = true - -[build-dependencies] -glibc = { path = "../glibc" } -kernel-5_10 = { path = "../kernel-5.10" } diff --git a/packages/kmod-5.10-nvidia/kmod-5.10-nvidia.spec b/packages/kmod-5.10-nvidia/kmod-5.10-nvidia.spec deleted file mode 100644 index 542b14739ad..00000000000 --- a/packages/kmod-5.10-nvidia/kmod-5.10-nvidia.spec +++ /dev/null @@ -1,321 +0,0 @@ -%global tesla_470 470.256.02 -%global tesla_470_libdir %{_cross_libdir}/nvidia/tesla/%{tesla_470} -%global tesla_470_bindir %{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470} - -Name: %{_cross_os}kmod-5.10-nvidia -Version: 1.0.0 -Release: 1%{?dist} -Summary: NVIDIA drivers for the 5.10 kernel -# We use these licences because we only ship our own software in the main package, -# each subpackage includes the LICENSE file provided by the Licenses.toml file -License: Apache-2.0 OR MIT -URL: http://www.nvidia.com/ - -# NVIDIA .run scripts from 0 to 199 -Source0: https://us.download.nvidia.com/tesla/%{tesla_470}/NVIDIA-Linux-x86_64-%{tesla_470}.run -Source1: https://us.download.nvidia.com/tesla/%{tesla_470}/NVIDIA-Linux-aarch64-%{tesla_470}.run -Source2: NVidiaEULAforAWS.pdf - -# Common NVIDIA conf files from 200 to 299 -Source200: nvidia-tmpfiles.conf.in -Source202: nvidia-dependencies-modules-load.conf - -# NVIDIA tesla conf files from 300 to 399 -Source300: nvidia-tesla-tmpfiles.conf.in -Source301: nvidia-tesla-build-config.toml.in -Source302: nvidia-tesla-path.env.in -Source303: nvidia-ld.so.conf.in - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}kernel-5.10-archive - -%description -%{summary}. - -%package tesla-470 -Summary: NVIDIA 470 Tesla driver -Version: %{tesla_470} -License: LicenseRef-NVIDIA-AWS-EULA -Requires: %{_cross_os}variant-platform(aws) -Requires: %{name} - -%description tesla-470 -%{summary} - -%prep -# Extract nvidia sources with `-x`, otherwise the script will try to install -# the driver in the current run -sh %{_sourcedir}/NVIDIA-Linux-%{_cross_arch}-%{tesla_470}.run -x - -# Add the license. -install -p -m 0644 %{S:2} . - -%global kernel_sources %{_builddir}/kernel-devel -tar -xf %{_cross_datadir}/bottlerocket/kernel-devel.tar.xz - -%build -pushd NVIDIA-Linux-%{_cross_arch}-%{tesla_470}/kernel - -# This recipe was based in the NVIDIA yum/dnf specs: -# https://github.com/NVIDIA/yum-packaging-precompiled-kmod - -# We set IGNORE_CC_MISMATCH even though we are using the same compiler used to compile the kernel, if -# we don't set this flag the compilation fails -make %{?_smp_mflags} ARCH=%{_cross_karch} IGNORE_CC_MISMATCH=1 SYSSRC=%{kernel_sources} CC=%{_cross_target}-gcc LD=%{_cross_target}-ld - -%{_cross_target}-strip -g --strip-unneeded nvidia/nv-interface.o -%{_cross_target}-strip -g --strip-unneeded nvidia-uvm.o -%{_cross_target}-strip -g --strip-unneeded nvidia-drm.o -%{_cross_target}-strip -g --strip-unneeded nvidia-peermem/nvidia-peermem.o -%{_cross_target}-strip -g --strip-unneeded nvidia-modeset/nv-modeset-interface.o - -# We delete these files since we just stripped the input .o files above, and -# will be build at runtime in the host -rm nvidia{,-modeset,-peermem}.o - -# Delete the .ko files created in make command, just to be safe that we -# don't include any linked module in the base image -rm nvidia{,-modeset,-peermem,-drm}.ko - -popd - -%install -install -d %{buildroot}%{_cross_libexecdir} -install -d %{buildroot}%{_cross_libdir} -install -d %{buildroot}%{_cross_tmpfilesdir} -install -d %{buildroot}%{_cross_unitdir} -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/{drivers,ld.so.conf.d} - -KERNEL_VERSION=$(cat %{kernel_sources}/include/config/kernel.release) -sed \ - -e "s|__KERNEL_VERSION__|${KERNEL_VERSION}|" \ - -e "s|__PREFIX__|%{_cross_prefix}|" %{S:200} > nvidia.conf -install -p -m 0644 nvidia.conf %{buildroot}%{_cross_tmpfilesdir} - -# Install modules-load.d drop-in to autoload required kernel modules -install -d %{buildroot}%{_cross_libdir}/modules-load.d -install -p -m 0644 %{S:202} %{buildroot}%{_cross_libdir}/modules-load.d/nvidia-dependencies.conf - -# Begin NVIDIA tesla 470 -pushd NVIDIA-Linux-%{_cross_arch}-%{tesla_470} -# We install bins and libs in a versioned directory to prevent collisions with future drivers versions -install -d %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470} -install -d %{buildroot}%{tesla_470_libdir} -install -d %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d -install -d %{buildroot}%{_cross_factorydir}/nvidia/tesla/%{tesla_470} - -sed -e 's|__NVIDIA_VERSION__|%{tesla_470}|' %{S:300} > nvidia-tesla-%{tesla_470}.conf -install -m 0644 nvidia-tesla-%{tesla_470}.conf %{buildroot}%{_cross_tmpfilesdir}/ -sed -e 's|__NVIDIA_MODULES__|%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/|' %{S:301} > \ - nvidia-tesla-%{tesla_470}.toml -install -m 0644 nvidia-tesla-%{tesla_470}.toml %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/drivers -# Install nvidia-path environment file, will be used as a drop-in for containerd.service since -# libnvidia-container locates and mounts helper binaries into the containers from either -# `PATH` or `NVIDIA_PATH` -sed -e 's|__NVIDIA_BINDIR__|%{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470}|' %{S:302} > nvidia-path.env -install -m 0644 nvidia-path.env %{buildroot}%{_cross_factorydir}/nvidia/tesla/%{tesla_470} -# We need to add `_cross_libdir/tesla_470` to the paths loaded by the ldconfig service -# because libnvidia-container uses the `ldcache` file created by the service, to locate and mount the -# libraries into the containers -sed -e 's|__LIBDIR__|%{_cross_libdir}|' %{S:303} | sed -e 's|__NVIDIA_VERSION__|%{tesla_470}|' \ - > nvidia-tesla-%{tesla_470}.conf -install -m 0644 nvidia-tesla-%{tesla_470}.conf %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/ld.so.conf.d/ - -# driver -install kernel/nvidia.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d -install kernel/nvidia/nv-interface.o %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d -install kernel/nvidia/nv-kernel.o_binary %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nv-kernel.o - -# uvm -install kernel/nvidia-uvm.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d -install kernel/nvidia-uvm.o %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d - -# modeset -install kernel/nvidia-modeset.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d -install kernel/nvidia-modeset/nv-modeset-interface.o %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d -install kernel/nvidia-modeset/nv-modeset-kernel.o %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d - -# peermem -install kernel/nvidia-peermem.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d -install kernel/nvidia-peermem/nvidia-peermem.o %{buildroot}%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d - -# drm -install kernel/nvidia-drm.mod.o %{buildroot}/%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d -install kernel/nvidia-drm.o %{buildroot}/%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d - -# Binaries -install -m 755 nvidia-smi %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470} -install -m 755 nvidia-debugdump %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470} -install -m 755 nvidia-cuda-mps-control %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470} -install -m 755 nvidia-cuda-mps-server %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470} -%if "%{_cross_arch}" == "x86_64" -install -m 755 nvidia-ngx-updater %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470} -%endif - -# We install all the libraries, and filter them out in the 'files' section, so we can catch -# when new libraries are added -install -m 755 *.so* %{buildroot}/%{tesla_470_libdir}/ - -# This library has the same SONAME as libEGL.so.1.1.0, this will cause collisions while -# the symlinks are created. For now, we only symlink libEGL.so.1.1.0. -EXCLUDED_LIBS="libEGL.so.%{tesla_470}" - -for lib in $(find . -maxdepth 1 -type f -name 'lib*.so.*' -printf '%%P\n'); do - [[ "${EXCLUDED_LIBS}" =~ "${lib}" ]] && continue - soname="$(%{_cross_target}-readelf -d "${lib}" | awk '/SONAME/{print $5}' | tr -d '[]')" - [ -n "${soname}" ] || continue - [ "${lib}" == "${soname}" ] && continue - ln -s "${lib}" %{buildroot}/%{tesla_470_libdir}/"${soname}" -done - -popd - -%files -%{_cross_attribution_file} -%dir %{_cross_libexecdir}/nvidia -%dir %{_cross_libdir}/nvidia -%dir %{_cross_datadir}/nvidia -%dir %{_cross_libdir}/modules-load.d -%dir %{_cross_factorydir}%{_cross_sysconfdir}/drivers -%{_cross_tmpfilesdir}/nvidia.conf -%{_cross_libdir}/systemd/system/ -%{_cross_libdir}/modules-load.d/nvidia-dependencies.conf - -%files tesla-470 -%license NVidiaEULAforAWS.pdf -%dir %{_cross_datadir}/nvidia/tesla/%{tesla_470} -%dir %{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470} -%dir %{tesla_470_libdir} -%dir %{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d -%dir %{_cross_factorydir}/nvidia/tesla/%{tesla_470} - -# Binaries -%{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470}/nvidia-debugdump -%{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470}/nvidia-smi - -# Configuration files -%{_cross_factorydir}%{_cross_sysconfdir}/drivers/nvidia-tesla-%{tesla_470}.toml -%{_cross_factorydir}%{_cross_sysconfdir}/ld.so.conf.d/nvidia-tesla-%{tesla_470}.conf -%{_cross_factorydir}/nvidia/tesla/%{tesla_470}/nvidia-path.env - -# driver -%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nvidia.mod.o -%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nv-interface.o -%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nv-kernel.o - -# uvm -%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nvidia-uvm.mod.o -%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nvidia-uvm.o - -# modeset -%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nv-modeset-interface.o -%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nv-modeset-kernel.o -%{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nvidia-modeset.mod.o - -# tmpfiles -%{_cross_tmpfilesdir}/nvidia-tesla-%{tesla_470}.conf - -# We only install the libraries required by all the DRIVER_CAPABILITIES, described here: -# https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/user-guide.html#driver-capabilities - -# Utility libs -%{tesla_470_libdir}/libnvidia-ml.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-ml.so.1 -%{tesla_470_libdir}/libnvidia-cfg.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-cfg.so.1 -%{tesla_470_libdir}/libnvidia-nvvm.so.4.0.0 -%{tesla_470_libdir}/libnvidia-nvvm.so.4 - -# Compute libs -%{tesla_470_libdir}/libcuda.so.%{tesla_470} -%{tesla_470_libdir}/libcuda.so.1 -%{tesla_470_libdir}/libnvidia-opencl.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-opencl.so.1 -%{tesla_470_libdir}/libnvidia-ptxjitcompiler.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-ptxjitcompiler.so.1 -%{tesla_470_libdir}/libnvidia-allocator.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-allocator.so.1 -%{tesla_470_libdir}/libOpenCL.so.1.0.0 -%{tesla_470_libdir}/libOpenCL.so.1 -%if "%{_cross_arch}" == "x86_64" -%{tesla_470_libdir}/libnvidia-compiler.so.%{tesla_470} -%endif - -# Video libs -%{tesla_470_libdir}/libvdpau_nvidia.so.%{tesla_470} -%{tesla_470_libdir}/libvdpau_nvidia.so.1 -%{tesla_470_libdir}/libnvidia-encode.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-encode.so.1 -%{tesla_470_libdir}/libnvidia-opticalflow.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-opticalflow.so.1 -%{tesla_470_libdir}/libnvcuvid.so.%{tesla_470} -%{tesla_470_libdir}/libnvcuvid.so.1 - -# Graphics libs -%{tesla_470_libdir}/libnvidia-eglcore.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-glcore.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-tls.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-glsi.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-rtcore.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-fbc.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-fbc.so.1 -%{tesla_470_libdir}/libnvoptix.so.%{tesla_470} -%{tesla_470_libdir}/libnvoptix.so.1 -%{tesla_470_libdir}/libnvidia-vulkan-producer.so.%{tesla_470} -%if "%{_cross_arch}" == "x86_64" -%{tesla_470_libdir}/libnvidia-ifr.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-ifr.so.1 -%endif - -# Graphics GLVND libs -%{tesla_470_libdir}/libnvidia-glvkspirv.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-cbl.so.%{tesla_470} -%{tesla_470_libdir}/libGLX_nvidia.so.%{tesla_470} -%{tesla_470_libdir}/libGLX_nvidia.so.0 -%{tesla_470_libdir}/libEGL_nvidia.so.%{tesla_470} -%{tesla_470_libdir}/libEGL_nvidia.so.0 -%{tesla_470_libdir}/libGLESv2_nvidia.so.%{tesla_470} -%{tesla_470_libdir}/libGLESv2_nvidia.so.2 -%{tesla_470_libdir}/libGLESv1_CM_nvidia.so.%{tesla_470} -%{tesla_470_libdir}/libGLESv1_CM_nvidia.so.1 - -# Graphics compat -%{tesla_470_libdir}/libEGL.so.1.1.0 -%{tesla_470_libdir}/libEGL.so.1 -%{tesla_470_libdir}/libEGL.so.%{tesla_470} -%{tesla_470_libdir}/libGL.so.1.7.0 -%{tesla_470_libdir}/libGL.so.1 -%{tesla_470_libdir}/libGLESv1_CM.so.1.2.0 -%{tesla_470_libdir}/libGLESv1_CM.so.1 -%{tesla_470_libdir}/libGLESv2.so.2.1.0 -%{tesla_470_libdir}/libGLESv2.so.2 - -# NGX -%if "%{_cross_arch}" == "x86_64" -%{tesla_470_libdir}/libnvidia-ngx.so.%{tesla_470} -%{tesla_470_libdir}/libnvidia-ngx.so.1 -%endif - -# Neither nvidia-peermem nor nvidia-drm are included in driver container images, we exclude them -# for now, and we will add them if requested -%exclude %{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nvidia-peermem.mod.o -%exclude %{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nvidia-peermem.o -%exclude %{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nvidia-drm.mod.o -%exclude %{_cross_datadir}/nvidia/tesla/%{tesla_470}/module-objects.d/nvidia-drm.o -%exclude %{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470}/nvidia-cuda-mps-control -%exclude %{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470}/nvidia-cuda-mps-server -%if "%{_cross_arch}" == "x86_64" -%exclude %{_cross_libexecdir}/nvidia/tesla/bin/%{tesla_470}/nvidia-ngx-updater -%endif - -# None of these libraries are required by libnvidia-container, so they -# won't be used by a containerized workload -%exclude %{tesla_470_libdir}/libGLX.so.0 -%exclude %{tesla_470_libdir}/libGLdispatch.so.0 -%exclude %{tesla_470_libdir}/libOpenGL.so.0 -%exclude %{tesla_470_libdir}/libglxserver_nvidia.so.%{tesla_470} -%exclude %{tesla_470_libdir}/libnvidia-egl-wayland.so.1.1.7 -%exclude %{tesla_470_libdir}/libnvidia-gtk2.so.%{tesla_470} -%exclude %{tesla_470_libdir}/libnvidia-gtk3.so.%{tesla_470} -%exclude %{tesla_470_libdir}/nvidia_drv.so -%exclude %{tesla_470_libdir}/libnvidia-egl-wayland.so.1 diff --git a/packages/kmod-5.10-nvidia/nvidia-dependencies-modules-load.conf b/packages/kmod-5.10-nvidia/nvidia-dependencies-modules-load.conf deleted file mode 100644 index 86f884a65e5..00000000000 --- a/packages/kmod-5.10-nvidia/nvidia-dependencies-modules-load.conf +++ /dev/null @@ -1,2 +0,0 @@ -i2c_core -ipmi_msghandler diff --git a/packages/kmod-5.10-nvidia/nvidia-ld.so.conf.in b/packages/kmod-5.10-nvidia/nvidia-ld.so.conf.in deleted file mode 100644 index a07b0ccbba7..00000000000 --- a/packages/kmod-5.10-nvidia/nvidia-ld.so.conf.in +++ /dev/null @@ -1 +0,0 @@ -__LIBDIR__/nvidia/tesla/__NVIDIA_VERSION__/ diff --git a/packages/kmod-5.10-nvidia/nvidia-tesla-build-config.toml.in b/packages/kmod-5.10-nvidia/nvidia-tesla-build-config.toml.in deleted file mode 100644 index fb74dc51fe5..00000000000 --- a/packages/kmod-5.10-nvidia/nvidia-tesla-build-config.toml.in +++ /dev/null @@ -1,18 +0,0 @@ -[nvidia-tesla] -lib-modules-path = "kernel/drivers/extra/video/nvidia/tesla" -objects-source = "__NVIDIA_MODULES__" - -[nvidia-tesla.object-files."nvidia.o"] -link-objects = ["nv-interface.o", "nv-kernel.o"] - -[nvidia-tesla.kernel-modules."nvidia.ko"] -link-objects = ["nvidia.o", "nvidia.mod.o"] - -[nvidia-tesla.object-files."nvidia-modeset.o"] -link-objects = ["nv-modeset-interface.o", "nv-modeset-kernel.o"] - -[nvidia-tesla.kernel-modules."nvidia-modeset.ko"] -link-objects = ["nvidia-modeset.o", "nvidia-modeset.mod.o"] - -[nvidia-tesla.kernel-modules."nvidia-uvm.ko"] -link-objects = ["nvidia-uvm.o", "nvidia-uvm.mod.o"] diff --git a/packages/kmod-5.10-nvidia/nvidia-tesla-path.env.in b/packages/kmod-5.10-nvidia/nvidia-tesla-path.env.in deleted file mode 100644 index 28f74deb7c6..00000000000 --- a/packages/kmod-5.10-nvidia/nvidia-tesla-path.env.in +++ /dev/null @@ -1 +0,0 @@ -NVIDIA_PATH=__NVIDIA_BINDIR__ diff --git a/packages/kmod-5.10-nvidia/nvidia-tesla-tmpfiles.conf.in b/packages/kmod-5.10-nvidia/nvidia-tesla-tmpfiles.conf.in deleted file mode 100644 index f208e1d26a8..00000000000 --- a/packages/kmod-5.10-nvidia/nvidia-tesla-tmpfiles.conf.in +++ /dev/null @@ -1,3 +0,0 @@ -C /etc/drivers/nvidia-tesla-__NVIDIA_VERSION__.toml -C /etc/containerd/nvidia.env - - - - /usr/share/factory/nvidia/tesla/__NVIDIA_VERSION__/nvidia-path.env -C /etc/ld.so.conf.d/nvidia-tesla-__NVIDIA_VERSION__.conf diff --git a/packages/kmod-5.10-nvidia/nvidia-tmpfiles.conf.in b/packages/kmod-5.10-nvidia/nvidia-tmpfiles.conf.in deleted file mode 100644 index d4763f28037..00000000000 --- a/packages/kmod-5.10-nvidia/nvidia-tmpfiles.conf.in +++ /dev/null @@ -1,2 +0,0 @@ -R __PREFIX__/lib/modules/__KERNEL_VERSION__/kernel/drivers/extra/video/nvidia/tesla - - - - - -d __PREFIX__/lib/modules/__KERNEL_VERSION__/kernel/drivers/extra/video/nvidia/tesla 0755 root root - - diff --git a/packages/kmod-5.15-nvidia/.gitignore b/packages/kmod-5.15-nvidia/.gitignore deleted file mode 100644 index 64d9ed83a0e..00000000000 --- a/packages/kmod-5.15-nvidia/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -NVidiaEULAforAWS.pdf -*.rpm diff --git a/packages/kmod-5.15-nvidia/Cargo.toml b/packages/kmod-5.15-nvidia/Cargo.toml deleted file mode 100644 index f26a5a36c51..00000000000 --- a/packages/kmod-5.15-nvidia/Cargo.toml +++ /dev/null @@ -1,41 +0,0 @@ -[package] -name = "kmod-5_15-nvidia" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kmod-5.15-nvidia" -releases-url = "https://docs.nvidia.com/datacenter/tesla/" - -[[package.metadata.build-package.external-files]] -url = "https://s3.amazonaws.com/EULA/NVidiaEULAforAWS.pdf" -sha512 = "e1926fe99afc3ab5b2f2744fcd53b4046465aefb2793e2e06c4a19455a3fde895e00af1415ff1a5804c32e6a2ed0657e475de63da6c23a0e9c59feeef52f3f58" - -[[package.metadata.build-package.external-files]] -url = "https://us.download.nvidia.com/tesla/535.183.01/NVIDIA-Linux-x86_64-535.183.01.run" -sha512 = "02b6b679f4fc1d5305f32fca8ce0875eef04cb99f5611d0bb85ac7607ecdd5b2aa4d60b51bf47546477464531a07fffa5bf3db3859868648bd5e86565d85afbb" -force-upstream = true - -[[package.metadata.build-package.external-files]] -url = "https://us.download.nvidia.com/tesla/535.183.01/NVIDIA-Linux-aarch64-535.183.01.run" -sha512 = "d2ac1be8c19b359023c31941374911f3adfe1be34aa2821ef582df4c854ac4eefbbcb10aa22583ac8c9d5caf9326bda12ed1ce6343d67479ed37a4887bd17b5e" -force-upstream = true - -[[package.metadata.build-package.external-files]] -url = "https://developer.download.nvidia.com/compute/cuda/repos/rhel9/x86_64/nvidia-fabric-manager-535.183.01-1.x86_64.rpm" -sha512 = "d52879d1e552b949a529ede9c4ce3e7b66af0df96e8f43906f211673b99815561c83a7c382be17950b1308457ca496ce49adca41766f808cc5a340471353494b" -force-upstream = true - -[[package.metadata.build-package.external-files]] -url = "https://developer.download.nvidia.com/compute/cuda/repos/rhel9/sbsa/nvidia-fabric-manager-535.183.01-1.aarch64.rpm" -sha512 = "75e1d306b9aa6cc8737bce50f39dc641f64de6a944c50f2c9706345c656f203c4706414dcb51def7671f0fd02fd18605aa3d62958b690d2705cb7011c54ff48e" -force-upstream = true - -[build-dependencies] -glibc = { path = "../glibc" } -kernel-5_15 = { path = "../kernel-5.15" } diff --git a/packages/kmod-5.15-nvidia/kmod-5.15-nvidia.spec b/packages/kmod-5.15-nvidia/kmod-5.15-nvidia.spec deleted file mode 100644 index 1e9a17500a8..00000000000 --- a/packages/kmod-5.15-nvidia/kmod-5.15-nvidia.spec +++ /dev/null @@ -1,394 +0,0 @@ -%global tesla_major 535 -%global tesla_minor 183 -%global tesla_patch 01 -%global tesla_ver %{tesla_major}.%{tesla_minor}.%{tesla_patch} -%if "%{?_cross_arch}" == "aarch64" -%global fm_arch sbsa -%else -%global fm_arch %{_cross_arch} -%endif - -# With the split of the firmware binary from firmware/gsp.bin to firmware/gsp_ga10x.bin -# and firmware/gsp_tu10x.bin the file format changed from executable to relocatable. -# The __spec_install_post macro will by default try to strip all binary files. -# Unfortunately the strip used is not compatible with the new file format. -# Redefine strip, so that these firmware binaries do not derail the build. -%global __strip /usr/bin/true - -Name: %{_cross_os}kmod-5.15-nvidia -Version: 1.0.0 -Release: 1%{?dist} -Summary: NVIDIA drivers for the 5.15 kernel -# We use these licences because we only ship our own software in the main package, -# each subpackage includes the LICENSE file provided by the Licenses.toml file -License: Apache-2.0 OR MIT -URL: http://www.nvidia.com/ - -# NVIDIA archives from 0 to 199 -# NVIDIA .run scripts for kernel and userspace drivers -Source0: https://us.download.nvidia.com/tesla/%{tesla_ver}/NVIDIA-Linux-x86_64-%{tesla_ver}.run -Source1: https://us.download.nvidia.com/tesla/%{tesla_ver}/NVIDIA-Linux-aarch64-%{tesla_ver}.run -Source2: NVidiaEULAforAWS.pdf - -# fabricmanager for NVSwitch -Source10: https://developer.download.nvidia.com/compute/cuda/repos/rhel9/x86_64/nvidia-fabric-manager-%{tesla_ver}-1.x86_64.rpm -Source11: https://developer.download.nvidia.com/compute/cuda/repos/rhel9/sbsa/nvidia-fabric-manager-%{tesla_ver}-1.aarch64.rpm - -# Common NVIDIA conf files from 200 to 299 -Source200: nvidia-tmpfiles.conf.in -Source202: nvidia-dependencies-modules-load.conf -Source203: nvidia-fabricmanager.service -Source204: nvidia-fabricmanager.cfg - -# NVIDIA tesla conf files from 300 to 399 -Source300: nvidia-tesla-tmpfiles.conf -Source301: nvidia-tesla-build-config.toml.in -Source302: nvidia-tesla-path.env.in -Source303: nvidia-ld.so.conf.in - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}kernel-5.15-archive - -%description -%{summary}. - -%package fabricmanager -Summary: NVIDIA fabricmanager config and service files -Requires: %{name}-tesla(fabricmanager) - -%description fabricmanager -%{summary}. - -%package tesla-%{tesla_major} -Summary: NVIDIA %{tesla_major} Tesla driver -Version: %{tesla_ver} -License: LicenseRef-NVIDIA-AWS-EULA -Requires: %{_cross_os}variant-platform(aws) -Requires: %{name} -Requires: %{name}-fabricmanager -Provides: %{name}-tesla(fabricmanager) - -%description tesla-%{tesla_major} -%{summary} - -%prep -# Extract nvidia sources with `-x`, otherwise the script will try to install -# the driver in the current run -sh %{_sourcedir}/NVIDIA-Linux-%{_cross_arch}-%{tesla_ver}.run -x - -# Extract fabricmanager from the rpm via cpio rather than `%%setup` since the -# correct source is architecture-dependent. -mkdir fabricmanager-linux-%{fm_arch}-%{tesla_ver}-archive -rpm2cpio %{_sourcedir}/nvidia-fabric-manager-%{tesla_ver}-1.%{_cross_arch}.rpm | cpio -idmV -D fabricmanager-linux-%{fm_arch}-%{tesla_ver}-archive - -# Add the license. -install -p -m 0644 %{S:2} . - -%global kernel_sources %{_builddir}/kernel-devel -tar -xf %{_cross_datadir}/bottlerocket/kernel-devel.tar.xz - -%build -pushd NVIDIA-Linux-%{_cross_arch}-%{tesla_ver}/kernel - -# This recipe was based in the NVIDIA yum/dnf specs: -# https://github.com/NVIDIA/yum-packaging-precompiled-kmod - -# We set IGNORE_CC_MISMATCH even though we are using the same compiler used to compile the kernel, if -# we don't set this flag the compilation fails -make %{?_smp_mflags} ARCH=%{_cross_karch} IGNORE_CC_MISMATCH=1 SYSSRC=%{kernel_sources} CC=%{_cross_target}-gcc LD=%{_cross_target}-ld - -%{_cross_target}-strip -g --strip-unneeded nvidia/nv-interface.o -%{_cross_target}-strip -g --strip-unneeded nvidia-uvm.o -%{_cross_target}-strip -g --strip-unneeded nvidia-drm.o -%{_cross_target}-strip -g --strip-unneeded nvidia-peermem/nvidia-peermem.o -%{_cross_target}-strip -g --strip-unneeded nvidia-modeset/nv-modeset-interface.o - -# We delete these files since we just stripped the input .o files above, and -# will be build at runtime in the host -rm nvidia{,-modeset,-peermem}.o - -# Delete the .ko files created in make command, just to be safe that we -# don't include any linked module in the base image -rm nvidia{,-modeset,-peermem,-drm}.ko - -popd - -%install -install -d %{buildroot}%{_cross_libexecdir} -install -d %{buildroot}%{_cross_libdir} -install -d %{buildroot}%{_cross_tmpfilesdir} -install -d %{buildroot}%{_cross_unitdir} -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/{drivers,ld.so.conf.d} - -KERNEL_VERSION=$(cat %{kernel_sources}/include/config/kernel.release) -sed \ - -e "s|__KERNEL_VERSION__|${KERNEL_VERSION}|" \ - -e "s|__PREFIX__|%{_cross_prefix}|" %{S:200} > nvidia.conf -install -p -m 0644 nvidia.conf %{buildroot}%{_cross_tmpfilesdir} - -# Install modules-load.d drop-in to autoload required kernel modules -install -d %{buildroot}%{_cross_libdir}/modules-load.d -install -p -m 0644 %{S:202} %{buildroot}%{_cross_libdir}/modules-load.d/nvidia-dependencies.conf - -# NVIDIA fabric manager service unit and config -install -p -m 0644 %{S:203} %{buildroot}%{_cross_unitdir} -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/nvidia -install -p -m 0644 %{S:204} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/nvidia/fabricmanager.cfg - -# Begin NVIDIA tesla driver -pushd NVIDIA-Linux-%{_cross_arch}-%{tesla_ver} -# We install bins and libs in a versioned directory to prevent collisions with future drivers versions -install -d %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -install -d %{buildroot}%{_cross_libdir}/nvidia/tesla -install -d %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install -d %{buildroot}%{_cross_factorydir}/nvidia/tesla - -install -m 0644 %{S:300} %{buildroot}%{_cross_tmpfilesdir}/nvidia-tesla.conf -sed -e 's|__NVIDIA_MODULES__|%{_cross_datadir}/nvidia/tesla/module-objects.d/|' %{S:301} > \ - nvidia-tesla.toml -install -m 0644 nvidia-tesla.toml %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/drivers -# Install nvidia-path environment file, will be used as a drop-in for containerd.service since -# libnvidia-container locates and mounts helper binaries into the containers from either -# `PATH` or `NVIDIA_PATH` -sed -e 's|__NVIDIA_BINDIR__|%{_cross_libexecdir}/nvidia/tesla/bin|' %{S:302} > nvidia-path.env -install -m 0644 nvidia-path.env %{buildroot}%{_cross_factorydir}/nvidia/tesla -# We need to add `_cross_libdir` to the paths loaded by the ldconfig service -# because libnvidia-container uses the `ldcache` file created by the service, to locate and mount the -# libraries into the containers -sed -e 's|__LIBDIR__|%{_cross_libdir}|' %{S:303} > nvidia-tesla.conf -install -m 0644 nvidia-tesla.conf %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/ld.so.conf.d/ - -# driver -install kernel/nvidia.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia/nv-interface.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia/nv-kernel.o_binary %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d/nv-kernel.o - -# uvm -install kernel/nvidia-uvm.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia-uvm.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d - -# modeset -install kernel/nvidia-modeset.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia-modeset/nv-modeset-interface.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia-modeset/nv-modeset-kernel.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d - -# peermem -install kernel/nvidia-peermem.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia-peermem/nvidia-peermem.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d - -# drm -install kernel/nvidia-drm.mod.o %{buildroot}/%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia-drm.o %{buildroot}/%{_cross_datadir}/nvidia/tesla/module-objects.d - -# Binaries -install -m 755 nvidia-smi %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -install -m 755 nvidia-debugdump %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -install -m 755 nvidia-cuda-mps-control %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -install -m 755 nvidia-cuda-mps-server %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -%if "%{_cross_arch}" == "x86_64" -install -m 755 nvidia-ngx-updater %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -%endif - -# We install all the libraries, and filter them out in the 'files' section, so we can catch -# when new libraries are added -install -m 755 *.so* %{buildroot}/%{_cross_libdir}/nvidia/tesla/ - -# This library has the same SONAME as libEGL.so.1.1.0, this will cause collisions while -# the symlinks are created. For now, we only symlink libEGL.so.1.1.0. -EXCLUDED_LIBS="libEGL.so.%{tesla_ver}" - -for lib in $(find . -maxdepth 1 -type f -name 'lib*.so.*' -printf '%%P\n'); do - [[ "${EXCLUDED_LIBS}" =~ "${lib}" ]] && continue - soname="$(%{_cross_target}-readelf -d "${lib}" | awk '/SONAME/{print $5}' | tr -d '[]')" - [ -n "${soname}" ] || continue - [ "${lib}" == "${soname}" ] && continue - ln -s "${lib}" %{buildroot}/%{_cross_libdir}/nvidia/tesla/"${soname}" -done - -# Include the firmware file for GSP support -install -d %{buildroot}%{_cross_libdir}/firmware/nvidia/%{tesla_ver} -install -p -m 0644 firmware/gsp_ga10x.bin %{buildroot}%{_cross_libdir}/firmware/nvidia/%{tesla_ver} -install -p -m 0644 firmware/gsp_tu10x.bin %{buildroot}%{_cross_libdir}/firmware/nvidia/%{tesla_ver} - -popd - -# Begin NVIDIA fabric manager binaries and topologies -pushd fabricmanager-linux-%{fm_arch}-%{tesla_ver}-archive -install -p -m 0755 usr/bin/nv-fabricmanager %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -install -p -m 0755 usr/bin/nvswitch-audit %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin - -install -d %{buildroot}%{_cross_datadir}/nvidia/tesla/nvswitch -for t in usr/share/nvidia/nvswitch/*_topology ; do - install -p -m 0644 "${t}" %{buildroot}%{_cross_datadir}/nvidia/tesla/nvswitch -done - -popd - -%files -%{_cross_attribution_file} -%dir %{_cross_libexecdir}/nvidia -%dir %{_cross_libdir}/nvidia -%dir %{_cross_datadir}/nvidia -%dir %{_cross_libdir}/modules-load.d -%dir %{_cross_factorydir}%{_cross_sysconfdir}/drivers -%dir %{_cross_factorydir}%{_cross_sysconfdir}/nvidia -%{_cross_tmpfilesdir}/nvidia.conf -%{_cross_libdir}/modules-load.d/nvidia-dependencies.conf - -%files tesla-%{tesla_major} -%license NVidiaEULAforAWS.pdf -%license fabricmanager-linux-%{fm_arch}-%{tesla_ver}-archive/usr/share/doc/nvidia-fabricmanager/third-party-notices.txt -%dir %{_cross_datadir}/nvidia/tesla -%dir %{_cross_libexecdir}/nvidia/tesla/bin -%dir %{_cross_libdir}/nvidia/tesla -%dir %{_cross_libdir}/firmware/nvidia/%{tesla_ver} -%dir %{_cross_datadir}/nvidia/tesla/module-objects.d -%dir %{_cross_factorydir}/nvidia/tesla - -# Binaries -%{_cross_libexecdir}/nvidia/tesla/bin/nvidia-debugdump -%{_cross_libexecdir}/nvidia/tesla/bin/nvidia-smi -%{_cross_libexecdir}/nvidia/tesla/bin/nv-fabricmanager -%{_cross_libexecdir}/nvidia/tesla/bin/nvswitch-audit - -# nvswitch topologies -%dir %{_cross_datadir}/nvidia/tesla/nvswitch -%{_cross_datadir}/nvidia/tesla/nvswitch/dgxa100_hgxa100_topology -%{_cross_datadir}/nvidia/tesla/nvswitch/dgx2_hgx2_topology -%{_cross_datadir}/nvidia/tesla/nvswitch/dgxh100_hgxh100_topology -%{_cross_datadir}/nvidia/tesla/nvswitch/dgxh800_hgxh800_topology - -# Configuration files -%{_cross_factorydir}%{_cross_sysconfdir}/drivers/nvidia-tesla.toml -%{_cross_factorydir}%{_cross_sysconfdir}/ld.so.conf.d/nvidia-tesla.conf -%{_cross_factorydir}/nvidia/tesla/nvidia-path.env - -# driver -%{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia.mod.o -%{_cross_datadir}/nvidia/tesla/module-objects.d/nv-interface.o -%{_cross_datadir}/nvidia/tesla/module-objects.d/nv-kernel.o - -# uvm -%{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-uvm.mod.o -%{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-uvm.o - -# modeset -%{_cross_datadir}/nvidia/tesla/module-objects.d/nv-modeset-interface.o -%{_cross_datadir}/nvidia/tesla/module-objects.d/nv-modeset-kernel.o -%{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-modeset.mod.o - -# tmpfiles -%{_cross_tmpfilesdir}/nvidia-tesla.conf - -# We only install the libraries required by all the DRIVER_CAPABILITIES, described here: -# https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/user-guide.html#driver-capabilities - -# Utility libs -%{_cross_libdir}/nvidia/tesla/libnvidia-api.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-ml.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-ml.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-cfg.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-cfg.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-nvvm.so.4 -%{_cross_libdir}/nvidia/tesla/libnvidia-nvvm.so.%{tesla_ver} - -# Compute libs -%{_cross_libdir}/nvidia/tesla/libcuda.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libcuda.so.1 -%{_cross_libdir}/nvidia/tesla/libcudadebugger.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libcudadebugger.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-opencl.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-opencl.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-ptxjitcompiler.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-ptxjitcompiler.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-allocator.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-allocator.so.1 -%{_cross_libdir}/nvidia/tesla/libOpenCL.so.1.0.0 -%{_cross_libdir}/nvidia/tesla/libOpenCL.so.1 -%if "%{_cross_arch}" == "x86_64" -%{_cross_libdir}/nvidia/tesla/libnvidia-pkcs11.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-pkcs11-openssl3.so.%{tesla_ver} -%endif - -# Video libs -%{_cross_libdir}/nvidia/tesla/libvdpau_nvidia.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libvdpau_nvidia.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-encode.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-encode.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-opticalflow.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-opticalflow.so.1 -%{_cross_libdir}/nvidia/tesla/libnvcuvid.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvcuvid.so.1 - -# Graphics libs -%{_cross_libdir}/nvidia/tesla/libnvidia-eglcore.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-glcore.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-tls.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-glsi.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-rtcore.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-fbc.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-fbc.so.1 -%{_cross_libdir}/nvidia/tesla/libnvoptix.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvoptix.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-vulkan-producer.so.%{tesla_ver} - -# Graphics GLVND libs -%{_cross_libdir}/nvidia/tesla/libnvidia-glvkspirv.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libGLX_nvidia.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libGLX_nvidia.so.0 -%{_cross_libdir}/nvidia/tesla/libEGL_nvidia.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libEGL_nvidia.so.0 -%{_cross_libdir}/nvidia/tesla/libGLESv2_nvidia.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libGLESv2_nvidia.so.2 -%{_cross_libdir}/nvidia/tesla/libGLESv1_CM_nvidia.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libGLESv1_CM_nvidia.so.1 - -# Graphics compat -%{_cross_libdir}/nvidia/tesla/libEGL.so.1.1.0 -%{_cross_libdir}/nvidia/tesla/libEGL.so.1 -%{_cross_libdir}/nvidia/tesla/libEGL.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libGL.so.1.7.0 -%{_cross_libdir}/nvidia/tesla/libGL.so.1 -%{_cross_libdir}/nvidia/tesla/libGLESv1_CM.so.1.2.0 -%{_cross_libdir}/nvidia/tesla/libGLESv1_CM.so.1 -%{_cross_libdir}/nvidia/tesla/libGLESv2.so.2.1.0 -%{_cross_libdir}/nvidia/tesla/libGLESv2.so.2 - -# NGX -%{_cross_libdir}/nvidia/tesla/libnvidia-ngx.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-ngx.so.1 - -# Firmware -%{_cross_libdir}/firmware/nvidia/%{tesla_ver}/gsp_ga10x.bin -%{_cross_libdir}/firmware/nvidia/%{tesla_ver}/gsp_tu10x.bin - -# Neither nvidia-peermem nor nvidia-drm are included in driver container images, we exclude them -# for now, and we will add them if requested -%exclude %{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-peermem.mod.o -%exclude %{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-peermem.o -%exclude %{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-drm.mod.o -%exclude %{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-drm.o -%exclude %{_cross_libexecdir}/nvidia/tesla/bin/nvidia-cuda-mps-control -%exclude %{_cross_libexecdir}/nvidia/tesla/bin/nvidia-cuda-mps-server -%if "%{_cross_arch}" == "x86_64" -%exclude %{_cross_libexecdir}/nvidia/tesla/bin/nvidia-ngx-updater -%endif - -# None of these libraries are required by libnvidia-container, so they -# won't be used by a containerized workload -%exclude %{_cross_libdir}/nvidia/tesla/libGLX.so.0 -%exclude %{_cross_libdir}/nvidia/tesla/libGLdispatch.so.0 -%exclude %{_cross_libdir}/nvidia/tesla/libOpenGL.so.0 -%exclude %{_cross_libdir}/nvidia/tesla/libglxserver_nvidia.so.%{tesla_ver} -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-gtk2.so.%{tesla_ver} -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-gtk3.so.%{tesla_ver} -%exclude %{_cross_libdir}/nvidia/tesla/nvidia_drv.so -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-egl-wayland.so.1 -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-egl-gbm.so.1 -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-egl-gbm.so.1.1.0 -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-egl-wayland.so.1.1.11 -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-wayland-client.so.%{tesla_ver} - -%files fabricmanager -%{_cross_factorydir}%{_cross_sysconfdir}/nvidia/fabricmanager.cfg -%{_cross_unitdir}/nvidia-fabricmanager.service diff --git a/packages/kmod-5.15-nvidia/nvidia-dependencies-modules-load.conf b/packages/kmod-5.15-nvidia/nvidia-dependencies-modules-load.conf deleted file mode 100644 index 86f884a65e5..00000000000 --- a/packages/kmod-5.15-nvidia/nvidia-dependencies-modules-load.conf +++ /dev/null @@ -1,2 +0,0 @@ -i2c_core -ipmi_msghandler diff --git a/packages/kmod-5.15-nvidia/nvidia-fabricmanager.cfg b/packages/kmod-5.15-nvidia/nvidia-fabricmanager.cfg deleted file mode 100644 index f8dc08ea426..00000000000 --- a/packages/kmod-5.15-nvidia/nvidia-fabricmanager.cfg +++ /dev/null @@ -1,34 +0,0 @@ -# Modern, systemd-aware settings: -# - Log to journal via stderr -# - Keep running in the foreground -LOG_LEVEL=4 -LOG_FILE_NAME= -DAEMONIZE=0 - -# Use Unix domain sockets instead of localhost ports. -UNIX_SOCKET_PATH=/run/nvidia/fabricmanager.sock -FM_CMD_UNIX_SOCKET_PATH=/run/nvidia/fabricmanager-cmd.sock - -# Start Fabric Manager in bare metal or full pass through virtualization mode. -FABRIC_MODE=0 -FABRIC_MODE_RESTART=0 - -# Terminate on NVSwitch and GPU config failure. -FM_STAY_RESIDENT_ON_FAILURES=0 - -# When there is a GPU to NVSwitch NVLink failure, remove the GPU with the failure -# from NVLink P2P capability. -ACCESS_LINK_FAILURE_MODE=0 - -# When there is an NVSwitch to NVSwitch NVLink failure, exit Fabric Manager. -TRUNK_LINK_FAILURE_MODE=0 - -# When there is an NVSwitch failure or an NVSwitch is excluded, abort Fabric Manager. -NVSWITCH_FAILURE_MODE=0 - -# When Fabric Manager service is stopped or terminated, abort all running CUDA jobs. -ABORT_CUDA_JOBS_ON_FM_EXIT=1 - -# Path to topology and database files. -TOPOLOGY_FILE_PATH=/usr/share/nvidia/tesla/nvswitch -DATABASE_PATH=/usr/share/nvidia/tesla/nvswitch diff --git a/packages/kmod-5.15-nvidia/nvidia-fabricmanager.service b/packages/kmod-5.15-nvidia/nvidia-fabricmanager.service deleted file mode 100644 index 62ae1368d64..00000000000 --- a/packages/kmod-5.15-nvidia/nvidia-fabricmanager.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=NVIDIA fabric manager service - -[Service] -ExecStart=/usr/libexec/nvidia/tesla/bin/nv-fabricmanager -c /etc/nvidia/fabricmanager.cfg -Type=simple -TimeoutSec=0 -RestartSec=5 -Restart=always -RemainAfterExit=true -StandardError=journal+console -SuccessExitStatus=255 -LimitCORE=infinity - -[Install] -WantedBy=multi-user.target diff --git a/packages/kmod-5.15-nvidia/nvidia-ld.so.conf.in b/packages/kmod-5.15-nvidia/nvidia-ld.so.conf.in deleted file mode 100644 index f992bf22602..00000000000 --- a/packages/kmod-5.15-nvidia/nvidia-ld.so.conf.in +++ /dev/null @@ -1 +0,0 @@ -__LIBDIR__/nvidia/tesla/ diff --git a/packages/kmod-5.15-nvidia/nvidia-tesla-build-config.toml.in b/packages/kmod-5.15-nvidia/nvidia-tesla-build-config.toml.in deleted file mode 100644 index fb74dc51fe5..00000000000 --- a/packages/kmod-5.15-nvidia/nvidia-tesla-build-config.toml.in +++ /dev/null @@ -1,18 +0,0 @@ -[nvidia-tesla] -lib-modules-path = "kernel/drivers/extra/video/nvidia/tesla" -objects-source = "__NVIDIA_MODULES__" - -[nvidia-tesla.object-files."nvidia.o"] -link-objects = ["nv-interface.o", "nv-kernel.o"] - -[nvidia-tesla.kernel-modules."nvidia.ko"] -link-objects = ["nvidia.o", "nvidia.mod.o"] - -[nvidia-tesla.object-files."nvidia-modeset.o"] -link-objects = ["nv-modeset-interface.o", "nv-modeset-kernel.o"] - -[nvidia-tesla.kernel-modules."nvidia-modeset.ko"] -link-objects = ["nvidia-modeset.o", "nvidia-modeset.mod.o"] - -[nvidia-tesla.kernel-modules."nvidia-uvm.ko"] -link-objects = ["nvidia-uvm.o", "nvidia-uvm.mod.o"] diff --git a/packages/kmod-5.15-nvidia/nvidia-tesla-path.env.in b/packages/kmod-5.15-nvidia/nvidia-tesla-path.env.in deleted file mode 100644 index 28f74deb7c6..00000000000 --- a/packages/kmod-5.15-nvidia/nvidia-tesla-path.env.in +++ /dev/null @@ -1 +0,0 @@ -NVIDIA_PATH=__NVIDIA_BINDIR__ diff --git a/packages/kmod-5.15-nvidia/nvidia-tesla-tmpfiles.conf b/packages/kmod-5.15-nvidia/nvidia-tesla-tmpfiles.conf deleted file mode 100644 index ddcac3e471e..00000000000 --- a/packages/kmod-5.15-nvidia/nvidia-tesla-tmpfiles.conf +++ /dev/null @@ -1,3 +0,0 @@ -C /etc/drivers/nvidia-tesla.toml -C /etc/containerd/nvidia.env - - - - /usr/share/factory/nvidia/tesla/nvidia-path.env -C /etc/ld.so.conf.d/nvidia-tesla.conf diff --git a/packages/kmod-5.15-nvidia/nvidia-tmpfiles.conf.in b/packages/kmod-5.15-nvidia/nvidia-tmpfiles.conf.in deleted file mode 100644 index 2bee2471943..00000000000 --- a/packages/kmod-5.15-nvidia/nvidia-tmpfiles.conf.in +++ /dev/null @@ -1,4 +0,0 @@ -R __PREFIX__/lib/modules/__KERNEL_VERSION__/kernel/drivers/extra/video/nvidia/tesla - - - - - -d __PREFIX__/lib/modules/__KERNEL_VERSION__/kernel/drivers/extra/video/nvidia/tesla 0755 root root - - -C /etc/nvidia/fabricmanager.cfg - - - - -d /run/nvidia 0700 root root - diff --git a/packages/kmod-6.1-neuron/Cargo.toml b/packages/kmod-6.1-neuron/Cargo.toml deleted file mode 100644 index 32e69917313..00000000000 --- a/packages/kmod-6.1-neuron/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "kmod-6_1-neuron" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kmod-6.1-neuron" -releases-url = "https://awsdocs-neuron.readthedocs-hosted.com/en/latest/release-notes/runtime/aws-neuronx-dkms/index.html" - -[[package.metadata.build-package.external-files]] -url = "https://yum.repos.neuron.amazonaws.com/aws-neuronx-dkms-2.16.7.0.noarch.rpm" -sha512 = "8e66feb4051af31321c08b6663a950172da65c4e5b432c0b5609785be34ccb193c0eb50c9aadfeec8b6410ccbe05264a3fb6fc7cb66dc87b172bc5be5c4d92d0" - -[build-dependencies] -kernel-6_1 = { path = "../kernel-6.1" } diff --git a/packages/kmod-6.1-neuron/kmod-6.1-neuron.spec b/packages/kmod-6.1-neuron/kmod-6.1-neuron.spec deleted file mode 100644 index fec667013ef..00000000000 --- a/packages/kmod-6.1-neuron/kmod-6.1-neuron.spec +++ /dev/null @@ -1,58 +0,0 @@ -Name: %{_cross_os}kmod-6.1-neuron -Version: 2.16.7.0 -Release: 1%{?dist} -Summary: Neuron drivers for the 6.1 kernel -License: GPL-2.0-only -URL: https://awsdocs-neuron.readthedocs-hosted.com/en/latest/ - -Source0: https://yum.repos.neuron.amazonaws.com/aws-neuronx-dkms-%{version}.noarch.rpm -Source1: neuron-modules-load.conf -Source2: neuron-systemd-modules-load.drop-in.conf - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}kernel-6.1-archive - -%description -%{summary}. - -%prep -rpm2cpio %{SOURCE0} | cpio -idmv -tar -xf %{_cross_datadir}/bottlerocket/kernel-devel.tar.xz - -%global neuron_sources usr/src/aws-neuronx-%{version} -%global kernel_sources %{_builddir}/kernel-devel - -%build -pushd %{_builddir}/%{neuron_sources} -%make_build \ - -C %{kernel_sources} \ - M=${PWD} \ - ARCH=%{_cross_karch} \ - CROSS_COMPILE=%{_cross_target}- \ - INSTALL_MOD_STRIP=1 \ - %{nil} -gzip -9 neuron.ko -popd - -%install -pushd %{_builddir}/%{neuron_sources} -export KVER="$(cat %{kernel_sources}/include/config/kernel.release)" -export KMODDIR="%{_cross_libdir}/modules/${KVER}/extra" -install -d "%{buildroot}${KMODDIR}" -install -p -m 0644 neuron.ko.gz "%{buildroot}${KMODDIR}" -popd - -# Install modules-load.d drop-in to autoload required kernel modules -install -d %{buildroot}%{_cross_libdir}/modules-load.d -install -p -m 0644 %{S:1} %{buildroot}%{_cross_libdir}/modules-load.d/neuron.conf - -# Install systemd-modules-load drop-in to ensure that depmod runs. -install -d %{buildroot}%{_cross_unitdir}/systemd-modules-load.service.d -install -p -m 0644 %{S:2} %{buildroot}%{_cross_unitdir}/systemd-modules-load.service.d/neuron.conf - -%files -%license %{neuron_sources}/LICENSE -%{_cross_attribution_file} -%{_cross_libdir}/modules/*/extra/neuron.ko.gz -%{_cross_libdir}/modules-load.d/neuron.conf -%{_cross_unitdir}/systemd-modules-load.service.d/neuron.conf diff --git a/packages/kmod-6.1-neuron/latest-srpm-url.sh b/packages/kmod-6.1-neuron/latest-srpm-url.sh deleted file mode 100755 index 5bb6c85ec9c..00000000000 --- a/packages/kmod-6.1-neuron/latest-srpm-url.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh -cmd=" -dnf install -q -y --releasever=latest yum-utils && -dnf download -q --repofrompath neuron,https://yum.repos.neuron.amazonaws.com --repo=neuron --urls aws-neuronx-dkms -" -docker run --rm amazonlinux:2023 bash -c "${cmd}" \ - | grep '^http' \ - | xargs --max-args=1 --no-run-if-empty realpath --canonicalize-missing --relative-to=. \ - | sed 's_:/_://_' diff --git a/packages/kmod-6.1-neuron/neuron-modules-load.conf b/packages/kmod-6.1-neuron/neuron-modules-load.conf deleted file mode 100644 index aba019c2e22..00000000000 --- a/packages/kmod-6.1-neuron/neuron-modules-load.conf +++ /dev/null @@ -1 +0,0 @@ -neuron diff --git a/packages/kmod-6.1-neuron/neuron-systemd-modules-load.drop-in.conf b/packages/kmod-6.1-neuron/neuron-systemd-modules-load.drop-in.conf deleted file mode 100644 index 0b1302960d1..00000000000 --- a/packages/kmod-6.1-neuron/neuron-systemd-modules-load.drop-in.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -ExecStartPre=-/usr/bin/depmod diff --git a/packages/kmod-6.1-nvidia/.gitignore b/packages/kmod-6.1-nvidia/.gitignore deleted file mode 100644 index 64d9ed83a0e..00000000000 --- a/packages/kmod-6.1-nvidia/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -NVidiaEULAforAWS.pdf -*.rpm diff --git a/packages/kmod-6.1-nvidia/Cargo.toml b/packages/kmod-6.1-nvidia/Cargo.toml deleted file mode 100644 index a105eef21de..00000000000 --- a/packages/kmod-6.1-nvidia/Cargo.toml +++ /dev/null @@ -1,41 +0,0 @@ -[package] -name = "kmod-6_1-nvidia" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kmod-6.1-nvidia" -releases-url = "https://docs.nvidia.com/datacenter/tesla/" - -[[package.metadata.build-package.external-files]] -url = "https://s3.amazonaws.com/EULA/NVidiaEULAforAWS.pdf" -sha512 = "e1926fe99afc3ab5b2f2744fcd53b4046465aefb2793e2e06c4a19455a3fde895e00af1415ff1a5804c32e6a2ed0657e475de63da6c23a0e9c59feeef52f3f58" - -[[package.metadata.build-package.external-files]] -url = "https://us.download.nvidia.com/tesla/535.183.01/NVIDIA-Linux-x86_64-535.183.01.run" -sha512 = "02b6b679f4fc1d5305f32fca8ce0875eef04cb99f5611d0bb85ac7607ecdd5b2aa4d60b51bf47546477464531a07fffa5bf3db3859868648bd5e86565d85afbb" -force-upstream = true - -[[package.metadata.build-package.external-files]] -url = "https://us.download.nvidia.com/tesla/535.183.01/NVIDIA-Linux-aarch64-535.183.01.run" -sha512 = "d2ac1be8c19b359023c31941374911f3adfe1be34aa2821ef582df4c854ac4eefbbcb10aa22583ac8c9d5caf9326bda12ed1ce6343d67479ed37a4887bd17b5e" -force-upstream = true - -[[package.metadata.build-package.external-files]] -url = "https://developer.download.nvidia.com/compute/cuda/repos/rhel9/x86_64/nvidia-fabric-manager-535.183.01-1.x86_64.rpm" -sha512 = "d52879d1e552b949a529ede9c4ce3e7b66af0df96e8f43906f211673b99815561c83a7c382be17950b1308457ca496ce49adca41766f808cc5a340471353494b" -force-upstream = true - -[[package.metadata.build-package.external-files]] -url = "https://developer.download.nvidia.com/compute/cuda/repos/rhel9/sbsa/nvidia-fabric-manager-535.183.01-1.aarch64.rpm" -sha512 = "75e1d306b9aa6cc8737bce50f39dc641f64de6a944c50f2c9706345c656f203c4706414dcb51def7671f0fd02fd18605aa3d62958b690d2705cb7011c54ff48e" -force-upstream = true - -[build-dependencies] -glibc = { path = "../glibc" } -kernel-6_1 = { path = "../kernel-6.1" } diff --git a/packages/kmod-6.1-nvidia/kmod-6.1-nvidia.spec b/packages/kmod-6.1-nvidia/kmod-6.1-nvidia.spec deleted file mode 100644 index 4f5b149bcaf..00000000000 --- a/packages/kmod-6.1-nvidia/kmod-6.1-nvidia.spec +++ /dev/null @@ -1,394 +0,0 @@ -%global tesla_major 535 -%global tesla_minor 183 -%global tesla_patch 01 -%global tesla_ver %{tesla_major}.%{tesla_minor}.%{tesla_patch} -%if "%{?_cross_arch}" == "aarch64" -%global fm_arch sbsa -%else -%global fm_arch %{_cross_arch} -%endif - -# With the split of the firmware binary from firmware/gsp.bin to firmware/gsp_ga10x.bin -# and firmware/gsp_tu10x.bin the file format changed from executable to relocatable. -# The __spec_install_post macro will by default try to strip all binary files. -# Unfortunately the strip used is not compatible with the new file format. -# Redefine strip, so that these firmware binaries do not derail the build. -%global __strip /usr/bin/true - -Name: %{_cross_os}kmod-6.1-nvidia -Version: 1.0.0 -Release: 1%{?dist} -Summary: NVIDIA drivers for the 6.1 kernel -# We use these licences because we only ship our own software in the main package, -# each subpackage includes the LICENSE file provided by the Licenses.toml file -License: Apache-2.0 OR MIT -URL: http://www.nvidia.com/ - -# NVIDIA archives from 0 to 199 -# NVIDIA .run scripts for kernel and userspace drivers -Source0: https://us.download.nvidia.com/tesla/%{tesla_ver}/NVIDIA-Linux-x86_64-%{tesla_ver}.run -Source1: https://us.download.nvidia.com/tesla/%{tesla_ver}/NVIDIA-Linux-aarch64-%{tesla_ver}.run -Source2: NVidiaEULAforAWS.pdf - -# fabricmanager for NVSwitch -Source10: https://developer.download.nvidia.com/compute/cuda/repos/rhel9/x86_64/nvidia-fabric-manager-%{tesla_ver}-1.x86_64.rpm -Source11: https://developer.download.nvidia.com/compute/cuda/repos/rhel9/sbsa/nvidia-fabric-manager-%{tesla_ver}-1.aarch64.rpm - -# Common NVIDIA conf files from 200 to 299 -Source200: nvidia-tmpfiles.conf.in -Source202: nvidia-dependencies-modules-load.conf -Source203: nvidia-fabricmanager.service -Source204: nvidia-fabricmanager.cfg - -# NVIDIA tesla conf files from 300 to 399 -Source300: nvidia-tesla-tmpfiles.conf -Source301: nvidia-tesla-build-config.toml.in -Source302: nvidia-tesla-path.env.in -Source303: nvidia-ld.so.conf.in - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}kernel-6.1-archive - -%description -%{summary}. - -%package fabricmanager -Summary: NVIDIA fabricmanager config and service files -Requires: %{name}-tesla(fabricmanager) - -%description fabricmanager -%{summary}. - -%package tesla-%{tesla_major} -Summary: NVIDIA %{tesla_major} Tesla driver -Version: %{tesla_ver} -License: LicenseRef-NVIDIA-AWS-EULA -Requires: %{_cross_os}variant-platform(aws) -Requires: %{name} -Requires: %{name}-fabricmanager -Provides: %{name}-tesla(fabricmanager) - -%description tesla-%{tesla_major} -%{summary} - -%prep -# Extract nvidia sources with `-x`, otherwise the script will try to install -# the driver in the current run -sh %{_sourcedir}/NVIDIA-Linux-%{_cross_arch}-%{tesla_ver}.run -x - -# Extract fabricmanager from the rpm via cpio rather than `%%setup` since the -# correct source is architecture-dependent. -mkdir fabricmanager-linux-%{fm_arch}-%{tesla_ver}-archive -rpm2cpio %{_sourcedir}/nvidia-fabric-manager-%{tesla_ver}-1.%{_cross_arch}.rpm | cpio -idmV -D fabricmanager-linux-%{fm_arch}-%{tesla_ver}-archive - -# Add the license. -install -p -m 0644 %{S:2} . - -%global kernel_sources %{_builddir}/kernel-devel -tar -xf %{_cross_datadir}/bottlerocket/kernel-devel.tar.xz - -%build -pushd NVIDIA-Linux-%{_cross_arch}-%{tesla_ver}/kernel - -# This recipe was based in the NVIDIA yum/dnf specs: -# https://github.com/NVIDIA/yum-packaging-precompiled-kmod - -# We set IGNORE_CC_MISMATCH even though we are using the same compiler used to compile the kernel, if -# we don't set this flag the compilation fails -make %{?_smp_mflags} ARCH=%{_cross_karch} IGNORE_CC_MISMATCH=1 SYSSRC=%{kernel_sources} CC=%{_cross_target}-gcc LD=%{_cross_target}-ld - -%{_cross_target}-strip -g --strip-unneeded nvidia/nv-interface.o -%{_cross_target}-strip -g --strip-unneeded nvidia-uvm.o -%{_cross_target}-strip -g --strip-unneeded nvidia-drm.o -%{_cross_target}-strip -g --strip-unneeded nvidia-peermem/nvidia-peermem.o -%{_cross_target}-strip -g --strip-unneeded nvidia-modeset/nv-modeset-interface.o - -# We delete these files since we just stripped the input .o files above, and -# will be build at runtime in the host -rm nvidia{,-modeset,-peermem}.o - -# Delete the .ko files created in make command, just to be safe that we -# don't include any linked module in the base image -rm nvidia{,-modeset,-peermem,-drm}.ko - -popd - -%install -install -d %{buildroot}%{_cross_libexecdir} -install -d %{buildroot}%{_cross_libdir} -install -d %{buildroot}%{_cross_tmpfilesdir} -install -d %{buildroot}%{_cross_unitdir} -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/{drivers,ld.so.conf.d} - -KERNEL_VERSION=$(cat %{kernel_sources}/include/config/kernel.release) -sed \ - -e "s|__KERNEL_VERSION__|${KERNEL_VERSION}|" \ - -e "s|__PREFIX__|%{_cross_prefix}|" %{S:200} > nvidia.conf -install -p -m 0644 nvidia.conf %{buildroot}%{_cross_tmpfilesdir} - -# Install modules-load.d drop-in to autoload required kernel modules -install -d %{buildroot}%{_cross_libdir}/modules-load.d -install -p -m 0644 %{S:202} %{buildroot}%{_cross_libdir}/modules-load.d/nvidia-dependencies.conf - -# NVIDIA fabric manager service unit and config -install -p -m 0644 %{S:203} %{buildroot}%{_cross_unitdir} -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/nvidia -install -p -m 0644 %{S:204} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/nvidia/fabricmanager.cfg - -# Begin NVIDIA tesla driver -pushd NVIDIA-Linux-%{_cross_arch}-%{tesla_ver} -# We install bins and libs in a versioned directory to prevent collisions with future drivers versions -install -d %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -install -d %{buildroot}%{_cross_libdir}/nvidia/tesla -install -d %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install -d %{buildroot}%{_cross_factorydir}/nvidia/tesla - -install -m 0644 %{S:300} %{buildroot}%{_cross_tmpfilesdir}/nvidia-tesla.conf -sed -e 's|__NVIDIA_MODULES__|%{_cross_datadir}/nvidia/tesla/module-objects.d/|' %{S:301} > \ - nvidia-tesla.toml -install -m 0644 nvidia-tesla.toml %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/drivers -# Install nvidia-path environment file, will be used as a drop-in for containerd.service since -# libnvidia-container locates and mounts helper binaries into the containers from either -# `PATH` or `NVIDIA_PATH` -sed -e 's|__NVIDIA_BINDIR__|%{_cross_libexecdir}/nvidia/tesla/bin|' %{S:302} > nvidia-path.env -install -m 0644 nvidia-path.env %{buildroot}%{_cross_factorydir}/nvidia/tesla -# We need to add `_cross_libdir` to the paths loaded by the ldconfig service -# because libnvidia-container uses the `ldcache` file created by the service, to locate and mount the -# libraries into the containers -sed -e 's|__LIBDIR__|%{_cross_libdir}|' %{S:303} > nvidia-tesla.conf -install -m 0644 nvidia-tesla.conf %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/ld.so.conf.d/ - -# driver -install kernel/nvidia.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia/nv-interface.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia/nv-kernel.o_binary %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d/nv-kernel.o - -# uvm -install kernel/nvidia-uvm.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia-uvm.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d - -# modeset -install kernel/nvidia-modeset.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia-modeset/nv-modeset-interface.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia-modeset/nv-modeset-kernel.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d - -# peermem -install kernel/nvidia-peermem.mod.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia-peermem/nvidia-peermem.o %{buildroot}%{_cross_datadir}/nvidia/tesla/module-objects.d - -# drm -install kernel/nvidia-drm.mod.o %{buildroot}/%{_cross_datadir}/nvidia/tesla/module-objects.d -install kernel/nvidia-drm.o %{buildroot}/%{_cross_datadir}/nvidia/tesla/module-objects.d - -# Binaries -install -m 755 nvidia-smi %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -install -m 755 nvidia-debugdump %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -install -m 755 nvidia-cuda-mps-control %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -install -m 755 nvidia-cuda-mps-server %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -%if "%{_cross_arch}" == "x86_64" -install -m 755 nvidia-ngx-updater %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -%endif - -# We install all the libraries, and filter them out in the 'files' section, so we can catch -# when new libraries are added -install -m 755 *.so* %{buildroot}/%{_cross_libdir}/nvidia/tesla/ - -# This library has the same SONAME as libEGL.so.1.1.0, this will cause collisions while -# the symlinks are created. For now, we only symlink libEGL.so.1.1.0. -EXCLUDED_LIBS="libEGL.so.%{tesla_ver}" - -for lib in $(find . -maxdepth 1 -type f -name 'lib*.so.*' -printf '%%P\n'); do - [[ "${EXCLUDED_LIBS}" =~ "${lib}" ]] && continue - soname="$(%{_cross_target}-readelf -d "${lib}" | awk '/SONAME/{print $5}' | tr -d '[]')" - [ -n "${soname}" ] || continue - [ "${lib}" == "${soname}" ] && continue - ln -s "${lib}" %{buildroot}/%{_cross_libdir}/nvidia/tesla/"${soname}" -done - -# Include the firmware file for GSP support -install -d %{buildroot}%{_cross_libdir}/firmware/nvidia/%{tesla_ver} -install -p -m 0644 firmware/gsp_ga10x.bin %{buildroot}%{_cross_libdir}/firmware/nvidia/%{tesla_ver} -install -p -m 0644 firmware/gsp_tu10x.bin %{buildroot}%{_cross_libdir}/firmware/nvidia/%{tesla_ver} - -popd - -# Begin NVIDIA fabric manager binaries and topologies -pushd fabricmanager-linux-%{fm_arch}-%{tesla_ver}-archive -install -p -m 0755 usr/bin/nv-fabricmanager %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin -install -p -m 0755 usr/bin/nvswitch-audit %{buildroot}%{_cross_libexecdir}/nvidia/tesla/bin - -install -d %{buildroot}%{_cross_datadir}/nvidia/tesla/nvswitch -for t in usr/share/nvidia/nvswitch/*_topology ; do - install -p -m 0644 "${t}" %{buildroot}%{_cross_datadir}/nvidia/tesla/nvswitch -done - -popd - -%files -%{_cross_attribution_file} -%dir %{_cross_libexecdir}/nvidia -%dir %{_cross_libdir}/nvidia -%dir %{_cross_datadir}/nvidia -%dir %{_cross_libdir}/modules-load.d -%dir %{_cross_factorydir}%{_cross_sysconfdir}/drivers -%dir %{_cross_factorydir}%{_cross_sysconfdir}/nvidia -%{_cross_tmpfilesdir}/nvidia.conf -%{_cross_libdir}/modules-load.d/nvidia-dependencies.conf - -%files tesla-%{tesla_major} -%license NVidiaEULAforAWS.pdf -%license fabricmanager-linux-%{fm_arch}-%{tesla_ver}-archive/usr/share/doc/nvidia-fabricmanager/third-party-notices.txt -%dir %{_cross_datadir}/nvidia/tesla -%dir %{_cross_libexecdir}/nvidia/tesla/bin -%dir %{_cross_libdir}/nvidia/tesla -%dir %{_cross_libdir}/firmware/nvidia/%{tesla_ver} -%dir %{_cross_datadir}/nvidia/tesla/module-objects.d -%dir %{_cross_factorydir}/nvidia/tesla - -# Binaries -%{_cross_libexecdir}/nvidia/tesla/bin/nvidia-debugdump -%{_cross_libexecdir}/nvidia/tesla/bin/nvidia-smi -%{_cross_libexecdir}/nvidia/tesla/bin/nv-fabricmanager -%{_cross_libexecdir}/nvidia/tesla/bin/nvswitch-audit - -# nvswitch topologies -%dir %{_cross_datadir}/nvidia/tesla/nvswitch -%{_cross_datadir}/nvidia/tesla/nvswitch/dgxa100_hgxa100_topology -%{_cross_datadir}/nvidia/tesla/nvswitch/dgx2_hgx2_topology -%{_cross_datadir}/nvidia/tesla/nvswitch/dgxh100_hgxh100_topology -%{_cross_datadir}/nvidia/tesla/nvswitch/dgxh800_hgxh800_topology - -# Configuration files -%{_cross_factorydir}%{_cross_sysconfdir}/drivers/nvidia-tesla.toml -%{_cross_factorydir}%{_cross_sysconfdir}/ld.so.conf.d/nvidia-tesla.conf -%{_cross_factorydir}/nvidia/tesla/nvidia-path.env - -# driver -%{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia.mod.o -%{_cross_datadir}/nvidia/tesla/module-objects.d/nv-interface.o -%{_cross_datadir}/nvidia/tesla/module-objects.d/nv-kernel.o - -# uvm -%{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-uvm.mod.o -%{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-uvm.o - -# modeset -%{_cross_datadir}/nvidia/tesla/module-objects.d/nv-modeset-interface.o -%{_cross_datadir}/nvidia/tesla/module-objects.d/nv-modeset-kernel.o -%{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-modeset.mod.o - -# tmpfiles -%{_cross_tmpfilesdir}/nvidia-tesla.conf - -# We only install the libraries required by all the DRIVER_CAPABILITIES, described here: -# https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/user-guide.html#driver-capabilities - -# Utility libs -%{_cross_libdir}/nvidia/tesla/libnvidia-api.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-ml.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-ml.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-cfg.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-cfg.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-nvvm.so.4 -%{_cross_libdir}/nvidia/tesla/libnvidia-nvvm.so.%{tesla_ver} - -# Compute libs -%{_cross_libdir}/nvidia/tesla/libcuda.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libcuda.so.1 -%{_cross_libdir}/nvidia/tesla/libcudadebugger.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libcudadebugger.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-opencl.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-opencl.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-ptxjitcompiler.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-ptxjitcompiler.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-allocator.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-allocator.so.1 -%{_cross_libdir}/nvidia/tesla/libOpenCL.so.1.0.0 -%{_cross_libdir}/nvidia/tesla/libOpenCL.so.1 -%if "%{_cross_arch}" == "x86_64" -%{_cross_libdir}/nvidia/tesla/libnvidia-pkcs11.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-pkcs11-openssl3.so.%{tesla_ver} -%endif - -# Video libs -%{_cross_libdir}/nvidia/tesla/libvdpau_nvidia.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libvdpau_nvidia.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-encode.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-encode.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-opticalflow.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-opticalflow.so.1 -%{_cross_libdir}/nvidia/tesla/libnvcuvid.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvcuvid.so.1 - -# Graphics libs -%{_cross_libdir}/nvidia/tesla/libnvidia-eglcore.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-glcore.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-tls.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-glsi.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-rtcore.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-fbc.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-fbc.so.1 -%{_cross_libdir}/nvidia/tesla/libnvoptix.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvoptix.so.1 -%{_cross_libdir}/nvidia/tesla/libnvidia-vulkan-producer.so.%{tesla_ver} - -# Graphics GLVND libs -%{_cross_libdir}/nvidia/tesla/libnvidia-glvkspirv.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libGLX_nvidia.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libGLX_nvidia.so.0 -%{_cross_libdir}/nvidia/tesla/libEGL_nvidia.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libEGL_nvidia.so.0 -%{_cross_libdir}/nvidia/tesla/libGLESv2_nvidia.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libGLESv2_nvidia.so.2 -%{_cross_libdir}/nvidia/tesla/libGLESv1_CM_nvidia.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libGLESv1_CM_nvidia.so.1 - -# Graphics compat -%{_cross_libdir}/nvidia/tesla/libEGL.so.1.1.0 -%{_cross_libdir}/nvidia/tesla/libEGL.so.1 -%{_cross_libdir}/nvidia/tesla/libEGL.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libGL.so.1.7.0 -%{_cross_libdir}/nvidia/tesla/libGL.so.1 -%{_cross_libdir}/nvidia/tesla/libGLESv1_CM.so.1.2.0 -%{_cross_libdir}/nvidia/tesla/libGLESv1_CM.so.1 -%{_cross_libdir}/nvidia/tesla/libGLESv2.so.2.1.0 -%{_cross_libdir}/nvidia/tesla/libGLESv2.so.2 - -# NGX -%{_cross_libdir}/nvidia/tesla/libnvidia-ngx.so.%{tesla_ver} -%{_cross_libdir}/nvidia/tesla/libnvidia-ngx.so.1 - -# Firmware -%{_cross_libdir}/firmware/nvidia/%{tesla_ver}/gsp_ga10x.bin -%{_cross_libdir}/firmware/nvidia/%{tesla_ver}/gsp_tu10x.bin - -# Neither nvidia-peermem nor nvidia-drm are included in driver container images, we exclude them -# for now, and we will add them if requested -%exclude %{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-peermem.mod.o -%exclude %{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-peermem.o -%exclude %{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-drm.mod.o -%exclude %{_cross_datadir}/nvidia/tesla/module-objects.d/nvidia-drm.o -%exclude %{_cross_libexecdir}/nvidia/tesla/bin/nvidia-cuda-mps-control -%exclude %{_cross_libexecdir}/nvidia/tesla/bin/nvidia-cuda-mps-server -%if "%{_cross_arch}" == "x86_64" -%exclude %{_cross_libexecdir}/nvidia/tesla/bin/nvidia-ngx-updater -%endif - -# None of these libraries are required by libnvidia-container, so they -# won't be used by a containerized workload -%exclude %{_cross_libdir}/nvidia/tesla/libGLX.so.0 -%exclude %{_cross_libdir}/nvidia/tesla/libGLdispatch.so.0 -%exclude %{_cross_libdir}/nvidia/tesla/libOpenGL.so.0 -%exclude %{_cross_libdir}/nvidia/tesla/libglxserver_nvidia.so.%{tesla_ver} -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-gtk2.so.%{tesla_ver} -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-gtk3.so.%{tesla_ver} -%exclude %{_cross_libdir}/nvidia/tesla/nvidia_drv.so -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-egl-wayland.so.1 -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-egl-gbm.so.1 -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-egl-gbm.so.1.1.0 -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-egl-wayland.so.1.1.11 -%exclude %{_cross_libdir}/nvidia/tesla/libnvidia-wayland-client.so.%{tesla_ver} - -%files fabricmanager -%{_cross_factorydir}%{_cross_sysconfdir}/nvidia/fabricmanager.cfg -%{_cross_unitdir}/nvidia-fabricmanager.service diff --git a/packages/kmod-6.1-nvidia/nvidia-dependencies-modules-load.conf b/packages/kmod-6.1-nvidia/nvidia-dependencies-modules-load.conf deleted file mode 100644 index 86f884a65e5..00000000000 --- a/packages/kmod-6.1-nvidia/nvidia-dependencies-modules-load.conf +++ /dev/null @@ -1,2 +0,0 @@ -i2c_core -ipmi_msghandler diff --git a/packages/kmod-6.1-nvidia/nvidia-fabricmanager.cfg b/packages/kmod-6.1-nvidia/nvidia-fabricmanager.cfg deleted file mode 100644 index f8dc08ea426..00000000000 --- a/packages/kmod-6.1-nvidia/nvidia-fabricmanager.cfg +++ /dev/null @@ -1,34 +0,0 @@ -# Modern, systemd-aware settings: -# - Log to journal via stderr -# - Keep running in the foreground -LOG_LEVEL=4 -LOG_FILE_NAME= -DAEMONIZE=0 - -# Use Unix domain sockets instead of localhost ports. -UNIX_SOCKET_PATH=/run/nvidia/fabricmanager.sock -FM_CMD_UNIX_SOCKET_PATH=/run/nvidia/fabricmanager-cmd.sock - -# Start Fabric Manager in bare metal or full pass through virtualization mode. -FABRIC_MODE=0 -FABRIC_MODE_RESTART=0 - -# Terminate on NVSwitch and GPU config failure. -FM_STAY_RESIDENT_ON_FAILURES=0 - -# When there is a GPU to NVSwitch NVLink failure, remove the GPU with the failure -# from NVLink P2P capability. -ACCESS_LINK_FAILURE_MODE=0 - -# When there is an NVSwitch to NVSwitch NVLink failure, exit Fabric Manager. -TRUNK_LINK_FAILURE_MODE=0 - -# When there is an NVSwitch failure or an NVSwitch is excluded, abort Fabric Manager. -NVSWITCH_FAILURE_MODE=0 - -# When Fabric Manager service is stopped or terminated, abort all running CUDA jobs. -ABORT_CUDA_JOBS_ON_FM_EXIT=1 - -# Path to topology and database files. -TOPOLOGY_FILE_PATH=/usr/share/nvidia/tesla/nvswitch -DATABASE_PATH=/usr/share/nvidia/tesla/nvswitch diff --git a/packages/kmod-6.1-nvidia/nvidia-fabricmanager.service b/packages/kmod-6.1-nvidia/nvidia-fabricmanager.service deleted file mode 100644 index 62ae1368d64..00000000000 --- a/packages/kmod-6.1-nvidia/nvidia-fabricmanager.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=NVIDIA fabric manager service - -[Service] -ExecStart=/usr/libexec/nvidia/tesla/bin/nv-fabricmanager -c /etc/nvidia/fabricmanager.cfg -Type=simple -TimeoutSec=0 -RestartSec=5 -Restart=always -RemainAfterExit=true -StandardError=journal+console -SuccessExitStatus=255 -LimitCORE=infinity - -[Install] -WantedBy=multi-user.target diff --git a/packages/kmod-6.1-nvidia/nvidia-ld.so.conf.in b/packages/kmod-6.1-nvidia/nvidia-ld.so.conf.in deleted file mode 100644 index f992bf22602..00000000000 --- a/packages/kmod-6.1-nvidia/nvidia-ld.so.conf.in +++ /dev/null @@ -1 +0,0 @@ -__LIBDIR__/nvidia/tesla/ diff --git a/packages/kmod-6.1-nvidia/nvidia-tesla-build-config.toml.in b/packages/kmod-6.1-nvidia/nvidia-tesla-build-config.toml.in deleted file mode 100644 index fb74dc51fe5..00000000000 --- a/packages/kmod-6.1-nvidia/nvidia-tesla-build-config.toml.in +++ /dev/null @@ -1,18 +0,0 @@ -[nvidia-tesla] -lib-modules-path = "kernel/drivers/extra/video/nvidia/tesla" -objects-source = "__NVIDIA_MODULES__" - -[nvidia-tesla.object-files."nvidia.o"] -link-objects = ["nv-interface.o", "nv-kernel.o"] - -[nvidia-tesla.kernel-modules."nvidia.ko"] -link-objects = ["nvidia.o", "nvidia.mod.o"] - -[nvidia-tesla.object-files."nvidia-modeset.o"] -link-objects = ["nv-modeset-interface.o", "nv-modeset-kernel.o"] - -[nvidia-tesla.kernel-modules."nvidia-modeset.ko"] -link-objects = ["nvidia-modeset.o", "nvidia-modeset.mod.o"] - -[nvidia-tesla.kernel-modules."nvidia-uvm.ko"] -link-objects = ["nvidia-uvm.o", "nvidia-uvm.mod.o"] diff --git a/packages/kmod-6.1-nvidia/nvidia-tesla-path.env.in b/packages/kmod-6.1-nvidia/nvidia-tesla-path.env.in deleted file mode 100644 index 28f74deb7c6..00000000000 --- a/packages/kmod-6.1-nvidia/nvidia-tesla-path.env.in +++ /dev/null @@ -1 +0,0 @@ -NVIDIA_PATH=__NVIDIA_BINDIR__ diff --git a/packages/kmod-6.1-nvidia/nvidia-tesla-tmpfiles.conf b/packages/kmod-6.1-nvidia/nvidia-tesla-tmpfiles.conf deleted file mode 100644 index ddcac3e471e..00000000000 --- a/packages/kmod-6.1-nvidia/nvidia-tesla-tmpfiles.conf +++ /dev/null @@ -1,3 +0,0 @@ -C /etc/drivers/nvidia-tesla.toml -C /etc/containerd/nvidia.env - - - - /usr/share/factory/nvidia/tesla/nvidia-path.env -C /etc/ld.so.conf.d/nvidia-tesla.conf diff --git a/packages/kmod-6.1-nvidia/nvidia-tmpfiles.conf.in b/packages/kmod-6.1-nvidia/nvidia-tmpfiles.conf.in deleted file mode 100644 index 2bee2471943..00000000000 --- a/packages/kmod-6.1-nvidia/nvidia-tmpfiles.conf.in +++ /dev/null @@ -1,4 +0,0 @@ -R __PREFIX__/lib/modules/__KERNEL_VERSION__/kernel/drivers/extra/video/nvidia/tesla - - - - - -d __PREFIX__/lib/modules/__KERNEL_VERSION__/kernel/drivers/extra/video/nvidia/tesla 0755 root root - - -C /etc/nvidia/fabricmanager.cfg - - - - -d /run/nvidia 0700 root root - diff --git a/packages/kmod/Cargo.toml b/packages/kmod/Cargo.toml deleted file mode 100644 index 84bee98b5f3..00000000000 --- a/packages/kmod/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "kmod" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://www.kernel.org/pub/linux/utils/kernel/kmod" - -[[package.metadata.build-package.external-files]] -url = "https://www.kernel.org/pub/linux/utils/kernel/kmod/kmod-31.tar.xz" -sha512 = "05ca70381808bec5f262b94db625662c385408988178a35e4aaf4960ee0716dc0cbfc327160ea4b61098d0c2130ab1b5142ea8156bea8e06ded7f4d288b6d085" - -[build-dependencies] -glibc = { path = "../glibc" } -libz = { path = "../libz" } -libzstd = { path = "../libzstd" } diff --git a/packages/kmod/kmod.spec b/packages/kmod/kmod.spec deleted file mode 100644 index 189fdbfb3ab..00000000000 --- a/packages/kmod/kmod.spec +++ /dev/null @@ -1,94 +0,0 @@ -Name: %{_cross_os}kmod -Version: 31 -Release: 1%{?dist} -Summary: Tools for kernel module loading and unloading -License: GPL-2.0-or-later AND LGPL-2.1-or-later -URL: http://git.kernel.org/?p=utils/kernel/kmod/kmod.git;a=summary -Source0: https://www.kernel.org/pub/linux/utils/kernel/kmod/kmod-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libz-devel -BuildRequires: %{_cross_os}libzstd-devel -Requires: %{_cross_os}libz -Requires: %{_cross_os}libzstd - -%description -%{summary}. - -%package devel -Summary: Files for development using the tools for kernel module loading and unloading -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n kmod-%{version} -p1 -cp COPYING COPYING.LGPL -cp tools/COPYING COPYING.GPL - -%build - -%define _configure ../configure - -mkdir static-build -pushd static-build - -%cross_configure \ - --with-zlib \ - --with-zstd \ - --without-openssl - -%make_build LDFLAGS="-all-static" - -popd - -mkdir dynamic-build -pushd dynamic-build - -%cross_configure \ - --with-zlib \ - --with-zstd \ - --without-openssl - -%make_build - -popd - -%install -pushd dynamic-build -%make_install -popd - -pushd static-build -install -p tools/kmod %{buildroot}%{_cross_bindir} - -for b in depmod insmod lsmod modinfo modprobe rmmod ; do - ln -s kmod %{buildroot}%{_cross_bindir}/${b} -done - -install -d %{buildroot}%{_cross_sbindir} -ln -s ../bin/kmod %{buildroot}%{_cross_sbindir}/modprobe -popd - -%files -%license COPYING.LGPL COPYING.GPL -%{_cross_attribution_file} -%{_cross_bindir}/kmod -%{_cross_bindir}/depmod -%{_cross_bindir}/insmod -%{_cross_bindir}/lsmod -%{_cross_bindir}/modinfo -%{_cross_bindir}/modprobe -%{_cross_bindir}/rmmod -%{_cross_sbindir}/modprobe -%{_cross_libdir}/*.so.* -%exclude %{_cross_datadir}/bash-completion -%exclude %{_cross_mandir} - -%files devel -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/kubernetes-1.23/.gitignore b/packages/kubernetes-1.23/.gitignore deleted file mode 100644 index 4a3bdc44c59..00000000000 --- a/packages/kubernetes-1.23/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/*-EKS-PATCH-*.patch diff --git a/packages/kubernetes-1.23/Cargo.toml b/packages/kubernetes-1.23/Cargo.toml deleted file mode 100644 index 38050ec02ef..00000000000 --- a/packages/kubernetes-1.23/Cargo.toml +++ /dev/null @@ -1,53 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "kubernetes-1_23" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kubernetes-1.23" - -[[package.metadata.build-package.external-files]] -url = "https://distro.eks.amazonaws.com/kubernetes-1-23/releases/33/artifacts/kubernetes/v1.23.17/kubernetes-src.tar.gz" -sha512 = "a11b1869c4f201e515b62fd83cf8a984ff83a5238f4447ef62426b933ade0132cdebeb9cd501ddae4b2b6dc6fad4fcea10a94673c36c0b77200602e2789640d5" - -[[package.metadata.build-package.external-files]] -url = "https://raw.githubusercontent.com/aws/eks-distro/168d252ab1f465d3621a6e9b2251fb72b250c49f/projects/kubernetes/kubernetes/1-23/patches/0026-EKS-PATCH-Cherry-pick-119832-Fix-the-problem-Pod-ter.patch" -sha512 = "0406fad037a41750310bcc7e75dceaa65cb6d9ffd8e324541068d25074386ff5fbfdb3e6b4d429704e692a39624377483ecd8ed7fcc16d54ba68d81c97d5d270" - -[[package.metadata.build-package.external-files]] -url = "https://raw.githubusercontent.com/aws/eks-distro/168d252ab1f465d3621a6e9b2251fb72b250c49f/projects/kubernetes/kubernetes/1-23/patches/0027-EKS-PATCH-Prevent-rapid-reset-http2-DOS-on-API-serve.patch" -sha512 = "d36a581ec2b4622da52d25e942fc063c7fcccbba08ee3c9d0dd52366ca6cd80300ced9c807ef786544b83e7d1dddcf88e24b478a4a4f32e864e9e8edaea8940d" - -[[package.metadata.build-package.external-files]] -url = "https://raw.githubusercontent.com/aws/eks-distro/168d252ab1f465d3621a6e9b2251fb72b250c49f/projects/kubernetes/kubernetes/1-23/patches/0028-EKS-PATCH-bump-golang.org-x-net-to-v0.17.patch" -sha512 = "b9a87cc4d8d37af308ef0d65cf270b120da6b75aeeed4011f14a2a62e194b0ef509df687d1f7c75e4656606b7e9d7fff4162d3277d1150e3df27d8fca14c83fe" - -[[package.metadata.build-package.external-files]] -url = "https://raw.githubusercontent.com/aws/eks-distro/168d252ab1f465d3621a6e9b2251fb72b250c49f/projects/kubernetes/kubernetes/1-23/patches/0029-EKS-PATCH-Add-ephemeralcontainer-to-imagepolicy-secu.patch" -sha512 = "3b68bc637648a1fff3f2acdbe370689f09c74b465ac1124d62bb99deefb691eb15f88fae4cf4da66c67fca6888513134b5012e5f48cd58f6632360465d8e38cb" - -[[package.metadata.build-package.external-files]] -url = "https://raw.githubusercontent.com/aws/eks-distro/168d252ab1f465d3621a6e9b2251fb72b250c49f/projects/kubernetes/kubernetes/1-23/patches/0030-EKS-PATCH-go-Bump-images-dependencies-and-versions-t.patch" -sha512 = "66bcd6602e974e237c083fafc24e68b88a0010db1e2fe30c1ea41ef3c112d94c639ae87c3f7cc9a0142d823ea44cce2aa71476ca01bf2efc1ad3f00454df627f" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -aws-signing-helper = { path = "../aws-signing-helper" } -ecr-credential-provider = { path = "../ecr-credential-provider" } -static-pods = { path = "../static-pods" } -# `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, -# and are pulled in by `release`. -# conntrack-tools = { path = "../conntrack-tools" } -# containerd = { path = "../containerd" } -# findutils = { path = "../findutils" } diff --git a/packages/kubernetes-1.23/clarify.toml b/packages/kubernetes-1.23/clarify.toml deleted file mode 100644 index 5b6e8b60967..00000000000 --- a/packages/kubernetes-1.23/clarify.toml +++ /dev/null @@ -1,62 +0,0 @@ -[clarify."github.com/JeffAshton/win_pdh"] -expression = "BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xb221dcc9 }, -] - -[clarify."github.com/daviddengcn/go-colortext"] -expression = "BSD-3-Clause AND MIT" -license-files = [ - { path = "LICENSE", hash = 0x9769fae1 }, -] - -[clarify."github.com/ghodss/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."github.com/heketi/heketi"] -# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ -expression = "LGPL-3.0-or-later OR Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0x3c4b96d1 }, - { path = "LICENSE-APACHE2", hash = 0x438c8616 }, - { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, -] -skip-files = [ "COPYING-GPLV2" ] - -[clarify."github.com/go-bindata/go-bindata"] -expression = "CC0-1.0" -license-files = [ - { path = "LICENSE", hash = 0x393fafd6 }, -] - -[clarify."github.com/miekg/dns"] -expression = "BSD-3-Clause" -license-files = [ - { path = "COPYRIGHT", hash = 0xe41dd36c }, - { path = "LICENSE", hash = 0xfc8f12ff }, -] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."honnef.co/go/tools"] -expression = "MIT AND BSD-3-Clause AND Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xad378ed2 }, - { path = "LICENSE-THIRD-PARTY", hash = 0x546425eb }, - { path = "lint/LICENSE", hash = 0xc6b58232 }, - { path = "ssa/LICENSE", hash = 0xe656fb62 }, -] - -[clarify."github.com/storageos/go-api"] -expression = "MIT AND BSD-2-Clause" -license-files = [ - { path = "LICENCE", hash = 0x67a6861e }, -] -skip-files = ["licence.go", "types/licence.go"] diff --git a/packages/kubernetes-1.23/credential-provider-config-yaml b/packages/kubernetes-1.23/credential-provider-config-yaml deleted file mode 100644 index 1b4bca15887..00000000000 --- a/packages/kubernetes-1.23/credential-provider-config-yaml +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -std = { version = "v1", helpers = ["default"] } -+++ -apiVersion: kubelet.config.k8s.io/v1alpha1 -kind: CredentialProviderConfig -providers: -{{#if settings.kubernetes.credential-providers}} -{{#each settings.kubernetes.credential-providers}} -{{#if this.enabled}} - - name: {{@key}} - matchImages: -{{#each this.image-patterns}} - - "{{this}}" -{{/each}} - defaultCacheDuration: "{{default "12h" this.cache-duration}}" - apiVersion: credentialprovider.kubelet.k8s.io/v1alpha1 -{{#if (or (eq @key "ecr-credential-provider") this.environment)}} - env: -{{#if this.environment}} -{{#each this.environment}} - - name: {{@key}} - value: '{{this}}' -{{/each}} -{{/if}} -{{#if (eq @key "ecr-credential-provider")}} - - name: HOME - value: '/root' -{{#if @root.settings.aws.profile}} - - name: AWS_PROFILE - value: '{{@root.settings.aws.profile}}' -{{/if}} -{{/if}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/kubernetes-1.23/dockershim-symlink.conf b/packages/kubernetes-1.23/dockershim-symlink.conf deleted file mode 100644 index d3fcda86914..00000000000 --- a/packages/kubernetes-1.23/dockershim-symlink.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -ExecStartPre=/bin/ln -sf /run/containerd/containerd.sock /run/dockershim.sock diff --git a/packages/kubernetes-1.23/etc-kubernetes-pki-private.mount b/packages/kubernetes-1.23/etc-kubernetes-pki-private.mount deleted file mode 100644 index 584e61475d1..00000000000 --- a/packages/kubernetes-1.23/etc-kubernetes-pki-private.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Kubernetes PKI private directory (/etc/kubernetes/pki/private) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/kubernetes/pki/private -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:secret_t:s0,mode=0700 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/kubernetes-1.23/kubelet-bootstrap-kubeconfig b/packages/kubernetes-1.23/kubelet-bootstrap-kubeconfig deleted file mode 100644 index 52bef7191cc..00000000000 --- a/packages/kubernetes-1.23/kubelet-bootstrap-kubeconfig +++ /dev/null @@ -1,25 +0,0 @@ -[required-extensions] -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if settings.kubernetes.bootstrap-token}} - user: - token: "{{settings.kubernetes.bootstrap-token}}" -{{/if}} diff --git a/packages/kubernetes-1.23/kubelet-config b/packages/kubernetes-1.23/kubelet-config deleted file mode 100644 index 1594713a182..00000000000 --- a/packages/kubernetes-1.23/kubelet-config +++ /dev/null @@ -1,191 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["kube_reserve_cpu", "kube_reserve_memory"] } -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ ---- -kind: KubeletConfiguration -apiVersion: kubelet.config.k8s.io/v1beta1 -{{#if settings.kubernetes.standalone-mode}} -address: 127.0.0.1 -authentication: - anonymous: - enabled: true - webhook: - enabled: false -authorization: - mode: AlwaysAllow -{{else}} -address: 0.0.0.0 -authentication: - anonymous: - enabled: false - webhook: - cacheTTL: 2m0s - enabled: true - x509: - clientCAFile: "/etc/kubernetes/pki/ca.crt" -authorization: - mode: Webhook - webhook: - cacheAuthorizedTTL: 5m0s - cacheUnauthorizedTTL: 30s -{{/if}} -clusterDomain: {{settings.kubernetes.cluster-domain}} -{{#if settings.kubernetes.cluster-dns-ip}} -clusterDNS: -{{#each settings.kubernetes.cluster-dns-ip}} -- {{this}} -{{else}} -- {{settings.kubernetes.cluster-dns-ip}} -{{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-hard}} -evictionHard: - {{#each settings.kubernetes.eviction-hard}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft}} -evictionSoft: - {{#each settings.kubernetes.eviction-soft}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft-grace-period}} -evictionSoftGracePeriod: - {{#each settings.kubernetes.eviction-soft-grace-period}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-max-pod-grace-period}} -evictionMaxPodGracePeriod: {{settings.kubernetes.eviction-max-pod-grace-period}} -{{/if}} -{{#if settings.kubernetes.allowed-unsafe-sysctls}} -allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}} -{{/if}} -{{#if settings.kubernetes.registry-qps includeZero=true}} -registryPullQPS: {{settings.kubernetes.registry-qps}} -{{/if}} -{{#if settings.kubernetes.registry-burst includeZero=true}} -registryBurst: {{settings.kubernetes.registry-burst}} -{{/if}} -{{#if settings.kubernetes.event-qps includeZero=true}} -eventRecordQPS: {{settings.kubernetes.event-qps}} -{{/if}} -{{#if settings.kubernetes.event-burst includeZero=true}} -eventBurst: {{settings.kubernetes.event-burst}} -{{/if}} -kubeAPIQPS: {{default 10 settings.kubernetes.kube-api-qps}} -kubeAPIBurst: {{default 20 settings.kubernetes.kube-api-burst}} -kubeReserved: - cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}" - {{#if settings.kubernetes.kube-reserved.memory}} - memory: "{{settings.kubernetes.kube-reserved.memory}}" - {{else}} - {{#if settings.kubernetes.max-pods}} - memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}" - {{/if}} - {{/if}} - ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}" -{{#unless settings.kubernetes.reserved-cpus}} -kubeReservedCgroup: "/runtime" -{{/unless}} -{{#if settings.kubernetes.system-reserved}} -systemReserved: - {{#each settings.kubernetes.system-reserved}} - {{@key}}: "{{this}}" - {{/each}} -{{#unless settings.kubernetes.reserved-cpus}} -systemReservedCgroup: "/system" -{{/unless}} -{{/if}} -cpuCFSQuota: {{default true settings.kubernetes.cpu-cfs-quota-enforced}} -cpuManagerPolicy: {{default "none" settings.kubernetes.cpu-manager-policy}} -{{#if settings.kubernetes.cpu-manager-reconcile-period}} -cpuManagerReconcilePeriod: {{settings.kubernetes.cpu-manager-reconcile-period}} -{{/if}} -{{#if settings.kubernetes.cpu-manager-policy-options}} -cpuManagerPolicyOptions: -{{#each settings.kubernetes.cpu-manager-policy-options}} - {{this}}: "true" -{{/each}} -{{/if}} -{{#if settings.kubernetes.topology-manager-scope}} -topologyManagerScope: {{settings.kubernetes.topology-manager-scope}} -{{/if}} -{{#if settings.kubernetes.topology-manager-policy}} -topologyManagerPolicy: {{settings.kubernetes.topology-manager-policy}} -{{/if}} -podPidsLimit: {{default 1048576 settings.kubernetes.pod-pids-limit}} -{{#if settings.kubernetes.image-gc-high-threshold-percent includeZero=true}} -imageGCHighThresholdPercent: {{settings.kubernetes.image-gc-high-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.image-gc-low-threshold-percent includeZero=true}} -imageGCLowThresholdPercent: {{settings.kubernetes.image-gc-low-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.provider-id}} -providerID: {{settings.kubernetes.provider-id}} -{{/if}} -resolvConf: "/run/netdog/resolv.conf" -hairpinMode: hairpin-veth -readOnlyPort: 0 -cgroupDriver: systemd -cgroupRoot: "/" -runtimeRequestTimeout: 15m -featureGates: - RotateKubeletServerCertificate: true - CSIMigration: true - CSIMigrationAWS: true - CSIMigrationvSphere: true - KubeletCredentialProviders: true -protectKernelDefaults: true -serializeImagePulls: false -{{#if (and (default "" settings.kubernetes.server-certificate) (default "" settings.kubernetes.server-key))}} -tlsCertFile: "/etc/kubernetes/pki/kubelet-server.crt" -tlsPrivateKeyFile: "/etc/kubernetes/pki/private/kubelet-server.key" -{{else}} -serverTLSBootstrap: {{settings.kubernetes.server-tls-bootstrap}} -{{/if}} -tlsCipherSuites: -- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -volumePluginDir: "/var/lib/kubelet/plugins/volume/exec" -maxPods: {{default 110 settings.kubernetes.max-pods}} -staticPodPath: "/etc/kubernetes/static-pods/" -{{#if settings.kubernetes.container-log-max-size includeZero=true}} -containerLogMaxSize: {{settings.kubernetes.container-log-max-size}} -{{/if}} -{{#if settings.kubernetes.container-log-max-files includeZero=true}} -containerLogMaxFiles: {{settings.kubernetes.container-log-max-files}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period}} -shutdownGracePeriod: {{settings.kubernetes.shutdown-grace-period}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period-for-critical-pods}} -shutdownGracePeriodCriticalPods: {{settings.kubernetes.shutdown-grace-period-for-critical-pods}} -{{/if}} -{{#if settings.kubernetes.memory-manager-reserved-memory}} -{{#if (any_enabled settings.kubernetes.memory-manager-reserved-memory)}} -{{#if settings.kubernetes.memory-manager-policy}} -memoryManagerPolicy: {{settings.kubernetes.memory-manager-policy}} -{{/if}} -reservedMemory: -{{#each settings.kubernetes.memory-manager-reserved-memory}} -{{#if this.enabled}} - - numaNode: {{@key}} - limits: -{{#if this.memory}} - memory: {{this.memory}} -{{/if}} -{{#if this.hugepages-1Gi}} - hugepages-1Gi: {{this.hugepages-1Gi}} -{{/if}} -{{#if this.hugepages-2Mi}} - hugepages-2Mi: {{this.hugepages-2Mi}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} -{{/if}} -{{#if settings.kubernetes.reserved-cpus}} -reservedSystemCPUs: {{settings.kubernetes.reserved-cpus}} -{{/if}} diff --git a/packages/kubernetes-1.23/kubelet-env b/packages/kubernetes-1.23/kubelet-env deleted file mode 100644 index 0e4aac28853..00000000000 --- a/packages/kubernetes-1.23/kubelet-env +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["join_node_taints"] } -std = { version = "v1", helpers = ["join_map"] } -+++ -NODE_IP={{settings.kubernetes.node-ip}} -NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} -NODE_TAINTS={{join_node_taints settings.kubernetes.node-taints}} diff --git a/packages/kubernetes-1.23/kubelet-exec-start-conf b/packages/kubernetes-1.23/kubelet-exec-start-conf deleted file mode 100644 index 800e247c9cf..00000000000 --- a/packages/kubernetes-1.23/kubelet-exec-start-conf +++ /dev/null @@ -1,42 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ -[Service] -ExecStart= -ExecStart=/usr/bin/kubelet \ -{{#unless settings.kubernetes.standalone-mode}} - --cloud-provider {{default "external" settings.kubernetes.cloud-provider}} \ - --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - --bootstrap-kubeconfig /etc/kubernetes/kubelet/bootstrap-kubeconfig \ -{{/if}} -{{else}} - --cloud-provider "" \ -{{/unless}} - --config /etc/kubernetes/kubelet/config \ - --container-runtime=remote \ - --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ - --containerd=/run/containerd/containerd.sock \ - --network-plugin cni \ - --root-dir /var/lib/kubelet \ - --cert-dir /var/lib/kubelet/pki \ -{{#if settings.kubernetes.credential-providers}} -{{#if (any_enabled settings.kubernetes.credential-providers)}} - --image-credential-provider-bin-dir /usr/libexec/kubernetes/kubelet/plugins \ - --image-credential-provider-config /etc/kubernetes/kubelet/credential-provider-config.yaml \ -{{/if}} -{{/if}} -{{#unless (eq settings.kubernetes.cloud-provider "aws")}} -{{#if settings.kubernetes.hostname-override}} - --hostname-override {{settings.kubernetes.hostname-override}} \ -{{/if}} -{{/unless}} - --node-ip ${NODE_IP} \ - --node-labels "${NODE_LABELS}" \ - --register-with-taints "${NODE_TAINTS}" \ -{{#if settings.kubernetes.log-level includeZero=true}} - -v {{settings.kubernetes.log-level}} \ -{{/if}} - --pod-infra-container-image localhost/kubernetes/pause:0.1.0 \ - --runtime-cgroups=/runtime.slice/containerd.service diff --git a/packages/kubernetes-1.23/kubelet-kubeconfig b/packages/kubernetes-1.23/kubelet-kubeconfig deleted file mode 100644 index 0dfdcd275fe..00000000000 --- a/packages/kubernetes-1.23/kubelet-kubeconfig +++ /dev/null @@ -1,43 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if (eq settings.kubernetes.authentication-mode "aws")}} -{{#if settings.kubernetes.cluster-name}} - user: - exec: - apiVersion: client.authentication.k8s.io/v1beta1 - command: "/usr/bin/aws-iam-authenticator" - args: - - token - - "-i" - - "{{settings.kubernetes.cluster-name}}" - {{#if settings.aws.region}} - - "--region" - - "{{settings.aws.region}}" - {{/if}} -{{/if}} -{{/if}} -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - user: - client-certificate: "/var/lib/kubelet/pki/kubelet-client-current.pem" - client-key: "/var/lib/kubelet/pki/kubelet-client-current.pem" -{{/if}} diff --git a/packages/kubernetes-1.23/kubelet-server-crt b/packages/kubernetes-1.23/kubelet-server-crt deleted file mode 100644 index 92003ad427e..00000000000 --- a/packages/kubernetes-1.23/kubelet-server-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-certificate~}} -{{base64_decode settings.kubernetes.server-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.23/kubelet-server-key b/packages/kubernetes-1.23/kubelet-server-key deleted file mode 100644 index b6c74aacc56..00000000000 --- a/packages/kubernetes-1.23/kubelet-server-key +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-key~}} -{{base64_decode settings.kubernetes.server-key}} -{{~/if~}} diff --git a/packages/kubernetes-1.23/kubelet-sysctl.conf b/packages/kubernetes-1.23/kubelet-sysctl.conf deleted file mode 100644 index ed68c7e197f..00000000000 --- a/packages/kubernetes-1.23/kubelet-sysctl.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Overcommit handling mode - 1: Always overcommit -vm.overcommit_memory = 1 diff --git a/packages/kubernetes-1.23/kubelet.service b/packages/kubernetes-1.23/kubelet.service deleted file mode 100644 index 1285853f2d1..00000000000 --- a/packages/kubernetes-1.23/kubelet.service +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Kubelet -Documentation=https://github.com/kubernetes/kubernetes -After=containerd.service configured.target -Wants=configured.target -BindsTo=containerd.service - -[Service] -Slice=runtime.slice -Type=notify -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=/etc/kubernetes/kubelet/env -ExecStartPre=/sbin/iptables -P FORWARD ACCEPT -# Must be overridden by a drop-in file or `kubelet` won't start -ExecStart=/usr/bin/false - -Restart=always -RestartForceExitStatus=SIGPIPE -RestartSec=5 -Delegate=yes -KillMode=process -CPUAccounting=true -MemoryAccounting=true - -[Install] -WantedBy=multi-user.target diff --git a/packages/kubernetes-1.23/kubernetes-1.23.spec b/packages/kubernetes-1.23/kubernetes-1.23.spec deleted file mode 100644 index 1fbaa8cf49b..00000000000 --- a/packages/kubernetes-1.23/kubernetes-1.23.spec +++ /dev/null @@ -1,232 +0,0 @@ -%global goproject github.com/kubernetes -%global gorepo kubernetes -%global goimport %{goproject}/%{gorepo} - -%global gover 1.23.17 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -# Construct reproducible tar archives -# See https://reproducible-builds.org/docs/archives/ -%global source_date_epoch 1234567890 -%global tar_cf tar --sort=name --mtime="@%{source_date_epoch}" --owner=0 --group=0 --numeric-owner -cf - -# The kubernetes build process expects the cross-compiler to be specified via `KUBE_*_CC` -# Here we generate that variable to use bottlerocket-specific compile aliases -# Examples of the generated variable: -# KUBE_LINUX_AMD64_CC=x86_64-bottlerocket-linux-gnu-gcc -# KUBE_LINUX_ARM64_CC=aarch64-bottlerocket-linux-gnu-gcc -%global kube_cc %{shrink: \ - %{lua: print(string.upper( \ - rpm.expand("KUBE_%{_cross_go_os}_%{_cross_go_arch}_CC=")) .. \ - rpm.expand("%{_cross_target}-gcc")) }} - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Container cluster management -# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause -License: Apache-2.0 AND BSD-3-Clause -URL: https://%{goimport} -Source0: https://distro.eks.amazonaws.com/kubernetes-1-23/releases/33/artifacts/kubernetes/v%{gover}/kubernetes-src.tar.gz -Source1: kubelet.service -Source2: kubelet-env -Source3: kubelet-config -Source4: kubelet-kubeconfig -Source5: kubernetes-ca-crt -Source6: kubelet-exec-start-conf -Source7: kubelet-bootstrap-kubeconfig -Source8: kubernetes-tmpfiles.conf -Source9: kubelet-sysctl.conf -Source10: prepare-var-lib-kubelet.service -Source11: kubelet-server-crt -Source12: kubelet-server-key -Source13: etc-kubernetes-pki-private.mount -Source14: credential-provider-config-yaml -Source15: logdog.kubelet.conf - -# ExecStartPre drop-ins -Source20: prestart-load-pause-ctr.conf -Source21: dockershim-symlink.conf -Source22: make-kubelet-dirs.conf - -# pause image components -Source100: pause-config.json -Source101: pause-manifest.json -Source102: pod-infra-container-image - -Source1000: clarify.toml - -# Additional patches on top of last 1.23 point release -Patch0001: 0026-EKS-PATCH-Cherry-pick-119832-Fix-the-problem-Pod-ter.patch -Patch0002: 0027-EKS-PATCH-Prevent-rapid-reset-http2-DOS-on-API-serve.patch -Patch0003: 0028-EKS-PATCH-bump-golang.org-x-net-to-v0.17.patch -Patch0004: 0029-EKS-PATCH-Add-ephemeralcontainer-to-imagepolicy-secu.patch -Patch0005: 0030-EKS-PATCH-go-Bump-images-dependencies-and-versions-t.patch - -BuildRequires: git -BuildRequires: rsync -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package -n %{_cross_os}kubelet-1.23 -Summary: Container cluster node agent -Requires: %{_cross_os}conntrack-tools -Requires: %{_cross_os}containerd -Requires: %{_cross_os}findutils -Requires: %{_cross_os}ecr-credential-provider -Requires: %{_cross_os}aws-signing-helper -Requires: %{_cross_os}static-pods -Requires: %{_cross_os}kubelet-1.23(binaries) - -%description -n %{_cross_os}kubelet-1.23 -%{summary}. - -%package -n %{_cross_os}kubelet-1.23-bin -Summary: Container cluster node agent binaries -Provides: %{_cross_os}kubelet-1.23(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{_cross_os}kubelet-1.23) -Conflicts: (%{_cross_os}image-feature(fips) or %{_cross_os}kubelet-1.23-fips-bin) - -%description -n %{_cross_os}kubelet-1.23-bin -%{summary}. - -%package -n %{_cross_os}kubelet-1.23-fips-bin -Summary: Container cluster node agent binaries, FIPS edition -Provides: %{_cross_os}kubelet-1.23(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{_cross_os}kubelet-1.23) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{_cross_os}kubelet-1.23-bin) - -%description -n %{_cross_os}kubelet-1.23-fips-bin -%{summary}. - -%prep -%autosetup -Sgit -c -n %{gorepo}-%{gover} -p1 - -# third_party licenses -# multiarch/qemu-user-static ignored, we're not using it -cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph -cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit -cp third_party/forked/golang/LICENSE LICENSE.golang -cp third_party/forked/golang/PATENTS PATENTS.golang - -%build -export FORCE_HOST_GO=1 -# Build codegen programs with the host toolchain. -make generated_files - -# Build kubelet with the target toolchain. -%set_cross_go_flags -unset CC -export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" -export %{kube_cc} -export GOFLAGS="${GOFLAGS} -tags=dockerless" -export GOLDFLAGS="${GOLDFLAGS}" -make WHAT="cmd/kubelet" - -export KUBE_OUTPUT_SUBPATH="_fips_output/local" -export GOEXPERIMENT="boringcrypto" -make WHAT="cmd/kubelet" - -# build the pause container -cd build/pause/linux/ - -# Build static pause executable for container image. -mkdir -p rootfs/usr/bin -%{_cross_triple}-musl-gcc %{_cross_cflags} %{_cross_ldflags} -static-pie pause.c -o rootfs/pause - -# Construct container image. -mkdir -p image/rootfs -%tar_cf image/rootfs/layer.tar -C rootfs . -DIGEST=$(sha256sum image/rootfs/layer.tar | sed -e 's/ .*//') -install -m 0644 %{S:100} image/config.json -sed -i "s/~~digest~~/${DIGEST}/" image/config.json -install -m 0644 %{S:101} image/manifest.json - -%tar_cf ../../../_output/local/bin/linux/%{_cross_go_arch}/kubernetes-pause.tar -C image . - -%install -output="./_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} - -fips_output="./_fips_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 ${fips_output}/kubelet %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:10} %{S:13} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_unitdir}/kubelet.service.d -install -p -m 0644 %{S:20} %{S:21} %{S:22} %{buildroot}%{_cross_unitdir}/kubelet.service.d - -mkdir -p %{buildroot}%{_cross_templatedir} -install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env -install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config -install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig -install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt -install -m 0644 %{S:6} %{buildroot}%{_cross_templatedir}/kubelet-exec-start-conf -install -m 0644 %{S:7} %{buildroot}%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -install -m 0644 %{S:11} %{buildroot}%{_cross_templatedir}/kubelet-server-crt -install -m 0644 %{S:12} %{buildroot}%{_cross_templatedir}/kubelet-server-key -install -m 0644 %{S:14} %{buildroot}%{_cross_templatedir}/credential-provider-config-yaml - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:8} %{buildroot}%{_cross_tmpfilesdir}/kubernetes.conf - -install -d %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:9} %{buildroot}%{_cross_sysctldir}/90-kubelet.conf - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -ln -rs \ - %{buildroot}%{_sharedstatedir}/kubelet/plugins \ - %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet-plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -install -d %{buildroot}%{_cross_datadir}/logdog.d -install -p -m 0644 %{S:15} %{buildroot}%{_cross_datadir}/logdog.d - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 ${output}/kubernetes-pause.tar %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 %{S:102} %{buildroot}%{_cross_templatedir}/pod-infra-container-image - -%files -n %{_cross_os}kubelet-1.23 -%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/kubelet.service -%{_cross_unitdir}/prepare-var-lib-kubelet.service -%{_cross_unitdir}/etc-kubernetes-pki-private.mount -%dir %{_cross_unitdir}/kubelet.service.d -%{_cross_unitdir}/kubelet.service.d/prestart-load-pause-ctr.conf -%{_cross_unitdir}/kubelet.service.d/make-kubelet-dirs.conf -%{_cross_unitdir}/kubelet.service.d/dockershim-symlink.conf -%dir %{_cross_templatedir} -%{_cross_templatedir}/kubelet-env -%{_cross_templatedir}/kubelet-config -%{_cross_templatedir}/kubelet-kubeconfig -%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -%{_cross_templatedir}/kubelet-exec-start-conf -%{_cross_templatedir}/kubernetes-ca-crt -%{_cross_templatedir}/kubelet-server-crt -%{_cross_templatedir}/kubelet-server-key -%{_cross_templatedir}/credential-provider-config-yaml -%{_cross_tmpfilesdir}/kubernetes.conf -%{_cross_sysctldir}/90-kubelet.conf -%dir %{_cross_libexecdir}/kubernetes -%{_cross_libexecdir}/kubernetes/kubelet-plugins -%{_cross_libexecdir}/kubernetes/kubernetes-pause.tar -%{_cross_templatedir}/pod-infra-container-image -%{_cross_datadir}/logdog.d/logdog.kubelet.conf - -%files -n %{_cross_os}kubelet-1.23-bin -%{_cross_bindir}/kubelet - -%files -n %{_cross_os}kubelet-1.23-fips-bin -%{_cross_fips_bindir}/kubelet - -%changelog diff --git a/packages/kubernetes-1.23/kubernetes-ca-crt b/packages/kubernetes-1.23/kubernetes-ca-crt deleted file mode 100644 index 93fd4e253ec..00000000000 --- a/packages/kubernetes-1.23/kubernetes-ca-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.cluster-certificate~}} -{{base64_decode settings.kubernetes.cluster-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.23/kubernetes-tmpfiles.conf b/packages/kubernetes-1.23/kubernetes-tmpfiles.conf deleted file mode 100644 index 4b17aba9d8a..00000000000 --- a/packages/kubernetes-1.23/kubernetes-tmpfiles.conf +++ /dev/null @@ -1,7 +0,0 @@ -d /etc/kubernetes/static-pods - - - - -L /etc/kubernetes/manifests - - - - static-pods -L /etc/kubernetes/secrets-store-csi-providers - - - - /var/lib/kubelet/providers/secrets-store -r! /var/lib/kubelet/cpu_manager_state -L /etc/kubernetes/node-feature-discovery/features.d - - - - /var/lib/kubelet/node-feature-discovery/features.d -d /opt/csi/mountpoint-s3 - - - - -L+ /opt/mountpoint-s3-csi - - - - /opt/csi/mountpoint-s3 diff --git a/packages/kubernetes-1.23/logdog.kubelet.conf b/packages/kubernetes-1.23/logdog.kubelet.conf deleted file mode 100644 index 850a0b4c1ba..00000000000 --- a/packages/kubernetes-1.23/logdog.kubelet.conf +++ /dev/null @@ -1,3 +0,0 @@ -exec kube-status systemctl status kube* -l --no-pager -file ipamd.log /var/log/aws-routed-eni/ipamd.log -file plugin.log /var/log/aws-routed-eni/plugin.log diff --git a/packages/kubernetes-1.23/make-kubelet-dirs.conf b/packages/kubernetes-1.23/make-kubelet-dirs.conf deleted file mode 100644 index a7249c9ac3f..00000000000 --- a/packages/kubernetes-1.23/make-kubelet-dirs.conf +++ /dev/null @@ -1,5 +0,0 @@ -[Service] -# Create the backing directories for symlinks in /etc -ExecStartPre=/usr/bin/mkdir -p \ - /var/lib/kubelet/providers/secrets-store \ - /var/lib/kubelet/node-feature-discovery/features.d diff --git a/packages/kubernetes-1.23/pause-config.json b/packages/kubernetes-1.23/pause-config.json deleted file mode 100644 index 8c2a7cde979..00000000000 --- a/packages/kubernetes-1.23/pause-config.json +++ /dev/null @@ -1 +0,0 @@ -{"author":"Bottlerocket","config":{"Cmd":["/pause"],"ArgsEscaped":true},"created":"2014-12-12T01:12:53.332832423Z","history":[{"created":"2014-12-12T01:12:53.332832423Z","author":"Bottlerocket","created_by":"Bottlerocket","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:~~digest~~"]}} diff --git a/packages/kubernetes-1.23/pause-manifest.json b/packages/kubernetes-1.23/pause-manifest.json deleted file mode 100644 index e8af2c103a7..00000000000 --- a/packages/kubernetes-1.23/pause-manifest.json +++ /dev/null @@ -1 +0,0 @@ -[{"Config":"config.json","RepoTags":["localhost/kubernetes/pause:0.1.0"],"Layers":["rootfs/layer.tar"]}] diff --git a/packages/kubernetes-1.23/pod-infra-container-image b/packages/kubernetes-1.23/pod-infra-container-image deleted file mode 100644 index 9b3f9a3954a..00000000000 --- a/packages/kubernetes-1.23/pod-infra-container-image +++ /dev/null @@ -1,6 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", optional = true } -+++ -{{~#if settings.kubernetes.pod-infra-container-image~}} -DEPRECATED_SETTING=settings.kubernetes.pod-infra-container-image -{{~/if~}} diff --git a/packages/kubernetes-1.23/prepare-var-lib-kubelet.service b/packages/kubernetes-1.23/prepare-var-lib-kubelet.service deleted file mode 100644 index 1b8c6207aa4..00000000000 --- a/packages/kubernetes-1.23/prepare-var-lib-kubelet.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Kubelet Directory (/var/lib/kubelet) -DefaultDependencies=no -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Remove an existing symlink, if present. Intentionally not recursive! -ExecStartPre=-/usr/bin/rm -f /var/lib/kubelet - -# Create /var/lib/kubelet so it is available for bind mounts. -ExecStart=/usr/bin/mkdir -p /var/lib/kubelet - -# Suppress warning if directory exists. -StandardError=null - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/kubernetes-1.23/prestart-load-pause-ctr.conf b/packages/kubernetes-1.23/prestart-load-pause-ctr.conf deleted file mode 100644 index 4e21b0d9b45..00000000000 --- a/packages/kubernetes-1.23/prestart-load-pause-ctr.conf +++ /dev/null @@ -1,14 +0,0 @@ -[Service] -# load the built-in pause image -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image import \ - --all-platforms \ - /usr/libexec/kubernetes/kubernetes-pause.tar - -# label it to prevent it from being removed -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image label \ - localhost/kubernetes/pause:0.1.0 \ - io.cri-containerd.pinned=pinned diff --git a/packages/kubernetes-1.24/Cargo.toml b/packages/kubernetes-1.24/Cargo.toml deleted file mode 100644 index a92c9f1d424..00000000000 --- a/packages/kubernetes-1.24/Cargo.toml +++ /dev/null @@ -1,32 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "kubernetes-1_24" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kubernetes-1.24" - -[[package.metadata.build-package.external-files]] -url = "https://distro.eks.amazonaws.com/kubernetes-1-24/releases/36/artifacts/kubernetes/v1.24.17/kubernetes-src.tar.gz" -sha512 = "ac71b53a37c2875a2f0ecf816aba3d3bb6da555976496f43f18e3fedfc8c60903b372a11c7f5b1114561e8d8baecb028ed92c34d8adeafe495e5b9dc7d32a4ab" -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -aws-signing-helper = { path = "../aws-signing-helper" } -ecr-credential-provider = { path = "../ecr-credential-provider" } -static-pods = { path = "../static-pods" } -# `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, -# and are pulled in by `release`. -# conntrack-tools = { path = "../conntrack-tools" } -# containerd = { path = "../containerd" } -# findutils = { path = "../findutils" } diff --git a/packages/kubernetes-1.24/clarify.toml b/packages/kubernetes-1.24/clarify.toml deleted file mode 100644 index 5b6e8b60967..00000000000 --- a/packages/kubernetes-1.24/clarify.toml +++ /dev/null @@ -1,62 +0,0 @@ -[clarify."github.com/JeffAshton/win_pdh"] -expression = "BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xb221dcc9 }, -] - -[clarify."github.com/daviddengcn/go-colortext"] -expression = "BSD-3-Clause AND MIT" -license-files = [ - { path = "LICENSE", hash = 0x9769fae1 }, -] - -[clarify."github.com/ghodss/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."github.com/heketi/heketi"] -# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ -expression = "LGPL-3.0-or-later OR Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0x3c4b96d1 }, - { path = "LICENSE-APACHE2", hash = 0x438c8616 }, - { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, -] -skip-files = [ "COPYING-GPLV2" ] - -[clarify."github.com/go-bindata/go-bindata"] -expression = "CC0-1.0" -license-files = [ - { path = "LICENSE", hash = 0x393fafd6 }, -] - -[clarify."github.com/miekg/dns"] -expression = "BSD-3-Clause" -license-files = [ - { path = "COPYRIGHT", hash = 0xe41dd36c }, - { path = "LICENSE", hash = 0xfc8f12ff }, -] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."honnef.co/go/tools"] -expression = "MIT AND BSD-3-Clause AND Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xad378ed2 }, - { path = "LICENSE-THIRD-PARTY", hash = 0x546425eb }, - { path = "lint/LICENSE", hash = 0xc6b58232 }, - { path = "ssa/LICENSE", hash = 0xe656fb62 }, -] - -[clarify."github.com/storageos/go-api"] -expression = "MIT AND BSD-2-Clause" -license-files = [ - { path = "LICENCE", hash = 0x67a6861e }, -] -skip-files = ["licence.go", "types/licence.go"] diff --git a/packages/kubernetes-1.24/credential-provider-config-yaml b/packages/kubernetes-1.24/credential-provider-config-yaml deleted file mode 100644 index 20cf2b22027..00000000000 --- a/packages/kubernetes-1.24/credential-provider-config-yaml +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -std = { version = "v1", helpers = ["default"] } -+++ -apiVersion: kubelet.config.k8s.io/v1beta1 -kind: CredentialProviderConfig -providers: -{{#if settings.kubernetes.credential-providers}} -{{#each settings.kubernetes.credential-providers}} -{{#if this.enabled}} - - name: {{@key}} - matchImages: -{{#each this.image-patterns}} - - "{{this}}" -{{/each}} - defaultCacheDuration: "{{default "12h" this.cache-duration}}" - apiVersion: credentialprovider.kubelet.k8s.io/v1alpha1 -{{#if (or (eq @key "ecr-credential-provider") this.environment)}} - env: -{{#if this.environment}} -{{#each this.environment}} - - name: {{@key}} - value: '{{this}}' -{{/each}} -{{/if}} -{{#if (eq @key "ecr-credential-provider")}} - - name: HOME - value: '/root' -{{#if @root.settings.aws.profile}} - - name: AWS_PROFILE - value: '{{@root.settings.aws.profile}}' -{{/if}} -{{/if}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/kubernetes-1.24/dockershim-symlink.conf b/packages/kubernetes-1.24/dockershim-symlink.conf deleted file mode 100644 index d3fcda86914..00000000000 --- a/packages/kubernetes-1.24/dockershim-symlink.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -ExecStartPre=/bin/ln -sf /run/containerd/containerd.sock /run/dockershim.sock diff --git a/packages/kubernetes-1.24/etc-kubernetes-pki-private.mount b/packages/kubernetes-1.24/etc-kubernetes-pki-private.mount deleted file mode 100644 index 584e61475d1..00000000000 --- a/packages/kubernetes-1.24/etc-kubernetes-pki-private.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Kubernetes PKI private directory (/etc/kubernetes/pki/private) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/kubernetes/pki/private -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:secret_t:s0,mode=0700 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/kubernetes-1.24/kubelet-bootstrap-kubeconfig b/packages/kubernetes-1.24/kubelet-bootstrap-kubeconfig deleted file mode 100644 index 52bef7191cc..00000000000 --- a/packages/kubernetes-1.24/kubelet-bootstrap-kubeconfig +++ /dev/null @@ -1,25 +0,0 @@ -[required-extensions] -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if settings.kubernetes.bootstrap-token}} - user: - token: "{{settings.kubernetes.bootstrap-token}}" -{{/if}} diff --git a/packages/kubernetes-1.24/kubelet-config b/packages/kubernetes-1.24/kubelet-config deleted file mode 100644 index 14a7abac6bd..00000000000 --- a/packages/kubernetes-1.24/kubelet-config +++ /dev/null @@ -1,190 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["kube_reserve_cpu", "kube_reserve_memory"] } -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ ---- -kind: KubeletConfiguration -apiVersion: kubelet.config.k8s.io/v1beta1 -{{#if settings.kubernetes.standalone-mode}} -address: 127.0.0.1 -authentication: - anonymous: - enabled: true - webhook: - enabled: false -authorization: - mode: AlwaysAllow -{{else}} -address: 0.0.0.0 -authentication: - anonymous: - enabled: false - webhook: - cacheTTL: 2m0s - enabled: true - x509: - clientCAFile: "/etc/kubernetes/pki/ca.crt" -authorization: - mode: Webhook - webhook: - cacheAuthorizedTTL: 5m0s - cacheUnauthorizedTTL: 30s -{{/if}} -clusterDomain: {{settings.kubernetes.cluster-domain}} -{{#if settings.kubernetes.cluster-dns-ip}} -clusterDNS: -{{#each settings.kubernetes.cluster-dns-ip}} -- {{this}} -{{else}} -- {{settings.kubernetes.cluster-dns-ip}} -{{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-hard}} -evictionHard: - {{#each settings.kubernetes.eviction-hard}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft}} -evictionSoft: - {{#each settings.kubernetes.eviction-soft}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft-grace-period}} -evictionSoftGracePeriod: - {{#each settings.kubernetes.eviction-soft-grace-period}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-max-pod-grace-period}} -evictionMaxPodGracePeriod: {{settings.kubernetes.eviction-max-pod-grace-period}} -{{/if}} -{{#if settings.kubernetes.allowed-unsafe-sysctls}} -allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}} -{{/if}} -{{#if settings.kubernetes.registry-qps includeZero=true}} -registryPullQPS: {{settings.kubernetes.registry-qps}} -{{/if}} -{{#if settings.kubernetes.registry-burst includeZero=true}} -registryBurst: {{settings.kubernetes.registry-burst}} -{{/if}} -{{#if settings.kubernetes.event-qps includeZero=true}} -eventRecordQPS: {{settings.kubernetes.event-qps}} -{{/if}} -{{#if settings.kubernetes.event-burst includeZero=true}} -eventBurst: {{settings.kubernetes.event-burst}} -{{/if}} -kubeAPIQPS: {{default 10 settings.kubernetes.kube-api-qps}} -kubeAPIBurst: {{default 20 settings.kubernetes.kube-api-burst}} -kubeReserved: - cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}" - {{#if settings.kubernetes.kube-reserved.memory}} - memory: "{{settings.kubernetes.kube-reserved.memory}}" - {{else}} - {{#if settings.kubernetes.max-pods}} - memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}" - {{/if}} - {{/if}} - ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}" -{{#unless settings.kubernetes.reserved-cpus}} -kubeReservedCgroup: "/runtime" -{{/unless}} -{{#if settings.kubernetes.system-reserved}} -systemReserved: - {{#each settings.kubernetes.system-reserved}} - {{@key}}: "{{this}}" - {{/each}} -{{#unless settings.kubernetes.reserved-cpus}} -systemReservedCgroup: "/system" -{{/unless}} -{{/if}} -cpuCFSQuota: {{default true settings.kubernetes.cpu-cfs-quota-enforced}} -cpuManagerPolicy: {{default "none" settings.kubernetes.cpu-manager-policy}} -{{#if settings.kubernetes.cpu-manager-reconcile-period}} -cpuManagerReconcilePeriod: {{settings.kubernetes.cpu-manager-reconcile-period}} -{{/if}} -{{#if settings.kubernetes.cpu-manager-policy-options}} -cpuManagerPolicyOptions: -{{#each settings.kubernetes.cpu-manager-policy-options}} - {{this}}: "true" -{{/each}} -{{/if}} -{{#if settings.kubernetes.topology-manager-scope}} -topologyManagerScope: {{settings.kubernetes.topology-manager-scope}} -{{/if}} -{{#if settings.kubernetes.topology-manager-policy}} -topologyManagerPolicy: {{settings.kubernetes.topology-manager-policy}} -{{/if}} -podPidsLimit: {{default 1048576 settings.kubernetes.pod-pids-limit}} -{{#if settings.kubernetes.image-gc-high-threshold-percent includeZero=true}} -imageGCHighThresholdPercent: {{settings.kubernetes.image-gc-high-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.image-gc-low-threshold-percent includeZero=true}} -imageGCLowThresholdPercent: {{settings.kubernetes.image-gc-low-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.provider-id}} -providerID: {{settings.kubernetes.provider-id}} -{{/if}} -resolvConf: "/run/netdog/resolv.conf" -hairpinMode: hairpin-veth -readOnlyPort: 0 -cgroupDriver: systemd -cgroupRoot: "/" -runtimeRequestTimeout: 15m -featureGates: - RotateKubeletServerCertificate: true - CSIMigration: true - CSIMigrationAWS: true - CSIMigrationvSphere: true -protectKernelDefaults: true -serializeImagePulls: false -{{#if (and (default "" settings.kubernetes.server-certificate) (default "" settings.kubernetes.server-key))}} -tlsCertFile: "/etc/kubernetes/pki/kubelet-server.crt" -tlsPrivateKeyFile: "/etc/kubernetes/pki/private/kubelet-server.key" -{{else}} -serverTLSBootstrap: {{settings.kubernetes.server-tls-bootstrap}} -{{/if}} -tlsCipherSuites: -- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -volumePluginDir: "/var/lib/kubelet/plugins/volume/exec" -maxPods: {{default 110 settings.kubernetes.max-pods}} -staticPodPath: "/etc/kubernetes/static-pods/" -{{#if settings.kubernetes.container-log-max-size includeZero=true}} -containerLogMaxSize: {{settings.kubernetes.container-log-max-size}} -{{/if}} -{{#if settings.kubernetes.container-log-max-files includeZero=true}} -containerLogMaxFiles: {{settings.kubernetes.container-log-max-files}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period}} -shutdownGracePeriod: {{settings.kubernetes.shutdown-grace-period}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period-for-critical-pods}} -shutdownGracePeriodCriticalPods: {{settings.kubernetes.shutdown-grace-period-for-critical-pods}} -{{/if}} -{{#if settings.kubernetes.memory-manager-reserved-memory}} -{{#if (any_enabled settings.kubernetes.memory-manager-reserved-memory)}} -{{#if settings.kubernetes.memory-manager-policy}} -memoryManagerPolicy: {{settings.kubernetes.memory-manager-policy}} -{{/if}} -reservedMemory: -{{#each settings.kubernetes.memory-manager-reserved-memory}} -{{#if this.enabled}} - - numaNode: {{@key}} - limits: -{{#if this.memory}} - memory: {{this.memory}} -{{/if}} -{{#if this.hugepages-1Gi}} - hugepages-1Gi: {{this.hugepages-1Gi}} -{{/if}} -{{#if this.hugepages-2Mi}} - hugepages-2Mi: {{this.hugepages-2Mi}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} -{{/if}} -{{#if settings.kubernetes.reserved-cpus}} -reservedSystemCPUs: {{settings.kubernetes.reserved-cpus}} -{{/if}} diff --git a/packages/kubernetes-1.24/kubelet-env b/packages/kubernetes-1.24/kubelet-env deleted file mode 100644 index 0e4aac28853..00000000000 --- a/packages/kubernetes-1.24/kubelet-env +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["join_node_taints"] } -std = { version = "v1", helpers = ["join_map"] } -+++ -NODE_IP={{settings.kubernetes.node-ip}} -NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} -NODE_TAINTS={{join_node_taints settings.kubernetes.node-taints}} diff --git a/packages/kubernetes-1.24/kubelet-exec-start-conf b/packages/kubernetes-1.24/kubelet-exec-start-conf deleted file mode 100644 index ca26d0b5e8a..00000000000 --- a/packages/kubernetes-1.24/kubelet-exec-start-conf +++ /dev/null @@ -1,41 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ -[Service] -ExecStart= -ExecStart=/usr/bin/kubelet \ -{{#unless settings.kubernetes.standalone-mode}} - --cloud-provider {{default "external" settings.kubernetes.cloud-provider}} \ - --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - --bootstrap-kubeconfig /etc/kubernetes/kubelet/bootstrap-kubeconfig \ -{{/if}} -{{else}} - --cloud-provider "" \ -{{/unless}} - --config /etc/kubernetes/kubelet/config \ - --container-runtime=remote \ - --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ - --containerd=/run/containerd/containerd.sock \ - --root-dir /var/lib/kubelet \ - --cert-dir /var/lib/kubelet/pki \ -{{#if settings.kubernetes.credential-providers}} -{{#if (any_enabled settings.kubernetes.credential-providers)}} - --image-credential-provider-bin-dir /usr/libexec/kubernetes/kubelet/plugins \ - --image-credential-provider-config /etc/kubernetes/kubelet/credential-provider-config.yaml \ -{{/if}} -{{/if}} -{{#unless (eq settings.kubernetes.cloud-provider "aws")}} -{{#if settings.kubernetes.hostname-override}} - --hostname-override {{settings.kubernetes.hostname-override}} \ -{{/if}} -{{/unless}} - --node-ip ${NODE_IP} \ - --node-labels "${NODE_LABELS}" \ - --register-with-taints "${NODE_TAINTS}" \ -{{#if settings.kubernetes.log-level includeZero=true}} - -v {{settings.kubernetes.log-level}} \ -{{/if}} - --pod-infra-container-image localhost/kubernetes/pause:0.1.0 \ - --runtime-cgroups=/runtime.slice/containerd.service diff --git a/packages/kubernetes-1.24/kubelet-kubeconfig b/packages/kubernetes-1.24/kubelet-kubeconfig deleted file mode 100644 index 0dfdcd275fe..00000000000 --- a/packages/kubernetes-1.24/kubelet-kubeconfig +++ /dev/null @@ -1,43 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if (eq settings.kubernetes.authentication-mode "aws")}} -{{#if settings.kubernetes.cluster-name}} - user: - exec: - apiVersion: client.authentication.k8s.io/v1beta1 - command: "/usr/bin/aws-iam-authenticator" - args: - - token - - "-i" - - "{{settings.kubernetes.cluster-name}}" - {{#if settings.aws.region}} - - "--region" - - "{{settings.aws.region}}" - {{/if}} -{{/if}} -{{/if}} -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - user: - client-certificate: "/var/lib/kubelet/pki/kubelet-client-current.pem" - client-key: "/var/lib/kubelet/pki/kubelet-client-current.pem" -{{/if}} diff --git a/packages/kubernetes-1.24/kubelet-server-crt b/packages/kubernetes-1.24/kubelet-server-crt deleted file mode 100644 index 92003ad427e..00000000000 --- a/packages/kubernetes-1.24/kubelet-server-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-certificate~}} -{{base64_decode settings.kubernetes.server-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.24/kubelet-server-key b/packages/kubernetes-1.24/kubelet-server-key deleted file mode 100644 index b6c74aacc56..00000000000 --- a/packages/kubernetes-1.24/kubelet-server-key +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-key~}} -{{base64_decode settings.kubernetes.server-key}} -{{~/if~}} diff --git a/packages/kubernetes-1.24/kubelet-sysctl.conf b/packages/kubernetes-1.24/kubelet-sysctl.conf deleted file mode 100644 index ed68c7e197f..00000000000 --- a/packages/kubernetes-1.24/kubelet-sysctl.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Overcommit handling mode - 1: Always overcommit -vm.overcommit_memory = 1 diff --git a/packages/kubernetes-1.24/kubelet.service b/packages/kubernetes-1.24/kubelet.service deleted file mode 100644 index 1285853f2d1..00000000000 --- a/packages/kubernetes-1.24/kubelet.service +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Kubelet -Documentation=https://github.com/kubernetes/kubernetes -After=containerd.service configured.target -Wants=configured.target -BindsTo=containerd.service - -[Service] -Slice=runtime.slice -Type=notify -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=/etc/kubernetes/kubelet/env -ExecStartPre=/sbin/iptables -P FORWARD ACCEPT -# Must be overridden by a drop-in file or `kubelet` won't start -ExecStart=/usr/bin/false - -Restart=always -RestartForceExitStatus=SIGPIPE -RestartSec=5 -Delegate=yes -KillMode=process -CPUAccounting=true -MemoryAccounting=true - -[Install] -WantedBy=multi-user.target diff --git a/packages/kubernetes-1.24/kubernetes-1.24.spec b/packages/kubernetes-1.24/kubernetes-1.24.spec deleted file mode 100644 index 2b95bb48e19..00000000000 --- a/packages/kubernetes-1.24/kubernetes-1.24.spec +++ /dev/null @@ -1,233 +0,0 @@ -# After this upstream change, the linker flags `-s -w` are always added unless -# DBG=1 is set in the environment, which would set compiler flags to disable -# optimizations and inlining: -# https://github.com/kubernetes/kubernetes/pull/108371 -# -# For now, work around this by indicating that no debug package is expected. -%global debug_package %{nil} - -%global goproject github.com/kubernetes -%global gorepo kubernetes -%global goimport %{goproject}/%{gorepo} - -%global gover 1.24.17 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -# Construct reproducible tar archives -# See https://reproducible-builds.org/docs/archives/ -%global source_date_epoch 1234567890 -%global tar_cf tar --sort=name --mtime="@%{source_date_epoch}" --owner=0 --group=0 --numeric-owner -cf - -# The kubernetes build process expects the cross-compiler to be specified via `KUBE_*_CC` -# Here we generate that variable to use bottlerocket-specific compile aliases -# Examples of the generated variable: -# KUBE_LINUX_AMD64_CC=x86_64-bottlerocket-linux-gnu-gcc -# KUBE_LINUX_ARM64_CC=aarch64-bottlerocket-linux-gnu-gcc -%global kube_cc %{shrink: \ - %{lua: print(string.upper( \ - rpm.expand("KUBE_%{_cross_go_os}_%{_cross_go_arch}_CC=")) .. \ - rpm.expand("%{_cross_target}-gcc")) }} - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Container cluster management -# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause -License: Apache-2.0 AND BSD-3-Clause -URL: https://%{goimport} -Source0: https://distro.eks.amazonaws.com/kubernetes-1-24/releases/36/artifacts/kubernetes/v%{gover}/kubernetes-src.tar.gz -Source1: kubelet.service -Source2: kubelet-env -Source3: kubelet-config -Source4: kubelet-kubeconfig -Source5: kubernetes-ca-crt -Source6: kubelet-exec-start-conf -Source7: kubelet-bootstrap-kubeconfig -Source8: kubernetes-tmpfiles.conf -Source9: kubelet-sysctl.conf -Source10: prepare-var-lib-kubelet.service -Source11: kubelet-server-crt -Source12: kubelet-server-key -Source13: etc-kubernetes-pki-private.mount -Source14: credential-provider-config-yaml -Source15: logdog.kubelet.conf - -# ExecStartPre drop-ins -Source20: prestart-load-pause-ctr.conf -Source21: dockershim-symlink.conf -Source22: make-kubelet-dirs.conf - -# pause image components -Source100: pause-config.json -Source101: pause-manifest.json -Source102: pod-infra-container-image - -Source1000: clarify.toml - -BuildRequires: git -BuildRequires: rsync -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package -n %{_cross_os}kubelet-1.24 -Summary: Container cluster node agent -Requires: %{_cross_os}conntrack-tools -Requires: %{_cross_os}containerd -Requires: %{_cross_os}findutils -Requires: %{_cross_os}ecr-credential-provider -Requires: %{_cross_os}aws-signing-helper -Requires: %{_cross_os}static-pods -Requires: %{_cross_os}kubelet-1.24(binaries) - -%description -n %{_cross_os}kubelet-1.24 -%{summary}. - -%package -n %{_cross_os}kubelet-1.24-bin -Summary: Container cluster node agent binaries -Provides: %{_cross_os}kubelet-1.24(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{_cross_os}kubelet-1.24) -Conflicts: (%{_cross_os}image-feature(fips) or %{_cross_os}kubelet-1.24-fips-bin) - -%description -n %{_cross_os}kubelet-1.24-bin -%{summary}. - -%package -n %{_cross_os}kubelet-1.24-fips-bin -Summary: Container cluster node agent binaries, FIPS edition -Provides: %{_cross_os}kubelet-1.24(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{_cross_os}kubelet-1.24) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{_cross_os}kubelet-1.24-bin) - -%description -n %{_cross_os}kubelet-1.24-fips-bin -%{summary}. - -%prep -%autosetup -Sgit -c -n %{gorepo}-%{gover} -p1 - -# third_party licenses -# multiarch/qemu-user-static ignored, we're not using it -cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph -cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit -cp third_party/forked/golang/LICENSE LICENSE.golang -cp third_party/forked/golang/PATENTS PATENTS.golang - -%build -export FORCE_HOST_GO=1 -# Build codegen programs with the host toolchain. -make generated_files - -# Build kubelet with the target toolchain. -%set_cross_go_flags -unset CC -export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" -export %{kube_cc} -export GOFLAGS="${GOFLAGS} -tags=dockerless" -export GOLDFLAGS="${GOLDFLAGS}" -make WHAT="cmd/kubelet" - -export KUBE_OUTPUT_SUBPATH="_fips_output/local" -export GOEXPERIMENT="boringcrypto" -make WHAT="cmd/kubelet" - -# build the pause container -cd build/pause/linux/ - -# Build static pause executable for container image. -mkdir -p rootfs/usr/bin -%{_cross_triple}-musl-gcc %{_cross_cflags} %{_cross_ldflags} -static-pie pause.c -o rootfs/pause - -# Construct container image. -mkdir -p image/rootfs -%tar_cf image/rootfs/layer.tar -C rootfs . -DIGEST=$(sha256sum image/rootfs/layer.tar | sed -e 's/ .*//') -install -m 0644 %{S:100} image/config.json -sed -i "s/~~digest~~/${DIGEST}/" image/config.json -install -m 0644 %{S:101} image/manifest.json - -%tar_cf ../../../_output/local/bin/linux/%{_cross_go_arch}/kubernetes-pause.tar -C image . - -%install -output="./_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} - -fips_output="./_fips_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 ${fips_output}/kubelet %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:10} %{S:13} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_unitdir}/kubelet.service.d -install -p -m 0644 %{S:20} %{S:21} %{S:22} %{buildroot}%{_cross_unitdir}/kubelet.service.d - -mkdir -p %{buildroot}%{_cross_templatedir} -install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env -install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config -install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig -install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt -install -m 0644 %{S:6} %{buildroot}%{_cross_templatedir}/kubelet-exec-start-conf -install -m 0644 %{S:7} %{buildroot}%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -install -m 0644 %{S:11} %{buildroot}%{_cross_templatedir}/kubelet-server-crt -install -m 0644 %{S:12} %{buildroot}%{_cross_templatedir}/kubelet-server-key -install -m 0644 %{S:14} %{buildroot}%{_cross_templatedir}/credential-provider-config-yaml - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:8} %{buildroot}%{_cross_tmpfilesdir}/kubernetes.conf - -install -d %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:9} %{buildroot}%{_cross_sysctldir}/90-kubelet.conf - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -ln -rs \ - %{buildroot}%{_sharedstatedir}/kubelet/plugins \ - %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet-plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -install -d %{buildroot}%{_cross_datadir}/logdog.d -install -p -m 0644 %{S:15} %{buildroot}%{_cross_datadir}/logdog.d - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 ${output}/kubernetes-pause.tar %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 %{S:102} %{buildroot}%{_cross_templatedir}/pod-infra-container-image - -%files -n %{_cross_os}kubelet-1.24 -%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/kubelet.service -%{_cross_unitdir}/prepare-var-lib-kubelet.service -%{_cross_unitdir}/etc-kubernetes-pki-private.mount -%dir %{_cross_unitdir}/kubelet.service.d -%{_cross_unitdir}/kubelet.service.d/prestart-load-pause-ctr.conf -%{_cross_unitdir}/kubelet.service.d/make-kubelet-dirs.conf -%{_cross_unitdir}/kubelet.service.d/dockershim-symlink.conf -%dir %{_cross_templatedir} -%{_cross_templatedir}/kubelet-env -%{_cross_templatedir}/kubelet-config -%{_cross_templatedir}/kubelet-kubeconfig -%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -%{_cross_templatedir}/kubelet-exec-start-conf -%{_cross_templatedir}/kubernetes-ca-crt -%{_cross_templatedir}/kubelet-server-crt -%{_cross_templatedir}/kubelet-server-key -%{_cross_templatedir}/credential-provider-config-yaml -%{_cross_tmpfilesdir}/kubernetes.conf -%{_cross_sysctldir}/90-kubelet.conf -%dir %{_cross_libexecdir}/kubernetes -%{_cross_libexecdir}/kubernetes/kubelet-plugins -%{_cross_libexecdir}/kubernetes/kubernetes-pause.tar -%{_cross_templatedir}/pod-infra-container-image -%{_cross_datadir}/logdog.d/logdog.kubelet.conf - -%files -n %{_cross_os}kubelet-1.24-bin -%{_cross_bindir}/kubelet - -%files -n %{_cross_os}kubelet-1.24-fips-bin -%{_cross_fips_bindir}/kubelet - -%changelog diff --git a/packages/kubernetes-1.24/kubernetes-ca-crt b/packages/kubernetes-1.24/kubernetes-ca-crt deleted file mode 100644 index 93fd4e253ec..00000000000 --- a/packages/kubernetes-1.24/kubernetes-ca-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.cluster-certificate~}} -{{base64_decode settings.kubernetes.cluster-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.24/kubernetes-tmpfiles.conf b/packages/kubernetes-1.24/kubernetes-tmpfiles.conf deleted file mode 100644 index 4b17aba9d8a..00000000000 --- a/packages/kubernetes-1.24/kubernetes-tmpfiles.conf +++ /dev/null @@ -1,7 +0,0 @@ -d /etc/kubernetes/static-pods - - - - -L /etc/kubernetes/manifests - - - - static-pods -L /etc/kubernetes/secrets-store-csi-providers - - - - /var/lib/kubelet/providers/secrets-store -r! /var/lib/kubelet/cpu_manager_state -L /etc/kubernetes/node-feature-discovery/features.d - - - - /var/lib/kubelet/node-feature-discovery/features.d -d /opt/csi/mountpoint-s3 - - - - -L+ /opt/mountpoint-s3-csi - - - - /opt/csi/mountpoint-s3 diff --git a/packages/kubernetes-1.24/logdog.kubelet.conf b/packages/kubernetes-1.24/logdog.kubelet.conf deleted file mode 100644 index 850a0b4c1ba..00000000000 --- a/packages/kubernetes-1.24/logdog.kubelet.conf +++ /dev/null @@ -1,3 +0,0 @@ -exec kube-status systemctl status kube* -l --no-pager -file ipamd.log /var/log/aws-routed-eni/ipamd.log -file plugin.log /var/log/aws-routed-eni/plugin.log diff --git a/packages/kubernetes-1.24/make-kubelet-dirs.conf b/packages/kubernetes-1.24/make-kubelet-dirs.conf deleted file mode 100644 index a7249c9ac3f..00000000000 --- a/packages/kubernetes-1.24/make-kubelet-dirs.conf +++ /dev/null @@ -1,5 +0,0 @@ -[Service] -# Create the backing directories for symlinks in /etc -ExecStartPre=/usr/bin/mkdir -p \ - /var/lib/kubelet/providers/secrets-store \ - /var/lib/kubelet/node-feature-discovery/features.d diff --git a/packages/kubernetes-1.24/pause-config.json b/packages/kubernetes-1.24/pause-config.json deleted file mode 100644 index 8c2a7cde979..00000000000 --- a/packages/kubernetes-1.24/pause-config.json +++ /dev/null @@ -1 +0,0 @@ -{"author":"Bottlerocket","config":{"Cmd":["/pause"],"ArgsEscaped":true},"created":"2014-12-12T01:12:53.332832423Z","history":[{"created":"2014-12-12T01:12:53.332832423Z","author":"Bottlerocket","created_by":"Bottlerocket","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:~~digest~~"]}} diff --git a/packages/kubernetes-1.24/pause-manifest.json b/packages/kubernetes-1.24/pause-manifest.json deleted file mode 100644 index e8af2c103a7..00000000000 --- a/packages/kubernetes-1.24/pause-manifest.json +++ /dev/null @@ -1 +0,0 @@ -[{"Config":"config.json","RepoTags":["localhost/kubernetes/pause:0.1.0"],"Layers":["rootfs/layer.tar"]}] diff --git a/packages/kubernetes-1.24/pod-infra-container-image b/packages/kubernetes-1.24/pod-infra-container-image deleted file mode 100644 index 9b3f9a3954a..00000000000 --- a/packages/kubernetes-1.24/pod-infra-container-image +++ /dev/null @@ -1,6 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", optional = true } -+++ -{{~#if settings.kubernetes.pod-infra-container-image~}} -DEPRECATED_SETTING=settings.kubernetes.pod-infra-container-image -{{~/if~}} diff --git a/packages/kubernetes-1.24/prepare-var-lib-kubelet.service b/packages/kubernetes-1.24/prepare-var-lib-kubelet.service deleted file mode 100644 index 1b8c6207aa4..00000000000 --- a/packages/kubernetes-1.24/prepare-var-lib-kubelet.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Kubelet Directory (/var/lib/kubelet) -DefaultDependencies=no -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Remove an existing symlink, if present. Intentionally not recursive! -ExecStartPre=-/usr/bin/rm -f /var/lib/kubelet - -# Create /var/lib/kubelet so it is available for bind mounts. -ExecStart=/usr/bin/mkdir -p /var/lib/kubelet - -# Suppress warning if directory exists. -StandardError=null - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/kubernetes-1.24/prestart-load-pause-ctr.conf b/packages/kubernetes-1.24/prestart-load-pause-ctr.conf deleted file mode 100644 index 4e21b0d9b45..00000000000 --- a/packages/kubernetes-1.24/prestart-load-pause-ctr.conf +++ /dev/null @@ -1,14 +0,0 @@ -[Service] -# load the built-in pause image -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image import \ - --all-platforms \ - /usr/libexec/kubernetes/kubernetes-pause.tar - -# label it to prevent it from being removed -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image label \ - localhost/kubernetes/pause:0.1.0 \ - io.cri-containerd.pinned=pinned diff --git a/packages/kubernetes-1.25/Cargo.toml b/packages/kubernetes-1.25/Cargo.toml deleted file mode 100644 index 81d08768ef9..00000000000 --- a/packages/kubernetes-1.25/Cargo.toml +++ /dev/null @@ -1,32 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "kubernetes-1_25" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kubernetes-1.25" - -[[package.metadata.build-package.external-files]] -url = "https://distro.eks.amazonaws.com/kubernetes-1-25/releases/35/artifacts/kubernetes/v1.25.16/kubernetes-src.tar.gz" -sha512 = "e3672cc93d74f1ffbdbf446b84693fa8e03d989f6c9174adc60b4ea8f53ac0e5bc660d06377f99bc7cc11f40c2c611e8641f6b9c1d6d2c658b1b0ece79909b1b" -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -aws-signing-helper = { path = "../aws-signing-helper" } -ecr-credential-provider = { path = "../ecr-credential-provider" } -static-pods = { path = "../static-pods" } -# `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, -# and are pulled in by `release`. -# conntrack-tools = { path = "../conntrack-tools" } -# containerd = { path = "../containerd" } -# findutils = { path = "../findutils" } diff --git a/packages/kubernetes-1.25/clarify.toml b/packages/kubernetes-1.25/clarify.toml deleted file mode 100644 index 5b6e8b60967..00000000000 --- a/packages/kubernetes-1.25/clarify.toml +++ /dev/null @@ -1,62 +0,0 @@ -[clarify."github.com/JeffAshton/win_pdh"] -expression = "BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xb221dcc9 }, -] - -[clarify."github.com/daviddengcn/go-colortext"] -expression = "BSD-3-Clause AND MIT" -license-files = [ - { path = "LICENSE", hash = 0x9769fae1 }, -] - -[clarify."github.com/ghodss/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."github.com/heketi/heketi"] -# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ -expression = "LGPL-3.0-or-later OR Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0x3c4b96d1 }, - { path = "LICENSE-APACHE2", hash = 0x438c8616 }, - { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, -] -skip-files = [ "COPYING-GPLV2" ] - -[clarify."github.com/go-bindata/go-bindata"] -expression = "CC0-1.0" -license-files = [ - { path = "LICENSE", hash = 0x393fafd6 }, -] - -[clarify."github.com/miekg/dns"] -expression = "BSD-3-Clause" -license-files = [ - { path = "COPYRIGHT", hash = 0xe41dd36c }, - { path = "LICENSE", hash = 0xfc8f12ff }, -] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."honnef.co/go/tools"] -expression = "MIT AND BSD-3-Clause AND Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xad378ed2 }, - { path = "LICENSE-THIRD-PARTY", hash = 0x546425eb }, - { path = "lint/LICENSE", hash = 0xc6b58232 }, - { path = "ssa/LICENSE", hash = 0xe656fb62 }, -] - -[clarify."github.com/storageos/go-api"] -expression = "MIT AND BSD-2-Clause" -license-files = [ - { path = "LICENCE", hash = 0x67a6861e }, -] -skip-files = ["licence.go", "types/licence.go"] diff --git a/packages/kubernetes-1.25/credential-provider-config-yaml b/packages/kubernetes-1.25/credential-provider-config-yaml deleted file mode 100644 index 71f7ed0a92b..00000000000 --- a/packages/kubernetes-1.25/credential-provider-config-yaml +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -std = { version = "v1", helpers = ["default"] } -+++ -apiVersion: kubelet.config.k8s.io/v1beta1 -kind: CredentialProviderConfig -providers: -{{#if settings.kubernetes.credential-providers}} -{{#each settings.kubernetes.credential-providers}} -{{#if this.enabled}} - - name: {{@key}} - matchImages: -{{#each this.image-patterns}} - - "{{this}}" -{{/each}} - defaultCacheDuration: "{{default "12h" this.cache-duration}}" - apiVersion: credentialprovider.kubelet.k8s.io/v1beta1 -{{#if (or (eq @key "ecr-credential-provider") this.environment)}} - env: -{{#if this.environment}} -{{#each this.environment}} - - name: {{@key}} - value: '{{this}}' -{{/each}} -{{/if}} -{{#if (eq @key "ecr-credential-provider")}} - - name: HOME - value: '/root' -{{#if @root.settings.aws.profile}} - - name: AWS_PROFILE - value: '{{@root.settings.aws.profile}}' -{{/if}} -{{/if}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/kubernetes-1.25/dockershim-symlink.conf b/packages/kubernetes-1.25/dockershim-symlink.conf deleted file mode 100644 index d3fcda86914..00000000000 --- a/packages/kubernetes-1.25/dockershim-symlink.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -ExecStartPre=/bin/ln -sf /run/containerd/containerd.sock /run/dockershim.sock diff --git a/packages/kubernetes-1.25/etc-kubernetes-pki-private.mount b/packages/kubernetes-1.25/etc-kubernetes-pki-private.mount deleted file mode 100644 index 584e61475d1..00000000000 --- a/packages/kubernetes-1.25/etc-kubernetes-pki-private.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Kubernetes PKI private directory (/etc/kubernetes/pki/private) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/kubernetes/pki/private -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:secret_t:s0,mode=0700 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/kubernetes-1.25/kubelet-bootstrap-kubeconfig b/packages/kubernetes-1.25/kubelet-bootstrap-kubeconfig deleted file mode 100644 index 52bef7191cc..00000000000 --- a/packages/kubernetes-1.25/kubelet-bootstrap-kubeconfig +++ /dev/null @@ -1,25 +0,0 @@ -[required-extensions] -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if settings.kubernetes.bootstrap-token}} - user: - token: "{{settings.kubernetes.bootstrap-token}}" -{{/if}} diff --git a/packages/kubernetes-1.25/kubelet-config b/packages/kubernetes-1.25/kubelet-config deleted file mode 100644 index 8fa3567e1ad..00000000000 --- a/packages/kubernetes-1.25/kubelet-config +++ /dev/null @@ -1,191 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["kube_reserve_cpu", "kube_reserve_memory"] } -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ ---- -kind: KubeletConfiguration -apiVersion: kubelet.config.k8s.io/v1beta1 -{{#if settings.kubernetes.standalone-mode}} -address: 127.0.0.1 -authentication: - anonymous: - enabled: true - webhook: - enabled: false -authorization: - mode: AlwaysAllow -{{else}} -address: 0.0.0.0 -authentication: - anonymous: - enabled: false - webhook: - cacheTTL: 2m0s - enabled: true - x509: - clientCAFile: "/etc/kubernetes/pki/ca.crt" -authorization: - mode: Webhook - webhook: - cacheAuthorizedTTL: 5m0s - cacheUnauthorizedTTL: 30s -{{/if}} -clusterDomain: {{settings.kubernetes.cluster-domain}} -{{#if settings.kubernetes.cluster-dns-ip}} -clusterDNS: -{{#each settings.kubernetes.cluster-dns-ip}} -- {{this}} -{{else}} -- {{settings.kubernetes.cluster-dns-ip}} -{{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-hard}} -evictionHard: - {{#each settings.kubernetes.eviction-hard}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft}} -evictionSoft: - {{#each settings.kubernetes.eviction-soft}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft-grace-period}} -evictionSoftGracePeriod: - {{#each settings.kubernetes.eviction-soft-grace-period}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-max-pod-grace-period}} -evictionMaxPodGracePeriod: {{settings.kubernetes.eviction-max-pod-grace-period}} -{{/if}} -{{#if settings.kubernetes.allowed-unsafe-sysctls}} -allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}} -{{/if}} -{{#if settings.kubernetes.registry-qps includeZero=true}} -registryPullQPS: {{settings.kubernetes.registry-qps}} -{{/if}} -{{#if settings.kubernetes.registry-burst includeZero=true}} -registryBurst: {{settings.kubernetes.registry-burst}} -{{/if}} -{{#if settings.kubernetes.event-qps includeZero=true}} -eventRecordQPS: {{settings.kubernetes.event-qps}} -{{/if}} -{{#if settings.kubernetes.event-burst includeZero=true}} -eventBurst: {{settings.kubernetes.event-burst}} -{{/if}} -kubeAPIQPS: {{default 10 settings.kubernetes.kube-api-qps}} -kubeAPIBurst: {{default 20 settings.kubernetes.kube-api-burst}} -kubeReserved: - cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}" - {{#if settings.kubernetes.kube-reserved.memory}} - memory: "{{settings.kubernetes.kube-reserved.memory}}" - {{else}} - {{#if settings.kubernetes.max-pods}} - memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}" - {{/if}} - {{/if}} - ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}" -{{#unless settings.kubernetes.reserved-cpus}} -kubeReservedCgroup: "/runtime" -{{/unless}} -{{#if settings.kubernetes.system-reserved}} -systemReserved: - {{#each settings.kubernetes.system-reserved}} - {{@key}}: "{{this}}" - {{/each}} -{{#unless settings.kubernetes.reserved-cpus}} -systemReservedCgroup: "/system" -{{/unless}} -{{/if}} -cpuCFSQuota: {{default true settings.kubernetes.cpu-cfs-quota-enforced}} -cpuManagerPolicy: {{default "none" settings.kubernetes.cpu-manager-policy}} -{{#if settings.kubernetes.cpu-manager-reconcile-period}} -cpuManagerReconcilePeriod: {{settings.kubernetes.cpu-manager-reconcile-period}} -{{/if}} -{{#if settings.kubernetes.cpu-manager-policy-options}} -cpuManagerPolicyOptions: -{{#each settings.kubernetes.cpu-manager-policy-options}} - {{this}}: "true" -{{/each}} -{{/if}} -{{#if settings.kubernetes.topology-manager-scope}} -topologyManagerScope: {{settings.kubernetes.topology-manager-scope}} -{{/if}} -{{#if settings.kubernetes.topology-manager-policy}} -topologyManagerPolicy: {{settings.kubernetes.topology-manager-policy}} -{{/if}} -podPidsLimit: {{default 1048576 settings.kubernetes.pod-pids-limit}} -{{#if settings.kubernetes.image-gc-high-threshold-percent includeZero=true}} -imageGCHighThresholdPercent: {{settings.kubernetes.image-gc-high-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.image-gc-low-threshold-percent includeZero=true}} -imageGCLowThresholdPercent: {{settings.kubernetes.image-gc-low-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.provider-id}} -providerID: {{settings.kubernetes.provider-id}} -{{/if}} -resolvConf: "/run/netdog/resolv.conf" -hairpinMode: hairpin-veth -readOnlyPort: 0 -cgroupDriver: systemd -cgroupRoot: "/" -runtimeRequestTimeout: 15m -featureGates: - RotateKubeletServerCertificate: true - CSIMigration: true - CSIMigrationAWS: true - CSIMigrationvSphere: true -protectKernelDefaults: true -serializeImagePulls: false -seccompDefault: {{default false settings.kubernetes.seccomp-default}} -{{#if (and (default "" settings.kubernetes.server-certificate) (default "" settings.kubernetes.server-key))}} -tlsCertFile: "/etc/kubernetes/pki/kubelet-server.crt" -tlsPrivateKeyFile: "/etc/kubernetes/pki/private/kubelet-server.key" -{{else}} -serverTLSBootstrap: {{settings.kubernetes.server-tls-bootstrap}} -{{/if}} -tlsCipherSuites: -- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -volumePluginDir: "/var/lib/kubelet/plugins/volume/exec" -maxPods: {{default 110 settings.kubernetes.max-pods}} -staticPodPath: "/etc/kubernetes/static-pods/" -{{#if settings.kubernetes.container-log-max-size includeZero=true}} -containerLogMaxSize: {{settings.kubernetes.container-log-max-size}} -{{/if}} -{{#if settings.kubernetes.container-log-max-files includeZero=true}} -containerLogMaxFiles: {{settings.kubernetes.container-log-max-files}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period}} -shutdownGracePeriod: {{settings.kubernetes.shutdown-grace-period}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period-for-critical-pods}} -shutdownGracePeriodCriticalPods: {{settings.kubernetes.shutdown-grace-period-for-critical-pods}} -{{/if}} -{{#if settings.kubernetes.memory-manager-reserved-memory}} -{{#if (any_enabled settings.kubernetes.memory-manager-reserved-memory)}} -{{#if settings.kubernetes.memory-manager-policy}} -memoryManagerPolicy: {{settings.kubernetes.memory-manager-policy}} -{{/if}} -reservedMemory: -{{#each settings.kubernetes.memory-manager-reserved-memory}} -{{#if this.enabled}} - - numaNode: {{@key}} - limits: -{{#if this.memory}} - memory: {{this.memory}} -{{/if}} -{{#if this.hugepages-1Gi}} - hugepages-1Gi: {{this.hugepages-1Gi}} -{{/if}} -{{#if this.hugepages-2Mi}} - hugepages-2Mi: {{this.hugepages-2Mi}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} -{{/if}} -{{#if settings.kubernetes.reserved-cpus}} -reservedSystemCPUs: {{settings.kubernetes.reserved-cpus}} -{{/if}} diff --git a/packages/kubernetes-1.25/kubelet-env b/packages/kubernetes-1.25/kubelet-env deleted file mode 100644 index 0e4aac28853..00000000000 --- a/packages/kubernetes-1.25/kubelet-env +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["join_node_taints"] } -std = { version = "v1", helpers = ["join_map"] } -+++ -NODE_IP={{settings.kubernetes.node-ip}} -NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} -NODE_TAINTS={{join_node_taints settings.kubernetes.node-taints}} diff --git a/packages/kubernetes-1.25/kubelet-exec-start-conf b/packages/kubernetes-1.25/kubelet-exec-start-conf deleted file mode 100644 index ca26d0b5e8a..00000000000 --- a/packages/kubernetes-1.25/kubelet-exec-start-conf +++ /dev/null @@ -1,41 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ -[Service] -ExecStart= -ExecStart=/usr/bin/kubelet \ -{{#unless settings.kubernetes.standalone-mode}} - --cloud-provider {{default "external" settings.kubernetes.cloud-provider}} \ - --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - --bootstrap-kubeconfig /etc/kubernetes/kubelet/bootstrap-kubeconfig \ -{{/if}} -{{else}} - --cloud-provider "" \ -{{/unless}} - --config /etc/kubernetes/kubelet/config \ - --container-runtime=remote \ - --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ - --containerd=/run/containerd/containerd.sock \ - --root-dir /var/lib/kubelet \ - --cert-dir /var/lib/kubelet/pki \ -{{#if settings.kubernetes.credential-providers}} -{{#if (any_enabled settings.kubernetes.credential-providers)}} - --image-credential-provider-bin-dir /usr/libexec/kubernetes/kubelet/plugins \ - --image-credential-provider-config /etc/kubernetes/kubelet/credential-provider-config.yaml \ -{{/if}} -{{/if}} -{{#unless (eq settings.kubernetes.cloud-provider "aws")}} -{{#if settings.kubernetes.hostname-override}} - --hostname-override {{settings.kubernetes.hostname-override}} \ -{{/if}} -{{/unless}} - --node-ip ${NODE_IP} \ - --node-labels "${NODE_LABELS}" \ - --register-with-taints "${NODE_TAINTS}" \ -{{#if settings.kubernetes.log-level includeZero=true}} - -v {{settings.kubernetes.log-level}} \ -{{/if}} - --pod-infra-container-image localhost/kubernetes/pause:0.1.0 \ - --runtime-cgroups=/runtime.slice/containerd.service diff --git a/packages/kubernetes-1.25/kubelet-kubeconfig b/packages/kubernetes-1.25/kubelet-kubeconfig deleted file mode 100644 index 0dfdcd275fe..00000000000 --- a/packages/kubernetes-1.25/kubelet-kubeconfig +++ /dev/null @@ -1,43 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if (eq settings.kubernetes.authentication-mode "aws")}} -{{#if settings.kubernetes.cluster-name}} - user: - exec: - apiVersion: client.authentication.k8s.io/v1beta1 - command: "/usr/bin/aws-iam-authenticator" - args: - - token - - "-i" - - "{{settings.kubernetes.cluster-name}}" - {{#if settings.aws.region}} - - "--region" - - "{{settings.aws.region}}" - {{/if}} -{{/if}} -{{/if}} -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - user: - client-certificate: "/var/lib/kubelet/pki/kubelet-client-current.pem" - client-key: "/var/lib/kubelet/pki/kubelet-client-current.pem" -{{/if}} diff --git a/packages/kubernetes-1.25/kubelet-server-crt b/packages/kubernetes-1.25/kubelet-server-crt deleted file mode 100644 index 92003ad427e..00000000000 --- a/packages/kubernetes-1.25/kubelet-server-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-certificate~}} -{{base64_decode settings.kubernetes.server-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.25/kubelet-server-key b/packages/kubernetes-1.25/kubelet-server-key deleted file mode 100644 index b6c74aacc56..00000000000 --- a/packages/kubernetes-1.25/kubelet-server-key +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-key~}} -{{base64_decode settings.kubernetes.server-key}} -{{~/if~}} diff --git a/packages/kubernetes-1.25/kubelet-sysctl.conf b/packages/kubernetes-1.25/kubelet-sysctl.conf deleted file mode 100644 index ed68c7e197f..00000000000 --- a/packages/kubernetes-1.25/kubelet-sysctl.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Overcommit handling mode - 1: Always overcommit -vm.overcommit_memory = 1 diff --git a/packages/kubernetes-1.25/kubelet.service b/packages/kubernetes-1.25/kubelet.service deleted file mode 100644 index 1285853f2d1..00000000000 --- a/packages/kubernetes-1.25/kubelet.service +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Kubelet -Documentation=https://github.com/kubernetes/kubernetes -After=containerd.service configured.target -Wants=configured.target -BindsTo=containerd.service - -[Service] -Slice=runtime.slice -Type=notify -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=/etc/kubernetes/kubelet/env -ExecStartPre=/sbin/iptables -P FORWARD ACCEPT -# Must be overridden by a drop-in file or `kubelet` won't start -ExecStart=/usr/bin/false - -Restart=always -RestartForceExitStatus=SIGPIPE -RestartSec=5 -Delegate=yes -KillMode=process -CPUAccounting=true -MemoryAccounting=true - -[Install] -WantedBy=multi-user.target diff --git a/packages/kubernetes-1.25/kubernetes-1.25.spec b/packages/kubernetes-1.25/kubernetes-1.25.spec deleted file mode 100644 index 2606b23bcc8..00000000000 --- a/packages/kubernetes-1.25/kubernetes-1.25.spec +++ /dev/null @@ -1,233 +0,0 @@ -# After this upstream change, the linker flags `-s -w` are always added unless -# DBG=1 is set in the environment, which would set compiler flags to disable -# optimizations and inlining: -# https://github.com/kubernetes/kubernetes/pull/108371 -# -# For now, work around this by indicating that no debug package is expected. -%global debug_package %{nil} - -%global goproject github.com/kubernetes -%global gorepo kubernetes -%global goimport %{goproject}/%{gorepo} - -%global gover 1.25.16 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -# Construct reproducible tar archives -# See https://reproducible-builds.org/docs/archives/ -%global source_date_epoch 1234567890 -%global tar_cf tar --sort=name --mtime="@%{source_date_epoch}" --owner=0 --group=0 --numeric-owner -cf - -# The kubernetes build process expects the cross-compiler to be specified via `KUBE_*_CC` -# Here we generate that variable to use bottlerocket-specific compile aliases -# Examples of the generated variable: -# KUBE_LINUX_AMD64_CC=x86_64-bottlerocket-linux-gnu-gcc -# KUBE_LINUX_ARM64_CC=aarch64-bottlerocket-linux-gnu-gcc -%global kube_cc %{shrink: \ - %{lua: print(string.upper( \ - rpm.expand("KUBE_%{_cross_go_os}_%{_cross_go_arch}_CC=")) .. \ - rpm.expand("%{_cross_target}-gcc")) }} - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Container cluster management -# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause -License: Apache-2.0 AND BSD-3-Clause -URL: https://%{goimport} -Source0: https://distro.eks.amazonaws.com/kubernetes-1-25/releases/35/artifacts/kubernetes/v%{gover}/kubernetes-src.tar.gz -Source1: kubelet.service -Source2: kubelet-env -Source3: kubelet-config -Source4: kubelet-kubeconfig -Source5: kubernetes-ca-crt -Source6: kubelet-exec-start-conf -Source7: kubelet-bootstrap-kubeconfig -Source8: kubernetes-tmpfiles.conf -Source9: kubelet-sysctl.conf -Source10: prepare-var-lib-kubelet.service -Source11: kubelet-server-crt -Source12: kubelet-server-key -Source13: etc-kubernetes-pki-private.mount -Source14: credential-provider-config-yaml -Source15: logdog.kubelet.conf - -# ExecStartPre drop-ins -Source20: prestart-load-pause-ctr.conf -Source21: dockershim-symlink.conf -Source22: make-kubelet-dirs.conf - -# pause image components -Source100: pause-config.json -Source101: pause-manifest.json -Source102: pod-infra-container-image - -Source1000: clarify.toml - -BuildRequires: git -BuildRequires: rsync -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package -n %{_cross_os}kubelet-1.25 -Summary: Container cluster node agent -Requires: %{_cross_os}conntrack-tools -Requires: %{_cross_os}containerd -Requires: %{_cross_os}findutils -Requires: %{_cross_os}ecr-credential-provider -Requires: %{_cross_os}aws-signing-helper -Requires: %{_cross_os}static-pods -Requires: %{_cross_os}kubelet-1.25(binaries) - -%description -n %{_cross_os}kubelet-1.25 -%{summary}. - -%package -n %{_cross_os}kubelet-1.25-bin -Summary: Container cluster node agent binaries -Provides: %{_cross_os}kubelet-1.25(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{_cross_os}kubelet-1.25) -Conflicts: (%{_cross_os}image-feature(fips) or %{_cross_os}kubelet-1.25-fips-bin) - -%description -n %{_cross_os}kubelet-1.25-bin -%{summary}. - -%package -n %{_cross_os}kubelet-1.25-fips-bin -Summary: Container cluster node agent binaries, FIPS edition -Provides: %{_cross_os}kubelet-1.25(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{_cross_os}kubelet-1.25) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{_cross_os}kubelet-1.25-bin) - -%description -n %{_cross_os}kubelet-1.25-fips-bin -%{summary}. - -%prep -%autosetup -Sgit -c -n %{gorepo}-%{gover} -p1 - -# third_party licenses -# multiarch/qemu-user-static ignored, we're not using it -cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph -cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit -cp third_party/forked/golang/LICENSE LICENSE.golang -cp third_party/forked/golang/PATENTS PATENTS.golang - -%build -export FORCE_HOST_GO=1 -# Build codegen programs with the host toolchain. -make generated_files - -# Build kubelet with the target toolchain. -%set_cross_go_flags -unset CC -export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" -export %{kube_cc} -export GOFLAGS="${GOFLAGS} -tags=dockerless" -export GOLDFLAGS="${GOLDFLAGS}" -make WHAT="cmd/kubelet" - -export KUBE_OUTPUT_SUBPATH="_fips_output/local" -export GOEXPERIMENT="boringcrypto" -make WHAT="cmd/kubelet" - -# build the pause container -cd build/pause/linux/ - -# Build static pause executable for container image. -mkdir -p rootfs/usr/bin -%{_cross_triple}-musl-gcc %{_cross_cflags} %{_cross_ldflags} -static-pie pause.c -o rootfs/pause - -# Construct container image. -mkdir -p image/rootfs -%tar_cf image/rootfs/layer.tar -C rootfs . -DIGEST=$(sha256sum image/rootfs/layer.tar | sed -e 's/ .*//') -install -m 0644 %{S:100} image/config.json -sed -i "s/~~digest~~/${DIGEST}/" image/config.json -install -m 0644 %{S:101} image/manifest.json - -%tar_cf ../../../_output/local/bin/linux/%{_cross_go_arch}/kubernetes-pause.tar -C image . - -%install -output="./_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} - -fips_output="./_fips_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 ${fips_output}/kubelet %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:10} %{S:13} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_unitdir}/kubelet.service.d -install -p -m 0644 %{S:20} %{S:21} %{S:22} %{buildroot}%{_cross_unitdir}/kubelet.service.d - -mkdir -p %{buildroot}%{_cross_templatedir} -install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env -install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config -install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig -install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt -install -m 0644 %{S:6} %{buildroot}%{_cross_templatedir}/kubelet-exec-start-conf -install -m 0644 %{S:7} %{buildroot}%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -install -m 0644 %{S:11} %{buildroot}%{_cross_templatedir}/kubelet-server-crt -install -m 0644 %{S:12} %{buildroot}%{_cross_templatedir}/kubelet-server-key -install -m 0644 %{S:14} %{buildroot}%{_cross_templatedir}/credential-provider-config-yaml - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:8} %{buildroot}%{_cross_tmpfilesdir}/kubernetes.conf - -install -d %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:9} %{buildroot}%{_cross_sysctldir}/90-kubelet.conf - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -ln -rs \ - %{buildroot}%{_sharedstatedir}/kubelet/plugins \ - %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet-plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -install -d %{buildroot}%{_cross_datadir}/logdog.d -install -p -m 0644 %{S:15} %{buildroot}%{_cross_datadir}/logdog.d - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 ${output}/kubernetes-pause.tar %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 %{S:102} %{buildroot}%{_cross_templatedir}/pod-infra-container-image - -%files -n %{_cross_os}kubelet-1.25 -%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/kubelet.service -%{_cross_unitdir}/prepare-var-lib-kubelet.service -%{_cross_unitdir}/etc-kubernetes-pki-private.mount -%dir %{_cross_unitdir}/kubelet.service.d -%{_cross_unitdir}/kubelet.service.d/prestart-load-pause-ctr.conf -%{_cross_unitdir}/kubelet.service.d/make-kubelet-dirs.conf -%{_cross_unitdir}/kubelet.service.d/dockershim-symlink.conf -%dir %{_cross_templatedir} -%{_cross_templatedir}/kubelet-env -%{_cross_templatedir}/kubelet-config -%{_cross_templatedir}/kubelet-kubeconfig -%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -%{_cross_templatedir}/kubelet-exec-start-conf -%{_cross_templatedir}/kubernetes-ca-crt -%{_cross_templatedir}/kubelet-server-crt -%{_cross_templatedir}/kubelet-server-key -%{_cross_templatedir}/credential-provider-config-yaml -%{_cross_tmpfilesdir}/kubernetes.conf -%{_cross_sysctldir}/90-kubelet.conf -%dir %{_cross_libexecdir}/kubernetes -%{_cross_libexecdir}/kubernetes/kubelet-plugins -%{_cross_libexecdir}/kubernetes/kubernetes-pause.tar -%{_cross_templatedir}/pod-infra-container-image -%{_cross_datadir}/logdog.d/logdog.kubelet.conf - -%files -n %{_cross_os}kubelet-1.25-bin -%{_cross_bindir}/kubelet - -%files -n %{_cross_os}kubelet-1.25-fips-bin -%{_cross_fips_bindir}/kubelet - -%changelog diff --git a/packages/kubernetes-1.25/kubernetes-ca-crt b/packages/kubernetes-1.25/kubernetes-ca-crt deleted file mode 100644 index 93fd4e253ec..00000000000 --- a/packages/kubernetes-1.25/kubernetes-ca-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.cluster-certificate~}} -{{base64_decode settings.kubernetes.cluster-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.25/kubernetes-tmpfiles.conf b/packages/kubernetes-1.25/kubernetes-tmpfiles.conf deleted file mode 100644 index 4b17aba9d8a..00000000000 --- a/packages/kubernetes-1.25/kubernetes-tmpfiles.conf +++ /dev/null @@ -1,7 +0,0 @@ -d /etc/kubernetes/static-pods - - - - -L /etc/kubernetes/manifests - - - - static-pods -L /etc/kubernetes/secrets-store-csi-providers - - - - /var/lib/kubelet/providers/secrets-store -r! /var/lib/kubelet/cpu_manager_state -L /etc/kubernetes/node-feature-discovery/features.d - - - - /var/lib/kubelet/node-feature-discovery/features.d -d /opt/csi/mountpoint-s3 - - - - -L+ /opt/mountpoint-s3-csi - - - - /opt/csi/mountpoint-s3 diff --git a/packages/kubernetes-1.25/logdog.kubelet.conf b/packages/kubernetes-1.25/logdog.kubelet.conf deleted file mode 100644 index 850a0b4c1ba..00000000000 --- a/packages/kubernetes-1.25/logdog.kubelet.conf +++ /dev/null @@ -1,3 +0,0 @@ -exec kube-status systemctl status kube* -l --no-pager -file ipamd.log /var/log/aws-routed-eni/ipamd.log -file plugin.log /var/log/aws-routed-eni/plugin.log diff --git a/packages/kubernetes-1.25/make-kubelet-dirs.conf b/packages/kubernetes-1.25/make-kubelet-dirs.conf deleted file mode 100644 index a7249c9ac3f..00000000000 --- a/packages/kubernetes-1.25/make-kubelet-dirs.conf +++ /dev/null @@ -1,5 +0,0 @@ -[Service] -# Create the backing directories for symlinks in /etc -ExecStartPre=/usr/bin/mkdir -p \ - /var/lib/kubelet/providers/secrets-store \ - /var/lib/kubelet/node-feature-discovery/features.d diff --git a/packages/kubernetes-1.25/pause-config.json b/packages/kubernetes-1.25/pause-config.json deleted file mode 100644 index 8c2a7cde979..00000000000 --- a/packages/kubernetes-1.25/pause-config.json +++ /dev/null @@ -1 +0,0 @@ -{"author":"Bottlerocket","config":{"Cmd":["/pause"],"ArgsEscaped":true},"created":"2014-12-12T01:12:53.332832423Z","history":[{"created":"2014-12-12T01:12:53.332832423Z","author":"Bottlerocket","created_by":"Bottlerocket","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:~~digest~~"]}} diff --git a/packages/kubernetes-1.25/pause-manifest.json b/packages/kubernetes-1.25/pause-manifest.json deleted file mode 100644 index e8af2c103a7..00000000000 --- a/packages/kubernetes-1.25/pause-manifest.json +++ /dev/null @@ -1 +0,0 @@ -[{"Config":"config.json","RepoTags":["localhost/kubernetes/pause:0.1.0"],"Layers":["rootfs/layer.tar"]}] diff --git a/packages/kubernetes-1.25/pod-infra-container-image b/packages/kubernetes-1.25/pod-infra-container-image deleted file mode 100644 index 9b3f9a3954a..00000000000 --- a/packages/kubernetes-1.25/pod-infra-container-image +++ /dev/null @@ -1,6 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", optional = true } -+++ -{{~#if settings.kubernetes.pod-infra-container-image~}} -DEPRECATED_SETTING=settings.kubernetes.pod-infra-container-image -{{~/if~}} diff --git a/packages/kubernetes-1.25/prepare-var-lib-kubelet.service b/packages/kubernetes-1.25/prepare-var-lib-kubelet.service deleted file mode 100644 index 1b8c6207aa4..00000000000 --- a/packages/kubernetes-1.25/prepare-var-lib-kubelet.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Kubelet Directory (/var/lib/kubelet) -DefaultDependencies=no -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Remove an existing symlink, if present. Intentionally not recursive! -ExecStartPre=-/usr/bin/rm -f /var/lib/kubelet - -# Create /var/lib/kubelet so it is available for bind mounts. -ExecStart=/usr/bin/mkdir -p /var/lib/kubelet - -# Suppress warning if directory exists. -StandardError=null - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/kubernetes-1.25/prestart-load-pause-ctr.conf b/packages/kubernetes-1.25/prestart-load-pause-ctr.conf deleted file mode 100644 index 4e21b0d9b45..00000000000 --- a/packages/kubernetes-1.25/prestart-load-pause-ctr.conf +++ /dev/null @@ -1,14 +0,0 @@ -[Service] -# load the built-in pause image -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image import \ - --all-platforms \ - /usr/libexec/kubernetes/kubernetes-pause.tar - -# label it to prevent it from being removed -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image label \ - localhost/kubernetes/pause:0.1.0 \ - io.cri-containerd.pinned=pinned diff --git a/packages/kubernetes-1.26/Cargo.toml b/packages/kubernetes-1.26/Cargo.toml deleted file mode 100644 index 2c5810b0aa9..00000000000 --- a/packages/kubernetes-1.26/Cargo.toml +++ /dev/null @@ -1,32 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "kubernetes-1_26" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kubernetes-1.26" - -[[package.metadata.build-package.external-files]] -url = "https://distro.eks.amazonaws.com/kubernetes-1-26/releases/31/artifacts/kubernetes/v1.26.14/kubernetes-src.tar.gz" -sha512 = "6e4df683493b055e0445be2389f7c31b48da5a26f82f833df9ab9d0ae17e769cda65d58e0af2bbd4472a30b6f8ec4bd144af00b35a8ecd2b7afd9c62c2fcc7dc" -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -aws-signing-helper = { path = "../aws-signing-helper" } -ecr-credential-provider = { path = "../ecr-credential-provider" } -static-pods = { path = "../static-pods" } -# `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, -# and are pulled in by `release`. -# conntrack-tools = { path = "../conntrack-tools" } -# containerd = { path = "../containerd" } -# findutils = { path = "../findutils" } diff --git a/packages/kubernetes-1.26/clarify.toml b/packages/kubernetes-1.26/clarify.toml deleted file mode 100644 index 5b6e8b60967..00000000000 --- a/packages/kubernetes-1.26/clarify.toml +++ /dev/null @@ -1,62 +0,0 @@ -[clarify."github.com/JeffAshton/win_pdh"] -expression = "BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xb221dcc9 }, -] - -[clarify."github.com/daviddengcn/go-colortext"] -expression = "BSD-3-Clause AND MIT" -license-files = [ - { path = "LICENSE", hash = 0x9769fae1 }, -] - -[clarify."github.com/ghodss/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."github.com/heketi/heketi"] -# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ -expression = "LGPL-3.0-or-later OR Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0x3c4b96d1 }, - { path = "LICENSE-APACHE2", hash = 0x438c8616 }, - { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, -] -skip-files = [ "COPYING-GPLV2" ] - -[clarify."github.com/go-bindata/go-bindata"] -expression = "CC0-1.0" -license-files = [ - { path = "LICENSE", hash = 0x393fafd6 }, -] - -[clarify."github.com/miekg/dns"] -expression = "BSD-3-Clause" -license-files = [ - { path = "COPYRIGHT", hash = 0xe41dd36c }, - { path = "LICENSE", hash = 0xfc8f12ff }, -] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."honnef.co/go/tools"] -expression = "MIT AND BSD-3-Clause AND Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xad378ed2 }, - { path = "LICENSE-THIRD-PARTY", hash = 0x546425eb }, - { path = "lint/LICENSE", hash = 0xc6b58232 }, - { path = "ssa/LICENSE", hash = 0xe656fb62 }, -] - -[clarify."github.com/storageos/go-api"] -expression = "MIT AND BSD-2-Clause" -license-files = [ - { path = "LICENCE", hash = 0x67a6861e }, -] -skip-files = ["licence.go", "types/licence.go"] diff --git a/packages/kubernetes-1.26/credential-provider-config-yaml b/packages/kubernetes-1.26/credential-provider-config-yaml deleted file mode 100644 index d8dd1d46a65..00000000000 --- a/packages/kubernetes-1.26/credential-provider-config-yaml +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -std = { version = "v1", helpers = ["default"] } -+++ -apiVersion: kubelet.config.k8s.io/v1 -kind: CredentialProviderConfig -providers: -{{#if settings.kubernetes.credential-providers}} -{{#each settings.kubernetes.credential-providers}} -{{#if this.enabled}} - - name: {{@key}} - matchImages: -{{#each this.image-patterns}} - - "{{this}}" -{{/each}} - defaultCacheDuration: "{{default "12h" this.cache-duration}}" - apiVersion: credentialprovider.kubelet.k8s.io/v1alpha1 -{{#if (or (eq @key "ecr-credential-provider") this.environment)}} - env: -{{#if this.environment}} -{{#each this.environment}} - - name: {{@key}} - value: '{{this}}' -{{/each}} -{{/if}} -{{#if (eq @key "ecr-credential-provider")}} - - name: HOME - value: '/root' -{{#if @root.settings.aws.profile}} - - name: AWS_PROFILE - value: '{{@root.settings.aws.profile}}' -{{/if}} -{{/if}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/kubernetes-1.26/dockershim-symlink.conf b/packages/kubernetes-1.26/dockershim-symlink.conf deleted file mode 100644 index d3fcda86914..00000000000 --- a/packages/kubernetes-1.26/dockershim-symlink.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -ExecStartPre=/bin/ln -sf /run/containerd/containerd.sock /run/dockershim.sock diff --git a/packages/kubernetes-1.26/etc-kubernetes-pki-private.mount b/packages/kubernetes-1.26/etc-kubernetes-pki-private.mount deleted file mode 100644 index 584e61475d1..00000000000 --- a/packages/kubernetes-1.26/etc-kubernetes-pki-private.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Kubernetes PKI private directory (/etc/kubernetes/pki/private) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/kubernetes/pki/private -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:secret_t:s0,mode=0700 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/kubernetes-1.26/kubelet-bootstrap-kubeconfig b/packages/kubernetes-1.26/kubelet-bootstrap-kubeconfig deleted file mode 100644 index 52bef7191cc..00000000000 --- a/packages/kubernetes-1.26/kubelet-bootstrap-kubeconfig +++ /dev/null @@ -1,25 +0,0 @@ -[required-extensions] -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if settings.kubernetes.bootstrap-token}} - user: - token: "{{settings.kubernetes.bootstrap-token}}" -{{/if}} diff --git a/packages/kubernetes-1.26/kubelet-config b/packages/kubernetes-1.26/kubelet-config deleted file mode 100644 index 8fa3567e1ad..00000000000 --- a/packages/kubernetes-1.26/kubelet-config +++ /dev/null @@ -1,191 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["kube_reserve_cpu", "kube_reserve_memory"] } -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ ---- -kind: KubeletConfiguration -apiVersion: kubelet.config.k8s.io/v1beta1 -{{#if settings.kubernetes.standalone-mode}} -address: 127.0.0.1 -authentication: - anonymous: - enabled: true - webhook: - enabled: false -authorization: - mode: AlwaysAllow -{{else}} -address: 0.0.0.0 -authentication: - anonymous: - enabled: false - webhook: - cacheTTL: 2m0s - enabled: true - x509: - clientCAFile: "/etc/kubernetes/pki/ca.crt" -authorization: - mode: Webhook - webhook: - cacheAuthorizedTTL: 5m0s - cacheUnauthorizedTTL: 30s -{{/if}} -clusterDomain: {{settings.kubernetes.cluster-domain}} -{{#if settings.kubernetes.cluster-dns-ip}} -clusterDNS: -{{#each settings.kubernetes.cluster-dns-ip}} -- {{this}} -{{else}} -- {{settings.kubernetes.cluster-dns-ip}} -{{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-hard}} -evictionHard: - {{#each settings.kubernetes.eviction-hard}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft}} -evictionSoft: - {{#each settings.kubernetes.eviction-soft}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft-grace-period}} -evictionSoftGracePeriod: - {{#each settings.kubernetes.eviction-soft-grace-period}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-max-pod-grace-period}} -evictionMaxPodGracePeriod: {{settings.kubernetes.eviction-max-pod-grace-period}} -{{/if}} -{{#if settings.kubernetes.allowed-unsafe-sysctls}} -allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}} -{{/if}} -{{#if settings.kubernetes.registry-qps includeZero=true}} -registryPullQPS: {{settings.kubernetes.registry-qps}} -{{/if}} -{{#if settings.kubernetes.registry-burst includeZero=true}} -registryBurst: {{settings.kubernetes.registry-burst}} -{{/if}} -{{#if settings.kubernetes.event-qps includeZero=true}} -eventRecordQPS: {{settings.kubernetes.event-qps}} -{{/if}} -{{#if settings.kubernetes.event-burst includeZero=true}} -eventBurst: {{settings.kubernetes.event-burst}} -{{/if}} -kubeAPIQPS: {{default 10 settings.kubernetes.kube-api-qps}} -kubeAPIBurst: {{default 20 settings.kubernetes.kube-api-burst}} -kubeReserved: - cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}" - {{#if settings.kubernetes.kube-reserved.memory}} - memory: "{{settings.kubernetes.kube-reserved.memory}}" - {{else}} - {{#if settings.kubernetes.max-pods}} - memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}" - {{/if}} - {{/if}} - ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}" -{{#unless settings.kubernetes.reserved-cpus}} -kubeReservedCgroup: "/runtime" -{{/unless}} -{{#if settings.kubernetes.system-reserved}} -systemReserved: - {{#each settings.kubernetes.system-reserved}} - {{@key}}: "{{this}}" - {{/each}} -{{#unless settings.kubernetes.reserved-cpus}} -systemReservedCgroup: "/system" -{{/unless}} -{{/if}} -cpuCFSQuota: {{default true settings.kubernetes.cpu-cfs-quota-enforced}} -cpuManagerPolicy: {{default "none" settings.kubernetes.cpu-manager-policy}} -{{#if settings.kubernetes.cpu-manager-reconcile-period}} -cpuManagerReconcilePeriod: {{settings.kubernetes.cpu-manager-reconcile-period}} -{{/if}} -{{#if settings.kubernetes.cpu-manager-policy-options}} -cpuManagerPolicyOptions: -{{#each settings.kubernetes.cpu-manager-policy-options}} - {{this}}: "true" -{{/each}} -{{/if}} -{{#if settings.kubernetes.topology-manager-scope}} -topologyManagerScope: {{settings.kubernetes.topology-manager-scope}} -{{/if}} -{{#if settings.kubernetes.topology-manager-policy}} -topologyManagerPolicy: {{settings.kubernetes.topology-manager-policy}} -{{/if}} -podPidsLimit: {{default 1048576 settings.kubernetes.pod-pids-limit}} -{{#if settings.kubernetes.image-gc-high-threshold-percent includeZero=true}} -imageGCHighThresholdPercent: {{settings.kubernetes.image-gc-high-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.image-gc-low-threshold-percent includeZero=true}} -imageGCLowThresholdPercent: {{settings.kubernetes.image-gc-low-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.provider-id}} -providerID: {{settings.kubernetes.provider-id}} -{{/if}} -resolvConf: "/run/netdog/resolv.conf" -hairpinMode: hairpin-veth -readOnlyPort: 0 -cgroupDriver: systemd -cgroupRoot: "/" -runtimeRequestTimeout: 15m -featureGates: - RotateKubeletServerCertificate: true - CSIMigration: true - CSIMigrationAWS: true - CSIMigrationvSphere: true -protectKernelDefaults: true -serializeImagePulls: false -seccompDefault: {{default false settings.kubernetes.seccomp-default}} -{{#if (and (default "" settings.kubernetes.server-certificate) (default "" settings.kubernetes.server-key))}} -tlsCertFile: "/etc/kubernetes/pki/kubelet-server.crt" -tlsPrivateKeyFile: "/etc/kubernetes/pki/private/kubelet-server.key" -{{else}} -serverTLSBootstrap: {{settings.kubernetes.server-tls-bootstrap}} -{{/if}} -tlsCipherSuites: -- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -volumePluginDir: "/var/lib/kubelet/plugins/volume/exec" -maxPods: {{default 110 settings.kubernetes.max-pods}} -staticPodPath: "/etc/kubernetes/static-pods/" -{{#if settings.kubernetes.container-log-max-size includeZero=true}} -containerLogMaxSize: {{settings.kubernetes.container-log-max-size}} -{{/if}} -{{#if settings.kubernetes.container-log-max-files includeZero=true}} -containerLogMaxFiles: {{settings.kubernetes.container-log-max-files}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period}} -shutdownGracePeriod: {{settings.kubernetes.shutdown-grace-period}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period-for-critical-pods}} -shutdownGracePeriodCriticalPods: {{settings.kubernetes.shutdown-grace-period-for-critical-pods}} -{{/if}} -{{#if settings.kubernetes.memory-manager-reserved-memory}} -{{#if (any_enabled settings.kubernetes.memory-manager-reserved-memory)}} -{{#if settings.kubernetes.memory-manager-policy}} -memoryManagerPolicy: {{settings.kubernetes.memory-manager-policy}} -{{/if}} -reservedMemory: -{{#each settings.kubernetes.memory-manager-reserved-memory}} -{{#if this.enabled}} - - numaNode: {{@key}} - limits: -{{#if this.memory}} - memory: {{this.memory}} -{{/if}} -{{#if this.hugepages-1Gi}} - hugepages-1Gi: {{this.hugepages-1Gi}} -{{/if}} -{{#if this.hugepages-2Mi}} - hugepages-2Mi: {{this.hugepages-2Mi}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} -{{/if}} -{{#if settings.kubernetes.reserved-cpus}} -reservedSystemCPUs: {{settings.kubernetes.reserved-cpus}} -{{/if}} diff --git a/packages/kubernetes-1.26/kubelet-env b/packages/kubernetes-1.26/kubelet-env deleted file mode 100644 index 0e4aac28853..00000000000 --- a/packages/kubernetes-1.26/kubelet-env +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["join_node_taints"] } -std = { version = "v1", helpers = ["join_map"] } -+++ -NODE_IP={{settings.kubernetes.node-ip}} -NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} -NODE_TAINTS={{join_node_taints settings.kubernetes.node-taints}} diff --git a/packages/kubernetes-1.26/kubelet-exec-start-conf b/packages/kubernetes-1.26/kubelet-exec-start-conf deleted file mode 100644 index ca26d0b5e8a..00000000000 --- a/packages/kubernetes-1.26/kubelet-exec-start-conf +++ /dev/null @@ -1,41 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ -[Service] -ExecStart= -ExecStart=/usr/bin/kubelet \ -{{#unless settings.kubernetes.standalone-mode}} - --cloud-provider {{default "external" settings.kubernetes.cloud-provider}} \ - --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - --bootstrap-kubeconfig /etc/kubernetes/kubelet/bootstrap-kubeconfig \ -{{/if}} -{{else}} - --cloud-provider "" \ -{{/unless}} - --config /etc/kubernetes/kubelet/config \ - --container-runtime=remote \ - --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ - --containerd=/run/containerd/containerd.sock \ - --root-dir /var/lib/kubelet \ - --cert-dir /var/lib/kubelet/pki \ -{{#if settings.kubernetes.credential-providers}} -{{#if (any_enabled settings.kubernetes.credential-providers)}} - --image-credential-provider-bin-dir /usr/libexec/kubernetes/kubelet/plugins \ - --image-credential-provider-config /etc/kubernetes/kubelet/credential-provider-config.yaml \ -{{/if}} -{{/if}} -{{#unless (eq settings.kubernetes.cloud-provider "aws")}} -{{#if settings.kubernetes.hostname-override}} - --hostname-override {{settings.kubernetes.hostname-override}} \ -{{/if}} -{{/unless}} - --node-ip ${NODE_IP} \ - --node-labels "${NODE_LABELS}" \ - --register-with-taints "${NODE_TAINTS}" \ -{{#if settings.kubernetes.log-level includeZero=true}} - -v {{settings.kubernetes.log-level}} \ -{{/if}} - --pod-infra-container-image localhost/kubernetes/pause:0.1.0 \ - --runtime-cgroups=/runtime.slice/containerd.service diff --git a/packages/kubernetes-1.26/kubelet-kubeconfig b/packages/kubernetes-1.26/kubelet-kubeconfig deleted file mode 100644 index 0dfdcd275fe..00000000000 --- a/packages/kubernetes-1.26/kubelet-kubeconfig +++ /dev/null @@ -1,43 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if (eq settings.kubernetes.authentication-mode "aws")}} -{{#if settings.kubernetes.cluster-name}} - user: - exec: - apiVersion: client.authentication.k8s.io/v1beta1 - command: "/usr/bin/aws-iam-authenticator" - args: - - token - - "-i" - - "{{settings.kubernetes.cluster-name}}" - {{#if settings.aws.region}} - - "--region" - - "{{settings.aws.region}}" - {{/if}} -{{/if}} -{{/if}} -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - user: - client-certificate: "/var/lib/kubelet/pki/kubelet-client-current.pem" - client-key: "/var/lib/kubelet/pki/kubelet-client-current.pem" -{{/if}} diff --git a/packages/kubernetes-1.26/kubelet-server-crt b/packages/kubernetes-1.26/kubelet-server-crt deleted file mode 100644 index 92003ad427e..00000000000 --- a/packages/kubernetes-1.26/kubelet-server-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-certificate~}} -{{base64_decode settings.kubernetes.server-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.26/kubelet-server-key b/packages/kubernetes-1.26/kubelet-server-key deleted file mode 100644 index b6c74aacc56..00000000000 --- a/packages/kubernetes-1.26/kubelet-server-key +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-key~}} -{{base64_decode settings.kubernetes.server-key}} -{{~/if~}} diff --git a/packages/kubernetes-1.26/kubelet-sysctl.conf b/packages/kubernetes-1.26/kubelet-sysctl.conf deleted file mode 100644 index ed68c7e197f..00000000000 --- a/packages/kubernetes-1.26/kubelet-sysctl.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Overcommit handling mode - 1: Always overcommit -vm.overcommit_memory = 1 diff --git a/packages/kubernetes-1.26/kubelet.service b/packages/kubernetes-1.26/kubelet.service deleted file mode 100644 index 1285853f2d1..00000000000 --- a/packages/kubernetes-1.26/kubelet.service +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Kubelet -Documentation=https://github.com/kubernetes/kubernetes -After=containerd.service configured.target -Wants=configured.target -BindsTo=containerd.service - -[Service] -Slice=runtime.slice -Type=notify -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=/etc/kubernetes/kubelet/env -ExecStartPre=/sbin/iptables -P FORWARD ACCEPT -# Must be overridden by a drop-in file or `kubelet` won't start -ExecStart=/usr/bin/false - -Restart=always -RestartForceExitStatus=SIGPIPE -RestartSec=5 -Delegate=yes -KillMode=process -CPUAccounting=true -MemoryAccounting=true - -[Install] -WantedBy=multi-user.target diff --git a/packages/kubernetes-1.26/kubernetes-1.26.spec b/packages/kubernetes-1.26/kubernetes-1.26.spec deleted file mode 100644 index 33ce3b248fb..00000000000 --- a/packages/kubernetes-1.26/kubernetes-1.26.spec +++ /dev/null @@ -1,233 +0,0 @@ -# After this upstream change, the linker flags `-s -w` are always added unless -# DBG=1 is set in the environment, which would set compiler flags to disable -# optimizations and inlining: -# https://github.com/kubernetes/kubernetes/pull/108371 -# -# For now, work around this by indicating that no debug package is expected. -%global debug_package %{nil} - -%global goproject github.com/kubernetes -%global gorepo kubernetes -%global goimport %{goproject}/%{gorepo} - -%global gover 1.26.14 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -# Construct reproducible tar archives -# See https://reproducible-builds.org/docs/archives/ -%global source_date_epoch 1234567890 -%global tar_cf tar --sort=name --mtime="@%{source_date_epoch}" --owner=0 --group=0 --numeric-owner -cf - -# The kubernetes build process expects the cross-compiler to be specified via `KUBE_*_CC` -# Here we generate that variable to use bottlerocket-specific compile aliases -# Examples of the generated variable: -# KUBE_LINUX_AMD64_CC=x86_64-bottlerocket-linux-gnu-gcc -# KUBE_LINUX_ARM64_CC=aarch64-bottlerocket-linux-gnu-gcc -%global kube_cc %{shrink: \ - %{lua: print(string.upper( \ - rpm.expand("KUBE_%{_cross_go_os}_%{_cross_go_arch}_CC=")) .. \ - rpm.expand("%{_cross_target}-gcc")) }} - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Container cluster management -# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause -License: Apache-2.0 AND BSD-3-Clause -URL: https://%{goimport} -Source0: https://distro.eks.amazonaws.com/kubernetes-1-26/releases/31/artifacts/kubernetes/v%{gover}/kubernetes-src.tar.gz -Source1: kubelet.service -Source2: kubelet-env -Source3: kubelet-config -Source4: kubelet-kubeconfig -Source5: kubernetes-ca-crt -Source6: kubelet-exec-start-conf -Source7: kubelet-bootstrap-kubeconfig -Source8: kubernetes-tmpfiles.conf -Source9: kubelet-sysctl.conf -Source10: prepare-var-lib-kubelet.service -Source11: kubelet-server-crt -Source12: kubelet-server-key -Source13: etc-kubernetes-pki-private.mount -Source14: credential-provider-config-yaml -Source15: logdog.kubelet.conf - -# ExecStartPre drop-ins -Source20: prestart-load-pause-ctr.conf -Source21: dockershim-symlink.conf -Source22: make-kubelet-dirs.conf - -# pause image components -Source100: pause-config.json -Source101: pause-manifest.json -Source102: pod-infra-container-image - -Source1000: clarify.toml - -BuildRequires: git -BuildRequires: rsync -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package -n %{_cross_os}kubelet-1.26 -Summary: Container cluster node agent -Requires: %{_cross_os}conntrack-tools -Requires: %{_cross_os}containerd -Requires: %{_cross_os}findutils -Requires: %{_cross_os}ecr-credential-provider -Requires: %{_cross_os}aws-signing-helper -Requires: %{_cross_os}static-pods -Requires: %{_cross_os}kubelet-1.26(binaries) - -%description -n %{_cross_os}kubelet-1.26 -%{summary}. - -%package -n %{_cross_os}kubelet-1.26-bin -Summary: Container cluster node agent binaries -Provides: %{_cross_os}kubelet-1.26(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{_cross_os}kubelet-1.26) -Conflicts: (%{_cross_os}image-feature(fips) or %{_cross_os}kubelet-1.26-fips-bin) - -%description -n %{_cross_os}kubelet-1.26-bin -%{summary}. - -%package -n %{_cross_os}kubelet-1.26-fips-bin -Summary: Container cluster node agent binaries, FIPS edition -Provides: %{_cross_os}kubelet-1.26(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{_cross_os}kubelet-1.26) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{_cross_os}kubelet-1.26-bin) - -%description -n %{_cross_os}kubelet-1.26-fips-bin -%{summary}. - -%prep -%autosetup -Sgit -c -n %{gorepo}-%{gover} -p1 - -# third_party licenses -# multiarch/qemu-user-static ignored, we're not using it -cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph -cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit -cp third_party/forked/golang/LICENSE LICENSE.golang -cp third_party/forked/golang/PATENTS PATENTS.golang - -%build -export FORCE_HOST_GO=1 -# Build codegen programs with the host toolchain. -make hack/update-codegen.sh - -# Build kubelet with the target toolchain. -%set_cross_go_flags -unset CC -export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" -export %{kube_cc} -export GOFLAGS="${GOFLAGS} -tags=dockerless" -export GOLDFLAGS="${GOLDFLAGS}" -make WHAT="cmd/kubelet" - -export KUBE_OUTPUT_SUBPATH="_fips_output/local" -export GOEXPERIMENT="boringcrypto" -make WHAT="cmd/kubelet" - -# build the pause container -cd build/pause/linux/ - -# Build static pause executable for container image. -mkdir -p rootfs/usr/bin -%{_cross_triple}-musl-gcc %{_cross_cflags} %{_cross_ldflags} -static-pie pause.c -o rootfs/pause - -# Construct container image. -mkdir -p image/rootfs -%tar_cf image/rootfs/layer.tar -C rootfs . -DIGEST=$(sha256sum image/rootfs/layer.tar | sed -e 's/ .*//') -install -m 0644 %{S:100} image/config.json -sed -i "s/~~digest~~/${DIGEST}/" image/config.json -install -m 0644 %{S:101} image/manifest.json - -%tar_cf ../../../_output/local/bin/linux/%{_cross_go_arch}/kubernetes-pause.tar -C image . - -%install -output="./_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} - -fips_output="./_fips_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 ${fips_output}/kubelet %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:10} %{S:13} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_unitdir}/kubelet.service.d -install -p -m 0644 %{S:20} %{S:21} %{S:22} %{buildroot}%{_cross_unitdir}/kubelet.service.d - -mkdir -p %{buildroot}%{_cross_templatedir} -install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env -install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config -install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig -install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt -install -m 0644 %{S:6} %{buildroot}%{_cross_templatedir}/kubelet-exec-start-conf -install -m 0644 %{S:7} %{buildroot}%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -install -m 0644 %{S:11} %{buildroot}%{_cross_templatedir}/kubelet-server-crt -install -m 0644 %{S:12} %{buildroot}%{_cross_templatedir}/kubelet-server-key -install -m 0644 %{S:14} %{buildroot}%{_cross_templatedir}/credential-provider-config-yaml - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:8} %{buildroot}%{_cross_tmpfilesdir}/kubernetes.conf - -install -d %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:9} %{buildroot}%{_cross_sysctldir}/90-kubelet.conf - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -ln -rs \ - %{buildroot}%{_sharedstatedir}/kubelet/plugins \ - %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet-plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -install -d %{buildroot}%{_cross_datadir}/logdog.d -install -p -m 0644 %{S:15} %{buildroot}%{_cross_datadir}/logdog.d - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 ${output}/kubernetes-pause.tar %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 %{S:102} %{buildroot}%{_cross_templatedir}/pod-infra-container-image - -%files -n %{_cross_os}kubelet-1.26 -%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/kubelet.service -%{_cross_unitdir}/prepare-var-lib-kubelet.service -%{_cross_unitdir}/etc-kubernetes-pki-private.mount -%dir %{_cross_unitdir}/kubelet.service.d -%{_cross_unitdir}/kubelet.service.d/prestart-load-pause-ctr.conf -%{_cross_unitdir}/kubelet.service.d/make-kubelet-dirs.conf -%{_cross_unitdir}/kubelet.service.d/dockershim-symlink.conf -%dir %{_cross_templatedir} -%{_cross_templatedir}/kubelet-env -%{_cross_templatedir}/kubelet-config -%{_cross_templatedir}/kubelet-kubeconfig -%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -%{_cross_templatedir}/kubelet-exec-start-conf -%{_cross_templatedir}/kubernetes-ca-crt -%{_cross_templatedir}/kubelet-server-crt -%{_cross_templatedir}/kubelet-server-key -%{_cross_templatedir}/credential-provider-config-yaml -%{_cross_tmpfilesdir}/kubernetes.conf -%{_cross_sysctldir}/90-kubelet.conf -%dir %{_cross_libexecdir}/kubernetes -%{_cross_libexecdir}/kubernetes/kubelet-plugins -%{_cross_libexecdir}/kubernetes/kubernetes-pause.tar -%{_cross_templatedir}/pod-infra-container-image -%{_cross_datadir}/logdog.d/logdog.kubelet.conf - -%files -n %{_cross_os}kubelet-1.26-bin -%{_cross_bindir}/kubelet - -%files -n %{_cross_os}kubelet-1.26-fips-bin -%{_cross_fips_bindir}/kubelet - -%changelog diff --git a/packages/kubernetes-1.26/kubernetes-ca-crt b/packages/kubernetes-1.26/kubernetes-ca-crt deleted file mode 100644 index 93fd4e253ec..00000000000 --- a/packages/kubernetes-1.26/kubernetes-ca-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.cluster-certificate~}} -{{base64_decode settings.kubernetes.cluster-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.26/kubernetes-tmpfiles.conf b/packages/kubernetes-1.26/kubernetes-tmpfiles.conf deleted file mode 100644 index 4b17aba9d8a..00000000000 --- a/packages/kubernetes-1.26/kubernetes-tmpfiles.conf +++ /dev/null @@ -1,7 +0,0 @@ -d /etc/kubernetes/static-pods - - - - -L /etc/kubernetes/manifests - - - - static-pods -L /etc/kubernetes/secrets-store-csi-providers - - - - /var/lib/kubelet/providers/secrets-store -r! /var/lib/kubelet/cpu_manager_state -L /etc/kubernetes/node-feature-discovery/features.d - - - - /var/lib/kubelet/node-feature-discovery/features.d -d /opt/csi/mountpoint-s3 - - - - -L+ /opt/mountpoint-s3-csi - - - - /opt/csi/mountpoint-s3 diff --git a/packages/kubernetes-1.26/logdog.kubelet.conf b/packages/kubernetes-1.26/logdog.kubelet.conf deleted file mode 100644 index 850a0b4c1ba..00000000000 --- a/packages/kubernetes-1.26/logdog.kubelet.conf +++ /dev/null @@ -1,3 +0,0 @@ -exec kube-status systemctl status kube* -l --no-pager -file ipamd.log /var/log/aws-routed-eni/ipamd.log -file plugin.log /var/log/aws-routed-eni/plugin.log diff --git a/packages/kubernetes-1.26/make-kubelet-dirs.conf b/packages/kubernetes-1.26/make-kubelet-dirs.conf deleted file mode 100644 index a7249c9ac3f..00000000000 --- a/packages/kubernetes-1.26/make-kubelet-dirs.conf +++ /dev/null @@ -1,5 +0,0 @@ -[Service] -# Create the backing directories for symlinks in /etc -ExecStartPre=/usr/bin/mkdir -p \ - /var/lib/kubelet/providers/secrets-store \ - /var/lib/kubelet/node-feature-discovery/features.d diff --git a/packages/kubernetes-1.26/pause-config.json b/packages/kubernetes-1.26/pause-config.json deleted file mode 100644 index 8c2a7cde979..00000000000 --- a/packages/kubernetes-1.26/pause-config.json +++ /dev/null @@ -1 +0,0 @@ -{"author":"Bottlerocket","config":{"Cmd":["/pause"],"ArgsEscaped":true},"created":"2014-12-12T01:12:53.332832423Z","history":[{"created":"2014-12-12T01:12:53.332832423Z","author":"Bottlerocket","created_by":"Bottlerocket","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:~~digest~~"]}} diff --git a/packages/kubernetes-1.26/pause-manifest.json b/packages/kubernetes-1.26/pause-manifest.json deleted file mode 100644 index e8af2c103a7..00000000000 --- a/packages/kubernetes-1.26/pause-manifest.json +++ /dev/null @@ -1 +0,0 @@ -[{"Config":"config.json","RepoTags":["localhost/kubernetes/pause:0.1.0"],"Layers":["rootfs/layer.tar"]}] diff --git a/packages/kubernetes-1.26/pod-infra-container-image b/packages/kubernetes-1.26/pod-infra-container-image deleted file mode 100644 index 9b3f9a3954a..00000000000 --- a/packages/kubernetes-1.26/pod-infra-container-image +++ /dev/null @@ -1,6 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", optional = true } -+++ -{{~#if settings.kubernetes.pod-infra-container-image~}} -DEPRECATED_SETTING=settings.kubernetes.pod-infra-container-image -{{~/if~}} diff --git a/packages/kubernetes-1.26/prepare-var-lib-kubelet.service b/packages/kubernetes-1.26/prepare-var-lib-kubelet.service deleted file mode 100644 index 1b8c6207aa4..00000000000 --- a/packages/kubernetes-1.26/prepare-var-lib-kubelet.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Kubelet Directory (/var/lib/kubelet) -DefaultDependencies=no -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Remove an existing symlink, if present. Intentionally not recursive! -ExecStartPre=-/usr/bin/rm -f /var/lib/kubelet - -# Create /var/lib/kubelet so it is available for bind mounts. -ExecStart=/usr/bin/mkdir -p /var/lib/kubelet - -# Suppress warning if directory exists. -StandardError=null - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/kubernetes-1.26/prestart-load-pause-ctr.conf b/packages/kubernetes-1.26/prestart-load-pause-ctr.conf deleted file mode 100644 index 4e21b0d9b45..00000000000 --- a/packages/kubernetes-1.26/prestart-load-pause-ctr.conf +++ /dev/null @@ -1,14 +0,0 @@ -[Service] -# load the built-in pause image -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image import \ - --all-platforms \ - /usr/libexec/kubernetes/kubernetes-pause.tar - -# label it to prevent it from being removed -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image label \ - localhost/kubernetes/pause:0.1.0 \ - io.cri-containerd.pinned=pinned diff --git a/packages/kubernetes-1.27/Cargo.toml b/packages/kubernetes-1.27/Cargo.toml deleted file mode 100644 index 6708659e1bc..00000000000 --- a/packages/kubernetes-1.27/Cargo.toml +++ /dev/null @@ -1,33 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "kubernetes-1_27" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kubernetes-1.27" - -[[package.metadata.build-package.external-files]] -url = "https://distro.eks.amazonaws.com/kubernetes-1-27/releases/25/artifacts/kubernetes/v1.27.11/kubernetes-src.tar.gz" -sha512 = "6d07dabc536149035137332afaa641964d76839d63b0d1b8fe8fbce39c7879370996eece1df0c6d1deb478bb613033527c06934bb6ccfd23cbb18a0ae3d85e0d" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -aws-signing-helper = { path = "../aws-signing-helper" } -ecr-credential-provider-1_27 = { path = "../ecr-credential-provider-1.27" } -static-pods = { path = "../static-pods" } -# `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, -# and are pulled in by `release`. -# conntrack-tools = { path = "../conntrack-tools" } -# containerd = { path = "../containerd" } -# findutils = { path = "../findutils" } diff --git a/packages/kubernetes-1.27/clarify.toml b/packages/kubernetes-1.27/clarify.toml deleted file mode 100644 index 5b6e8b60967..00000000000 --- a/packages/kubernetes-1.27/clarify.toml +++ /dev/null @@ -1,62 +0,0 @@ -[clarify."github.com/JeffAshton/win_pdh"] -expression = "BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xb221dcc9 }, -] - -[clarify."github.com/daviddengcn/go-colortext"] -expression = "BSD-3-Clause AND MIT" -license-files = [ - { path = "LICENSE", hash = 0x9769fae1 }, -] - -[clarify."github.com/ghodss/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."github.com/heketi/heketi"] -# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ -expression = "LGPL-3.0-or-later OR Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0x3c4b96d1 }, - { path = "LICENSE-APACHE2", hash = 0x438c8616 }, - { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, -] -skip-files = [ "COPYING-GPLV2" ] - -[clarify."github.com/go-bindata/go-bindata"] -expression = "CC0-1.0" -license-files = [ - { path = "LICENSE", hash = 0x393fafd6 }, -] - -[clarify."github.com/miekg/dns"] -expression = "BSD-3-Clause" -license-files = [ - { path = "COPYRIGHT", hash = 0xe41dd36c }, - { path = "LICENSE", hash = 0xfc8f12ff }, -] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."honnef.co/go/tools"] -expression = "MIT AND BSD-3-Clause AND Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xad378ed2 }, - { path = "LICENSE-THIRD-PARTY", hash = 0x546425eb }, - { path = "lint/LICENSE", hash = 0xc6b58232 }, - { path = "ssa/LICENSE", hash = 0xe656fb62 }, -] - -[clarify."github.com/storageos/go-api"] -expression = "MIT AND BSD-2-Clause" -license-files = [ - { path = "LICENCE", hash = 0x67a6861e }, -] -skip-files = ["licence.go", "types/licence.go"] diff --git a/packages/kubernetes-1.27/credential-provider-config-yaml b/packages/kubernetes-1.27/credential-provider-config-yaml deleted file mode 100644 index 6c08e3a369a..00000000000 --- a/packages/kubernetes-1.27/credential-provider-config-yaml +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -std = { version = "v1", helpers = ["default"] } -+++ -apiVersion: kubelet.config.k8s.io/v1 -kind: CredentialProviderConfig -providers: -{{#if settings.kubernetes.credential-providers}} -{{#each settings.kubernetes.credential-providers}} -{{#if this.enabled}} - - name: {{@key}} - matchImages: -{{#each this.image-patterns}} - - "{{this}}" -{{/each}} - defaultCacheDuration: "{{default "12h" this.cache-duration}}" - apiVersion: credentialprovider.kubelet.k8s.io/v1 -{{#if (or (eq @key "ecr-credential-provider") this.environment)}} - env: -{{#if this.environment}} -{{#each this.environment}} - - name: {{@key}} - value: '{{this}}' -{{/each}} -{{/if}} -{{#if (eq @key "ecr-credential-provider")}} - - name: HOME - value: '/root' -{{#if @root.settings.aws.profile}} - - name: AWS_PROFILE - value: '{{@root.settings.aws.profile}}' -{{/if}} -{{/if}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/kubernetes-1.27/dockershim-symlink.conf b/packages/kubernetes-1.27/dockershim-symlink.conf deleted file mode 100644 index d3fcda86914..00000000000 --- a/packages/kubernetes-1.27/dockershim-symlink.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -ExecStartPre=/bin/ln -sf /run/containerd/containerd.sock /run/dockershim.sock diff --git a/packages/kubernetes-1.27/etc-kubernetes-pki-private.mount b/packages/kubernetes-1.27/etc-kubernetes-pki-private.mount deleted file mode 100644 index 584e61475d1..00000000000 --- a/packages/kubernetes-1.27/etc-kubernetes-pki-private.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Kubernetes PKI private directory (/etc/kubernetes/pki/private) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/kubernetes/pki/private -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:secret_t:s0,mode=0700 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/kubernetes-1.27/kubelet-bootstrap-kubeconfig b/packages/kubernetes-1.27/kubelet-bootstrap-kubeconfig deleted file mode 100644 index 52bef7191cc..00000000000 --- a/packages/kubernetes-1.27/kubelet-bootstrap-kubeconfig +++ /dev/null @@ -1,25 +0,0 @@ -[required-extensions] -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if settings.kubernetes.bootstrap-token}} - user: - token: "{{settings.kubernetes.bootstrap-token}}" -{{/if}} diff --git a/packages/kubernetes-1.27/kubelet-config b/packages/kubernetes-1.27/kubelet-config deleted file mode 100644 index 593a5660cd8..00000000000 --- a/packages/kubernetes-1.27/kubelet-config +++ /dev/null @@ -1,192 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["kube_reserve_cpu", "kube_reserve_memory"] } -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ ---- -kind: KubeletConfiguration -apiVersion: kubelet.config.k8s.io/v1beta1 -{{#if settings.kubernetes.standalone-mode}} -address: 127.0.0.1 -authentication: - anonymous: - enabled: true - webhook: - enabled: false -authorization: - mode: AlwaysAllow -{{else}} -address: 0.0.0.0 -authentication: - anonymous: - enabled: false - webhook: - cacheTTL: 2m0s - enabled: true - x509: - clientCAFile: "/etc/kubernetes/pki/ca.crt" -authorization: - mode: Webhook - webhook: - cacheAuthorizedTTL: 5m0s - cacheUnauthorizedTTL: 30s -{{/if}} -clusterDomain: {{settings.kubernetes.cluster-domain}} -{{#if settings.kubernetes.cluster-dns-ip}} -clusterDNS: -{{#each settings.kubernetes.cluster-dns-ip}} -- {{this}} -{{else}} -- {{settings.kubernetes.cluster-dns-ip}} -{{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-hard}} -evictionHard: - {{#each settings.kubernetes.eviction-hard}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft}} -evictionSoft: - {{#each settings.kubernetes.eviction-soft}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft-grace-period}} -evictionSoftGracePeriod: - {{#each settings.kubernetes.eviction-soft-grace-period}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-max-pod-grace-period}} -evictionMaxPodGracePeriod: {{settings.kubernetes.eviction-max-pod-grace-period}} -{{/if}} -{{#if settings.kubernetes.allowed-unsafe-sysctls}} -allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}} -{{/if}} -{{#if settings.kubernetes.registry-qps includeZero=true}} -registryPullQPS: {{settings.kubernetes.registry-qps}} -{{/if}} -{{#if settings.kubernetes.registry-burst includeZero=true}} -registryBurst: {{settings.kubernetes.registry-burst}} -{{/if}} -{{#if settings.kubernetes.event-qps includeZero=true}} -eventRecordQPS: {{settings.kubernetes.event-qps}} -{{/if}} -{{#if settings.kubernetes.event-burst includeZero=true}} -eventBurst: {{settings.kubernetes.event-burst}} -{{/if}} -{{#if settings.kubernetes.kube-api-qps includeZero=true}} -kubeAPIQPS: {{settings.kubernetes.kube-api-qps}} -{{/if}} -{{#if settings.kubernetes.kube-api-burst includeZero=true}} -kubeAPIBurst: {{settings.kubernetes.kube-api-burst}} -{{/if}} -kubeReserved: - cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}" - {{#if settings.kubernetes.kube-reserved.memory}} - memory: "{{settings.kubernetes.kube-reserved.memory}}" - {{else}} - {{#if settings.kubernetes.max-pods}} - memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}" - {{/if}} - {{/if}} - ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}" -{{#unless settings.kubernetes.reserved-cpus}} -kubeReservedCgroup: "/runtime" -{{/unless}} -{{#if settings.kubernetes.system-reserved}} -systemReserved: - {{#each settings.kubernetes.system-reserved}} - {{@key}}: "{{this}}" - {{/each}} -{{#unless settings.kubernetes.reserved-cpus}} -systemReservedCgroup: "/system" -{{/unless}} -{{/if}} -cpuCFSQuota: {{default true settings.kubernetes.cpu-cfs-quota-enforced}} -cpuManagerPolicy: {{default "none" settings.kubernetes.cpu-manager-policy}} -{{#if settings.kubernetes.cpu-manager-reconcile-period}} -cpuManagerReconcilePeriod: {{settings.kubernetes.cpu-manager-reconcile-period}} -{{/if}} -{{#if settings.kubernetes.cpu-manager-policy-options}} -cpuManagerPolicyOptions: -{{#each settings.kubernetes.cpu-manager-policy-options}} - {{this}}: "true" -{{/each}} -{{/if}} -{{#if settings.kubernetes.topology-manager-scope}} -topologyManagerScope: {{settings.kubernetes.topology-manager-scope}} -{{/if}} -{{#if settings.kubernetes.topology-manager-policy}} -topologyManagerPolicy: {{settings.kubernetes.topology-manager-policy}} -{{/if}} -podPidsLimit: {{default 1048576 settings.kubernetes.pod-pids-limit}} -{{#if settings.kubernetes.image-gc-high-threshold-percent includeZero=true}} -imageGCHighThresholdPercent: {{settings.kubernetes.image-gc-high-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.image-gc-low-threshold-percent includeZero=true}} -imageGCLowThresholdPercent: {{settings.kubernetes.image-gc-low-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.provider-id}} -providerID: {{settings.kubernetes.provider-id}} -{{/if}} -resolvConf: "/run/netdog/resolv.conf" -hairpinMode: hairpin-veth -readOnlyPort: 0 -cgroupDriver: systemd -cgroupRoot: "/" -runtimeRequestTimeout: 15m -featureGates: - RotateKubeletServerCertificate: true -protectKernelDefaults: true -serializeImagePulls: false -seccompDefault: {{default false settings.kubernetes.seccomp-default}} -{{#if (and (default "" settings.kubernetes.server-certificate) (default "" settings.kubernetes.server-key))}} -tlsCertFile: "/etc/kubernetes/pki/kubelet-server.crt" -tlsPrivateKeyFile: "/etc/kubernetes/pki/private/kubelet-server.key" -{{else}} -serverTLSBootstrap: {{settings.kubernetes.server-tls-bootstrap}} -{{/if}} -tlsCipherSuites: -- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -volumePluginDir: "/var/lib/kubelet/plugins/volume/exec" -maxPods: {{default 110 settings.kubernetes.max-pods}} -staticPodPath: "/etc/kubernetes/static-pods/" -{{#if settings.kubernetes.container-log-max-size includeZero=true}} -containerLogMaxSize: {{settings.kubernetes.container-log-max-size}} -{{/if}} -{{#if settings.kubernetes.container-log-max-files includeZero=true}} -containerLogMaxFiles: {{settings.kubernetes.container-log-max-files}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period}} -shutdownGracePeriod: {{settings.kubernetes.shutdown-grace-period}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period-for-critical-pods}} -shutdownGracePeriodCriticalPods: {{settings.kubernetes.shutdown-grace-period-for-critical-pods}} -{{/if}} -{{#if settings.kubernetes.memory-manager-reserved-memory}} -{{#if (any_enabled settings.kubernetes.memory-manager-reserved-memory)}} -{{#if settings.kubernetes.memory-manager-policy}} -memoryManagerPolicy: {{settings.kubernetes.memory-manager-policy}} -{{/if}} -reservedMemory: -{{#each settings.kubernetes.memory-manager-reserved-memory}} -{{#if this.enabled}} - - numaNode: {{@key}} - limits: -{{#if this.memory}} - memory: {{this.memory}} -{{/if}} -{{#if this.hugepages-1Gi}} - hugepages-1Gi: {{this.hugepages-1Gi}} -{{/if}} -{{#if this.hugepages-2Mi}} - hugepages-2Mi: {{this.hugepages-2Mi}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} -{{/if}} -{{#if settings.kubernetes.reserved-cpus}} -reservedSystemCPUs: {{settings.kubernetes.reserved-cpus}} -{{/if}} diff --git a/packages/kubernetes-1.27/kubelet-env b/packages/kubernetes-1.27/kubelet-env deleted file mode 100644 index 0e4aac28853..00000000000 --- a/packages/kubernetes-1.27/kubelet-env +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["join_node_taints"] } -std = { version = "v1", helpers = ["join_map"] } -+++ -NODE_IP={{settings.kubernetes.node-ip}} -NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} -NODE_TAINTS={{join_node_taints settings.kubernetes.node-taints}} diff --git a/packages/kubernetes-1.27/kubelet-exec-start-conf b/packages/kubernetes-1.27/kubelet-exec-start-conf deleted file mode 100644 index 23fde75eeaf..00000000000 --- a/packages/kubernetes-1.27/kubelet-exec-start-conf +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ -[Service] -ExecStart= -ExecStart=/usr/bin/kubelet \ -{{#unless settings.kubernetes.standalone-mode}} - --cloud-provider {{default "external" settings.kubernetes.cloud-provider}} \ - --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - --bootstrap-kubeconfig /etc/kubernetes/kubelet/bootstrap-kubeconfig \ -{{/if}} -{{else}} - --cloud-provider "" \ -{{/unless}} - --config /etc/kubernetes/kubelet/config \ - --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ - --containerd=/run/containerd/containerd.sock \ - --root-dir /var/lib/kubelet \ - --cert-dir /var/lib/kubelet/pki \ -{{#if settings.kubernetes.credential-providers}} -{{#if (any_enabled settings.kubernetes.credential-providers)}} - --image-credential-provider-bin-dir /usr/libexec/kubernetes/kubelet/plugins \ - --image-credential-provider-config /etc/kubernetes/kubelet/credential-provider-config.yaml \ -{{/if}} -{{/if}} -{{#if settings.kubernetes.hostname-override}} - --hostname-override {{settings.kubernetes.hostname-override}} \ -{{/if}} - --node-ip ${NODE_IP} \ - --node-labels "${NODE_LABELS}" \ - --register-with-taints "${NODE_TAINTS}" \ -{{#if settings.kubernetes.log-level includeZero=true}} - -v {{settings.kubernetes.log-level}} \ -{{/if}} - --pod-infra-container-image localhost/kubernetes/pause:0.1.0 \ - --runtime-cgroups=/runtime.slice/containerd.service diff --git a/packages/kubernetes-1.27/kubelet-kubeconfig b/packages/kubernetes-1.27/kubelet-kubeconfig deleted file mode 100644 index 0dfdcd275fe..00000000000 --- a/packages/kubernetes-1.27/kubelet-kubeconfig +++ /dev/null @@ -1,43 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if (eq settings.kubernetes.authentication-mode "aws")}} -{{#if settings.kubernetes.cluster-name}} - user: - exec: - apiVersion: client.authentication.k8s.io/v1beta1 - command: "/usr/bin/aws-iam-authenticator" - args: - - token - - "-i" - - "{{settings.kubernetes.cluster-name}}" - {{#if settings.aws.region}} - - "--region" - - "{{settings.aws.region}}" - {{/if}} -{{/if}} -{{/if}} -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - user: - client-certificate: "/var/lib/kubelet/pki/kubelet-client-current.pem" - client-key: "/var/lib/kubelet/pki/kubelet-client-current.pem" -{{/if}} diff --git a/packages/kubernetes-1.27/kubelet-server-crt b/packages/kubernetes-1.27/kubelet-server-crt deleted file mode 100644 index 92003ad427e..00000000000 --- a/packages/kubernetes-1.27/kubelet-server-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-certificate~}} -{{base64_decode settings.kubernetes.server-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.27/kubelet-server-key b/packages/kubernetes-1.27/kubelet-server-key deleted file mode 100644 index b6c74aacc56..00000000000 --- a/packages/kubernetes-1.27/kubelet-server-key +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-key~}} -{{base64_decode settings.kubernetes.server-key}} -{{~/if~}} diff --git a/packages/kubernetes-1.27/kubelet-sysctl.conf b/packages/kubernetes-1.27/kubelet-sysctl.conf deleted file mode 100644 index ed68c7e197f..00000000000 --- a/packages/kubernetes-1.27/kubelet-sysctl.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Overcommit handling mode - 1: Always overcommit -vm.overcommit_memory = 1 diff --git a/packages/kubernetes-1.27/kubelet.service b/packages/kubernetes-1.27/kubelet.service deleted file mode 100644 index 1285853f2d1..00000000000 --- a/packages/kubernetes-1.27/kubelet.service +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Kubelet -Documentation=https://github.com/kubernetes/kubernetes -After=containerd.service configured.target -Wants=configured.target -BindsTo=containerd.service - -[Service] -Slice=runtime.slice -Type=notify -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=/etc/kubernetes/kubelet/env -ExecStartPre=/sbin/iptables -P FORWARD ACCEPT -# Must be overridden by a drop-in file or `kubelet` won't start -ExecStart=/usr/bin/false - -Restart=always -RestartForceExitStatus=SIGPIPE -RestartSec=5 -Delegate=yes -KillMode=process -CPUAccounting=true -MemoryAccounting=true - -[Install] -WantedBy=multi-user.target diff --git a/packages/kubernetes-1.27/kubernetes-1.27.spec b/packages/kubernetes-1.27/kubernetes-1.27.spec deleted file mode 100644 index 74d83495563..00000000000 --- a/packages/kubernetes-1.27/kubernetes-1.27.spec +++ /dev/null @@ -1,233 +0,0 @@ -# After this upstream change, the linker flags `-s -w` are always added unless -# DBG=1 is set in the environment, which would set compiler flags to disable -# optimizations and inlining: -# https://github.com/kubernetes/kubernetes/pull/108371 -# -# For now, work around this by indicating that no debug package is expected. -%global debug_package %{nil} - -%global goproject github.com/kubernetes -%global gorepo kubernetes -%global goimport %{goproject}/%{gorepo} - -%global gover 1.27.11 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -# Construct reproducible tar archives -# See https://reproducible-builds.org/docs/archives/ -%global source_date_epoch 1234567890 -%global tar_cf tar --sort=name --mtime="@%{source_date_epoch}" --owner=0 --group=0 --numeric-owner -cf - -# The kubernetes build process expects the cross-compiler to be specified via `KUBE_*_CC` -# Here we generate that variable to use bottlerocket-specific compile aliases -# Examples of the generated variable: -# KUBE_LINUX_AMD64_CC=x86_64-bottlerocket-linux-gnu-gcc -# KUBE_LINUX_ARM64_CC=aarch64-bottlerocket-linux-gnu-gcc -%global kube_cc %{shrink: \ - %{lua: print(string.upper( \ - rpm.expand("KUBE_%{_cross_go_os}_%{_cross_go_arch}_CC=")) .. \ - rpm.expand("%{_cross_target}-gcc")) }} - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Container cluster management -# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause -License: Apache-2.0 AND BSD-3-Clause -URL: https://%{goimport} -Source0: https://distro.eks.amazonaws.com/kubernetes-1-27/releases/25/artifacts/kubernetes/v%{gover}/kubernetes-src.tar.gz -Source1: kubelet.service -Source2: kubelet-env -Source3: kubelet-config -Source4: kubelet-kubeconfig -Source5: kubernetes-ca-crt -Source6: kubelet-exec-start-conf -Source7: kubelet-bootstrap-kubeconfig -Source8: kubernetes-tmpfiles.conf -Source9: kubelet-sysctl.conf -Source10: prepare-var-lib-kubelet.service -Source11: kubelet-server-crt -Source12: kubelet-server-key -Source13: etc-kubernetes-pki-private.mount -Source14: credential-provider-config-yaml -Source15: logdog.kubelet.conf - -# ExecStartPre drop-ins -Source20: prestart-load-pause-ctr.conf -Source21: dockershim-symlink.conf -Source22: make-kubelet-dirs.conf - -# pause image components -Source100: pause-config.json -Source101: pause-manifest.json -Source102: pod-infra-container-image - -Source1000: clarify.toml - -BuildRequires: git -BuildRequires: rsync -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package -n %{_cross_os}kubelet-1.27 -Summary: Container cluster node agent -Requires: %{_cross_os}conntrack-tools -Requires: %{_cross_os}containerd -Requires: %{_cross_os}findutils -Requires: %{_cross_os}ecr-credential-provider-1.27 -Requires: %{_cross_os}aws-signing-helper -Requires: %{_cross_os}static-pods -Requires: %{_cross_os}kubelet-1.27(binaries) - -%description -n %{_cross_os}kubelet-1.27 -%{summary}. - -%package -n %{_cross_os}kubelet-1.27-bin -Summary: Container cluster node agent binaries -Provides: %{_cross_os}kubelet-1.27(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{_cross_os}kubelet-1.27) -Conflicts: (%{_cross_os}image-feature(fips) or %{_cross_os}kubelet-1.27-fips-bin) - -%description -n %{_cross_os}kubelet-1.27-bin -%{summary}. - -%package -n %{_cross_os}kubelet-1.27-fips-bin -Summary: Container cluster node agent binaries, FIPS edition -Provides: %{_cross_os}kubelet-1.27(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{_cross_os}kubelet-1.27) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{_cross_os}kubelet-1.27-bin) - -%description -n %{_cross_os}kubelet-1.27-fips-bin -%{summary}. - -%prep -%autosetup -Sgit -c -n %{gorepo}-%{gover} -p1 - -# third_party licenses -# multiarch/qemu-user-static ignored, we're not using it -cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph -cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit -cp third_party/forked/golang/LICENSE LICENSE.golang -cp third_party/forked/golang/PATENTS PATENTS.golang - -%build -export FORCE_HOST_GO=1 -# Build codegen programs with the host toolchain. -make hack/update-codegen.sh - -# Build kubelet with the target toolchain. -%set_cross_go_flags -unset CC -export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" -export %{kube_cc} -export GOFLAGS="${GOFLAGS} -tags=dockerless" -export GOLDFLAGS="${GOLDFLAGS}" -make WHAT="cmd/kubelet" - -export KUBE_OUTPUT_SUBPATH="_fips_output/local" -export GOEXPERIMENT="boringcrypto" -make WHAT="cmd/kubelet" - -# build the pause container -cd build/pause/linux/ - -# Build static pause executable for container image. -mkdir -p rootfs/usr/bin -%{_cross_triple}-musl-gcc %{_cross_cflags} %{_cross_ldflags} -static-pie pause.c -o rootfs/pause - -# Construct container image. -mkdir -p image/rootfs -%tar_cf image/rootfs/layer.tar -C rootfs . -DIGEST=$(sha256sum image/rootfs/layer.tar | sed -e 's/ .*//') -install -m 0644 %{S:100} image/config.json -sed -i "s/~~digest~~/${DIGEST}/" image/config.json -install -m 0644 %{S:101} image/manifest.json - -%tar_cf ../../../_output/local/bin/linux/%{_cross_go_arch}/kubernetes-pause.tar -C image . - -%install -output="./_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} - -fips_output="./_fips_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 ${fips_output}/kubelet %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:10} %{S:13} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_unitdir}/kubelet.service.d -install -p -m 0644 %{S:20} %{S:21} %{S:22} %{buildroot}%{_cross_unitdir}/kubelet.service.d - -mkdir -p %{buildroot}%{_cross_templatedir} -install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env -install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config -install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig -install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt -install -m 0644 %{S:6} %{buildroot}%{_cross_templatedir}/kubelet-exec-start-conf -install -m 0644 %{S:7} %{buildroot}%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -install -m 0644 %{S:11} %{buildroot}%{_cross_templatedir}/kubelet-server-crt -install -m 0644 %{S:12} %{buildroot}%{_cross_templatedir}/kubelet-server-key -install -m 0644 %{S:14} %{buildroot}%{_cross_templatedir}/credential-provider-config-yaml - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:8} %{buildroot}%{_cross_tmpfilesdir}/kubernetes.conf - -install -d %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:9} %{buildroot}%{_cross_sysctldir}/90-kubelet.conf - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -ln -rs \ - %{buildroot}%{_sharedstatedir}/kubelet/plugins \ - %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet-plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -install -d %{buildroot}%{_cross_datadir}/logdog.d -install -p -m 0644 %{S:15} %{buildroot}%{_cross_datadir}/logdog.d - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 ${output}/kubernetes-pause.tar %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 %{S:102} %{buildroot}%{_cross_templatedir}/pod-infra-container-image - -%files -n %{_cross_os}kubelet-1.27 -%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/kubelet.service -%{_cross_unitdir}/prepare-var-lib-kubelet.service -%{_cross_unitdir}/etc-kubernetes-pki-private.mount -%dir %{_cross_unitdir}/kubelet.service.d -%{_cross_unitdir}/kubelet.service.d/prestart-load-pause-ctr.conf -%{_cross_unitdir}/kubelet.service.d/make-kubelet-dirs.conf -%{_cross_unitdir}/kubelet.service.d/dockershim-symlink.conf -%dir %{_cross_templatedir} -%{_cross_templatedir}/kubelet-env -%{_cross_templatedir}/kubelet-config -%{_cross_templatedir}/kubelet-kubeconfig -%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -%{_cross_templatedir}/kubelet-exec-start-conf -%{_cross_templatedir}/kubernetes-ca-crt -%{_cross_templatedir}/kubelet-server-crt -%{_cross_templatedir}/kubelet-server-key -%{_cross_templatedir}/credential-provider-config-yaml -%{_cross_tmpfilesdir}/kubernetes.conf -%{_cross_sysctldir}/90-kubelet.conf -%dir %{_cross_libexecdir}/kubernetes -%{_cross_libexecdir}/kubernetes/kubelet-plugins -%{_cross_libexecdir}/kubernetes/kubernetes-pause.tar -%{_cross_templatedir}/pod-infra-container-image -%{_cross_datadir}/logdog.d/logdog.kubelet.conf - -%files -n %{_cross_os}kubelet-1.27-bin -%{_cross_bindir}/kubelet - -%files -n %{_cross_os}kubelet-1.27-fips-bin -%{_cross_fips_bindir}/kubelet - -%changelog diff --git a/packages/kubernetes-1.27/kubernetes-ca-crt b/packages/kubernetes-1.27/kubernetes-ca-crt deleted file mode 100644 index 93fd4e253ec..00000000000 --- a/packages/kubernetes-1.27/kubernetes-ca-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.cluster-certificate~}} -{{base64_decode settings.kubernetes.cluster-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.27/kubernetes-tmpfiles.conf b/packages/kubernetes-1.27/kubernetes-tmpfiles.conf deleted file mode 100644 index 4b17aba9d8a..00000000000 --- a/packages/kubernetes-1.27/kubernetes-tmpfiles.conf +++ /dev/null @@ -1,7 +0,0 @@ -d /etc/kubernetes/static-pods - - - - -L /etc/kubernetes/manifests - - - - static-pods -L /etc/kubernetes/secrets-store-csi-providers - - - - /var/lib/kubelet/providers/secrets-store -r! /var/lib/kubelet/cpu_manager_state -L /etc/kubernetes/node-feature-discovery/features.d - - - - /var/lib/kubelet/node-feature-discovery/features.d -d /opt/csi/mountpoint-s3 - - - - -L+ /opt/mountpoint-s3-csi - - - - /opt/csi/mountpoint-s3 diff --git a/packages/kubernetes-1.27/logdog.kubelet.conf b/packages/kubernetes-1.27/logdog.kubelet.conf deleted file mode 100644 index 850a0b4c1ba..00000000000 --- a/packages/kubernetes-1.27/logdog.kubelet.conf +++ /dev/null @@ -1,3 +0,0 @@ -exec kube-status systemctl status kube* -l --no-pager -file ipamd.log /var/log/aws-routed-eni/ipamd.log -file plugin.log /var/log/aws-routed-eni/plugin.log diff --git a/packages/kubernetes-1.27/make-kubelet-dirs.conf b/packages/kubernetes-1.27/make-kubelet-dirs.conf deleted file mode 100644 index a7249c9ac3f..00000000000 --- a/packages/kubernetes-1.27/make-kubelet-dirs.conf +++ /dev/null @@ -1,5 +0,0 @@ -[Service] -# Create the backing directories for symlinks in /etc -ExecStartPre=/usr/bin/mkdir -p \ - /var/lib/kubelet/providers/secrets-store \ - /var/lib/kubelet/node-feature-discovery/features.d diff --git a/packages/kubernetes-1.27/pause-config.json b/packages/kubernetes-1.27/pause-config.json deleted file mode 100644 index 8c2a7cde979..00000000000 --- a/packages/kubernetes-1.27/pause-config.json +++ /dev/null @@ -1 +0,0 @@ -{"author":"Bottlerocket","config":{"Cmd":["/pause"],"ArgsEscaped":true},"created":"2014-12-12T01:12:53.332832423Z","history":[{"created":"2014-12-12T01:12:53.332832423Z","author":"Bottlerocket","created_by":"Bottlerocket","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:~~digest~~"]}} diff --git a/packages/kubernetes-1.27/pause-manifest.json b/packages/kubernetes-1.27/pause-manifest.json deleted file mode 100644 index e8af2c103a7..00000000000 --- a/packages/kubernetes-1.27/pause-manifest.json +++ /dev/null @@ -1 +0,0 @@ -[{"Config":"config.json","RepoTags":["localhost/kubernetes/pause:0.1.0"],"Layers":["rootfs/layer.tar"]}] diff --git a/packages/kubernetes-1.27/pod-infra-container-image b/packages/kubernetes-1.27/pod-infra-container-image deleted file mode 100644 index 9b3f9a3954a..00000000000 --- a/packages/kubernetes-1.27/pod-infra-container-image +++ /dev/null @@ -1,6 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", optional = true } -+++ -{{~#if settings.kubernetes.pod-infra-container-image~}} -DEPRECATED_SETTING=settings.kubernetes.pod-infra-container-image -{{~/if~}} diff --git a/packages/kubernetes-1.27/prepare-var-lib-kubelet.service b/packages/kubernetes-1.27/prepare-var-lib-kubelet.service deleted file mode 100644 index 1b8c6207aa4..00000000000 --- a/packages/kubernetes-1.27/prepare-var-lib-kubelet.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Kubelet Directory (/var/lib/kubelet) -DefaultDependencies=no -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Remove an existing symlink, if present. Intentionally not recursive! -ExecStartPre=-/usr/bin/rm -f /var/lib/kubelet - -# Create /var/lib/kubelet so it is available for bind mounts. -ExecStart=/usr/bin/mkdir -p /var/lib/kubelet - -# Suppress warning if directory exists. -StandardError=null - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/kubernetes-1.27/prestart-load-pause-ctr.conf b/packages/kubernetes-1.27/prestart-load-pause-ctr.conf deleted file mode 100644 index 4e21b0d9b45..00000000000 --- a/packages/kubernetes-1.27/prestart-load-pause-ctr.conf +++ /dev/null @@ -1,14 +0,0 @@ -[Service] -# load the built-in pause image -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image import \ - --all-platforms \ - /usr/libexec/kubernetes/kubernetes-pause.tar - -# label it to prevent it from being removed -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image label \ - localhost/kubernetes/pause:0.1.0 \ - io.cri-containerd.pinned=pinned diff --git a/packages/kubernetes-1.28/Cargo.toml b/packages/kubernetes-1.28/Cargo.toml deleted file mode 100644 index cdddb1a2ddc..00000000000 --- a/packages/kubernetes-1.28/Cargo.toml +++ /dev/null @@ -1,33 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "kubernetes-1_28" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kubernetes-1.28" - -[[package.metadata.build-package.external-files]] -url = "https://distro.eks.amazonaws.com/kubernetes-1-28/releases/18/artifacts/kubernetes/v1.28.7/kubernetes-src.tar.gz" -sha512 = "451e88936d88e07edfd3bd14069a5c33d7c1b21a10feae693f09206ced76170f228f4a12fe666220ddfa39192ca080b7a59b6942d02fdd326759ae24163a483e" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -aws-signing-helper = { path = "../aws-signing-helper" } -ecr-credential-provider-1_27 = { path = "../ecr-credential-provider-1.27" } -static-pods = { path = "../static-pods" } -# `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, -# and are pulled in by `release`. -# conntrack-tools = { path = "../conntrack-tools" } -# containerd = { path = "../containerd" } -# findutils = { path = "../findutils" } diff --git a/packages/kubernetes-1.28/clarify.toml b/packages/kubernetes-1.28/clarify.toml deleted file mode 100644 index 5b6e8b60967..00000000000 --- a/packages/kubernetes-1.28/clarify.toml +++ /dev/null @@ -1,62 +0,0 @@ -[clarify."github.com/JeffAshton/win_pdh"] -expression = "BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xb221dcc9 }, -] - -[clarify."github.com/daviddengcn/go-colortext"] -expression = "BSD-3-Clause AND MIT" -license-files = [ - { path = "LICENSE", hash = 0x9769fae1 }, -] - -[clarify."github.com/ghodss/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."github.com/heketi/heketi"] -# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ -expression = "LGPL-3.0-or-later OR Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0x3c4b96d1 }, - { path = "LICENSE-APACHE2", hash = 0x438c8616 }, - { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, -] -skip-files = [ "COPYING-GPLV2" ] - -[clarify."github.com/go-bindata/go-bindata"] -expression = "CC0-1.0" -license-files = [ - { path = "LICENSE", hash = 0x393fafd6 }, -] - -[clarify."github.com/miekg/dns"] -expression = "BSD-3-Clause" -license-files = [ - { path = "COPYRIGHT", hash = 0xe41dd36c }, - { path = "LICENSE", hash = 0xfc8f12ff }, -] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."honnef.co/go/tools"] -expression = "MIT AND BSD-3-Clause AND Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xad378ed2 }, - { path = "LICENSE-THIRD-PARTY", hash = 0x546425eb }, - { path = "lint/LICENSE", hash = 0xc6b58232 }, - { path = "ssa/LICENSE", hash = 0xe656fb62 }, -] - -[clarify."github.com/storageos/go-api"] -expression = "MIT AND BSD-2-Clause" -license-files = [ - { path = "LICENCE", hash = 0x67a6861e }, -] -skip-files = ["licence.go", "types/licence.go"] diff --git a/packages/kubernetes-1.28/credential-provider-config-yaml b/packages/kubernetes-1.28/credential-provider-config-yaml deleted file mode 100644 index 6c08e3a369a..00000000000 --- a/packages/kubernetes-1.28/credential-provider-config-yaml +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -std = { version = "v1", helpers = ["default"] } -+++ -apiVersion: kubelet.config.k8s.io/v1 -kind: CredentialProviderConfig -providers: -{{#if settings.kubernetes.credential-providers}} -{{#each settings.kubernetes.credential-providers}} -{{#if this.enabled}} - - name: {{@key}} - matchImages: -{{#each this.image-patterns}} - - "{{this}}" -{{/each}} - defaultCacheDuration: "{{default "12h" this.cache-duration}}" - apiVersion: credentialprovider.kubelet.k8s.io/v1 -{{#if (or (eq @key "ecr-credential-provider") this.environment)}} - env: -{{#if this.environment}} -{{#each this.environment}} - - name: {{@key}} - value: '{{this}}' -{{/each}} -{{/if}} -{{#if (eq @key "ecr-credential-provider")}} - - name: HOME - value: '/root' -{{#if @root.settings.aws.profile}} - - name: AWS_PROFILE - value: '{{@root.settings.aws.profile}}' -{{/if}} -{{/if}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/kubernetes-1.28/dockershim-symlink.conf b/packages/kubernetes-1.28/dockershim-symlink.conf deleted file mode 100644 index d3fcda86914..00000000000 --- a/packages/kubernetes-1.28/dockershim-symlink.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -ExecStartPre=/bin/ln -sf /run/containerd/containerd.sock /run/dockershim.sock diff --git a/packages/kubernetes-1.28/etc-kubernetes-pki-private.mount b/packages/kubernetes-1.28/etc-kubernetes-pki-private.mount deleted file mode 100644 index 584e61475d1..00000000000 --- a/packages/kubernetes-1.28/etc-kubernetes-pki-private.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Kubernetes PKI private directory (/etc/kubernetes/pki/private) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/kubernetes/pki/private -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:secret_t:s0,mode=0700 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/kubernetes-1.28/kubelet-bootstrap-kubeconfig b/packages/kubernetes-1.28/kubelet-bootstrap-kubeconfig deleted file mode 100644 index 52bef7191cc..00000000000 --- a/packages/kubernetes-1.28/kubelet-bootstrap-kubeconfig +++ /dev/null @@ -1,25 +0,0 @@ -[required-extensions] -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if settings.kubernetes.bootstrap-token}} - user: - token: "{{settings.kubernetes.bootstrap-token}}" -{{/if}} diff --git a/packages/kubernetes-1.28/kubelet-config b/packages/kubernetes-1.28/kubelet-config deleted file mode 100644 index 84eaae341ae..00000000000 --- a/packages/kubernetes-1.28/kubelet-config +++ /dev/null @@ -1,190 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["kube_reserve_cpu", "kube_reserve_memory"] } -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ ---- -kind: KubeletConfiguration -apiVersion: kubelet.config.k8s.io/v1beta1 -{{#if settings.kubernetes.standalone-mode}} -address: 127.0.0.1 -authentication: - anonymous: - enabled: true - webhook: - enabled: false -authorization: - mode: AlwaysAllow -{{else}} -address: 0.0.0.0 -authentication: - anonymous: - enabled: false - webhook: - cacheTTL: 2m0s - enabled: true - x509: - clientCAFile: "/etc/kubernetes/pki/ca.crt" -authorization: - mode: Webhook - webhook: - cacheAuthorizedTTL: 5m0s - cacheUnauthorizedTTL: 30s -{{/if}} -clusterDomain: {{settings.kubernetes.cluster-domain}} -{{#if settings.kubernetes.cluster-dns-ip}} -clusterDNS: -{{#each settings.kubernetes.cluster-dns-ip}} -- {{this}} -{{else}} -- {{settings.kubernetes.cluster-dns-ip}} -{{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-hard}} -evictionHard: - {{#each settings.kubernetes.eviction-hard}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft}} -evictionSoft: - {{#each settings.kubernetes.eviction-soft}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft-grace-period}} -evictionSoftGracePeriod: - {{#each settings.kubernetes.eviction-soft-grace-period}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-max-pod-grace-period}} -evictionMaxPodGracePeriod: {{settings.kubernetes.eviction-max-pod-grace-period}} -{{/if}} -{{#if settings.kubernetes.allowed-unsafe-sysctls}} -allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}} -{{/if}} -{{#if settings.kubernetes.registry-qps includeZero=true}} -registryPullQPS: {{settings.kubernetes.registry-qps}} -{{/if}} -{{#if settings.kubernetes.registry-burst includeZero=true}} -registryBurst: {{settings.kubernetes.registry-burst}} -{{/if}} -{{#if settings.kubernetes.event-qps includeZero=true}} -eventRecordQPS: {{settings.kubernetes.event-qps}} -{{/if}} -{{#if settings.kubernetes.event-burst includeZero=true}} -eventBurst: {{settings.kubernetes.event-burst}} -{{/if}} -{{#if settings.kubernetes.kube-api-qps includeZero=true}} -kubeAPIQPS: {{settings.kubernetes.kube-api-qps}} -{{/if}} -{{#if settings.kubernetes.kube-api-burst includeZero=true}} -kubeAPIBurst: {{settings.kubernetes.kube-api-burst}} -{{/if}} -kubeReserved: - cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}" - {{#if settings.kubernetes.kube-reserved.memory}} - memory: "{{settings.kubernetes.kube-reserved.memory}}" - {{else}} - {{#if settings.kubernetes.max-pods}} - memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}" - {{/if}} - {{/if}} - ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}" -{{#unless settings.kubernetes.reserved-cpus}} -kubeReservedCgroup: "/runtime" -{{/unless}} -{{#if settings.kubernetes.system-reserved}} -systemReserved: - {{#each settings.kubernetes.system-reserved}} - {{@key}}: "{{this}}" - {{/each}} -{{#unless settings.kubernetes.reserved-cpus}} -systemReservedCgroup: "/system" -{{/unless}} -{{/if}} -cpuCFSQuota: {{default true settings.kubernetes.cpu-cfs-quota-enforced}} -cpuManagerPolicy: {{default "none" settings.kubernetes.cpu-manager-policy}} -{{#if settings.kubernetes.cpu-manager-reconcile-period}} -cpuManagerReconcilePeriod: {{settings.kubernetes.cpu-manager-reconcile-period}} -{{/if}} -{{#if settings.kubernetes.cpu-manager-policy-options}} -cpuManagerPolicyOptions: -{{#each settings.kubernetes.cpu-manager-policy-options}} - {{this}}: "true" -{{/each}} -{{/if}} -{{#if settings.kubernetes.topology-manager-scope}} -topologyManagerScope: {{settings.kubernetes.topology-manager-scope}} -{{/if}} -{{#if settings.kubernetes.topology-manager-policy}} -topologyManagerPolicy: {{settings.kubernetes.topology-manager-policy}} -{{/if}} -podPidsLimit: {{default 1048576 settings.kubernetes.pod-pids-limit}} -{{#if settings.kubernetes.image-gc-high-threshold-percent includeZero=true}} -imageGCHighThresholdPercent: {{settings.kubernetes.image-gc-high-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.image-gc-low-threshold-percent includeZero=true}} -imageGCLowThresholdPercent: {{settings.kubernetes.image-gc-low-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.provider-id}} -providerID: {{settings.kubernetes.provider-id}} -{{/if}} -resolvConf: "/run/netdog/resolv.conf" -hairpinMode: hairpin-veth -readOnlyPort: 0 -cgroupDriver: systemd -cgroupRoot: "/" -runtimeRequestTimeout: 15m -protectKernelDefaults: true -serializeImagePulls: false -seccompDefault: {{default false settings.kubernetes.seccomp-default}} -{{#if (and (default "" settings.kubernetes.server-certificate) (default "" settings.kubernetes.server-key))}} -tlsCertFile: "/etc/kubernetes/pki/kubelet-server.crt" -tlsPrivateKeyFile: "/etc/kubernetes/pki/private/kubelet-server.key" -{{else}} -serverTLSBootstrap: {{settings.kubernetes.server-tls-bootstrap}} -{{/if}} -tlsCipherSuites: -- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -volumePluginDir: "/var/lib/kubelet/plugins/volume/exec" -maxPods: {{default 110 settings.kubernetes.max-pods}} -staticPodPath: "/etc/kubernetes/static-pods/" -{{#if settings.kubernetes.container-log-max-size includeZero=true}} -containerLogMaxSize: {{settings.kubernetes.container-log-max-size}} -{{/if}} -{{#if settings.kubernetes.container-log-max-files includeZero=true}} -containerLogMaxFiles: {{settings.kubernetes.container-log-max-files}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period}} -shutdownGracePeriod: {{settings.kubernetes.shutdown-grace-period}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period-for-critical-pods}} -shutdownGracePeriodCriticalPods: {{settings.kubernetes.shutdown-grace-period-for-critical-pods}} -{{/if}} -{{#if settings.kubernetes.memory-manager-reserved-memory}} -{{#if (any_enabled settings.kubernetes.memory-manager-reserved-memory)}} -{{#if settings.kubernetes.memory-manager-policy}} -memoryManagerPolicy: {{settings.kubernetes.memory-manager-policy}} -{{/if}} -reservedMemory: -{{#each settings.kubernetes.memory-manager-reserved-memory}} -{{#if this.enabled}} - - numaNode: {{@key}} - limits: -{{#if this.memory}} - memory: {{this.memory}} -{{/if}} -{{#if this.hugepages-1Gi}} - hugepages-1Gi: {{this.hugepages-1Gi}} -{{/if}} -{{#if this.hugepages-2Mi}} - hugepages-2Mi: {{this.hugepages-2Mi}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} -{{/if}} -{{#if settings.kubernetes.reserved-cpus}} -reservedSystemCPUs: {{settings.kubernetes.reserved-cpus}} -{{/if}} diff --git a/packages/kubernetes-1.28/kubelet-env b/packages/kubernetes-1.28/kubelet-env deleted file mode 100644 index 0e4aac28853..00000000000 --- a/packages/kubernetes-1.28/kubelet-env +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["join_node_taints"] } -std = { version = "v1", helpers = ["join_map"] } -+++ -NODE_IP={{settings.kubernetes.node-ip}} -NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} -NODE_TAINTS={{join_node_taints settings.kubernetes.node-taints}} diff --git a/packages/kubernetes-1.28/kubelet-exec-start-conf b/packages/kubernetes-1.28/kubelet-exec-start-conf deleted file mode 100644 index 23fde75eeaf..00000000000 --- a/packages/kubernetes-1.28/kubelet-exec-start-conf +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ -[Service] -ExecStart= -ExecStart=/usr/bin/kubelet \ -{{#unless settings.kubernetes.standalone-mode}} - --cloud-provider {{default "external" settings.kubernetes.cloud-provider}} \ - --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - --bootstrap-kubeconfig /etc/kubernetes/kubelet/bootstrap-kubeconfig \ -{{/if}} -{{else}} - --cloud-provider "" \ -{{/unless}} - --config /etc/kubernetes/kubelet/config \ - --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ - --containerd=/run/containerd/containerd.sock \ - --root-dir /var/lib/kubelet \ - --cert-dir /var/lib/kubelet/pki \ -{{#if settings.kubernetes.credential-providers}} -{{#if (any_enabled settings.kubernetes.credential-providers)}} - --image-credential-provider-bin-dir /usr/libexec/kubernetes/kubelet/plugins \ - --image-credential-provider-config /etc/kubernetes/kubelet/credential-provider-config.yaml \ -{{/if}} -{{/if}} -{{#if settings.kubernetes.hostname-override}} - --hostname-override {{settings.kubernetes.hostname-override}} \ -{{/if}} - --node-ip ${NODE_IP} \ - --node-labels "${NODE_LABELS}" \ - --register-with-taints "${NODE_TAINTS}" \ -{{#if settings.kubernetes.log-level includeZero=true}} - -v {{settings.kubernetes.log-level}} \ -{{/if}} - --pod-infra-container-image localhost/kubernetes/pause:0.1.0 \ - --runtime-cgroups=/runtime.slice/containerd.service diff --git a/packages/kubernetes-1.28/kubelet-kubeconfig b/packages/kubernetes-1.28/kubelet-kubeconfig deleted file mode 100644 index 0dfdcd275fe..00000000000 --- a/packages/kubernetes-1.28/kubelet-kubeconfig +++ /dev/null @@ -1,43 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if (eq settings.kubernetes.authentication-mode "aws")}} -{{#if settings.kubernetes.cluster-name}} - user: - exec: - apiVersion: client.authentication.k8s.io/v1beta1 - command: "/usr/bin/aws-iam-authenticator" - args: - - token - - "-i" - - "{{settings.kubernetes.cluster-name}}" - {{#if settings.aws.region}} - - "--region" - - "{{settings.aws.region}}" - {{/if}} -{{/if}} -{{/if}} -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - user: - client-certificate: "/var/lib/kubelet/pki/kubelet-client-current.pem" - client-key: "/var/lib/kubelet/pki/kubelet-client-current.pem" -{{/if}} diff --git a/packages/kubernetes-1.28/kubelet-server-crt b/packages/kubernetes-1.28/kubelet-server-crt deleted file mode 100644 index 92003ad427e..00000000000 --- a/packages/kubernetes-1.28/kubelet-server-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-certificate~}} -{{base64_decode settings.kubernetes.server-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.28/kubelet-server-key b/packages/kubernetes-1.28/kubelet-server-key deleted file mode 100644 index b6c74aacc56..00000000000 --- a/packages/kubernetes-1.28/kubelet-server-key +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-key~}} -{{base64_decode settings.kubernetes.server-key}} -{{~/if~}} diff --git a/packages/kubernetes-1.28/kubelet-sysctl.conf b/packages/kubernetes-1.28/kubelet-sysctl.conf deleted file mode 100644 index ed68c7e197f..00000000000 --- a/packages/kubernetes-1.28/kubelet-sysctl.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Overcommit handling mode - 1: Always overcommit -vm.overcommit_memory = 1 diff --git a/packages/kubernetes-1.28/kubelet.service b/packages/kubernetes-1.28/kubelet.service deleted file mode 100644 index 1285853f2d1..00000000000 --- a/packages/kubernetes-1.28/kubelet.service +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Kubelet -Documentation=https://github.com/kubernetes/kubernetes -After=containerd.service configured.target -Wants=configured.target -BindsTo=containerd.service - -[Service] -Slice=runtime.slice -Type=notify -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=/etc/kubernetes/kubelet/env -ExecStartPre=/sbin/iptables -P FORWARD ACCEPT -# Must be overridden by a drop-in file or `kubelet` won't start -ExecStart=/usr/bin/false - -Restart=always -RestartForceExitStatus=SIGPIPE -RestartSec=5 -Delegate=yes -KillMode=process -CPUAccounting=true -MemoryAccounting=true - -[Install] -WantedBy=multi-user.target diff --git a/packages/kubernetes-1.28/kubernetes-1.28.spec b/packages/kubernetes-1.28/kubernetes-1.28.spec deleted file mode 100644 index ed65982a869..00000000000 --- a/packages/kubernetes-1.28/kubernetes-1.28.spec +++ /dev/null @@ -1,233 +0,0 @@ -# After this upstream change, the linker flags `-s -w` are always added unless -# DBG=1 is set in the environment, which would set compiler flags to disable -# optimizations and inlining: -# https://github.com/kubernetes/kubernetes/pull/108371 -# -# For now, work around this by indicating that no debug package is expected. -%global debug_package %{nil} - -%global goproject github.com/kubernetes -%global gorepo kubernetes -%global goimport %{goproject}/%{gorepo} - -%global gover 1.28.7 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -# Construct reproducible tar archives -# See https://reproducible-builds.org/docs/archives/ -%global source_date_epoch 1234567890 -%global tar_cf tar --sort=name --mtime="@%{source_date_epoch}" --owner=0 --group=0 --numeric-owner -cf - -# The kubernetes build process expects the cross-compiler to be specified via `KUBE_*_CC` -# Here we generate that variable to use bottlerocket-specific compile aliases -# Examples of the generated variable: -# KUBE_LINUX_AMD64_CC=x86_64-bottlerocket-linux-gnu-gcc -# KUBE_LINUX_ARM64_CC=aarch64-bottlerocket-linux-gnu-gcc -%global kube_cc %{shrink: \ - %{lua: print(string.upper( \ - rpm.expand("KUBE_%{_cross_go_os}_%{_cross_go_arch}_CC=")) .. \ - rpm.expand("%{_cross_target}-gcc")) }} - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Container cluster management -# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause -License: Apache-2.0 AND BSD-3-Clause -URL: https://%{goimport} -Source0: https://distro.eks.amazonaws.com/kubernetes-1-28/releases/18/artifacts/kubernetes/v%{gover}/kubernetes-src.tar.gz -Source1: kubelet.service -Source2: kubelet-env -Source3: kubelet-config -Source4: kubelet-kubeconfig -Source5: kubernetes-ca-crt -Source6: kubelet-exec-start-conf -Source7: kubelet-bootstrap-kubeconfig -Source8: kubernetes-tmpfiles.conf -Source9: kubelet-sysctl.conf -Source10: prepare-var-lib-kubelet.service -Source11: kubelet-server-crt -Source12: kubelet-server-key -Source13: etc-kubernetes-pki-private.mount -Source14: credential-provider-config-yaml -Source15: logdog.kubelet.conf - -# ExecStartPre drop-ins -Source20: prestart-load-pause-ctr.conf -Source21: dockershim-symlink.conf -Source22: make-kubelet-dirs.conf - -# pause image components -Source100: pause-config.json -Source101: pause-manifest.json -Source102: pod-infra-container-image - -Source1000: clarify.toml - -BuildRequires: git -BuildRequires: rsync -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package -n %{_cross_os}kubelet-1.28 -Summary: Container cluster node agent -Requires: %{_cross_os}conntrack-tools -Requires: %{_cross_os}containerd -Requires: %{_cross_os}findutils -Requires: %{_cross_os}ecr-credential-provider-1.27 -Requires: %{_cross_os}aws-signing-helper -Requires: %{_cross_os}static-pods -Requires: %{_cross_os}kubelet-1.28(binaries) - -%description -n %{_cross_os}kubelet-1.28 -%{summary}. - -%package -n %{_cross_os}kubelet-1.28-bin -Summary: Container cluster node agent binaries -Provides: %{_cross_os}kubelet-1.28(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{_cross_os}kubelet-1.28) -Conflicts: (%{_cross_os}image-feature(fips) or %{_cross_os}kubelet-1.28-fips-bin) - -%description -n %{_cross_os}kubelet-1.28-bin -%{summary}. - -%package -n %{_cross_os}kubelet-1.28-fips-bin -Summary: Container cluster node agent binaries, FIPS edition -Provides: %{_cross_os}kubelet-1.28(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{_cross_os}kubelet-1.28) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{_cross_os}kubelet-1.28-bin) - -%description -n %{_cross_os}kubelet-1.28-fips-bin -%{summary}. - -%prep -%autosetup -Sgit -c -n %{gorepo}-%{gover} -p1 - -# third_party licenses -# multiarch/qemu-user-static ignored, we're not using it -cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph -cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit -cp third_party/forked/golang/LICENSE LICENSE.golang -cp third_party/forked/golang/PATENTS PATENTS.golang - -%build -export FORCE_HOST_GO=1 -# Build codegen programs with the host toolchain. -make hack/update-codegen.sh - -# Build kubelet with the target toolchain. -%set_cross_go_flags -unset CC -export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" -export %{kube_cc} -export GOFLAGS="${GOFLAGS} -tags=dockerless" -export GOLDFLAGS="${GOLDFLAGS}" -make WHAT="cmd/kubelet" - -export KUBE_OUTPUT_SUBPATH="_fips_output/local" -export GOEXPERIMENT="boringcrypto" -make WHAT="cmd/kubelet" - -# build the pause container -cd build/pause/linux/ - -# Build static pause executable for container image. -mkdir -p rootfs/usr/bin -%{_cross_triple}-musl-gcc %{_cross_cflags} %{_cross_ldflags} -static-pie pause.c -o rootfs/pause - -# Construct container image. -mkdir -p image/rootfs -%tar_cf image/rootfs/layer.tar -C rootfs . -DIGEST=$(sha256sum image/rootfs/layer.tar | sed -e 's/ .*//') -install -m 0644 %{S:100} image/config.json -sed -i "s/~~digest~~/${DIGEST}/" image/config.json -install -m 0644 %{S:101} image/manifest.json - -%tar_cf ../../../_output/local/bin/linux/%{_cross_go_arch}/kubernetes-pause.tar -C image . - -%install -output="./_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} - -fips_output="./_fips_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 ${fips_output}/kubelet %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:10} %{S:13} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_unitdir}/kubelet.service.d -install -p -m 0644 %{S:20} %{S:21} %{S:22} %{buildroot}%{_cross_unitdir}/kubelet.service.d - -mkdir -p %{buildroot}%{_cross_templatedir} -install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env -install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config -install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig -install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt -install -m 0644 %{S:6} %{buildroot}%{_cross_templatedir}/kubelet-exec-start-conf -install -m 0644 %{S:7} %{buildroot}%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -install -m 0644 %{S:11} %{buildroot}%{_cross_templatedir}/kubelet-server-crt -install -m 0644 %{S:12} %{buildroot}%{_cross_templatedir}/kubelet-server-key -install -m 0644 %{S:14} %{buildroot}%{_cross_templatedir}/credential-provider-config-yaml - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:8} %{buildroot}%{_cross_tmpfilesdir}/kubernetes.conf - -install -d %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:9} %{buildroot}%{_cross_sysctldir}/90-kubelet.conf - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -ln -rs \ - %{buildroot}%{_sharedstatedir}/kubelet/plugins \ - %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet-plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -install -d %{buildroot}%{_cross_datadir}/logdog.d -install -p -m 0644 %{S:15} %{buildroot}%{_cross_datadir}/logdog.d - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 ${output}/kubernetes-pause.tar %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 %{S:102} %{buildroot}%{_cross_templatedir}/pod-infra-container-image - -%files -n %{_cross_os}kubelet-1.28 -%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/kubelet.service -%{_cross_unitdir}/prepare-var-lib-kubelet.service -%{_cross_unitdir}/etc-kubernetes-pki-private.mount -%dir %{_cross_unitdir}/kubelet.service.d -%{_cross_unitdir}/kubelet.service.d/prestart-load-pause-ctr.conf -%{_cross_unitdir}/kubelet.service.d/make-kubelet-dirs.conf -%{_cross_unitdir}/kubelet.service.d/dockershim-symlink.conf -%dir %{_cross_templatedir} -%{_cross_templatedir}/kubelet-env -%{_cross_templatedir}/kubelet-config -%{_cross_templatedir}/kubelet-kubeconfig -%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -%{_cross_templatedir}/kubelet-exec-start-conf -%{_cross_templatedir}/kubernetes-ca-crt -%{_cross_templatedir}/kubelet-server-crt -%{_cross_templatedir}/kubelet-server-key -%{_cross_templatedir}/credential-provider-config-yaml -%{_cross_tmpfilesdir}/kubernetes.conf -%{_cross_sysctldir}/90-kubelet.conf -%dir %{_cross_libexecdir}/kubernetes -%{_cross_libexecdir}/kubernetes/kubelet-plugins -%{_cross_libexecdir}/kubernetes/kubernetes-pause.tar -%{_cross_templatedir}/pod-infra-container-image -%{_cross_datadir}/logdog.d/logdog.kubelet.conf - -%files -n %{_cross_os}kubelet-1.28-bin -%{_cross_bindir}/kubelet - -%files -n %{_cross_os}kubelet-1.28-fips-bin -%{_cross_fips_bindir}/kubelet - -%changelog diff --git a/packages/kubernetes-1.28/kubernetes-ca-crt b/packages/kubernetes-1.28/kubernetes-ca-crt deleted file mode 100644 index 93fd4e253ec..00000000000 --- a/packages/kubernetes-1.28/kubernetes-ca-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.cluster-certificate~}} -{{base64_decode settings.kubernetes.cluster-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.28/kubernetes-tmpfiles.conf b/packages/kubernetes-1.28/kubernetes-tmpfiles.conf deleted file mode 100644 index 4b17aba9d8a..00000000000 --- a/packages/kubernetes-1.28/kubernetes-tmpfiles.conf +++ /dev/null @@ -1,7 +0,0 @@ -d /etc/kubernetes/static-pods - - - - -L /etc/kubernetes/manifests - - - - static-pods -L /etc/kubernetes/secrets-store-csi-providers - - - - /var/lib/kubelet/providers/secrets-store -r! /var/lib/kubelet/cpu_manager_state -L /etc/kubernetes/node-feature-discovery/features.d - - - - /var/lib/kubelet/node-feature-discovery/features.d -d /opt/csi/mountpoint-s3 - - - - -L+ /opt/mountpoint-s3-csi - - - - /opt/csi/mountpoint-s3 diff --git a/packages/kubernetes-1.28/logdog.kubelet.conf b/packages/kubernetes-1.28/logdog.kubelet.conf deleted file mode 100644 index 850a0b4c1ba..00000000000 --- a/packages/kubernetes-1.28/logdog.kubelet.conf +++ /dev/null @@ -1,3 +0,0 @@ -exec kube-status systemctl status kube* -l --no-pager -file ipamd.log /var/log/aws-routed-eni/ipamd.log -file plugin.log /var/log/aws-routed-eni/plugin.log diff --git a/packages/kubernetes-1.28/make-kubelet-dirs.conf b/packages/kubernetes-1.28/make-kubelet-dirs.conf deleted file mode 100644 index a7249c9ac3f..00000000000 --- a/packages/kubernetes-1.28/make-kubelet-dirs.conf +++ /dev/null @@ -1,5 +0,0 @@ -[Service] -# Create the backing directories for symlinks in /etc -ExecStartPre=/usr/bin/mkdir -p \ - /var/lib/kubelet/providers/secrets-store \ - /var/lib/kubelet/node-feature-discovery/features.d diff --git a/packages/kubernetes-1.28/pause-config.json b/packages/kubernetes-1.28/pause-config.json deleted file mode 100644 index 8c2a7cde979..00000000000 --- a/packages/kubernetes-1.28/pause-config.json +++ /dev/null @@ -1 +0,0 @@ -{"author":"Bottlerocket","config":{"Cmd":["/pause"],"ArgsEscaped":true},"created":"2014-12-12T01:12:53.332832423Z","history":[{"created":"2014-12-12T01:12:53.332832423Z","author":"Bottlerocket","created_by":"Bottlerocket","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:~~digest~~"]}} diff --git a/packages/kubernetes-1.28/pause-manifest.json b/packages/kubernetes-1.28/pause-manifest.json deleted file mode 100644 index e8af2c103a7..00000000000 --- a/packages/kubernetes-1.28/pause-manifest.json +++ /dev/null @@ -1 +0,0 @@ -[{"Config":"config.json","RepoTags":["localhost/kubernetes/pause:0.1.0"],"Layers":["rootfs/layer.tar"]}] diff --git a/packages/kubernetes-1.28/pod-infra-container-image b/packages/kubernetes-1.28/pod-infra-container-image deleted file mode 100644 index 9b3f9a3954a..00000000000 --- a/packages/kubernetes-1.28/pod-infra-container-image +++ /dev/null @@ -1,6 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", optional = true } -+++ -{{~#if settings.kubernetes.pod-infra-container-image~}} -DEPRECATED_SETTING=settings.kubernetes.pod-infra-container-image -{{~/if~}} diff --git a/packages/kubernetes-1.28/prepare-var-lib-kubelet.service b/packages/kubernetes-1.28/prepare-var-lib-kubelet.service deleted file mode 100644 index 1b8c6207aa4..00000000000 --- a/packages/kubernetes-1.28/prepare-var-lib-kubelet.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Kubelet Directory (/var/lib/kubelet) -DefaultDependencies=no -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Remove an existing symlink, if present. Intentionally not recursive! -ExecStartPre=-/usr/bin/rm -f /var/lib/kubelet - -# Create /var/lib/kubelet so it is available for bind mounts. -ExecStart=/usr/bin/mkdir -p /var/lib/kubelet - -# Suppress warning if directory exists. -StandardError=null - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/kubernetes-1.28/prestart-load-pause-ctr.conf b/packages/kubernetes-1.28/prestart-load-pause-ctr.conf deleted file mode 100644 index 4e21b0d9b45..00000000000 --- a/packages/kubernetes-1.28/prestart-load-pause-ctr.conf +++ /dev/null @@ -1,14 +0,0 @@ -[Service] -# load the built-in pause image -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image import \ - --all-platforms \ - /usr/libexec/kubernetes/kubernetes-pause.tar - -# label it to prevent it from being removed -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image label \ - localhost/kubernetes/pause:0.1.0 \ - io.cri-containerd.pinned=pinned diff --git a/packages/kubernetes-1.29/Cargo.toml b/packages/kubernetes-1.29/Cargo.toml deleted file mode 100644 index 33c27286d2a..00000000000 --- a/packages/kubernetes-1.29/Cargo.toml +++ /dev/null @@ -1,33 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "kubernetes-1_29" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kubernetes-1.29" - -[[package.metadata.build-package.external-files]] -url = "https://distro.eks.amazonaws.com/kubernetes-1-29/releases/7/artifacts/kubernetes/v1.29.1/kubernetes-src.tar.gz" -sha512 = "9940027197f83702516775047664d3c30a83e69202dcca5aa89f320e78c27a930eb1373777277f240b3c5a63c351ccab3199c577424e760fe122692065895e2f" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -aws-signing-helper = { path = "../aws-signing-helper" } -ecr-credential-provider-1_29 = { path = "../ecr-credential-provider-1.29" } -static-pods = { path = "../static-pods" } -# `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, -# and are pulled in by `release`. -# conntrack-tools = { path = "../conntrack-tools" } -# containerd = { path = "../containerd" } -# findutils = { path = "../findutils" } diff --git a/packages/kubernetes-1.29/clarify.toml b/packages/kubernetes-1.29/clarify.toml deleted file mode 100644 index 5b6e8b60967..00000000000 --- a/packages/kubernetes-1.29/clarify.toml +++ /dev/null @@ -1,62 +0,0 @@ -[clarify."github.com/JeffAshton/win_pdh"] -expression = "BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xb221dcc9 }, -] - -[clarify."github.com/daviddengcn/go-colortext"] -expression = "BSD-3-Clause AND MIT" -license-files = [ - { path = "LICENSE", hash = 0x9769fae1 }, -] - -[clarify."github.com/ghodss/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."github.com/heketi/heketi"] -# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ -expression = "LGPL-3.0-or-later OR Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0x3c4b96d1 }, - { path = "LICENSE-APACHE2", hash = 0x438c8616 }, - { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, -] -skip-files = [ "COPYING-GPLV2" ] - -[clarify."github.com/go-bindata/go-bindata"] -expression = "CC0-1.0" -license-files = [ - { path = "LICENSE", hash = 0x393fafd6 }, -] - -[clarify."github.com/miekg/dns"] -expression = "BSD-3-Clause" -license-files = [ - { path = "COPYRIGHT", hash = 0xe41dd36c }, - { path = "LICENSE", hash = 0xfc8f12ff }, -] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."honnef.co/go/tools"] -expression = "MIT AND BSD-3-Clause AND Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xad378ed2 }, - { path = "LICENSE-THIRD-PARTY", hash = 0x546425eb }, - { path = "lint/LICENSE", hash = 0xc6b58232 }, - { path = "ssa/LICENSE", hash = 0xe656fb62 }, -] - -[clarify."github.com/storageos/go-api"] -expression = "MIT AND BSD-2-Clause" -license-files = [ - { path = "LICENCE", hash = 0x67a6861e }, -] -skip-files = ["licence.go", "types/licence.go"] diff --git a/packages/kubernetes-1.29/credential-provider-config-yaml b/packages/kubernetes-1.29/credential-provider-config-yaml deleted file mode 100644 index 6c08e3a369a..00000000000 --- a/packages/kubernetes-1.29/credential-provider-config-yaml +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -std = { version = "v1", helpers = ["default"] } -+++ -apiVersion: kubelet.config.k8s.io/v1 -kind: CredentialProviderConfig -providers: -{{#if settings.kubernetes.credential-providers}} -{{#each settings.kubernetes.credential-providers}} -{{#if this.enabled}} - - name: {{@key}} - matchImages: -{{#each this.image-patterns}} - - "{{this}}" -{{/each}} - defaultCacheDuration: "{{default "12h" this.cache-duration}}" - apiVersion: credentialprovider.kubelet.k8s.io/v1 -{{#if (or (eq @key "ecr-credential-provider") this.environment)}} - env: -{{#if this.environment}} -{{#each this.environment}} - - name: {{@key}} - value: '{{this}}' -{{/each}} -{{/if}} -{{#if (eq @key "ecr-credential-provider")}} - - name: HOME - value: '/root' -{{#if @root.settings.aws.profile}} - - name: AWS_PROFILE - value: '{{@root.settings.aws.profile}}' -{{/if}} -{{/if}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/kubernetes-1.29/dockershim-symlink.conf b/packages/kubernetes-1.29/dockershim-symlink.conf deleted file mode 100644 index d3fcda86914..00000000000 --- a/packages/kubernetes-1.29/dockershim-symlink.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -ExecStartPre=/bin/ln -sf /run/containerd/containerd.sock /run/dockershim.sock diff --git a/packages/kubernetes-1.29/etc-kubernetes-pki-private.mount b/packages/kubernetes-1.29/etc-kubernetes-pki-private.mount deleted file mode 100644 index 584e61475d1..00000000000 --- a/packages/kubernetes-1.29/etc-kubernetes-pki-private.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Kubernetes PKI private directory (/etc/kubernetes/pki/private) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/kubernetes/pki/private -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:secret_t:s0,mode=0700 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/kubernetes-1.29/kubelet-bootstrap-kubeconfig b/packages/kubernetes-1.29/kubelet-bootstrap-kubeconfig deleted file mode 100644 index 52bef7191cc..00000000000 --- a/packages/kubernetes-1.29/kubelet-bootstrap-kubeconfig +++ /dev/null @@ -1,25 +0,0 @@ -[required-extensions] -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if settings.kubernetes.bootstrap-token}} - user: - token: "{{settings.kubernetes.bootstrap-token}}" -{{/if}} diff --git a/packages/kubernetes-1.29/kubelet-config b/packages/kubernetes-1.29/kubelet-config deleted file mode 100644 index 84eaae341ae..00000000000 --- a/packages/kubernetes-1.29/kubelet-config +++ /dev/null @@ -1,190 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["kube_reserve_cpu", "kube_reserve_memory"] } -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ ---- -kind: KubeletConfiguration -apiVersion: kubelet.config.k8s.io/v1beta1 -{{#if settings.kubernetes.standalone-mode}} -address: 127.0.0.1 -authentication: - anonymous: - enabled: true - webhook: - enabled: false -authorization: - mode: AlwaysAllow -{{else}} -address: 0.0.0.0 -authentication: - anonymous: - enabled: false - webhook: - cacheTTL: 2m0s - enabled: true - x509: - clientCAFile: "/etc/kubernetes/pki/ca.crt" -authorization: - mode: Webhook - webhook: - cacheAuthorizedTTL: 5m0s - cacheUnauthorizedTTL: 30s -{{/if}} -clusterDomain: {{settings.kubernetes.cluster-domain}} -{{#if settings.kubernetes.cluster-dns-ip}} -clusterDNS: -{{#each settings.kubernetes.cluster-dns-ip}} -- {{this}} -{{else}} -- {{settings.kubernetes.cluster-dns-ip}} -{{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-hard}} -evictionHard: - {{#each settings.kubernetes.eviction-hard}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft}} -evictionSoft: - {{#each settings.kubernetes.eviction-soft}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft-grace-period}} -evictionSoftGracePeriod: - {{#each settings.kubernetes.eviction-soft-grace-period}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-max-pod-grace-period}} -evictionMaxPodGracePeriod: {{settings.kubernetes.eviction-max-pod-grace-period}} -{{/if}} -{{#if settings.kubernetes.allowed-unsafe-sysctls}} -allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}} -{{/if}} -{{#if settings.kubernetes.registry-qps includeZero=true}} -registryPullQPS: {{settings.kubernetes.registry-qps}} -{{/if}} -{{#if settings.kubernetes.registry-burst includeZero=true}} -registryBurst: {{settings.kubernetes.registry-burst}} -{{/if}} -{{#if settings.kubernetes.event-qps includeZero=true}} -eventRecordQPS: {{settings.kubernetes.event-qps}} -{{/if}} -{{#if settings.kubernetes.event-burst includeZero=true}} -eventBurst: {{settings.kubernetes.event-burst}} -{{/if}} -{{#if settings.kubernetes.kube-api-qps includeZero=true}} -kubeAPIQPS: {{settings.kubernetes.kube-api-qps}} -{{/if}} -{{#if settings.kubernetes.kube-api-burst includeZero=true}} -kubeAPIBurst: {{settings.kubernetes.kube-api-burst}} -{{/if}} -kubeReserved: - cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}" - {{#if settings.kubernetes.kube-reserved.memory}} - memory: "{{settings.kubernetes.kube-reserved.memory}}" - {{else}} - {{#if settings.kubernetes.max-pods}} - memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}" - {{/if}} - {{/if}} - ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}" -{{#unless settings.kubernetes.reserved-cpus}} -kubeReservedCgroup: "/runtime" -{{/unless}} -{{#if settings.kubernetes.system-reserved}} -systemReserved: - {{#each settings.kubernetes.system-reserved}} - {{@key}}: "{{this}}" - {{/each}} -{{#unless settings.kubernetes.reserved-cpus}} -systemReservedCgroup: "/system" -{{/unless}} -{{/if}} -cpuCFSQuota: {{default true settings.kubernetes.cpu-cfs-quota-enforced}} -cpuManagerPolicy: {{default "none" settings.kubernetes.cpu-manager-policy}} -{{#if settings.kubernetes.cpu-manager-reconcile-period}} -cpuManagerReconcilePeriod: {{settings.kubernetes.cpu-manager-reconcile-period}} -{{/if}} -{{#if settings.kubernetes.cpu-manager-policy-options}} -cpuManagerPolicyOptions: -{{#each settings.kubernetes.cpu-manager-policy-options}} - {{this}}: "true" -{{/each}} -{{/if}} -{{#if settings.kubernetes.topology-manager-scope}} -topologyManagerScope: {{settings.kubernetes.topology-manager-scope}} -{{/if}} -{{#if settings.kubernetes.topology-manager-policy}} -topologyManagerPolicy: {{settings.kubernetes.topology-manager-policy}} -{{/if}} -podPidsLimit: {{default 1048576 settings.kubernetes.pod-pids-limit}} -{{#if settings.kubernetes.image-gc-high-threshold-percent includeZero=true}} -imageGCHighThresholdPercent: {{settings.kubernetes.image-gc-high-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.image-gc-low-threshold-percent includeZero=true}} -imageGCLowThresholdPercent: {{settings.kubernetes.image-gc-low-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.provider-id}} -providerID: {{settings.kubernetes.provider-id}} -{{/if}} -resolvConf: "/run/netdog/resolv.conf" -hairpinMode: hairpin-veth -readOnlyPort: 0 -cgroupDriver: systemd -cgroupRoot: "/" -runtimeRequestTimeout: 15m -protectKernelDefaults: true -serializeImagePulls: false -seccompDefault: {{default false settings.kubernetes.seccomp-default}} -{{#if (and (default "" settings.kubernetes.server-certificate) (default "" settings.kubernetes.server-key))}} -tlsCertFile: "/etc/kubernetes/pki/kubelet-server.crt" -tlsPrivateKeyFile: "/etc/kubernetes/pki/private/kubelet-server.key" -{{else}} -serverTLSBootstrap: {{settings.kubernetes.server-tls-bootstrap}} -{{/if}} -tlsCipherSuites: -- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -volumePluginDir: "/var/lib/kubelet/plugins/volume/exec" -maxPods: {{default 110 settings.kubernetes.max-pods}} -staticPodPath: "/etc/kubernetes/static-pods/" -{{#if settings.kubernetes.container-log-max-size includeZero=true}} -containerLogMaxSize: {{settings.kubernetes.container-log-max-size}} -{{/if}} -{{#if settings.kubernetes.container-log-max-files includeZero=true}} -containerLogMaxFiles: {{settings.kubernetes.container-log-max-files}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period}} -shutdownGracePeriod: {{settings.kubernetes.shutdown-grace-period}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period-for-critical-pods}} -shutdownGracePeriodCriticalPods: {{settings.kubernetes.shutdown-grace-period-for-critical-pods}} -{{/if}} -{{#if settings.kubernetes.memory-manager-reserved-memory}} -{{#if (any_enabled settings.kubernetes.memory-manager-reserved-memory)}} -{{#if settings.kubernetes.memory-manager-policy}} -memoryManagerPolicy: {{settings.kubernetes.memory-manager-policy}} -{{/if}} -reservedMemory: -{{#each settings.kubernetes.memory-manager-reserved-memory}} -{{#if this.enabled}} - - numaNode: {{@key}} - limits: -{{#if this.memory}} - memory: {{this.memory}} -{{/if}} -{{#if this.hugepages-1Gi}} - hugepages-1Gi: {{this.hugepages-1Gi}} -{{/if}} -{{#if this.hugepages-2Mi}} - hugepages-2Mi: {{this.hugepages-2Mi}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} -{{/if}} -{{#if settings.kubernetes.reserved-cpus}} -reservedSystemCPUs: {{settings.kubernetes.reserved-cpus}} -{{/if}} diff --git a/packages/kubernetes-1.29/kubelet-env b/packages/kubernetes-1.29/kubelet-env deleted file mode 100644 index 0e4aac28853..00000000000 --- a/packages/kubernetes-1.29/kubelet-env +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["join_node_taints"] } -std = { version = "v1", helpers = ["join_map"] } -+++ -NODE_IP={{settings.kubernetes.node-ip}} -NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} -NODE_TAINTS={{join_node_taints settings.kubernetes.node-taints}} diff --git a/packages/kubernetes-1.29/kubelet-exec-start-conf b/packages/kubernetes-1.29/kubelet-exec-start-conf deleted file mode 100644 index 23fde75eeaf..00000000000 --- a/packages/kubernetes-1.29/kubelet-exec-start-conf +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ -[Service] -ExecStart= -ExecStart=/usr/bin/kubelet \ -{{#unless settings.kubernetes.standalone-mode}} - --cloud-provider {{default "external" settings.kubernetes.cloud-provider}} \ - --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - --bootstrap-kubeconfig /etc/kubernetes/kubelet/bootstrap-kubeconfig \ -{{/if}} -{{else}} - --cloud-provider "" \ -{{/unless}} - --config /etc/kubernetes/kubelet/config \ - --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ - --containerd=/run/containerd/containerd.sock \ - --root-dir /var/lib/kubelet \ - --cert-dir /var/lib/kubelet/pki \ -{{#if settings.kubernetes.credential-providers}} -{{#if (any_enabled settings.kubernetes.credential-providers)}} - --image-credential-provider-bin-dir /usr/libexec/kubernetes/kubelet/plugins \ - --image-credential-provider-config /etc/kubernetes/kubelet/credential-provider-config.yaml \ -{{/if}} -{{/if}} -{{#if settings.kubernetes.hostname-override}} - --hostname-override {{settings.kubernetes.hostname-override}} \ -{{/if}} - --node-ip ${NODE_IP} \ - --node-labels "${NODE_LABELS}" \ - --register-with-taints "${NODE_TAINTS}" \ -{{#if settings.kubernetes.log-level includeZero=true}} - -v {{settings.kubernetes.log-level}} \ -{{/if}} - --pod-infra-container-image localhost/kubernetes/pause:0.1.0 \ - --runtime-cgroups=/runtime.slice/containerd.service diff --git a/packages/kubernetes-1.29/kubelet-kubeconfig b/packages/kubernetes-1.29/kubelet-kubeconfig deleted file mode 100644 index 0dfdcd275fe..00000000000 --- a/packages/kubernetes-1.29/kubelet-kubeconfig +++ /dev/null @@ -1,43 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if (eq settings.kubernetes.authentication-mode "aws")}} -{{#if settings.kubernetes.cluster-name}} - user: - exec: - apiVersion: client.authentication.k8s.io/v1beta1 - command: "/usr/bin/aws-iam-authenticator" - args: - - token - - "-i" - - "{{settings.kubernetes.cluster-name}}" - {{#if settings.aws.region}} - - "--region" - - "{{settings.aws.region}}" - {{/if}} -{{/if}} -{{/if}} -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - user: - client-certificate: "/var/lib/kubelet/pki/kubelet-client-current.pem" - client-key: "/var/lib/kubelet/pki/kubelet-client-current.pem" -{{/if}} diff --git a/packages/kubernetes-1.29/kubelet-server-crt b/packages/kubernetes-1.29/kubelet-server-crt deleted file mode 100644 index 92003ad427e..00000000000 --- a/packages/kubernetes-1.29/kubelet-server-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-certificate~}} -{{base64_decode settings.kubernetes.server-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.29/kubelet-server-key b/packages/kubernetes-1.29/kubelet-server-key deleted file mode 100644 index b6c74aacc56..00000000000 --- a/packages/kubernetes-1.29/kubelet-server-key +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-key~}} -{{base64_decode settings.kubernetes.server-key}} -{{~/if~}} diff --git a/packages/kubernetes-1.29/kubelet-sysctl.conf b/packages/kubernetes-1.29/kubelet-sysctl.conf deleted file mode 100644 index ed68c7e197f..00000000000 --- a/packages/kubernetes-1.29/kubelet-sysctl.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Overcommit handling mode - 1: Always overcommit -vm.overcommit_memory = 1 diff --git a/packages/kubernetes-1.29/kubelet.service b/packages/kubernetes-1.29/kubelet.service deleted file mode 100644 index 1285853f2d1..00000000000 --- a/packages/kubernetes-1.29/kubelet.service +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Kubelet -Documentation=https://github.com/kubernetes/kubernetes -After=containerd.service configured.target -Wants=configured.target -BindsTo=containerd.service - -[Service] -Slice=runtime.slice -Type=notify -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=/etc/kubernetes/kubelet/env -ExecStartPre=/sbin/iptables -P FORWARD ACCEPT -# Must be overridden by a drop-in file or `kubelet` won't start -ExecStart=/usr/bin/false - -Restart=always -RestartForceExitStatus=SIGPIPE -RestartSec=5 -Delegate=yes -KillMode=process -CPUAccounting=true -MemoryAccounting=true - -[Install] -WantedBy=multi-user.target diff --git a/packages/kubernetes-1.29/kubernetes-1.29.spec b/packages/kubernetes-1.29/kubernetes-1.29.spec deleted file mode 100644 index 59b6a776062..00000000000 --- a/packages/kubernetes-1.29/kubernetes-1.29.spec +++ /dev/null @@ -1,233 +0,0 @@ -# After this upstream change, the linker flags `-s -w` are always added unless -# DBG=1 is set in the environment, which would set compiler flags to disable -# optimizations and inlining: -# https://github.com/kubernetes/kubernetes/pull/108371 -# -# For now, work around this by indicating that no debug package is expected. -%global debug_package %{nil} - -%global goproject github.com/kubernetes -%global gorepo kubernetes -%global goimport %{goproject}/%{gorepo} - -%global gover 1.29.1 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -# Construct reproducible tar archives -# See https://reproducible-builds.org/docs/archives/ -%global source_date_epoch 1234567890 -%global tar_cf tar --sort=name --mtime="@%{source_date_epoch}" --owner=0 --group=0 --numeric-owner -cf - -# The kubernetes build process expects the cross-compiler to be specified via `KUBE_*_CC` -# Here we generate that variable to use bottlerocket-specific compile aliases -# Examples of the generated variable: -# KUBE_LINUX_AMD64_CC=x86_64-bottlerocket-linux-gnu-gcc -# KUBE_LINUX_ARM64_CC=aarch64-bottlerocket-linux-gnu-gcc -%global kube_cc %{shrink: \ - %{lua: print(string.upper( \ - rpm.expand("KUBE_%{_cross_go_os}_%{_cross_go_arch}_CC=")) .. \ - rpm.expand("%{_cross_target}-gcc")) }} - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Container cluster management -# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause -License: Apache-2.0 AND BSD-3-Clause -URL: https://%{goimport} -Source0: https://distro.eks.amazonaws.com/kubernetes-1-29/releases/7/artifacts/kubernetes/v%{gover}/kubernetes-src.tar.gz -Source1: kubelet.service -Source2: kubelet-env -Source3: kubelet-config -Source4: kubelet-kubeconfig -Source5: kubernetes-ca-crt -Source6: kubelet-exec-start-conf -Source7: kubelet-bootstrap-kubeconfig -Source8: kubernetes-tmpfiles.conf -Source9: kubelet-sysctl.conf -Source10: prepare-var-lib-kubelet.service -Source11: kubelet-server-crt -Source12: kubelet-server-key -Source13: etc-kubernetes-pki-private.mount -Source14: credential-provider-config-yaml -Source15: logdog.kubelet.conf - -# ExecStartPre drop-ins -Source20: prestart-load-pause-ctr.conf -Source21: dockershim-symlink.conf -Source22: make-kubelet-dirs.conf - -# pause image components -Source100: pause-config.json -Source101: pause-manifest.json -Source102: pod-infra-container-image - -Source1000: clarify.toml - -BuildRequires: git -BuildRequires: rsync -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package -n %{_cross_os}kubelet-1.29 -Summary: Container cluster node agent -Requires: %{_cross_os}conntrack-tools -Requires: %{_cross_os}containerd -Requires: %{_cross_os}findutils -Requires: %{_cross_os}ecr-credential-provider-1.29 -Requires: %{_cross_os}aws-signing-helper -Requires: %{_cross_os}static-pods -Requires: %{_cross_os}kubelet-1.29(binaries) - -%description -n %{_cross_os}kubelet-1.29 -%{summary}. - -%package -n %{_cross_os}kubelet-1.29-bin -Summary: Container cluster node agent binaries -Provides: %{_cross_os}kubelet-1.29(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{_cross_os}kubelet-1.29) -Conflicts: (%{_cross_os}image-feature(fips) or %{_cross_os}kubelet-1.29-fips-bin) - -%description -n %{_cross_os}kubelet-1.29-bin -%{summary}. - -%package -n %{_cross_os}kubelet-1.29-fips-bin -Summary: Container cluster node agent binaries, FIPS edition -Provides: %{_cross_os}kubelet-1.29(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{_cross_os}kubelet-1.29) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{_cross_os}kubelet-1.29-bin) - -%description -n %{_cross_os}kubelet-1.29-fips-bin -%{summary}. - -%prep -%autosetup -Sgit -c -n %{gorepo}-%{gover} -p1 - -# third_party licenses -# multiarch/qemu-user-static ignored, we're not using it -cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph -cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit -cp third_party/forked/golang/LICENSE LICENSE.golang -cp third_party/forked/golang/PATENTS PATENTS.golang - -%build -export FORCE_HOST_GO=1 -# Build codegen programs with the host toolchain. -make hack/update-codegen.sh - -# Build kubelet with the target toolchain. -%set_cross_go_flags -unset CC -export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" -export %{kube_cc} -export GOFLAGS="${GOFLAGS} -tags=dockerless" -export GOLDFLAGS="${GOLDFLAGS}" -make WHAT="cmd/kubelet" - -export KUBE_OUTPUT_SUBPATH="_fips_output/local" -export GOEXPERIMENT="boringcrypto" -make WHAT="cmd/kubelet" - -# build the pause container -cd build/pause/linux/ - -# Build static pause executable for container image. -mkdir -p rootfs/usr/bin -%{_cross_triple}-musl-gcc %{_cross_cflags} %{_cross_ldflags} -static-pie pause.c -o rootfs/pause - -# Construct container image. -mkdir -p image/rootfs -%tar_cf image/rootfs/layer.tar -C rootfs . -DIGEST=$(sha256sum image/rootfs/layer.tar | sed -e 's/ .*//') -install -m 0644 %{S:100} image/config.json -sed -i "s/~~digest~~/${DIGEST}/" image/config.json -install -m 0644 %{S:101} image/manifest.json - -%tar_cf ../../../_output/local/bin/linux/%{_cross_go_arch}/kubernetes-pause.tar -C image . - -%install -output="./_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} - -fips_output="./_fips_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 ${fips_output}/kubelet %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:10} %{S:13} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_unitdir}/kubelet.service.d -install -p -m 0644 %{S:20} %{S:21} %{S:22} %{buildroot}%{_cross_unitdir}/kubelet.service.d - -mkdir -p %{buildroot}%{_cross_templatedir} -install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env -install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config -install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig -install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt -install -m 0644 %{S:6} %{buildroot}%{_cross_templatedir}/kubelet-exec-start-conf -install -m 0644 %{S:7} %{buildroot}%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -install -m 0644 %{S:11} %{buildroot}%{_cross_templatedir}/kubelet-server-crt -install -m 0644 %{S:12} %{buildroot}%{_cross_templatedir}/kubelet-server-key -install -m 0644 %{S:14} %{buildroot}%{_cross_templatedir}/credential-provider-config-yaml - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:8} %{buildroot}%{_cross_tmpfilesdir}/kubernetes.conf - -install -d %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:9} %{buildroot}%{_cross_sysctldir}/90-kubelet.conf - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -ln -rs \ - %{buildroot}%{_sharedstatedir}/kubelet/plugins \ - %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet-plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -install -d %{buildroot}%{_cross_datadir}/logdog.d -install -p -m 0644 %{S:15} %{buildroot}%{_cross_datadir}/logdog.d - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 ${output}/kubernetes-pause.tar %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 %{S:102} %{buildroot}%{_cross_templatedir}/pod-infra-container-image - -%files -n %{_cross_os}kubelet-1.29 -%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/kubelet.service -%{_cross_unitdir}/prepare-var-lib-kubelet.service -%{_cross_unitdir}/etc-kubernetes-pki-private.mount -%dir %{_cross_unitdir}/kubelet.service.d -%{_cross_unitdir}/kubelet.service.d/prestart-load-pause-ctr.conf -%{_cross_unitdir}/kubelet.service.d/make-kubelet-dirs.conf -%{_cross_unitdir}/kubelet.service.d/dockershim-symlink.conf -%dir %{_cross_templatedir} -%{_cross_templatedir}/kubelet-env -%{_cross_templatedir}/kubelet-config -%{_cross_templatedir}/kubelet-kubeconfig -%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -%{_cross_templatedir}/kubelet-exec-start-conf -%{_cross_templatedir}/kubernetes-ca-crt -%{_cross_templatedir}/kubelet-server-crt -%{_cross_templatedir}/kubelet-server-key -%{_cross_templatedir}/credential-provider-config-yaml -%{_cross_tmpfilesdir}/kubernetes.conf -%{_cross_sysctldir}/90-kubelet.conf -%dir %{_cross_libexecdir}/kubernetes -%{_cross_libexecdir}/kubernetes/kubelet-plugins -%{_cross_libexecdir}/kubernetes/kubernetes-pause.tar -%{_cross_templatedir}/pod-infra-container-image -%{_cross_datadir}/logdog.d/logdog.kubelet.conf - -%files -n %{_cross_os}kubelet-1.29-bin -%{_cross_bindir}/kubelet - -%files -n %{_cross_os}kubelet-1.29-fips-bin -%{_cross_fips_bindir}/kubelet - -%changelog diff --git a/packages/kubernetes-1.29/kubernetes-ca-crt b/packages/kubernetes-1.29/kubernetes-ca-crt deleted file mode 100644 index 93fd4e253ec..00000000000 --- a/packages/kubernetes-1.29/kubernetes-ca-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.cluster-certificate~}} -{{base64_decode settings.kubernetes.cluster-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.29/kubernetes-tmpfiles.conf b/packages/kubernetes-1.29/kubernetes-tmpfiles.conf deleted file mode 100644 index 4b17aba9d8a..00000000000 --- a/packages/kubernetes-1.29/kubernetes-tmpfiles.conf +++ /dev/null @@ -1,7 +0,0 @@ -d /etc/kubernetes/static-pods - - - - -L /etc/kubernetes/manifests - - - - static-pods -L /etc/kubernetes/secrets-store-csi-providers - - - - /var/lib/kubelet/providers/secrets-store -r! /var/lib/kubelet/cpu_manager_state -L /etc/kubernetes/node-feature-discovery/features.d - - - - /var/lib/kubelet/node-feature-discovery/features.d -d /opt/csi/mountpoint-s3 - - - - -L+ /opt/mountpoint-s3-csi - - - - /opt/csi/mountpoint-s3 diff --git a/packages/kubernetes-1.29/logdog.kubelet.conf b/packages/kubernetes-1.29/logdog.kubelet.conf deleted file mode 100644 index 850a0b4c1ba..00000000000 --- a/packages/kubernetes-1.29/logdog.kubelet.conf +++ /dev/null @@ -1,3 +0,0 @@ -exec kube-status systemctl status kube* -l --no-pager -file ipamd.log /var/log/aws-routed-eni/ipamd.log -file plugin.log /var/log/aws-routed-eni/plugin.log diff --git a/packages/kubernetes-1.29/make-kubelet-dirs.conf b/packages/kubernetes-1.29/make-kubelet-dirs.conf deleted file mode 100644 index a7249c9ac3f..00000000000 --- a/packages/kubernetes-1.29/make-kubelet-dirs.conf +++ /dev/null @@ -1,5 +0,0 @@ -[Service] -# Create the backing directories for symlinks in /etc -ExecStartPre=/usr/bin/mkdir -p \ - /var/lib/kubelet/providers/secrets-store \ - /var/lib/kubelet/node-feature-discovery/features.d diff --git a/packages/kubernetes-1.29/pause-config.json b/packages/kubernetes-1.29/pause-config.json deleted file mode 100644 index 8c2a7cde979..00000000000 --- a/packages/kubernetes-1.29/pause-config.json +++ /dev/null @@ -1 +0,0 @@ -{"author":"Bottlerocket","config":{"Cmd":["/pause"],"ArgsEscaped":true},"created":"2014-12-12T01:12:53.332832423Z","history":[{"created":"2014-12-12T01:12:53.332832423Z","author":"Bottlerocket","created_by":"Bottlerocket","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:~~digest~~"]}} diff --git a/packages/kubernetes-1.29/pause-manifest.json b/packages/kubernetes-1.29/pause-manifest.json deleted file mode 100644 index e8af2c103a7..00000000000 --- a/packages/kubernetes-1.29/pause-manifest.json +++ /dev/null @@ -1 +0,0 @@ -[{"Config":"config.json","RepoTags":["localhost/kubernetes/pause:0.1.0"],"Layers":["rootfs/layer.tar"]}] diff --git a/packages/kubernetes-1.29/pod-infra-container-image b/packages/kubernetes-1.29/pod-infra-container-image deleted file mode 100644 index 9b3f9a3954a..00000000000 --- a/packages/kubernetes-1.29/pod-infra-container-image +++ /dev/null @@ -1,6 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", optional = true } -+++ -{{~#if settings.kubernetes.pod-infra-container-image~}} -DEPRECATED_SETTING=settings.kubernetes.pod-infra-container-image -{{~/if~}} diff --git a/packages/kubernetes-1.29/prepare-var-lib-kubelet.service b/packages/kubernetes-1.29/prepare-var-lib-kubelet.service deleted file mode 100644 index 1b8c6207aa4..00000000000 --- a/packages/kubernetes-1.29/prepare-var-lib-kubelet.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Kubelet Directory (/var/lib/kubelet) -DefaultDependencies=no -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Remove an existing symlink, if present. Intentionally not recursive! -ExecStartPre=-/usr/bin/rm -f /var/lib/kubelet - -# Create /var/lib/kubelet so it is available for bind mounts. -ExecStart=/usr/bin/mkdir -p /var/lib/kubelet - -# Suppress warning if directory exists. -StandardError=null - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/kubernetes-1.29/prestart-load-pause-ctr.conf b/packages/kubernetes-1.29/prestart-load-pause-ctr.conf deleted file mode 100644 index 4e21b0d9b45..00000000000 --- a/packages/kubernetes-1.29/prestart-load-pause-ctr.conf +++ /dev/null @@ -1,14 +0,0 @@ -[Service] -# load the built-in pause image -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image import \ - --all-platforms \ - /usr/libexec/kubernetes/kubernetes-pause.tar - -# label it to prevent it from being removed -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image label \ - localhost/kubernetes/pause:0.1.0 \ - io.cri-containerd.pinned=pinned diff --git a/packages/kubernetes-1.30/Cargo.toml b/packages/kubernetes-1.30/Cargo.toml deleted file mode 100644 index 6be02ebf5c6..00000000000 --- a/packages/kubernetes-1.30/Cargo.toml +++ /dev/null @@ -1,34 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "kubernetes-1_30" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -package-name = "kubernetes-1.30" - -[[package.metadata.build-package.external-files]] -# TODO: update this URL to 1.30 release once available. -url = "https://distro.eks.amazonaws.com/kubernetes-1-30/releases/3/artifacts/kubernetes/v1.30.0/kubernetes-src.tar.gz" -sha512 = "2becf971b5ebbc6752509bc04659b036c4fe99e1638a336436555d6403247094b69ab3bde2187391606de59e3a5b23acfce01a2d3c7f4e4b7516025e2812333c" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -aws-signing-helper = { path = "../aws-signing-helper" } -ecr-credential-provider-1_30 = { path = "../ecr-credential-provider-1.30" } -static-pods = { path = "../static-pods" } -# `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, -# and are pulled in by `release`. -# conntrack-tools = { path = "../conntrack-tools" } -# containerd = { path = "../containerd" } -# findutils = { path = "../findutils" } diff --git a/packages/kubernetes-1.30/clarify.toml b/packages/kubernetes-1.30/clarify.toml deleted file mode 100644 index 5b6e8b60967..00000000000 --- a/packages/kubernetes-1.30/clarify.toml +++ /dev/null @@ -1,62 +0,0 @@ -[clarify."github.com/JeffAshton/win_pdh"] -expression = "BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xb221dcc9 }, -] - -[clarify."github.com/daviddengcn/go-colortext"] -expression = "BSD-3-Clause AND MIT" -license-files = [ - { path = "LICENSE", hash = 0x9769fae1 }, -] - -[clarify."github.com/ghodss/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."github.com/heketi/heketi"] -# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ -expression = "LGPL-3.0-or-later OR Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0x3c4b96d1 }, - { path = "LICENSE-APACHE2", hash = 0x438c8616 }, - { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, -] -skip-files = [ "COPYING-GPLV2" ] - -[clarify."github.com/go-bindata/go-bindata"] -expression = "CC0-1.0" -license-files = [ - { path = "LICENSE", hash = 0x393fafd6 }, -] - -[clarify."github.com/miekg/dns"] -expression = "BSD-3-Clause" -license-files = [ - { path = "COPYRIGHT", hash = 0xe41dd36c }, - { path = "LICENSE", hash = 0xfc8f12ff }, -] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."honnef.co/go/tools"] -expression = "MIT AND BSD-3-Clause AND Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xad378ed2 }, - { path = "LICENSE-THIRD-PARTY", hash = 0x546425eb }, - { path = "lint/LICENSE", hash = 0xc6b58232 }, - { path = "ssa/LICENSE", hash = 0xe656fb62 }, -] - -[clarify."github.com/storageos/go-api"] -expression = "MIT AND BSD-2-Clause" -license-files = [ - { path = "LICENCE", hash = 0x67a6861e }, -] -skip-files = ["licence.go", "types/licence.go"] diff --git a/packages/kubernetes-1.30/credential-provider-config-yaml b/packages/kubernetes-1.30/credential-provider-config-yaml deleted file mode 100644 index 6c08e3a369a..00000000000 --- a/packages/kubernetes-1.30/credential-provider-config-yaml +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -std = { version = "v1", helpers = ["default"] } -+++ -apiVersion: kubelet.config.k8s.io/v1 -kind: CredentialProviderConfig -providers: -{{#if settings.kubernetes.credential-providers}} -{{#each settings.kubernetes.credential-providers}} -{{#if this.enabled}} - - name: {{@key}} - matchImages: -{{#each this.image-patterns}} - - "{{this}}" -{{/each}} - defaultCacheDuration: "{{default "12h" this.cache-duration}}" - apiVersion: credentialprovider.kubelet.k8s.io/v1 -{{#if (or (eq @key "ecr-credential-provider") this.environment)}} - env: -{{#if this.environment}} -{{#each this.environment}} - - name: {{@key}} - value: '{{this}}' -{{/each}} -{{/if}} -{{#if (eq @key "ecr-credential-provider")}} - - name: HOME - value: '/root' -{{#if @root.settings.aws.profile}} - - name: AWS_PROFILE - value: '{{@root.settings.aws.profile}}' -{{/if}} -{{/if}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/kubernetes-1.30/dockershim-symlink.conf b/packages/kubernetes-1.30/dockershim-symlink.conf deleted file mode 100644 index d3fcda86914..00000000000 --- a/packages/kubernetes-1.30/dockershim-symlink.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -ExecStartPre=/bin/ln -sf /run/containerd/containerd.sock /run/dockershim.sock diff --git a/packages/kubernetes-1.30/etc-kubernetes-pki-private.mount b/packages/kubernetes-1.30/etc-kubernetes-pki-private.mount deleted file mode 100644 index 584e61475d1..00000000000 --- a/packages/kubernetes-1.30/etc-kubernetes-pki-private.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Kubernetes PKI private directory (/etc/kubernetes/pki/private) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/etc/kubernetes/pki/private -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:secret_t:s0,mode=0700 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/kubernetes-1.30/kubelet-bootstrap-kubeconfig b/packages/kubernetes-1.30/kubelet-bootstrap-kubeconfig deleted file mode 100644 index 52bef7191cc..00000000000 --- a/packages/kubernetes-1.30/kubelet-bootstrap-kubeconfig +++ /dev/null @@ -1,25 +0,0 @@ -[required-extensions] -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if settings.kubernetes.bootstrap-token}} - user: - token: "{{settings.kubernetes.bootstrap-token}}" -{{/if}} diff --git a/packages/kubernetes-1.30/kubelet-config b/packages/kubernetes-1.30/kubelet-config deleted file mode 100644 index 84eaae341ae..00000000000 --- a/packages/kubernetes-1.30/kubelet-config +++ /dev/null @@ -1,190 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["kube_reserve_cpu", "kube_reserve_memory"] } -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ ---- -kind: KubeletConfiguration -apiVersion: kubelet.config.k8s.io/v1beta1 -{{#if settings.kubernetes.standalone-mode}} -address: 127.0.0.1 -authentication: - anonymous: - enabled: true - webhook: - enabled: false -authorization: - mode: AlwaysAllow -{{else}} -address: 0.0.0.0 -authentication: - anonymous: - enabled: false - webhook: - cacheTTL: 2m0s - enabled: true - x509: - clientCAFile: "/etc/kubernetes/pki/ca.crt" -authorization: - mode: Webhook - webhook: - cacheAuthorizedTTL: 5m0s - cacheUnauthorizedTTL: 30s -{{/if}} -clusterDomain: {{settings.kubernetes.cluster-domain}} -{{#if settings.kubernetes.cluster-dns-ip}} -clusterDNS: -{{#each settings.kubernetes.cluster-dns-ip}} -- {{this}} -{{else}} -- {{settings.kubernetes.cluster-dns-ip}} -{{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-hard}} -evictionHard: - {{#each settings.kubernetes.eviction-hard}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft}} -evictionSoft: - {{#each settings.kubernetes.eviction-soft}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-soft-grace-period}} -evictionSoftGracePeriod: - {{#each settings.kubernetes.eviction-soft-grace-period}} - {{@key}}: "{{this}}" - {{/each}} -{{/if}} -{{#if settings.kubernetes.eviction-max-pod-grace-period}} -evictionMaxPodGracePeriod: {{settings.kubernetes.eviction-max-pod-grace-period}} -{{/if}} -{{#if settings.kubernetes.allowed-unsafe-sysctls}} -allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}} -{{/if}} -{{#if settings.kubernetes.registry-qps includeZero=true}} -registryPullQPS: {{settings.kubernetes.registry-qps}} -{{/if}} -{{#if settings.kubernetes.registry-burst includeZero=true}} -registryBurst: {{settings.kubernetes.registry-burst}} -{{/if}} -{{#if settings.kubernetes.event-qps includeZero=true}} -eventRecordQPS: {{settings.kubernetes.event-qps}} -{{/if}} -{{#if settings.kubernetes.event-burst includeZero=true}} -eventBurst: {{settings.kubernetes.event-burst}} -{{/if}} -{{#if settings.kubernetes.kube-api-qps includeZero=true}} -kubeAPIQPS: {{settings.kubernetes.kube-api-qps}} -{{/if}} -{{#if settings.kubernetes.kube-api-burst includeZero=true}} -kubeAPIBurst: {{settings.kubernetes.kube-api-burst}} -{{/if}} -kubeReserved: - cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}" - {{#if settings.kubernetes.kube-reserved.memory}} - memory: "{{settings.kubernetes.kube-reserved.memory}}" - {{else}} - {{#if settings.kubernetes.max-pods}} - memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}" - {{/if}} - {{/if}} - ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}" -{{#unless settings.kubernetes.reserved-cpus}} -kubeReservedCgroup: "/runtime" -{{/unless}} -{{#if settings.kubernetes.system-reserved}} -systemReserved: - {{#each settings.kubernetes.system-reserved}} - {{@key}}: "{{this}}" - {{/each}} -{{#unless settings.kubernetes.reserved-cpus}} -systemReservedCgroup: "/system" -{{/unless}} -{{/if}} -cpuCFSQuota: {{default true settings.kubernetes.cpu-cfs-quota-enforced}} -cpuManagerPolicy: {{default "none" settings.kubernetes.cpu-manager-policy}} -{{#if settings.kubernetes.cpu-manager-reconcile-period}} -cpuManagerReconcilePeriod: {{settings.kubernetes.cpu-manager-reconcile-period}} -{{/if}} -{{#if settings.kubernetes.cpu-manager-policy-options}} -cpuManagerPolicyOptions: -{{#each settings.kubernetes.cpu-manager-policy-options}} - {{this}}: "true" -{{/each}} -{{/if}} -{{#if settings.kubernetes.topology-manager-scope}} -topologyManagerScope: {{settings.kubernetes.topology-manager-scope}} -{{/if}} -{{#if settings.kubernetes.topology-manager-policy}} -topologyManagerPolicy: {{settings.kubernetes.topology-manager-policy}} -{{/if}} -podPidsLimit: {{default 1048576 settings.kubernetes.pod-pids-limit}} -{{#if settings.kubernetes.image-gc-high-threshold-percent includeZero=true}} -imageGCHighThresholdPercent: {{settings.kubernetes.image-gc-high-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.image-gc-low-threshold-percent includeZero=true}} -imageGCLowThresholdPercent: {{settings.kubernetes.image-gc-low-threshold-percent}} -{{/if}} -{{#if settings.kubernetes.provider-id}} -providerID: {{settings.kubernetes.provider-id}} -{{/if}} -resolvConf: "/run/netdog/resolv.conf" -hairpinMode: hairpin-veth -readOnlyPort: 0 -cgroupDriver: systemd -cgroupRoot: "/" -runtimeRequestTimeout: 15m -protectKernelDefaults: true -serializeImagePulls: false -seccompDefault: {{default false settings.kubernetes.seccomp-default}} -{{#if (and (default "" settings.kubernetes.server-certificate) (default "" settings.kubernetes.server-key))}} -tlsCertFile: "/etc/kubernetes/pki/kubelet-server.crt" -tlsPrivateKeyFile: "/etc/kubernetes/pki/private/kubelet-server.key" -{{else}} -serverTLSBootstrap: {{settings.kubernetes.server-tls-bootstrap}} -{{/if}} -tlsCipherSuites: -- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -volumePluginDir: "/var/lib/kubelet/plugins/volume/exec" -maxPods: {{default 110 settings.kubernetes.max-pods}} -staticPodPath: "/etc/kubernetes/static-pods/" -{{#if settings.kubernetes.container-log-max-size includeZero=true}} -containerLogMaxSize: {{settings.kubernetes.container-log-max-size}} -{{/if}} -{{#if settings.kubernetes.container-log-max-files includeZero=true}} -containerLogMaxFiles: {{settings.kubernetes.container-log-max-files}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period}} -shutdownGracePeriod: {{settings.kubernetes.shutdown-grace-period}} -{{/if}} -{{#if settings.kubernetes.shutdown-grace-period-for-critical-pods}} -shutdownGracePeriodCriticalPods: {{settings.kubernetes.shutdown-grace-period-for-critical-pods}} -{{/if}} -{{#if settings.kubernetes.memory-manager-reserved-memory}} -{{#if (any_enabled settings.kubernetes.memory-manager-reserved-memory)}} -{{#if settings.kubernetes.memory-manager-policy}} -memoryManagerPolicy: {{settings.kubernetes.memory-manager-policy}} -{{/if}} -reservedMemory: -{{#each settings.kubernetes.memory-manager-reserved-memory}} -{{#if this.enabled}} - - numaNode: {{@key}} - limits: -{{#if this.memory}} - memory: {{this.memory}} -{{/if}} -{{#if this.hugepages-1Gi}} - hugepages-1Gi: {{this.hugepages-1Gi}} -{{/if}} -{{#if this.hugepages-2Mi}} - hugepages-2Mi: {{this.hugepages-2Mi}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} -{{/if}} -{{#if settings.kubernetes.reserved-cpus}} -reservedSystemCPUs: {{settings.kubernetes.reserved-cpus}} -{{/if}} diff --git a/packages/kubernetes-1.30/kubelet-env b/packages/kubernetes-1.30/kubelet-env deleted file mode 100644 index 0e4aac28853..00000000000 --- a/packages/kubernetes-1.30/kubelet-env +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", helpers = ["join_node_taints"] } -std = { version = "v1", helpers = ["join_map"] } -+++ -NODE_IP={{settings.kubernetes.node-ip}} -NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} -NODE_TAINTS={{join_node_taints settings.kubernetes.node-taints}} diff --git a/packages/kubernetes-1.30/kubelet-exec-start-conf b/packages/kubernetes-1.30/kubelet-exec-start-conf deleted file mode 100644 index 23fde75eeaf..00000000000 --- a/packages/kubernetes-1.30/kubelet-exec-start-conf +++ /dev/null @@ -1,38 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["any_enabled", "default"] } -+++ -[Service] -ExecStart= -ExecStart=/usr/bin/kubelet \ -{{#unless settings.kubernetes.standalone-mode}} - --cloud-provider {{default "external" settings.kubernetes.cloud-provider}} \ - --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - --bootstrap-kubeconfig /etc/kubernetes/kubelet/bootstrap-kubeconfig \ -{{/if}} -{{else}} - --cloud-provider "" \ -{{/unless}} - --config /etc/kubernetes/kubelet/config \ - --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ - --containerd=/run/containerd/containerd.sock \ - --root-dir /var/lib/kubelet \ - --cert-dir /var/lib/kubelet/pki \ -{{#if settings.kubernetes.credential-providers}} -{{#if (any_enabled settings.kubernetes.credential-providers)}} - --image-credential-provider-bin-dir /usr/libexec/kubernetes/kubelet/plugins \ - --image-credential-provider-config /etc/kubernetes/kubelet/credential-provider-config.yaml \ -{{/if}} -{{/if}} -{{#if settings.kubernetes.hostname-override}} - --hostname-override {{settings.kubernetes.hostname-override}} \ -{{/if}} - --node-ip ${NODE_IP} \ - --node-labels "${NODE_LABELS}" \ - --register-with-taints "${NODE_TAINTS}" \ -{{#if settings.kubernetes.log-level includeZero=true}} - -v {{settings.kubernetes.log-level}} \ -{{/if}} - --pod-infra-container-image localhost/kubernetes/pause:0.1.0 \ - --runtime-cgroups=/runtime.slice/containerd.service diff --git a/packages/kubernetes-1.30/kubelet-kubeconfig b/packages/kubernetes-1.30/kubelet-kubeconfig deleted file mode 100644 index 0dfdcd275fe..00000000000 --- a/packages/kubernetes-1.30/kubelet-kubeconfig +++ /dev/null @@ -1,43 +0,0 @@ -[required-extensions] -aws = { version = "v1", optional = true } -kubernetes = "v1" -+++ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{#if (eq settings.kubernetes.authentication-mode "aws")}} -{{#if settings.kubernetes.cluster-name}} - user: - exec: - apiVersion: client.authentication.k8s.io/v1beta1 - command: "/usr/bin/aws-iam-authenticator" - args: - - token - - "-i" - - "{{settings.kubernetes.cluster-name}}" - {{#if settings.aws.region}} - - "--region" - - "{{settings.aws.region}}" - {{/if}} -{{/if}} -{{/if}} -{{#if (eq settings.kubernetes.authentication-mode "tls")}} - user: - client-certificate: "/var/lib/kubelet/pki/kubelet-client-current.pem" - client-key: "/var/lib/kubelet/pki/kubelet-client-current.pem" -{{/if}} diff --git a/packages/kubernetes-1.30/kubelet-server-crt b/packages/kubernetes-1.30/kubelet-server-crt deleted file mode 100644 index 92003ad427e..00000000000 --- a/packages/kubernetes-1.30/kubelet-server-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-certificate~}} -{{base64_decode settings.kubernetes.server-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.30/kubelet-server-key b/packages/kubernetes-1.30/kubelet-server-key deleted file mode 100644 index b6c74aacc56..00000000000 --- a/packages/kubernetes-1.30/kubelet-server-key +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.server-key~}} -{{base64_decode settings.kubernetes.server-key}} -{{~/if~}} diff --git a/packages/kubernetes-1.30/kubelet-sysctl.conf b/packages/kubernetes-1.30/kubelet-sysctl.conf deleted file mode 100644 index ed68c7e197f..00000000000 --- a/packages/kubernetes-1.30/kubelet-sysctl.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Overcommit handling mode - 1: Always overcommit -vm.overcommit_memory = 1 diff --git a/packages/kubernetes-1.30/kubelet.service b/packages/kubernetes-1.30/kubelet.service deleted file mode 100644 index 1285853f2d1..00000000000 --- a/packages/kubernetes-1.30/kubelet.service +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Kubelet -Documentation=https://github.com/kubernetes/kubernetes -After=containerd.service configured.target -Wants=configured.target -BindsTo=containerd.service - -[Service] -Slice=runtime.slice -Type=notify -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=/etc/kubernetes/kubelet/env -ExecStartPre=/sbin/iptables -P FORWARD ACCEPT -# Must be overridden by a drop-in file or `kubelet` won't start -ExecStart=/usr/bin/false - -Restart=always -RestartForceExitStatus=SIGPIPE -RestartSec=5 -Delegate=yes -KillMode=process -CPUAccounting=true -MemoryAccounting=true - -[Install] -WantedBy=multi-user.target diff --git a/packages/kubernetes-1.30/kubernetes-1.30.spec b/packages/kubernetes-1.30/kubernetes-1.30.spec deleted file mode 100644 index d1ebd8c3853..00000000000 --- a/packages/kubernetes-1.30/kubernetes-1.30.spec +++ /dev/null @@ -1,236 +0,0 @@ -# After this upstream change, the linker flags `-s -w` are always added unless -# DBG=1 is set in the environment, which would set compiler flags to disable -# optimizations and inlining: -# https://github.com/kubernetes/kubernetes/pull/108371 -# -# For now, work around this by indicating that no debug package is expected. -%global debug_package %{nil} - -%global goproject github.com/kubernetes -%global gorepo kubernetes -%global goimport %{goproject}/%{gorepo} - -%global gover 1.30.0 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -# Construct reproducible tar archives -# See https://reproducible-builds.org/docs/archives/ -%global source_date_epoch 1234567890 -%global tar_cf tar --sort=name --mtime="@%{source_date_epoch}" --owner=0 --group=0 --numeric-owner -cf - -# The kubernetes build process expects the cross-compiler to be specified via `KUBE_*_CC` -# Here we generate that variable to use bottlerocket-specific compile aliases -# Examples of the generated variable: -# KUBE_LINUX_AMD64_CC=x86_64-bottlerocket-linux-gnu-gcc -# KUBE_LINUX_ARM64_CC=aarch64-bottlerocket-linux-gnu-gcc -%global kube_cc %{shrink: \ - %{lua: print(string.upper( \ - rpm.expand("KUBE_%{_cross_go_os}_%{_cross_go_arch}_CC=")) .. \ - rpm.expand("%{_cross_target}-gcc")) }} - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Container cluster management -# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause -License: Apache-2.0 AND BSD-3-Clause -URL: https://%{goimport} -Source0: https://distro.eks.amazonaws.com/kubernetes-1-30/releases/3/artifacts/kubernetes/v%{gover}/kubernetes-src.tar.gz -Source1: kubelet.service -Source2: kubelet-env -Source3: kubelet-config -Source4: kubelet-kubeconfig -Source5: kubernetes-ca-crt -Source6: kubelet-exec-start-conf -Source7: kubelet-bootstrap-kubeconfig -Source8: kubernetes-tmpfiles.conf -Source9: kubelet-sysctl.conf -Source10: prepare-var-lib-kubelet.service -Source11: kubelet-server-crt -Source12: kubelet-server-key -Source13: etc-kubernetes-pki-private.mount -Source14: credential-provider-config-yaml -Source15: logdog.kubelet.conf - -# ExecStartPre drop-ins -Source20: prestart-load-pause-ctr.conf -Source21: dockershim-symlink.conf -Source22: make-kubelet-dirs.conf - -# pause image components -Source100: pause-config.json -Source101: pause-manifest.json -Source102: pod-infra-container-image - -Source1000: clarify.toml - -BuildRequires: git -BuildRequires: rsync -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package -n %{_cross_os}kubelet-1.30 -Summary: Container cluster node agent -Requires: %{_cross_os}conntrack-tools -Requires: %{_cross_os}containerd -Requires: %{_cross_os}findutils -Requires: %{_cross_os}ecr-credential-provider-1.30 -Requires: %{_cross_os}aws-signing-helper -Requires: %{_cross_os}static-pods -Requires: %{_cross_os}kubelet-1.30(binaries) - -%description -n %{_cross_os}kubelet-1.30 -%{summary}. - -%package -n %{_cross_os}kubelet-1.30-bin -Summary: Container cluster node agent binaries -Provides: %{_cross_os}kubelet-1.30(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{_cross_os}kubelet-1.30) -Conflicts: (%{_cross_os}image-feature(fips) or %{_cross_os}kubelet-1.30-fips-bin) - -%description -n %{_cross_os}kubelet-1.30-bin -%{summary}. - -%package -n %{_cross_os}kubelet-1.30-fips-bin -Summary: Container cluster node agent binaries, FIPS edition -Provides: %{_cross_os}kubelet-1.30(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{_cross_os}kubelet-1.30) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{_cross_os}kubelet-1.30-bin) - -%description -n %{_cross_os}kubelet-1.30-fips-bin -%{summary}. - -%prep -%autosetup -Sgit -c -n %{gorepo}-%{gover} -p1 - -# third_party licenses -# multiarch/qemu-user-static ignored, we're not using it -cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph -cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit -cp third_party/forked/golang/LICENSE LICENSE.golang -cp third_party/forked/golang/PATENTS PATENTS.golang - -%build -export FORCE_HOST_GO=1 - -export GO_VERSION="1.22.2" - -# Build codegen programs with the host toolchain. -make hack/update-codegen.sh - -# Build kubelet with the target toolchain. -%set_cross_go_flags -unset CC -export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" -export %{kube_cc} -export GOFLAGS="${GOFLAGS} -tags=dockerless" -export GOLDFLAGS="${GOLDFLAGS}" -make WHAT="cmd/kubelet" - -export KUBE_OUTPUT_SUBPATH="_fips_output/local" -export GOEXPERIMENT="boringcrypto" -make WHAT="cmd/kubelet" - -# build the pause container -cd build/pause/linux/ - -# Build static pause executable for container image. -mkdir -p rootfs/usr/bin -%{_cross_triple}-musl-gcc %{_cross_cflags} %{_cross_ldflags} -static-pie pause.c -o rootfs/pause - -# Construct container image. -mkdir -p image/rootfs -%tar_cf image/rootfs/layer.tar -C rootfs . -DIGEST=$(sha256sum image/rootfs/layer.tar | sed -e 's/ .*//') -install -m 0644 %{S:100} image/config.json -sed -i "s/~~digest~~/${DIGEST}/" image/config.json -install -m 0644 %{S:101} image/manifest.json - -%tar_cf ../../../_output/local/bin/linux/%{_cross_go_arch}/kubernetes-pause.tar -C image . - -%install -output="./_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} - -fips_output="./_fips_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 ${fips_output}/kubelet %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{S:10} %{S:13} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_unitdir}/kubelet.service.d -install -p -m 0644 %{S:20} %{S:21} %{S:22} %{buildroot}%{_cross_unitdir}/kubelet.service.d - -mkdir -p %{buildroot}%{_cross_templatedir} -install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env -install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config -install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig -install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt -install -m 0644 %{S:6} %{buildroot}%{_cross_templatedir}/kubelet-exec-start-conf -install -m 0644 %{S:7} %{buildroot}%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -install -m 0644 %{S:11} %{buildroot}%{_cross_templatedir}/kubelet-server-crt -install -m 0644 %{S:12} %{buildroot}%{_cross_templatedir}/kubelet-server-key -install -m 0644 %{S:14} %{buildroot}%{_cross_templatedir}/credential-provider-config-yaml - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:8} %{buildroot}%{_cross_tmpfilesdir}/kubernetes.conf - -install -d %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:9} %{buildroot}%{_cross_sysctldir}/90-kubelet.conf - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -ln -rs \ - %{buildroot}%{_sharedstatedir}/kubelet/plugins \ - %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet-plugins - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -install -d %{buildroot}%{_cross_datadir}/logdog.d -install -p -m 0644 %{S:15} %{buildroot}%{_cross_datadir}/logdog.d - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 ${output}/kubernetes-pause.tar %{buildroot}%{_cross_libexecdir}/kubernetes -install -p -m 0644 %{S:102} %{buildroot}%{_cross_templatedir}/pod-infra-container-image - -%files -n %{_cross_os}kubelet-1.30 -%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_unitdir}/kubelet.service -%{_cross_unitdir}/prepare-var-lib-kubelet.service -%{_cross_unitdir}/etc-kubernetes-pki-private.mount -%dir %{_cross_unitdir}/kubelet.service.d -%{_cross_unitdir}/kubelet.service.d/prestart-load-pause-ctr.conf -%{_cross_unitdir}/kubelet.service.d/make-kubelet-dirs.conf -%{_cross_unitdir}/kubelet.service.d/dockershim-symlink.conf -%dir %{_cross_templatedir} -%{_cross_templatedir}/kubelet-env -%{_cross_templatedir}/kubelet-config -%{_cross_templatedir}/kubelet-kubeconfig -%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -%{_cross_templatedir}/kubelet-exec-start-conf -%{_cross_templatedir}/kubernetes-ca-crt -%{_cross_templatedir}/kubelet-server-crt -%{_cross_templatedir}/kubelet-server-key -%{_cross_templatedir}/credential-provider-config-yaml -%{_cross_tmpfilesdir}/kubernetes.conf -%{_cross_sysctldir}/90-kubelet.conf -%dir %{_cross_libexecdir}/kubernetes -%{_cross_libexecdir}/kubernetes/kubelet-plugins -%{_cross_libexecdir}/kubernetes/kubernetes-pause.tar -%{_cross_templatedir}/pod-infra-container-image -%{_cross_datadir}/logdog.d/logdog.kubelet.conf - -%files -n %{_cross_os}kubelet-1.30-bin -%{_cross_bindir}/kubelet - -%files -n %{_cross_os}kubelet-1.30-fips-bin -%{_cross_fips_bindir}/kubelet - -%changelog diff --git a/packages/kubernetes-1.30/kubernetes-ca-crt b/packages/kubernetes-1.30/kubernetes-ca-crt deleted file mode 100644 index 93fd4e253ec..00000000000 --- a/packages/kubernetes-1.30/kubernetes-ca-crt +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.kubernetes.cluster-certificate~}} -{{base64_decode settings.kubernetes.cluster-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.30/kubernetes-tmpfiles.conf b/packages/kubernetes-1.30/kubernetes-tmpfiles.conf deleted file mode 100644 index 4b17aba9d8a..00000000000 --- a/packages/kubernetes-1.30/kubernetes-tmpfiles.conf +++ /dev/null @@ -1,7 +0,0 @@ -d /etc/kubernetes/static-pods - - - - -L /etc/kubernetes/manifests - - - - static-pods -L /etc/kubernetes/secrets-store-csi-providers - - - - /var/lib/kubelet/providers/secrets-store -r! /var/lib/kubelet/cpu_manager_state -L /etc/kubernetes/node-feature-discovery/features.d - - - - /var/lib/kubelet/node-feature-discovery/features.d -d /opt/csi/mountpoint-s3 - - - - -L+ /opt/mountpoint-s3-csi - - - - /opt/csi/mountpoint-s3 diff --git a/packages/kubernetes-1.30/logdog.kubelet.conf b/packages/kubernetes-1.30/logdog.kubelet.conf deleted file mode 100644 index 850a0b4c1ba..00000000000 --- a/packages/kubernetes-1.30/logdog.kubelet.conf +++ /dev/null @@ -1,3 +0,0 @@ -exec kube-status systemctl status kube* -l --no-pager -file ipamd.log /var/log/aws-routed-eni/ipamd.log -file plugin.log /var/log/aws-routed-eni/plugin.log diff --git a/packages/kubernetes-1.30/make-kubelet-dirs.conf b/packages/kubernetes-1.30/make-kubelet-dirs.conf deleted file mode 100644 index a7249c9ac3f..00000000000 --- a/packages/kubernetes-1.30/make-kubelet-dirs.conf +++ /dev/null @@ -1,5 +0,0 @@ -[Service] -# Create the backing directories for symlinks in /etc -ExecStartPre=/usr/bin/mkdir -p \ - /var/lib/kubelet/providers/secrets-store \ - /var/lib/kubelet/node-feature-discovery/features.d diff --git a/packages/kubernetes-1.30/pause-config.json b/packages/kubernetes-1.30/pause-config.json deleted file mode 100644 index 8c2a7cde979..00000000000 --- a/packages/kubernetes-1.30/pause-config.json +++ /dev/null @@ -1 +0,0 @@ -{"author":"Bottlerocket","config":{"Cmd":["/pause"],"ArgsEscaped":true},"created":"2014-12-12T01:12:53.332832423Z","history":[{"created":"2014-12-12T01:12:53.332832423Z","author":"Bottlerocket","created_by":"Bottlerocket","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:~~digest~~"]}} diff --git a/packages/kubernetes-1.30/pause-manifest.json b/packages/kubernetes-1.30/pause-manifest.json deleted file mode 100644 index e8af2c103a7..00000000000 --- a/packages/kubernetes-1.30/pause-manifest.json +++ /dev/null @@ -1 +0,0 @@ -[{"Config":"config.json","RepoTags":["localhost/kubernetes/pause:0.1.0"],"Layers":["rootfs/layer.tar"]}] diff --git a/packages/kubernetes-1.30/pod-infra-container-image b/packages/kubernetes-1.30/pod-infra-container-image deleted file mode 100644 index 9b3f9a3954a..00000000000 --- a/packages/kubernetes-1.30/pod-infra-container-image +++ /dev/null @@ -1,6 +0,0 @@ -[required-extensions] -kubernetes = { version = "v1", optional = true } -+++ -{{~#if settings.kubernetes.pod-infra-container-image~}} -DEPRECATED_SETTING=settings.kubernetes.pod-infra-container-image -{{~/if~}} diff --git a/packages/kubernetes-1.30/prepare-var-lib-kubelet.service b/packages/kubernetes-1.30/prepare-var-lib-kubelet.service deleted file mode 100644 index 1b8c6207aa4..00000000000 --- a/packages/kubernetes-1.30/prepare-var-lib-kubelet.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Kubelet Directory (/var/lib/kubelet) -DefaultDependencies=no -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Remove an existing symlink, if present. Intentionally not recursive! -ExecStartPre=-/usr/bin/rm -f /var/lib/kubelet - -# Create /var/lib/kubelet so it is available for bind mounts. -ExecStart=/usr/bin/mkdir -p /var/lib/kubelet - -# Suppress warning if directory exists. -StandardError=null - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/kubernetes-1.30/prestart-load-pause-ctr.conf b/packages/kubernetes-1.30/prestart-load-pause-ctr.conf deleted file mode 100644 index 4e21b0d9b45..00000000000 --- a/packages/kubernetes-1.30/prestart-load-pause-ctr.conf +++ /dev/null @@ -1,14 +0,0 @@ -[Service] -# load the built-in pause image -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image import \ - --all-platforms \ - /usr/libexec/kubernetes/kubernetes-pause.tar - -# label it to prevent it from being removed -ExecStartPre=/usr/bin/ctr \ - --namespace=k8s.io \ - image label \ - localhost/kubernetes/pause:0.1.0 \ - io.cri-containerd.pinned=pinned diff --git a/packages/libacl/Cargo.toml b/packages/libacl/Cargo.toml deleted file mode 100644 index 6399538c2e4..00000000000 --- a/packages/libacl/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "libacl" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://download-mirror.savannah.gnu.org/releases/acl" - -[[package.metadata.build-package.external-files]] -url = "https://download-mirror.savannah.gnu.org/releases/acl/acl-2.3.2.tar.gz" -sha512 = "31aeb39958d8af5d08933dd3a89333a41025c3eb49fc461fa3c291caca51dad575ec13faeb7deba9b3c2ebf7615be7d45e2b78e50d4f83d8ec933c95931a7682" - -[build-dependencies] -glibc = { path = "../glibc" } -libattr = { path = "../libattr" } diff --git a/packages/libacl/libacl.spec b/packages/libacl/libacl.spec deleted file mode 100644 index feea829f2f2..00000000000 --- a/packages/libacl/libacl.spec +++ /dev/null @@ -1,54 +0,0 @@ -Name: %{_cross_os}libacl -Version: 2.3.2 -Release: 1%{?dist} -Summary: Library for access control list support -License: LGPL-2.1-or-later -URL: https://savannah.nongnu.org/projects/acl -Source0: https://download-mirror.savannah.gnu.org/releases/acl/acl-%{version}.tar.gz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libattr-devel -Requires: %{_cross_os}libattr - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for access control list support -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n acl-%{version} -p1 - -%build -%cross_configure \ - --disable-nls \ - --disable-rpath \ - -%force_disable_rpath - -%make_build - -%install -%make_install - -%files -%license doc/COPYING.LGPL -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_bindir} -%exclude %{_cross_docdir} -%exclude %{_cross_mandir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/acl -%{_cross_includedir}/acl/*.h -%{_cross_includedir}/sys/acl.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libattr/Cargo.toml b/packages/libattr/Cargo.toml deleted file mode 100644 index 5e20e3abf05..00000000000 --- a/packages/libattr/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libattr" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://download-mirror.savannah.gnu.org/releases/attr" - -[[package.metadata.build-package.external-files]] -url = "https://download-mirror.savannah.gnu.org/releases/attr/attr-2.5.2.tar.xz" -sha512 = "f587ea544effb7cfed63b3027bf14baba2c2dbe3a9b6c0c45fc559f7e8cb477b3e9a4a826eae30f929409468c50d11f3e7dc6d2500f41e1af8662a7e96a30ef3" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libattr/libattr.spec b/packages/libattr/libattr.spec deleted file mode 100644 index 658d18df52b..00000000000 --- a/packages/libattr/libattr.spec +++ /dev/null @@ -1,51 +0,0 @@ -Name: %{_cross_os}libattr -Version: 2.5.2 -Release: 1%{?dist} -Summary: Library for extended attribute support -License: LGPL-2.1-or-later -URL: https://savannah.nongnu.org/projects/attr -Source0: https://download-mirror.savannah.gnu.org/releases/attr/attr-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for extended attribute support -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n attr-%{version} -p1 - -%build -%cross_configure -%force_disable_rpath - -%make_build - -%install -%make_install - -%files -%license doc/COPYING.LGPL -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_sysconfdir}/xattr.conf -%exclude %{_cross_bindir} -%exclude %{_cross_docdir} -%exclude %{_cross_infodir} -%exclude %{_cross_localedir} -%exclude %{_cross_mandir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/attr -%{_cross_includedir}/attr/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libaudit/Cargo.toml b/packages/libaudit/Cargo.toml deleted file mode 100644 index d3afd4483ea..00000000000 --- a/packages/libaudit/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libaudit" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/linux-audit/audit-userspace/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/linux-audit/audit-userspace/archive/v3.1.4/audit-userspace-3.1.4.tar.gz" -sha512 = "76cbc0bdde91adf8f8870784ea0741a01869c68dc0d3fb9c5815d5aa3e96ead2fd28ba06b98e5c70b8fe2113e7c43defd48af01ec82cba13f3907698067f964d" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libaudit/audit-rules.service b/packages/libaudit/audit-rules.service deleted file mode 100644 index 83d86291afa..00000000000 --- a/packages/libaudit/audit-rules.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=Load audit rules -DefaultDependencies=no -Conflicts=shutdown.target -Before=sysinit.target shutdown.target -ConditionSecurity=audit - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/sbin/auditctl -R /usr/share/audit/audit.rules -ExecStop=-/sbin/auditctl -D - -[Install] -WantedBy=preconfigured.target diff --git a/packages/libaudit/audit.rules b/packages/libaudit/audit.rules deleted file mode 100644 index 0734b4ff96d..00000000000 --- a/packages/libaudit/audit.rules +++ /dev/null @@ -1,15 +0,0 @@ -# Delete all rules. --D - -# Exclude userspace events. --a never,user - -# Exclude per-task events. --a never,task - -# Exclude syscalls. --a never,exit -S all - -# Exclude everything except SELinux events. --a always,exclude -F msgtype<1400 --a always,exclude -F msgtype>1499 diff --git a/packages/libaudit/libaudit.spec b/packages/libaudit/libaudit.spec deleted file mode 100644 index 4765502c134..00000000000 --- a/packages/libaudit/libaudit.spec +++ /dev/null @@ -1,93 +0,0 @@ -Name: %{_cross_os}libaudit -Version: 3.1.4 -Release: 1%{?dist} -Summary: Library for the audit subsystem -License: GPL-2.0-or-later AND LGPL-2.1-or-later -URL: https://github.com/linux-audit/audit-userspace/ -Source0: https://github.com/linux-audit/audit-userspace/archive/v%{version}/audit-userspace-%{version}.tar.gz -Source10: audit-rules.service -Source11: audit.rules -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for the audit subsystem -Requires: %{name} - -%description devel -%{summary}. - -%package -n %{_cross_os}audit -Summary: Tools for the audit subsystem -Requires: %{name} - -%description -n %{_cross_os}audit -%{summary}. - -%prep -%autosetup -n audit-userspace-%{version} -p1 - -%build -autoreconf -fi -%cross_configure \ - --disable-listener \ - --disable-gssapi-krb5 \ - --disable-systemd \ - --disable-zos-remote \ - --with-aarch64 \ - --with-warn \ - --without-alpha \ - --without-arm \ - --without-apparmor \ - --without-debug \ - --without-golang \ - --without-libcap-ng \ - --without-prelude \ - --without-python \ - --without-python3 \ - -%force_disable_rpath - -%make_build - -%install -make DESTDIR=%{buildroot} -C lib install -make DESTDIR=%{buildroot} -C src install -make DESTDIR=%{buildroot} -C auparse install - -# fix libtool sadness -for b in auditctl auditd aureport ausearch autrace ; do - mv %{buildroot}%{_cross_sbindir}/{%{_cross_target}-${b},${b}} -done - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:10} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_datadir}/audit -install -p -m 0644 %{S:11} %{buildroot}%{_cross_datadir}/audit - - -%files -%license COPYING COPYING.LIB -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%files -n %{_cross_os}audit -%{_cross_sbindir}/auditctl -%{_cross_unitdir}/audit-rules.service -%{_cross_datadir}/audit/audit.rules -%exclude %{_cross_sbindir}/auditd -%exclude %{_cross_sbindir}/aureport -%exclude %{_cross_sbindir}/ausearch -%exclude %{_cross_sbindir}/autrace - -%changelog diff --git a/packages/libcap/9001-dont-test-during-install.patch b/packages/libcap/9001-dont-test-during-install.patch deleted file mode 100644 index 8ea9deb58d2..00000000000 --- a/packages/libcap/9001-dont-test-during-install.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -Nurd libcap-2.57.orig/Makefile libcap-2.57/Makefile ---- libcap-2.57.orig/Makefile 2021-09-09 13:57:36.000000000 -0700 -+++ libcap-2.57/Makefile 2021-09-17 14:47:21.493628663 -0700 -@@ -17,7 +17,6 @@ - $(MAKE) -C go $@ - rm -f cap/go.sum - endif -- $(MAKE) -C tests $@ - $(MAKE) -C progs $@ - $(MAKE) -C doc $@ - diff --git a/packages/libcap/Cargo.toml b/packages/libcap/Cargo.toml deleted file mode 100644 index 3b17266f3e8..00000000000 --- a/packages/libcap/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "libcap" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://cdn.kernel.org/pub/linux/libs/security/linux-privs/libcap2/" -# Changelog can be found here: https://sites.google.com/site/fullycapable/release-notes-for-libcap - -[[package.metadata.build-package.external-files]] -url = "https://cdn.kernel.org/pub/linux/libs/security/linux-privs/libcap2/libcap-2.69.tar.gz" -sha512 = "75ee0fe8e1ac835f29cb76d233f731dcf126b73eed5229a130bbe4308a42441934d4e9cefeaaab45f774de2ed6859c752fbbfb9908e792f2f9f3d0f841e01aee" - -[build-dependencies] -glibc = { path = "../glibc" } -libattr = { path = "../libattr" } diff --git a/packages/libcap/libcap.spec b/packages/libcap/libcap.spec deleted file mode 100644 index 35c25001444..00000000000 --- a/packages/libcap/libcap.spec +++ /dev/null @@ -1,66 +0,0 @@ -Name: %{_cross_os}libcap -Version: 2.69 -Release: 1%{?dist} -Summary: Library for getting and setting POSIX.1e capabilities -License: GPL-2.0-only OR BSD-3-Clause -URL: https://sites.google.com/site/fullycapable/ -Source0: https://git.kernel.org/pub/scm/libs/libcap/libcap.git/snapshot/libcap-%{version}.tar.gz -BuildRequires: libcap-devel -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libattr-devel -Requires: %{_cross_os}libattr - -# Local changes. -Patch9001: 9001-dont-test-during-install.patch - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for getting and setting POSIX.1e capabilities -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libcap-%{version} -p1 - -%build -make \ - CC="%{_cross_target}-gcc" \ - CFLAGS="%{_cross_cflags} -fPIC" \ - BUILD_CC="gcc" BUILD_CFLAGS="%{optflags}" \ - prefix=%{_cross_prefix} lib=%{_cross_lib} \ - LIBDIR=%{_cross_libdir} SBINDIR=%{_cross_sbindir} \ - INCDIR=%{_cross_includedir} MANDIR=%{_cross_mandir} \ - PKGCONFIGDIR=%{_cross_pkgconfigdir} \ - GOLANG=no RAISE_SETFCAP=no PAM_CAP=no \ - -%install -make install \ - DESTDIR=%{buildroot} \ - CC="%{_cross_target}-gcc" CFLAGS="%{_cross_cflags}" \ - BUILD_CC="gcc" BUILD_CFLAGS="%{optflags}" \ - prefix=%{_cross_prefix} lib=%{_cross_lib} \ - LIBDIR=%{_cross_libdir} SBINDIR=%{_cross_sbindir} \ - INCDIR=%{_cross_includedir} MANDIR=%{_cross_mandir} \ - PKGCONFIGDIR=%{_cross_pkgconfigdir} \ - GOLANG=no RAISE_SETFCAP=no PAM_CAP=no \ - -chmod +x %{buildroot}%{_cross_libdir}/*.so.* - -%files -%license License -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_mandir} -%exclude %{_cross_sbindir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%{_cross_includedir}/sys/*.h -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/libdbus/Cargo.toml b/packages/libdbus/Cargo.toml deleted file mode 100644 index 0a4ffbeaa84..00000000000 --- a/packages/libdbus/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "libdbus" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://dbus.freedesktop.org/releases/dbus" - -[[package.metadata.build-package.external-files]] -url = "https://dbus.freedesktop.org/releases/dbus/dbus-1.15.6.tar.xz" -sha512 = "8c2e207d98245d5f8d358e9824be9e8646af8147958e8bd56e18d478e8976e58a6645ee1aba62451fcc58443157e2a39c4a6ed9c2e440e7b6b05053d022f0113" - -[build-dependencies] -glibc = { path = "../glibc" } -libcap = { path = "../libcap" } -libexpat = { path = "../libexpat" } diff --git a/packages/libdbus/libdbus.spec b/packages/libdbus/libdbus.spec deleted file mode 100644 index 0de302fc7d0..00000000000 --- a/packages/libdbus/libdbus.spec +++ /dev/null @@ -1,69 +0,0 @@ -Name: %{_cross_os}libdbus -Version: 1.15.6 -Release: 1%{?dist} -Summary: Library for a message bus -License: AFL-2.1 OR GPL-2.0-or-later -URL: http://www.freedesktop.org/Software/dbus/ -Source0: https://dbus.freedesktop.org/releases/dbus/dbus-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libcap-devel -BuildRequires: %{_cross_os}libexpat-devel -Requires: %{_cross_os}libcap -Requires: %{_cross_os}libexpat - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for a message bus -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n dbus-%{version} -p1 - -%build -%cross_configure \ - --disable-asserts \ - --disable-doxygen-docs \ - --disable-ducktype-docs \ - --disable-tests \ - --disable-xml-docs \ - --disable-selinux \ - --disable-systemd \ - --with-xml=expat \ - -%force_disable_rpath - -%make_build - -%install -%make_install - -rm -rf %{buildroot}%{_cross_docdir}/dbus/examples - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_bindir} -%exclude %{_cross_datadir}/dbus-1 -%exclude %{_cross_datadir}/doc -%exclude %{_cross_datadir}/xml -%exclude %{_cross_libexecdir} -%exclude %{_cross_sysconfdir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_libdir}/dbus-1.0 -%{_cross_libdir}/dbus-1.0/* -%dir %{_cross_includedir}/dbus-1.0 -%{_cross_includedir}/dbus-1.0/* -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la -%exclude %{_cross_libdir}/cmake - -%changelog diff --git a/packages/libelf/Cargo.toml b/packages/libelf/Cargo.toml deleted file mode 100644 index 3f0491b6ec4..00000000000 --- a/packages/libelf/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "libelf" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://sourceware.org/elfutils/ftp/" - -[[package.metadata.build-package.external-files]] -url = "https://sourceware.org/elfutils/ftp/0.191/elfutils-0.191.tar.bz2" -sha512 = "e22d85f25317a79b36d370347e50284c9120c86f9830f08791b7b6a7b4ad89b9bf4c7c71129133b8d193a0edffb2a2c17987b7e48428b9670aff5ce918777e04" - -[build-dependencies] -glibc = { path = "../glibc" } -libz = { path = "../libz" } diff --git a/packages/libelf/libelf.spec b/packages/libelf/libelf.spec deleted file mode 100644 index 09971112397..00000000000 --- a/packages/libelf/libelf.spec +++ /dev/null @@ -1,59 +0,0 @@ -Name: %{_cross_os}libelf -Version: 0.191 -Release: 1%{?dist} -Summary: Library for ELF files -License: GPL-2.0-or-later OR LGPL-3.0-or-later -URL: https://sourceware.org/elfutils/ -Source0: https://sourceware.org/elfutils/ftp/%{version}/elfutils-%{version}.tar.bz2 - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libz-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for ELF files -Requires: %{name} -Requires: %{_cross_os}libz-devel - -%description devel -%{summary}. - -%prep -%autosetup -n elfutils-%{version} -p1 - -%build -%cross_configure \ - --without-bzlib \ - --without-lzma \ - --disable-silent-rules \ - --disable-symbol-versioning \ - --disable-nls \ - --disable-progs \ - --disable-debuginfod \ - --disable-libdebuginfod \ - -%make_build - -%install -%make_install - -%files -%license COPYING-GPLV2 COPYING-LGPLV3 -%{_cross_libdir}/*.so.* -%{_cross_libdir}/libasm-*.so -%{_cross_libdir}/libelf-*.so -%{_cross_libdir}/libdw-*.so -%{_cross_attribution_file} -%exclude %{_cross_mandir} -%exclude %{_cross_bindir} - -%files devel -%{_cross_includedir}/*.h -%{_cross_includedir}/elfutils/*.h -%{_cross_libdir}/libasm.so -%{_cross_libdir}/libelf.so -%{_cross_libdir}/libdw.so -%{_cross_libdir}/*.a -%{_cross_libdir}/pkgconfig/*.pc diff --git a/packages/libexpat/Cargo.toml b/packages/libexpat/Cargo.toml deleted file mode 100644 index 918c4f04629..00000000000 --- a/packages/libexpat/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libexpat" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/libexpat/libexpat/releases/" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/libexpat/libexpat/releases/download/R_2_6_2/expat-2.6.2.tar.xz" -sha512 = "47b60967d6346d330dded87ea1a2957aa7d34dd825043386a89aa131054714f618ede57bfe97cf6caa40582a4bc67e198d2a915e7d8dbe8ee4f581857c2e3c2e" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libexpat/libexpat.spec b/packages/libexpat/libexpat.spec deleted file mode 100644 index 024ffa66cf6..00000000000 --- a/packages/libexpat/libexpat.spec +++ /dev/null @@ -1,49 +0,0 @@ -%global unversion 2_6_2 - -Name: %{_cross_os}libexpat -Version: %(echo %{unversion} | sed 's/_/./g') -Release: 1%{?dist} -Summary: Library for XML parsing -License: MIT -URL: https://libexpat.github.io/ -Source0: https://github.com/libexpat/libexpat/releases/download/R_%{unversion}/expat-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for XML parsing -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n expat-%{version} -p1 - -%build -%cross_configure \ - --without-docbook \ - --without-xmlwf \ - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_docdir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la -%exclude %{_cross_libdir}/cmake - -%changelog diff --git a/packages/libffi/Cargo.toml b/packages/libffi/Cargo.toml deleted file mode 100644 index 7297d5dae9c..00000000000 --- a/packages/libffi/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libffi" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/libffi/libffi/releases/" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/libffi/libffi/releases/download/v3.4.6/libffi-3.4.6.tar.gz" -sha512 = "033d2600e879b83c6bce0eb80f69c5f32aa775bf2e962c9d39fbd21226fa19d1e79173d8eaa0d0157014d54509ea73315ad86842356fc3a303c0831c94c6ab39" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libffi/libffi.spec b/packages/libffi/libffi.spec deleted file mode 100644 index b39db8765f0..00000000000 --- a/packages/libffi/libffi.spec +++ /dev/null @@ -1,46 +0,0 @@ -Name: %{_cross_os}libffi -Version: 3.4.6 -Release: 1%{?dist} -Summary: Library for FFI -License: MIT -URL: https://sourceware.org/libffi/ -Source0: https://github.com/libffi/libffi/releases/download/v%{version}/libffi-%{version}.tar.gz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for FFI -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libffi-%{version} -p1 - -%build -%cross_configure \ - --disable-docs \ - --disable-multi-os-directory \ - -%make_build - -%install -%make_install - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_mandir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libgcc/Cargo.toml b/packages/libgcc/Cargo.toml deleted file mode 100644 index 070bb948af0..00000000000 --- a/packages/libgcc/Cargo.toml +++ /dev/null @@ -1,11 +0,0 @@ -[package] -name = "libgcc" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] - -[lib] -path = "../packages.rs" diff --git a/packages/libgcc/libgcc.spec b/packages/libgcc/libgcc.spec deleted file mode 100644 index 39d5516733b..00000000000 --- a/packages/libgcc/libgcc.spec +++ /dev/null @@ -1,32 +0,0 @@ -# This is a wrapper package that vends a pre-built shared library from -# the SDK, allowing it to be loaded at runtime. It also lets us extract -# debuginfo in the usual way. -%undefine _debugsource_packages - -Name: %{_cross_os}libgcc -Version: 0.0 -Release: 1%{?dist} -Summary: GCC runtime library -License: GPL-3.0-or-later WITH GCC-exception-3.1 -URL: https://gcc.gnu.org/ - -%description -%{summary}. - -%prep -%setup -T -c -cp %{_cross_licensedir}/gcc/COPYING{3,.RUNTIME} . - -%build -install -p -m0755 %{_cross_libdir}/libgcc_s.so.1 . - -%install -mkdir -p %{buildroot}%{_cross_libdir} -install -p -m0755 libgcc_s.so.1 %{buildroot}%{_cross_libdir} - -%files -%license COPYING3 COPYING.RUNTIME -%{_cross_attribution_file} -%{_cross_libdir}/libgcc_s.so.1 - -%changelog diff --git a/packages/libglib/Cargo.toml b/packages/libglib/Cargo.toml deleted file mode 100644 index ba130a90613..00000000000 --- a/packages/libglib/Cargo.toml +++ /dev/null @@ -1,24 +0,0 @@ -[package] -name = "libglib" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://download.gnome.org/sources/glib" - -[[package.metadata.build-package.external-files]] -url = "https://download.gnome.org/sources/glib/2.78/glib-2.78.4.tar.xz" -sha512 = "6f3a06e10e7373a2dbf0688512de4126472fb73cbec488b7983b5ffecff09c64d7e1ca462f892e8f215d3d277d103ca802bad7ef0bd0f91edf26fc6ce67187b6" - -[build-dependencies] -glibc = { path = "../glibc" } -libffi = { path = "../libffi" } -libpcre = { path = "../libpcre" } -libselinux = { path = "../libselinux" } -libz = { path = "../libz" } -util-linux = { path = "../util-linux" } diff --git a/packages/libglib/libglib.spec b/packages/libglib/libglib.spec deleted file mode 100644 index 2ef4c0614fd..00000000000 --- a/packages/libglib/libglib.spec +++ /dev/null @@ -1,72 +0,0 @@ -Name: %{_cross_os}libglib -Version: 2.78.4 -Release: 1%{?dist} -Summary: The GLib libraries -# glib2 is LGPL-2.1-only -License: LGPL-2.1-only -URL: https://www.gtk.org/ -Source0: https://download.gnome.org/sources/glib/2.78/glib-%{version}.tar.xz -BuildRequires: meson -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libffi-devel -BuildRequires: %{_cross_os}libmount-devel -BuildRequires: %{_cross_os}libpcre-devel -BuildRequires: %{_cross_os}libselinux-devel -BuildRequires: %{_cross_os}libz-devel -Requires: %{_cross_os}libffi -Requires: %{_cross_os}libmount -Requires: %{_cross_os}libpcre -Requires: %{_cross_os}libselinux -Requires: %{_cross_os}libz - -%description -%{summary}. - -%package devel -Summary: Files for development using the GLib libraries -Requires: %{name} -Requires: %{_cross_os}libffi-devel - -%description devel -%{summary}. - -%prep -%autosetup -n glib-%{version} -p1 - -%build -CONFIGURE_OPTS=( - -Dlibmount=enabled - -Dselinux=enabled - - -Dlibelf=disabled - -Dnls=disabled - - -Dman=false - -Dtests=false -) - -%cross_meson "${CONFIGURE_OPTS[@]}" -%cross_meson_build - -%install -%cross_meson_install - -%files -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_datadir} -%exclude %{_cross_libexecdir} - -%files devel -%{_cross_bindir}/* -%{_cross_libdir}/*.so -%dir %{_cross_libdir}/glib-2.0 -%dir %{_cross_libdir}/glib-2.0/include -%{_cross_libdir}/glib-2.0/include/glibconfig.h -%dir %{_cross_includedir}/gio-unix-2.0 -%dir %{_cross_includedir}/glib-2.0 -%{_cross_includedir}/gio-unix-2.0/* -%{_cross_includedir}/glib-2.0/* -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/libinih/Cargo.toml b/packages/libinih/Cargo.toml deleted file mode 100644 index f3bdefc749b..00000000000 --- a/packages/libinih/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "libinih" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/benhoyt/inih/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/benhoyt/inih/archive/refs/tags/r58.tar.gz" -path = "inih-r58.tar.gz" -sha512 = "d69f488299c1896e87ddd3dd20cd9db5848da7afa4c6159b8a99ba9a5d33f35cadfdb9f65d6f2fe31decdbadb8b43bf610ff2699df475e1f9ff045e343ac26ae" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libinih/libinih.spec b/packages/libinih/libinih.spec deleted file mode 100644 index edcfc0bad7b..00000000000 --- a/packages/libinih/libinih.spec +++ /dev/null @@ -1,44 +0,0 @@ -Name: %{_cross_os}libinih -Version: 58 -Release: 1%{?dist} -Summary: Simple INI file parser library -License: BSD-3-Clause -URL: https://github.com/benhoyt/inih -Source0: https://github.com/benhoyt/inih/archive/refs/tags/r%{version}.tar.gz#/inih-r%{version}.tar.gz - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: meson - -%description -%{summary}. - -%package devel -Summary: Files for development using the simple INI file parser library -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n inih-r%{version} - -%build -CONFIGURE_OPTS=( - -Dwith_INIReader=false -) - -%cross_meson "${CONFIGURE_OPTS[@]}" -%cross_meson_build - -%install -%cross_meson_install - -%files -%license LICENSE.txt -%{_cross_attribution_file} -%{_cross_libdir}/libinih.so.0 - -%files devel -%{_cross_pkgconfigdir}/inih.pc -%{_cross_libdir}/libinih.so -%{_cross_includedir}/ini.h diff --git a/packages/libiw/Cargo.toml b/packages/libiw/Cargo.toml deleted file mode 100644 index 87b73bd339e..00000000000 --- a/packages/libiw/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libiw" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://hewlettpackard.github.io/wireless-tools/Tools.html" - -[[package.metadata.build-package.external-files]] -url = "https://hewlettpackard.github.io/wireless-tools/wireless_tools.29.tar.gz" -sha512 = "c169e29d53353e3d65913a5a5ba219752218968b0c036d4bfb25e7f3a9e31fe1e6adfcdbb410116e9c161c99aa3a7314fdc889ba36ba63f002d11ff9dba6974d" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libiw/libiw.spec b/packages/libiw/libiw.spec deleted file mode 100644 index e7aaf8930af..00000000000 --- a/packages/libiw/libiw.spec +++ /dev/null @@ -1,47 +0,0 @@ -Name: %{_cross_os}libiw -Version: 29 -Release: 1%{?dist} -Summary: Library for wireless -License: GPL-2.0-or-later -URL: https://hewlettpackard.github.io/wireless-tools/ -Source0: https://hewlettpackard.github.io/wireless-tools/wireless_tools.%{version}.tar.gz -Patch1: wireless-tools-29-makefile.patch - -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for wireless -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n wireless_tools.%{version} -p1 - -%build -make \ - CC="%{_cross_target}-gcc" \ - OPTFLAGS="%{_cross_cflags}" \ - LDFLAGS="%{_cross_ldflags}" \ - BUILD_SHARED=1 \ - -%install -make \ - INSTALL_INC=%{buildroot}/%{_cross_includedir} \ - INSTALL_LIB=%{buildroot}/%{_cross_libdir} \ - install-dynamic install-hdr - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h - -%changelog diff --git a/packages/libiw/wireless-tools-29-makefile.patch b/packages/libiw/wireless-tools-29-makefile.patch deleted file mode 100644 index 874e2ace83f..00000000000 --- a/packages/libiw/wireless-tools-29-makefile.patch +++ /dev/null @@ -1,39 +0,0 @@ -diff -up wireless_tools.29/Makefile.makefile wireless_tools.29/Makefile ---- wireless_tools.29/Makefile.makefile 2007-09-17 19:56:46.000000000 -0400 -+++ wireless_tools.29/Makefile 2018-06-04 14:34:29.252095389 -0400 -@@ -101,12 +101,15 @@ ifdef BUILD_WE_ESSENTIAL - WEDEF_FLAG= -DWE_ESSENTIAL=y - endif - -+ifndef OPTFLAGS -+ OPTFLAGS= -+endif - # Other flags - CFLAGS=-Os -W -Wall -Wstrict-prototypes -Wmissing-prototypes -Wshadow \ - -Wpointer-arith -Wcast-qual -Winline -I. - #CFLAGS=-O2 -W -Wall -Wstrict-prototypes -I. - DEPFLAGS=-MMD --XCFLAGS=$(CFLAGS) $(DEPFLAGS) $(WARN) $(HEADERS) $(WELIB_FLAG) $(WEDEF_FLAG) -+XCFLAGS=$(CFLAGS) $(DEPFLAGS) $(WARN) $(HEADERS) $(WELIB_FLAG) $(WEDEF_FLAG) $(OPTFLAGS) - PICFLAG=-fPIC - - # Standard compilation targets -@@ -117,7 +120,7 @@ all:: $(IWLIB) $(PROGS) - %.o: %.c wireless.h - $(CC) $(XCFLAGS) -c $< - %.so: %.c wireless.h -- $(CC) $(XCFLAGS) $(PICFLAG) -c -o $@ $< -+ $(CC) $(LDFLAGS) $(XCFLAGS) $(PICFLAG) -c -o $@ $< - - iwconfig: iwconfig.o $(IWLIB) - -@@ -145,7 +148,8 @@ wireless.h: - - # Compilation of the dynamic library - $(DYNAMIC): $(OBJS:.o=.so) -- $(CC) -shared -o $@ -Wl,-soname,$@ $(STRIPFLAGS) $(LIBS) -lc $^ -+ $(CC) $(LDFLAGS) -shared -o $@ -Wl,-soname,$@ $(STRIPFLAGS) $(LIBS) -lc $^ -+ ln -s $@ $(DYNAMIC_LINK) - - # Compilation of the static library - $(STATIC): $(OBJS:.o=.so) diff --git a/packages/libkcapi/Cargo.toml b/packages/libkcapi/Cargo.toml deleted file mode 100644 index cd7ad6a29b7..00000000000 --- a/packages/libkcapi/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libkcapi" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/smuellerDD/libkcapi/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/smuellerDD/libkcapi/archive/v1.5.0/libkcapi-1.5.0.tar.gz" -sha512 = "510d0606cdc9479a77ed07bd3ac59b07c3996402a85cee012e6836d0a31cb06f5b7f715cdb76f3745784aab3154595caec4537b4c774236a139ebfe6e1a8be9b" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libkcapi/libkcapi.spec b/packages/libkcapi/libkcapi.spec deleted file mode 100644 index f68fc2938a7..00000000000 --- a/packages/libkcapi/libkcapi.spec +++ /dev/null @@ -1,79 +0,0 @@ -# libkcapi since 85bce6035b (1.5.0) uses sha512hmac with the same key for all -# self-checks. Earlier versions used sha256hmac with a different key to check -# the shared library. -%global openssl_sha512_hmac openssl sha512 -hmac FIPS-FTW-RHT2009 -hex - -# We need to compute the HMAC after the binaries have been stripped. -%define __spec_install_post\ -%{?__debug_package:%{__debug_install_post}}\ -%{__arch_install_post}\ -%{__os_install_post}\ -cd %{buildroot}/%{_cross_bindir}\ -%openssl_sha512_hmac kcapi-hasher\\\ - | awk '{ print $2 }' > .kcapi-hasher.hmac\ -ln -s .kcapi-hasher.hmac .sha512hmac.hmac\ -cd %{buildroot}/%{_cross_libdir}\ -%openssl_sha512_hmac libkcapi.so.%{version}\\\ - | awk '{ print $2 }' > .libkcapi.so.%{version}.hmac\ -ln -s .libkcapi.so.%{version}.hmac .libkcapi.so.1.hmac\ -%{nil} - -Name: %{_cross_os}libkcapi -Version: 1.5.0 -Release: 1%{?dist} -Summary: Library for kernel crypto API -License: BSD-3-Clause OR GPL-2.0-only -URL: https://www.chronox.de/libkcapi/html/index.html -Source0: https://github.com/smuellerDD/libkcapi/archive/v%{version}/libkcapi-%{version}.tar.gz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for kernel crypto API -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libkcapi-%{version} -p1 - -%build -autoreconf -fi -%cross_configure \ - --enable-static \ - --enable-shared \ - --enable-kcapi-hasher \ - -%force_disable_rpath - -%make_build - -%install -%make_install - -ln -s kcapi-hasher %{buildroot}%{_cross_bindir}/sha512hmac -find %{buildroot} -type f -name '*.hmac' -delete - -%files -%license COPYING COPYING.bsd COPYING.gplv2 -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%{_cross_libdir}/.*.so.*.hmac -%{_cross_bindir}/kcapi-hasher -%{_cross_bindir}/.kcapi-hasher.hmac -%{_cross_bindir}/sha512hmac -%{_cross_bindir}/.sha512hmac.hmac - -%exclude %{_cross_libexecdir}/libkcapi -%exclude %{_cross_mandir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%{_cross_includedir}/kcapi.h -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/libmnl/Cargo.toml b/packages/libmnl/Cargo.toml deleted file mode 100644 index 24027e13357..00000000000 --- a/packages/libmnl/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libmnl" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "http://netfilter.org/projects/libmnl/files" - -[[package.metadata.build-package.external-files]] -url = "http://netfilter.org/projects/libmnl/files/libmnl-1.0.5.tar.bz2" -sha512 = "16fa48e74c9da7724a85c655dfb0abd8369392627934639d65de951543e1447ac3e048d231248f1ce8861443c2ef62654a85a81feeedbbffaf2e5744f6cf4c9f" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libmnl/libmnl.spec b/packages/libmnl/libmnl.spec deleted file mode 100644 index f2a0866c7ad..00000000000 --- a/packages/libmnl/libmnl.spec +++ /dev/null @@ -1,45 +0,0 @@ -Name: %{_cross_os}libmnl -Version: 1.0.5 -Release: 1%{?dist} -Summary: Library for netlink -License: LGPL-2.1-or-later -URL: http://netfilter.org/projects/libmnl -Source0: http://netfilter.org/projects/libmnl/files/libmnl-%{version}.tar.bz2 -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for netlink -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libmnl-%{version} -p1 - -%build -%cross_configure \ - --enable-static - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/libmnl -%{_cross_includedir}/libmnl/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libncurses/Cargo.toml b/packages/libncurses/Cargo.toml deleted file mode 100644 index 65ef24cc264..00000000000 --- a/packages/libncurses/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libncurses" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://invisible-mirror.net/archives/ncurses/current/" - -[[package.metadata.build-package.external-files]] -url = "https://invisible-mirror.net/archives/ncurses/current/ncurses-6.4-20231209.tgz" -sha512 = "293b91b20f676230e28dadfc6ec811ac898e56d558d919566bf515d91ee9bd5df222f56da593d5ce249550a38ad4a9d206df2761f170c7738c9e8a3ea564e42a" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libncurses/libncurses.spec b/packages/libncurses/libncurses.spec deleted file mode 100644 index 97768617469..00000000000 --- a/packages/libncurses/libncurses.spec +++ /dev/null @@ -1,112 +0,0 @@ -%global ncurses_ver 6.4 -%global ncurses_rev 20231209 - -Name: %{_cross_os}libncurses -Version: %{ncurses_ver} -Release: %{ncurses_rev}%{?dist} -Summary: Ncurses libraries -License: X11 -URL: https://invisible-island.net/ncurses/ncurses.html -Source0: https://invisible-mirror.net/archives/ncurses/current/ncurses-%{ncurses_ver}-%{ncurses_rev}.tgz -Patch1: ncurses-config.patch -Patch2: ncurses-libs.patch -Patch3: ncurses-urxvt.patch -Patch4: ncurses-kbs.patch -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the ncurses libraries. -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n ncurses-%{ncurses_ver}-%{ncurses_rev} -p1 - -%build -%cross_configure \ - --disable-big-core \ - --disable-rpath \ - --disable-rpath-hack \ - --disable-stripping \ - --disable-wattr-macros \ - --enable-colorfgbg \ - --enable-const \ - --enable-echo \ - --enable-ext-colors \ - --enable-hard-tabs \ - --enable-overwrite \ - --enable-pc-files \ - --enable-widec \ - --enable-xmc-glitch \ - --with-abi-version=6 \ - --with-ospeed=unsigned \ - --with-pkg-config-libdir=%{_cross_pkgconfigdir} \ - --with-shared \ - --with-terminfo-dirs=%{_cross_sysconfdir}/terminfo:%{_cross_datadir}/terminfo \ - --with-termlib=tinfo \ - --with-ticlib=tic \ - --with-xterm-kbs=DEL \ - --without-ada \ - --without-cxx \ - --without-cxx-binding \ - --without-gpm \ - --without-manpages \ - --without-normal \ - --without-profile \ - --without-progs \ - --without-tests - -make %{?_smp_mflags} libs - -%install -make DESTDIR=%{buildroot} install.{libs,data,includes} -chmod 755 %{buildroot}%{_cross_libdir}/lib*.so.*.* -chmod 644 %{buildroot}%{_cross_libdir}/lib*.a -mkdir -p %{buildroot}%{_cross_sysconfdir}/terminfo -rm -rf "%{buildroot}%{_cross_libdir}/terminfo" -rm -rf "%{buildroot}%{_cross_datadir}/tabset" - -mv "%{buildroot}%{_cross_datadir}/terminfo"{,.bak} -for t in \ - a/ansi \ - d/dumb \ - l/linux \ - s/screen \ - s/screen-256color \ - v/vt100 \ - v/vt102 \ - v/vt200 \ - v/vt220 \ - x/xterm \ - x/xterm+256color \ - x/xterm-256color \ - x/xterm-color \ - x/xterm-xfree86 \ -; -do - install -D -m 0644 \ - %{buildroot}%{_cross_datadir}/terminfo.bak/${t} \ - %{buildroot}%{_cross_datadir}/terminfo/${t} -done -rm -rf "%{buildroot}%{_cross_datadir}/terminfo.bak" - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/lib*.so.6* -%dir %{_cross_datadir}/terminfo -%{_cross_datadir}/terminfo/* - -%files devel -%exclude %{_cross_bindir}/ncurses*-config -%{_cross_libdir}/lib*.so -%{_cross_libdir}/lib*.a -%{_cross_includedir}/*.h -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/libncurses/ncurses-config.patch b/packages/libncurses/ncurses-config.patch deleted file mode 100644 index fc326fc5841..00000000000 --- a/packages/libncurses/ncurses-config.patch +++ /dev/null @@ -1,56 +0,0 @@ -diff -up ncurses-6.3-20221126/misc/gen-pkgconfig.in.config ncurses-6.3-20221126/misc/gen-pkgconfig.in ---- ncurses-6.3-20221126/misc/gen-pkgconfig.in.config 2022-10-08 18:45:20.000000000 +0200 -+++ ncurses-6.3-20221126/misc/gen-pkgconfig.in 2022-11-29 17:04:43.353766420 +0100 -@@ -83,7 +83,7 @@ if [ "$includedir" != "/usr/include" ]; - fi - - lib_flags= --for opt in -L$libdir @EXTRA_PKG_LDFLAGS@ @LIBS@ -+for opt in -L$libdir @LIBS@ - do - case $opt in - -l*) # LIBS is handled specially below -diff -up ncurses-6.3-20221126/misc/ncurses-config.in.config ncurses-6.3-20221126/misc/ncurses-config.in ---- ncurses-6.3-20221126/misc/ncurses-config.in.config 2022-07-26 23:36:28.000000000 +0200 -+++ ncurses-6.3-20221126/misc/ncurses-config.in 2022-11-29 17:06:04.381597412 +0100 -@@ -41,7 +41,6 @@ exec_prefix="@exec_prefix@" - - bindir="@bindir@" - includedir="@includedir@" --libdir="@libdir@" - datarootdir="@datarootdir@" - datadir="@datadir@" - mandir="@mandir@" -@@ -101,7 +100,7 @@ fi - # There is no portable way to find the list of standard library directories. - # Require a POSIX shell anyway, to keep this simple. - lib_flags= --for opt in -L$libdir @EXTRA_PKG_LDFLAGS@ $LIBS -+for opt in $LIBS - do - case $opt in - -specs*) # ignore linker specs-files which were used to build library -@@ -120,13 +119,13 @@ do - lib_check=`echo "x$opt" | sed -e 's/^.-L//'` - [ -d "$lib_check" ] || continue - case "$lib_check" in -- @LD_SEARCHPATH@) # skip standard libdir -+ ////) # skip standard libdir (disabled for multilib) - if [ "$lib_check" = "$libdir" ] - then - lib_first=yes - IFS_save="$IFS" - IFS='|' -- LIBDIRS="@LD_SEARCHPATH@" -+ LIBDIRS="" - for lib_check in $LIBDIRS - do - if [ -d "$lib_check" ] -@@ -274,7 +273,6 @@ ENDECHO - echo "$INCS" - ;; - --libdir) -- echo "${libdir}" - ;; - --mandir) - echo "${mandir}" diff --git a/packages/libncurses/ncurses-kbs.patch b/packages/libncurses/ncurses-kbs.patch deleted file mode 100644 index 78d91e59d62..00000000000 --- a/packages/libncurses/ncurses-kbs.patch +++ /dev/null @@ -1,29 +0,0 @@ -diff -up ncurses-6.4-20230107/misc/terminfo.src.kbs ncurses-6.4-20230107/misc/terminfo.src ---- ncurses-6.4-20230107/misc/terminfo.src.kbs 2023-01-09 14:47:05.097093771 +0100 -+++ ncurses-6.4-20230107/misc/terminfo.src 2023-01-09 14:47:05.100093766 +0100 -@@ -6711,7 +6711,7 @@ rxvt-basic|rxvt terminal base (X Window - enacs=\E(B\E)0, flash=\E[?5h$<100/>\E[?5l, home=\E[H, - ht=^I, hts=\EH, ich=\E[%p1%d@, il=\E[%p1%dL, il1=\E[L, - ind=\n, is1=\E[?47l\E=\E[?1l, -- is2=\E[r\E[m\E[2J\E[H\E[?7h\E[?1;3;4;6l\E[4l, kbs=^H, -+ is2=\E[r\E[m\E[2J\E[H\E[?7h\E[?1;3;4;6l\E[4l, - kcbt=\E[Z, kmous=\E[M, rc=\E8, rev=\E[7m, ri=\EM, rmacs=^O, - rmir=\E[4l, rmkx=\E>, rmso=\E[27m, rmul=\E[24m, - rs1=\E>\E[1;3;4;5;6l\E[?7h\E[m\E[r\E[2J\E[H, -@@ -6722,7 +6722,7 @@ rxvt-basic|rxvt terminal base (X Window - %p9%t\016%e\017%;, - sgr0=\E[0m\017, smacs=^N, smir=\E[4h, smkx=\E=, smso=\E[7m, - smul=\E[4m, tbc=\E[3g, use=xterm+alt47, use=vt100+enq, -- use=rxvt+pcfkeys, use=vt220+cvis, use=vt220+keypad, -+ use=rxvt+pcfkeys, use=vt220+cvis, use=vt220+keypad, use=xterm+kbs, - # Key Codes from rxvt reference: - # - # Note: Shift + F1-F10 generates F11-F20 -@@ -8523,6 +8523,7 @@ screen.xterm-r6|screen customized for X1 - # on Solaris because Sun's curses implementation gets confused. - screen.teraterm|disable ncv in teraterm, - ncv#127, -+ kbs=^H, - acsc=+\020\,\021-\030.^Y0\333`\004a\261f\370g\361h\260i - \316j\331k\277l\332m\300n\305o~p\304q\304r\304s_t\303u - \264v\301w\302x\263y\363z\362{\343|\330}\234~\376, diff --git a/packages/libncurses/ncurses-libs.patch b/packages/libncurses/ncurses-libs.patch deleted file mode 100644 index 401da11b9de..00000000000 --- a/packages/libncurses/ncurses-libs.patch +++ /dev/null @@ -1,58 +0,0 @@ -diff -up ncurses-6.2-20210306/c++/Makefile.in.libs ncurses-6.2-20210306/c++/Makefile.in ---- ncurses-6.2-20210306/c++/Makefile.in.libs 2021-01-23 21:42:08.000000000 +0100 -+++ ncurses-6.2-20210306/c++/Makefile.in 2021-03-11 12:02:29.576741101 +0100 -@@ -118,7 +118,7 @@ SHLIB_LIST = $(SHLIB_DIRS) \ - -l@FORM_NAME@@USE_LIB_SUFFIX@ \ - -l@MENU_NAME@@USE_LIB_SUFFIX@ \ - -l@PANEL_NAME@@USE_LIB_SUFFIX@ \ -- -lncurses@USE_LIB_SUFFIX@ @SHLIB_LIST@ -+ -lncurses@USE_LIB_SUFFIX@ #@SHLIB_LIST@ - - LIBROOT = ncurses++ - -@@ -153,8 +153,7 @@ LDFLAGS_SHARED = $(TEST_LDFLAGS) $(CFLAG - LDFLAGS_DEFAULT = $(LINK_@DFT_UPR_MODEL@) $(LDFLAGS_@DFT_UPR_MODEL@) - - # flags for library built by this makefile --LDFLAGS = $(TEST_ARGS) @LDFLAGS@ \ -- @LD_MODEL@ $(TEST_LIBS) @LIBS@ $(CXXLIBS) -+LDFLAGS = @LDFLAGS@ @LD_MODEL@ @LIBS@ $(CXXLIBS) - - AUTO_SRC = \ - etip.h -diff -up ncurses-6.2-20210306/form/Makefile.in.libs ncurses-6.2-20210306/form/Makefile.in ---- ncurses-6.2-20210306/form/Makefile.in.libs 2021-01-23 21:42:08.000000000 +0100 -+++ ncurses-6.2-20210306/form/Makefile.in 2021-03-11 12:00:59.001470707 +0100 -@@ -110,7 +110,7 @@ LINK = $(LIBTOOL_LINK) - LDFLAGS = @LDFLAGS@ @LD_MODEL@ @LIBS@ - - SHLIB_DIRS = -L../lib --SHLIB_LIST = $(SHLIB_DIRS) -lncurses@USE_LIB_SUFFIX@ @SHLIB_LIST@ -+SHLIB_LIST = $(SHLIB_DIRS) -lncurses@USE_LIB_SUFFIX@ #@SHLIB_LIST@ - - RPATH_LIST = @RPATH_LIST@ - RESULTING_SYMS = @RESULTING_SYMS@ -diff -up ncurses-6.2-20210306/menu/Makefile.in.libs ncurses-6.2-20210306/menu/Makefile.in ---- ncurses-6.2-20210306/menu/Makefile.in.libs 2020-08-29 16:50:45.000000000 +0200 -+++ ncurses-6.2-20210306/menu/Makefile.in 2021-03-11 12:00:59.002470754 +0100 -@@ -110,7 +110,7 @@ LINK = $(LIBTOOL_LINK) - LDFLAGS = @LDFLAGS@ @LD_MODEL@ @LIBS@ - - SHLIB_DIRS = -L../lib --SHLIB_LIST = $(SHLIB_DIRS) -lncurses@USE_LIB_SUFFIX@ @SHLIB_LIST@ -+SHLIB_LIST = $(SHLIB_DIRS) -lncurses@USE_LIB_SUFFIX@ #@SHLIB_LIST@ - - RPATH_LIST = @RPATH_LIST@ - RESULTING_SYMS = @RESULTING_SYMS@ -diff -up ncurses-6.2-20210306/panel/Makefile.in.libs ncurses-6.2-20210306/panel/Makefile.in ---- ncurses-6.2-20210306/panel/Makefile.in.libs 2020-08-29 16:50:45.000000000 +0200 -+++ ncurses-6.2-20210306/panel/Makefile.in 2021-03-11 12:00:59.002470754 +0100 -@@ -112,7 +112,7 @@ LINK = $(LIBTOOL_LINK) - LDFLAGS = @LDFLAGS@ @LD_MODEL@ @LIBS@ - - SHLIB_DIRS = -L../lib --SHLIB_LIST = $(SHLIB_DIRS) -lncurses@USE_LIB_SUFFIX@ @SHLIB_LIST@ -+SHLIB_LIST = $(SHLIB_DIRS) -lncurses@USE_LIB_SUFFIX@ #@SHLIB_LIST@ - - RPATH_LIST = @RPATH_LIST@ - RESULTING_SYMS = @RESULTING_SYMS@ diff --git a/packages/libncurses/ncurses-urxvt.patch b/packages/libncurses/ncurses-urxvt.patch deleted file mode 100644 index 92f21690328..00000000000 --- a/packages/libncurses/ncurses-urxvt.patch +++ /dev/null @@ -1,185 +0,0 @@ -diff -up ncurses-6.0-20150810/misc/terminfo.src.urxvt ncurses-6.0-20150810/misc/terminfo.src ---- ncurses-6.0-20150810/misc/terminfo.src.urxvt 2015-07-25 21:27:20.000000000 +0200 -+++ ncurses-6.0-20150810/misc/terminfo.src 2015-08-12 17:38:46.050362567 +0200 -@@ -5214,6 +5214,181 @@ rxvt-cygwin-native|rxvt terminal emulato - rxvt-16color|rxvt with 16 colors like aixterm, - ncv#32, use=ibm+16color, use=rxvt, - -+# rxvt-unicode -+# http://cvs.schmorp.de/rxvt-unicode/doc/etc/rxvt-unicode.terminfo?revision=1.34 -+# From: Thomas Dickey 04 Oct 1997 -+# Updated: Özgür Kesim 02 Nov 1997 -+# Updated: Marc Lehmann , 17 Feb 2005 -+# Updated: Marc Lehmann , 04 Nov 2008: change init/reset sequences -+# Updated: Marc Lehmann , 24 Nov 2014: implement cvvis as blinking cursor -+# Updated: Marc Lehmann , 13 Dec 2014: removed superfluous 0 from sgr -+# Updated: Robbie Harwood , 25 Oct 2019: restore deleted rxvt-unicode-256color -+rxvt-unicode|rxvt-unicode terminal (X Window System), -+ am, -+ bce, -+ eo, -+ km, -+ msgr, -+ xenl, -+ hs, -+ cols#80, -+ it#8, -+ lines#24, -+ acsc=``aaffggjjkkllmmnnooppqqrrssttuuvvwwxxyyzz{{||}}~~-A.B+C\,D0EhFiG, -+ bel=^G, -+ blink=\E[5m, -+ bold=\E[1m, -+ clear=\E[H\E[2J, -+ civis=\E[?25l, -+ cnorm=\E[?12l\E[?25h, -+ cvvis=\E[?12;25h, -+ cr=^M, -+ csr=\E[%i%p1%d;%p2%dr, -+ cub=\E[%p1%dD, -+ cub1=^H, -+ cud=\E[%p1%dB, -+ cud1=^J, -+ cuf=\E[%p1%dC, -+ cuf1=\E[C, -+ cup=\E[%i%p1%d;%p2%dH, -+ cuu=\E[%p1%dA, -+ cuu1=\E[A, -+ dch=\E[%p1%dP, -+ dch1=\E[P, -+ dl=\E[%p1%dM, -+ dl1=\E[M, -+ ed=\E[J, -+ el=\E[K, -+ el1=\E[1K, -+ flash=\E[?5h$<20/>\E[?5l, -+ home=\E[H, -+ hpa=\E[%i%p1%dG, -+ ht=^I, -+ hts=\EH, -+ ich=\E[%p1%d@, -+ ich1=\E[@, -+ il=\E[%p1%dL, -+ il1=\E[L, -+ ind=^J, -+ is1=\E[\041p, -+ is2=\E[r\E[m\E[2J\E[?7;25h\E[?1;3;4;5;6;9;66;1000;1001;1049l\E[4l, -+ kDC=\E[3$, -+ kIC=\E[2$, -+ kEND=\E[8$, -+ kHOM=\E[7$, -+ kLFT=\E[d, -+ kNXT=\E[6$, -+ kPRV=\E[5$, -+ kRIT=\E[c, -+ kbs=\177, -+ ka1=\EOw, -+ ka3=\EOy, -+ kb2=\EOu, -+ kc1=\EOq, -+ kc3=\EOs, -+ kcbt=\E[Z, -+ kcub1=\E[D, -+ kcud1=\E[B, -+ kcuf1=\E[C, -+ kcuu1=\E[A, -+ kdch1=\E[3~, -+ kel=\E[8\^, -+ kend=\E[8~, -+ kent=\EOM, -+ kf1=\E[11~, -+ kf10=\E[21~, -+ kf11=\E[23~, -+ kf12=\E[24~, -+ kf13=\E[25~, -+ kf14=\E[26~, -+ kf15=\E[28~, -+ kf16=\E[29~, -+ kf17=\E[31~, -+ kf18=\E[32~, -+ kf19=\E[33~, -+ kf2=\E[12~, -+ kf20=\E[34~, -+ kf3=\E[13~, -+ kf4=\E[14~, -+ kf5=\E[15~, -+ kf6=\E[17~, -+ kf7=\E[18~, -+ kf8=\E[19~, -+ kf9=\E[20~, -+ kfnd=\E[1~, -+ khome=\E[7~, -+ kich1=\E[2~, -+ kmous=\E[M, -+ knp=\E[6~, -+ kpp=\E[5~, -+ kslt=\E[4~, -+ rc=\E8, -+ rev=\E[7m, -+ ri=\EM, -+ rmso=\E[27m, -+ rmul=\E[24m, -+ rs1=\Ec, -+ rs2=\E[r\E[m\E[?7;25h\E[?1;3;4;5;6;9;66;1000;1001;1049l\E[4l, -+ sgr0=\E[m\E(B, -+ enacs=, -+ smacs=\E(0, -+ rmacs=\E(B, -+ smso=\E[7m, -+ smul=\E[4m, -+ tbc=\E[3g, -+ vpa=\E[%i%p1%dd, -+ colors#88, -+ pairs#7744, -+ btns#5, -+ lm#0, -+ ccc, -+ npc, -+ mc5i, -+ ncv#0, -+ mir, -+ xon, -+ bw, -+ ech=\E[%p1%dX, -+ mc0=\E[i, -+ mc4=\E[4i, -+ mc5=\E[5i, -+ sitm=\E[3m, -+ ritm=\E[23m, -+ smam=\E[?7h, -+ rmam=\E[?7l, -+ smir=\E[4h, -+ rmir=\E[4l, -+ smcup=\E[?1049h, -+ rmcup=\E[r\E[?1049l, -+ smkx=\E=, -+ rmkx=\E>, -+ indn=\E[%p1%dS, -+ rin=\E[%p1%dT, -+ sgr=\E[%?%p6%t;1%;%?%p2%t;4%;%?%p1%p3%|%t;7%;%?%p4%t;5%;%?%p7%t;8%;m%?%p9%t\E(0%e\E(B%;, -+ op=\E[39;49m, -+ setaf=\E[38;5;%p1%dm, -+ setab=\E[48;5;%p1%dm, -+ setf=%?%p1%{7}%>%t\E[38;5;%p1%dm%e\E[3%?%p1%{1}%=%t4%e%p1%{3}%=%t6%e%p1%{4}%=%t1%e%p1%{6}%=%t3%e%p1%d%;m%;, -+ setb=%?%p1%{7}%>%t\E[48;5;%p1%dm%e\E[4%?%p1%{1}%=%t4%e%p1%{3}%=%t6%e%p1%{4}%=%t1%e%p1%{6}%=%t3%e%p1%d%;m%;, -+ initc=\E]4;%p1%d;rgb\:%p2%{65535}%*%{1000}%/%4.4X/%p3%{65535}%*%{1000}%/%4.4X/%p4%{65535}%*%{1000}%/%4.4X\E\\, -+ sc=\E7, -+ s0ds=\E(B, -+ s1ds=\E(0, -+ s2ds=\E*B, -+ s3ds=\E+B, -+ u6=\E[%i%d;%dR, -+ u7=\E[6n, -+ u8=\E[?1;2c, -+ u9=\E[c, -+ tsl=\E]2;, -+ fsl=\007, -+ dsl=\E]2;\007, -+ -+rxvt-unicode-256color|rxvt-unicode terminal with 256 colors (X Window System), -+ colors#256, -+ pairs#32767, -+ use=rxvt-unicode, -+ - #### MRXVT - # mrxvt 0.5.4 - # diff --git a/packages/libnetfilter_conntrack/Cargo.toml b/packages/libnetfilter_conntrack/Cargo.toml deleted file mode 100644 index 574818e5547..00000000000 --- a/packages/libnetfilter_conntrack/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "libnetfilter_conntrack" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://netfilter.org/projects/libnetfilter_conntrack/files" - -[[package.metadata.build-package.external-files]] -url = "https://netfilter.org/projects/libnetfilter_conntrack/files/libnetfilter_conntrack-1.0.9.tar.bz2" -sha512 = "e8b03425aaba3b72e6034c215656c34176d0550c08e0455aaeb1365d9141505d0c4feaa8978c8ccf2b7af9db6c9e874ceb866347e533b41cb03a189884f4004c" - -[build-dependencies] -glibc = { path = "../glibc" } -libmnl = { path = "../libmnl" } -libnfnetlink = { path = "../libnfnetlink" } diff --git a/packages/libnetfilter_conntrack/libnetfilter_conntrack.spec b/packages/libnetfilter_conntrack/libnetfilter_conntrack.spec deleted file mode 100644 index 4dff230b3e8..00000000000 --- a/packages/libnetfilter_conntrack/libnetfilter_conntrack.spec +++ /dev/null @@ -1,50 +0,0 @@ -Name: %{_cross_os}libnetfilter_conntrack -Version: 1.0.9 -Release: 1%{?dist} -Summary: Library for netfilter conntrack -License: GPL-2.0-or-later -URL: http://netfilter.org -Source0: https://netfilter.org/projects/libnetfilter_conntrack/files/libnetfilter_conntrack-%{version}.tar.bz2 -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libmnl-devel -BuildRequires: %{_cross_os}libnfnetlink-devel -Requires: %{_cross_os}libmnl -Requires: %{_cross_os}libnfnetlink - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for netfilter conntrack -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libnetfilter_conntrack-%{version} -p1 - -%build -%cross_configure \ - --disable-rpath \ - --enable-static - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/libnetfilter_conntrack -%{_cross_includedir}/libnetfilter_conntrack/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libnetfilter_cthelper/Cargo.toml b/packages/libnetfilter_cthelper/Cargo.toml deleted file mode 100644 index a4e38e9a2d1..00000000000 --- a/packages/libnetfilter_cthelper/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "libnetfilter_cthelper" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://netfilter.org/projects/libnetfilter_cthelper/files" - -[[package.metadata.build-package.external-files]] -url = "https://netfilter.org/projects/libnetfilter_cthelper/files/libnetfilter_cthelper-1.0.1.tar.bz2" -sha512 = "f0591edd579aee92b62446e2b8fef6af9c404848c42c8da76850bb01aec3567442612f53cf8d3af6ba4d6d920487bff310a4e547bccf595478b1f96b4280eada" - -[build-dependencies] -glibc = { path = "../glibc" } -libmnl = { path = "../libmnl" } diff --git a/packages/libnetfilter_cthelper/libnetfilter_cthelper.spec b/packages/libnetfilter_cthelper/libnetfilter_cthelper.spec deleted file mode 100644 index 1bdbdb0258d..00000000000 --- a/packages/libnetfilter_cthelper/libnetfilter_cthelper.spec +++ /dev/null @@ -1,47 +0,0 @@ -Name: %{_cross_os}libnetfilter_cthelper -Version: 1.0.1 -Release: 1%{?dist} -Summary: Library for netfilter cthelper -License: GPL-2.0-or-later -URL: http://netfilter.org -Source0: https://netfilter.org/projects/libnetfilter_cthelper/files/libnetfilter_cthelper-%{version}.tar.bz2 -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libmnl-devel -Requires: %{_cross_os}libmnl - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for netfilter cthelper -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libnetfilter_cthelper-%{version} -p1 - -%build -%cross_configure \ - --enable-static - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/libnetfilter_cthelper -%{_cross_includedir}/libnetfilter_cthelper/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libnetfilter_cttimeout/Cargo.toml b/packages/libnetfilter_cttimeout/Cargo.toml deleted file mode 100644 index 2aa3234f446..00000000000 --- a/packages/libnetfilter_cttimeout/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "libnetfilter_cttimeout" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://netfilter.org/projects/libnetfilter_cttimeout/files" - -[[package.metadata.build-package.external-files]] -url = "https://netfilter.org/projects/libnetfilter_cttimeout/files/libnetfilter_cttimeout-1.0.1.tar.bz2" -sha512 = "3f7886b2b8c67fb45d9f6d03f8a327d0f04072abf75ec0fa310f4a321a1749607e79b48f47c8b8488f9833734689419264afada0cbc1f0360a5ae9e17d4a1100" - -[build-dependencies] -glibc = { path = "../glibc" } -libmnl = { path = "../libmnl" } diff --git a/packages/libnetfilter_cttimeout/libnetfilter_cttimeout.spec b/packages/libnetfilter_cttimeout/libnetfilter_cttimeout.spec deleted file mode 100644 index b5bdb06511b..00000000000 --- a/packages/libnetfilter_cttimeout/libnetfilter_cttimeout.spec +++ /dev/null @@ -1,47 +0,0 @@ -Name: %{_cross_os}libnetfilter_cttimeout -Version: 1.0.1 -Release: 1%{?dist} -Summary: Library for netfilter cttimeout -License: GPL-2.0-or-later -URL: http://netfilter.org -Source0: https://netfilter.org/projects/libnetfilter_cttimeout/files/libnetfilter_cttimeout-%{version}.tar.bz2 -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libmnl-devel -Requires: %{_cross_os}libmnl - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for netfilter cttimeout -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libnetfilter_cttimeout-%{version} -p1 - -%build -%cross_configure \ - --enable-static - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/libnetfilter_cttimeout -%{_cross_includedir}/libnetfilter_cttimeout/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libnetfilter_queue/Cargo.toml b/packages/libnetfilter_queue/Cargo.toml deleted file mode 100644 index ef6ed3b04c6..00000000000 --- a/packages/libnetfilter_queue/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "libnetfilter_queue" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://netfilter.org/projects/libnetfilter_queue/files" - -[[package.metadata.build-package.external-files]] -url = "https://netfilter.org/projects/libnetfilter_queue/files/libnetfilter_queue-1.0.5.tar.bz2" -sha512 = "732a44b602e5efaa4f5582ea25ff8f5ec8f4dca5c0e725cd93fe2d441db80416b25c6018147be90acb262d7428eb5b21b3f7b5920e612d115061ec6a19d67f85" - -[build-dependencies] -glibc = { path = "../glibc" } -libmnl = { path = "../libmnl" } -libnfnetlink = { path = "../libnfnetlink" } diff --git a/packages/libnetfilter_queue/libnetfilter_queue.spec b/packages/libnetfilter_queue/libnetfilter_queue.spec deleted file mode 100644 index aa02eccda0c..00000000000 --- a/packages/libnetfilter_queue/libnetfilter_queue.spec +++ /dev/null @@ -1,49 +0,0 @@ -Name: %{_cross_os}libnetfilter_queue -Version: 1.0.5 -Release: 1%{?dist} -Summary: Library for netfilter queue -License: GPL-2.0-or-later -URL: http://netfilter.org -Source0: https://netfilter.org/projects/libnetfilter_queue/files/libnetfilter_queue-%{version}.tar.bz2 -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libmnl-devel -BuildRequires: %{_cross_os}libnfnetlink-devel -Requires: %{_cross_os}libmnl -Requires: %{_cross_os}libnfnetlink - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for netfilter queue -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libnetfilter_queue-%{version} -p1 - -%build -%cross_configure \ - --enable-static - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/libnetfilter_queue -%{_cross_includedir}/libnetfilter_queue/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libnfnetlink/Cargo.toml b/packages/libnfnetlink/Cargo.toml deleted file mode 100644 index d3cffc7b2d6..00000000000 --- a/packages/libnfnetlink/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libnfnetlink" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "http://netfilter.org/projects/libnfnetlink/files" - -[[package.metadata.build-package.external-files]] -url = "http://netfilter.org/projects/libnfnetlink/files/libnfnetlink-1.0.2.tar.bz2" -sha512 = "a5e9ae22831f1d17703f83953f3b0ef898e8b3fa7f0f771b038db51816ddae3158574380ac4d45c09fb8fbb8677e2ccdcc5c4736e3b09de06eac99f899130854" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libnfnetlink/libnfnetlink.spec b/packages/libnfnetlink/libnfnetlink.spec deleted file mode 100644 index d8c1a3f2fe6..00000000000 --- a/packages/libnfnetlink/libnfnetlink.spec +++ /dev/null @@ -1,45 +0,0 @@ -Name: %{_cross_os}libnfnetlink -Version: 1.0.2 -Release: 1%{?dist} -Summary: Library for netfilter netlink -License: GPL-2.0-only -URL: http://netfilter.org -Source0: http://netfilter.org/projects/libnfnetlink/files/libnfnetlink-%{version}.tar.bz2 -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for netfilter netlink -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libnfnetlink-%{version} -p1 - -%build -%cross_configure \ - --enable-static - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/libnfnetlink -%{_cross_includedir}/libnfnetlink/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libnftnl/Cargo.toml b/packages/libnftnl/Cargo.toml deleted file mode 100644 index 77a069c5cc5..00000000000 --- a/packages/libnftnl/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "libnftnl" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://netfilter.org/projects/libnftnl/files" - -[[package.metadata.build-package.external-files]] -url = "http://netfilter.org/projects/libnftnl/files/libnftnl-1.2.6.tar.xz" -sha512 = "0c8c369eec84b0c568f0067598bece6e3be9a0fbd977e443ae3b14a5a6d842a6086ceb5426a65f8c77204709655f148c1241193f1a928f8c12154a57e3548b34" - -[build-dependencies] -glibc = { path = "../glibc" } -libmnl = { path = "../libmnl" } diff --git a/packages/libnftnl/libnftnl.spec b/packages/libnftnl/libnftnl.spec deleted file mode 100644 index 810e7e159d3..00000000000 --- a/packages/libnftnl/libnftnl.spec +++ /dev/null @@ -1,49 +0,0 @@ -Name: %{_cross_os}libnftnl -Version: 1.2.6 -Release: 1%{?dist} -Summary: Library for nftables netlink -License: GPL-2.0-or-later AND GPL-2.0-only -URL: http://netfilter.org/projects/libnftnl/ -Source0: https://netfilter.org/projects/libnftnl/files/libnftnl-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libmnl-devel -Requires: %{_cross_os}libmnl - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for nftables netlink -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libnftnl-%{version} -p1 - -%build -%cross_configure \ - --disable-silent-rules \ - --enable-static \ - --without-json-parsing \ - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/libnftnl -%{_cross_includedir}/libnftnl/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libnl/Cargo.toml b/packages/libnl/Cargo.toml deleted file mode 100644 index c52b72bfa83..00000000000 --- a/packages/libnl/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libnl" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/thom311/libnl/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/thom311/libnl/archive/libnl3_9_0.tar.gz" -sha512 = "7182752ccd3663f14fc7bce20d134c42e54b8305b67e44e509027aab0150a5ef056f373332d22f87386a827f8ca8b7bdaf2bd5d410982210d28ec071f31ccc73" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libnl/libnl.spec b/packages/libnl/libnl.spec deleted file mode 100644 index 7e0ed1e384e..00000000000 --- a/packages/libnl/libnl.spec +++ /dev/null @@ -1,54 +0,0 @@ -%global rpmver 3.9.0 -%global srcver 3_9_0 - -Name: %{_cross_os}libnl -Version: %{rpmver} -Release: 1%{?dist} -Summary: Convenience library for netlink -License: LGPL-2.1-only -URL: https://github.com/thom311/libnl -Source0: https://github.com/thom311/libnl/archive/libnl%{srcver}.tar.gz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the convenience library for netlink -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libnl-libnl%{srcver} -p1 - -%build -autoreconf -fi -%cross_configure \ - --enable-static \ - --disable-cli \ - -%force_disable_rpath - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_mandir} -%exclude %{_cross_sysconfdir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/libnl3 -%{_cross_includedir}/libnl3 -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libnvidia-container/0001-use-shared-libtirpc.patch b/packages/libnvidia-container/0001-use-shared-libtirpc.patch deleted file mode 100644 index c56d8e2c780..00000000000 --- a/packages/libnvidia-container/0001-use-shared-libtirpc.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 74a4c7432d8e8d5e336c30c6fe2fb8602bb6cc10 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Mon, 20 Sep 2021 23:41:28 +0000 -Subject: [PATCH] use shared libtirpc - -Signed-off-by: Ben Cressey -Signed-off-by: Arnaldo Garcia Rincon ---- - Makefile | 11 ++--------- - 1 file changed, 2 insertions(+), 9 deletions(-) - -diff --git a/Makefile b/Makefile -index 6fb6976..2c7cc93 100644 ---- a/Makefile -+++ b/Makefile -@@ -165,9 +165,8 @@ else - LIB_LDLIBS_STATIC += -l:libelf.a - endif - ifeq ($(WITH_TIRPC), yes) --LIB_CPPFLAGS += -isystem $(DEPS_DIR)$(includedir)/tirpc -DWITH_TIRPC --LIB_LDLIBS_STATIC += -l:libtirpc.a --LIB_LDLIBS_SHARED += -lpthread -+LIB_CPPFLAGS += -DWITH_TIRPC -+LIB_LDLIBS_SHARED += -ltirpc - endif - ifeq ($(WITH_SECCOMP), yes) - LIB_CPPFLAGS += -DWITH_SECCOMP $(shell pkg-config --cflags libseccomp) -@@ -265,9 +264,6 @@ endif - ifeq ($(WITH_LIBELF), no) - $(MAKE) -f $(MAKE_DIR)/elftoolchain.mk DESTDIR=$(DEPS_DIR) install - endif --ifeq ($(WITH_TIRPC), yes) -- $(MAKE) -f $(MAKE_DIR)/libtirpc.mk DESTDIR=$(DEPS_DIR) install --endif - - install: all - $(INSTALL) -d -m 755 $(addprefix $(DESTDIR),$(includedir) $(bindir) $(libdir) $(docdir) $(libdbgdir) $(pkgconfdir)) -@@ -323,9 +319,6 @@ endif - ifeq ($(WITH_LIBELF), no) - -$(MAKE) -f $(MAKE_DIR)/elftoolchain.mk clean - endif --ifeq ($(WITH_TIRPC), yes) -- -$(MAKE) -f $(MAKE_DIR)/libtirpc.mk clean --endif - - mostlyclean: - $(RM) $(LIB_OBJS) $(LIB_STATIC_OBJ) $(BIN_OBJS) $(DEPENDENCIES) --- -2.37.1 - diff --git a/packages/libnvidia-container/0002-use-prefix-from-environment.patch b/packages/libnvidia-container/0002-use-prefix-from-environment.patch deleted file mode 100644 index e6f92651c9b..00000000000 --- a/packages/libnvidia-container/0002-use-prefix-from-environment.patch +++ /dev/null @@ -1,27 +0,0 @@ -From c4f1d3da6387b2d4b6ed6c37a71d9e2a6e65bab7 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Tue, 21 Sep 2021 00:03:42 +0000 -Subject: [PATCH] use prefix from environment - -Signed-off-by: Ben Cressey -Signed-off-by: Arnaldo Garcia Rincon ---- - Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile b/Makefile -index 2c7cc93..54bf0a0 100644 ---- a/Makefile -+++ b/Makefile -@@ -24,7 +24,7 @@ WITH_SECCOMP ?= yes - - ##### Global definitions ##### - --export prefix = /usr/local -+export prefix ?= /usr/local - export exec_prefix = $(prefix) - export bindir = $(exec_prefix)/bin - export libdir = $(exec_prefix)/lib --- -2.37.1 - diff --git a/packages/libnvidia-container/0003-keep-debug-symbols.patch b/packages/libnvidia-container/0003-keep-debug-symbols.patch deleted file mode 100644 index eca2cca855a..00000000000 --- a/packages/libnvidia-container/0003-keep-debug-symbols.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 864c7ab25cde5d8109e17798d5cf2041b559888e Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Tue, 21 Sep 2021 00:22:37 +0000 -Subject: [PATCH] keep debug symbols - -Signed-off-by: Ben Cressey -Signed-off-by: Arnaldo Garcia Rincon ---- - Makefile | 10 ---------- - 1 file changed, 10 deletions(-) - -diff --git a/Makefile b/Makefile -index 54bf0a0..60429d3 100644 ---- a/Makefile -+++ b/Makefile -@@ -221,22 +221,14 @@ $(BIN_OBJS): %.o: %.c | shared - -include $(DEPENDENCIES) - - $(LIB_SHARED): $(LIB_OBJS) -- $(MKDIR) -p $(DEBUG_DIR) - $(CC) $(LIB_CFLAGS) $(LIB_CPPFLAGS) $(LIB_LDFLAGS) $(OUTPUT_OPTION) $^ $(LIB_SCRIPT) $(LIB_LDLIBS) -- $(OBJCPY) --only-keep-debug $@ $(LIB_SONAME) -- $(OBJCPY) --add-gnu-debuglink=$(LIB_SONAME) $@ -- $(MV) $(LIB_SONAME) $(DEBUG_DIR) -- $(STRIP) --strip-unneeded -R .comment $@ - - $(LIB_STATIC_OBJ): $(LIB_OBJS) - # FIXME Handle user-defined LDFLAGS and LDLIBS - $(LD) -d -r --exclude-libs ALL -L$(DEPS_DIR)$(libdir) $(OUTPUT_OPTION) $^ $(LIB_LDLIBS_STATIC) -- $(OBJCPY) --localize-hidden $@ -- $(STRIP) --strip-unneeded -R .comment $@ - - $(BIN_NAME): $(BIN_OBJS) - $(CC) $(BIN_CFLAGS) $(BIN_CPPFLAGS) $(BIN_LDFLAGS) $(OUTPUT_OPTION) $^ $(BIN_SCRIPT) $(BIN_LDLIBS) -- $(STRIP) --strip-unneeded -R .comment $@ - - ##### Public rules ##### - -@@ -278,8 +270,6 @@ ifeq ($(WITH_NVCGO), yes) - $(LN) -sf $(LIBGO_SONAME) $(DESTDIR)$(libdir)/$(LIBGO_SYMLINK) - endif - $(LDCONFIG) -n $(DESTDIR)$(libdir) -- # Install debugging symbols -- $(INSTALL) -m 644 $(DEBUG_DIR)/$(LIB_SONAME) $(DESTDIR)$(libdbgdir) - # Install configuration files - $(MAKE_DIR)/$(LIB_PKGCFG).in "$(strip $(VERSION))" "$(strip $(LIB_LDLIBS_SHARED))" > $(DESTDIR)$(pkgconfdir)/$(LIB_PKGCFG) - # Install binary files --- -2.37.1 - diff --git a/packages/libnvidia-container/0004-Use-NVIDIA_PATH-to-look-up-binaries.patch b/packages/libnvidia-container/0004-Use-NVIDIA_PATH-to-look-up-binaries.patch deleted file mode 100644 index a7997445bf0..00000000000 --- a/packages/libnvidia-container/0004-Use-NVIDIA_PATH-to-look-up-binaries.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 831d6c71e30b8d533123600648bb12cbb225a100 Mon Sep 17 00:00:00 2001 -From: Arnaldo Garcia Rincon -Date: Mon, 1 Nov 2021 16:18:19 +0000 -Subject: [PATCH] Use NVIDIA_PATH to look up binaries - -Signed-off-by: Arnaldo Garcia Rincon ---- - src/nvc_info.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/nvc_info.c b/src/nvc_info.c -index 55c3ba9..56dcbd2 100644 ---- a/src/nvc_info.c -+++ b/src/nvc_info.c -@@ -251,8 +251,8 @@ find_binary_paths(struct error *err, struct dxcore_context* dxcore, struct nvc_d - char path[PATH_MAX]; - int rv = -1; - -- if ((env = secure_getenv("PATH")) == NULL) { -- error_setx(err, "environment variable PATH not found"); -+ if ((env = secure_getenv("NVIDIA_PATH")) == NULL && (env = secure_getenv("PATH")) == NULL) { -+ error_setx(err, "environment variables NVIDIA_PATH/PATH not found"); - return (-1); - } - if ((env = ptr = xstrdup(err, env)) == NULL) --- -2.37.1 - diff --git a/packages/libnvidia-container/0005-makefile-avoid-ldconfig-when-cross-compiling.patch b/packages/libnvidia-container/0005-makefile-avoid-ldconfig-when-cross-compiling.patch deleted file mode 100644 index 1a5939584d2..00000000000 --- a/packages/libnvidia-container/0005-makefile-avoid-ldconfig-when-cross-compiling.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 5bdaf17b05b7cb9620681cbd594ec050237e2403 Mon Sep 17 00:00:00 2001 -From: Arnaldo Garcia Rincon -Date: Tue, 18 Jan 2022 23:57:24 +0000 -Subject: [PATCH] makefile: avoid ldconfig when cross-compiling - -Signed-off-by: Arnaldo Garcia Rincon - -Also create necessary symlinks for `libnvidia-container-go.so` if the -package is compiled `WITH_NVCGO=yes`. - -Signed-off-by: Markus Boehme ---- - Makefile | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/Makefile b/Makefile -index 60429d3..7d4c19b 100644 ---- a/Makefile -+++ b/Makefile -@@ -269,7 +269,10 @@ ifeq ($(WITH_NVCGO), yes) - $(INSTALL) -m 755 $(DEPS_DIR)$(libdir)/$(LIBGO_SHARED) $(DESTDIR)$(libdir) - $(LN) -sf $(LIBGO_SONAME) $(DESTDIR)$(libdir)/$(LIBGO_SYMLINK) - endif -- $(LDCONFIG) -n $(DESTDIR)$(libdir) -+ $(LN) -sf $(LIB_SHARED) $(DESTDIR)$(libdir)/$(LIB_SONAME) -+ifeq ($(WITH_NVCGO), yes) -+ $(LN) -sf $(LIBGO_SHARED) $(DESTDIR)$(libdir)/$(LIBGO_SONAME) -+endif - # Install configuration files - $(MAKE_DIR)/$(LIB_PKGCFG).in "$(strip $(VERSION))" "$(strip $(LIB_LDLIBS_SHARED))" > $(DESTDIR)$(pkgconfdir)/$(LIB_PKGCFG) - # Install binary files --- -2.39.0 - diff --git a/packages/libnvidia-container/Cargo.toml b/packages/libnvidia-container/Cargo.toml deleted file mode 100644 index be1412ce372..00000000000 --- a/packages/libnvidia-container/Cargo.toml +++ /dev/null @@ -1,27 +0,0 @@ -[package] -name = "libnvidia-container" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/NVIDIA/libnvidia-container/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/NVIDIA/libnvidia-container/archive/v1.13.5/libnvidia-container-1.13.5.tar.gz" -sha512 = "00de15c2a0168b0c131eae21e10d186053be7f78021fe28785130ea541f1a592f44042697f01b3bf20717d9a93a85b34c7b510028adcc265cc0ac6f97be2bf0e" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/NVIDIA/nvidia-modprobe/archive/495.44/nvidia-modprobe-495.44.tar.gz" -sha512 = "67486ed1b17c8962786e13880910bb2b1938206a0fd76b360ddef7faf80ee0c941a2e3fbc73fa92a92009e2c54130dce17a466c8079537a981a2fed09c07e4c9" - -[build-dependencies] -glibc = { path = "../glibc" } -libelf = { path = "../libelf" } -libcap = { path = "../libcap" } -libseccomp = { path = "../libseccomp" } -libtirpc = { path = "../libtirpc" } diff --git a/packages/libnvidia-container/libnvidia-container-sysctl.conf b/packages/libnvidia-container/libnvidia-container-sysctl.conf deleted file mode 100644 index 836295cf23a..00000000000 --- a/packages/libnvidia-container/libnvidia-container-sysctl.conf +++ /dev/null @@ -1,5 +0,0 @@ -# Only apply eBPF JIT hardening to programs loaded by unprivileged users. JIT -# hardening prevents existing programs from being read. libnvidia-container-go -# needs a read/modify/write cycle of device eBPF programs attached to a cgroup -# to allowlist GPUs on a cgroup v2 host. -net.core.bpf_jit_harden = 1 diff --git a/packages/libnvidia-container/libnvidia-container.spec b/packages/libnvidia-container/libnvidia-container.spec deleted file mode 100644 index 5b918efeacd..00000000000 --- a/packages/libnvidia-container/libnvidia-container.spec +++ /dev/null @@ -1,89 +0,0 @@ -%global nvidia_modprobe_version 495.44 - -Name: %{_cross_os}libnvidia-container -Version: 1.13.5 -Release: 1%{?dist} -Summary: NVIDIA container runtime library -# The COPYING and COPYING.LESSER files in the sources don't apply to libnvidia-container -# they are there because they apply to libelf in elfutils -License: Apache-2.0 -URL: https://github.com/NVIDIA/libnvidia-container -Source0: https://github.com/NVIDIA/libnvidia-container/archive/v%{version}/libnvidia-container-%{version}.tar.gz -Source1: https://github.com/NVIDIA/nvidia-modprobe/archive/%{nvidia_modprobe_version}/nvidia-modprobe-%{nvidia_modprobe_version}.tar.gz -Source2: libnvidia-container-sysctl.conf - -# First party patches from 1 to 1000 -Patch0001: 0001-use-shared-libtirpc.patch -Patch0002: 0002-use-prefix-from-environment.patch -Patch0003: 0003-keep-debug-symbols.patch -Patch0004: 0004-Use-NVIDIA_PATH-to-look-up-binaries.patch -Patch0005: 0005-makefile-avoid-ldconfig-when-cross-compiling.patch - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libelf-devel -BuildRequires: %{_cross_os}libcap-devel -BuildRequires: %{_cross_os}libseccomp-devel -BuildRequires: %{_cross_os}libtirpc-devel -Requires: %{_cross_os}libelf -Requires: %{_cross_os}libcap -Requires: %{_cross_os}libseccomp -Requires: %{_cross_os}libtirpc - -%description -%{summary}. - -%package devel -Summary: Files for development using the NVIDIA container runtime library -Requires: %{_cross_os}libnvidia-container - -%description devel -%{summary}. - -%prep -%autosetup -Sgit -n libnvidia-container-%{version} -p1 -mkdir -p deps/src/nvidia-modprobe-%{nvidia_modprobe_version} -tar -C deps/src/nvidia-modprobe-%{nvidia_modprobe_version} --strip-components=1 \ - -xzf %{SOURCE1} nvidia-modprobe-%{nvidia_modprobe_version}/{modprobe-utils,COPYING} -patch -d deps/src/nvidia-modprobe-%{nvidia_modprobe_version} -p1 < mk/nvidia-modprobe.patch -touch deps/src/nvidia-modprobe-%{nvidia_modprobe_version}/.download_stamp - -%global set_env \ -%set_cross_build_flags \\\ -%set_cross_go_flags \\\ -export CC=%{_cross_target}-gcc \\\ -export LD=%{_cross_target}-ld \\\ -export CFLAGS="${CFLAGS} -I%{_cross_includedir}/tirpc" \\\ -export WITH_LIBELF=yes \\\ -export WITH_SECCOMP=yes \\\ -export WITH_TIRPC=yes \\\ -export WITH_NVCGO=yes \\\ -export prefix=%{_cross_prefix} \\\ -export DESTDIR=%{buildroot} \\\ -%{nil} - -%build -%set_env -%make_build - -%install -%set_env -%make_install -install -d %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:2} %{buildroot}%{_cross_sysctldir}/90-libnvidia-container.conf - -%files -%license NOTICE LICENSE -%{_cross_attribution_file} -%{_cross_libdir}/libnvidia-container.so -%{_cross_libdir}/libnvidia-container.so.* -%{_cross_libdir}/libnvidia-container-go.so -%{_cross_libdir}/libnvidia-container-go.so.* -%{_cross_bindir}/nvidia-container-cli -%{_cross_sysctldir}/90-libnvidia-container.conf -%exclude %{_cross_docdir} - -%files devel -%{_cross_includedir}/*.h -%{_cross_libdir}/*.so -%{_cross_libdir}/*.a -%{_cross_libdir}/pkgconfig/*.pc diff --git a/packages/libnvme/0001-linux-Fix-uninitialized-variables.patch b/packages/libnvme/0001-linux-Fix-uninitialized-variables.patch deleted file mode 100644 index 9588e921392..00000000000 --- a/packages/libnvme/0001-linux-Fix-uninitialized-variables.patch +++ /dev/null @@ -1,40 +0,0 @@ -From a0803d1d6fb6d899cd22bd7b37ee27859bfdf155 Mon Sep 17 00:00:00 2001 -From: Tomas Bzatek -Date: Fri, 3 May 2024 17:19:39 +0200 -Subject: [PATCH] linux: Fix uninitialized variables -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -In file included from ../src/nvme/linux.c:40: -In function ‘freep’, - inlined from ‘nvme_get_telemetry_log’ at ../src/nvme/linux.c:169:23: -../src/nvme/cleanup.h:24:9: warning: ‘log’ may be used uninitialized [-Wmaybe-uninitialized] - 24 | free(*(void **)p); - | ^~~~~~~~~~~~~~~~~ -../src/nvme/linux.c: In function ‘nvme_get_telemetry_log’: -../src/nvme/linux.c:169:30: note: ‘log’ was declared here - 169 | _cleanup_free_ void *log; - | ^~~ - -Signed-off-by: Tomas Bzatek ---- - src/nvme/linux.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/nvme/linux.c b/src/nvme/linux.c -index 25196fd5..35976011 100644 ---- a/src/nvme/linux.c -+++ b/src/nvme/linux.c -@@ -166,7 +166,7 @@ int nvme_get_telemetry_log(int fd, bool create, bool ctrl, bool rae, size_t max_ - - struct nvme_telemetry_log *telem; - enum nvme_cmd_get_log_lid lid; -- _cleanup_free_ void *log; -+ _cleanup_free_ void *log = NULL; - void *tmp; - int err; - size_t dalb; --- -2.44.0 - diff --git a/packages/libnvme/Cargo.toml b/packages/libnvme/Cargo.toml deleted file mode 100644 index c55b6998475..00000000000 --- a/packages/libnvme/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libnvme" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/linux-nvme/libnvme/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/linux-nvme/libnvme/archive/v1.9/libnvme-1.9.tar.gz" -sha512 = "39a3346805143f93a17d00cfcb6fb75f82154658db6079134c09dfa989995ac5de79b1ce1ac091b4e997523d3216829ce9eac44110c9f59f9fd21636529c8b25" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libnvme/libnvme.spec b/packages/libnvme/libnvme.spec deleted file mode 100644 index c4bd8f1501c..00000000000 --- a/packages/libnvme/libnvme.spec +++ /dev/null @@ -1,53 +0,0 @@ -Name: %{_cross_os}libnvme -Version: 1.9 -Release: 1%{?dist} -Summary: Library for NVM Express -License: LGPL-2.1-only AND CC0-1.0 AND MIT -URL: https://github.com/linux-nvme/libnvme -Source0: https://github.com/linux-nvme/libnvme/archive/v%{version}/libnvme-%{version}.tar.gz -Patch0001: 0001-linux-Fix-uninitialized-variables.patch - -BuildRequires: meson -BuildRequires: %{_cross_os}glibc-devel - -%package devel -Summary: Files for development using the library for NVM Express -Requires: %{_cross_os}libnvme - -%description devel -%{summary}. - -%description -%{summary}. - -%prep -%autosetup -n libnvme-%{version} -p1 - -%build -CONFIGURE_OPTS=( - -Dpython=disabled - -Dopenssl=disabled - -Djson-c=disabled - -Dkeyutils=disabled - - -Ddocs-build=false -) - -%cross_meson "${CONFIGURE_OPTS[@]}" -%cross_meson_build - -%install -%cross_meson_install - -%files -%license COPYING ccan/licenses/BSD-MIT ccan/licenses/CC0 -%{_cross_libdir}/*.so.* -%{_cross_attribution_file} - -%files devel -%{_cross_includedir}/*.h -%{_cross_includedir}/nvme/*.h -%{_cross_libdir}/*.so -%{_cross_libdir}/pkgconfig/*.pc - -%changelog diff --git a/packages/libpcre/Cargo.toml b/packages/libpcre/Cargo.toml deleted file mode 100644 index ff4cd01e779..00000000000 --- a/packages/libpcre/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libpcre" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/PhilipHazel/pcre2/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-10.43/pcre2-10.43.tar.bz2" -sha512 = "8ac1520c32e9e5672404aaf6104e23c9ee5c3c28ad28ff101435599d813cbb20e0491a3fd34e012b4411b3e0366a4c6dfa3f02d093acaa6ff0ab25478bb7ade9" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libpcre/libpcre.spec b/packages/libpcre/libpcre.spec deleted file mode 100644 index 8bb390c5ebe..00000000000 --- a/packages/libpcre/libpcre.spec +++ /dev/null @@ -1,64 +0,0 @@ -Name: %{_cross_os}libpcre -Version: 10.43 -Release: 1%{?dist} -Summary: Library for regular expressions -License: BSD-3-Clause -URL: https://www.pcre.org/ -Source0: https://github.com/PhilipHazel/pcre2/releases/download/pcre2-%{version}/pcre2-%{version}.tar.bz2 -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for regular expressions -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n pcre2-%{version} -p1 - -%build -%cross_configure \ - --enable-newline-is-lf \ - --enable-pcre2-8 \ - --enable-shared \ - --enable-static \ - --enable-unicode \ - --disable-jit \ - --disable-jit-sealloc \ - --disable-pcre2-16 \ - --disable-pcre2-32 \ - --disable-pcre2grep-callout \ - --disable-pcre2grep-callout-fork \ - --disable-pcre2grep-jit \ - --disable-pcre2grep-libbz2 \ - --disable-pcre2grep-libz \ - --disable-pcre2test-libedit \ - --disable-pcre2test-libreadline \ - -%force_disable_rpath - -%make_build - -%install -%make_install - -%files -%license LICENCE -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_bindir} -%exclude %{_cross_docdir} -%exclude %{_cross_mandir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libseccomp/Cargo.toml b/packages/libseccomp/Cargo.toml deleted file mode 100644 index 8af053fd488..00000000000 --- a/packages/libseccomp/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libseccomp" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/seccomp/libseccomp/releases/" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/seccomp/libseccomp/releases/download/v2.5.5/libseccomp-2.5.5.tar.gz" -sha512 = "f630e7a7e53a21b7ccb4d3e7b37616b89aeceba916677c8e3032830411d77a14c2d74dcf594cd193b1acc11f52595072e28316dc44300e54083d5d7b314a38da" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libseccomp/libseccomp.spec b/packages/libseccomp/libseccomp.spec deleted file mode 100644 index 49165306c61..00000000000 --- a/packages/libseccomp/libseccomp.spec +++ /dev/null @@ -1,47 +0,0 @@ -Name: %{_cross_os}libseccomp -Version: 2.5.5 -Release: 1%{?dist} -Summary: Library for enhanced seccomp -License: LGPL-2.1-only -URL: https://github.com/seccomp/libseccomp -Source0: https://github.com/seccomp/libseccomp/releases/download/v%{version}/libseccomp-%{version}.tar.gz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for enhanced seccomp -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libseccomp-%{version} -p1 - -%build -%cross_configure - -%force_disable_rpath - -%make_build - -%install -%make_install - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_bindir}/scmp_sys_resolver -%exclude %{_cross_mandir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libselinux/Cargo.toml b/packages/libselinux/Cargo.toml deleted file mode 100644 index 2d160d7ce80..00000000000 --- a/packages/libselinux/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "libselinux" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/SELinuxProject/selinux/releases/" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/SELinuxProject/selinux/releases/download/3.6/libselinux-3.6.tar.gz" -sha512 = "182dcdf3510083ff4b9376a4a6d6a7b33905ac3c5e974c188bf3965686c54b663162c543ecf15eab75102f3c91a2502d33d0f1104dec01dd9b14737ef3f2b544" - -[build-dependencies] -glibc = { path = "../glibc" } -libpcre = { path = "../libpcre" } -libsepol = { path = "../libsepol" } diff --git a/packages/libselinux/libselinux.spec b/packages/libselinux/libselinux.spec deleted file mode 100644 index 0b899be19f0..00000000000 --- a/packages/libselinux/libselinux.spec +++ /dev/null @@ -1,100 +0,0 @@ -Name: %{_cross_os}libselinux -Version: 3.6 -Release: 1%{?dist} -Summary: Library for SELinux -License: LicenseRef-SELinux-PD -URL: https://github.com/SELinuxProject/ -Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libselinux-%{version}.tar.gz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libpcre-devel -BuildRequires: %{_cross_os}libsepol-devel -Requires: %{_cross_os}libpcre - -%description -%{summary}. - -%package utils -Summary: A set of utilities for SELinux -Requires: %{name} -Requires: %{_cross_os}libpcre -Requires: %{_cross_os}libsepol - -%description utils -%{summary}. - -%package devel -Summary: Files for development using the library for SELinux -Requires: %{name} -Requires: %{_cross_os}libpcre-devel -Requires: %{_cross_os}libsepol-devel - -%description devel -%{summary}. - -%prep -%autosetup -n libselinux-%{version} -p1 - -%global set_env \ -%set_cross_build_flags \\\ -export CC="%{_cross_target}-gcc" \\\ -export DESTDIR='%{buildroot}' \\\ -export PREFIX='%{_cross_prefix}' \\\ -export SHLIBDIR='%{_cross_libdir}' \\\ -export DISABLE_RPM='y' \\\ -export USE_PCRE2='y' \\\ -%{nil} - -%build -%set_env -%make_build - -%install -%set_env -%make_install - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_mandir} - -%files utils -%{_cross_sbindir}/avcstat -%{_cross_sbindir}/sefcontext_compile -%exclude %{_cross_sbindir}/compute_av -%exclude %{_cross_sbindir}/compute_create -%exclude %{_cross_sbindir}/compute_member -%exclude %{_cross_sbindir}/compute_relabel -%exclude %{_cross_sbindir}/getconlist -%exclude %{_cross_sbindir}/getdefaultcon -%exclude %{_cross_sbindir}/getenforce -%exclude %{_cross_sbindir}/getfilecon -%exclude %{_cross_sbindir}/getpidcon -%exclude %{_cross_sbindir}/getpolicyload -%exclude %{_cross_sbindir}/getsebool -%exclude %{_cross_sbindir}/getseuser -%exclude %{_cross_sbindir}/matchpathcon -%exclude %{_cross_sbindir}/policyvers -%exclude %{_cross_sbindir}/selabel_digest -%exclude %{_cross_sbindir}/selabel_get_digests_all_partial_matches -%exclude %{_cross_sbindir}/selabel_lookup -%exclude %{_cross_sbindir}/selabel_lookup_best_match -%exclude %{_cross_sbindir}/selabel_partial_match -%exclude %{_cross_sbindir}/selinux_check_access -%exclude %{_cross_sbindir}/selinux_check_securetty_context -%exclude %{_cross_sbindir}/getpidprevcon -%exclude %{_cross_sbindir}/selinuxenabled -%exclude %{_cross_sbindir}/selinuxexeccon -%exclude %{_cross_sbindir}/setenforce -%exclude %{_cross_sbindir}/setfilecon -%exclude %{_cross_sbindir}/togglesebool -%exclude %{_cross_sbindir}/validatetrans - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/selinux -%{_cross_includedir}/selinux/* -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/libsemanage/0001-remove-bzip2-dependency.patch b/packages/libsemanage/0001-remove-bzip2-dependency.patch deleted file mode 100644 index 235e645c1f7..00000000000 --- a/packages/libsemanage/0001-remove-bzip2-dependency.patch +++ /dev/null @@ -1,268 +0,0 @@ -From 227391a3403dc480c31e5d8dc96aaa085e91610a Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Sat, 30 Mar 2024 04:57:02 +0000 -Subject: [PATCH] remove bzip2 dependency - -Signed-off-by: Ben Cressey ---- - src/Makefile | 2 +- - src/compressed_file.c | 179 ++++++------------------------------------ - src/libsemanage.pc.in | 1 - - tests/Makefile | 2 +- - 4 files changed, 26 insertions(+), 158 deletions(-) - -diff --git a/src/Makefile b/src/Makefile -index d525996..314d064 100644 ---- a/src/Makefile -+++ b/src/Makefile -@@ -90,7 +90,7 @@ $(LIBA): $(OBJS) - $(RANLIB) $@ - - $(LIBSO): $(LOBJS) -- $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -laudit -lselinux -lbz2 -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs -+ $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -laudit -lselinux -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs - ln -sf $@ $(TARGET) - - $(LIBPC): $(LIBPC).in ../VERSION -diff --git a/src/compressed_file.c b/src/compressed_file.c -index 5546b83..3632d79 100644 ---- a/src/compressed_file.c -+++ b/src/compressed_file.c -@@ -27,148 +27,14 @@ - #include - #include - --#include -- - #include "compressed_file.h" - - #include "debug.h" - --#define BZ2_MAGICSTR "BZh" --#define BZ2_MAGICLEN (sizeof(BZ2_MAGICSTR)-1) -- --/* bzip() a data to a file, returning the total number of compressed bytes -- * in the file. Returns -1 if file could not be compressed. */ --static int bzip(semanage_handle_t *sh, const char *filename, void *data, -- size_t num_bytes) --{ -- BZFILE* b; -- size_t size = 1<<16; -- int bzerror; -- size_t total = 0; -- size_t len = 0; -- FILE *f; -- -- if ((f = fopen(filename, "wb")) == NULL) { -- return -1; -- } -- -- if (!sh->conf->bzip_blocksize) { -- if (fwrite(data, 1, num_bytes, f) < num_bytes) { -- fclose(f); -- return -1; -- } -- fclose(f); -- return 0; -- } -- -- b = BZ2_bzWriteOpen( &bzerror, f, sh->conf->bzip_blocksize, 0, 0); -- if (bzerror != BZ_OK) { -- BZ2_bzWriteClose ( &bzerror, b, 1, 0, 0 ); -- fclose(f); -- return -1; -- } -- -- while ( num_bytes > total ) { -- if (num_bytes - total > size) { -- len = size; -- } else { -- len = num_bytes - total; -- } -- BZ2_bzWrite ( &bzerror, b, (uint8_t *)data + total, len ); -- if (bzerror == BZ_IO_ERROR) { -- BZ2_bzWriteClose ( &bzerror, b, 1, 0, 0 ); -- fclose(f); -- return -1; -- } -- total += len; -- } -- -- BZ2_bzWriteClose ( &bzerror, b, 0, 0, 0 ); -- fclose(f); -- if (bzerror == BZ_IO_ERROR) { -- return -1; -- } -- return 0; --} -- --/* bunzip() a file to '*data', returning the total number of uncompressed bytes -- * in the file. Returns -1 if file could not be decompressed. */ --static ssize_t bunzip(semanage_handle_t *sh, FILE *f, void **data) --{ -- BZFILE* b = NULL; -- size_t nBuf; -- uint8_t* buf = NULL; -- size_t size = 1<<18; -- size_t bufsize = size; -- int bzerror; -- size_t total = 0; -- uint8_t* uncompress = NULL; -- uint8_t* tmpalloc = NULL; -- int ret = -1; -- -- buf = malloc(bufsize); -- if (buf == NULL) { -- ERR(sh, "Failure allocating memory."); -- goto exit; -- } -- -- /* Check if the file is bzipped */ -- bzerror = fread(buf, 1, BZ2_MAGICLEN, f); -- rewind(f); -- if ((bzerror != BZ2_MAGICLEN) || memcmp(buf, BZ2_MAGICSTR, BZ2_MAGICLEN)) { -- goto exit; -- } -- -- b = BZ2_bzReadOpen ( &bzerror, f, 0, sh->conf->bzip_small, NULL, 0 ); -- if ( bzerror != BZ_OK ) { -- ERR(sh, "Failure opening bz2 archive."); -- goto exit; -- } -- -- uncompress = malloc(size); -- if (uncompress == NULL) { -- ERR(sh, "Failure allocating memory."); -- goto exit; -- } -- -- while ( bzerror == BZ_OK) { -- nBuf = BZ2_bzRead ( &bzerror, b, buf, bufsize); -- if (( bzerror == BZ_OK ) || ( bzerror == BZ_STREAM_END )) { -- if (total + nBuf > size) { -- size *= 2; -- tmpalloc = realloc(uncompress, size); -- if (tmpalloc == NULL) { -- ERR(sh, "Failure allocating memory."); -- goto exit; -- } -- uncompress = tmpalloc; -- } -- memcpy(&uncompress[total], buf, nBuf); -- total += nBuf; -- } -- } -- if ( bzerror != BZ_STREAM_END ) { -- ERR(sh, "Failure reading bz2 archive."); -- goto exit; -- } -- -- ret = total; -- *data = uncompress; -- --exit: -- BZ2_bzReadClose ( &bzerror, b ); -- free(buf); -- if ( ret < 0 ) { -- free(uncompress); -- } -- return ret; --} -- - int map_compressed_file(semanage_handle_t *sh, const char *path, - struct file_contents *contents) - { -- ssize_t size = -1; -- void *uncompress; -+ void *data; - int ret = 0, fd = -1; - FILE *file = NULL; - -@@ -185,22 +51,17 @@ int map_compressed_file(semanage_handle_t *sh, const char *path, - return -1; - } - -- if ((size = bunzip(sh, file, &uncompress)) >= 0) { -- contents->data = uncompress; -- contents->len = size; -- contents->compressed = 1; -+ struct stat sb; -+ if (fstat(fd, &sb) == -1 || -+ (data = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0)) == -+ MAP_FAILED) { -+ ret = -1; - } else { -- struct stat sb; -- if (fstat(fd, &sb) == -1 || -- (uncompress = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0)) == -- MAP_FAILED) { -- ret = -1; -- } else { -- contents->data = uncompress; -- contents->len = sb.st_size; -- contents->compressed = 0; -- } -+ contents->data = data; -+ contents->len = sb.st_size; -+ contents->compressed = 0; - } -+ - fclose(file); - return ret; - } -@@ -210,15 +71,23 @@ void unmap_compressed_file(struct file_contents *contents) - if (!contents->data) - return; - -- if (contents->compressed) { -- free(contents->data); -- } else { -- munmap(contents->data, contents->len); -- } -+ munmap(contents->data, contents->len); - } - - int write_compressed_file(semanage_handle_t *sh, const char *path, - void *data, size_t len) - { -- return bzip(sh, path, data, len); -+ FILE *f; -+ -+ if ((f = fopen(path, "wb")) == NULL) { -+ return -1; -+ } -+ -+ if (fwrite(data, 1, len, f) < len) { -+ fclose(f); -+ return -1; -+ } -+ -+ fclose(f); -+ return 0; - } -diff --git a/src/libsemanage.pc.in b/src/libsemanage.pc.in -index 43681dd..6616bd1 100644 ---- a/src/libsemanage.pc.in -+++ b/src/libsemanage.pc.in -@@ -9,5 +9,4 @@ Version: @VERSION@ - URL: http://userspace.selinuxproject.org/ - Requires.private: libselinux libsepol - Libs: -L${libdir} -lsemanage --Libs.private: -lbz2 - Cflags: -I${includedir} -diff --git a/tests/Makefile b/tests/Makefile -index 69f49a3..ff54969 100644 ---- a/tests/Makefile -+++ b/tests/Makefile -@@ -7,7 +7,7 @@ CILS = $(sort $(wildcard *.cil)) - EXECUTABLE = libsemanage-tests - CFLAGS += -g -O0 -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute -Wno-unused-parameter - override CFLAGS += -I../src -I../include --override LDLIBS += -lcunit -lbz2 -laudit -lselinux -lsepol -+override LDLIBS += -lcunit -laudit -lselinux -lsepol - - OBJECTS = $(SOURCES:.c=.o) - POLICIES = $(CILS:.cil=.policy) --- -2.44.0 - diff --git a/packages/libsemanage/Cargo.toml b/packages/libsemanage/Cargo.toml deleted file mode 100644 index aab341d333d..00000000000 --- a/packages/libsemanage/Cargo.toml +++ /dev/null @@ -1,22 +0,0 @@ -[package] -name = "libsemanage" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/SELinuxProject/selinux/releases/" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/SELinuxProject/selinux/releases/download/3.6/libsemanage-3.6.tar.gz" -sha512 = "8998b6a1b254a9673b99ae4d70a1edc769bb728a44f573cdf62e0a9c9392b77644ee2d70e1936a2f8a9a7f8b063ce98a981f4b8b7060f5b82791889330d69364" - -[build-dependencies] -glibc = { path = "../glibc" } -libaudit = { path = "../libaudit" } -libselinux = { path = "../libselinux" } -libsepol = { path = "../libsepol" } diff --git a/packages/libsemanage/libsemanage.spec b/packages/libsemanage/libsemanage.spec deleted file mode 100644 index 6475710d1fb..00000000000 --- a/packages/libsemanage/libsemanage.spec +++ /dev/null @@ -1,61 +0,0 @@ -Name: %{_cross_os}libsemanage -Version: 3.6 -Release: 1%{?dist} -Summary: Library for SELinux binary policy manipulation -License: LGPL-2.1-or-later -URL: https://github.com/SELinuxProject/ -Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libsemanage-%{version}.tar.gz -Patch0001: 0001-remove-bzip2-dependency.patch - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libaudit-devel -BuildRequires: %{_cross_os}libselinux-devel -BuildRequires: %{_cross_os}libsepol-devel -Requires: %{_cross_os}libaudit -Requires: %{_cross_os}libselinux -Requires: %{_cross_os}libsepol - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for SELinux binary policy manipulation -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libsemanage-%{version} -p1 - -%global set_env \ -%set_cross_build_flags \\\ -export CC="%{_cross_target}-gcc" \\\ -export DESTDIR='%{buildroot}' \\\ -export PREFIX='%{_cross_prefix}' \\\ -%{nil} - -%build -%set_env -%make_build - -%install -%set_env -%make_install - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_libexecdir} -%exclude %{_cross_mandir} -%exclude %{_cross_sysconfdir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/semanage -%{_cross_includedir}/semanage/* -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/libsepol/0001-libsepol-cil-Check-common-perms-when-verifiying-all.patch b/packages/libsepol/0001-libsepol-cil-Check-common-perms-when-verifiying-all.patch deleted file mode 100644 index 4f1d80a3374..00000000000 --- a/packages/libsepol/0001-libsepol-cil-Check-common-perms-when-verifiying-all.patch +++ /dev/null @@ -1,56 +0,0 @@ -From a4596b5ef889f30f3e1c1cbb6685b7f4727eb4de Mon Sep 17 00:00:00 2001 -From: James Carter -Date: Mon, 1 Apr 2024 10:49:24 -0400 -Subject: [PATCH] libsepol/cil: Check common perms when verifiying "all" - -Commit e81c466 "Fix class permission verification in CIL", added a -check for the use of "all" in a permission expression for a class -that had no permissions. Unfortunately, that change did not take -into account a class that had common permissions, so a class that -has no permmissions of its own, but inherits permissions from a -common, will fail the verification check. - -If the class inherits from a common, then add those permissions to -the permmission list when verifying the permission expression. - -Example/ -(common co1 (cop1)) -(class cl1 ()) -(classcommon cl1 co1) -(classorder (CLASS cl1)) - -(classpermission cp1) -(classpermissionset cp1 (cl1 (all))) - -(classmap cm1 (cmp1)) -(classmapping cm1 cmp1 (cl1 (all))) - -Previously, both the classpermissionset and the classmapping rules -would fail verification, but now they pass as expected. - -Patch originally from Ben Cressey , I have -expanded the explanation. - -Reported-by: Ben Cressey -Signed-off-by: James Carter ---- - cil/src/cil_verify.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/cil/src/cil_verify.c b/cil/src/cil_verify.c -index 0c6d50a1..4ef2cbab 100644 ---- a/cil/src/cil_verify.c -+++ b/cil/src/cil_verify.c -@@ -1842,6 +1842,9 @@ static int __cil_verify_perms(struct cil_class *class, struct cil_list *perms, s - int count2 = 0; - cil_list_init(&perm_list, CIL_MAP_PERM); - cil_symtab_map(&class->perms, __add_perm_to_list, perm_list); -+ if (class->common != NULL) { -+ cil_symtab_map(&class->common->perms, __add_perm_to_list, perm_list); -+ } - cil_list_for_each(j, perm_list) { - count2++; - struct cil_perm *perm = j->data; --- -2.44.0 - diff --git a/packages/libsepol/Cargo.toml b/packages/libsepol/Cargo.toml deleted file mode 100644 index 62851de4983..00000000000 --- a/packages/libsepol/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libsepol" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/SELinuxProject/selinux/releases/" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/SELinuxProject/selinux/releases/download/3.6/libsepol-3.6.tar.gz" -sha512 = "35a42d2749fc4f71bc6b7488380714f56975564007128566f1c73e5c50bf81c17535b2cfda4583aacb4870aa2cd5885321c01523e415bda8b3326bfefb13d58e" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libsepol/libsepol.spec b/packages/libsepol/libsepol.spec deleted file mode 100644 index ed317080e4f..00000000000 --- a/packages/libsepol/libsepol.spec +++ /dev/null @@ -1,54 +0,0 @@ -Name: %{_cross_os}libsepol -Version: 3.6 -Release: 1%{?dist} -Summary: Library for SELinux policy manipulation -License: LGPL-2.1-or-later -URL: https://github.com/SELinuxProject/ -Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libsepol-%{version}.tar.gz -Patch0001: 0001-libsepol-cil-Check-common-perms-when-verifiying-all.patch -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for SELinux policy manipulation -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libsepol-%{version} -p1 - -%global set_env \ -%set_cross_build_flags \\\ -export CC="%{_cross_target}-gcc" \\\ -export DESTDIR='%{buildroot}' \\\ -export PREFIX='%{_cross_prefix}' \\\ -export SHLIBDIR='%{_cross_libdir}' \\\ -%{nil} - -%build -%set_env -%make_build - -%install -%set_env -%make_install - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_bindir} -%exclude %{_cross_mandir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/sepol -%{_cross_includedir}/sepol/* -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/libstd-rust/Cargo.toml b/packages/libstd-rust/Cargo.toml deleted file mode 100644 index 7f393726a7d..00000000000 --- a/packages/libstd-rust/Cargo.toml +++ /dev/null @@ -1,12 +0,0 @@ -[package] -name = "libstd-rust" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - - -[package.metadata.build-package] - -[lib] -path = "../packages.rs" diff --git a/packages/libstd-rust/libstd-rust.spec b/packages/libstd-rust/libstd-rust.spec deleted file mode 100644 index 20f51ca25ba..00000000000 --- a/packages/libstd-rust/libstd-rust.spec +++ /dev/null @@ -1,32 +0,0 @@ -# This is a wrapper package that vends a pre-built shared library from -# the SDK, allowing it to be loaded at runtime. It also lets us extract -# debuginfo in the usual way. -%undefine _debugsource_packages - -Name: %{_cross_os}libstd-rust -Version: 0.0 -Release: 1%{?dist} -Summary: Rust standard library -License: Apache-2.0 OR MIT -URL: https://www.rust-lang.org/ - -%description -%{summary}. - -%prep -%setup -T -c -cp /usr/share/licenses/rust/* . - -%build -install -p -m0755 %{_libexecdir}/rust/lib/rustlib/%{__cargo_target}/lib/libstd-*.so . - -%install -mkdir -p %{buildroot}%{_cross_libdir} -install -p -m0755 libstd-*.so %{buildroot}%{_cross_libdir} - -%files -%license COPYRIGHT LICENSE-APACHE LICENSE-MIT -%{_cross_attribution_file} -%{_cross_libdir}/libstd-*.so - -%changelog diff --git a/packages/libtirpc/Cargo.toml b/packages/libtirpc/Cargo.toml deleted file mode 100644 index 32a5937f351..00000000000 --- a/packages/libtirpc/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libtirpc" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://sourceforge.net/projects/libtirpc/files/libtirpc/" - -[[package.metadata.build-package.external-files]] -url = "https://downloads.sourceforge.net/libtirpc/libtirpc-1.3.4.tar.bz2" -sha512 = "004e61b5853717324790c46cda5ff227d525909f189194ae72a1ec8f476ca35d7f4c1f03c0fbc690c1696d60a212675b09246dbe627fdbf1a9a47f5664e82b00" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libtirpc/libtirpc.spec b/packages/libtirpc/libtirpc.spec deleted file mode 100644 index d671fe0e812..00000000000 --- a/packages/libtirpc/libtirpc.spec +++ /dev/null @@ -1,49 +0,0 @@ -Name: %{_cross_os}libtirpc -Version: 1.3.4 -Release: 1%{?dist} -Summary: Library for RPC -License: BSD-3-Clause -URL: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=summary -Source0: http://downloads.sourceforge.net/libtirpc/libtirpc-%{version}.tar.bz2 -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for RPC -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libtirpc-%{version} -p1 - -%build -%cross_configure \ - --enable-static \ - --disable-authdes \ - --disable-gssapi \ - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_mandir} -%exclude %{_cross_sysconfdir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/tirpc -%{_cross_includedir}/tirpc/* -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/liburcu/Cargo.toml b/packages/liburcu/Cargo.toml deleted file mode 100644 index ab5d19ff4da..00000000000 --- a/packages/liburcu/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "liburcu" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://lttng.org/files/urcu" - -[[package.metadata.build-package.external-files]] -url = "https://lttng.org/files/urcu/userspace-rcu-latest-0.14.tar.bz2" -sha512 = "7297e51012f4c44ee27c0e18ed9d87bf24be34db68a5398394c1e683a045bb561cf74aa913398404c0ed5cb8011af728ea12947717fa5f27627e5ca78e63a40f" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/liburcu/liburcu.spec b/packages/liburcu/liburcu.spec deleted file mode 100644 index 6accd25c5b7..00000000000 --- a/packages/liburcu/liburcu.spec +++ /dev/null @@ -1,67 +0,0 @@ -Name: %{_cross_os}liburcu -Version: 0.14.0 -Release: 1%{?dist} -Summary: Library for userspace RCU -License: LGPL-2.1-only AND GPL-2.0-or-later AND MIT -URL: http://liburcu.org -Source0: http://lttng.org/files/urcu/userspace-rcu-latest-0.14.tar.bz2 - -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for userspace RCU -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n userspace-rcu-%{version} - -%build -%cross_configure --disable-static - -%force_disable_rpath - -%make_build - -%install -%make_install - -%files -%license LICENSE gpl-2.0.txt lgpl-relicensing.txt lgpl-2.1.txt -%{_cross_attribution_file} - -%{_cross_libdir}/liburcu.so.8* -%{_cross_libdir}/liburcu-common.so.8* - -%exclude %{_cross_libdir}/liburcu-bp.so.8* -%exclude %{_cross_libdir}/liburcu-cds.so.8* -%exclude %{_cross_libdir}/liburcu-mb.so.8* -%exclude %{_cross_libdir}/liburcu-memb.so.8* -%exclude %{_cross_libdir}/liburcu-qsbr.so.8* -%exclude %{_cross_libdir}/liburcu-signal.so.8* -%exclude %{_cross_docdir} - -%files devel -%{_cross_includedir}/* -%{_cross_libdir}/liburcu-common.so -%{_cross_libdir}/liburcu.so -%{_cross_libdir}/pkgconfig/liburcu.pc - -%exclude %{_cross_libdir}/pkgconfig/liburcu-bp.pc -%exclude %{_cross_libdir}/pkgconfig/liburcu-cds.pc -%exclude %{_cross_libdir}/pkgconfig/liburcu-mb.pc -%exclude %{_cross_libdir}/pkgconfig/liburcu-memb.pc -%exclude %{_cross_libdir}/pkgconfig/liburcu-qsbr.pc -%exclude %{_cross_libdir}/pkgconfig/liburcu-signal.pc -%exclude %{_cross_libdir}/liburcu-bp.so -%exclude %{_cross_libdir}/liburcu-cds.so -%exclude %{_cross_libdir}/liburcu-common.so -%exclude %{_cross_libdir}/liburcu-mb.so -%exclude %{_cross_libdir}/liburcu-memb.so -%exclude %{_cross_libdir}/liburcu-qsbr.so -%exclude %{_cross_libdir}/liburcu-signal.so diff --git a/packages/libxcrypt/Cargo.toml b/packages/libxcrypt/Cargo.toml deleted file mode 100644 index 37f5c3238f5..00000000000 --- a/packages/libxcrypt/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libxcrypt" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/besser82/libxcrypt/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/besser82/libxcrypt/releases/download/v4.4.36/libxcrypt-4.4.36.tar.xz" -sha512 = "468560e6f90877540d22e32c867cbcf3786983a6fdae6ef86454f4b7f2bbaae1b6589d1af75cda73078fa8f6e91b1a32f8353f26d433246eef7be3e96d4ae1c7" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libxcrypt/libxcrypt.spec b/packages/libxcrypt/libxcrypt.spec deleted file mode 100644 index 40ff15253df..00000000000 --- a/packages/libxcrypt/libxcrypt.spec +++ /dev/null @@ -1,53 +0,0 @@ -Name: %{_cross_os}libxcrypt -Version: 4.4.36 -Release: 1%{?dist} -Summary: Extended crypt library for descrypt, md5crypt, bcrypt, and others -License: LGPL-2.1-or-later -URL: https://github.com/besser82/libxcrypt -Source0: https://github.com/besser82/libxcrypt/releases/download/v%{version}/libxcrypt-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the extended crypt library for descrypt, md5crypt, bcrypt, and others -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n libxcrypt-%{version} -p1 - -%build -%cross_configure \ - --disable-failure-tokens \ - --disable-valgrind \ - --disable-silent-rules \ - --enable-hashes=all \ - --enable-obsolete-api=no \ - --enable-obsolete-api-enosys=no \ - --enable-shared \ - --enable-static \ - --with-pkgconfigdir=%{_cross_pkgconfigdir} \ - -%make_build - -%install -%make_install - -%files -%license LICENSING COPYING.LIB -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_mandir} - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/*.la - -%changelog diff --git a/packages/libz/Cargo.toml b/packages/libz/Cargo.toml deleted file mode 100644 index 7a293ac3c56..00000000000 --- a/packages/libz/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libz" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://www.zlib.net" - -[[package.metadata.build-package.external-files]] -url = "https://www.zlib.net/zlib-1.3.1.tar.xz" -sha512 = "1e8e70b362d64a233591906a1f50b59001db04ca14aaffad522198b04680be501736e7d536b4191e2f99767e7001ca486cd802362cca2be05d5d409b83ea732d" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libz/libz.spec b/packages/libz/libz.spec deleted file mode 100644 index 9de692bb662..00000000000 --- a/packages/libz/libz.spec +++ /dev/null @@ -1,50 +0,0 @@ -Name: %{_cross_os}libz -Version: 1.3.1 -Release: 1%{?dist} -Summary: Library for zlib compression -URL: https://www.zlib.net/ -License: Zlib -Source: https://www.zlib.net/zlib-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for zlib compression -Requires: %{name} - -%description devel -%{summary}. - -%prep -%setup -n zlib-%{version} - -# Sets cross build flags, target cross compiler, and env variables -# required to `make install` libz -%global set_env \ -%set_cross_build_flags \\\ -export CROSS_PREFIX="%{_cross_target}-" \\\ -%{nil} - -%build -%set_env -# zlib only reads prefix from this argument, not the environment -./configure --prefix='%{_cross_prefix}' -%make_build - -%install -%set_env -%make_install - -%files -%license README -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_mandir} - -%files devel -%{_cross_libdir}/*.so -%{_cross_includedir}/*.h -%{_cross_libdir}/*.a -%{_cross_pkgconfigdir}/*.pc diff --git a/packages/libzstd/Cargo.toml b/packages/libzstd/Cargo.toml deleted file mode 100644 index f04a27c14d8..00000000000 --- a/packages/libzstd/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "libzstd" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/facebook/zstd/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/facebook/zstd/releases/download/v1.5.6/zstd-1.5.6.tar.gz" -sha512 = "54a578f2484da0520a6e9a24f501b9540a3fe3806785d6bc9db79fc095b7c142a7c121387c7eecd460ca71446603584ef1ba4d29a33ca90873338c9ffbd04f14" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/libzstd/libzstd.spec b/packages/libzstd/libzstd.spec deleted file mode 100644 index 95ec6b3a64a..00000000000 --- a/packages/libzstd/libzstd.spec +++ /dev/null @@ -1,49 +0,0 @@ -Name: %{_cross_os}libzstd -Version: 1.5.6 -Release: 1%{?dist} -Summary: Library for Zstandard compression -License: BSD-3-Clause AND GPL-2.0-only -URL: https://github.com/facebook/zstd/ -Source0: https://github.com/facebook/zstd/releases/download/v%{version}/zstd-%{version}.tar.gz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package devel -Summary: Files for development using the library for Zstandard compression -Requires: %{_cross_os}libzstd - -%description devel -%{summary}. - -%prep -%autosetup -n zstd-%{version} - -%global set_env \ -%set_cross_build_flags \\\ -export CC=%{_cross_target}-gcc \\\ -export PREFIX=%{_cross_prefix} \\\ -export DESTDIR=%{buildroot}%{_cross_rootdir} \\\ -%{nil} - -%build -%set_env -%make_build - -%install -%set_env -%make_install - -%files -%license COPYING -%{_cross_libdir}/*.so.* -%{_cross_attribution_file} -%exclude %{_cross_bindir} -%exclude %{_cross_mandir} - -%files devel -%{_cross_includedir}/*.h -%{_cross_libdir}/*.so -%{_cross_libdir}/*.a -%{_cross_libdir}/pkgconfig/*.pc diff --git a/packages/linux-firmware/0001-linux-firmware-snd-remove-firmware-for-snd-audio-dev.patch b/packages/linux-firmware/0001-linux-firmware-snd-remove-firmware-for-snd-audio-dev.patch deleted file mode 100644 index f0f6abf7a00..00000000000 --- a/packages/linux-firmware/0001-linux-firmware-snd-remove-firmware-for-snd-audio-dev.patch +++ /dev/null @@ -1,1979 +0,0 @@ -From c5e85907233a5ddc7df414744561f0fd848e907f Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Tue, 25 Jul 2023 09:22:51 +0000 -Subject: [PATCH] linux-firmware: snd: remove firmware for snd/audio devices - -Bottlerocket does not configure drivers for audio devices for any of its -kernels. Hence, we do not need to ship firmware for these devices. The -following list maps the drivers as they are named in WHENCE to the -kernel config option for reference and easy searchability should we need -to find the right firmware to add when adding a driver to our kernel -configuation: - -* snd-korg1212 - CONFIG_SND_KORG1212 -* snd-maestro3 - CONFIG_SND_MAESTRO3 -* snd-ymfpci - CONFIG_SND_YMFPCI -* snd-sb16_csp - CONFIG_SND_SB16_CSP -* snd-wavefront - CONFIG_SND_WAVEFRONT -* mtk-sof - CONFIG_SND_SOC_SOF_MTK_TOPLEVEL -* snd-hda-codex-ca0132 - CONFIG_SND_HDA_INTEL && CONFIG_SND_HDA_CODEC_CA0132 -* snd_soc_sst_acpi - CONFIG_SND_SOC_INTEL_SST_ACPI -* snd_intel_sst_core - CONFIG_SND_SOC_INTEL_SST -* snd_soc_catpt - CONFIG_SND_SOC_INTEL_CATPT -* snd_soc_avs - CONFIG_SND_SOC_INTEL_AVS -* snd_soc_skl - CONFIG_SND_SOC_INTEL_SKL -* cs35l41_hda - CONFIG_SND_SOC_C35L41* && SND_HDA_SCODEC_CS35L41* - -Signed-off-by: Leonard Foerster ---- - LICENCE.IntcSST2 | 39 -- - LICENCE.adsp_sst | 999 -------------------------------------------- - LICENCE.ca0132 | 47 --- - LICENCE.fw_sst_0f28 | 40 -- - LICENSE.cirrus | 182 -------- - WHENCE | 545 ------------------------ - 6 files changed, 1852 deletions(-) - delete mode 100644 LICENCE.IntcSST2 - delete mode 100644 LICENCE.adsp_sst - delete mode 100644 LICENCE.ca0132 - delete mode 100644 LICENCE.fw_sst_0f28 - delete mode 100644 LICENSE.cirrus - -diff --git a/LICENCE.IntcSST2 b/LICENCE.IntcSST2 -deleted file mode 100644 -index d4f1609..0000000 ---- a/LICENCE.IntcSST2 -+++ /dev/null -@@ -1,39 +0,0 @@ --Copyright (c) 2014, Intel Corporation. --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. --* Neither the name of Intel Corporation nor the names of its suppliers -- may be used to endorse or promote products derived from this software -- without specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. -- --Limited patent license. Intel Corporation grants a world-wide, --royalty-free, non-exclusive license under patents it now or hereafter --owns or controls to make, have made, use, import, offer to sell and --sell ("Utilize") this software, but solely to the extent that any --such patent is necessary to Utilize the software alone, or in --combination with an operating system licensed under an approved Open --Source license as listed by the Open Source Initiative at --http://opensource.org/licenses. The patent license shall not apply to --any other combinations which include this software. No hardware per --se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -diff --git a/LICENCE.adsp_sst b/LICENCE.adsp_sst -deleted file mode 100644 -index c66b1b2..0000000 ---- a/LICENCE.adsp_sst -+++ /dev/null -@@ -1,999 +0,0 @@ --***** INTEL BINARY FIRMWARE RELEASE LICENCE ******************************** -- --Copyright (c) 2014-15 Intel Corporation. --All rights reserved. -- --Redistribution. -- --Redistribution and use in binary form, without modification, are permitted --provided that the following conditions are met: --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials provided -- with the distribution. --* Neither the name of Intel Corporation nor the names of its suppliers may -- be used to endorse or promote products derived from this software without -- specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software is -- permitted. -- -- --Limited patent license. -- --Intel Corporation grants a world-wide, royalty-free, non-exclusive license --under patents it now or hereafter owns or controls to make, have made, use, --import, offer to sell and sell ("Utilize") this software, but solely to the --extent that any such patent is necessary to Utilize the software alone. The --patent license shall not apply to any combinations which include this software. --No hardware per se is licensed hereunder. -- -- --DISCLAIMER. -- --THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" --AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE --LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR --CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF --SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS --INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN --CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) --ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE --POSSIBILITY OF SUCH DAMAGE. -- -- --***** NEW LIBC LICENCE******************************** -- --The newlib subdirectory is a collection of software from several sources. -- --Each file may have its own copyright/license that is embedded in the source --file. Unless otherwise noted in the body of the source file(s), the following copyright --notices will apply to the contents of the newlib subdirectory: -- --(1) Red Hat Incorporated -- --Copyright (c) 1994-2009 Red Hat, Inc. All rights reserved. -- --This copyrighted material is made available to anyone wishing to use, --modify, copy, or redistribute it subject to the terms and conditions --of the BSD License. This program is distributed in the hope that --it will be useful, but WITHOUT ANY WARRANTY expressed or implied, --including the implied warranties of MERCHANTABILITY or FITNESS FOR --A PARTICULAR PURPOSE. A copy of this license is available at --http://www.opensource.org/licenses. Any Red Hat trademarks that are --incorporated in the source code or documentation are not subject to --the BSD License and may only be used or replicated with the express --permission of Red Hat, Inc. -- --(2) University of California, Berkeley -- --Copyright (c) 1981-2000 The Regents of the University of California. --All rights reserved. -- --Redistribution and use in source and binary forms, with or without modification, --are permitted provided that the following conditions are met: -- -- * Redistributions of source code must retain the above copyright notice, -- this list of conditions and the following disclaimer. -- * Redistributions in binary form must reproduce the above copyright notice, -- this list of conditions and the following disclaimer in the documentation -- and/or other materials provided with the distribution. -- * Neither the name of the University nor the names of its contributors -- may be used to endorse or promote products derived from this software -- without specific prior written permission. -- --THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" --AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED --WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. --IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, --INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT --NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR --PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, --WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) --ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY --OF SUCH DAMAGE. -- --(3) David M. Gay (AT&T 1991, Lucent 1998) -- --The author of this software is David M. Gay. -- --Copyright (c) 1991 by AT&T. -- --Permission to use, copy, modify, and distribute this software for any --purpose without fee is hereby granted, provided that this entire notice --is included in all copies of any software which is or includes a copy --or modification of this software and in all copies of the supporting --documentation for such software. -- --THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED --WARRANTY. IN PARTICULAR, NEITHER THE AUTHOR NOR AT&T MAKES ANY --REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY --OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE. -- --------------------------------------------------------------------- -- --The author of this software is David M. Gay. -- --Copyright (C) 1998-2001 by Lucent Technologies --All Rights Reserved -- --Permission to use, copy, modify, and distribute this software and --its documentation for any purpose and without fee is hereby --granted, provided that the above copyright notice appear in all --copies and that both that the copyright notice and this --permission notice and warranty disclaimer appear in supporting --documentation, and that the name of Lucent or any of its entities --not be used in advertising or publicity pertaining to --distribution of the software without specific, written prior --permission. -- --LUCENT DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, --INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. --IN NO EVENT SHALL LUCENT OR ANY OF ITS ENTITIES BE LIABLE FOR ANY --SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES --WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER --IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, --ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF --THIS SOFTWARE. -- -- --(4) Advanced Micro Devices -- --Copyright 1989, 1990 Advanced Micro Devices, Inc. -- --This software is the property of Advanced Micro Devices, Inc (AMD) which --specifically grants the user the right to modify, use and distribute this --software provided this notice is not removed or altered. All other rights --are reserved by AMD. -- --AMD MAKES NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, WITH REGARD TO THIS --SOFTWARE. IN NO EVENT SHALL AMD BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL --DAMAGES IN CONNECTION WITH OR ARISING FROM THE FURNISHING, PERFORMANCE, OR --USE OF THIS SOFTWARE. -- --So that all may benefit from your experience, please report any problems --or suggestions about this software to the 29K Technical Support Center at --800-29-29-AMD (800-292-9263) in the USA, or 0800-89-1131 in the UK, or --0031-11-1129 in Japan, toll free. The direct dial number is 512-462-4118. -- --Advanced Micro Devices, Inc. --29K Support Products --Mail Stop 573 --5900 E. Ben White Blvd. --Austin, TX 78741 --800-292-9263 -- --(5) -- --(6) -- --(7) Sun Microsystems -- --Copyright (C) 1993 by Sun Microsystems, Inc. All rights reserved. -- --Developed at SunPro, a Sun Microsystems, Inc. business. --Permission to use, copy, modify, and distribute this --software is freely granted, provided that this notice is preserved. -- --(8) Hewlett Packard -- --(c) Copyright 1986 HEWLETT-PACKARD COMPANY -- --To anyone who acknowledges that this file is provided "AS IS" --without any express or implied warranty: -- permission to use, copy, modify, and distribute this file --for any purpose is hereby granted without fee, provided that --the above copyright notice and this notice appears in all --copies, and that the name of Hewlett-Packard Company not be --used in advertising or publicity pertaining to distribution --of the software without specific, written prior permission. --Hewlett-Packard Company makes no representations about the --suitability of this software for any purpose. -- --(9) Hans-Peter Nilsson -- --Copyright (C) 2001 Hans-Peter Nilsson -- --Permission to use, copy, modify, and distribute this software is --freely granted, provided that the above copyright notice, this notice --and the following disclaimer are preserved with no changes. -- --THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR --IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED --WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR --PURPOSE. -- --(10) Stephane Carrez (m68hc11-elf/m68hc12-elf targets only) -- --Copyright (C) 1999, 2000, 2001, 2002 Stephane Carrez (stcarrez@nerim.fr) -- --The authors hereby grant permission to use, copy, modify, distribute, --and license this software and its documentation for any purpose, provided --that existing copyright notices are retained in all copies and that this --notice is included verbatim in any distributions. No written agreement, --license, or royalty fee is required for any of the authorized uses. --Modifications to this software may be copyrighted by their authors --and need not follow the licensing terms described here, provided that --the new terms are clearly indicated on the first page of each file where --they apply. -- --(11) Christopher G. Demetriou -- --Copyright (c) 2001 Christopher G. Demetriou --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. --3. The name of the author may not be used to endorse or promote products -- derived from this software without specific prior written permission. -- --THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR --IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES --OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. --IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT --NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, --DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY --THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT --(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF --THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- --(12) SuperH, Inc. -- --Copyright 2002 SuperH, Inc. All rights reserved -- --This software is the property of SuperH, Inc (SuperH) which specifically --grants the user the right to modify, use and distribute this software --provided this notice is not removed or altered. All other rights are --reserved by SuperH. -- --SUPERH MAKES NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, WITH REGARD TO --THIS SOFTWARE. IN NO EVENT SHALL SUPERH BE LIABLE FOR INDIRECT, SPECIAL, --INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH OR ARISING FROM --THE FURNISHING, PERFORMANCE, OR USE OF THIS SOFTWARE. -- --So that all may benefit from your experience, please report any problems --or suggestions about this software to the SuperH Support Center via --e-mail at softwaresupport@superh.com . -- --SuperH, Inc. --405 River Oaks Parkway --San Jose --CA 95134 --USA -- --(13) Royal Institute of Technology -- --Copyright (c) 1999 Kungliga Tekniska Högskolan --(Royal Institute of Technology, Stockholm, Sweden). --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: -- --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- --3. Neither the name of KTH nor the names of its contributors may be -- used to endorse or promote products derived from this software without -- specific prior written permission. -- --THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY --EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR --PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE --LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR --CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF --SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR --BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, --WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR --OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF --ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- --(14) Alexey Zelkin -- --Copyright (c) 2000, 2001 Alexey Zelkin --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- --THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE --FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL --DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS --OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) --HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT --LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY --OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF --SUCH DAMAGE. -- --(15) Andrey A. Chernov -- --Copyright (C) 1997 by Andrey A. Chernov, Moscow, Russia. --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- --THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE --FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL --DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS --OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) --HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT --LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY --OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF --SUCH DAMAGE. -- --(16) FreeBSD -- --Copyright (c) 1997-2002 FreeBSD Project. --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- --THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE --FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL --DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS --OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) --HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT --LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY --OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF --SUCH DAMAGE. -- --(17) S. L. Moshier -- --Author: S. L. Moshier. -- --Copyright (c) 1984,2000 S.L. Moshier -- --Permission to use, copy, modify, and distribute this software for any --purpose without fee is hereby granted, provided that this entire notice --is included in all copies of any software which is or includes a copy --or modification of this software and in all copies of the supporting --documentation for such software. -- --THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED --WARRANTY. IN PARTICULAR, THE AUTHOR MAKES NO REPRESENTATION --OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY OF THIS --SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE. -- --(18) Citrus Project -- --Copyright (c)1999 Citrus Project, --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- --THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE --FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL --DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS --OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) --HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT --LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY --OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF --SUCH DAMAGE. -- --(19) Todd C. Miller -- --Copyright (c) 1998 Todd C. Miller --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. --3. The name of the author may not be used to endorse or promote products -- derived from this software without specific prior written permission. -- --THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, --INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY --AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL --THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, --EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, --PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; --OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, --WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR --OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF --ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- --(20) DJ Delorie (i386) --Copyright (C) 1991 DJ Delorie --All rights reserved. -- --Redistribution, modification, and use in source and binary forms is permitted --provided that the above copyright notice and following paragraph are --duplicated in all such forms. -- --This file is distributed WITHOUT ANY WARRANTY; without even the implied --warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -- --(21) Free Software Foundation LGPL License (*-linux* targets only) -- -- Copyright (C) 1990-1999, 2000, 2001 Free Software Foundation, Inc. -- This file is part of the GNU C Library. -- Contributed by Mark Kettenis , 1997. -- -- The GNU C Library is free software; you can redistribute it and/or -- modify it under the terms of the GNU Lesser General Public -- License as published by the Free Software Foundation; either -- version 2.1 of the License, or (at your option) any later version. -- -- The GNU C Library is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -- Lesser General Public License for more details. -- -- You should have received a copy of the GNU Lesser General Public -- License along with the GNU C Library; if not, write to the Free -- Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -- 02110-1301 USA. -- --(22) Xavier Leroy LGPL License (i[3456]86-*-linux* targets only) -- --Copyright (C) 1996 Xavier Leroy (Xavier.Leroy@inria.fr) -- --This program is free software; you can redistribute it and/or --modify it under the terms of the GNU Library General Public License --as published by the Free Software Foundation; either version 2 --of the License, or (at your option) any later version. -- --This program is distributed in the hope that it will be useful, --but WITHOUT ANY WARRANTY; without even the implied warranty of --MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --GNU Library General Public License for more details. -- --(23) Intel (i960) -- --Copyright (c) 1993 Intel Corporation -- --Intel hereby grants you permission to copy, modify, and distribute this --software and its documentation. Intel grants this permission provided --that the above copyright notice appears in all copies and that both the --copyright notice and this permission notice appear in supporting --documentation. In addition, Intel grants this permission provided that --you prominently mark as "not part of the original" any modifications --made to this software or documentation, and that the name of Intel --Corporation not be used in advertising or publicity pertaining to --distribution of the software or the documentation without specific, --written prior permission. -- --Intel Corporation provides this AS IS, WITHOUT ANY WARRANTY, EXPRESS OR --IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF MERCHANTABILITY --OR FITNESS FOR A PARTICULAR PURPOSE. Intel makes no guarantee or --representations regarding the use of, or the results of the use of, --the software and documentation in terms of correctness, accuracy, --reliability, currentness, or otherwise; and you rely on the software, --documentation and results solely at your own risk. -- --IN NO EVENT SHALL INTEL BE LIABLE FOR ANY LOSS OF USE, LOSS OF BUSINESS, --LOSS OF PROFITS, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES --OF ANY KIND. IN NO EVENT SHALL INTEL'S TOTAL LIABILITY EXCEED THE SUM --PAID TO INTEL FOR THE PRODUCT LICENSED HEREUNDER. -- --(24) Hewlett-Packard (hppa targets only) -- --(c) Copyright 1986 HEWLETT-PACKARD COMPANY -- --To anyone who acknowledges that this file is provided "AS IS" --without any express or implied warranty: -- permission to use, copy, modify, and distribute this file --for any purpose is hereby granted without fee, provided that --the above copyright notice and this notice appears in all --copies, and that the name of Hewlett-Packard Company not be --used in advertising or publicity pertaining to distribution --of the software without specific, written prior permission. --Hewlett-Packard Company makes no representations about the --suitability of this software for any purpose. -- --(25) Henry Spencer (only *-linux targets) -- --Copyright 1992, 1993, 1994 Henry Spencer. All rights reserved. --This software is not subject to any license of the American Telephone --and Telegraph Company or of the Regents of the University of California. -- --Permission is granted to anyone to use this software for any purpose on --any computer system, and to alter it and redistribute it, subject --to the following restrictions: -- --1. The author is not responsible for the consequences of use of this -- software, no matter how awful, even if they arise from flaws in it. -- --2. The origin of this software must not be misrepresented, either by -- explicit claim or by omission. Since few users ever read sources, -- credits must appear in the documentation. -- --3. Altered versions must be plainly marked as such, and must not be -- misrepresented as being the original software. Since few users -- ever read sources, credits must appear in the documentation. -- --4. This notice may not be removed or altered. -- --(26) Mike Barcroft -- --Copyright (c) 2001 Mike Barcroft --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- --THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE --FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL --DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS --OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) --HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT --LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY --OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF --SUCH DAMAGE. -- --(27) Konstantin Chuguev (--enable-newlib-iconv) -- --Copyright (c) 1999, 2000 -- Konstantin Chuguev. All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- --THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE --FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL --DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS --OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) --HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT --LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY --OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF --SUCH DAMAGE. -- -- iconv (Charset Conversion Library) v2.0 -- --(28) Artem Bityuckiy (--enable-newlib-iconv) -- --Copyright (c) 2003, Artem B. Bityuckiy, SoftMine Corporation. --Rights transferred to Franklin Electronic Publishers. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- --THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE --FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL --DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS --OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) --HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT --LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY --OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF --SUCH DAMAGE. -- --(29) IBM, Sony, Toshiba (only spu-* targets) -- -- (C) Copyright 2001,2006, -- International Business Machines Corporation, -- Sony Computer Entertainment, Incorporated, -- Toshiba Corporation, -- -- All rights reserved. -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions are met: -- -- * Redistributions of source code must retain the above copyright notice, -- this list of conditions and the following disclaimer. -- * Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- * Neither the names of the copyright holders nor the names of their -- contributors may be used to endorse or promote products derived from this -- software without specific prior written permission. -- -- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -- AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -- ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE -- LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -- CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -- POSSIBILITY OF SUCH DAMAGE. -- --(30) - Alex Tatmanjants (targets using libc/posix) -- -- Copyright (c) 1995 Alex Tatmanjants -- at Electronni Visti IA, Kiev, Ukraine. -- All rights reserved. -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions -- are met: -- 1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- 2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- -- THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND -- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -- ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE -- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -- SUCH DAMAGE. -- --(31) - M. Warner Losh (targets using libc/posix) -- -- Copyright (c) 1998, M. Warner Losh -- All rights reserved. -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions -- are met: -- 1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- 2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- -- THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -- ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -- SUCH DAMAGE. -- --(32) - Andrey A. Chernov (targets using libc/posix) -- -- Copyright (C) 1996 by Andrey A. Chernov, Moscow, Russia. -- All rights reserved. -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions -- are met: -- 1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- 2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- -- THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND -- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -- ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -- SUCH DAMAGE. -- --(33) - Daniel Eischen (targets using libc/posix) -- -- Copyright (c) 2001 Daniel Eischen . -- All rights reserved. -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions -- are met: -- 1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- 2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- -- THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -- ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -- SUCH DAMAGE. -- -- --(34) - Jon Beniston (only lm32-* targets) -- -- Contributed by Jon Beniston -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions -- are met: -- 1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- 2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- -- THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -- ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -- SUCH DAMAGE. -- -- --(35) - ARM Ltd (arm and thumb variant targets only) -- -- Copyright (c) 2009 ARM Ltd -- All rights reserved. -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions -- are met: -- 1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- 2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- 3. The name of the company may not be used to endorse or promote -- products derived from this software without specific prior written -- permission. -- -- THIS SOFTWARE IS PROVIDED BY ARM LTD ``AS IS'' AND ANY EXPRESS OR IMPLIED -- WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -- IN NO EVENT SHALL ARM LTD BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -- SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -- TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR -- PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF -- LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -- NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -- SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- --(36) - Xilinx, Inc. (microblaze-* and powerpc-* targets) -- --Copyright (c) 2004, 2009 Xilinx, Inc. All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions are --met: -- --1. Redistributions source code must retain the above copyright notice, --this list of conditions and the following disclaimer. -- --2. Redistributions in binary form must reproduce the above copyright --notice, this list of conditions and the following disclaimer in the --documentation and/or other materials provided with the distribution. -- --3. Neither the name of Xilinx nor the names of its contributors may be --used to endorse or promote products derived from this software without --specific prior written permission. -- --THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS "AS --IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED --TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A --PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT --HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, --SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED --TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR --PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF --LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING --NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS --SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- -- --(37) Texas Instruments Incorporated (tic6x-*, *-tirtos targets) -- --Copyright (c) 1996-2010,2014 Texas Instruments Incorporated --http://www.ti.com/ -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions -- are met: -- -- Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- -- Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in -- the documentation and/or other materials provided with the -- distribution. -- -- Neither the name of Texas Instruments Incorporated nor the names -- of its contributors may be used to endorse or promote products -- derived from this software without specific prior written -- permission. -- -- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -- "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -- LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -- A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -- OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -- SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -- LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -- THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -- (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -- OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- --(38) National Semiconductor (cr16-* and crx-* targets) -- --Copyright (c) 2004 National Semiconductor Corporation -- --The authors hereby grant permission to use, copy, modify, distribute, --and license this software and its documentation for any purpose, provided --that existing copyright notices are retained in all copies and that this --notice is included verbatim in any distributions. No written agreement, --license, or royalty fee is required for any of the authorized uses. --Modifications to this software may be copyrighted by their authors --and need not follow the licensing terms described here, provided that --the new terms are clearly indicated on the first page of each file where --they apply. -- --(39) - Adapteva, Inc. (epiphany-* targets) -- --Copyright (c) 2011, Adapteva, Inc. --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions are met: -- * Redistributions of source code must retain the above copyright notice, this -- list of conditions and the following disclaimer. -- * Redistributions in binary form must reproduce the above copyright notice, -- this list of conditions and the following disclaimer in the documentation -- and/or other materials provided with the distribution. -- * Neither the name of Adapteva nor the names of its contributors may be used -- to endorse or promote products derived from this software without specific -- prior written permission. -- --THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED --WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE --DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE --FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL --DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR --SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER --CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, --OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE --OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- --(40) - Altera Corportion (nios2-* targets) -- --Copyright (c) 2003 Altera Corporation --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: -- -- o Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- o Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- o Neither the name of Altera Corporation nor the names of its -- contributors may be used to endorse or promote products derived from -- this software without specific prior written permission. -- --THIS SOFTWARE IS PROVIDED BY ALTERA CORPORATION, THE COPYRIGHT HOLDER, --AND ITS CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, --INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY --AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL --THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- --(41) Ed Schouten - Free BSD -- --Copyright (c) 2008 Ed Schouten --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- --THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE --FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL --DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS --OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) --HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT --LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY --OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF --SUCH DAMAGE. -- -diff --git a/LICENCE.ca0132 b/LICENCE.ca0132 -deleted file mode 100644 -index 411750a..0000000 ---- a/LICENCE.ca0132 -+++ /dev/null -@@ -1,47 +0,0 @@ --Copyright (c) 2012, Creative Technology Ltd --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. --* Neither the name of Creative Technology Ltd or its affiliates ("CTL") -- nor the names of its suppliers may be used to endorse or promote -- products derived from this software without specific prior written -- permission. --* No reverse engineering, decompilation, or disassembly of this software -- (or any part thereof) is permitted. -- --Limited patent license. CTL grants a limited, world-wide, --royalty-free, non-exclusive license under patents it now or hereafter --owns or controls to make, have made, use, import, offer to sell and --sell ("Utilize") this software, but strictly only to the extent that any --such patent is necessary to Utilize the software alone, or in --combination with an operating system licensed under an approved Open --Source license as listed by the Open Source Initiative at --http://opensource.org/licenses. The patent license shall not be --applicable, to any other combinations which include this software. --No hardware per se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -- --NO OTHER RIGHTS GRANTED. USER HEREBY ACKNOWLEDGES AND AGREES THAT USE OF --THIS SOFTWARE SHALL NOT CREATE OR GIVE GROUNDS FOR A LICENSE BY --IMPLICATION, ESTOPPEL, OR OTHERWISE TO ANY INTELLECTUAL PROPERTY RIGHTS --(PATENT, COPYRIGHT, TRADE SECRET, MASK WORK, OR OTHER PROPRIETARY RIGHT) --EMBODIED IN ANY OTHER CTL HARDWARE OR SOFTWARE WHETHER SOLELY OR IN --COMBINATION WITH THIS SOFTWARE. -diff --git a/LICENCE.fw_sst_0f28 b/LICENCE.fw_sst_0f28 -deleted file mode 100644 -index 247e35f..0000000 ---- a/LICENCE.fw_sst_0f28 -+++ /dev/null -@@ -1,40 +0,0 @@ --Copyright (c) 2014 Intel Corporation. --All rights reserved. -- --Redistribution. -- --Redistribution and use in binary form, without modification, are permitted --provided that the following conditions are met: --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials provided -- with the distribution. --* Neither the name of Intel Corporation nor the names of its suppliers may -- be used to endorse or promote products derived from this software without -- specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software is -- permitted. -- -- --Limited patent license. -- --Intel Corporation grants a world-wide, royalty-free, non-exclusive license --under patents it now or hereafter owns or controls to make, have made, use, --import, offer to sell and sell ("Utilize") this software, but solely to the --extent that any such patent is necessary to Utilize the software alone. The --patent license shall not apply to any combinations which include this software. --No hardware per se is licensed hereunder. -- -- --DISCLAIMER. -- --THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" --AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE --LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR --CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF --SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS --INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN --CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) --ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE --POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENSE.cirrus b/LICENSE.cirrus -deleted file mode 100644 -index c9d7c22..0000000 ---- a/LICENSE.cirrus -+++ /dev/null -@@ -1,182 +0,0 @@ --Use, distribution, or reproduction of this CIRRUS LOGIC software is governed by --the terms of this Agreement. Any use, distribution or reproduction of this --CIRRUS LOGIC software constitutes your acceptance of the following terms and --conditions. -- --1. DEFINED TERMS -- --“CIRRUS LOGIC” means either Cirrus Logic, Inc., a Delaware Corporation (for --licensees based in the United States), or Cirrus Logic International (UK) Ltd, a --company registered in Scotland (for licensees based outside the United States). -- --“Licensee” means the party which has accepted these terms, including by --distributing, reproducing and/or using the Software. --“Software” means software provided to Licensee in binary code form, that runs or --is intended to run on a processor embedded in an end product (and related files --and documentation) (“Software”). -- --2. GRANT OF LICENSE -- --a. Subject to the terms, conditions, and limitations of this Agreement, CIRRUS --LOGIC grants to Licensee a non-exclusive , non-transferable license (the --“License”) to (i) use and integrate the Software with other software, and (ii) --reproduce and distribute the Software in its complete and unmodified form, --provided all use of the Software is in connection with CIRRUS LOGIC --semiconductor devices. These license rights do not automatically extend to any --third-party software within the Software for which a separate license is --required to enable use by the Licensee. Licensee must agree applicable license --terms with the relevant third-party licensors to use such software. --b. Licensee (i) shall not remove or obscure any copyright and/or trademark --notices from the Software, and (ii) shall maintain and reproduce all copyright --and other proprietary notices on any copy in the same form and manner that such --notices are included on the Software (except if the Software is embedded such --that it is not readily accessible to an end user). --c. Licensee may not make any modifications to the Software and may only --distribute the Software under the terms of this Agreement. Recipients of the --Software must be provided with a copy of this Agreement. -- --3. TERMINATION -- --a. This Agreement will automatically terminate if Licensee does not comply with --its terms. --b. In the event of termination: --i. Licensee must destroy all copies of the Software (and parts thereof), and all --Proprietary Information (as defined below), including any original, backup, or --archival copy that Licensee may have installed, downloaded, or recorded on any --medium. Upon written request from CIRRUS LOGIC, Licensee will certify in --writing that it has complied with this provision and has not retained any copies --of the Software or any Proprietary Information; --ii. the rights and licenses granted to Licensee under this Agreement will --immediately terminate; --iii. all rights and obligations under this Agreement which by their nature --should survive termination, will remain in full force and effect. -- --4. OWNERSHIP, RIGHTS, USE LIMITATIONS, AND DUTIES -- --a. CIRRUS LOGIC and/or its licensors own all proprietary rights in the Software. -- Whilst this Agreement is in effect, Licensee hereby covenants that it will not --assert any claim that the Software infringes any intellectual property rights --owned or controlled by Licensee. --b. Other than as expressly set forth in this Agreement, CIRRUS LOGIC does not --grant, and Licensee does not receive, any ownership right, title or interest in --any intellectual property rights relating to the Software, nor in any copy of --any part of the foregoing. No license is granted to Licensee in any human --readable code of the Software (source code). --c. Licensee shall not (i) use, license, sell or otherwise distribute the --Software except as provided in this Agreement, (ii) attempt to modify in any --way, reverse engineer, decompile or disassemble any portion of the Software; or --(iii) use the Software or other material in violation of any applicable law or --regulation. --d. The Software is not intended or authorized for use in or with products for --which CIRRUS LOGIC semiconductor devices are not designed, tested or intended, --as detailed in the CIRRUS LOGIC Terms and Conditions of Sale, available at --www.cirrus.com/legal (as the same may be updated from time to time), which shall --apply to Licensee’s use of Software, insofar as relevant thereto. --e. CIRRUS LOGIC may require Licensee to cease using a version of the Software, --and may require use of an updated version, where (a) a third-party has claimed --that the Software infringes its intellectual property rights, and/or (b) for --technical reasons CIRRUS LOGIC is no longer able to permit ongoing use of the --version of the Software being used by Licensee. --f. If Licensee requests support, CIRRUS LOGIC has no obligation to provide any --such support but if it agrees to do so any such support will be on a reasonable --efforts basis. --g. Licensee shall keep complete and accurate records of its use of the Software --and shall, on request, promptly provide to CIRRUS LOGIC a certificate evidencing --the extent of such use. -- --5. CONFIDENTIALITY -- --a. Licensee may obtain or be provided with information relating to the Software, --including in documentation provided to it (“Proprietary Information”). Such --Proprietary Information shall belong solely to CIRRUS LOGIC and/or its --affiliates (or, as the case may be, relevant third parties). --b. During and after the term of this Agreement, Licensee agrees to maintain all --such Proprietary Information in strict confidence and to not use (except as --expressly authorized in this Agreement), disclose, or provide any third-party --with access to any Proprietary Information except under a written agreement with --terms at least as protective as the terms of this Agreement. Licensee also --agrees to exercise the same degree of care and diligence as it uses in respect --of its own confidential and proprietary information when dealing with CIRRUS --LOGIC Proprietary Information, and in any event no less than reasonable care and --diligence. --c. Information will not be considered Proprietary Information if (i) it becomes --public knowledge other than through any act or omission constituting a breach of --the Licensee’s obligations under this Agreement; (ii) the Licensee can prove it --was already in the Licensee’s possession and at its free disposal before the --disclosure hereunder; and (iii) it was received in good faith from a third party --having no obligation of confidentiality and which is free to disclose such --Confidential Information -- --6. NO WARRANTIES OR LIABILITIES -- --LICENSEE EXPRESSLY ACKNOWLEDGES AND AGREES THAT THE SOFTWARE IS PROVIDED BY --CIRRUS LOGIC “AS IS” WITHOUT ANY WARRANTIES WHATSOEVER AND THAT THE --INSTALLATION, OPERATION AND USE OF THE SOFTWARE IS AT LICENSEE’S OWN RISK. --CIRRUS LOGIC MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AND EXPRESSLY --DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR --PURPOSE, GOOD TITLE, NON-INFRINGEMENT, SATISFACTORY QUALITY OR PERFORMANCE OR --WHICH MAY ARISE FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. CIRRUS LOGIC --PROVIDES NO WARRANTY THAT THE SOFTWARE IS FREE FROM DEFECTS OR CHARACTERISTICS --THAT COULD CAUSE VULNERABILITY TO CYBER-ATTACK, DATA BREACH OR PRIVACY --VIOLATIONS. CIRRUS LOGIC SHALL IN NO EVENT BE LIABLE TO LICENSEE OR ANYONE ELSE --FOR ANY LOSS, INJURY OR DAMAGE CAUSED IN WHOLE OR PART BY THE INSTALLATION, --OPERATION OR USE OF THE SOFTWARE, LICENSEE’S INCORRECT USE OF THE SOFTWARE --INCLUDING ANY FAILURE TO PROPERLY INSTALL ANY UPDATES TO THE SOFTWARE OR OTHER --SOFTWARE WITH WHICH THE SOFTWARE OPERATES OR WHICH IT UPDATES, OR IS INTENDED TO --OPERATE WITH OR UPDATE, OR THE RESULTS PRODUCED BY, OR FAILURES, DELAYS, OR --INTERRUPTIONS OF THE SOFTWARE. WITHOUT LIMITING THE FOREGOING GENERALITY, --CIRRUS LOGIC SHALL IN NO EVENT BE LIABLE WITH RESPECT TO ANY INTELLECTUAL --PROPERTY INFRINGEMENT CLAIMS WHICH ARISE FROM, OR IN ANY WAY RELATE TO, USE OF --THE SOFTWARE, INCLUDING, WITHOUT LIMITATION, ANY CLAIMS RELATING TO HAPTICS ON A --COMPONENT OR SYSTEM LEVEL. CIRRUS LOGIC AND ITS LICENSORS SHALL IN NO EVENT BE --LIABLE TO LICENSEE OR ANYONE ELSE FOR ANY DIRECT, CONSEQUENTIAL, INCIDENTAL OR --SPECIAL DAMAGES, INCLUDING BUT NOT LIMITED TO ANY LOST PROFITS ARISING OUT OF OR --RELATING TO THE INSTALLATION, OPERATION OR USE OF THE SOFTWARE. BECAUSE SOME --JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF CERTAIN WARRANTIES OR --TYPES OF CLAIM OR LOSS THEN IN SUCH INSTANCES THE ABOVE EXCLUSIONS SHALL BE --INTERPRETED TO APPLY TO THE EXTENT PERMITTED BY LOCAL LAW. SUBJECT TO THE --FOREGOING, THE TOTAL LIABILITY OF CIRRUS LOGIC AND ITS LICENSORS TO LICENSEE --UNDER THIS AGREEMENT, AND/OR ARISING FROM, OR IN CONNECTION WITH, THE USE OF (OR --INABILITY TO USE) THE SOFTWARE, WHETHER ARISING IN CONTRACT, TORT (INCLUDING --NEGLIGENCE), QUASI TORT, OR OTHERWISE SHALL NOT EXCEED THE LICENSE FEES (IF ANY) --PAID BY LICENSEE FOR THE SOFTWARE THAT GAVE RISE TO THE CLAIM, OR TEN THOUSAND --U.S. DOLLARS (U.S. $10,000), WHICHEVER IS GREATER. -- --7. EXPORT AND END USE RESTRICTIONS -- --Licensee acknowledges that the Software is subject to United States and other --applicable export related laws and regulations (“Export Laws”). Licensee --agrees that it may not export, re-export or transfer the Software or any direct --product of the Software other than in accordance with those Export Laws. --Licensee further agrees to be bound by, and to act in accordance with, --provisions of the CIRRUS LOGIC Terms and Conditions of Sale available at --www.cirrus.com/legal (as updated from time to time), including insofar as they --relate to export/end use restrictions. -- --8. GENERAL PROVISIONS -- --This Agreement is not assignable or sub-licensable by Licensee without the prior --written consent of CIRRUS LOGIC. CIRRUS LOGIC may sub-license or assign any or --all of its rights and obligations under this Agreement without Licensee’s --consent. The waiver by either party of a breach of this Agreement shall not --constitute a waiver of any subsequent breach of this Agreement; nor shall any --delay to exercise any right under this Agreement operate as a waiver of such --right. This Agreement shall be deemed to have been made in, and shall be --construed pursuant to the laws of, the State of Texas without regard to --conflicts of laws provisions thereof. Both parties hereby consent to the --exclusive jurisdiction of the State of Texas and the locale of Austin therein. --The prevailing party in any action to enforce this Agreement shall be entitled --to recover costs and expenses including, without limitation, attorneys' fees. --The parties agree that CIRRUS LOGIC and its licensors shall be entitled to --equitable relief in addition to any remedies it may have hereunder or at law. -- --9. ENTIRE AGREEMENT -- --This Agreement and any terms referenced or incorporated herein, constitutes the --entire agreement between Licensee and CIRRUS LOGIC with respect to the Software --provided pursuant to this Agreement and supersedes any other agreement between --Licensee and CIRRUS LOGIC with respect thereto (including terms presented and/or --accepted as part of an installation process), but does not otherwise replace, --modify or cancel any other written agreement between Licensee and CIRRUS LOGIC. --If there is any inconsistency between these terms and those presented as part of --the process to install the Software, these terms will prevail. -diff --git a/WHENCE b/WHENCE -index e6309eb..116d04d 100644 ---- a/WHENCE -+++ b/WHENCE -@@ -17,43 +17,6 @@ Licence: Redistributable. See LICENCE.cypress for details. - - -------------------------------------------------------------------------- - --Driver: snd-korg1212 -- Korg 1212 IO audio device -- --File: korg/k1212.dsp -- --Licence: Unknown -- --Found in alsa-firmware package in hex form; no licensing information. -- ---------------------------------------------------------------------------- -- --Driver: snd-maestro3 -- ESS Allegro Maestro3 audio device -- --File: ess/maestro3_assp_kernel.fw --File: ess/maestro3_assp_minisrc.fw -- --Licence: Unknown -- --Found in alsa-firmware package in hex form with a comment claiming to --be GPLv2+, but without source -- and with another comment saying "ESS --drops binary dsp code images on our heads, but we don't get to see --specs on the dsp." -- ---------------------------------------------------------------------------- -- --Driver: snd-ymfpci -- Yamaha YMF724/740/744/754 audio devices -- --File: yamaha/ds1_ctrl.fw --File: yamaha/ds1_dsp.fw --File: yamaha/ds1e_ctrl.fw -- --Licence: Unknown -- --Found alsa-firmware package in hex form, with the following comment: -- Copyright (c) 1997-1999 Yamaha Corporation. All Rights Reserved. -- ---------------------------------------------------------------------------- -- - Driver: advansys - AdvanSys SCSI - - File: advansys/mcode.bin -@@ -360,24 +323,6 @@ http://www.zdomain.com/a56.html - - -------------------------------------------------------------------------- - --Driver: snd-sb16-csp - Sound Blaster 16/AWE CSP support -- --File: sb16/mulaw_main.csp --File: sb16/alaw_main.csp --File: sb16/ima_adpcm_init.csp --File: sb16/ima_adpcm_playback.csp --File: sb16/ima_adpcm_capture.csp -- --Licence: Allegedly GPLv2+, but no source visible. Marked: --/* -- * Copyright (c) 1994 Creative Technology Ltd. -- * Microcode files for SB16 Advanced Signal Processor -- */ -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: qla2xxx - QLogic QLA2XXX Fibre Channel - - File: ql2100_fw.bin -@@ -1383,17 +1328,6 @@ ARM assembly source code from https://linuxtv.org/downloads/firmware/Boot.S - - -------------------------------------------------------------------------- - --Driver: snd-wavefront - ISA WaveFront sound card -- --File: yamaha/yss225_registers.bin -- --Licence: Allegedly GPLv2+, but no source visible. -- --Found in hex form in kernel source, with the following comment: -- Copyright (c) 1998-2002 by Paul Davis -- ---------------------------------------------------------------------------- -- - Driver: rt61pci - Ralink RT2561, RT2561S, RT2661 wireless MACs - - File: rt2561.bin -@@ -3605,17 +3539,6 @@ Licence: GPLv2. Some build scripts use the New BSD (3-clause) licence.. See GPL- - - -------------------------------------------------------------------------- - --Driver: snd-hda-codec-ca0132 - Creative Sound Core3D codec -- --File: ctefx.bin --File: ctspeq.bin -- --Licence: Redistributable. See LICENCE.ca0132 for details -- --Found also in alsa-firmware package. -- ---------------------------------------------------------------------------- -- - Driver: btusb - Bluetooth USB driver - - File: intel/ibt-hw-37.7.bseq -@@ -4044,14 +3967,6 @@ Licence: Redistributable. See LICENCE.r8a779x_usb3 for details. - - -------------------------------------------------------------------------- - --Driver: snd_soc_sst_acpi -- --File: intel/fw_sst_0f28.bin-48kHz_i2s_master -- --License: Redistributable. See LICENCE.fw_sst_0f28 for details -- ---------------------------------------------------------------------------- -- - Driver: as102 - Abilis Systems Single DVB-T Receiver - - File: as102_data1_st.hex -@@ -4070,104 +3985,6 @@ Licence: Redistributable. See LICENCE.it913x for details - - -------------------------------------------------------------------------- - --Driver: snd_soc_catpt -- Intel AudioDSP driver for HSW/BDW platforms -- --File: intel/catpt/bdw/dsp_basefw.bin --Version: 44b81c4d5397a63108356f58f036953d9b288c4e --Link: intel/IntcSST2.bin -> catpt/bdw/dsp_basefw.bin -- --License: Redistributable. See LICENCE.IntcSST2 for details -- ---------------------------------------------------------------------------- -- --Driver: snd_soc_avs -- Intel AudioDSP driver for cAVS platforms -- --File: intel/avs/skl/dsp_basefw.bin --File: intel/avs/skl/dsp_mod_7CAD0808-AB10-CD23-EF45-12AB34CD56EF.bin --Version: 9.21.00.4899 --Link: intel/dsp_fw_release.bin -> avs/skl/dsp_basefw.bin --Link: intel/dsp_fw_kbl.bin -> avs/skl/dsp_basefw.bin --File: intel/avs/apl/dsp_basefw.bin --Version: 9.22.01.4908 --Link: intel/dsp_fw_bxtn.bin -> avs/apl/dsp_basefw.bin --Link: intel/dsp_fw_glk.bin -> avs/apl/dsp_basefw.bin --File: intel/avs/cnl/dsp_basefw.bin --Version: 10.23.00.8551 --Link: intel/dsp_fw_cnl.bin -> avs/cnl/dsp_basefw.bin -- --License: Redistributable. See LICENCE.adsp_sst for details -- ---------------------------------------------------------------------------- -- --Driver: snd_intel_sst_core -- --File: intel/fw_sst_0f28.bin --File: intel/fw_sst_0f28_ssp0.bin -- --License: Redistributable. See LICENCE.fw_sst_0f28 for details -- ---------------------------------------------------------------------------- -- --Driver: snd_intel_sst_core -- --File: intel/fw_sst_22a8.bin --Version: 01.0B.02.02 -- --License: Redistributable. See LICENCE.fw_sst_0f28 for details -- ---------------------------------------------------------------------------- -- --Driver: snd-soc-skl -- --File: intel/dsp_fw_release_v969.bin --Version: 8.20.00.969 --File: intel/dsp_fw_release_v3402.bin --Version: 9.21.00.3402_161 -- --License: Redistributable. See LICENCE.adsp_sst for details -- --File: intel/dsp_fw_bxtn_v2219.bin --Version: 9.22.01.2219_64 --File: intel/dsp_fw_bxtn_v3366.bin --Version: 9.22.01.3366_157 -- --License: Redistributable. See LICENCE.adsp_sst for details -- --File: intel/dsp_fw_kbl_v701.bin --Version: 9.21.00.701 --File: intel/dsp_fw_kbl_v1037.bin --Version: 09.21.00.1037 --File: intel/dsp_fw_kbl_v2042.bin --Version: 9.21.00.2042_46 --File: intel/dsp_fw_kbl_v2630.bin --Version: 9.21.00.2630_97 --File: intel/dsp_fw_kbl_v3266.bin --Version: 9.21.00.3266_144 --File: intel/dsp_fw_kbl_v3420.bin --Version: 9.21.00.3420_163 --File: intel/dsp_fw_kbl_v3402.bin --Version: 9.21.00.3402_161 -- --License: Redistributable. See LICENCE.adsp_sst for details -- --File: intel/dsp_fw_glk_v1814.bin --Version: 9.92.01.1814 --File: intel/dsp_fw_glk_v2880.bin --Version: 9.22.00.2880 --File: intel/dsp_fw_glk_v2768.bin --Version: 9.22.01.2768 --File: intel/dsp_fw_glk_v3366.bin --Version: 9.22.01.3366_157 -- --File: intel/dsp_fw_cnl_v1191.bin --Version: 10.00.00.1191 --File: intel/dsp_fw_cnl_v1858.bin --Version: 10.23.00.1858 -- --License: Redistributable. See LICENCE.adsp_sst for details -- ---------------------------------------------------------------------------- -- - Driver: smsmdtv - Siano MDTV Core module - - File: cmmb_vega_12mhz.inp -@@ -5935,368 +5752,6 @@ Licence: Redistributable. See LICENSE.amphion_vpu for details - - --------------------------------------------------------------------------- - --Driver: cs35l41_hda - CS35l41 ALSA HDA audio driver -- --File: cirrus/cs35l41-dsp1-spk-prot.wmfw --File: cirrus/cs35l41-dsp1-spk-prot.bin --File: cirrus/cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8971.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8971.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8972.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8972.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8973.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8973.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8974.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8974.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8975.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8975.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c896e.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c896e.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c89c3.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c89c3.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8981.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8981.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c898e.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c898e.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c898f.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c898f.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8991.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8991.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8992.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8992.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8994.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8994.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8995.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8995.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c89c6.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c89c6.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --File: cirrus/cs35l41-dsp1-spk-prot-103c8971.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8971.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8972.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8972.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8973.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8973.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8974.bin -> cs35l41-dsp1-spk-prot-103c8972.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8974.bin -> cs35l41-dsp1-spk-cali-103c8972.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8975-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8975-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8975-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8975-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c896e-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c896e-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c896e-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c896e-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c898e.bin -> cs35l41-dsp1-spk-prot-103c8971.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c898e.bin -> cs35l41-dsp1-spk-cali-103c8971.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c898f.bin -> cs35l41-dsp1-spk-prot-103c8971.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c898f.bin -> cs35l41-dsp1-spk-cali-103c8971.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8991.bin -> cs35l41-dsp1-spk-prot-103c8972.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8991.bin -> cs35l41-dsp1-spk-cali-103c8972.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8992.bin -> cs35l41-dsp1-spk-prot-103c8972.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8992.bin -> cs35l41-dsp1-spk-cali-103c8972.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8994.bin -> cs35l41-dsp1-spk-prot-103c8973.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8994.bin -> cs35l41-dsp1-spk-cali-103c8973.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8995.bin -> cs35l41-dsp1-spk-prot-103c8973.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8995.bin -> cs35l41-dsp1-spk-cali-103c8973.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c89c6-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c89c6-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c89c6-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c89c6-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c89c3-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c89c3-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c89c3-r1.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c89c3-r1.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c89c3-l0.bin -> cs35l41-dsp1-spk-prot-103c89c3-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c89c3-l0.bin -> cs35l41-dsp1-spk-cali-103c89c3-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c89c3-l1.bin -> cs35l41-dsp1-spk-prot-103c89c3-r1.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c89c3-l1.bin -> cs35l41-dsp1-spk-cali-103c89c3-r1.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8981-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8981-r1.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8981-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8981-l1.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8981-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8981-r1.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8981-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8981-l1.bin --File: cirrus/cs35l41/v6.39.0/halo_cspl_RAM_revB2_29.41.0.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-17aa3847.wmfw -> cs35l41/v6.39.0/halo_cspl_RAM_revB2_29.41.0.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-17aa3847.wmfw -> cs35l41/v6.39.0/halo_cspl_RAM_revB2_29.41.0.wmfw --File: cirrus/cs35l41-dsp1-spk-prot-17aa3847-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa3847-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa3847-spkid0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa3847-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa3847-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa3847-spkid1.bin --File: cirrus/cs35l41/v6.47.0/halo_cspl_RAM_revB2_29.49.0.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-17aa3855.wmfw -> cs35l41/v6.47.0/halo_cspl_RAM_revB2_29.49.0.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-17aa3855.wmfw -> cs35l41/v6.47.0/halo_cspl_RAM_revB2_29.49.0.wmfw --File: cirrus/cs35l41-dsp1-spk-prot-17aa3855-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa3855-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa3855-spkid0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa3855-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa3855-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa3855-spkid1.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa22f1.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-17aa22f1.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-17aa22f2.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-17aa22f2.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-17aa22f3.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-17aa22f3.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --File: cirrus/cs35l41-dsp1-spk-prot-17aa22f1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa22f1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa22f1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa22f1-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa22f2-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa22f2-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa22f2-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa22f2-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa22f3-l0.bin -> cs35l41-dsp1-spk-prot-17aa22f2-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa22f3-r0.bin -> cs35l41-dsp1-spk-prot-17aa22f2-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa22f3-l0.bin -> cs35l41-dsp1-spk-cali-17aa22f2-l0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa22f3-r0.bin -> cs35l41-dsp1-spk-cali-17aa22f2-r0.bin --File: cirrus/cs35l41/v6.63.0/halo_cspl_RAM_revB2_29.65.0.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-104312af.wmfw -> cs35l41/v6.63.0/halo_cspl_RAM_revB2_29.65.0.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-104312af.wmfw -> cs35l41/v6.63.0/halo_cspl_RAM_revB2_29.65.0.wmfw --File: cirrus/cs35l41-dsp1-spk-prot-104312af-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-104312af-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-104312af-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-104312af-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-104312af-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-104312af-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-104312af-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-104312af-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10431a8f.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-10431a8f.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --File: cirrus/cs35l41-dsp1-spk-prot-10431a8f-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431a8f-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431a8f-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431a8f-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431a8f-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431a8f-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431a8f-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431a8f-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10431e02.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-10431e02.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --File: cirrus/cs35l41-dsp1-spk-prot-10431e02-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431e02-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431e02-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431e02-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431e02-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431e02-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431e02-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431e02-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10431f12.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-10431f12.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --File: cirrus/cs35l41-dsp1-spk-cali-10431f12-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431f12-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431f12-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431f12-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431f12-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431f12-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431f12-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431f12-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10431e12.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-10431e12.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --File: cirrus/cs35l41-dsp1-spk-cali-10431e12-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431e12-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431e12-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431e12-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431e12-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431e12-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431e12-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431e12-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10431b93.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-10431b93.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-10431a20.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-10431a20.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-10431a30.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-10431a30.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-10431a40.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-10431a40.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-10431a50.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-10431a50.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-10431a60.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-10431a60.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --File: cirrus/cs35l41-dsp1-spk-prot-10431b93-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431b93-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431b93-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10431b93-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431b93-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431b93-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431b93-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10431b93-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10433a20-spkid0-l0.bin -> cs35l41-dsp1-spk-prot-10431b93-spkid0-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10433a20-spkid0-r0.bin -> cs35l41-dsp1-spk-prot-10431b93-spkid0-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10433a20-spkid1-l0.bin -> cs35l41-dsp1-spk-prot-10431b93-spkid1-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10433a20-spkid1-r0.bin -> cs35l41-dsp1-spk-prot-10431b93-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-10433a20-spkid0-l0.bin -> cs35l41-dsp1-spk-cali-10431b93-spkid0-l0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-10433a20-spkid0-r0.bin -> cs35l41-dsp1-spk-cali-10431b93-spkid0-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-10433a20-spkid1-l0.bin -> cs35l41-dsp1-spk-cali-10431b93-spkid1-l0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-10433a20-spkid1-r0.bin -> cs35l41-dsp1-spk-cali-10431b93-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a30-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a30-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a30-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a30-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a30-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a30-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a30-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a30-spkid0-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10433a40-spkid0-l0.bin -> cs35l41-dsp1-spk-prot-10433a30-spkid0-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10433a40-spkid0-r0.bin -> cs35l41-dsp1-spk-prot-10433a30-spkid0-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10433a40-spkid1-l0.bin -> cs35l41-dsp1-spk-prot-10433a30-spkid1-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-10433a40-spkid1-r0.bin -> cs35l41-dsp1-spk-prot-10433a30-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-10433a40-spkid0-l0.bin -> cs35l41-dsp1-spk-cali-10433a30-spkid0-l0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-10433a40-spkid0-r0.bin -> cs35l41-dsp1-spk-cali-10433a30-spkid0-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-10433a40-spkid1-l0.bin -> cs35l41-dsp1-spk-cali-10433a30-spkid1-l0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-10433a40-spkid1-r0.bin -> cs35l41-dsp1-spk-cali-10433a30-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a50-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a50-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a50-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a50-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a50-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a50-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a50-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a50-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a60-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a60-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a60-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a60-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a60-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a60-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-10433a60-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-10433a60-spkid0-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2316.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2316.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2317.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2317.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --File: cirrus/cs35l41-dsp1-spk-prot-17aa2316-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa2316-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa2316-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-17aa2316-spkid1-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa2316-spkid0-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa2316-spkid0-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa2316-spkid1-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-17aa2316-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2317-spkid0-l0.bin -> cs35l41-dsp1-spk-prot-17aa2316-spkid0-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2317-spkid0-r0.bin -> cs35l41-dsp1-spk-prot-17aa2316-spkid0-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2317-spkid1-l0.bin -> cs35l41-dsp1-spk-prot-17aa2316-spkid1-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2317-spkid1-r0.bin -> cs35l41-dsp1-spk-prot-17aa2316-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2317-spkid0-l0.bin -> cs35l41-dsp1-spk-cali-17aa2316-spkid0-l0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2317-spkid0-r0.bin -> cs35l41-dsp1-spk-cali-17aa2316-spkid0-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2317-spkid1-l0.bin -> cs35l41-dsp1-spk-cali-17aa2316-spkid1-l0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2317-spkid1-r0.bin -> cs35l41-dsp1-spk-cali-17aa2316-spkid1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2318.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2318.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2319.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2319.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-17aa231a.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-17aa231a.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2318-l0.bin -> cs35l41-dsp1-spk-prot-17aa22f1-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2318-r0.bin -> cs35l41-dsp1-spk-prot-17aa22f1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2318-l0.bin -> cs35l41-dsp1-spk-cali-17aa22f1-l0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2318-r0.bin -> cs35l41-dsp1-spk-cali-17aa22f1-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2319-l0.bin -> cs35l41-dsp1-spk-prot-17aa22f2-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa2319-r0.bin -> cs35l41-dsp1-spk-prot-17aa22f2-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2319-l0.bin -> cs35l41-dsp1-spk-cali-17aa22f2-l0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa2319-r0.bin -> cs35l41-dsp1-spk-cali-17aa22f2-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa231a-l0.bin -> cs35l41-dsp1-spk-prot-17aa22f2-l0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-17aa231a-r0.bin -> cs35l41-dsp1-spk-prot-17aa22f2-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa231a-l0.bin -> cs35l41-dsp1-spk-cali-17aa22f2-l0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-17aa231a-r0.bin -> cs35l41-dsp1-spk-cali-17aa22f2-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8c26.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8c26.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b42.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b42.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b43.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b43.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b44.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b44.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b45.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b45.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b46.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b46.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b47.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b47.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b63.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b63.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b70.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b70.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b72.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b72.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b74.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b74.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b77.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b77.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b8f.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b92.wmfw -> cs35l41/v6.61.1/halo_cspl_RAM_revB2_29.63.1.wmfw --File: cirrus/cs35l41-dsp1-spk-prot-103c8b42.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b42.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b43.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b43.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b44.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b44.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b45.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b45.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b46.bin -> cs35l41-dsp1-spk-prot-103c8b45.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b46.bin -> cs35l41-dsp1-spk-cali-103c8b45.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b47.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b47.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b63-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b63-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b63-r1.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b63-r1.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b63-l0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b63-l0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b63-l1.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b63-l1.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b70.bin -> cs35l41-dsp1-spk-prot-103c8b42.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b70.bin -> cs35l41-dsp1-spk-cali-103c8b42.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b72.bin -> cs35l41-dsp1-spk-prot-103c8b45.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b72.bin -> cs35l41-dsp1-spk-cali-103c8b45.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b74.bin -> cs35l41-dsp1-spk-prot-103c8b47.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b74.bin -> cs35l41-dsp1-spk-cali-103c8b47.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b77.bin -> cs35l41-dsp1-spk-prot-103c8b45.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b77.bin -> cs35l41-dsp1-spk-cali-103c8b45.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b8f-r0.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b8f-r1.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b8f-r0.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b8f-r1.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b8f-l0.bin -> cs35l41-dsp1-spk-prot-103c8b8f-r0.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8b8f-l1.bin -> cs35l41-dsp1-spk-prot-103c8b8f-r1.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b8f-l0.bin -> cs35l41-dsp1-spk-cali-103c8b8f-r0.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8b8f-l1.bin -> cs35l41-dsp1-spk-cali-103c8b8f-r1.bin --File: cirrus/cs35l41-dsp1-spk-prot-103c8b92.bin --File: cirrus/cs35l41-dsp1-spk-cali-103c8b92.bin --Link: cirrus/cs35l41-dsp1-spk-prot-103c8c26.bin -> cs35l41-dsp1-spk-prot-103c8b45.bin --Link: cirrus/cs35l41-dsp1-spk-cali-103c8c26.bin -> cs35l41-dsp1-spk-cali-103c8b45.bin -- --License: Redistributable. See LICENSE.cirrus for details. -- --Use of Cirrus Logic drivers, firmware and other materials is permitted --only in connection with Cirrus Logic hardware products. -- --Copyright © 2022 Cirrus Logic, Inc. and Cirrus Logic International --Semiconductor Ltd. All Rights Reserved. -- ----------------------------------------------------------------------------- -- --Driver: mtk-sof - MediaTek Sound Open Firmware driver -- --File: mediatek/sof/sof-mt8186.ri --File: mediatek/sof/sof-mt8186.ldc --File: mediatek/sof-tplg/sof-mt8186.tplg --Version: v0.2.1 -- --File: mediatek/sof/sof-mt8195.ri --File: mediatek/sof/sof-mt8195.ldc --File: mediatek/sof-tplg/sof-mt8195-mt6359-rt1019-rt5682.tplg --File: mediatek/sof-tplg/sof-mt8195-mt6359-rt1019-rt5682-dts.tplg --Version: v0.4.1 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- - Driver: nxp-sr1xx - NXP Ultra Wide Band driver - File: nxp/sr150_fw.bin - Version: 35.00.03 --- -2.40.1 - diff --git a/packages/linux-firmware/0002-linux-firmware-video-Remove-firmware-for-video-broad.patch b/packages/linux-firmware/0002-linux-firmware-video-Remove-firmware-for-video-broad.patch deleted file mode 100644 index ad4b0ea6a6b..00000000000 --- a/packages/linux-firmware/0002-linux-firmware-video-Remove-firmware-for-video-broad.patch +++ /dev/null @@ -1,1630 +0,0 @@ -From 80d430aa70fec3a2d0fdbe59f3a102c8aeaa564a Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Tue, 25 Jul 2023 09:43:12 +0000 -Subject: [PATCH] linux-firmware: video: Remove firmware for video/broadcast - devices - -Bottlerocket does not configure any special video encoding/decoding -hardware, DVB/DAB tuner, TV cards, and V4L2 hardware. We do not need -to ship firmware for devices we do not ship drivers for. The following -list maps the drivers as named in WHENCE to kernel config options to -easily check if we need to ship additional firmware in the future. - -* cpia2 - CONFIG_VIDEO_CPIA2 -* dabusb - CONFIG_USB_DABUSB (not available since 2.6.39) -* vicam - CONFIG_USB_GSPCA_VICAM -* ipu3-imgu - CONFIG_VIDEO_IPU3_IMGU -* cx231xx - CONFIG_VIDEO_CX231XX -* cx23418 - CONFIG_VIDEO_CX18 -* cx23885 - CONFIG_VIDEO_CX23885 -* cx25840 - CONFIG_VIDEO_CX25840 -* mtk-vpu - CONFIG_VIDEO_MEDIATEK_VPU -* ti-vpe - CONFIG_VIDEO_TI_VPE -* tlg2300 - CONFIG_VIDEO_TLG2300 -* s5p-mfc - CONFIG_VIDEO_SAMSUNG_S5P_MFC -* go7007 - CONFIG_VIDEO_GO7007 -* venus - CONFIG_VIDEO_QCOM_VENUS -* meson-vdec - CONFIG_VIDEO_MESON_VDEC -* wave5 - CONFIG_VIDEO_WAVE_VPU (driver not yet included upstream) -* amphion - CONFIG_VIDEO_AMPHION_VPU -* dvb-ttusb-budget - CONFIG_DVB_TTUSB_BUDGET -* dvb-ttpci - CONFIG_DVB_AV7110 -* xc4000 - CONFIG_MEDIA_TUNER_XC4000 -* xc5000 - CONFIG_MEDIA_TUNER_XC5000 -* dib0700 - CONFIG_DVB_USB_DIB0700 -* lsg8gxx - CONFIG_DVB_LGS8GXX -* drxk - CONFIG_DVB_DRXK -* as102 - CONFIG_DVB_AS102 -* it9135 - CONFIG_MEDIA_TUNER_IT913X -* smsmdtv - CONFIG_SMS_SIANO_MDTV -* tegra-vix - CONFIG_DRM_TEGRA -* rk3399-dptx - CONFIG_ROCKCHIP_CDN_DP -* cdns-mhdp - CONFIG_DRM_CDNS_MHDP8546 -* lt9611uxc - CONFIG_DRM_LONTIUM_LT9611UXC - -Signed-off-by: Leonard Foerster ---- - LICENCE.Abilis | 22 -- - LICENCE.cadence | 63 ------ - LICENCE.cnm | 23 --- - LICENCE.go7007 | 457 ------------------------------------------ - LICENCE.it913x | 17 -- - LICENCE.rockchip | 41 ---- - LICENCE.siano | 31 --- - LICENCE.ti-tspa | 46 ----- - LICENCE.xc4000 | 23 --- - LICENCE.xc5000 | 23 --- - LICENCE.xc5000c | 23 --- - LICENSE.Lontium | 2 - - LICENSE.amlogic_vdec | 15 -- - LICENSE.amphion_vpu | 48 ----- - LICENSE.dib0700 | 22 -- - LICENSE.ipu3_firmware | 36 ---- - WHENCE | 400 ------------------------------------ - 17 files changed, 1292 deletions(-) - delete mode 100644 LICENCE.Abilis - delete mode 100644 LICENCE.cadence - delete mode 100644 LICENCE.cnm - delete mode 100644 LICENCE.go7007 - delete mode 100644 LICENCE.it913x - delete mode 100644 LICENCE.rockchip - delete mode 100644 LICENCE.siano - delete mode 100644 LICENCE.ti-tspa - delete mode 100644 LICENCE.xc4000 - delete mode 100644 LICENCE.xc5000 - delete mode 100644 LICENCE.xc5000c - delete mode 100644 LICENSE.Lontium - delete mode 100644 LICENSE.amlogic_vdec - delete mode 100644 LICENSE.amphion_vpu - delete mode 100644 LICENSE.dib0700 - delete mode 100644 LICENSE.ipu3_firmware - -diff --git a/LICENCE.Abilis b/LICENCE.Abilis -deleted file mode 100644 -index 9050d2b..0000000 ---- a/LICENCE.Abilis -+++ /dev/null -@@ -1,22 +0,0 @@ --Firmware provided by Pierrick Hascoet to Devin --Heitmueller on January 15, 2010. -- --The USB firmware files "dvb-as102_data1_st.hex" and "as102_data2_st.hex" for --Abilis's AS10X, used together with the AS10X USB Kernel driver, is provided --under the following licensing terms: -- --Copyright (c) 2010, Abilis Systems Sarl -- --Permission to use, copy, modify, and/or distribute this software for --any purpose with or without fee is hereby granted, provided that the --above copyright notice and this permission notice appear in all --copies. -- --THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL --WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED --WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE --AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL --DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR --PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER --TORTUOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --PERFORMANCE OF THIS SOFTWARE. -diff --git a/LICENCE.cadence b/LICENCE.cadence -deleted file mode 100644 -index b3564c2..0000000 ---- a/LICENCE.cadence -+++ /dev/null -@@ -1,63 +0,0 @@ --Copyright (c) 2018, Cadence Design Systems, Inc. --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. -- --* Neither the name of Cadence Design Systems, Inc., its products -- nor the names of its suppliers may be used to endorse or promote products -- derived from this Software without specific prior written permission. -- --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -- --This software contains: -- --HDCP Cipher is licensed under the FreeBSD license. A copy of the FreeBSD --license can be found at --https://www.freebsd.org/copyright/freebsd-license.html. --The source code for HDCP Cipher can is available here: --http://www3.cs.stonybrook.edu/~rob/hdcp.html -- --SSL Library is licensed under the Apache License, Version 2.0. --A copy of the Apache License, Version 2.0 can be found at --http://www.apache.org/licenses/LICENSE-2.0. --The original source code for SSL Library can is available here: --https://tls.mbed.org/download -- --Fast discrete Fourier and cosine transforms and inverses --author: Monty --modifications by: Monty --last modification date: Jul 1 1996 -- --/* These Fourier routines were originally based on the Fourier --routines of the same names from the NETLIB bihar and fftpack --fortran libraries developed by Paul N. Swarztrauber at the National --Center for Atmospheric Research in Boulder, CO USA. They have been --reimplemented in C and optimized in a few ways for OggSquish. */ -- --/* As the original fortran libraries are public domain, the C Fourier --routines in this file are hereby released to the public domain as --well. The C routines here produce output exactly equivalent to the --original fortran routines. Of particular interest are the facts --that (like the original fortran), these routines can work on --arbitrary length vectors that need not be powers of two in --length. */ -diff --git a/LICENCE.cnm b/LICENCE.cnm -deleted file mode 100644 -index 48d23ea..0000000 ---- a/LICENCE.cnm -+++ /dev/null -@@ -1,23 +0,0 @@ --Copyright (C) 2021 Chips&Media, Inc. --All rights reserved. -- --Redistribution and use in binary form is permitted provided that the following --conditions are met: -- --1. Redistributions must reproduce the above copyright notice, this list of --conditions and the following disclaimer in the documentation and/or other --materials provided with the distribution. -- --2. Redistribution and use shall be used only with Texas Instruments Incorporateds --silicon products. Any other use, reproduction, modification, translation, --or compilation of the Software is prohibited. -- --3. No reverse engineering, decompilation, or disassembly is permitted. -- --TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THIS SOFTWARE IS PROVIDED --"AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING, WITHOUT LIMITATION, ANY EXPRESS --OR IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS OR SUFFICIENCY FOR A --PARTICULAR PURPOSE, SATISFACTORY QUALITY, CORRESPONDENCE WITH DESCRIPTION, QUIET --ENJOYMENT OR NON-INFRINGEMENT OF THIRD PARTY INTELLECTUAL PROPERTY RIGHTS. --CHIPS&MEDIA, INC., ITS AFFILIATES AND THEIR SUPPLIERS DISCLAIM ANY WARRANTY THAT THE --DELIVERABLES WILL OPERATE WITHOUT INTERRUPTION OR BE ERROR-FREE. -diff --git a/LICENCE.go7007 b/LICENCE.go7007 -deleted file mode 100644 -index 3689f3b..0000000 ---- a/LICENCE.go7007 -+++ /dev/null -@@ -1,457 +0,0 @@ --The README file from the original package from Micronas appears below. Only --the part about the firmware redistribution in section 0 is relevant, all --other sections are completely obsolete. -- ----------------------------------------------------------------------------- -- WIS GO7007SB Public Linux Driver ----------------------------------------------------------------------------- -- -- --*** Please see the file RELEASE-NOTES for important last-minute updates *** -- -- -- 0. OVERVIEW AND LICENSING/DISCLAIMER -- -- --This driver kit contains Linux drivers for the WIS GO7007SB multi-format --video encoder. Only kernel version 2.6.x is supported. The video stream --is available through the Video4Linux2 API and the audio stream is available --through the ALSA API (or the OSS emulation layer of the ALSA system). -- --The files in kernel/ and hotplug/ are licensed under the GNU General Public --License Version 2 from the Free Software Foundation. A copy of the license --is included in the file COPYING. -- --The example applications in apps/ and C header files in include/ are --licensed under a permissive license included in the source files which --allows copying, modification and redistribution for any purpose without --attribution. -- --The firmware files included in the firmware/ directory may be freely --redistributed only in conjunction with this document; but modification, --tampering and reverse engineering are prohibited. -- --MICRONAS USA, INC., MAKES NO WARRANTIES TO ANY PERSON OR ENTITY WITH --RESPECT TO THE SOFTWARE OR ANY DERIVATIVES THEREOF OR ANY SERVICES OR --LICENSES AND DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION --WARRANTIES OF MERCHANTABILITY, SUPPORT, AND FITNESS FOR A PARTICULAR --PURPOSE AND NON-INFRINGEMENT. -- -- -- 1. SYSTEM REQUIREMENTS -- -- --This driver requires Linux kernel 2.6. Kernel 2.4 is not supported. Using --kernel 2.6.10 or later is recommended, as earlier kernels are known to have --unstable USB 2.0 support. -- --A fully built kernel source tree must be available. Typically this will be --linked from "/lib/modules//build" for convenience. If this --link does not exist, an extra parameter will need to be passed to the --`make` command. -- --All vendor-built kernels should already be configured properly. However, --for custom-built kernels, the following options need to be enabled in the --kernel as built-in or modules: -- -- CONFIG_HOTPLUG - Support for hot-pluggable devices -- CONFIG_MODULES - Enable loadable module support -- CONFIG_KMOD - Automatic kernel module loading -- CONFIG_FW_LOADER - Hotplug firmware loading support -- CONFIG_I2C - I2C support -- CONFIG_VIDEO_DEV - Video For Linux -- CONFIG_SOUND - Sound card support -- CONFIG_SND - Advanced Linux Sound Architecture -- CONFIG_USB - Support for Host-side USB -- CONFIG_USB_DEVICEFS - USB device filesystem -- CONFIG_USB_EHCI_HCD - EHCI HCD (USB 2.0) support -- --Additionally, to use the example application, the following options need to --be enabled in the ALSA section: -- -- CONFIG_SND_MIXER_OSS - OSS Mixer API -- CONFIG_SND_PCM_OSS - OSS PCM (digital audio) API -- --The hotplug scripts, along with the fxload utility, must also be installed. --These scripts can be obtained from . --Hotplugging is used for loading firmware into the Cypruss EZ-USB chip using --fxload and for loading firmware into the driver using the firmware agent. -- -- -- 2. COMPILING AND INSTALLING THE DRIVER -- -- --Most users should be able to compile the driver by simply running: -- -- $ make -- --in the top-level directory of the driver kit. First the kernel modules --will be built, followed by the example applications. -- --If the build system is unable to locate the kernel source tree for the --currently-running kernel, or if the module should be built for a kernel --other than the currently-running kernel, an additional parameter will need --to be passed to make to specify the appropriate kernel source directory: -- -- $ make KERNELSRC=/usr/src/linux-2.6.10-custom3 -- --Once the compile completes, the driver and firmware files should be --installed by running: -- -- $ make install -- --The kernel modules will be placed in "/lib/modules//extra" --and the firmware files will be placed in the appropriate hotplug firmware --directory, usually /lib/firmware. In addition, USB maps and scripts will --be placed in /etc/hotplug/usb to enable fxload to initialize the EZ-USB --control chip when the device is connected. -- -- -- 3. PAL/SECAM TUNER CONFIGURATION (TV402U-EU only) -- -- --The PAL model of the Plextor ConvertX TV402U may require additional --configuration to correctly select the appropriate TV frequency band and --audio subchannel. -- --Users with a device other than the Plextor ConvertX TV402U-EU should skip --this section. -- --The wide variety of PAL TV systems used in Europe requires that additional --information about the local TV standards be passed to the driver in order --to properly tune TV channels. The two necessary parameters are (a) the PAL --TV band, and (b) the audio subchannel format in use. -- --In many cases, the appropriate TV band selection is passed to the driver --from applications. However, in some cases, the application only specifies --that the driver should use PAL but not the specific information about the --appropriate TV band. To work around this issue, the correct TV band may be --specified in the "force_band" parameter to the wis-sony-tuner module: -- -- TV band force_band -- ------- ---------- -- PAL B/G B -- PAL I I -- PAL D/K D -- SECAM L L -- --If the "force_band" parameter is specified, the driver will ignore any TV --band specified by applications and will always use the band provided in the --module parameter. -- --The other parameter that can be specified is the audio subchannel format. --There are several stereo audio carrier systems in use, including NICAM and --three varieties of A2. To receive audio broadcast on one of these stereo --carriers, the "force_mpx_mode" parameter must be specified to the --wis-sony-tuner module. -- -- TV band Audio subcarrier force_mpx_mode -- ------- ---------------- -------------- -- PAL B/G Mono (default) 1 -- PAL B/G A2 2 -- PAL B/G NICAM 3 -- PAL I Mono (default) 4 -- PAL I NICAM 5 -- PAL D/K Mono (default) 6 -- PAL D/K A2 (1) 7 -- PAL D/K A2 (2) 8 -- PAL D/K A2 (3) 9 -- PAL D/K NICAM 10 -- SECAM L Mono (default) 11 -- SECAM L NICAM 12 -- --If the "force_mpx_mode" parameter is not specified, the correct mono-only --mode will be chosen based on the TV band. However, the tuner will not --receive stereo audio or bilingual broadcasts correctly. -- --To pass the "force_band" or "force_mpx_mode" parameters to the --wis-sony-tuner module, the following line must be added to the modprobe --configuration file, which varies from one Linux distribution to another. -- -- options wis-sony-tuner force_band=B force_mpx_mode=2 -- --The above example would force the tuner to the PAL B/G TV band and receive --stereo audio broadcasts on the A2 carrier. -- --To verify that the configuration has been placed in the correct location, --execute: -- -- $ modprobe -c | grep wis-sony-tuner -- --If the configuration line appears, then modprobe will pass the parameters --correctly the next time the wis-sony-tuner module is loaded into the --kernel. -- -- -- 4. TESTING THE DRIVER -- -- --Because few Linux applications are able to correctly capture from --Video4Linux2 devices with only compressed formats supported, the new driver --should be tested with the "gorecord" application in the apps/ directory. -- --First connect a video source to the device, such as a DVD player or VCR. --This will be captured to a file for testing the driver. If an input source --is unavailable, a test file can still be captured, but the video will be --black and the audio will be silent. -- --This application will auto-detect the V4L2 and ALSA/OSS device names of the --hardware and will record video and audio to an AVI file for a specified --number of seconds. For example: -- -- $ apps/gorecord -duration 60 capture.avi -- --If this application does not successfully record an AVI file, the error --messages produced by gorecord and recorded in the system log (usually in --/var/log/messages) should provide information to help resolve the problem. -- --Supplying no parameters to gorecord will cause it to probe the available --devices and exit. Use the -help flag for usage information. -- -- -- 5. USING THE DRIVER -- -- --The V4L2 device implemented by the driver provides a standard compressed --format API, within the following criteria: -- -- * Applications that only support the original Video4Linux1 API will not -- be able to communicate with this driver at all. -- -- * No raw video modes are supported, so applications like xawtv that -- expect only uncompressed video will not function. -- -- * Supported compression formats are: Motion-JPEG, MPEG1, MPEG2 and MPEG4. -- -- * MPEG video formats are delivered as Video Elementary Streams only. -- Program Stream (PS), Transport Stream (TS) and Packetized Elementary -- Stream (PES) formats are not supported. -- -- * Video parameters such as format and input port may not be changed while -- the encoder is active. -- -- * The audio capture device only functions when the video encoder is -- actively capturing video. Attempts to read from the audio device when -- the encoder is inactive will result in an I/O error. -- -- * The native format of the audio device is 48Khz 2-channel 16-bit -- little-endian PCM, delivered through the ALSA system. No audio -- compression is implemented in the hardware. ALSA may convert to other -- uncompressed formats on the fly. -- --The include/ directory contains a C header file describing non-standard --features of the GO7007SB encoder, which are described below: -- -- -- GO7007IOC_S_COMP_PARAMS, GO7007IOC_G_COMP_PARAMS -- -- These ioctls are used to negotiate general compression parameters. -- -- To query the current parameters, call the GO7007IOC_G_COMP_PARAMS ioctl -- with a pointer to a struct go7007_comp_params. If the driver is not -- set to MPEG format, the EINVAL error code will be returned. -- -- To change the current parameters, initialize all fields of a struct -- go7007_comp_params and call the GO7007_IOC_S_COMP_PARAMS ioctl with a -- pointer to this structure. The driver will return the current -- parameters with any necessary changes to conform to the limitations of -- the hardware or current compression mode. Any or all fields can be set -- to zero to request a reasonable default value. If the driver is not -- set to MPEG format, the EINVAL error code will be returned. When I/O -- is in progress, the EBUSY error code will be returned. -- -- Fields in struct go7007_comp_params: -- -- __u32 The maximum number of frames in each -- gop_size Group Of Pictures; i.e. the maximum -- number of frames minus one between -- each key frame. -- -- __u32 The maximum number of sequential -- max_b_frames bidirectionally-predicted frames. -- (B-frames are not yet supported.) -- -- enum go7007_aspect_ratio The aspect ratio to be encoded in the -- aspect_ratio meta-data of the compressed format. -- -- Choices are: -- GO7007_ASPECT_RATIO_1_1 -- GO7007_ASPECT_RATIO_4_3_NTSC -- GO7007_ASPECT_RATIO_4_3_PAL -- GO7007_ASPECT_RATIO_16_9_NTSC -- GO7007_ASPECT_RATIO_16_9_PAL -- -- __u32 Bit-wise OR of control flags (below) -- flags -- -- Flags in struct go7007_comp_params: -- -- GO7007_COMP_CLOSED_GOP Only produce self-contained GOPs, used -- to produce streams appropriate for -- random seeking. -- -- GO7007_COMP_OMIT_SEQ_HEADER Omit the stream sequence header. -- -- -- GO7007IOC_S_MPEG_PARAMS, GO7007IOC_G_MPEG_PARAMS -- -- These ioctls are used to negotiate MPEG-specific stream parameters when -- the pixelformat has been set to V4L2_PIX_FMT_MPEG. -- -- To query the current parameters, call the GO7007IOC_G_MPEG_PARAMS ioctl -- with a pointer to a struct go7007_mpeg_params. If the driver is not -- set to MPEG format, the EINVAL error code will be returned. -- -- To change the current parameters, initialize all fields of a struct -- go7007_mpeg_params and call the GO7007_IOC_S_MPEG_PARAMS ioctl with a -- pointer to this structure. The driver will return the current -- parameters with any necessary changes to conform to the limitations of -- the hardware or selected MPEG mode. Any or all fields can be set to -- zero to request a reasonable default value. If the driver is not set -- to MPEG format, the EINVAL error code will be returned. When I/O is in -- progress, the EBUSY error code will be returned. -- -- Fields in struct go7007_mpeg_params: -- -- enum go7007_mpeg_video_standard -- mpeg_video_standard The MPEG video standard in which to -- compress the video. -- -- Choices are: -- GO7007_MPEG_VIDEO_MPEG1 -- GO7007_MPEG_VIDEO_MPEG2 -- GO7007_MPEG_VIDEO_MPEG4 -- -- __u32 Bit-wise OR of control flags (below) -- flags -- -- __u32 The profile and level indication to be -- pali stored in the sequence header. This -- is only used as an indicator to the -- decoder, and does not affect the MPEG -- features used in the video stream. -- Not valid for MPEG1. -- -- Choices for MPEG2 are: -- GO7007_MPEG2_PROFILE_MAIN_MAIN -- -- Choices for MPEG4 are: -- GO7007_MPEG4_PROFILE_S_L0 -- GO7007_MPEG4_PROFILE_S_L1 -- GO7007_MPEG4_PROFILE_S_L2 -- GO7007_MPEG4_PROFILE_S_L3 -- GO7007_MPEG4_PROFILE_ARTS_L1 -- GO7007_MPEG4_PROFILE_ARTS_L2 -- GO7007_MPEG4_PROFILE_ARTS_L3 -- GO7007_MPEG4_PROFILE_ARTS_L4 -- GO7007_MPEG4_PROFILE_AS_L0 -- GO7007_MPEG4_PROFILE_AS_L1 -- GO7007_MPEG4_PROFILE_AS_L2 -- GO7007_MPEG4_PROFILE_AS_L3 -- GO7007_MPEG4_PROFILE_AS_L4 -- GO7007_MPEG4_PROFILE_AS_L5 -- -- Flags in struct go7007_mpeg_params: -- -- GO7007_MPEG_FORCE_DVD_MODE Force all compression parameters and -- bitrate control settings to comply -- with DVD MPEG2 stream requirements. -- This overrides most compression and -- bitrate settings! -- -- GO7007_MPEG_OMIT_GOP_HEADER Omit the GOP header. -- -- GO7007_MPEG_REPEAT_SEQHEADER Repeat the MPEG sequence header at -- the start of each GOP. -- -- -- GO7007IOC_S_BITRATE, GO7007IOC_G_BITRATE -- -- These ioctls are used to set and query the target bitrate value for the -- compressed video stream. The bitrate may be selected by storing the -- target bits per second in an int and calling GO7007IOC_S_BITRATE with a -- pointer to the int. The bitrate may be queried by calling -- GO7007IOC_G_BITRATE with a pointer to an int where the current bitrate -- will be stored. -- -- Note that this is the primary means of controlling the video quality -- for all compression modes, including V4L2_PIX_FMT_MJPEG. The -- VIDIOC_S_JPEGCOMP ioctl is not supported. -- -- ------------------------------------------------------------------------------ -- Installing the WIS PCI Voyager Driver ----------------------------------------------------------------------------- -- --The WIS PCI Voyager driver requires several patches to the Linux 2.6.11.x --kernel source tree before compiling the driver. These patches update the --in-kernel SAA7134 driver to the newest development version and patch bugs --in the TDA8290/TDA8275 tuner driver. -- --The following patches must be downloaded from Gerd Knorr's website and --applied in the order listed: -- -- http://dl.bytesex.org/patches/2.6.11-2/i2c-tuner -- http://dl.bytesex.org/patches/2.6.11-2/i2c-tuner2 -- http://dl.bytesex.org/patches/2.6.11-2/v4l2-api-mpeg -- http://dl.bytesex.org/patches/2.6.11-2/saa7134-update -- --The following patches are included with this SDK and can be applied in any --order: -- -- patches/2.6.11/saa7134-voyager.diff -- patches/2.6.11/tda8275-newaddr.diff -- patches/2.6.11/tda8290-ntsc.diff -- --Check to make sure the CONFIG_VIDEO_SAA7134 option is enabled in the kernel --configuration, and build and install the kernel. -- --After rebooting into the new kernel, the GO7007 driver can be compiled and --installed: -- -- $ make SAA7134_BUILD=y -- $ make install -- $ modprobe saa7134-go7007 -- --There will be two V4L video devices associated with the PCI Voyager. The --first device (most likely /dev/video0) provides access to the raw video --capture mode of the SAA7133 device and is used to configure the source --video parameters and tune the TV tuner. This device can be used with xawtv --or other V4L(2) video software as a standard uncompressed device. -- --The second device (most likely /dev/video1) provides access to the --compression functions of the GO7007. It can be tested using the gorecord --application in the apps/ directory of this SDK: -- -- $ apps/gorecord -vdevice /dev/video1 -noaudio test.avi -- --Currently the frame resolution is fixed at 720x480 (NTSC) or 720x576 (PAL), --and the video standard must be specified to both the raw and the compressed --video devices (xawtv and gorecord, for example). -- -- ---------------------------------------------------------------------------- --RELEASE NOTES FOR WIS GO7007SB LINUX DRIVER ----------------------------------------------------------------------------- -- --Last updated: 5 November 2005 -- -- - Release 0.9.7 includes new support for using udev to run fxload. The -- install script should automatically detect whether the old hotplug -- scripts or the new udev rules should be used. To force the use of -- hotplug, run "make install USE_UDEV=n". To force the use of udev, run -- "make install USE_UDEV=y". -- -- - Motion detection is supported but undocumented. Try the `modet` app -- for a demonstration of how to use the facility. -- -- - Using USB2.0 devices such as the TV402U with USB1.1 HCDs or hubs can -- cause buffer overruns and frame drops, even at low framerates, due to -- inconsistency in the bitrate control mechanism. -- -- - On devices with an SAA7115, including the Plextor ConvertX, video height -- values of 96, 128, 160, 192, 256, 320, and 384 do not work in NTSC mode. -- All valid heights up to 512 work correctly in PAL mode. -- -- - The WIS Star Trek and PCI Voyager boards have no support yet for audio -- or the TV tuner. -diff --git a/LICENCE.it913x b/LICENCE.it913x -deleted file mode 100644 -index ec8f56c..0000000 ---- a/LICENCE.it913x -+++ /dev/null -@@ -1,17 +0,0 @@ --Copyright (c) 2014, ITE Tech. Inc. -- --The firmware files "dvb-usb-it9135-01.fw" and "dvb-usb-it9135-02.fw" --are for ITEtech it9135 Ax and Bx chip versions. -- --Permission to use, copy, modify, and/or distribute this software for --any purpose with or without fee is hereby granted, provided that the --above copyright notice and this permission notice appear in all copies. -- --THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES --WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF --MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE --FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY --DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, --WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, --ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS --SOFTWARE. -diff --git a/LICENCE.rockchip b/LICENCE.rockchip -deleted file mode 100644 -index d23b4c4..0000000 ---- a/LICENCE.rockchip -+++ /dev/null -@@ -1,41 +0,0 @@ --Copyright (c) 2016, Fuzhou Rockchip Electronics Co.Ltd --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. -- --* Neither the name of Fuzhou Rockchip Electronics Co.Ltd, its products -- nor the names of its suppliers may be used to endorse or promote products -- derived from this Software without specific prior written permission. -- --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. -- --Limited patent license. Fuzhou Rockchip Electronics Co.Ltd grants a world-wide, --royalty-free, non-exclusive license under patents it now or hereafter --owns or controls to make, have made, use, import, offer to sell and --sell ("Utilize") this software, but solely to the extent that any --such patent is necessary to Utilize the software alone, or in --combination with an operating system licensed under an approved Open --Source license as listed by the Open Source Initiative at --http://opensource.org/licenses. The patent license shall not apply to --any other combinations which include this software. No hardware per --se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -diff --git a/LICENCE.siano b/LICENCE.siano -deleted file mode 100644 -index 97e5440..0000000 ---- a/LICENCE.siano -+++ /dev/null -@@ -1,31 +0,0 @@ --FIRMWARE LICENSE TERMS -- --Copyright (c) 2005-2014 Siano Mobile Silicon Ltd. --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the --following disclaimer in the documentation and/or other materials --provided with the distribution. -- --* Neither the name of Siano Mobile Silicon Ltd. nor the names of its --suppliers may be used to endorse or promote products derived from this --software without specific prior written permission. -- --* No reverse engineering, decompilation, or disassembly of this software --is permitted. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT --NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF --USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON --ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT --(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF --THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE -diff --git a/LICENCE.ti-tspa b/LICENCE.ti-tspa -deleted file mode 100644 -index 728fc2b..0000000 ---- a/LICENCE.ti-tspa -+++ /dev/null -@@ -1,46 +0,0 @@ --TI TSPA License --TECHNOLOGY AND SOFTWARE PUBLICLY AVAILABLE --SOFTWARE LICENSE -- --Copyright (c) 2020, Texas Instruments Incorporated. -- --All rights reserved not granted herein. -- --Limited License. -- --Texas Instruments Incorporated grants a world-wide, royalty-free, non-exclusive --license under copyrights and patents it now or hereafter owns or controls to --make, have made, use, import, offer to sell and sell ("Utilize") this software, --but solely to the extent that any such patent is necessary to Utilize the --software alone. The patent license shall not apply to any combinations which --include this software. No hardware per se is licensed hereunder. -- --Redistribution and use in binary form, without modification, are permitted --provided that the following conditions are met: -- --* Redistributions must preserve existing copyright notices and reproduce this --license (including the above copyright notice and the disclaimer below) in the --documentation and/or other materials provided with the distribution. -- --* Neither the name of Texas Instruments Incorporated nor the names of its --suppliers may be used to endorse or promote products derived from this software --without specific prior written permission. -- --* No reverse engineering, decompilation, or disassembly of this software is --permitted. -- --* Nothing shall obligate TI to provide you with source code for the software --licensed and provided to you in object code. -- --DISCLAIMER. -- --THIS SOFTWARE IS PROVIDED BY TI AND TI’S LICENSORS "AS IS" AND ANY EXPRESS OR --IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF --MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO --EVENT SHALL TI AND TI’S LICENSORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT --LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR --PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF --LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING --NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, --EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENCE.xc4000 b/LICENCE.xc4000 -deleted file mode 100644 -index e3cd261..0000000 ---- a/LICENCE.xc4000 -+++ /dev/null -@@ -1,23 +0,0 @@ --The following XC4000 firmware file "dvb-fe-xc4000-1.4.1.fw" was --created based on version 1.4 of "xc4000_firmwares.h". -- --Firmware provided as part of an XC4000 Linux developers kit by Brian --Mathews to Devin Heitmueller -- on July 1, 2009. -- --The code was released by Xceive under the following license: -- --// Copyright (c) 2009, Xceive Corporation --// --// Permission to use, copy, modify, and/or distribute this software, only --// for use with Xceive ICs, for any purpose with or without fee is hereby --// granted, provided that the above copyright notice and this permission --// notice appear in all source code copies. --// --// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES --// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF --// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR --// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES --// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN --// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF --// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -diff --git a/LICENCE.xc5000 b/LICENCE.xc5000 -deleted file mode 100644 -index 0ac8557..0000000 ---- a/LICENCE.xc5000 -+++ /dev/null -@@ -1,23 +0,0 @@ --The following XC500 firmware file "dvb-fe-xc5000-1.6.114.fw" was --created based on "xc5000_firmwares_32000Khz.h". -- --Firmware provided as part of an XC5000 Linux developers kit by Brian --Mathews to Devin Heitmueller --on July 1, 2009. -- --The code was released by Xceive under the following license: -- --// Copyright (c) 2009, Xceive Corporation --// --// Permission to use, copy, modify, and/or distribute this software, only --// for use with Xceive ICs, for any purpose with or without fee is hereby --// granted, provided that the above copyright notice and this permission --// notice appear in all source code copies. --// --// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES --// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF --// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR --// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES --// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN --// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF --// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -diff --git a/LICENCE.xc5000c b/LICENCE.xc5000c -deleted file mode 100644 -index 23b81e7..0000000 ---- a/LICENCE.xc5000c -+++ /dev/null -@@ -1,23 +0,0 @@ --The following XC500C firmware file "dvb-fe-xc5000C-4.1.30.7.fw" was created --based on "Xc5200_firmwares_32000Khz.h". -- --Firmware provided as part of an XC5000C Linux developers kit by Ramon Cazares -- to Devin Heitmueller dheitmueller@linuxtv.org --on July 25, 2012. -- --The code was released by Cresta Technology under the following license: -- --// Copyright (c) 2012, Cresta Technology Corporation --// --// Permission to use, copy, modify, and/or distribute this software, only --// for use with Cresta Technlogy ICs, for any purpose with or without fee is --// hereby granted, provided that the above copyright notice and this --// permission notice appear in all source code copies. --// --// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES --// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF --// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR --// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES --// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN --// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF --// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -diff --git a/LICENSE.Lontium b/LICENSE.Lontium -deleted file mode 100644 -index 2989473..0000000 ---- a/LICENSE.Lontium -+++ /dev/null -@@ -1,2 +0,0 @@ --Lontium Semiconductor Corp. grants permission to use and redistribute aforementioned firmware file for the use with devices containing Lontium chipsets, but not as part of the Linux kernel or in any other form which would require the file itself to be covered by the terms of the GNU General Public License or the GNU Lesser General Public License. --The firmware file is distributed in the hope that it will be useful, but is provided WITHOUT ANY WARRANTY, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. -diff --git a/LICENSE.amlogic_vdec b/LICENSE.amlogic_vdec -deleted file mode 100644 -index ac48f20..0000000 ---- a/LICENSE.amlogic_vdec -+++ /dev/null -@@ -1,15 +0,0 @@ ----------------------------------------------------------------------- --Amlogic Co., Inc. grants permission to use and redistribute --aforementioned firmware files for the use with devices containing --Amlogic chipsets, but not as part of the Linux kernel or in any other --form which would require these files themselves to be covered by the --terms of the GNU General Public License or the GNU Lesser General --Public License. -- --These firmware files are distributed in the hope that they will be --useful, but are provided WITHOUT ANY WARRANTY, INCLUDING BUT NOT --LIMITED TO IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A --PARTICULAR PURPOSE. -- --Amlogic Contact: Arden Jin ----------------------------------------------------------------------- -diff --git a/LICENSE.amphion_vpu b/LICENSE.amphion_vpu -deleted file mode 100644 -index 31840ec..0000000 ---- a/LICENSE.amphion_vpu -+++ /dev/null -@@ -1,48 +0,0 @@ --Copyright 2015, Amphion Semiconductor Ltd --Copyright 2021, NXP --All rights reserved. -- --Redistribution. Reproduction and redistribution in binary form, without --modification, for use solely in conjunction with a NXP --chipset, is permitted provided that the following conditions are met: -- -- . Redistributions must reproduce the above copyright notice and the following -- disclaimer in the documentation and/or other materials provided with the -- distribution. -- -- . Neither the name of NXP nor the names of its suppliers -- may be used to endorse or promote products derived from this Software -- without specific prior written permission. -- -- . No reverse engineering, decompilation, or disassembly of this Software is -- permitted. -- --Limited patent license. NXP (.Licensor.) grants you --(.Licensee.) a limited, worldwide, royalty-free, non-exclusive license under --the Patents to make, have made, use, import, offer to sell and sell the --Software. No hardware per se is licensed hereunder. --The term .Patents. as used in this agreement means only those patents or patent --applications owned solely and exclusively by Licensor as of the date of --Licensor.s submission of the Software and any patents deriving priority (i.e., --having a first effective filing date) therefrom. The term .Software. as used in --this agreement means the firmware image submitted by Licensor, under the terms --of this license, to git://git.kernel.org/pub/scm/linux/kernel/git/firmware/ --linux-firmware.git. --Notwithstanding anything to the contrary herein, Licensor does not grant and --Licensee does not receive, by virtue of this agreement or the Licensor's --submission of any Software, any license or other rights under any patent or --patent application owned by any affiliate of Licensor or any other entity --(other than Licensor), whether expressly, impliedly, by virtue of estoppel or --exhaustion, or otherwise. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL --THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENSE.dib0700 b/LICENSE.dib0700 -deleted file mode 100644 -index fdb6bde..0000000 ---- a/LICENSE.dib0700 -+++ /dev/null -@@ -1,22 +0,0 @@ --Firmware provided by Patrick Boettcher to Devin --Heitmueller on October 8, 2009. -- --The USB firmware file "dvb-usb-dib0700.1.20.fw" for DiBcom's DiB0700, --used together with the Linux driver module dvb-usb-dib0700, is --provided under the following licensing terms: -- --Copyright (c) 2009, DiBcom -- --Permission to use, copy, modify, and/or distribute this software for --any purpose with or without fee is hereby granted, provided that the --above copyright notice and this permission notice appear in all --copies. -- --THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL --WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED --WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE --AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL --DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR --PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER --TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --PERFORMANCE OF THIS SOFTWARE. -diff --git a/LICENSE.ipu3_firmware b/LICENSE.ipu3_firmware -deleted file mode 100644 -index 2559884..0000000 ---- a/LICENSE.ipu3_firmware -+++ /dev/null -@@ -1,36 +0,0 @@ --Copyright (c) 2017, Intel Corporation. --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. --* Neither the name of Intel Corporation nor the names of its suppliers -- may be used to endorse or promote products derived from this software -- without specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. -- --Limited patent license. Intel Corporation grants a world-wide, --royalty-free, non-exclusive license under patents it now or hereafter --owns or controls to make, have made, use, import, offer to sell and --sell (“Utilize”) this software, but solely to the extent that any --such patent is necessary to Utilize the software alone. The patent license --shall not apply to any combinations which include this software. No hardware --per se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -diff --git a/WHENCE b/WHENCE -index 116d04d..d78e45e 100644 ---- a/WHENCE -+++ b/WHENCE -@@ -53,16 +53,6 @@ Found in hex form in the kernel source. - - -------------------------------------------------------------------------- - --Driver: dvb-ttusb-budget -- Technotrend/Hauppauge Nova-USB devices -- --File: ttusb-budget/dspbootcode.bin -- --Licence: Unknown -- --Found in hex form in the kernel source. -- ---------------------------------------------------------------------------- -- - Driver: keyspan -- USB Keyspan USA-xxx serial device - - File: keyspan/mpr.fw -@@ -236,45 +226,6 @@ Converted from Intel HEX files, used in our binary representation of ihex. - - -------------------------------------------------------------------------- - --Driver: cpia2 -- cameras based on Vision's CPiA2 -- --File: cpia2/stv0672_vp4.bin -- --Licence: Allegedly GPLv2+, but no source visible. Marked: -- Copyright (C) 2001 STMicroelectronics, Inc. -- Contact: steve.miller@st.com -- Description: This file contains patch data for the CPiA2 (stv0672) VP4. -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: dabusb -- Digital Audio Broadcasting (DAB) Receiver for USB and Linux -- --File: dabusb/firmware.fw --File: dabusb/bitstream.bin -- --Licence: Distributable -- -- * Copyright (C) 1999 BayCom GmbH -- * -- * Redistribution and use in source and binary forms, with or without -- * modification, are permitted provided that redistributions of source -- * code retain the above copyright notice and this comment without -- * modification. -- ---------------------------------------------------------------------------- -- --Driver: vicam -- USB 3com HomeConnect (aka vicam) -- --File: vicam/firmware.fw -- --Licence: Unknown -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: io_edgeport - USB Inside Out Edgeport Serial Driver - - File: edgeport/boot.fw -@@ -1038,17 +989,6 @@ Also available from http://wireless.kernel.org/en/users/Drivers/iwlwifi#Firmware - - -------------------------------------------------------------------------- - --Driver: ipu3-imgu - Intel IPU3 (3rd Gen Image Processing Unit) driver -- --File: intel/irci_irci_ecr-master_20161208_0213_20170112_1500.bin --Version: irci_irci_ecr-master_20161208_0213_20170112_1500 --md5sum: 59abc311fce49c5a180b5a8a3917912d --Link: intel/ipu3-fw.bin -> irci_irci_ecr-master_20161208_0213_20170112_1500.bin -- --Licence: Redistributable. See LICENSE.ipu3_firmware for details -- ---------------------------------------------------------------------------- -- - Driver: tehuti - Tehuti Networks 10G Ethernet - - File: tehuti/bdx.bin -@@ -1203,36 +1143,6 @@ Found in hex form in kernel source. - - -------------------------------------------------------------------------- - --Driver: cx231xx - Conexant Cx23100/101/102 USB broadcast A/V decoder -- --File: v4l-cx231xx-avcore-01.fw -- --Driver: cx23418 - Conexant PCI Broadcast A/V with MPEG encoder -- --File: v4l-cx23418-apu.fw --File: v4l-cx23418-cpu.fw --File: v4l-cx23418-dig.fw -- --Driver: cx23885 - Conexant PCI Express Broadcast A/V decoder -- --File: v4l-cx23885-avcore-01.fw -- --Driver: cx23840 - Conexant sideport Broadcast A/V decoder -- --File: v4l-cx25840.fw -- --Licence: Redistributable. -- -- Conexant grants permission to use and redistribute these firmware -- files for use with Conexant devices, but not as a part of the Linux -- kernel or in any other form which would require these files themselves -- to be covered by the terms of the GNU General Public License. -- These firmware files are distributed in the hope that they will be -- useful, but WITHOUT ANY WARRANTY; without even the implied warranty -- of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -- ---------------------------------------------------------------------------- -- - Driver: qlogicpti - PTI Qlogic, ISP Driver - - File: qlogic/isp1000.bin -@@ -1316,18 +1226,6 @@ Available from http://ldriver.qlogic.com/firmware/netxen_nic/new/ - - -------------------------------------------------------------------------- - --Driver: dvb-ttpci -- AV7110 cards -- --File: av7110/bootcode.bin --Source: av7110/Boot.S --Source: av7110/Makefile -- --Licence: GPLv2 or later. See GPL-2 and GPL-3 for details. -- --ARM assembly source code from https://linuxtv.org/downloads/firmware/Boot.S -- ---------------------------------------------------------------------------- -- - Driver: rt61pci - Ralink RT2561, RT2561S, RT2661 wireless MACs - - File: rt2561.bin -@@ -1421,35 +1319,6 @@ Provided from the author, Bernd Porr - - -------------------------------------------------------------------------- - --Driver: xc4000 - Xceive 4000 Tuner driver -- --File: dvb-fe-xc4000-1.4.1.fw --Version: 1.4.1 -- --Licence: Redistributable. See LICENCE.xc4000 for details -- ---------------------------------------------------------------------------- --Driver: xc5000 - Xceive 5000 Tuner driver -- --File: dvb-fe-xc5000-1.6.114.fw --Version: 1.6.114 -- --File: dvb-fe-xc5000c-4.1.30.7.fw --Version: 4.1.30.7 -- --Licence: Redistributable. See LICENCE.xc5000 and LICENCE.xc5000c for details -- ---------------------------------------------------------------------------- -- --Driver: dib0700 - DiBcom dib0700 USB DVB bridge driver -- --File: dvb-usb-dib0700-1.20.fw --Version: 1.20 -- --Licence: Redistributable. See LICENSE.dib0700 for details -- ---------------------------------------------------------------------------- -- - Driver: ath3k - DFU Driver for Atheros bluetooth chipset AR3011 - - File: ath3k-1.fw -@@ -2387,14 +2256,6 @@ Licence: Redistributable, provided by Realtek in their driver - - -------------------------------------------------------------------------- - --Driver: lgs8gxx - Legend Silicon GB20600 demodulator driver -- --File: lgs8g75.fw -- --Licence: Unknown -- ---------------------------------------------------------------------------- -- - Driver: ib_qib - QLogic Infiniband - - File: qlogic/sd7220.fw -@@ -2671,14 +2532,6 @@ Licence: GPLv2. See GPL-2 for details. - - -------------------------------------------------------------------------- - --Driver: ti-vpe - Texas Instruments V4L2 driver for Video Processing Engine -- --File: ti/vpdma-1b8.bin -- --Licence: Redistributable. See LICENCE.ti-tspa for details. -- ---------------------------------------------------------------------------- -- - Driver: wl1251 - Texas Instruments 802.11 WLAN driver for WiLink4 chips - - File: ti-connectivity/wl1251-fw.bin -@@ -2807,23 +2660,6 @@ Licence: Redistributable. See LICENCE.ti-connectivity for details. - - -------------------------------------------------------------------------- - --Driver: tlg2300 - Telgent 2300 V4L/DVB driver. -- --File: tlg2300_firmware.bin -- --Licence: Redistributable. -- -- Telegent System grants permission to use and redistribute these -- firmware files for use with devices containing the chip tlg2300, but -- not as a part of the Linux kernel or in any other form which would -- require these files themselves to be covered by the terms of the GNU -- General Public License. These firmware files are distributed in the -- hope that they will be useful, but WITHOUT ANY WARRANTY; without even -- the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -- PURPOSE. -- ---------------------------------------------------------------------------- -- - Driver: r8712u - Realtek 802.11n WLAN driver for RTL8712U - - File: rtlwifi/rtl8712u.bin -@@ -3459,23 +3295,6 @@ License: Redistributable. See LICENCE.atheros_firmware for details - - -------------------------------------------------------------------------- - --Driver: drxk - Micronas DRX-K demodulator driver -- --File: dvb-usb-terratec-h5-drxk.fw -- --Licence: Redistributable. -- --TERRATEC grants permission to use and redistribute these firmware --files for use with TERRATEC devices, but not as part of the Linux --kernel or in any other form which would require these files themselves --to be covered by the terms of the GNU General Public License. -- --These firmware files are distributed in the hope that they will be --useful, but WITHOUT ANY WARRANTY; without even the implied warranty --of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -- ---------------------------------------------------------------------------- -- - Driver: ene-ub6250 -- ENE UB6250 SD card reader driver - - File: ene-ub6250/sd_init1.bin -@@ -3506,27 +3325,6 @@ Licence: Redistributable. See LICENCE.atheros_firmware for details - - -------------------------------------------------------------------------- - --Driver: s5p-mfc - Samsung MFC video encoder/decoder driver -- --File: s5p-mfc.fw --File: s5p-mfc-v6.fw --File: s5p-mfc-v6-v2.fw --File: s5p-mfc-v7.fw --File: s5p-mfc-v8.fw -- --Licence: Redistributable. -- --Samsung grants permission to use and redistribute aforementioned firmware --files for the use with Exynos series devices, but not as part of the Linux --kernel, or in any other form which would require these files themselves --to be covered by the terms of the GNU General Public License. -- --These firmware files are distributed in the hope that they will be --useful, but WITHOUT ANY WARRANTY; without even the implied warranty --of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -- ---------------------------------------------------------------------------- -- - Driver: carl9170 -- Atheros AR9170 802.11 draft-n USB driver - - File: carl9170-1.fw -@@ -3770,33 +3568,6 @@ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - -------------------------------------------------------------------------- - --Driver: go7007 -- --File: go7007/s2250-1.fw --File: go7007/s2250-2.fw --Link: s2250.fw -> go7007/s2250-2.fw --Link: s2250_loader.fw -> go7007/s2250-1.fw -- --Licence: -- Sensoray grants permission to use and redistribute these firmware -- files for use with Sensoray devices, but not as a part of the Linux -- kernel or in any other form which would require these files themselves -- to be covered by the terms of the GNU General Public License. -- These firmware files are distributed in the hope that they will be -- useful, but WITHOUT ANY WARRANTY; without even the implied warranty -- of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -- --File: go7007/go7007fw.bin --File: go7007/go7007tv.bin --File: go7007/lr192.fw --File: go7007/px-m402u.fw --File: go7007/px-tv402u.fw --File: go7007/wis-startrek.fw -- --Licence: Redistributable. See LICENCE.go7007 for details -- ---------------------------------------------------------------------------- -- - Driver: ccp - Platform Security Processor (PSP) device - - File: amd/amd_sev_fam17h_model0xh.sbin -@@ -3967,44 +3738,6 @@ Licence: Redistributable. See LICENCE.r8a779x_usb3 for details. - - -------------------------------------------------------------------------- - --Driver: as102 - Abilis Systems Single DVB-T Receiver -- --File: as102_data1_st.hex --File: as102_data2_st.hex -- --License: Redistributable. See LICENCE.Abilis for details -- ---------------------------------------------------------------------------- -- --Driver: it9135 -- ITEtech IT913x DVB-T USB driver -- --File: dvb-usb-it9135-01.fw --File: dvb-usb-it9135-02.fw -- --Licence: Redistributable. See LICENCE.it913x for details -- ---------------------------------------------------------------------------- -- --Driver: smsmdtv - Siano MDTV Core module -- --File: cmmb_vega_12mhz.inp --File: cmmb_venice_12mhz.inp --File: dvb_nova_12mhz.inp --File: dvb_nova_12mhz_b0.inp --File: isdbt_nova_12mhz.inp --File: isdbt_nova_12mhz_b0.inp --File: isdbt_rio.inp --File: sms1xxx-hcw-55xxx-dvbt-02.fw --File: sms1xxx-hcw-55xxx-isdbt-02.fw --File: sms1xxx-nova-a-dvbt-01.fw --File: sms1xxx-nova-b-dvbt-01.fw --File: sms1xxx-stellar-dvbt-01.fw --File: tdmb_nova_12mhz.inp -- --Licence: Redistributable. See LICENCE.siano for details -- ---------------------------------------------------------------------------- -- - Driver: xhci-tegra -- NVIDIA Tegra XHCI driver - - File: nvidia/tegra124/xusb.bin -@@ -4023,23 +3756,6 @@ Licence: Redistributable. See LICENCE.nvidia for details - - -------------------------------------------------------------------------- - --Driver: tegra-vic -- NVIDIA Tegra VIC driver -- --File: nvidia/tegra124/vic03_ucode.bin --Link: nvidia/tegra124/vic.bin -> vic03_ucode.bin -- --File: nvidia/tegra210/vic04_ucode.bin --Link: nvidia/tegra210/vic.bin -> vic04_ucode.bin -- --File: nvidia/tegra186/vic04_ucode.bin --Link: nvidia/tegra186/vic.bin -> vic04_ucode.bin -- --File: nvidia/tegra194/vic.bin -- --Licence: Redistributable. See LICENCE.nvidia for details -- ---------------------------------------------------------------------------- -- - Driver: atusb - ATUSB IEEE 802.15.4 transceiver driver - - File: atusb/atusb-0.2.dfu -@@ -4995,17 +4711,6 @@ Licence: Redistributable. See LICENCE.Marvell for details. - - -------------------------------------------------------------------------- - --Driver: mtk-vpu - MediaTek VPU video processing unit driver -- --File: mediatek/mt8173/vpu_d.bin --File: mediatek/mt8173/vpu_p.bin --Link: vpu_d.bin -> mediatek/mt8173/vpu_d.bin --Link: vpu_p.bin -> mediatek/mt8173/vpu_p.bin -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- - Driver: mtk_scp - MediaTek SCP System Control Processing Driver - - File: mediatek/mt8183/scp.img -@@ -5035,15 +4740,6 @@ Licence: Redistributable. See LICENCE.mediatek for details. - - -------------------------------------------------------------------------- - --Driver: rk3399-dptx - ROCKCHIP rk3399 dptx firmware -- --File: rockchip/dptx.bin --Version: 3.1 -- --Licence: Redistributable. See LICENCE.rockchip for details. -- ---------------------------------------------------------------------------- -- - Driver: mt76x0 - MediaTek MT76x0 Wireless MACs - - File: mediatek/mt7610u.bin -@@ -5323,44 +5019,6 @@ Licence: Redistributable. See LICENSE.QualcommAtheros_ath10k for details - - -------------------------------------------------------------------------- - --Driver: venus - Qualcomm Venus video codec accelerator -- --File: qcom/venus-1.8/venus.mbn --Link: qcom/venus-1.8/venus.mdt -> venus.mbn -- --Version: 1.8-00109 -- --File: qcom/venus-4.2/venus.mbn --Link: qcom/venus-4.2/venus.mdt -> venus.mbn -- --Version: 4.2 -- --File: qcom/venus-5.2/venus.mbn --Link: qcom/venus-5.2/venus.mdt -> venus.mbn -- --Version: 5.2-00023 -- --File: qcom/venus-5.4/venus.mbn --Link: qcom/venus-5.4/venus.mdt -> venus.mbn -- --Version: 5.4-00053 -- --File: qcom/vpu-1.0/venus.mbn --Link: qcom/vpu-1.0/venus.mdt -> venus.mbn -- --Version: VIDEO.VPU.1.0-00087-PROD-1 -- --File: qcom/vpu-2.0/venus.mbn -- --Version: VIDEO.VPU.2.0-00049-PROD-1 -- --Licence: Redistributable. See LICENSE.qcom and qcom/NOTICE.txt for details -- --Binary files supplied originally from --https://developer.qualcomm.com/hardware/dragonboard-410c/tools -- ---------------------------------------------------------------------------- -- - Driver: imx-sdma - support for i.MX SDMA driver - - File: imx/sdma/sdma-imx6q.bin -@@ -5582,15 +5240,6 @@ Licence: - - -------------------------------------------------------------------------- - --Driver: cdns-mhdp - Cadence MHDP8546 DP bridge -- --File: cadence/mhdp8546.bin --Version: 2.1.0 -- --Licence: Redistributable. See LICENCE.cadence for details -- ---------------------------------------------------------------------------- -- - Driver: fsl-mc bus - NXP Management Complex Bus Driver - - File: dpaa2/mc/mc_10.10.0_ls1088a.itb -@@ -5622,28 +5271,6 @@ Licence: Redistributable. See LICENCE.microchip for details - - -------------------------------------------------------------------------- - --Driver: meson-vdec - Amlogic video decoder -- --File: meson/vdec/g12a_h264.bin --File: meson/vdec/g12a_hevc_mmu.bin --File: meson/vdec/g12a_vp9.bin --File: meson/vdec/gxbb_h264.bin --File: meson/vdec/gxl_h263.bin --File: meson/vdec/gxl_h264.bin --File: meson/vdec/gxl_hevc.bin --File: meson/vdec/gxl_hevc_mmu.bin --File: meson/vdec/gxl_mjpeg.bin --File: meson/vdec/gxl_mpeg12.bin --File: meson/vdec/gxl_mpeg4_5.bin --File: meson/vdec/gxl_vp9.bin --File: meson/vdec/gxm_h264.bin --File: meson/vdec/sm1_hevc_mmu.bin --File: meson/vdec/sm1_vp9_mmu.bin -- --Licence: Redistributable. See LICENSE.amlogic_vdec for details. -- ---------------------------------------------------------------------------- -- - Driver: ice - Intel(R) Ethernet Connection E800 Series - - File: intel/ice/ddp/ice-1.3.30.0.pkg -@@ -5685,14 +5312,6 @@ Licence: Redistributable. See LICENCE.Marvell for details. - - ------------------------------------------------ - --Driver: lt9611uxc - Lontium DSI to HDMI bridge -- --File: lt9611uxc_fw.bin -- --License: Redistributable. See LICENSE.Lontium for details. -- ---------------------------------------------------------------------------- -- - Driver: wfx - Silicon Labs Wi-Fi Transceiver - - File: wfx/wfm_wf200_C0.sec -@@ -5713,14 +5332,6 @@ https://github.com/SiliconLabs/wfx-linux-tools - - -------------------------------------------------------------------------- - --Driver: wave5 - Chips&Media, Inc. video codec driver -- --File: cnm/wave521c_k3_codec_fw.bin -- --Licence: Redistributable. See LICENCE.cnm for details. -- ----------------------------------------------------------------------------- -- - Driver: rvu_cptpf - Marvell CPT driver - - File: mrvl/cpt01/ae.out -@@ -5741,17 +5352,6 @@ Licence: Redistributable. See LICENCE.Marvell for details. - - --------------------------------------------------------------------------- - --Driver: amphion - Amphion VPU(Video Processing Unit) Codec IP driver -- --File: amphion/vpu/vpu_fw_imx8_dec.bin --Version: 1.8.8 --File: amphion/vpu/vpu_fw_imx8_enc.bin --Version: 1.3.4 -- --Licence: Redistributable. See LICENSE.amphion_vpu for details -- ----------------------------------------------------------------------------- -- - Driver: nxp-sr1xx - NXP Ultra Wide Band driver - File: nxp/sr150_fw.bin - Version: 35.00.03 --- -2.40.1 - diff --git a/packages/linux-firmware/0003-linux-firmware-bt-wifi-Remove-firmware-for-Bluetooth.patch b/packages/linux-firmware/0003-linux-firmware-bt-wifi-Remove-firmware-for-Bluetooth.patch deleted file mode 100644 index 5d0bb05c474..00000000000 --- a/packages/linux-firmware/0003-linux-firmware-bt-wifi-Remove-firmware-for-Bluetooth.patch +++ /dev/null @@ -1,3657 +0,0 @@ -From 8330b130d288943c11658a69c033e97f02a69591 Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Tue, 25 Jul 2023 10:29:08 +0000 -Subject: [PATCH] linux-firmware: bt/wifi: Remove firmware for Bluetooth/WiFi - devices - -Bottlerocket does not configure any drivers for Bluetooth or WiFi -devices. Without the drivers the firmware is useless and does not need -to be shipped. The following list matches driver names as listed in -WHENCE to the kernel config options enabling those driver in case we do -add drivers in the future we can easily check if we need to add firmware -binaries. - -* ar9170 - CONFIG_CARL9170 -* carl9170 - CONFIG_CARL9170 -* ath9k_htc - CONFIG_ATH9K_HTC -* ath3k - CONFIG_BT_ATH3K -* DFU Driver [...] AR3012 - CONFIG_BT_ATH3K -* Atheros AR300x UART [...] - CONFIG_BT_HCIUART_ATH3K -* ath6kl - CONFIG_ATH6KL -* ath10k - CONFIG_ATH10K -* ath11k - CONFIG_ATH11K -* ar5523 - CONFIG_AR5523 -* btqca - CONFIG_BT_QCA -* qca - CONFIG_QCA7000 -* mt7601u - CONFIG_MT7601U -* btmtk_usb - CONFIG_BT_HCIBTUSB_MTK -* btmtk - CONFIG_BT_MTK -* mt76x0 - CONFIG_MT76x0U && CONFIG_MT76x0E -* mt76x2e - CONFIG_MT76x2E -* mt76x2u - CONFIG_MT76x2U -* mt7615e - CONFIG_MT7615E -* mt7622 - CONFIG_MT7622WMAC -* mt7663 - CONFIG_MT7663U && CONFIG_MT7663S -* mt7915e - CONFIG_MT7915E -* mt7921 - CONFIG_MT7921U && CONFIG_MT7921S && CONFIG_MT7921E -* mt7922 - CONFIG_MT7921U && CONFIG_MT7921S && CONFIG_MT7921E -* brcmsmac - CONFIG_BRCMSMAC -* brcmfmac - CONFIG_BRCMFMAC -* BCM-0bb4-0306 - CONFIG_BT_BCM -* wl1251 - CONFIG_WL1251 -* wl12xx - CONFIG_WL12XX -* wl18xx - CONFIG_WL18XX -* TI_ST - CONFIG_TI_ST -* r8152 - CONFIG_USB_RTL8152 -* r8169 - CONFIG_R8169 -* r8712u - CONFIG_R8712U -* rtl8188ee - CONFIG_RTL8188EE -* rtl8192e - CONFIG_RTL8192E -* rtl8192ce - CONFIG_RTL8192CE -* rtl8192cu - CONFIG_RTL8192CU -* rtl8192de - CONFIG_RTL8192DE -* rtl8192ee - CONFIG_RTL8192EE -* rtl8192se - CONFIG_RTL8192SE -* rtl8723be - CONFIG_RTL8723BE -* rtl8723bs - CONFIG_RTL8723BS -* rtl8723de - CONFIG_RTL8723_COMMON -* rtl8723e - CONFIG_RTL8723_COMMON -* rtl8821ae - CONFIG_RTL8821AE -* rtl8822be - CONFIG_RTW88_8822BE -* rtl8xxxu - CONFIG_RTL8XXXU -* rtw88 - CONFIG_RTW88 -* rtw89 - CONFIG_RTW89 -* btusb - CONFIG_BT_HCIBTUSB -* nxp-sr1xx - CONFIG_NXP_UWB (driver has yet to be accepted upstream) -* btnxpuart - CONFIG_BT_NXPUART -* cw1200 - CONFIG_CW1200 -* rsi - CONFIG_RSI_91X -* wilc1000 - CONFIG_WILC1000 -* qcom_q6v5_pas - CONFIG_QCOM_Q6V5_PAS -* qcom_q6v5_mss - CONFIG_QCOM_Q6V5_MSS -* iwlwifi - CONFIG_IWLWIFI -* rt2800pci - CONFIG_RT2800PCI -* rt2800usb - CONFIG_RT2800USB -* rt2860sta - CONFIG_RT2800PCI && CONFIG_RT2800USB -* rt2870sta - CONFIG_RT2800PCI && CONFIG_RT2800USB -* rt61pci - CONFIG_RT61PCI -* rt73usb - CONFIG_RT73USB -* wfx - CONFIG_WFX - -Signed-off-by: Leonard Foerster ---- - LICENCE.NXP | 22 - - LICENCE.OLPC | 33 - - LICENCE.atheros_firmware | 38 - - LICENCE.broadcom_bcm43xx | 65 - - LICENCE.cw1200 | 35 - - LICENCE.cypress | 138 -- - LICENCE.ibt_firmware | 39 - - LICENCE.iwlwifi_firmware | 39 - - LICENCE.open-ath9k-htc-firmware | 206 -- - LICENCE.ralink-firmware.txt | 39 - - LICENCE.ralink_a_mediatek_company_firmware | 39 - - LICENCE.rtlwifi_firmware.txt | 39 - - LICENCE.ti-connectivity | 61 - - LICENCE.wl1251 | 59 - - LICENSE.QualcommAtheros_ar3k | 47 - - LICENSE.QualcommAtheros_ath10k | 47 - - LICENSE.atmel | 36 - - LICENSE.nxp | 26 - - WHENCE | 2279 +------------------- - 19 files changed, 27 insertions(+), 3260 deletions(-) - delete mode 100644 LICENCE.NXP - delete mode 100644 LICENCE.OLPC - delete mode 100644 LICENCE.atheros_firmware - delete mode 100644 LICENCE.broadcom_bcm43xx - delete mode 100644 LICENCE.cw1200 - delete mode 100644 LICENCE.cypress - delete mode 100644 LICENCE.ibt_firmware - delete mode 100644 LICENCE.iwlwifi_firmware - delete mode 100644 LICENCE.open-ath9k-htc-firmware - delete mode 100644 LICENCE.ralink-firmware.txt - delete mode 100644 LICENCE.ralink_a_mediatek_company_firmware - delete mode 100644 LICENCE.rtlwifi_firmware.txt - delete mode 100644 LICENCE.ti-connectivity - delete mode 100644 LICENCE.wl1251 - delete mode 100644 LICENSE.QualcommAtheros_ar3k - delete mode 100644 LICENSE.QualcommAtheros_ath10k - delete mode 100644 LICENSE.atmel - delete mode 100644 LICENSE.nxp - -diff --git a/LICENCE.NXP b/LICENCE.NXP -deleted file mode 100644 -index 96215f1..0000000 ---- a/LICENCE.NXP -+++ /dev/null -@@ -1,22 +0,0 @@ --Copyright 2019. NXP B.V. All rights reserved. -- --Redistribution and use in binary form is permitted provided that the following --conditions are met: -- --1. Redistributions must reproduce the above copyright notice, this list of --conditions and the following disclaimer in the documentation and/or other --materials provided with the distribution. -- --2. Redistribution and use shall be used only with NXP B.V. silicon products. --Any other use, reproduction, modification, translation, or compilation of the --Software is prohibited. -- --3. No reverse engineering, decompilation, or disassembly is permitted. -- --TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THIS SOFTWARE IS PROVIDED --"AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING, WITHOUT LIMITATION, ANY EXPRESS --OR IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS OR SUFFICIENCY FOR A --PARTICULAR PURPOSE, SATISFACTORY QUALITY, CORRESPONDENCE WITH DESCRIPTION, QUIET --ENJOYMENT OR NON-INFRINGEMENT OF THIRD PARTY INTELLECTUAL PROPERTY RIGHTS. --NXP B.V., ITS AFFILIATES AND THEIR SUPPLIERS DISCLAIM ANY WARRANTY THAT THE --DELIVERABLES WILL OPERATE WITHOUT INTERRUPTION OR BE ERROR-FREE. -diff --git a/LICENCE.OLPC b/LICENCE.OLPC -deleted file mode 100644 -index a740952..0000000 ---- a/LICENCE.OLPC -+++ /dev/null -@@ -1,33 +0,0 @@ --Copyright (c) 2006, One Laptop per Child and Marvell Corporation. --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. --* Neither the name of Marvell Corporation nor the names of its suppliers -- may be used to endorse or promote products derived from this software -- without specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. --* You may not use or attempt to use this software in conjunction with -- any product that is offered by a third party as a replacement, -- substitute or alternative to a Marvell Product where a Marvell Product -- is defined as a proprietary wireless LAN embedded client solution of -- Marvell or a Marvell Affiliate. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -diff --git a/LICENCE.atheros_firmware b/LICENCE.atheros_firmware -deleted file mode 100644 -index e0ebdac..0000000 ---- a/LICENCE.atheros_firmware -+++ /dev/null -@@ -1,38 +0,0 @@ --Copyright (c) 2008-2010, Atheros Communications, Inc. --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. -- --* Neither the name of Atheros Communications, Inc. nor the names of -- its suppliers may be used to endorse or promote products derived -- from this software without specific prior written permission. -- --* No reverse engineering, decompilation, or disassembly of this -- software is permitted. -- --Limited patent license. Atheros Communications, Inc. grants a --world-wide, royalty-free, non-exclusive license under patents it --now or hereafter owns or controls to make, have made, use, import, --offer to sell and sell ("Utilize") this software, but solely to --the extent that any such patent is necessary to Utilize the software --in conjunction with an Atheros Chipset. The patent license shall not --apply to any other combinations which include this software. No --hardware per se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL --THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENCE.broadcom_bcm43xx b/LICENCE.broadcom_bcm43xx -deleted file mode 100644 -index ff26fdd..0000000 ---- a/LICENCE.broadcom_bcm43xx -+++ /dev/null -@@ -1,65 +0,0 @@ --SOFTWARE LICENSE AGREEMENT -- --The accompanying software in binary code form (“Software”), is licensed to you, --or, if you are accepting on behalf of an entity, the entity and its affiliates --exercising rights hereunder (“Licensee”) subject to the terms of this software --license agreement (“Agreement”), unless Licensee and Broadcom Corporation --(“Broadcom”) execute a separate written software license agreement governing --use of the Software. ANY USE, REPRODUCTION, OR DISTRIBUTION OF THE SOFTWARE --CONSTITUTES LICENSEE’S ACCEPTANCE OF THIS AGREEMENT. -- --1. License. Subject to the terms and conditions of this Agreement, --Broadcom hereby grants to Licensee a limited, non-exclusive, non-transferable, --royalty-free license: (i) to use and integrate the Software with any other --software; and (ii) to reproduce and distribute the Software complete, --unmodified, and as provided by Broadcom, solely for use with Broadcom --proprietary integrated circuit product(s) sold by Broadcom with which the --Software was designed to be used, or their successors. -- --2. Restrictions. Licensee shall distribute Software with a copy of this --Agreement. Licensee shall not remove, efface or obscure any copyright or --trademark notices from the Software. Reproductions of the Broadcom copyright --notice shall be included with each copy of the Software, except where such --Software is embedded in a manner not readily accessible to the end user. --Licensee shall not: (i) use, license, sell or otherwise distribute the Software --except as provided in this Agreement; (ii) attempt to modify in any way, --reverse engineer, decompile or disassemble any portion of the Software; or --(iii) use the Software or other material in violation of any applicable law or --regulation, including but not limited to any regulatory agency. This Agreement --shall automatically terminate upon Licensee’s failure to comply with any of the --terms of this Agreement. In such event, Licensee will destroy all copies of the --Software and its component parts. -- --3. Ownership. The Software is licensed and not sold. Title to and --ownership of the Software, including all intellectual property rights thereto, --and any portion thereof remain with Broadcom or its licensors. Licensee hereby --covenants that it will not assert any claim that the Software created by or for --Broadcom infringe any intellectual property right owned or controlled by --Licensee. -- --4. Disclaimer. THE SOFTWARE IS OFFERED “AS IS,” AND BROADCOM PROVIDES AND --GRANTS AND LICENSEE RECEIVES NO SUPPORT AND NO WARRANTIES OF ANY KIND, EXPRESS --OR IMPLIED, BY STATUTE, COMMUNICATION OR CONDUCT WITH LICENSEE, OR OTHERWISE. --BROADCOM SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, --FITNESS FOR A SPECIFIC PURPOSE, OR NONINFRINGEMENT CONCERNING THE SOFTWARE OR --ANY UPGRADES TO OR DOCUMENTATION FOR THE SOFTWARE. WITHOUT LIMITATION OF THE --ABOVE, BROADCOM GRANTS NO WARRANTY THAT THE SOFTWARE IS ERROR-FREE OR WILL --OPERATE WITHOUT INTERRUPTION, AND GRANTS NO WARRANTY REGARDING ITS USE OR THE --RESULTS THEREFROM INCLUDING, WITHOUT LIMITATION, ITS CORRECTNESS, ACCURACY, OR --RELIABILITY. TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT SHALL BROADCOM --OR ANY OF ITS LICENSORS HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND ON ANY THEORY --OF LIABILITY, WHETHER FOR BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE) OR --OTHERWISE, ARISING OUT OF THIS AGREEMENT OR USE, REPRODUCTION, OR DISTRIBUTION --OF THE SOFTWARE, INCLUDING BUT NOT LIMITED TO LOSS OF DATA AND LOSS OF PROFITS, --EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THESE --LIMITATIONS SHALL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY --LIMITED REMEDY. -- --5. Export Laws. LICENSEE UNDERSTANDS AND AGREES THAT THE SOFTWARE IS --SUBJECT TO UNITED STATES AND OTHER APPLICABLE EXPORT-RELATED LAWS AND --REGULATIONS AND THAT LICENSEE MAY NOT EXPORT, RE-EXPORT OR TRANSFER THE --SOFTWARE OR ANY DIRECT PRODUCT OF THE SOFTWARE EXCEPT AS PERMITTED UNDER THOSE --LAWS. WITHOUT LIMITING THE FOREGOING, EXPORT, RE-EXPORT, OR TRANSFER OF THE --SOFTWARE TO CUBA, IRAN, NORTH KOREA, SUDAN, AND SYRIA IS PROHIBITED. -- -diff --git a/LICENCE.cw1200 b/LICENCE.cw1200 -deleted file mode 100644 -index 1016eca..0000000 ---- a/LICENCE.cw1200 -+++ /dev/null -@@ -1,35 +0,0 @@ --Copyright (c) 2007-2013, ST Microelectronics NV. --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without modification, --are permitted provided that the following conditions are met: -- --* Redistributions must reproduce the above copyright notice and the following --disclaimer in the documentation and/or other materials provided with the --distribution. -- --* Neither the name of ST Microelectronics NV. nor the names of its suppliers --may be used to endorse or promote products derived from this software without --specific prior written permission. -- --* No reverse engineering, decompilation, or disassembly of this software is --permitted. -- --Limited patent license. ST Microelectronics NV. grants a world-wide, royalty-free, -- non-exclusive license under patents it now or hereafter owns or controls to make, -- have made, use, import, offer to sell and sell ("Utilize") this software, but -- solely to the extent that any such patent is necessary to Utilize the software in --conjunction with an ST Microelectronics chipset. The patent license shall not --apply to any other combinations which include this software. No hardware per se --is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ANDCONTRIBUTORS --"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE --DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR --ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES --(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; --LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON --ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT --(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS --SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENCE.cypress b/LICENCE.cypress -deleted file mode 100644 -index 070ef66..0000000 ---- a/LICENCE.cypress -+++ /dev/null -@@ -1,138 +0,0 @@ --### CYPRESS WIRELESS CONNECTIVITY DEVICES --### DRIVER END USER LICENSE AGREEMENT (SOURCE AND BINARY DISTRIBUTION) -- --PLEASE READ THIS END USER LICENSE AGREEMENT ("Agreement") CAREFULLY BEFORE --DOWNLOADING, INSTALLING, OR USING THIS SOFTWARE, ANY ACCOMPANYING --DOCUMENTATION, OR ANY UPDATES PROVIDED BY CYPRESS ("Software"). BY --DOWNLOADING, INSTALLING, OR USING THE SOFTWARE, YOU ARE AGREEING TO BE BOUND --BY THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS --AGREEMENT, PROMPTLY RETURN AND DO NOT USE THE SOFTWARE. IF YOU HAVE --PURCHASED THE SOFTWARE, YOUR RIGHT TO RETURN THE SOFTWARE EXPIRES 30 DAYS --AFTER YOUR PURCHASE AND APPLIES ONLY TO THE ORIGINAL PURCHASER. -- --Software Provided in Binary Code Form. This paragraph applies to any Software --provided in binary code form. Subject to the terms and conditions of this --Agreement, Cypress Semiconductor Corporation ("Cypress") grants you a --non-exclusive, non-transferable license under its copyright rights in the --Software to reproduce and distribute the Software in object code form only, --solely for use in connection with Cypress integrated circuit products --("Purpose"). -- --Software Provided in Source Code Form. This paragraph applies to any Software --provided in source code form ("Cypress Source Code"). Subject to the terms and --conditions of this Agreement, Cypress grants you a non-exclusive, --non-transferable license under its copyright rights in the Cypress Source Code --to reproduce, modify, compile, and distribute the Cypress Source Code (whether --in source code form or as compiled into binary code form) solely for the --Purpose. Cypress retains ownership of the Cypress Source Code and any compiled --version thereof. Subject to Cypress' ownership of the underlying Cypress --Source Code, you retain ownership of any modifications you make to the --Cypress Source Code. You agree not to remove any Cypress copyright or other --notices from the Cypress Source Code and any modifications thereof. Any --reproduction, modification, translation, compilation, or representation of --the Cypress Source Code except as permitted in this paragraph is prohibited --without the express written permission of Cypress. -- --Free and Open Source Software. Portions of the Software may be licensed under --free and/or open source licenses such as the GNU General Public License --("FOSS"). FOSS is subject to the applicable license agreement and not this --Agreement. If you are entitled to receive the source code from Cypress for any --FOSS included with the Software, either the source code will be included with --the Software or you may obtain the source code at no charge from --. The applicable license terms will --accompany each source code package. To review the license terms applicable to --any FOSS for which Cypress is not required to provide you with source code, --please see the Software's installation directory on your computer. -- --Proprietary Rights. The Software, including all intellectual property rights --therein, is and will remain the sole and exclusive property of Cypress or its --suppliers. Except as otherwise expressly provided in this Agreement, you may --not: (i) modify, adapt, or create derivative works based upon the Software; --(ii) copy the Software; (iii) except and only to the extent explicitly --permitted by applicable law despite this limitation, decompile, translate, --reverse engineer, disassemble or otherwise reduce the Software to --human-readable form; or (iv) use the Software other than for the Purpose. -- --No Support. Cypress may, but is not required to, provide technical support for --the Software. -- --Term and Termination. This Agreement is effective until terminated. This --Agreement and Your license rights will terminate immediately without notice --from Cypress if you fail to comply with any provision of this Agreement. Upon --termination, you must destroy all copies of Software in your possession or --control. Termination of this Agreement will not affect any licenses validly --granted as of the termination date to any end users of the Software. The --following paragraphs shall survive any termination of this Agreement: "Free and --Open Source Software," "Proprietary Rights," "Compliance With Law," --"Disclaimer," "Limitation of Liability," and "General." -- --Compliance With Law. Each party agrees to comply with all applicable laws, --rules and regulations in connection with its activities under this Agreement. --Without limiting the foregoing, the Software may be subject to export control --laws and regulations of the United States and other countries. You agree to --comply strictly with all such laws and regulations and acknowledge that you --have the responsibility to obtain licenses to export, re-export, or import --the Software. -- --Disclaimer. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, CYPRESS MAKES --NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, WITH REGARD TO THE SOFTWARE, --INCLUDING, BUT NOT LIMITED TO, INFRINGEMENT AND THE IMPLIED WARRANTIES OF --MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Cypress reserves the --right to make changes to the Software without notice. Cypress does not assume --any liability arising out of the application or use of Software or any --product or circuit described in the Software. Cypress does not authorize its --products for use as critical components in life-support systems where a --malfunction or failure may reasonably be expected to result in significant --injury to the user. The inclusion of Cypress' product in a life-support --system or application implies that the manufacturer of such system or --application assumes all risk of such use and in doing so indemnifies Cypress --against all charges. -- --Limitation of Liability. IN NO EVENT WILL CYPRESS OR ITS SUPPLIERS, --RESELLERS, OR DISTRIBUTORS BE LIABLE FOR ANY LOST REVENUE, PROFIT, OR DATA, --OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL, OR PUNITIVE DAMAGES --HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF THE --USE OF OR INABILITY TO USE THE SOFTWARE EVEN IF CYPRESS OR ITS SUPPLIERS, --RESELLERS, OR DISTRIBUTORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH --DAMAGES. IN NO EVENT SHALL CYPRESS' OR ITS SUPPLIERS' RESELLERS', OR --DISTRIBUTORS' TOTAL LIABILITY TO YOU, WHETHER IN CONTRACT, TORT (INCLUDING --NEGLIGENCE), OR OTHERWISE, EXCEED THE PRICE PAID BY YOU FOR THE SOFTWARE. --THE FOREGOING LIMITATIONS SHALL APPLY EVEN IF THE ABOVE-STATED WARRANTY FAILS --OF ITS ESSENTIAL PURPOSE. BECAUSE SOME STATES OR JURISDICTIONS DO NOT ALLOW --LIMITATION OR EXCLUSION OF CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE ABOVE --LIMITATION MAY NOT APPLY TO YOU. -- --Restricted Rights. The Software under this Agreement is commercial computer --software as that term is described in 48 C.F.R. 252.227-7014(a)(1). If --acquired by or on behalf of a civilian agency, the U.S. Government acquires --this commercial computer software and/or commercial computer software --documentation subject to the terms of this Agreement as specified in 48 --C.F.R. 12.212 (Computer Software) and 12.211 (Technical Data) of the Federal --Acquisition Regulations ("FAR") and its successors. If acquired by or on --behalf of any agency within the Department of Defense ("DOD"), the U.S. --Government acquires this commercial computer software and/or commercial --computer software documentation subject to the terms of this Agreement as --specified in 48 C.F.R. 227.7202-3 of the DOD FAR Supplement ("DFAR") and its --successors. -- --General. This Agreement will bind and inure to the benefit of each party's --successors and assigns, provided that you may not assign or transfer this --Agreement, in whole or in part, without Cypress' written consent. This --Agreement shall be governed by and construed in accordance with the laws of --the State of California, United States of America, as if performed wholly --within the state and without giving effect to the principles of conflict of --law. The parties consent to personal and exclusive jurisdiction of and venue --in, the state and federal courts within Santa Clara County, California; --provided however, that nothing in this Agreement will limit Cypress' right to --bring legal action in any venue in order to protect or enforce its --intellectual property rights. No failure of either party to exercise or --enforce any of its rights under this Agreement will act as a waiver of such --rights. If any portion hereof is found to be void or unenforceable, the --remaining provisions of this Agreement shall remain in full force and --effect. This Agreement is the complete and exclusive agreement between the --parties with respect to the subject matter hereof, superseding and replacing --any and all prior agreements, communications, and understandings (both --written and oral) regarding such subject matter. Any notice to Cypress will --be deemed effective when actually received and must be sent to Cypress --Semiconductor Corporation, ATTN: Chief Legal Officer, 198 Champion Court, San --Jose, CA 95134 USA. -diff --git a/LICENCE.ibt_firmware b/LICENCE.ibt_firmware -deleted file mode 100644 -index f878c6a..0000000 ---- a/LICENCE.ibt_firmware -+++ /dev/null -@@ -1,39 +0,0 @@ --Copyright © 2014, Intel Corporation. --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. --* Neither the name of Intel Corporation nor the names of its suppliers -- may be used to endorse or promote products derived from this software -- without specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. -- --Limited patent license. Intel Corporation grants a world-wide, --royalty-free, non-exclusive license under patents it now or hereafter --owns or controls to make, have made, use, import, offer to sell and --sell ("Utilize") this software, but solely to the extent that any --such patent is necessary to Utilize the software alone, or in --combination with an operating system licensed under an approved Open --Source license as listed by the Open Source Initiative at --http://opensource.org/licenses. The patent license shall not apply to --any other combinations which include this software. No hardware per --se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -diff --git a/LICENCE.iwlwifi_firmware b/LICENCE.iwlwifi_firmware -deleted file mode 100644 -index 6bdd16d..0000000 ---- a/LICENCE.iwlwifi_firmware -+++ /dev/null -@@ -1,39 +0,0 @@ --Copyright (c) 2006-2021, Intel Corporation. --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. --* Neither the name of Intel Corporation nor the names of its suppliers -- may be used to endorse or promote products derived from this software -- without specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. -- --Limited patent license. Intel Corporation grants a world-wide, --royalty-free, non-exclusive license under patents it now or hereafter --owns or controls to make, have made, use, import, offer to sell and --sell ("Utilize") this software, but solely to the extent that any --such patent is necessary to Utilize the software alone, or in --combination with an operating system licensed under an approved Open --Source license as listed by the Open Source Initiative at --http://opensource.org/licenses. The patent license shall not apply to --any other combinations which include this software. No hardware per --se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -diff --git a/LICENCE.open-ath9k-htc-firmware b/LICENCE.open-ath9k-htc-firmware -deleted file mode 100644 -index 36655b7..0000000 ---- a/LICENCE.open-ath9k-htc-firmware -+++ /dev/null -@@ -1,206 +0,0 @@ --This is a concatenation of LICENCE.txt and NOTICE.txt from the --open-ath9k-htc-firmware repository describing licensing terms for the --firmware image and its sources. -- --The source code repository is publicly available at --https://github.com/qca/open-ath9k-htc-firmware . -- -- --LICENCE.txt ------------- -- --Files with a Qualcomm Atheros / Atheros licence fall under the following --licence. Please see NOTICES.TXT for information about other files in this --repository. -- ------ -- --Copyright (c) 2013 Qualcomm Atheros, Inc. -- --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted (subject to the limitations in the --disclaimer below) provided that the following conditions are met: -- -- * Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- -- * Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the -- distribution. -- -- * Neither the name of Qualcomm Atheros nor the names of its -- contributors may be used to endorse or promote products derived -- from this software without specific prior written permission. -- --NO EXPRESS OR IMPLIED LICENSES TO ANY PARTY'S PATENT RIGHTS ARE --GRANTED BY THIS LICENSE. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT --HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED --WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF --MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE --DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE --LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR --CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF --SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR --BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, --WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE --OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN --IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- ------ -- -- --NOTICE.TXT ------------ -- --This NOTICE.TXT file contains certain notices of software components included --with the software that QUALCOMM ATHEROS Incorporated ('Qualcomm Atheros') is --required to provide you. Notwithstanding anything in the notices in this file, --your use of these software components together with the Qualcomm Atheros --software (Qualcomm Atheros software hereinafter referred to as 'Software') is --subject to the terms of your license from Qualcomm Atheros. Compliance with --all copyright laws and software license agreements included in the notice --section of this file are the responsibility of the user. Except as may be --granted by separate express written agreement, this file provides no license --to any Qualcomm Atheros patents, trademarks, copyrights, or other intellectual --property. -- --Copyright (c) 2013 QUALCOMM ATHEROS Incorporated. All rights reserved. -- --QUALCOMM ATHEROS is a registered trademark and registered service mark of --QUALCOMM ATHEROS Incorporated. All other trademarks and service marks are --the property of their respective owners. -- --NOTICES: -- --/* -- * Copyright (c) 2005-2012 Atheros Communications Inc. -- * -- * Permission to use, copy, modify, and/or distribute this software for any -- * purpose with or without fee is hereby granted, provided that the above -- * copyright notice and this permission notice appear in all copies. -- * -- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -- */ -- --/* -- * Copyright (c) 2002-2005 Sam Leffler, Errno Consulting -- * Copyright (c) 2002-2005 Atheros Communications, Inc. -- * Copyright (c) 2008-2010, Atheros Communications Inc. -- * -- * Redistribution and use in source and binary forms are permitted -- * provided that the following conditions are met: -- * 1. The materials contained herein are unmodified and are used -- * unmodified. -- * 2. Redistributions of source code must retain the above copyright -- * notice, this list of conditions and the following NO -- * ''WARRANTY'' disclaimer below (''Disclaimer''), without -- * modification. -- * 3. Redistributions in binary form must reproduce at minimum a -- * disclaimer similar to the Disclaimer below and any redistribution -- * must be conditioned upon including a substantially similar -- * Disclaimer requirement for further binary redistribution. -- * 4. Neither the names of the above-listed copyright holders nor the -- * names of any contributors may be used to endorse or promote -- * product derived from this software without specific prior written -- * permission. -- * -- * NO WARRANTY -- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -- * ''AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -- * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, -- * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -- * IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE -- * FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF -- * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT -- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -- * SUCH DAMAGES. -- */ -- ------ -- --The following files are from ECoS with a GPLv2 licence with modification --and linking caveats. Please see the licence below for more information: -- --target_firmware/magpie_fw_dev/build/magpie_1_1/sboot/cmnos/printf/src/cmnos_printf.c --target_firmware/magpie_fw_dev/target/cmnos/cmnos_printf.c --target_firmware/magpie_fw_dev/target/cmnos/k2_fw_cmnos_printf.c -- --//####ECOSGPLCOPYRIGHTBEGIN#### --// ------------------------------------------- --// This file is part of eCos, the Embedded Configurable Operating System. --// Copyright (C) 1998, 1999, 2000, 2001, 2002 Red Hat, Inc. --// Copyright (C) 2002 Gary Thomas --// --// eCos is free software; you can redistribute it and/or modify it under --// the terms of the GNU General Public License as published by the Free --// Software Foundation; either version 2 or (at your option) any later version. --// --// eCos is distributed in the hope that it will be useful, but WITHOUT ANY --// WARRANTY; without even the implied warranty of MERCHANTABILITY or --// FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License --// for more details. --// --// You should have received a copy of the GNU General Public License along --// with eCos; if not, write to the Free Software Foundation, Inc., --// 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. --// --// As a special exception, if other files instantiate templates or use macros --// or inline functions from this file, or you compile this file and link it --// with other works to produce a work based on this file, this file does not --// by itself cause the resulting work to be covered by the GNU General Public --// License. However the source code for this file must still be made available --// in accordance with section (3) of the GNU General Public License. --// --// This exception does not invalidate any other reasons why a work based on --// this file might be covered by the GNU General Public License. --// --// Alternative licenses for eCos may be arranged by contacting Red Hat, Inc. --// at http://sources.redhat.com/ecos/ecos-license/ --// ------------------------------------------- --//####ECOSGPLCOPYRIGHTEND#### -- ------ -- --Some of the source code is sourced from Tensilica, Inc. -- --Although most of the files fall under the MIT licence, some of the source --files generated as part of the system development have a proprietary --Tensilica licence. -- --With permission from Tensilica, Inc, these files have been relicenced --under the following licence: -- --/* -- * Copyright (c) 2013 Tensilica Inc. -- * -- * Permission is hereby granted, free of charge, to any person obtaining -- * a copy of this software and associated documentation files (the -- * "Software"), to deal in the Software without restriction, including -- * without limitation the rights to use, copy, modify, merge, publish, -- * distribute, sublicense, and/or sell copies of the Software, and to -- * permit persons to whom the Software is furnished to do so, subject to -- * the following conditions: -- * -- * The above copyright notice and this permission notice shall be included -- * in all copies or substantial portions of the Software. -- * -- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -- * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -- * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -- * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -- * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -- */ -diff --git a/LICENCE.ralink-firmware.txt b/LICENCE.ralink-firmware.txt -deleted file mode 100644 -index 18dd038..0000000 ---- a/LICENCE.ralink-firmware.txt -+++ /dev/null -@@ -1,39 +0,0 @@ --Copyright (c) 2007, Ralink Technology Corporation --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. --* Neither the name of Ralink Technology Corporation nor the names of its -- suppliers may be used to endorse or promote products derived from this -- software without specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. -- --Limited patent license. Ralink Technology Corporation grants a world-wide, --royalty-free, non-exclusive license under patents it now or hereafter --owns or controls to make, have made, use, import, offer to sell and --sell ("Utilize") this software, but solely to the extent that any --such patent is necessary to Utilize the software alone, or in --combination with an operating system licensed under an approved Open --Source license as listed by the Open Source Initiative at --http://opensource.org/licenses. The patent license shall not apply to --any other combinations which include this software. No hardware per --se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -diff --git a/LICENCE.ralink_a_mediatek_company_firmware b/LICENCE.ralink_a_mediatek_company_firmware -deleted file mode 100644 -index fef16b6..0000000 ---- a/LICENCE.ralink_a_mediatek_company_firmware -+++ /dev/null -@@ -1,39 +0,0 @@ --Copyright (c) 2013, Ralink, A MediaTek Company --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. --* Neither the name of Ralink Technology Corporation nor the names of its -- suppliers may be used to endorse or promote products derived from this -- software without specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. -- --Limited patent license. Ralink Technology Corporation grants a world-wide, --royalty-free, non-exclusive license under patents it now or hereafter --owns or controls to make, have made, use, import, offer to sell and --sell ("Utilize") this software, but solely to the extent that any --such patent is necessary to Utilize the software alone, or in --combination with an operating system licensed under an approved Open --Source license as listed by the Open Source Initiative at --http://opensource.org/licenses. The patent license shall not apply to --any other combinations which include this software. No hardware per --se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -diff --git a/LICENCE.rtlwifi_firmware.txt b/LICENCE.rtlwifi_firmware.txt -deleted file mode 100644 -index d70921f..0000000 ---- a/LICENCE.rtlwifi_firmware.txt -+++ /dev/null -@@ -1,39 +0,0 @@ --Copyright (c) 2010, Realtek Semiconductor Corporation --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. --* Neither the name of Realtek Semiconductor Corporation nor the names of its -- suppliers may be used to endorse or promote products derived from this -- software without specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. -- --Limited patent license. Realtek Semiconductor Corporation grants a world-wide, --royalty-free, non-exclusive license under patents it now or hereafter --owns or controls to make, have made, use, import, offer to sell and --sell ("Utilize") this software, but solely to the extent that any --such patent is necessary to Utilize the software alone, or in --combination with an operating system licensed under an approved Open --Source license as listed by the Open Source Initiative at --http://opensource.org/licenses. The patent license shall not apply to --any other combinations which include this software. No hardware per --se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -diff --git a/LICENCE.ti-connectivity b/LICENCE.ti-connectivity -deleted file mode 100644 -index 22f617f..0000000 ---- a/LICENCE.ti-connectivity -+++ /dev/null -@@ -1,61 +0,0 @@ --Copyright (c) 2016 Texas Instruments Incorporated -- --All rights reserved not granted herein. -- --Limited License. -- --Texas Instruments Incorporated grants a world-wide, royalty-free, non-exclusive --license under copyrights and patents it now or hereafter owns or controls to --make, have made, use, import, offer to sell and sell ("Utilize") this software --subject to the terms herein. With respect to the foregoing patent license, such --license is granted solely to the extent that any such patent is necessary to --Utilize the software alone. The patent license shall not apply to any --combinations which include this software, other than combinations with devices --manufactured by or for TI (“TI Devices”). No hardware patent is licensed --hereunder. -- --Redistributions must preserve existing copyright notices and reproduce this --license (including the above copyright notice and the disclaimer and --(if applicable) source code license limitations below) in the documentation --and/or other materials provided with the distribution -- --Redistribution and use in binary form, without modification, are permitted --provided that the following conditions are met: -- -- * No reverse engineering, decompilation, or disassembly of this -- software is permitted with respect to any software provided in binary -- form. -- -- * any redistribution and use are licensed by TI for use only with TI -- Devices. -- -- * Nothing shall obligate TI to provide you with source code for the -- software licensed and provided to you in object code. -- --If software source code is provided to you, modification and redistribution of --the source code are permitted provided that the following conditions are met: -- -- * any redistribution and use of the source code, including any -- resulting derivative works, are licensed by TI for use only with TI -- Devices. -- -- * any redistribution and use of any object code compiled from the -- source code and any resulting derivative works, are licensed by TI -- for use only with TI Devices. -- --Neither the name of Texas Instruments Incorporated nor the names of its --suppliers may be used to endorse or promote products derived from this --software without specific prior written permission. -- --DISCLAIMER. -- --THIS SOFTWARE IS PROVIDED BY TI AND TI’S LICENSORS "AS IS" AND ANY EXPRESS OR --IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF --MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO --EVENT SHALL TI AND TI’S LICENSORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT --LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR --PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF --LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE --OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF --ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENCE.wl1251 b/LICENCE.wl1251 -deleted file mode 100644 -index bd0f5f1..0000000 ---- a/LICENCE.wl1251 -+++ /dev/null -@@ -1,59 +0,0 @@ --Copyright (c) 2000 – 2013 Texas Instruments Incorporated -- --All rights reserved not granted herein. -- --Limited License. -- --Texas Instruments Incorporated grants a world-wide, royalty-free, non-exclusive --license under copyrights and patents it now or hereafter owns or controls to --make, have made, use, import, offer to sell and sell ("Utilize") this software --subject to the terms herein. With respect to the foregoing patent license, --such license is granted solely to the extent that any such patent is necessary --to Utilize the software alone. The patent license shall not apply to any --combinations which include this software, other than combinations with devices --manufactured by or for TI (“TI Devices”). No hardware patent is licensed --hereunder. -- --Redistributions must preserve existing copyright notices and reproduce this --license (including the above copyright notice and the disclaimer and (if --applicable) source code license limitations below) in the documentation and/or --other materials provided with the distribution -- --Redistribution and use in binary form, without modification, are permitted --provided that the following conditions are met: -- --* No reverse engineering, decompilation, or disassembly of this software -- is permitted with respect to any software provided in binary form. -- --* any redistribution and use are licensed by TI for use only with TI -- Devices. -- --* Nothing shall obligate TI to provide you with source code for the -- software licensed and provided to you in object code. -- --If software source code is provided to you, modification and redistribution of --the source code are permitted provided that the following conditions are met: -- --* any redistribution and use of the source code, including any resulting -- derivative works, are licensed by TI for use only with TI Devices. -- --* any redistribution and use of any object code compiled from the source -- code and any resulting derivative works, are licensed by TI for use -- only with TI Devices. -- --Neither the name of Texas Instruments Incorporated nor the names of its --suppliers may be used to endorse or promote products derived from this software --without specific prior written permission. -- --DISCLAIMER. -- --THIS SOFTWARE IS PROVIDED BY TI AND TI’S LICENSORS "AS IS" AND ANY EXPRESS OR --IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF --MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO --EVENT SHALL TI AND TI’S LICENSORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT --LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR --PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF --LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE --OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF --ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENSE.QualcommAtheros_ar3k b/LICENSE.QualcommAtheros_ar3k -deleted file mode 100644 -index 7fae632..0000000 ---- a/LICENSE.QualcommAtheros_ar3k -+++ /dev/null -@@ -1,47 +0,0 @@ --Copyright (c) 2015, Qualcomm Atheros, Inc. --All rights reserved. -- --Redistribution. Reproduction and redistribution in binary form, without --modification, for use solely in conjunction with a Qualcomm Atheros, Inc. --chipset, is permitted provided that the following conditions are met: -- -- • Redistributions must reproduce the above copyright notice and the following -- disclaimer in the documentation and/or other materials provided with the -- distribution. -- -- • Neither the name of Qualcomm Atheros, Inc. nor the names of its suppliers -- may be used to endorse or promote products derived from this Software -- without specific prior written permission. -- -- • No reverse engineering, decompilation, or disassembly of this Software is -- permitted. -- --Limited patent license. Qualcomm Atheros, Inc. (“Licensor”) grants you --(“Licensee”) a limited, worldwide, royalty-free, non-exclusive license under --the Patents to make, have made, use, import, offer to sell and sell the --Software. No hardware per se is licensed hereunder. --The term “Patents” as used in this agreement means only those patents or patent --applications owned solely and exclusively by Licensor as of the date of --Licensor’s submission of the Software and any patents deriving priority (i.e., --having a first effective filing date) therefrom. The term “Software” as used in --this agreement means the firmware image submitted by Licensor, under the terms --of this license, to git://git.kernel.org/pub/scm/linux/kernel/git/firmware/ --linux-firmware.git. --Notwithstanding anything to the contrary herein, Licensor does not grant and --Licensee does not receive, by virtue of this agreement or the Licensor’s --submission of any Software, any license or other rights under any patent or --patent application owned by any affiliate of Licensor or any other entity --(other than Licensor), whether expressly, impliedly, by virtue of estoppel or --exhaustion, or otherwise. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL --THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENSE.QualcommAtheros_ath10k b/LICENSE.QualcommAtheros_ath10k -deleted file mode 100644 -index c68935c..0000000 ---- a/LICENSE.QualcommAtheros_ath10k -+++ /dev/null -@@ -1,47 +0,0 @@ --Copyright (c) 2015-2017, Qualcomm Atheros, Inc. --All rights reserved. -- --Redistribution. Reproduction and redistribution in binary form, without --modification, for use solely in conjunction with a Qualcomm Atheros, Inc. --chipset, is permitted provided that the following conditions are met: -- -- • Redistributions must reproduce the above copyright notice and the following -- disclaimer in the documentation and/or other materials provided with the -- distribution. -- -- • Neither the name of Qualcomm Atheros, Inc. nor the names of its suppliers -- may be used to endorse or promote products derived from this Software -- without specific prior written permission. -- -- • No reverse engineering, decompilation, or disassembly of this Software is -- permitted. -- --Limited patent license. Qualcomm Atheros, Inc. (“Licensor”) grants you --(“Licensee”) a limited, worldwide, royalty-free, non-exclusive license under --the Patents to make, have made, use, import, offer to sell and sell the --Software. No hardware per se is licensed hereunder. --The term “Patents” as used in this agreement means only those patents or patent --applications owned solely and exclusively by Licensor as of the date of --Licensor’s submission of the Software and any patents deriving priority (i.e., --having a first effective filing date) therefrom. The term “Software” as used in --this agreement means the firmware image submitted by Licensor, under the terms --of this license, to git://git.kernel.org/pub/scm/linux/kernel/git/firmware/ --linux-firmware.git. --Notwithstanding anything to the contrary herein, Licensor does not grant and --Licensee does not receive, by virtue of this agreement or the Licensor’s --submission of any Software, any license or other rights under any patent or --patent application owned by any affiliate of Licensor or any other entity --(other than Licensor), whether expressly, impliedly, by virtue of estoppel or --exhaustion, or otherwise. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL --THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENSE.atmel b/LICENSE.atmel -deleted file mode 100644 -index 5feb313..0000000 ---- a/LICENSE.atmel -+++ /dev/null -@@ -1,36 +0,0 @@ --Copyright (C) 2015 Atmel Corporation. All rights reserved. -- --REDISTRIBUTION: Permission is hereby granted by Atmel Corporation (Atmel), free --of any license fees, to any person obtaining a copy of this firmware (the --"Software"), to install, reproduce, copy and distribute copies, in binary form, --in hexadecimal or equivalent formats, of the Software and to permit persons to --whom the Software is provided to do the same, subject to the following --conditions: -- --* Any redistribution of the Software must reproduce the above copyright notice, -- this license notice, and the following disclaimers and notices in the -- documentation and/or other materials provided with the Software. -- --* Neither the name of Atmel Corporation, its products nor the names of its -- suppliers may be used to endorse or promote products derived from this -- Software without specific prior written permission. -- --* All matters arising out of or in connection with this License and/or Software -- shall be governed by California law and the parties agree to the exclusive -- jurisdiction of the Californian courts to decide all disputes arising. -- --* The licensee shall defend and indemnify Atmel against any and all claims, -- costs, losses and damages (including reasonable legal fees) incurred by tme -- arising out of any claim relating to the Software due to the licensee’s use or -- sub-licensing of the Software -- --DISCLAIMER: THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR --IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF --MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE --DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT --LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR --PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF --LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE --OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF --ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENSE.nxp b/LICENSE.nxp -deleted file mode 100644 -index bfd2c70..0000000 ---- a/LICENSE.nxp -+++ /dev/null -@@ -1,26 +0,0 @@ --LA_OPT_BINARY_FIRMWARE_ONLY rev2 June 2020 -- --Copyright © 2018 NXP. All rights reserved. -- --Software License Agreement (“Agreement”) -- --ANY USE, REPRODUCTION, OR DISTRIBUTION OF THE ACCOMPANYING BINARY SOFTWARE CONSTITUTES LICENSEE'S ACCEPTANCE OF THE TERMS AND CONDITIONS OF THIS AGREEMENT. -- --Licensed Software. “Binary Software” means the software in binary form supplied directly by NXP pursuant to this Agreement. Subject to the terms and conditions of this Agreement, NXP USA, Inc. ("Licensor"), grants to you (“Licensee”) a worldwide, non-exclusive, and royalty-free copyright license to reproduce and distribute the Binary Software in its complete and unmodified binary form as provided by Licensor, for use solely in conjunction with a programmable processing unit supplied directly or indirectly from Licensor. -- --Restrictions. Licensee must reproduce the Licensor copyright notice above with each binary copy of the Binary Software or in the accompanying documentation. Licensee must not reverse engineer, decompile, disassemble or modify in any way the Binary Software. Licensee must not use the Binary Software in violation of any applicable law or regulation. This Agreement shall automatically terminate upon Licensee's breach of any term or condition of this Agreement in which case, Licensee shall destroy all copies of the Binary Software. Neither the name of Licensor nor the names of its suppliers may be used to endorse or promote products derived from this Binary Software without specific prior written permission. --Disclaimer. TO THE MAXIMUM EXTENT PERMITTED BY LAW, LICENSOR EXPRESSLY DISCLAIMS ANY WARRANTY FOR THE BINARY SOFTWARE. THE BINARY SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, LICENSOR DOES NOT WARRANT THAT THE BINARY SOFTWARE IS ERROR-FREE OR WILL OPERATE WITHOUT INTERRUPTION, AND LICENSOR GRANTS NO WARRANTY REGARDING ITS USE OR THE RESULTS THEREFROM, INCLUDING ITS CORRECTNESS, ACCURACY, OR RELIABILITY. -- --Limitation of Liability. IN NO EVENT WILL LICENSOR, OR ANY OF LICENSOR'S LICENSORS HAVE ANY LIABILITY HEREUNDER FOR ANY INDIRECT, SPECIAL, OR --CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER FOR BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, ARISING OUT OF THIS AGREEMENT, INCLUDING DAMAGES FOR LOSS OF PROFITS, OR THE COST OF PROCUREMENT OF SUBSTITUTE GOODS, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. LICENSOR’S TOTAL LIABILITY FOR ALL COSTS, DAMAGES, CLAIMS, OR LOSSES WHATSOEVER ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT OR THE BINARY SOFTWARE SUPPLIED UNDER THIS AGREEMENT IS LIMITED TO THE AGGREGATE AMOUNT PAID BY LICENSEE TO LICENSOR IN CONNECTION WITH THE BINARY SOFTWARE TO WHICH LOSSES OR DAMAGES ARE CLAIMED. -- --Trade Compliance. Licensee shall comply with all applicable export and import control laws and regulations including but not limited to the US Export Administration Regulation (including restrictions on certain military end uses and military end users as specified in Section 15 C.F.R. § 744.21 and prohibited party lists issued by other federal governments), Catch-all regulations and all national and international embargoes. Licensee further agrees that it will not knowingly transfer, divert, export or re-export, directly or indirectly, any product, software, including software source code, or technology restricted by such regulations or by other applicable national regulations, received from Licensor under this Agreement, or any direct product of such software or technical data to any person, firm, entity, country or destination to which such transfer, diversion, export or re-export is restricted or prohibited, without obtaining prior written authorization from the applicable competent government authorities to the extent required by those laws. Licensee acknowledge that the “restricted encryption software” that is subject to the US Export Administration Regulations (EAR), is not intended for use by a government end user, as defined in part 772 of the EAR. This provision shall survive termination or expiration of this Agreement. -- --Assignment. Licensee may not assign this Agreement without the prior written consent of Licensor. Licensor may assign this Agreement without Licensee’s consent. -- --Governing Law. This Agreement will be governed by, construed, and enforced in accordance with the laws of the State of Texas, USA, without regard to conflicts of laws principles, will apply to all matters relating to this Agreement or the Binary Software, and Licensee agrees that any litigation will be subject to the exclusive jurisdiction of the state or federal courts Texas, USA. The United Nations Convention on Contracts for the International Sale of Goods will not apply to this Agreement. --Restrictions, Disclaimer, Limitation of Liability, Trade Compliance, Assignment, and Governing Law shall survive termination or expiration of this Agreement. -- -- -- -- -diff --git a/WHENCE b/WHENCE -index d78e45e..edf6f75 100644 ---- a/WHENCE -+++ b/WHENCE -@@ -8,15 +8,6 @@ kernel. - - -------------------------------------------------------------------------- - --Driver: BCM-0bb4-0306 Cypress Bluetooth firmware for HTC Vive -- --File: brcm/BCM-0bb4-0306.hcd --Link: brcm/BCM-0a5c-6410.hcd -> BCM-0bb4-0306.hcd -- --Licence: Redistributable. See LICENCE.cypress for details. -- ---------------------------------------------------------------------------- -- - Driver: advansys - AdvanSys SCSI - - File: advansys/mcode.bin -@@ -306,36 +297,6 @@ Licence: Redistributable. See LICENCE.agere for details - - -------------------------------------------------------------------------- - --Driver: ar9170 - Atheros 802.11n "otus" USB -- --File: ar9170-1.fw --File: ar9170-2.fw -- --Licence: Redistributable. See LICENCE.atheros_firmware for details -- ---------------------------------------------------------------------------- -- --Driver: ath9k_htc - Atheros HTC devices (USB) -- --File: ar9271.fw --File: ar7010.fw --File: ar7010_1_1.fw --File: htc_9271.fw --Version: 1.3.1 --File: htc_7010.fw --Version: 1.3.1 -- --Licence: Redistributable. See LICENCE.atheros_firmware for details -- --File: ath9k_htc/htc_7010-1.4.0.fw --Version: 1.4.0 --File: ath9k_htc/htc_9271-1.4.0.fw --Version: 1.4.0 -- --Licence: Free software. See LICENCE.open-ath9k-htc-firmware for details -- ---------------------------------------------------------------------------- -- - Driver: cassini - Sun Cassini - - File: sun/cassini.bin -@@ -516,479 +477,6 @@ Found in hex form in kernel source, with the following notice: - - -------------------------------------------------------------------------- - --Driver: libertas - Marvell Libertas fullmac-type 802.11b/g cards -- --File: libertas/cf8381.bin --File: libertas/cf8381_helper.bin --File: libertas/cf8385.bin --File: libertas/cf8385_helper.bin --File: libertas/gspi8682.bin --File: libertas/gspi8682_helper.bin --File: libertas/gspi8686_v9.bin --File: libertas/gspi8686_v9_helper.bin --File: libertas/gspi8688.bin --File: libertas/gspi8688_helper.bin --File: libertas/sd8385.bin --File: libertas/sd8385_helper.bin --File: libertas/sd8682.bin --File: libertas/sd8682_helper.bin --File: libertas/sd8686_v8.bin --File: libertas/sd8686_v8_helper.bin --File: libertas/sd8686_v9.bin --File: libertas/sd8686_v9_helper.bin --File: libertas/usb8388_v5.bin --File: libertas/usb8388_v9.bin --File: libertas/usb8682.bin --File: mrvl/sd8688.bin --Link: libertas/sd8688.bin -> ../mrvl/sd8688.bin --File: mrvl/sd8688_helper.bin --Link: libertas/sd8688_helper.bin -> ../mrvl/sd8688_helper.bin -- --Licence: Redistributable. See LICENCE.Marvell for details. Extracted from --Linux driver tarballs downloaded from Marvell's "Extranet" with permission. -- ---------------------------------------------------------------------------- -- --Driver: libertas - Marvell Libertas 802.11b/g cards, OLPC firmware -- --File: libertas/lbtf_sdio.bin --Version: 9.0.7.p4 -- --File: lbtf_usb.bin --Version: 5.132.3.p1 -- --File: libertas/usb8388_olpc.bin --Version: 5.110.22.p23 -- --Licence: Redistributable. See LICENCE.OLPC for details. -- --Available from http://dev.laptop.org/pub/firmware/libertas/ -- ---------------------------------------------------------------------------- -- --Driver: mwl8k - Marvell Libertas softmac-type 802.11b/g/n cards -- --File: mwl8k/fmimage_8687.fw --File: mwl8k/helper_8687.fw --File: mwl8k/fmimage_8366.fw --File: mwl8k/fmimage_8366_ap-1.fw --File: mwl8k/fmimage_8366_ap-2.fw --File: mwl8k/fmimage_8366_ap-3.fw --Version: 5.2.8.16 --File: mwl8k/helper_8366.fw -- --File: mwl8k/fmimage_8764_ap-1.fw --Version: 7.4.0.9 -- --Licence: Redistributable. See LICENCE.Marvell for details. 8687 images --downloaded from Marvell's "Extranet" with permission. 8366 images contributed --directly by Marvell. -- ---------------------------------------------------------------------------- -- --Driver: mwifiex - Marvell Wi-Fi fullmac-type 802.11n/ac cards -- --File: mrvl/sd8787_uapsta.bin --Version: W14.68.35.p66 -- --File: mrvl/usb8766_uapsta.bin --Version: 14.68.22.p16 -- --File: mrvl/sd8797_uapsta.bin --Version: W14.68.29.p59 -- --File: mrvl/usb8797_uapsta.bin --Version: W14.68.29.p60 -- --File: mrvl/sd8897_uapsta.bin --Version: W15.68.19.17 -- --File: mrvl/usb8897_uapsta.bin --Version: 15.68.4.p103 -- --File: mrvl/pcie8897_uapsta.bin --Version: W15.68.19.p21 -- --File: mrvl/sd8887_uapsta.bin --Version: W15.68.7.p189 -- --File: mrvl/sd8801_uapsta.bin --Version: W14.68.36.p204 -- --File: mrvl/usb8801_uapsta.bin --Version: W14.68.36.p138 -- --File: mrvl/pcieuart8997_combo_v4.bin --Version: W16.68.1.p179 -- --File: mrvl/pcieusb8997_combo_v4.bin --Version: W16.68.1.p195 -- --File: mrvl/pcie8997_wlan_v4.bin --Version: W16.68.1.p195 -- --File: mrvl/usbusb8997_combo_v4.bin --Version: W16.68.1.p183 -- --File: mrvl/sdsd8997_combo_v4.bin --Version: W16.68.1.p179 -- --File: mrvl/sdsd8977_combo_v2.bin --Version: W16.68.1.p195 -- --Licence: Redistributable. See LICENCE.NXP for details. --Originates from https://github.com/NXP/mwifiex-firmware.git -- ---------------------------------------------------------------------------- -- -- --Driver: iwlwifi - Intel Wireless Wifi -- --File: iwlwifi-3945-2.ucode --Version: 15.32.2.9 -- --File: iwlwifi-4965-2.ucode --Version: 228.61.2.24 -- --File: iwlwifi-5000-5.ucode --Version: 8.83.5.1 -- --File: iwlwifi-5150-2.ucode --Version: 8.24.2.2 -- --File: iwlwifi-1000-5.ucode --Version: 39.31.5.1 -- --File: iwlwifi-6000-4.ucode --Version: 9.221.4.1 -- --File: iwlwifi-6050-5.ucode --Version: 41.28.5.1 -- --File: iwlwifi-6000g2a-6.ucode --Version: 18.168.6.1 -- --File: iwlwifi-6000g2b-6.ucode --Version: 18.168.6.1 -- --File: iwlwifi-135-6.ucode --Version: 18.168.6.1 -- --File: iwlwifi-100-5.ucode --Version: 39.31.5.1 -- --File: iwlwifi-105-6.ucode --Version: 18.168.6.1 -- --File: iwlwifi-2030-6.ucode --Version: 18.168.6.1 -- --File: iwlwifi-2000-6.ucode --Version: 18.168.6.1 -- --File: iwlwifi-7260-17.ucode --Version: 17.bfb58538.0 -- --File: iwlwifi-3160-17.ucode --Version: 17.bfb58538.0 -- --File: iwlwifi-7265-17.ucode --Version: 17.bfb58538.0 -- --File: iwlwifi-7265D-29.ucode --Version: 29.f2390aa8.0 -- --File: iwlwifi-3168-29.ucode --Version: 29.0bd893f3.0 -- --File: iwlwifi-8000C-34.ucode --Version: 34.610288.0 -- --File: iwlwifi-8000C-36.ucode --Version: 36.ca7b901d.0 -- --File: iwlwifi-8265-34.ucode --Version: 34.610288.0 -- --File: iwlwifi-8265-36.ucode --Version: 36.ca7b901d.0 -- --File: iwlwifi-9000-pu-b0-jf-b0-34.ucode --Version: 34.ba501b11.0 -- --File: iwlwifi-9000-pu-b0-jf-b0-38.ucode --Version: 38.755cfdd8.0 -- --File: iwlwifi-9000-pu-b0-jf-b0-46.ucode --Version: 46.ff18e32a.0 -- --File: iwlwifi-9260-th-b0-jf-b0-34.ucode --Version: 34.ba501b11.0 -- --File: iwlwifi-9260-th-b0-jf-b0-38.ucode --Version: 38.755cfdd8.0 -- --File: iwlwifi-9260-th-b0-jf-b0-46.ucode --Version: 46.ff18e32a.0 -- --File: iwlwifi-cc-a0-50.ucode --Version: 50.3e391d3e.0 -- --File: iwlwifi-Qu-b0-hr-b0-50.ucode --Version: 50.3e391d3e.0 -- --File: iwlwifi-Qu-b0-jf-b0-50.ucode --Version: 50.3e391d3e.0 -- --File: iwlwifi-Qu-c0-hr-b0-50.ucode --Version: 50.3e391d3e.0 -- --File: iwlwifi-Qu-c0-jf-b0-50.ucode --Version: 50.3e391d3e.0 -- --File: iwlwifi-QuZ-a0-hr-b0-50.ucode --Version: 50.3e391d3e.0 -- --File: iwlwifi-QuZ-a0-jf-b0-50.ucode --Version: 50.3e391d3e.0 -- --File: iwlwifi-cc-a0-59.ucode --Version: 59.601f3a66.0 -- --File: iwlwifi-Qu-b0-hr-b0-59.ucode --Version: 59.601f3a66.0 -- --File: iwlwifi-Qu-b0-jf-b0-59.ucode --Version: 59.601f3a66.0 -- --File: iwlwifi-Qu-c0-hr-b0-59.ucode --Version: 59.601f3a66.0 -- --File: iwlwifi-Qu-c0-jf-b0-59.ucode --Version: 59.601f3a66.0 -- --File: iwlwifi-QuZ-a0-hr-b0-59.ucode --Version: 59.601f3a66.0 -- --File: iwlwifi-QuZ-a0-jf-b0-59.ucode --Version: 59.601f3a66.0 -- --File: iwlwifi-so-a0-gf-a0.pnvm -- --File: iwlwifi-so-a0-gf4-a0.pnvm -- --File: iwlwifi-ty-a0-gf-a0-59.ucode --Version: 59.601f3a66.0 -- --File: iwlwifi-cc-a0-66.ucode --Version: 66.f1c864e0.0 -- --File: iwlwifi-Qu-b0-hr-b0-66.ucode --Version: 66.f1c864e0.0 -- --File: iwlwifi-Qu-b0-jf-b0-66.ucode --Version: 66.f1c864e0.0 -- --File: iwlwifi-Qu-c0-hr-b0-66.ucode --Version: 66.f1c864e0.0 -- --File: iwlwifi-Qu-c0-jf-b0-66.ucode --Version: 66.f1c864e0.0 -- --File: iwlwifi-QuZ-a0-hr-b0-66.ucode --Version: 66.f1c864e0.0 -- --File: iwlwifi-QuZ-a0-jf-b0-66.ucode --Version: 66.f1c864e0.0 -- --File: iwlwifi-ty-a0-gf-a0-66.ucode --Version: 66.f1c864e0.0 -- --File: iwlwifi-cc-a0-72.ucode --Version: 72.daa05125.0 -- --File: iwlwifi-Qu-b0-hr-b0-72.ucode --Version: 72.daa05125.0 -- --File: iwlwifi-Qu-b0-jf-b0-72.ucode --Version: 72.daa05125.0 -- --File: iwlwifi-Qu-c0-hr-b0-72.ucode --Version: 72.daa05125.0 -- --File: iwlwifi-Qu-c0-jf-b0-72.ucode --Version: 72.daa05125.0 -- --File: iwlwifi-QuZ-a0-hr-b0-72.ucode --Version: 72.daa05125.0 -- --File: iwlwifi-QuZ-a0-jf-b0-72.ucode --Version: 72.daa05125.0 -- --File: iwlwifi-ty-a0-gf-a0-72.ucode --Version: 72.a764baac.0 -- --File: iwlwifi-so-a0-gf4-a0-72.ucode --Version: 72.a764baac.0 -- --File: iwlwifi-so-a0-gf-a0-72.ucode --Version: 72.a764baac.0 -- --File: iwlwifi-so-a0-hr-b0-72.ucode --Version: 72.daa05125.0 -- --File: iwlwifi-so-a0-jf-b0-72.ucode --Version: 72.daa05125.0 -- --File: iwlwifi-cc-a0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-Qu-b0-hr-b0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-Qu-b0-jf-b0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-Qu-c0-hr-b0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-Qu-c0-jf-b0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-QuZ-a0-hr-b0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-QuZ-a0-jf-b0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-ty-a0-gf-a0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-so-a0-gf4-a0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-so-a0-gf-a0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-so-a0-hr-b0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-so-a0-jf-b0-73.ucode --Version: 73.35c0a2c6.0 -- --File: iwlwifi-cc-a0-74.ucode --Version: 74.a5e9588b.0 -- --File: iwlwifi-Qu-b0-hr-b0-74.ucode --Version: 74.a5e9588b.0 -- --File: iwlwifi-Qu-b0-jf-b0-74.ucode --Version: 74.a5e9588b.0 -- --File: iwlwifi-Qu-c0-hr-b0-74.ucode --Version: 74.a5e9588b.0 -- --File: iwlwifi-Qu-c0-jf-b0-74.ucode --Version: 74.a5e9588b.0 -- --File: iwlwifi-QuZ-a0-hr-b0-74.ucode --Version: 74.a5e9588b.0 -- --File: iwlwifi-QuZ-a0-jf-b0-74.ucode --Version: 74.a5e9588b.0 -- --File: iwlwifi-ty-a0-gf-a0-74.ucode --Version: 74.fe17486e.0 -- --File: iwlwifi-so-a0-gf4-a0-74.ucode --Version: 74.fe17486e.0 -- --File: iwlwifi-so-a0-gf-a0-74.ucode --Version: 74.fe17486e.0 -- --File: iwlwifi-so-a0-hr-b0-74.ucode --Version: 74.a5e9588b.0 -- --File: iwlwifi-so-a0-jf-b0-74.ucode --Version: 74.a5e9588b.0 -- --File: iwlwifi-cc-a0-77.ucode --Version: 74.206b0184.0 -- --File: iwlwifi-Qu-b0-hr-b0-77.ucode --Version: 74.206b0184.0 -- --File: iwlwifi-Qu-b0-jf-b0-77.ucode --Version: 74.206b0184.0 -- --File: iwlwifi-Qu-c0-hr-b0-77.ucode --Version: 74.206b0184.0 -- --File: iwlwifi-Qu-c0-jf-b0-77.ucode --Version: 74.206b0184.0 -- --File: iwlwifi-QuZ-a0-hr-b0-77.ucode --Version: 74.206b0184.0 -- --File: iwlwifi-QuZ-a0-jf-b0-77.ucode --Version: 74.206b0184.0 -- --File: iwlwifi-ty-a0-gf-a0-77.ucode --Version: 74.f92b5fed.0 -- --File: iwlwifi-ty-a0-gf-a0-78.ucode --Version: 75.3bfdc55f.0 -- --File: iwlwifi-ty-a0-gf-a0-79.ucode --Version: 76.27f1c37b.0 -- --File: iwlwifi-ty-a0-gf-a0-81.ucode --Version: 78.31fc9ae6.0 -- --File: iwlwifi-so-a0-gf4-a0-77.ucode --Version: 74.f92b5fed.0 -- --File: iwlwifi-so-a0-gf4-a0-78.ucode --Version: 75.3bfdc55f.0 -- --File: iwlwifi-so-a0-gf4-a0-79.ucode --Version: 76.27f1c37b.0 -- --File: iwlwifi-so-a0-gf4-a0-81.ucode --Version: 78.31fc9ae6.0 -- --File: iwlwifi-so-a0-gf-a0-77.ucode --Version: 74.f92b5fed.0 -- --File: iwlwifi-so-a0-gf-a0-78.ucode --Version: 74.3bfdc55f.0 -- --File: iwlwifi-so-a0-gf-a0-79.ucode --Version: 75.27f1c37b.0 -- --File: iwlwifi-so-a0-gf-a0-81.ucode --Version: 78.31fc9ae6.0 -- --File: iwlwifi-so-a0-hr-b0-77.ucode --Version: 74.f92b5fed.0 -- --File: iwlwifi-so-a0-hr-b0-79.ucode --Version: 75.27f1c37b.0 -- --File: iwlwifi-so-a0-hr-b0-81.ucode --Version: 78.31fc9ae6.0 -- --File: iwlwifi-so-a0-jf-b0-77.ucode --Version: 74.f92b5fed.0 -- --File: iwlwifi-ty-a0-gf-a0.pnvm -- --Licence: Redistributable. See LICENCE.iwlwifi_firmware for details -- --Also available from http://wireless.kernel.org/en/users/Drivers/iwlwifi#Firmware -- ---------------------------------------------------------------------------- -- - Driver: tehuti - Tehuti Networks 10G Ethernet - - File: tehuti/bdx.bin -@@ -1226,86 +714,6 @@ Available from http://ldriver.qlogic.com/firmware/netxen_nic/new/ - - -------------------------------------------------------------------------- - --Driver: rt61pci - Ralink RT2561, RT2561S, RT2661 wireless MACs -- --File: rt2561.bin --File: rt2561s.bin --File: rt2661.bin -- --Licence: Redistributable. See LICENCE.ralink-firmware.txt for details -- --Downloaded from http://www.ralinktech.com/ralink/Home/Support/Linux.html -- ---------------------------------------------------------------------------- -- --Driver: rt73usb - Ralink RT2571W, RT2671 wireless MACs -- --File: rt73.bin -- --Licence: Redistributable. See LICENCE.ralink-firmware.txt for details -- --Downloaded from http://www.ralinktech.com/ralink/Home/Support/Linux.html -- ----------------------------------------------------------------------------- -- --Driver: mt7601u - MediaTek MT7601U Wireless MACs -- --File: mediatek/mt7601u.bin --Version: 34 --Link: mt7601u.bin -> mediatek/mt7601u.bin -- --Licence: Redistributable. See LICENCE.ralink_a_mediatek_company_firmware for details -- --Downloaded from http://www.mediatek.com/en/downloads/ -- ---------------------------------------------------------------------------- -- --Driver: rt2800pci - Ralink RT2860, RT2890, RT3090, RT3290, RT5390 wireless MACs -- --File: rt2860.bin --Version: 40 -- --File: rt3290.bin --Version: 37 -- --Licence: Redistributable. See LICENCE.ralink-firmware.txt for details -- --Binary file supplied originally by Shiang Tu , latest --from http://www.mediatek.com/en/downloads1/downloads/ -- ---------------------------------------------------------------------------- -- --Driver: rt2860sta - Ralink RT3090 wireless MACs -- --Link: rt3090.bin -> rt2860.bin -- --Licence: Redistributable. See LICENCE.ralink-firmware.txt for details -- ---------------------------------------------------------------------------- -- --Driver: rt2800usb - Ralink RT2870, RT3070, RT3071, RT3072, RT5370 wireless MACs -- --File: rt2870.bin --Version: 36 -- --Licence: Redistributable. See LICENCE.ralink-firmware.txt for details -- --Binary file supplied originally by Shiang Tu , latest --from http://www.mediatek.com/en/downloads1/downloads/ -- ---------------------------------------------------------------------------- -- --Driver: rt2870sta - Ralink RT2870, RT3070, RT3071 wireless MACs -- --Link: rt3070.bin -> rt2870.bin --File: rt3071.bin -- --Licence: Redistributable. See LICENCE.ralink-firmware.txt for details -- --rt3071.bin is a copy of bytes 4096-8191 of rt2870.bin for compatibility. -- ---------------------------------------------------------------------------- -- - Driver: usbdux/usbduxfast/usbduxsigma - usbdux data acquisition cards - - File: usbdux_firmware.bin -@@ -1319,17 +727,6 @@ Provided from the author, Bernd Porr - - -------------------------------------------------------------------------- - --Driver: ath3k - DFU Driver for Atheros bluetooth chipset AR3011 -- --File: ath3k-1.fw --Version: 1.0 -- --Fix EEPROM radio table issue and change PID to 3005 -- --Licence: Redistributable. See LICENCE.atheros_firmware for details -- ---------------------------------------------------------------------------- -- - Driver: mga - Matrox G200/G400/G550 - - File: matrox/g200_warp.fw -@@ -2245,17 +1642,6 @@ Licence: Redistributable. - - -------------------------------------------------------------------------- - --Driver: rtl8192e - Realtek 8192 PCI wireless driver -- --File: RTL8192E/boot.img --File: RTL8192E/data.img --File: RTL8192E/main.img -- --Licence: Redistributable, provided by Realtek in their driver -- source download. -- ---------------------------------------------------------------------------- -- - Driver: ib_qib - QLogic Infiniband - - File: qlogic/sd7220.fw -@@ -2388,1167 +1774,51 @@ Licence: - - -------------------------------------------------------------------------- - --Driver: brcmsmac - Broadcom 802.11n softmac wireless LAN driver. -+Driver: vt6656 - VIA VT6656 USB wireless driver - --File: brcm/bcm43xx-0.fw --File: brcm/bcm43xx_hdr-0.fw --Version: 610.812 -+File: vntwusb.fw - --Licence: Redistributable. See LICENCE.broadcom_bcm43xx for details. -+Licence: Redistributable. See LICENCE.via_vt6656 for details. - - -------------------------------------------------------------------------- - --Driver: brcmfmac - Broadcom 802.11n fullmac wireless LAN driver. -- --File: brcm/bcm4329-fullmac-4.bin --File: brcm/brcmfmac43236b.bin --File: brcm/brcmfmac4329-sdio.bin --File: brcm/brcmfmac4330-sdio.bin --File: brcm/brcmfmac4334-sdio.bin --File: brcm/brcmfmac4335-sdio.bin --File: brcm/brcmfmac43241b0-sdio.bin --File: brcm/brcmfmac43241b4-sdio.bin --File: brcm/brcmfmac43241b5-sdio.bin --File: brcm/brcmfmac43242a.bin --File: brcm/brcmfmac43143.bin --File: brcm/brcmfmac43143-sdio.bin --File: brcm/brcmfmac43430a0-sdio.bin --File: brcm/brcmfmac4350c2-pcie.bin --File: brcm/brcmfmac4350-pcie.bin --File: brcm/brcmfmac43569.bin --File: brcm/brcmfmac4358-pcie.bin --File: brcm/brcmfmac43602-pcie.bin --File: brcm/brcmfmac43602-pcie.ap.bin --File: brcm/brcmfmac4366b-pcie.bin --File: brcm/brcmfmac4366c-pcie.bin --File: brcm/brcmfmac4371-pcie.bin -- --Licence: Redistributable. See LICENCE.broadcom_bcm43xx for details. -- --File: brcm/brcmfmac4373.bin --File: cypress/cyfmac43012-sdio.bin --Link: brcm/brcmfmac43012-sdio.bin -> ../cypress/cyfmac43012-sdio.bin --File: cypress/cyfmac43012-sdio.clm_blob --Link: brcm/brcmfmac43012-sdio.clm_blob -> ../cypress/cyfmac43012-sdio.clm_blob --File: cypress/cyfmac43340-sdio.bin --Link: brcm/brcmfmac43340-sdio.bin -> ../cypress/cyfmac43340-sdio.bin --File: cypress/cyfmac43362-sdio.bin --Link: brcm/brcmfmac43362-sdio.bin -> ../cypress/cyfmac43362-sdio.bin --File: cypress/cyfmac4339-sdio.bin --Link: brcm/brcmfmac4339-sdio.bin -> ../cypress/cyfmac4339-sdio.bin --File: cypress/cyfmac43430-sdio.bin --Link: brcm/brcmfmac43430-sdio.bin -> ../cypress/cyfmac43430-sdio.bin --File: cypress/cyfmac43430-sdio.clm_blob --Link: brcm/brcmfmac43430-sdio.clm_blob -> ../cypress/cyfmac43430-sdio.clm_blob --File: cypress/cyfmac43455-sdio.bin --Link: brcm/brcmfmac43455-sdio.bin -> ../cypress/cyfmac43455-sdio.bin --File: cypress/cyfmac43455-sdio.clm_blob --Link: brcm/brcmfmac43455-sdio.clm_blob -> ../cypress/cyfmac43455-sdio.clm_blob --File: cypress/cyfmac4354-sdio.bin --Link: brcm/brcmfmac4354-sdio.bin -> ../cypress/cyfmac4354-sdio.bin --File: cypress/cyfmac4354-sdio.clm_blob --Link: brcm/brcmfmac4354-sdio.clm_blob -> ../cypress/cyfmac4354-sdio.clm_blob --File: cypress/cyfmac4356-pcie.bin --Link: brcm/brcmfmac4356-pcie.bin -> ../cypress/cyfmac4356-pcie.bin --File: cypress/cyfmac4356-pcie.clm_blob --Link: brcm/brcmfmac4356-pcie.clm_blob -> ../cypress/cyfmac4356-pcie.clm_blob --File: cypress/cyfmac4356-sdio.bin --Link: brcm/brcmfmac4356-sdio.bin -> ../cypress/cyfmac4356-sdio.bin --File: cypress/cyfmac4356-sdio.clm_blob --Link: brcm/brcmfmac4356-sdio.clm_blob -> ../cypress/cyfmac4356-sdio.clm_blob --File: cypress/cyfmac43570-pcie.bin --Link: brcm/brcmfmac43570-pcie.bin -> ../cypress/cyfmac43570-pcie.bin --File: cypress/cyfmac43570-pcie.clm_blob --Link: brcm/brcmfmac43570-pcie.clm_blob -> ../cypress/cyfmac43570-pcie.clm_blob --File: cypress/cyfmac4373-sdio.bin --Link: brcm/brcmfmac4373-sdio.bin -> ../cypress/cyfmac4373-sdio.bin --File: cypress/cyfmac4373-sdio.clm_blob --Link: brcm/brcmfmac4373-sdio.clm_blob -> ../cypress/cyfmac4373-sdio.clm_blob --File: cypress/cyfmac54591-pcie.bin --Link: brcm/brcmfmac54591-pcie.bin -> ../cypress/cyfmac54591-pcie.bin --File: cypress/cyfmac54591-pcie.clm_blob --Link: brcm/brcmfmac54591-pcie.clm_blob -> ../cypress/cyfmac54591-pcie.clm_blob -- --Licence: Redistributable. See LICENCE.cypress for details. -- --File: "brcm/brcmfmac43241b4-sdio.Advantech-MICA-071.txt" --File: "brcm/brcmfmac43241b4-sdio.Intel Corp.-VALLEYVIEW C0 PLATFORM.txt" --File: "brcm/brcmfmac4330-sdio.Prowise-PT301.txt" --File: "brcm/brcmfmac43340-sdio.ASUSTeK COMPUTER INC.-TF103CE.txt" --File: "brcm/brcmfmac43340-sdio.meegopad-t08.txt" --File: "brcm/brcmfmac43340-sdio.pov-tab-p1006w-data.txt" --File: "brcm/brcmfmac43340-sdio.predia-basic.txt" --File: "brcm/brcmfmac43362-sdio.WC121.txt" --File: "brcm/brcmfmac43362-sdio.cubietech,cubietruck.txt" --Link: brcm/brcmfmac43362-sdio.kobo,aura.txt -> brcmfmac43362-sdio.WC121.txt --Link: brcm/brcmfmac43362-sdio.kobo,tolino-shine2hd.txt -> brcmfmac43362-sdio.WC121.txt --Link: brcm/brcmfmac43362-sdio.lemaker,bananapro.txt -> brcmfmac43362-sdio.cubietech,cubietruck.txt --File: "brcm/brcmfmac43430a0-sdio.ilife-S806.txt" --File: "brcm/brcmfmac43430a0-sdio.jumper-ezpad-mini3.txt" --File: "brcm/brcmfmac43430a0-sdio.ONDA-V80 PLUS.txt" --File: "brcm/brcmfmac43430-sdio.AP6212.txt" --Link: brcm/brcmfmac43430-sdio.sinovoip,bpi-m2-plus.txt -> brcmfmac43430-sdio.AP6212.txt --Link: brcm/brcmfmac43430-sdio.sinovoip,bpi-m2-zero.txt -> brcmfmac43430-sdio.AP6212.txt --Link: brcm/brcmfmac43430-sdio.sinovoip,bpi-m2-ultra.txt -> brcmfmac43430-sdio.AP6212.txt --Link: brcm/brcmfmac43430-sdio.sinovoip,bpi-m3.txt -> brcmfmac43430-sdio.AP6212.txt --Link: brcm/brcmfmac43430-sdio.friendlyarm,nanopi-r1.txt -> brcmfmac43430-sdio.AP6212.txt --Link: brcm/brcmfmac43430-sdio.starfive,visionfive-v1.txt -> brcmfmac43430-sdio.AP6212.txt --Link: brcm/brcmfmac43430-sdio.beagle,beaglev-starlight-jh7100-a1.txt -> brcmfmac43430-sdio.AP6212.txt --Link: brcm/brcmfmac43430-sdio.beagle,beaglev-starlight-jh7100-r0.txt -> brcmfmac43430-sdio.AP6212.txt --File: "brcm/brcmfmac43430-sdio.Hampoo-D2D3_Vi8A1.txt" --File: "brcm/brcmfmac43430-sdio.MUR1DX.txt" --File: "brcm/brcmfmac43430-sdio.raspberrypi,3-model-b.txt" --Link: brcm/brcmfmac43430-sdio.raspberrypi,model-zero-w.txt -> brcmfmac43430-sdio.raspberrypi,3-model-b.txt --Link: brcm/brcmfmac43430-sdio.raspberrypi,model-zero-2-w.txt -> brcmfmac43430-sdio.raspberrypi,3-model-b.txt --File: "brcm/brcmfmac43455-sdio.acepc-t8.txt" --File: "brcm/brcmfmac43455-sdio.raspberrypi,3-model-b-plus.txt" --Link: brcm/brcmfmac43455-sdio.raspberrypi,3-model-a-plus.txt -> brcmfmac43455-sdio.raspberrypi,3-model-b-plus.txt --File: "brcm/brcmfmac43455-sdio.raspberrypi,4-model-b.txt" --Link: brcm/brcmfmac43455-sdio.Raspberry\ Pi\ Foundation-Raspberry\ Pi\ 4\ Model\ B.txt -> brcmfmac43455-sdio.raspberrypi,4-model-b.txt --Link: brcm/brcmfmac43455-sdio.Raspberry\ Pi\ Foundation-Raspberry\ Pi\ Compute\ Module\ 4.txt -> brcmfmac43455-sdio.raspberrypi,4-model-b.txt --File: "brcm/brcmfmac43455-sdio.MINIX-NEO Z83-4.txt" --File: "brcm/brcmfmac4356-pcie.gpd-win-pocket.txt" --File: "brcm/brcmfmac4356-pcie.Intel Corporation-CHERRYVIEW D1 PLATFORM.txt" --File: "brcm/brcmfmac4356-pcie.Xiaomi Inc-Mipad2.txt" --File: brcm/brcmfmac4356-sdio.AP6356S.txt --Link: brcm/brcmfmac4356-sdio.firefly,firefly-rk3399.txt -> brcmfmac4356-sdio.AP6356S.txt --Link: brcm/brcmfmac4356-sdio.khadas,vim2.txt -> brcmfmac4356-sdio.AP6356S.txt --Link: brcm/brcmfmac4356-sdio.vamrs,rock960.txt -> brcmfmac4356-sdio.AP6356S.txt --File: brcm/brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.beagle,am5729-beagleboneai.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,pinebook-pro.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,pinenote-v1.1.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,pinenote-v1.2.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,pinephone-pro.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,quartz64-a.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,quartz64-b.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,rockpro64-v2.0.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,rockpro64-v2.1.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,soquartz-model-a.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,soquartz-cm4io.txt -> brcmfmac43455-sdio.AW-CM256SM.txt --Link: brcm/brcmfmac43455-sdio.pine64,soquartz-blade.txt -> brcmfmac43455-sdio.AW-CM256SM.txt -+Driver: myri10ge - Myri10GE 10GbE NIC driver - --Licence: GPLv2. See GPL-2 for details. -+File: myri10ge_eth_z8e.dat -+File: myri10ge_ethp_z8e.dat -+File: myri10ge_rss_eth_z8e.dat -+File: myri10ge_rss_ethp_z8e.dat -+File: myri10ge_eth_big_z8e.dat -+File: myri10ge_ethp_big_z8e.dat -+File: myri10ge_rss_eth_big_z8e.dat -+File: myri10ge_rss_ethp_big_z8e.dat -+Version: 1.4.57 -+ -+License: Redistributable. See LICENCE.myri10ge_firmware for details. - - -------------------------------------------------------------------------- -+Driver: ene-ub6250 -- ENE UB6250 SD card reader driver - --Driver: wl1251 - Texas Instruments 802.11 WLAN driver for WiLink4 chips -+File: ene-ub6250/sd_init1.bin -+File: ene-ub6250/sd_init2.bin -+File: ene-ub6250/sd_rdwr.bin -+File: ene-ub6250/ms_init.bin -+File: ene-ub6250/msp_rdwr.bin -+File: ene-ub6250/ms_rdwr.bin - --File: ti-connectivity/wl1251-fw.bin --Version: 4.0.4.3.7 -+Licence: Redistributable. See LICENCE.ene_firmware for details. - --File: ti-connectivity/wl1251-nvs.bin -+-------------------------------------------------------------------------- - --Licence: Redistributable. See LICENCE.wl1251 for details. -+Driver: isci -- Intel C600 SAS controller driver - --The published NVS files are for testing only. Every device needs to --have a unique NVS which is properly calibrated for best results. -- --The driver expects to find the firmwares under a ti-connectivity subdirectory. --So if your system looks for firmwares in /lib/firmware, the firmwares for --wl12xx chips must be located in /lib/firmware/ti-connectivity/. -- ---------------------------------------------------------------------------- -- --Driver: wl12xx - Texas Instruments 802.11 WLAN driver for WiLink6/7 chips -- --File: ti-connectivity/wl1271-fw.bin --Version: 6.1.0.50.350 (STA-only) --File: ti-connectivity/wl1271-fw-2.bin --Version: 6.1.5.50.74 (STA-only) --File: ti-connectivity/wl1271-fw-ap.bin --Version: 6.2.1.0.54 (AP-only) --File: ti-connectivity/wl127x-fw-3.bin --Version: 6.3.0.0.77 --File: ti-connectivity/wl127x-fw-plt-3.bin --Version: 6.3.0.0.77 (PLT-only) --File: ti-connectivity/wl127x-fw-4-sr.bin --Version: 6.3.5.0.98 (Single-role) --File: ti-connectivity/wl127x-fw-4-mr.bin --Version: 6.5.2.0.15 (Multi-role) --File: ti-connectivity/wl127x-fw-4-plt.bin --Version: 6.3.5.0.98 (PLT-only) --File: ti-connectivity/wl127x-fw-5-sr.bin --Version: 6.3.10.0.142 (Single-role) --File: ti-connectivity/wl127x-fw-5-mr.bin --Version: 6.5.7.0.50 (Multi-role) --File: ti-connectivity/wl127x-fw-5-plt.bin --Version: 6.3.10.0.142 (PLT-only) -- --File: ti-connectivity/wl128x-fw.bin --Version: 7.1.5.50.74 (STA-only) --File: ti-connectivity/wl128x-fw-ap.bin --Version: 7.2.1.0.54 (AP-only) --File: ti-connectivity/wl128x-fw-3.bin --Version: 7.3.0.0.77 --File: ti-connectivity/wl128x-fw-plt-3.bin --Version: 7.3.0.0.77 --File: ti-connectivity/wl128x-fw-4-sr.bin --Version: 7.3.5.0.98 (Single-role) --File: ti-connectivity/wl128x-fw-4-mr.bin --Version: 7.5.2.0.15 (Multi-role) --File: ti-connectivity/wl128x-fw-4-plt.bin --Version: 7.3.5.0.98 (PLT) --File: ti-connectivity/wl128x-fw-5-sr.bin --Version: 7.3.10.0.142 (Single-role) --File: ti-connectivity/wl128x-fw-5-mr.bin --Version: 7.5.7.0.50 (Multi-role) --File: ti-connectivity/wl128x-fw-5-plt.bin --Version: 7.3.10.2.142 (PLT-only) -- --File: ti-connectivity/wl127x-nvs.bin --File: ti-connectivity/wl128x-nvs.bin --Link: ti-connectivity/wl12xx-nvs.bin -> wl127x-nvs.bin --Link: ti-connectivity/wl1271-nvs.bin -> wl127x-nvs.bin -- --Licence: Redistributable. See LICENCE.ti-connectivity for details. -- --The NVS file includes two parts: -- - radio calibration -- - HW configuration parameters (aka. INI values) -- --The published NVS files are for testing only. Every device needs to --hava a unique NVS which is properly calibrated for best results. You --can find more information about NVS generation for your device here: -- --http://wireless.kernel.org/en/users/Drivers/wl12xx/calibrator -- --If you're using a wl127x based device, use a symbolic link called --wl1271-nvs.bin that links to the wl127x-nvs.bin file. If you are --using wl128x, link to wl128x-nvs.bin instead. -- --The driver expects to find the firmwares under a ti-connectivity --subdirectory. So if your system looks for firmwares in /lib/firmware, --the firmwares for wl12xx chips must be located in --/lib/firmware/ti-connectivity/. -- ---------------------------------------------------------------------------- -- --Driver: wl18xx - Texas Instruments 802.11 WLAN driver for WiLink8 chips -- --File: ti-connectivity/wl18xx-fw.bin --Version: 8.2.0.0.100 --File: ti-connectivity/wl18xx-fw-2.bin --Version: 8.5.0.0.55 --File: ti-connectivity/wl18xx-fw-3.bin --Version: 8.8.0.0.13 --File: ti-connectivity/wl18xx-fw-4.bin --Version: 8.9.0.0.79 -- --Licence: Redistributable. See LICENCE.ti-connectivity for details. -- --The driver expects to find the firmwares under a ti-connectivity --subdirectory. So if your system looks for firmwares in /lib/firmware, --the firmwares for wl18xx chips must be located in --/lib/firmware/ti-connectivity/. -- ---------------------------------------------------------------------------- -- --Driver: TI_ST - Texas Instruments bluetooth driver -- --File: ti-connectivity/TIInit_6.2.31.bts --Version: 2.44 (TI_P31.123) --File: ti-connectivity/TIInit_6.6.15.bts --Version: 2.14 (TI_P6_15.93) --File: ti-connectivity/TIInit_7.2.31.bts -- --Licence: Redistributable. See LICENCE.ti-connectivity for details. -- -- TIInit_7.2.31.bts version 7.2.31 -- -- In order to use that file copy it to /lib/firmware/ti-connectivity. -- ---------------------------------------------------------------------------- -- --Driver: r8712u - Realtek 802.11n WLAN driver for RTL8712U -- --File: rtlwifi/rtl8712u.bin --Info: From Vendor's rtl8712_8188_8191_8192SU_usb_linux_v7_0.20100831 -- Reverted rtl8188C_8192C_8192D_usb_linux_v3.4.2_3727.20120404 -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8192ce - Realtek 802.11n WLAN driver for RTL8192CE -- --File: rtlwifi/rtl8192cfw.bin --File: rtlwifi/rtl8192cfwU.bin --File: rtlwifi/rtl8192cfwU_B.bin --Info: From Vendor's realtek/rtlwifi_linux_mac80211_0019.0320.2014V628 driver -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8192cu - Realtek 802.11n WLAN driver for RTL8192CU -- --File: rtlwifi/rtl8192cufw.bin --File: rtlwifi/rtl8192cufw_A.bin --File: rtlwifi/rtl8192cufw_B.bin --File: rtlwifi/rtl8192cufw_TMSC.bin --Info: From Vendor's rtl8188C_8192C_usb_linux_v4.0.1_6911.20130308 driver -- All files extracted from driver/hal/rtl8192c/usb/Hal8192CUHWImg.c -- Relevant variables (CONFIG_BT_COEXISTENCE not set): -- - rtlwifi/rtl8192cufw_A.bin: Rtl8192CUFwUMCACutImgArray -- - rtlwifi/rtl8192cufw_B.bin: Rtl8192CUFwUMCBCutImgArray -- - rtlwifi/rtl8192cufw_TMSC.bin: Rtl8192CUFwTSMCImgArray -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8192se - Realtek 802.11n WLAN driver for RTL8192SE -- --Info: updated from rtl_92ce_92se_92de_linux_mac80211_0004.0816.2011 driver version --File: rtlwifi/rtl8192sefw.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8192de - Realtek 802.11n WLAN driver for RTL8192DE -- --Info: Updated from Realtek version rtl_92ce_92se_92de_8723ae_linux_mac80211_0007.0809.2012 --File: rtlwifi/rtl8192defw.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8723e - Realtek 802.11n WLAN driver for RTL8723E -- --Info: Taken from Realtek version rtl_92ce_92se_92de_8723ae_linux_mac80211_0007.0809.2012 --File: rtlwifi/rtl8723fw.bin --File: rtlwifi/rtl8723fw_B.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8723be - Realtek 802.11n WLAN driver for RTL8723BE -- --Info: From Vendor's realtek/rtlwifi_linux_mac80211_0019.0320.2014V628 driver --File: rtlwifi/rtl8723befw.bin --Info: Update to version 36 - Sent by Realtek --File: rtlwifi/rtl8723befw_36.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8723de - Realtek 802.11ac WLAN driver for RTL8723DE -- --Info: Supplied by Vendor at https://github.com/pkshih/rtlwifi_rtl8723de --File: rtlwifi/rtl8723defw.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8188ee - Realtek 802.11n WLAN driver for RTL8188EE -- --Info: Taken from Realtek version rtl_92ce_92se_92de_8723ae_88ee_linux_mac80211_0010.0109.2013 --File: rtlwifi/rtl8188efw.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8821ae - Realtek 802.11n WLAN driver for RTL8812AE -- --Info: From Vendor's realtek/rtlwifi_linux_mac80211_0019.0320.2014V628 driver --File: rtlwifi/rtl8812aefw.bin --File: rtlwifi/rtl8812aefw_wowlan.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8821ae - Realtek 802.11n WLAN driver for RTL8821AE -- --Info: From Vendor's realtek/rtlwifi_linux_mac80211_0019.0320.2014V628 driver --File: rtlwifi/rtl8821aefw.bin --File: rtlwifi/rtl8821aefw_wowlan.bin --Info: Update to version 29 - Sent by Realtek --File: rtlwifi/rtl8821aefw_29.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8822be - Realtek 802.11n WLAN driver for RTL8822BE -- --Info: Sent to Larry Finger by Realtek engineer Ping-Ke Shih --File: rtlwifi/rtl8822befw.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtw88 - Realtek 802.11ac WLAN driver for RTL8822BE and RTL8822CE -- --Info: Sent to Larry Finger by Realtek engineer Yan-Hsuan Chuang --File: rtw88/rtw8822b_fw.bin --File: rtw88/rtw8822c_fw.bin --File: rtw88/rtw8822c_wow_fw.bin --File: rtw88/README --File: rtw88/rtw8723d_fw.bin --File: rtw88/rtw8821c_fw.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- -- These firmware should be put under /lib/firmware/rtw88/ -- And note that the rtw88 driver is able to support wake-on-wireless LAN -- for RTL8822C devices, after kernel v5.6+. So, make sure the firmware -- rtw88/rtw8822c_wow_fw.bin is also packed, otherwise the firmware load -- fail could be a problem. -- Although RTL8723D devices are 802.11n device, they are also supported -- by rtw88 because the hardware arch is similar. -- ---------------------------------------------------------------------------- -- --Driver: rtw89 - Realtek 802.11ax WLAN driver for RTL8851B/RTL8852A/RTL8852B/RTL8852C -- --File: rtw89/rtw8851b_fw.bin --File: rtw89/rtw8852a_fw.bin --File: rtw89/rtw8852b_fw.bin --File: rtw89/rtw8852b_fw-1.bin --File: rtw89/rtw8852c_fw.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8192ee - Realtek 802.11n WLAN driver for RTL8192EE -- --Info: Initial version taken from Realtek version -- rtl_92ce_92se_92de_8723ae_88ee_8723be_92ee_linux_mac80211_0017.1224.2013 -- Updated Jan. 14, 2015 with file added by Realtek to -- http://github.com/lwfinger/rtlwifi_new.git. -- Same firmware rtl8192eu_nic.bin so just link them --Link: rtlwifi/rtl8192eefw.bin -> rtl8192eu_nic.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8723bs - Realtek 802.11n WLAN driver for RTL8723BS -- --Info: Firmware files extracted from data statements in Realtek driver -- v4.3.5.5_12290.20140916_BTCOEX20140507-4E40. --File: rtlwifi/rtl8723bs_bt.bin --Link: rtlwifi/rtl8723bs_nic.bin -> rtl8723bu_nic.bin --Link: rtlwifi/rtl8723bs_ap_wowlan.bin -> rtl8723bu_ap_wowlan.bin --Link: rtlwifi/rtl8723bs_wowlan.bin -> rtl8723bu_wowlan.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: rtl8xxxu - Realtek 802.11n WLAN driver for RTL8XXX USB devices -- --Info: rtl8723au taken from Realtek driver -- rtl8723A_WiFi_linux_v4.1.3_6044.20121224 -- Firmware is embedded in the driver as data statements. This info -- has been extracted into a binary file. --File: rtlwifi/rtl8723aufw_A.bin --File: rtlwifi/rtl8723aufw_B.bin --File: rtlwifi/rtl8723aufw_B_NoBT.bin -- --Info: rtl8723bu taken from Realtek driver -- rtl8723BU_WiFi_linux_v4.3.16_14189.20150519_BTCOEX20150119-5844 -- Firmware is embedded in the driver as data statements. This info -- has been extracted into a binary file. --File: rtlwifi/rtl8723bu_nic.bin --File: rtlwifi/rtl8723bu_wowlan.bin --File: rtlwifi/rtl8723bu_ap_wowlan.bin -- --Info: rtl8192eu taken from Realtek driver -- rtl8192EU_WiFi_linux_v5.11.2.1-18-g8e7df912b.20210527_COEX20171113-0047 -- Firmware is embedded in the driver as data statements. This info -- has been extracted into a binary file. --File: rtlwifi/rtl8192eu_nic.bin --Version: 35.7 --File: rtlwifi/rtl8192eu_wowlan.bin --Version: 35.7 --File: rtlwifi/rtl8192eu_ap_wowlan.bin --Version: 18.0 -- --Info: rtl8188fu taken from Realtek driver -- RTL8188FU_Linux_v4.3.23.6_20964.20170110 -- Firmware was embedded in the driver as data statements. This info -- has been extracted into a binary file. --File: rtlwifi/rtl8188fufw.bin -- --File: rtlwifi/rtl8710bufw_SMIC.bin --Version: 16.0 --File: rtlwifi/rtl8710bufw_UMC.bin --Version: 16.0 -- --Info: rtl8188eu taken from Realtek driver version -- v5.2.2.4_25483.20171222. -- Firmware is embedded in the driver as data statements. This info -- has been extracted into a binary file. --File: rtlwifi/rtl8188eufw.bin --Version: 28.0 -- --Info: rtl8192fu taken from Realtek driver version -- v5.8.6.2_35538.20191028_COEX20190910-0d02. -- Firmware is embedded in the driver as data statements. This info -- has been extracted into a binary file. --File: rtlwifi/rtl8192fufw.bin --Version: 6.0 -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: r8169 - RealTek 8169/8168/8101 ethernet driver. -- --File: rtl_nic/rtl8168d-1.fw --File: rtl_nic/rtl8168d-2.fw --File: rtl_nic/rtl8105e-1.fw --File: rtl_nic/rtl8168e-1.fw --File: rtl_nic/rtl8168e-2.fw -- --File: rtl_nic/rtl8168e-3.fw --Version: 0.0.4 -- --File: rtl_nic/rtl8168f-1.fw --Version: 0.0.5 -- --File: rtl_nic/rtl8168f-2.fw --Version: 0.0.4 -- --File: rtl_nic/rtl8411-1.fw --Version: 0.0.3 -- --File: rtl_nic/rtl8411-2.fw --Version: 0.0.1 -- --File: rtl_nic/rtl8402-1.fw --Version: 0.0.1 -- --File: rtl_nic/rtl8106e-1.fw --Version: 0.0.1 -- --File: rtl_nic/rtl8106e-2.fw --Version: 0.0.1 -- --File: rtl_nic/rtl8168g-1.fw --Version: 0.0.3 -- --File: rtl_nic/rtl8168g-2.fw --Version: 0.0.1 -- --File: rtl_nic/rtl8168g-3.fw --Version: 0.0.1 -- --File: rtl_nic/rtl8168h-1.fw --Version: 0.0.2 -- --File: rtl_nic/rtl8168h-2.fw --Version: 0.0.2 -- --File: rtl_nic/rtl8168fp-3.fw --Version: 0.0.1 -- --File: rtl_nic/rtl8107e-1.fw --Version: 0.0.2 -- --File: rtl_nic/rtl8107e-2.fw --Version: 0.0.2 -- --File: rtl_nic/rtl8125a-3.fw --Version: 0.0.1 -- --File: rtl_nic/rtl8125b-1.fw --Version: 0.0.2 -- --File: rtl_nic/rtl8125b-2.fw --Version: 0.0.2 -- --Licence: -- * Copyright © 2011-2013, Realtek Semiconductor Corporation -- * -- * Permission is hereby granted for the distribution of this firmware -- * data in hexadecimal or equivalent format, provided this copyright -- * notice is accompanying it. -- ---------------------------------------------------------------------------- -- --Driver: r8152 - Realtek RTL8152/RTL8153 Based USB Ethernet Adapters -- --File: rtl_nic/rtl8153a-2.fw --File: rtl_nic/rtl8153a-3.fw --File: rtl_nic/rtl8153a-4.fw --File: rtl_nic/rtl8153b-2.fw --File: rtl_nic/rtl8153c-1.fw --File: rtl_nic/rtl8156a-2.fw --File: rtl_nic/rtl8156b-2.fw -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- ---------------------------------------------------------------------------- -- --Driver: vt6656 - VIA VT6656 USB wireless driver -- --File: vntwusb.fw -- --Licence: Redistributable. See LICENCE.via_vt6656 for details. -- ---------------------------------------------------------------------------- -- --Driver: DFU Driver for Atheros bluetooth chipset AR3012 -- --File: ar3k/AthrBT_0x01020001.dfu --File: ar3k/ramps_0x01020001_26.dfu --File: ar3k/AthrBT_0x01020200.dfu --File: ar3k/ramps_0x01020200_26.dfu --File: ar3k/ramps_0x01020200_40.dfu --File: ar3k/AthrBT_0x31010000.dfu --File: ar3k/ramps_0x31010000_40.dfu --File: ar3k/AthrBT_0x11020000.dfu --File: ar3k/ramps_0x11020000_40.dfu --File: ar3k/ramps_0x01020201_26.dfu --File: ar3k/ramps_0x01020201_40.dfu --File: ar3k/AthrBT_0x41020000.dfu --File: ar3k/ramps_0x41020000_40.dfu --File: ar3k/AthrBT_0x11020100.dfu --File: ar3k/ramps_0x11020100_40.dfu --File: ar3k/AthrBT_0x31010100.dfu --File: ar3k/ramps_0x31010100_40.dfu -- --Licence: Redistributable. See LICENCE.atheros_firmware for details -- ---------------------------------------------------------------------------- -- --Driver: DFU Driver for Atheros bluetooth chipset AR3012 -- --File: ar3k/AthrBT_0x01020201.dfu --File: ar3k/1020201coex/ramps_0x01020201_26_HighPriority.dfu -- --Licence: Redistributable. See LICENSE.QualcommAtheros_ar3k for details -- ---------------------------------------------------------------------------- -- --Driver:Atheros AR300x UART HCI Bluetooth Chip driver -- --File: ar3k/1020201/PS_ASIC.pst --File: ar3k/1020201/RamPatch.txt --File: ar3k/1020200/ar3kbdaddr.pst --File: ar3k/1020200/PS_ASIC.pst --File: ar3k/1020200/RamPatch.txt --File: ar3k/30101/ar3kbdaddr.pst --File: ar3k/30101/PS_ASIC.pst --File: ar3k/30101/RamPatch.txt --File: ar3k/30000/ar3kbdaddr.pst --File: ar3k/30000/PS_ASIC.pst --File: ar3k/30000/RamPatch.txt -- --Licence: Redistributable. See LICENCE.atheros_firmware for details -- ---------------------------------------------------------------------------- -- --Driver: ath6kl - Atheros support for AR6003 -- --File: ath6k/AR6004/hw1.3/fw-3.bin --File: ath6k/AR6004/hw1.3/bdata.bin --File: ath6k/AR6004/hw1.2/fw-2.bin --File: ath6k/AR6004/hw1.2/bdata.bin --File: ath6k/AR6003/hw1.0/otp.bin.z77 --File: ath6k/AR6003/hw1.0/bdata.SD31.bin --File: ath6k/AR6003/hw1.0/bdata.SD32.bin --File: ath6k/AR6003/hw1.0/data.patch.bin --File: ath6k/AR6003/hw1.0/bdata.WB31.bin --File: ath6k/AR6003/hw1.0/athwlan.bin.z77 --File: ath6k/AR6003/hw2.1.1/fw-2.bin --File: ath6k/AR6003/hw2.1.1/fw-3.bin --File: ath6k/AR6003/hw2.1.1/otp.bin --File: ath6k/AR6003/hw2.1.1/athwlan.bin --File: ath6k/AR6003/hw2.1.1/endpointping.bin --File: ath6k/AR6003/hw2.1.1/bdata.SD31.bin --File: ath6k/AR6003/hw2.1.1/bdata.SD32.bin --File: ath6k/AR6003/hw2.1.1/data.patch.bin --File: ath6k/AR6003/hw2.1.1/bdata.WB31.bin --File: ath6k/AR6003/hw2.0/otp.bin.z77 --File: ath6k/AR6003/hw2.0/bdata.SD31.bin --File: ath6k/AR6003/hw2.0/bdata.SD32.bin --File: ath6k/AR6003/hw2.0/data.patch.bin --File: ath6k/AR6003/hw2.0/bdata.WB31.bin --File: ath6k/AR6003/hw2.0/athwlan.bin.z77 --File: ath6k/AR6002/eeprom.data --File: ath6k/AR6002/eeprom.bin --File: ath6k/AR6002/athwlan.bin.z77 --File: ath6k/AR6002/data.patch.hw2_0.bin -- --Licence: Redistributable. See LICENCE.atheros_firmware for details -- ---------------------------------------------------------------------------- -- --Driver: ath10k - Qualcomm Atheros support for QCA988x family of chips -- --File: ath10k/QCA988X/hw2.0/board.bin --File: ath10k/QCA988X/hw2.0/firmware-4.bin --Version: 10.2.4.45 --File: ath10k/QCA988X/hw2.0/notice_ath10k_firmware-4.txt --File: ath10k/QCA988X/hw2.0/firmware-5.bin --Version: 10.2.4-1.0-00047 --File: ath10k/QCA988X/hw2.0/notice_ath10k_firmware-5.txt --File: ath10k/QCA6174/hw2.1/board.bin --File: ath10k/QCA6174/hw2.1/board-2.bin --File: ath10k/QCA6174/hw2.1/firmware-5.bin --Version: SW_RM.1.1.1-00157-QCARMSWPZ-1 --File: ath10k/QCA6174/hw2.1/notice_ath10k_firmware-5.txt --File: ath10k/QCA6174/hw3.0/board.bin --File: ath10k/QCA6174/hw3.0/board-2.bin --File: ath10k/QCA6174/hw3.0/firmware-4.bin --Version: WLAN.RM.2.0-00180-QCARMSWPZ-1 --File: ath10k/QCA6174/hw3.0/notice_ath10k_firmware-4.txt --File: ath10k/QCA6174/hw3.0/firmware-6.bin --Version: WLAN.RM.4.4.1-00288-QCARMSWPZ-1 --File: ath10k/QCA6174/hw3.0/notice_ath10k_firmware-6.txt --File: ath10k/QCA6174/hw3.0/firmware-sdio-6.bin --Version: WLAN.RMH.4.4.1-00174 --File: ath10k/QCA6174/hw3.0/notice_ath10k_firmware-sdio-6.txt --File: ath10k/QCA9377/hw1.0/board.bin --File: ath10k/QCA9377/hw1.0/board-2.bin --File: ath10k/QCA9377/hw1.0/firmware-5.bin --Version: WLAN.TF.1.0-00002-QCATFSWPZ-5 --File: ath10k/QCA9377/hw1.0/notice_ath10k_firmware-5.txt --File: ath10k/QCA9377/hw1.0/firmware-sdio-5.bin --Version: WLAN.TF.1.1.1-00061-QCATFSWPZ-1 --File: ath10k/QCA9377/hw1.0/notice_ath10k_firmware-sdio-5.txt --File: ath10k/QCA99X0/hw2.0/board-2.bin --File: ath10k/QCA99X0/hw2.0/firmware-5.bin --Version: 10.4.1.00030-1 --File: ath10k/QCA99X0/hw2.0/notice_ath10k_firmware-5.txt --File: ath10k/QCA4019/hw1.0/board-2.bin --File: ath10k/QCA4019/hw1.0/firmware-5.bin --Version: 10.4-3.6-00140 --File: ath10k/QCA4019/hw1.0/notice_ath10k_firmware-5.txt --File: ath10k/QCA9887/hw1.0/board.bin --File: ath10k/QCA9887/hw1.0/firmware-5.bin --Version: 10.2.4-1.0-00047 --File: ath10k/QCA9887/hw1.0/notice_ath10k_firmware-5.txt --File: ath10k/QCA9888/hw2.0/board-2.bin --File: ath10k/QCA9888/hw2.0/firmware-5.bin --Version: 10.4-3.9.0.2-00157 --File: ath10k/QCA9888/hw2.0/notice_ath10k_firmware-5.txt --File: ath10k/QCA9984/hw1.0/board-2.bin --File: ath10k/QCA9984/hw1.0/firmware-5.bin --Version: 10.4-3.9.0.2-00157 --File: ath10k/QCA9984/hw1.0/notice_ath10k_firmware-5.txt --File: ath10k/QCA9377/hw1.0/firmware-6.bin --Version: WLAN.TF.2.1-00021-QCARMSWP-1 --File: ath10k/QCA9377/hw1.0/notice_ath10k_firmware-6.txt --File: ath10k/WCN3990/hw1.0/board-2.bin --File: ath10k/WCN3990/hw1.0/firmware-5.bin --File: ath10k/WCN3990/hw1.0/wlanmdsp.mbn --Link: qcom/sdm845/wlanmdsp.mbn -> ../../ath10k/WCN3990/hw1.0/wlanmdsp.mbn --Version: WLAN.HL.2.0-01387-QCAHLSWMTPLZ-1 --File: ath10k/WCN3990/hw1.0/notice.txt_wlanmdsp -- --Licence: Redistributable. See LICENSE.QualcommAtheros_ath10k for details -- ---------------------------------------------------------------------------- -- --Driver: ath11k - Qualcomm Technologies 802.11ax chipset support -- --File: ath11k/IPQ6018/hw1.0/board-2.bin --File: ath11k/IPQ6018/hw1.0/m3_fw.b00 --File: ath11k/IPQ6018/hw1.0/m3_fw.b01 --File: ath11k/IPQ6018/hw1.0/m3_fw.b02 --File: ath11k/IPQ6018/hw1.0/m3_fw.flist --File: ath11k/IPQ6018/hw1.0/m3_fw.mdt --File: ath11k/IPQ6018/hw1.0/q6_fw.b00 --File: ath11k/IPQ6018/hw1.0/q6_fw.b01 --File: ath11k/IPQ6018/hw1.0/q6_fw.b02 --File: ath11k/IPQ6018/hw1.0/q6_fw.b03 --File: ath11k/IPQ6018/hw1.0/q6_fw.b04 --File: ath11k/IPQ6018/hw1.0/q6_fw.b05 --File: ath11k/IPQ6018/hw1.0/q6_fw.b07 --File: ath11k/IPQ6018/hw1.0/q6_fw.b08 --File: ath11k/IPQ6018/hw1.0/q6_fw.flist --File: ath11k/IPQ6018/hw1.0/q6_fw.mdt --Version: WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1 --File: ath11k/IPQ6018/hw1.0/Notice.txt --File: ath11k/IPQ8074/hw2.0/board-2.bin --File: ath11k/IPQ8074/hw2.0/m3_fw.b00 --File: ath11k/IPQ8074/hw2.0/m3_fw.b01 --File: ath11k/IPQ8074/hw2.0/m3_fw.b02 --File: ath11k/IPQ8074/hw2.0/m3_fw.flist --File: ath11k/IPQ8074/hw2.0/m3_fw.mdt --File: ath11k/IPQ8074/hw2.0/q6_fw.b00 --File: ath11k/IPQ8074/hw2.0/q6_fw.b01 --File: ath11k/IPQ8074/hw2.0/q6_fw.b02 --File: ath11k/IPQ8074/hw2.0/q6_fw.b03 --File: ath11k/IPQ8074/hw2.0/q6_fw.b04 --File: ath11k/IPQ8074/hw2.0/q6_fw.b05 --File: ath11k/IPQ8074/hw2.0/q6_fw.b07 --File: ath11k/IPQ8074/hw2.0/q6_fw.b08 --File: ath11k/IPQ8074/hw2.0/q6_fw.flist --File: ath11k/IPQ8074/hw2.0/q6_fw.mdt --Version: WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1 --File: ath11k/IPQ8074/hw2.0/Notice.txt --File: ath11k/QCA6390/hw2.0/board-2.bin --File: ath11k/QCA6390/hw2.0/amss.bin --File: ath11k/QCA6390/hw2.0/m3.bin --Version: WLAN.HST.1.0.1-05266-QCAHSTSWPLZ_V2_TO_X86-1 --File: ath11k/QCA6390/hw2.0/Notice.txt --File: ath11k/WCN6855/hw2.0/regdb.bin --File: ath11k/WCN6855/hw2.0/board-2.bin --File: ath11k/WCN6855/hw2.0/amss.bin --File: ath11k/WCN6855/hw2.0/m3.bin --Version: WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.23 --File: ath11k/WCN6855/hw2.0/Notice.txt --Link: ath11k/WCN6855/hw2.1/regdb.bin -> ../hw2.0/regdb.bin --Link: ath11k/WCN6855/hw2.1/board-2.bin -> ../hw2.0/board-2.bin --Link: ath11k/WCN6855/hw2.1/amss.bin -> ../hw2.0/amss.bin --Link: ath11k/WCN6855/hw2.1/m3.bin -> ../hw2.0/m3.bin --File: ath11k/QCN9074/hw1.0/board-2.bin --File: ath11k/QCN9074/hw1.0/amss.bin --File: ath11k/QCN9074/hw1.0/m3.bin --Version: WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1 --File: ath11k/QCN9074/hw1.0/Notice.txt --File: ath11k/WCN6750/hw1.0/board-2.bin --File: ath11k/WCN6750/hw1.0/wpss.b00 --File: ath11k/WCN6750/hw1.0/wpss.b01 --File: ath11k/WCN6750/hw1.0/wpss.b02 --File: ath11k/WCN6750/hw1.0/wpss.b03 --File: ath11k/WCN6750/hw1.0/wpss.b04 --File: ath11k/WCN6750/hw1.0/wpss.b05 --File: ath11k/WCN6750/hw1.0/wpss.b06 --File: ath11k/WCN6750/hw1.0/wpss.b07 --File: ath11k/WCN6750/hw1.0/wpss.b08 --File: ath11k/WCN6750/hw1.0/wpss.mdt --Version: WLAN.MSL.1.0.1-01160-QCAMSLSWPLZ-1 --File: ath11k/WCN6750/hw1.0/Notice.txt --File: ath11k/IPQ5018/hw1.0/board-2.bin --File: ath11k/IPQ5018/hw1.0/m3_fw.b00 --File: ath11k/IPQ5018/hw1.0/m3_fw.b01 --File: ath11k/IPQ5018/hw1.0/m3_fw.b02 --File: ath11k/IPQ5018/hw1.0/m3_fw.flist --File: ath11k/IPQ5018/hw1.0/m3_fw.mdt --File: ath11k/IPQ5018/hw1.0/q6_fw.b00 --File: ath11k/IPQ5018/hw1.0/q6_fw.b01 --File: ath11k/IPQ5018/hw1.0/q6_fw.b02 --File: ath11k/IPQ5018/hw1.0/q6_fw.b03 --File: ath11k/IPQ5018/hw1.0/q6_fw.b04 --File: ath11k/IPQ5018/hw1.0/q6_fw.b05 --File: ath11k/IPQ5018/hw1.0/q6_fw.b07 --File: ath11k/IPQ5018/hw1.0/q6_fw.b08 --File: ath11k/IPQ5018/hw1.0/q6_fw.b09 --File: ath11k/IPQ5018/hw1.0/q6_fw.b10 --File: ath11k/IPQ5018/hw1.0/q6_fw.b11 --File: ath11k/IPQ5018/hw1.0/q6_fw.b13 --File: ath11k/IPQ5018/hw1.0/q6_fw.b14 --File: ath11k/IPQ5018/hw1.0/q6_fw.flist --File: ath11k/IPQ5018/hw1.0/q6_fw.mdt --Version: WLAN.HK.2.6.0.1-00861-QCAHKSWPL_SILICONZ-1 --File: ath11k/IPQ5018/hw1.0/Notice.txt -- --Licence: Redistributable. See LICENSE.QualcommAtheros_ath10k for details -- ---------------------------------------------------------------------------- -- --Driver: myri10ge - Myri10GE 10GbE NIC driver -- --File: myri10ge_eth_z8e.dat --File: myri10ge_ethp_z8e.dat --File: myri10ge_rss_eth_z8e.dat --File: myri10ge_rss_ethp_z8e.dat --File: myri10ge_eth_big_z8e.dat --File: myri10ge_ethp_big_z8e.dat --File: myri10ge_rss_eth_big_z8e.dat --File: myri10ge_rss_ethp_big_z8e.dat --Version: 1.4.57 -- --License: Redistributable. See LICENCE.myri10ge_firmware for details. -- ---------------------------------------------------------------------------- -- --Driver: ath6kl - Atheros support for AR6003 WiFi-Bluetooth combo module -- --File: ath6k/AR6003.1/hw2.1.1/athwlan.bin --File: ath6k/AR6003.1/hw2.1.1/bdata.SD31.bin --File: ath6k/AR6003.1/hw2.1.1/bdata.SD32.bin --File: ath6k/AR6003.1/hw2.1.1/bdata.WB31.bin --File: ath6k/AR6003.1/hw2.1.1/data.patch.bin --File: ath6k/AR6003.1/hw2.1.1/endpointping.bin --File: ath6k/AR6003.1/hw2.1.1/otp.bin -- --License: Redistributable. See LICENCE.atheros_firmware for details -- ---------------------------------------------------------------------------- -- --Driver: ath6kl - Atheros support for AR3001 WiFi-Bluetooth combo module -- --File: ar3k/30101coex/ar3kbdaddr.pst --File: ar3k/30101coex/PS_ASIC_aclLowPri.pst --File: ar3k/30101coex/PS_ASIC_aclHighPri.pst --File: ar3k/30101coex/PS_ASIC.pst --File: ar3k/30101coex/RamPatch.txt -- --License: Redistributable. See LICENCE.atheros_firmware for details -- ---------------------------------------------------------------------------- -- --Driver: ene-ub6250 -- ENE UB6250 SD card reader driver -- --File: ene-ub6250/sd_init1.bin --File: ene-ub6250/sd_init2.bin --File: ene-ub6250/sd_rdwr.bin --File: ene-ub6250/ms_init.bin --File: ene-ub6250/msp_rdwr.bin --File: ene-ub6250/ms_rdwr.bin -- --Licence: Redistributable. See LICENCE.ene_firmware for details. -- ---------------------------------------------------------------------------- -- --Driver: isci -- Intel C600 SAS controller driver -- --File: isci/isci_firmware.bin --Source: isci/ -+File: isci/isci_firmware.bin -+Source: isci/ - - Licence: GPLv2. See GPL-2 for details. - - -------------------------------------------------------------------------- - --Driver: ar5523 -- Atheros AR5523 based USB Wifi dongles -- --File: ar5523.bin -- --Licence: Redistributable. See LICENCE.atheros_firmware for details -- ---------------------------------------------------------------------------- -- --Driver: carl9170 -- Atheros AR9170 802.11 draft-n USB driver -- --File: carl9170-1.fw --Version: 1.9.6 --Source: carl9170fw/ -- --Downloaded from http://linuxwireless.org/en/users/Drivers/carl9170 -- --Licence: GPLv2. Some build scripts use the New BSD (3-clause) licence.. See GPL-2 for details. -- ---------------------------------------------------------------------------- -- --Driver: btusb - Bluetooth USB driver -- --File: intel/ibt-hw-37.7.bseq --Version: 1316.02.00 --File: intel/ibt-hw-37.7.10-fw-1.80.2.3.d.bseq --Version: BT_WilkinsPeak_B3_REL_87_0001 --File: intel/ibt-hw-37.7.10-fw-1.0.2.3.d.bseq --Version: BT_WilkinsPeak_B3_REL_87_0001 --File: intel/ibt-hw-37.7.10-fw-1.80.1.2d.d.bseq --Version: BT_WilkinsPeak_B5_REL_42_0001 --File: intel/ibt-hw-37.7.10-fw-1.0.1.2d.d.bseq --Version: BT_WilkinsPeak_B5_REL_42_0001 --File: intel/ibt-hw-37.8.bseq --Version: 1339_02.00 --File: intel/ibt-hw-37.8.10-fw-1.10.2.27.d.bseq --Version: BT_StonePeak_C0_REL_59_0001 --File: intel/ibt-hw-37.8.10-fw-1.10.3.11.e.bseq --Version: BT_StonePeak_D0_REL_50_0002 --File: intel/ibt-hw-37.8.10-fw-22.50.19.14.f.bseq --Version: BT_StonePeak_D1_REL_67_1278 --File: intel/ibt-11-5.ddc --Version: LnP/SfP_REL1294 --File: intel/ibt-11-5.sfi --Version: BT_LightningPeak_REL0487 --File: intel/ibt-12-16.ddc --Version: BT_WindStormPeak_REL1299 --File: intel/ibt-12-16.sfi --Version: BT_WindStormPeak_REL1299 --File: intel/ibt-17-16-1.sfi --Version: BT_JeffersonPeak_B0_B0_REL20332 --File: intel/ibt-17-16-1.ddc --Version: BT_JeffersonPeak_B0_B0_REL20332 --File: intel/ibt-17-2.sfi --Version: BT_JeffersonPeak_B0_B0_REL20332 --File: intel/ibt-17-2.ddc --Version: BT_JeffersonPeak_B0_B0_REL20332 --File: intel/ibt-17-0-1.sfi --Version: BT_JeffersonPeak_A0_B0_REL0201 --File: intel/ibt-17-0-1.ddc --Version: BT_JeffersonPeak_A0_B0_REL0201 --File: intel/ibt-17-1.sfi --Version: BT_JeffersonPeak_A0_B0_REL0201 --File: intel/ibt-17-1.ddc --Version: BT_JeffersonPeak_A0_B0_REL0201 --File: intel/ibt-18-16-1.sfi --Version: BT_ThunderPeak_B0_B0_REL20182 --File: intel/ibt-18-16-1.ddc --Version: BT_ThunderPeak_B0_B0_REL20182 --File: intel/ibt-18-2.sfi --Version: BT_ThunderPeak_B0_B0_REL20182 --File: intel/ibt-18-2.ddc --Version: BT_ThunderPeak_B0_B0_REL20182 --File: intel/ibt-18-0-1.sfi --Version: BT_ThunderPeak_A0_B0_REL0201 --File: intel/ibt-18-0-1.ddc --Version: BT_ThunderPeak_A0_B0_REL0201 --File: intel/ibt-18-1.sfi --Version: BT_ThunderPeak_A0_B0_REL0201 --File: intel/ibt-18-1.ddc --Version: BT_ThunderPeak_A0_B0_REL0201 --File:intel/ibt-20-0-3.sfi --Version: BT_CyclonePeak_A0_REL53392 --File:intel/ibt-20-0-3.ddc --Version: BT_CyclonePeak_A0_REL53392 --File:intel/ibt-20-1-3.sfi --Version: BT_CyclonePeak_A0_REL53392 --File:intel/ibt-20-1-3.ddc --Version: BT_CyclonePeak_A0_REL53392 --File:intel/ibt-20-1-4.sfi --Version: BT_CyclonePeak_A0_REL53392 --File:intel/ibt-20-1-4.ddc --Version: BT_CyclonePeak_A0_REL53392 --File:intel/ibt-19-0-0.sfi --Version: BT_Quasar_REL53392 --File:intel/ibt-19-0-0.ddc --Version: BT_Quasar_REL53392 --File:intel/ibt-19-0-1.sfi --Version: BT_Quasar_REL53392 --File:intel/ibt-19-0-1.ddc --Version: BT_Quasar_REL53392 --File:intel/ibt-19-0-3.sfi --Version: BT_Quasar_REL53263 --File:intel/ibt-19-0-3.ddc --Version: BT_Quasar_REL53263 --File:intel/ibt-19-0-4.sfi --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-0-4.ddc --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-16-4.sfi --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-16-4.ddc --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-32-1.sfi --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-32-1.ddc --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-32-0.sfi --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-32-0.ddc --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-32-4.sfi --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-32-4.ddc --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-240-1.sfi --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-240-1.ddc --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-240-4.sfi --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-19-240-4.ddc --Version: BT_HarrisonPeak_REL53392 --File:intel/ibt-0041-0041.sfi --Version: BT_TyphoonPeak_REL62562 --File:intel/ibt-0041-0041.ddc --Version: BT_TyphoonPeak_REL62562 --File:intel/ibt-0040-0041.sfi --Version: BT_Solar_GfP2_REL62562 --File:intel/ibt-0040-0041.ddc --Version: BT_Solar_GfP2_REL62562 --File:intel/ibt-1040-0041.sfi --Version: BT_SolarF_GfP2_REL62562 --File:intel/ibt-1040-0041.ddc --Version: BT_SolarF_GfP2_REL62562 -- --File:intel/ibt-0040-1020.sfi --Version: BT_Solar_JfP1_REL59564 --File:intel/ibt-0040-1020.ddc --Version: BT_Solar_JfP1_REL59564 --File:intel/ibt-1040-1020.sfi --Version: BT_SolarF_JfP1_REL59564 --File:intel/ibt-1040-1020.ddc --Version: BT_SolarF_JfP1_REL59564 -- --File:intel/ibt-0040-2120.sfi --Version: BT_Solar_JfP2_REL52159 --File:intel/ibt-0040-2120.ddc --Version: BT_Solar_JfP2_REL52159 --File:intel/ibt-1040-2120.sfi --Version: BT_SolarF_JfP2_REL59564 --File:intel/ibt-1040-2120.ddc --Version: BT_SolarF_JfP2_REL59564 -- --File:intel/ibt-0040-4150.sfi --Version: BT_Solar_JnP2_REL62562 --File:intel/ibt-0040-4150.ddc --Version: BT_Solar_JnP2_REL62562 --File:intel/ibt-1040-4150.sfi --Version: BT_SolarF_JnP2_REL62562 --File:intel/ibt-1040-4150.ddc --Version: BT_SolarF_JnP2_REL62562 -- --Licence: Redistributable. See LICENCE.ibt_firmware for details -- --File: rtl_bt/rtl8192ee_fw.bin --File: rtl_bt/rtl8192eu_fw.bin --File: rtl_bt/rtl8723a_fw.bin --File: rtl_bt/rtl8723b_fw.bin --File: rtl_bt/rtl8723bs_fw.bin --File: rtl_bt/rtl8723bs_config-OBDA8723.bin --Link: rtl_bt/rtl8723bs_config-OBDA0623.bin -> rtl8723bs_config-OBDA8723.bin --File: rtl_bt/rtl8761a_fw.bin --File: rtl_bt/rtl8761b_fw.bin --File: rtl_bt/rtl8761b_config.bin --File: rtl_bt/rtl8761bu_fw.bin --File: rtl_bt/rtl8761bu_config.bin --File: rtl_bt/rtl8812ae_fw.bin --File: rtl_bt/rtl8821a_fw.bin --Link: rtl_bt/rtl8821a_config.bin -> rtl8821c_config.bin --File: rtl_bt/rtl8822b_fw.bin --File: rtl_bt/rtl8822b_config.bin --File: rtl_bt/rtl8723d_fw.bin --File: rtl_bt/rtl8723d_config.bin --File: rtl_bt/rtl8821c_fw.bin --File: rtl_bt/rtl8821c_config.bin --File: rtl_bt/rtl8821cs_fw.bin --File: rtl_bt/rtl8821cs_config.bin --File: rtl_bt/rtl8822cu_fw.bin --File: rtl_bt/rtl8822cu_config.bin --File: rtl_bt/rtl8822cs_fw.bin --File: rtl_bt/rtl8822cs_config.bin --File: rtl_bt/rtl8852au_fw.bin --File: rtl_bt/rtl8852au_config.bin --File: rtl_bt/rtl8852bu_fw.bin --File: rtl_bt/rtl8852bu_config.bin --File: rtl_bt/rtl8852cu_fw.bin --File: rtl_bt/rtl8852cu_config.bin --File: rtl_bt/rtl8851bu_fw.bin --File: rtl_bt/rtl8851bu_config.bin -- --Licence: Redistributable. See LICENCE.rtlwifi_firmware.txt for details. -- --Found in vendor driver, linux_bt_usb_2.11.20140423_8723be.rar --From https://github.com/troy-tan/driver_store --Files rtl_bt/rtl8822b_* came directly from Realtek. These files are --updated on April 14, 2017. -- --Found in vendor driver, 20200806_LINUX_BT_DRIVER_RTL8761B_COEX_v0202.zip --File rtl_bt/rtl8761b_config.bin --File rtl_bt/rtl8761bu_config.bin -- ---------------------------------------------------------------------------- -- --Driver: btmtk_usb - Bluetooth USB driver -- --File: mediatek/mt7650.bin --Link: mt7650.bin -> mediatek/mt7650.bin -- --Licence: Redistributable. See LICENCE.ralink_a_mediatek_company_firmware for details -- ---------------------------------------------------------------------------- -- - Driver: rp2 -- Comtrol RocketPort 2 serial driver - - File: rp2.fw -@@ -3632,56 +1902,6 @@ License: Redistributable. See LICENCE.moxa for details - - -------------------------------------------------------------------------- - --Driver: cw1200 - ST-E CW1100/CW1200 WLAN driver -- --File: wsm_22.bin --Version: WSM395 --Licence: Redistributable. See LICENCE.cw1200 for details. -- --File: sdd_sagrad_1091_1098.bin -- --License: -- Copyright (c) 2011-2013 Sagrad, Inc. -- -- This SDD ("Static Dynamic Data") file is licensed strictly for use with -- the Sagrad WiFi modules (such as the SG901-1091/1098) that utilize the -- cw1200 driver. There is no warranty expressed or implied about its -- fitness for any purpose. -- -- Permission is hereby granted for the distribution of this SDD file as -- part of Linux or other Open Source operating system kernel in text or -- binary form as required. -- -- (Please note that the actual device firmware is separately licensed) -- ---------------------------------------------------------------------------- -- --Driver: BFA/BNA - QLogic BR-series Adapter FC/FCOE drivers -- --File: cbfw-3.2.5.1.bin --File: ctfw-3.2.5.1.bin --File: ct2fw-3.2.5.1.bin -- --Licence: -- --This file contains firmware data derived from proprietary unpublished --source code. --Copyright (c) 2013-2014 Brocade Communications Systems, Inc. --Copyright (c) 2014-2015 QLogic Corporation. -- --Permission is hereby granted for the distribution of this firmware data --in hexadecimal or equivalent format, provided this copyright notice is --accompanying it. -- --QLogic grants permission to use and redistribute these firmware files --for use with QLogic BR-series devices, but not as a part of the Linux --kernel or in any other form which would require these files themselves --to be covered by the terms of the GNU General Public License. --These firmware files are distributed in the hope that they will be --useful, but WITHOUT ANY WARRANTY; without even the implied warranty --of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -- ---------------------------------------------------------------------------- - Driver: qat - Intel(R) QAT crypto accelerator - - File: qat_895xcc.bin -@@ -3698,36 +1918,6 @@ Licence: Redistributable. See LICENCE.qat_firmware for details - - -------------------------------------------------------------------------- - --Driver: rsi -- Redpine Signals Inc 91x driver -- --File: rsi_91x.fw -- --File: rsi/rs9113_wlan_qspi.rps --Version: 1.6.1 -- --File: rsi/rs9113_wlan_bt_dual_mode.rps --Version: 1.6.1 -- --File: rsi/rs9113_ap_bt_dual_mode.rps --Version: 1.6.1 -- --File: rsi/rs9116_wlan.rps --Version: 1.0.5b -- --File: rsi/rs9116_wlan_bt_classic.rps --Version: 1.0.5b -- --Licence: -- * Firmware is: -- * Derived from proprietary unpublished source code, -- * Copyright (C) 2019 Redpine Signals Inc. -- * -- * Permission is hereby granted for the distribution of this firmware -- * as part of Linux or other Open Source operating system kernel -- * provided this copyright notice is accompanying it. -- ---------------------------------------------------------------------------- -- - Driver: xhci-rcar -- Renesas R-Car Gen2/3 USB 3.0 host controller driver - - File: r8a779x_usb3_v1.dlmem -@@ -3770,86 +1960,6 @@ Licence: GPLv2 or later. See GPL-2 and GPL-3 for details. - - -------------------------------------------------------------------------- - --Driver: btqca - Qualcomm Atheros Bluetooth support for QCA61x4 chips -- --File: qca/nvm_usb_00000201.bin --File: qca/nvm_usb_00000200.bin --File: qca/nvm_usb_00000300.bin --File: qca/nvm_usb_00000302.bin --File: qca/nvm_00130300.bin --File: qca/nvm_00130302.bin --File: qca/nvm_00230302.bin --File: qca/rampatch_usb_00000200.bin --File: qca/rampatch_usb_00000201.bin --File: qca/rampatch_usb_00000300.bin --File: qca/rampatch_usb_00000302.bin --File: qca/rampatch_00130300.bin --File: qca/rampatch_00130302.bin --File: qca/rampatch_00230302.bin --File: qca/nvm_00440302.bin --File: qca/rampatch_00440302.bin --File: qca/nvm_00440302_eu.bin --File: qca/nvm_00440302_i2s_eu.bin --File: qca/nvm_usb_00000302_eu.bin --File: qca/htbtfw20.tlv --File: qca/htnv20.bin --File: qca/rampatch_usb_00130200.bin --File: qca/nvm_usb_00130200.bin --File: qca/nvm_usb_00130200_0104.bin --File: qca/nvm_usb_00130200_0105.bin --File: qca/nvm_usb_00130200_0106.bin --File: qca/nvm_usb_00130200_0107.bin --File: qca/nvm_usb_00130200_0109.bin --File: qca/nvm_usb_00130200_0110.bin --File: qca/rampatch_usb_00130201.bin --File: qca/nvm_usb_00130201.bin --File: qca/nvm_usb_00130201_010a.bin --File: qca/nvm_usb_00130201_010b.bin --File: qca/nvm_usb_00130201_0303.bin --File: qca/nvm_usb_00130201_gf.bin --File: qca/nvm_usb_00130201_gf_010a.bin --File: qca/nvm_usb_00130201_gf_010b.bin --File: qca/nvm_usb_00130201_gf_0303.bin --File: qca/rampatch_usb_00190200.bin --File: qca/nvm_usb_00190200.bin -- --Licence: Redistributable. See LICENSE.QualcommAtheros_ath10k and qca/NOTICE.txt for details -- ---------------------------------------------------------------------------- -- --Driver: qca - Qualcomm Atheros Bluetooth support for WCN399x chips -- --File: qca/crbtfw21.tlv --File: qca/crnv21.bin --File: qca/crbtfw32.tlv --File: qca/crnv32.bin --File: qca/crnv32u.bin -- --Driver: qca - Qualcomm Atheros Bluetooth support for WCN6750 chips -- --File: qca/msbtfw11.mbn --File: qca/msbtfw11.tlv --File: qca/msnv11.bin --File: qca/msnv11.b0a --File: qca/msnv11.b09 -- --Licence: Redistributable. See LICENSE.QualcommAtheros_ath10k and qca/NOTICE.txt for details -- --Driver: qca - Qualcomm Atheros Bluetooth support for QCA2066 chips -- --File: qca/hpbtfw21.tlv --File: qca/hpnv21.bin --File: qca/hpnv21g.bin --File: qca/hpnv21.301 --File: qca/hpnv21.302 --File: qca/hpnv21g.301 --File: qca/hpnv21g.302 -- -- --Licence: Redistributable. See LICENSE.QualcommAtheros_ath10k and qca/NOTICE.txt for details -- ---------------------------------------------------------------------------- -- - Driver: liquidio -- Cavium LiquidIO driver - - File: liquidio/lio_23xx_nic.bin -@@ -4663,19 +2773,6 @@ Licence: Redistributable. See LICENCE.nvidia for details - - -------------------------------------------------------------------------- - --Driver: wilc1000 - Atmel 802.11n WLAN driver for WILC1000 -- --File: atmel/wilc1000_fw.bin --File: atmel/wilc1000_ap_fw.bin --File: atmel/wilc1000_p2p_fw.bin --File: atmel/wilc1000_wifi_firmware.bin --File: atmel/wilc1000_wifi_firmware-1.bin --Version: 16.0 -- --License: Redistributable. See LICENSE.atmel for details -- ---------------------------------------------------------------------------- -- - Driver: hfi1 - Intel OPA Gen 1 adapter - - File: hfi1_dc8051.fw -@@ -4699,18 +2796,6 @@ Licence: Redistributable. See LICENCE.ti-keystone for details. - - -------------------------------------------------------------------------- - --Driver: mwlwifi - Marvell mac80211 driver for 80211ac cards. -- --File: mwlwifi/88W8864.bin --Version: 7.2.8.6 -- --File: mwlwifi/88W8897.bin --Version: 8.2.0.10 -- --Licence: Redistributable. See LICENCE.Marvell for details. -- ---------------------------------------------------------------------------- -- - Driver: mtk_scp - MediaTek SCP System Control Processing Driver - - File: mediatek/mt8183/scp.img -@@ -4726,195 +2811,6 @@ Licence: Redistributable. See LICENCE.mediatek for details. - - -------------------------------------------------------------------------- - --Driver: btmtk - MediaTek Bluetooth Driver -- --File: mediatek/mt7622pr2h.bin --Version: 20180621204904 --File: mediatek/mt7668pr2h.bin --Version: 20180517181834 --# Note: explicitly commented out, since it's duplicated further down --# File: mediatek/mt7663pr2h.bin --# Version: 7663e2ccn04-2006030247 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- --Driver: mt76x0 - MediaTek MT76x0 Wireless MACs -- --File: mediatek/mt7610u.bin --File: mediatek/mt7610e.bin --Version: 2.6 --File: mediatek/mt7650e.bin --Version: 1.0.07-b370 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ----------------------------------------------------------------------------- -- --Driver: mt76x2e - MediaTek MT76x2 Wireless MACs -- --File: mediatek/mt7662.bin --Version: 1.9 --Link: mt7662.bin -> mediatek/mt7662.bin -- --File: mediatek/mt7662_rom_patch.bin --Version: 0.0.2_P69 --Link: mt7662_rom_patch.bin -> mediatek/mt7662_rom_patch.bin -- --Licence: Redistributable. See LICENCE.ralink_a_mediatek_company_firmware for details -- ----------------------------------------------------------------------------- -- --Driver: mt76x2u - MediaTek MT76x2u Wireless MACs -- --File: mediatek/mt7662u.bin --Version: 1.5 -- --File: mediatek/mt7662u_rom_patch.bin --Version: 0.0.2_P48 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- --Driver: mt7615e - MediaTek MT7615e Wireless MACs -- --File: mediatek/mt7615_n9.bin --Version: 20200814 --File: mediatek/mt7615_cr4.bin --Version: 20190114 --File: mediatek/mt7615_rom_patch.bin --Version: 20190114 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- --Driver: mt7622 - MediaTek MT7622 Wireless MACs -- --File: mediatek/mt7622_n9.bin --Version: 20200630 --File: mediatek/mt7622_rom_patch.bin --Version: 20190114 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- --Driver: mt7663 - MediaTek MT7663 Wireless MACs -- --File: mediatek/mt7663pr2h.bin --Version: 7663e2ccn04-2006030247 --File: mediatek/mt7663_n9_v3.bin --Version: v3.1.1 -- --File: mediatek/mt7663pr2h_rebb.bin --Version: 7663e2-1802-19091404338b809 --File: mediatek/mt7663_n9_rebb.bin --Version: 7663mp1827-20190914043434 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- --Driver: mt7915e - MediaTek Wireless MACs for MT7915/MT7916/MT7986/MT7981 -- --File: mediatek/mt7915_wm.bin --Version: 20220929104145 --File: mediatek/mt7915_wa.bin --Version: 20220929104205 --File: mediatek/mt7915_rom_patch.bin --Version: 20220929104113a --File: mediatek/mt7915_eeprom.bin --Version: 20200821 --File: mediatek/mt7915_eeprom_dbdc.bin --Version: 20200821 -- --File: mediatek/mt7916_wm.bin --Version: 20230202145005 --File: mediatek/mt7916_wa.bin --Version: 20230202143332 --File: mediatek/mt7916_rom_patch.bin --Version: 20230202144915a --File: mediatek/mt7916_eeprom.bin --Version: 20211130 -- --File: mediatek/mt7986_wm.bin --Version: 20221012174725 --File: mediatek/mt7986_wm_mt7975.bin --Version: 20221012174805 --File: mediatek/mt7986_wa.bin --Version: 20221012174937 --File: mediatek/mt7986_rom_patch.bin --Version: 20221012174648a --File: mediatek/mt7986_rom_patch_mt7975.bin --Version: 20221012174743a --File: mediatek/mt7986_wo_0.bin --Version: 20221012175005 --File: mediatek/mt7986_wo_1.bin --Version: 20221012175032 --File: mediatek/mt7986_eeprom_mt7976.bin --Version: 20211105 --File: mediatek/mt7986_eeprom_mt7976_dbdc.bin --Version: 20220223 --File: mediatek/mt7986_eeprom_mt7976_dual.bin --Version: 20211115 --File: mediatek/mt7986_eeprom_mt7975_dual.bin --Version: 20220208 -- --File: mediatek/mt7981_wm.bin --Version: 20221208201806 --File: mediatek/mt7981_wa.bin --Version: 20221208202048 --File: mediatek/mt7981_rom_patch.bin --Version: 20221208201745a --File: mediatek/mt7981_wo.bin --Version: 20221208202138 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- --Driver: mt7921 - MediaTek MT7921 Wireless MACs -- --File: mediatek/WIFI_MT7961_patch_mcu_1_2_hdr.bin --Version: 20230526130917a --File: mediatek/WIFI_RAM_CODE_MT7961_1.bin --Version: 20230526130958 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- --Driver: mt7921 - MediaTek MT7921 bluetooth chipset -- --File: mediatek/BT_RAM_CODE_MT7961_1_2_hdr.bin --Version: 20230526131214 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- --Driver: mt7922 - MediaTek MT7922 Wireless MACs -- --File: mediatek/WIFI_MT7922_patch_mcu_1_1_hdr.bin --Version: 20230530123154a --File: mediatek/WIFI_RAM_CODE_MT7922_1.bin --Version: 20230530123236 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- --Driver: mt7922 - MediaTek MT7922 bluetooth chipset -- --File: mediatek/BT_RAM_CODE_MT7922_1_1_hdr.bin --Version: 20230530123531 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- - Driver: nfp - Netronome Flow Processor - - Link: netronome/nic_AMDA0081-0001_1x40.nffw -> nic/nic_AMDA0081-0001_1x40.nffw -@@ -5009,16 +2905,6 @@ Licence: Redistributable. See LICENCE.Netronome for details - - -------------------------------------------------------------------------- - --Driver: wil6210 - Qualcomm Atheros support for 11ad family of chips -- --File: wil6210.fw --File: wil6210.brd --Version: 5.2.0.18 -- --Licence: Redistributable. See LICENSE.QualcommAtheros_ath10k for details -- ---------------------------------------------------------------------------- -- - Driver: imx-sdma - support for i.MX SDMA driver - - File: imx/sdma/sdma-imx6q.bin -@@ -5077,69 +2963,6 @@ https://github.com/genesi/linux-legacy/tree/master/drivers/mxc/amd-gpu - - -------------------------------------------------------------------------- - --Driver: qcom_q6v5_pas - Qualcomm remoteproc firmware -- --File: qcom/apq8016/mba.mbn --File: qcom/apq8016/modem.mbn --File: qcom/apq8016/wcnss.mbn --File: qcom/apq8016/WCNSS_qcom_wlan_nv_sbc.bin --File: qcom/apq8096/adsp.mbn --File: qcom/apq8096/adspr.jsn --File: qcom/apq8096/adspua.jsn --File: qcom/apq8096/mba.mbn --File: qcom/apq8096/modem.mbn --File: qcom/apq8096/modemr.jsn --File: qcom/sdm845/adsp.mbn --File: qcom/sdm845/adspr.jsn --File: qcom/sdm845/adspua.jsn --File: qcom/sdm845/cdsp.mbn --File: qcom/sdm845/cdspr.jsn --File: qcom/sm8250/adsp.mbn --File: qcom/sm8250/adspr.jsn --File: qcom/sm8250/adspua.jsn --File: qcom/sm8250/cdsp.mbn --File: qcom/sm8250/cdspr.jsn --File: qcom/sc8280xp/LENOVO/21BX/adspr.jsn --File: qcom/sc8280xp/LENOVO/21BX/adspua.jsn --File: qcom/sc8280xp/LENOVO/21BX/battmgr.jsn --File: qcom/sc8280xp/LENOVO/21BX/cdspr.jsn --File: qcom/sc8280xp/LENOVO/21BX/qcadsp8280.mbn --File: qcom/sc8280xp/LENOVO/21BX/qccdsp8280.mbn --File: qcom/sc8280xp/LENOVO/21BX/qcslpi8280.mbn --Link: qcom/LENOVO/21BX -> ../sc8280xp/LENOVO/21BX -- --Licence: Redistributable. See LICENSE.qcom and qcom/NOTICE.txt for details -- --Binary files supplied originally from --http://releases.linaro.org/96boards/dragonboard410c/qualcomm/firmware/linux-board-support-package-r1036.1.zip --http://releases.linaro.org/96boards/dragonboard845c/qualcomm/firmware/RB3_firmware_20221121000000-v5.zip --http://releases.linaro.org/96boards/rb5/qualcomm/firmware/RB5_firmware_20210331-v4.zip -- --adsp.mbn has been converted from 20-adsp_split/firmware/adsp.* using --https://github.com/andersson/pil-squasher -- --cdsp.mbn has been converted from 21-cdsp_split/firmware/cdsp.* using --https://github.com/andersson/pil-squasher -- ---------------------------------------------------------------------------- -- --Driver: qcom_q6v5_mss - Qualcomm modem subsystem firmware -- --File: qcom/sdm845/mba.mbn --File: qcom/sdm845/modem_nm.mbn --File: qcom/sdm845/modemuw.jsn --Link: qcom/sdm845/modem.mbn -> modem_nm.mbn -- --Licence: Redistributable. See LICENSE.qcom and qcom/NOTICE.txt for details -- --Binary files supplied originally from --http://releases.linaro.org/96boards/dragonboard845c/qualcomm/firmware/RB3_firmware_20221121000000-v5.zip -- --modem.mbn has been converted from 28-modem/modem.* using --https://github.com/andersson/pil-squasher -- ---------------------------------------------------------------------------- -- - Driver: mlxsw_spectrum - Mellanox Spectrum switch - - File: mellanox/mlxsw_spectrum-13.1420.122.mfa2 -@@ -5312,26 +3135,6 @@ Licence: Redistributable. See LICENCE.Marvell for details. - - ------------------------------------------------ - --Driver: wfx - Silicon Labs Wi-Fi Transceiver -- --File: wfx/wfm_wf200_C0.sec --Version: 3.14 -- --File: wfx/brd4001a.pds --File: wfx/brd8022a.pds --File: wfx/brd8023a.pds -- --Licence: Redistributable. See wfx/LICENCE.wf200 for details. -- --The firmware itself originates from https://github.com/SiliconLabs/wfx-firmware -- --The *.pds files come from https://github.com/SiliconLabs/wfx-pds -- --They have been processed with the tool "pds_compress" available on --https://github.com/SiliconLabs/wfx-linux-tools -- ---------------------------------------------------------------------------- -- - Driver: rvu_cptpf - Marvell CPT driver - - File: mrvl/cpt01/ae.out -@@ -5351,31 +3154,3 @@ Version: v1.21 - Licence: Redistributable. See LICENCE.Marvell for details. - - --------------------------------------------------------------------------- -- --Driver: nxp-sr1xx - NXP Ultra Wide Band driver --File: nxp/sr150_fw.bin --Version: 35.00.03 -- --Licence: Redistributable. See LICENSE.nxp for details --Originates from https://github.com/NXP/uwb-NXPUWB-FW.git ---------------------------------------------------------------------------- -- --Driver: btnxpuart - NXP BT UART driver -- --File: nxp/uartuart8997_bt_v4.bin --File: nxp/uartiw416_bt_v0.bin --File: nxp/helper_uart_3000000.bin --Version: 16.92.21.p81 -- --File: nxp/uartuart8987_bt.bin --Version: 16.92.21.p76.5 -- --File: nxp/uartuart9098_bt_v1.bin --Version: 17.92.1.p136.24 -- --File: nxp/uartspi_n61x_v1.bin.se --Version: 18.99.1.p154.40 -- --Licence: Redistributable. See LICENSE.nxp for details -- ---------------------------------------------------------------------------- --- -2.40.1 - diff --git a/packages/linux-firmware/0004-linux-firmware-scsi-Remove-firmware-for-SCSI-devices.patch b/packages/linux-firmware/0004-linux-firmware-scsi-Remove-firmware-for-SCSI-devices.patch deleted file mode 100644 index 17de9c06345..00000000000 --- a/packages/linux-firmware/0004-linux-firmware-scsi-Remove-firmware-for-SCSI-devices.patch +++ /dev/null @@ -1,191 +0,0 @@ -From 8d9ded48714bc49d16a2250e1b477244c66d16a9 Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Tue, 25 Jul 2023 12:12:03 +0000 -Subject: [PATCH] linux-firmware: scsi: Remove firmware for SCSI devices - -Bottlerocket does not configure drivers for most SCSI devices for any of -its kernels. Without the driver support, there is no point in providing -firmware for these devices. The list below maps driver names as -specified in WHENCE and maps them to kernel config options to enable us -to easily add firmware when necessitated by driver addition. - -* advansys - CONFIG_SCSI_ADVANSYS -* qla1280 - CONFIG_SCSI_QLOGIC_1280 -* qlogicpti - CONFIG_SCSI_QLOGICPTI -* isci - CONFIG_SCSI_ISCI -* BFA/BNA - CONFIG_BNA && CONFIG_SCSI_BFA -* qla2xxx - CONFIG_TCM_QLA2XXX - -Signed-off-by: Leonard Foerster ---- - LICENCE.qla1280 | 23 ------------------ - LICENCE.qla2xxx | 31 ------------------------ - WHENCE | 63 ------------------------------------------------- - 3 files changed, 117 deletions(-) - delete mode 100644 LICENCE.qla1280 - delete mode 100644 LICENCE.qla2xxx - -diff --git a/LICENCE.qla1280 b/LICENCE.qla1280 -deleted file mode 100644 -index 00cd353..0000000 ---- a/LICENCE.qla1280 -+++ /dev/null -@@ -1,23 +0,0 @@ --Copyright (C) 1995, 1996, 1997, 1998, 1999, 2000 QLogic, Inc. --All rights reserved. -- --Redistribution and use in source and binary forms are permitted provided --that the following conditions are met: --1. Redistribution of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistribution in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. --3. The name of the author may not be used to endorse or promote products -- derived from this software without specific prior written permission -- --THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR --IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES --OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. --IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT --NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, --DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY --THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT --(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF --THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENCE.qla2xxx b/LICENCE.qla2xxx -deleted file mode 100644 -index 6b3d8ff..0000000 ---- a/LICENCE.qla2xxx -+++ /dev/null -@@ -1,31 +0,0 @@ --Copyright (c) 2003-2017 QLogic Corporation --QLogic Linux Fibre Channel Adapter Firmware -- --Redistribution and use in binary form, without modification, for use in conjunction --with QLogic authorized products is permitted provided that the following conditions --are met: -- --1. Redistribution in binary form must reproduce the above copyright notice, this -- list of conditions and the following disclaimer in the documentation and/or -- other materials provided with the distribution. --2. The name of QLogic Corporation may not be used to endorse or promote products -- derived from this software without specific prior written permission. --3. Reverse engineering, decompilation, or disassembly of this firmware is not -- permitted. -- --REGARDLESS OF WHAT LICENSING MECHANISM IS USED OR APPLICABLE,THIS PROGRAM IS --PROVIDED BY QLOGIC CORPORATION "AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, --INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR --BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR --CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE --GOODS OR SERVICES; LOSS OF USE,DATA, OR PROFITS; OR BUSINESS INTERRUPTION) --HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT --LIABILITY,OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY --OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- --USER ACKNOWLEDGES AND AGREES THAT USE OF THIS PROGRAM WILL NOT CREATE OR GIVE --GROUNDS FOR A LICENSE BY IMPLICATION, ESTOPPEL, OR OTHERWISE IN ANY INTELLECTUAL --PROPERTY RIGHTS (PATENT, COPYRIGHT, TRADE SECRET, MASK WORK, OR OTHER PROPRIETARY --RIGHT) EMBODIED IN ANY OTHER QLOGIC HARDWARE OR SOFTWARE EITHER SOLELY OR IN --COMBINATION WITH THIS PROGRAM. -diff --git a/WHENCE b/WHENCE -index edf6f75..bf5204f 100644 ---- a/WHENCE -+++ b/WHENCE -@@ -8,29 +8,6 @@ kernel. - - -------------------------------------------------------------------------- - --Driver: advansys - AdvanSys SCSI -- --File: advansys/mcode.bin --File: advansys/3550.bin --File: advansys/38C0800.bin --File: advansys/38C1600.bin -- --Licence: BSD, no source available. -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: qla1280 - Qlogic QLA 1240/1x80/1x160 SCSI support -- --File: qlogic/1040.bin --File: qlogic/1280.bin --File: qlogic/12160.bin -- --Licence: Redistributable. See LICENCE.qla1280 for details -- ---------------------------------------------------------------------------- -- - Driver: kaweth -- USB KLSI KL5USB101-based Ethernet device - - File: kaweth/new_code.bin -@@ -265,27 +242,6 @@ http://www.zdomain.com/a56.html - - -------------------------------------------------------------------------- - --Driver: qla2xxx - QLogic QLA2XXX Fibre Channel -- --File: ql2100_fw.bin --Version: 1.19.38 TP --File: ql2200_fw.bin --Version: 2.02.08 TP --File: ql2300_fw.bin --Version: 3.03.28 IPX --File: ql2322_fw.bin --Version: 3.03.28 IPX --File: ql2400_fw.bin --Version: 8.07.00 MID --File: ql2500_fw.bin --Version: 8.07.00 MIDQ -- --Licence: Redistributable. See LICENCE.qla2xxx for details -- --Available from http://ldriver.qlogic.com/firmware/ -- ---------------------------------------------------------------------------- -- - Driver: orinoco - Agere/Prism/Symbol Orinoco support - - File: agere_sta_fw.bin -@@ -631,16 +587,6 @@ Found in hex form in kernel source. - - -------------------------------------------------------------------------- - --Driver: qlogicpti - PTI Qlogic, ISP Driver -- --File: qlogic/isp1000.bin -- --Licence: Unknown -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: myri_sbus - MyriCOM Gigabit Ethernet - - File: myricom/lanai.bin -@@ -1810,15 +1756,6 @@ Licence: Redistributable. See LICENCE.ene_firmware for details. - - -------------------------------------------------------------------------- - --Driver: isci -- Intel C600 SAS controller driver -- --File: isci/isci_firmware.bin --Source: isci/ -- --Licence: GPLv2. See GPL-2 for details. -- ---------------------------------------------------------------------------- -- - Driver: rp2 -- Comtrol RocketPort 2 serial driver - - File: rp2.fw --- -2.40.1 - diff --git a/packages/linux-firmware/0005-linux-firmware-usb-remove-firmware-for-USB-Serial-PC.patch b/packages/linux-firmware/0005-linux-firmware-usb-remove-firmware-for-USB-Serial-PC.patch deleted file mode 100644 index c4cf75524fd..00000000000 --- a/packages/linux-firmware/0005-linux-firmware-usb-remove-firmware-for-USB-Serial-PC.patch +++ /dev/null @@ -1,901 +0,0 @@ -From abd8555549e48367b9edb9baaa61b40afcfd6231 Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Tue, 25 Jul 2023 14:27:14 +0000 -Subject: [PATCH] linux-firmware: usb: remove firmware for USB/Serial/PCMCIA - devices - -Bottlerocket does not configure most drivers for USB,PCMCIA, and serial devices -for any of its kernels. Without those drivers, the firmware for these -devices is not of use and does not need to be shipped by us. - -The following list maps the driver names as specified in WHENCE to -kernel config options enabling drivers. That way we are able to find the -firmware for any driver we may be enabling in the future. - -* kaweth - CONFIG_USB_KAWETH -* keyspan - CONFIG_SERIAL_KEYSPAN -* keyspan_pda - CONFIG_SERIAL_KEYSPAN_PDA -* emi26 - CONFIG_USB_EMI26 -* emi62 - CONFIG_USB_EMI62 -* ti_usb_3410_5052 - CONFIG_USB_SERIAL_TI -* whiteheat - CONFIG_USB_SERIAL_WHITEHEAT -* io_edgeport - CONFIG_USB_SERIAL_EDGEPORT -* io_ti - CONFIG_USB_SERIAL_EDGEPORT_TI -* orinoco - CONFIG_ORINOCO_USB -* usbdux - CONFIG_COMEDI_USBDUX -* usbduxfast - CONFIG_COMEDI_USBDUXFAST -* usbduxsigma - CONFIG_COMEDI_USBDUXSIGMA -* s2255drv - CONFIG_USB_S2255 -* ueagle-atm - CONFIG_USB_EAGLEATM -* vt6656 - CONFIG_VT6656 -* ene-ub6250 - CONFIG_USB_STORAGE_ENE_UB6250 -* mxu11x0 - CONFIG_USB_SERIAL_MXUPORT11 -* mxuport - CONFIG_USB_SERIAL_MXUPORT -* xhci-rcar - CONFIG_USB_XHCI_RCAR -* xhci-tegra - CONFIG_USB_XHCI_TEGRA -* atusb - CONFIG_IEEE802154_ATUSB -* pcnet_cs - CONFIG_PCMCIA_PCNET -* 3c589_cs - CONFIG_PCMCIA_3C589 -* 3c574_cs - CONFIG_PCMCIA_3C574 -* serial_cs - CONFIG_SERIAL_8250_CS -* smc91c92_cs - CONFIG_PCMCIA_SMC91C92 -* rp2 - CONFIG_SERIAL_RP2 - -Signed-off-by: Leonard Foerster ---- - LICENCE.agere | 77 ------ - LICENCE.ene_firmware | 14 - - LICENCE.kaweth | 28 -- - LICENCE.moxa | 16 -- - LICENCE.r8a779x_usb3 | 26 -- - LICENCE.ueagle-atm4-firmware | 39 --- - LICENCE.via_vt6656 | 25 -- - WHENCE | 495 ----------------------------------- - 8 files changed, 720 deletions(-) - delete mode 100644 LICENCE.agere - delete mode 100644 LICENCE.ene_firmware - delete mode 100644 LICENCE.kaweth - delete mode 100644 LICENCE.moxa - delete mode 100644 LICENCE.r8a779x_usb3 - delete mode 100644 LICENCE.ueagle-atm4-firmware - delete mode 100644 LICENCE.via_vt6656 - -diff --git a/LICENCE.agere b/LICENCE.agere -deleted file mode 100644 -index c11466c..0000000 ---- a/LICENCE.agere -+++ /dev/null -@@ -1,77 +0,0 @@ --agere_sta_fw.bin -- 9.48 Hermes I --agere_ap_fw.bin -- 9.48 Hermes I -- --The above firmware images were compiled from the Agere linux driver --wl_lkm_718_release.tar.gz, and dumped. The driver is coverred by the --following copyright and software license. -- -- * SOFTWARE LICENSE -- * -- * This software is provided subject to the following terms and conditions, -- * which you should read carefully before using the software. Using this -- * software indicates your acceptance of these terms and conditions. If you do -- * not agree with these terms and conditions, do not use the software. -- * -- * COPYRIGHT © 1994 - 1995 by AT&T. All Rights Reserved -- * COPYRIGHT © 1996 - 2000 by Lucent Technologies. All Rights Reserved -- * COPYRIGHT © 2001 - 2004 by Agere Systems Inc. All Rights Reserved -- * All rights reserved. -- * -- * Redistribution and use in source or binary forms, with or without -- * modifications, are permitted provided that the following conditions are met: -- * -- * . Redistributions of source code must retain the above copyright notice, this -- * list of conditions and the following Disclaimer as comments in the code as -- * well as in the documentation and/or other materials provided with the -- * distribution. -- * -- * . Redistributions in binary form must reproduce the above copyright notice, -- * this list of conditions and the following Disclaimer in the documentation -- * and/or other materials provided with the distribution. -- * -- * . Neither the name of Agere Systems Inc. nor the names of the contributors -- * may be used to endorse or promote products derived from this software -- * without specific prior written permission. -- * -- * Disclaimer -- * -- * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, -- * INCLUDING, BUT NOT LIMITED TO, INFRINGEMENT AND THE IMPLIED WARRANTIES OF -- * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. ANY -- * USE, MODIFICATION OR DISTRIBUTION OF THIS SOFTWARE IS SOLELY AT THE USERS OWN -- * RISK. IN NO EVENT SHALL AGERE SYSTEMS INC. OR CONTRIBUTORS BE LIABLE FOR ANY -- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -- * ON ANY THEORY OF LIABILITY, INCLUDING, BUT NOT LIMITED TO, CONTRACT, STRICT -- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT -- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -- * DAMAGE. -- --The following statement from Agere clarifies the status of the firmware -- ----- --I would like to confirm that the two drivers; Linux LKM Wireless Driver --Source Code, Version 7.18 and Linux LKM Wireless Driver Source Code, --Version 7.22 comply with Open Source BSD License. Therefore the source --code can be distributed in unmodified or modified form consistent with --the terms of the license. -- --The Linux driver architecture was based on two modules, the MSF (Module --specific functions) and the HCF (Hardware Control Functions). Included --in the HCF is run-time firmware (binary format) which is downloaded into --the RAM of the Hermes 1/2/2.5 WMAC. -- --This hex coded firmware is not based on any open source software and --hence it is not subject to any Open Source License. The firmware was --developed by Agere and runs on the DISC processor embedded within the --Hermes 1/2/2.5 Wireless MAC devices. -- --Hope this helps. -- --Sincerely, -- --Viren Pathare --Intellectual Property Licensing Manager --Agere ----- -diff --git a/LICENCE.ene_firmware b/LICENCE.ene_firmware -deleted file mode 100644 -index 08f2b01..0000000 ---- a/LICENCE.ene_firmware -+++ /dev/null -@@ -1,14 +0,0 @@ --copyright (c) 2011, ENE TECHNOLOGY INC. -- --Permission to use, copy, modify, and/or distribute this software for any purpose --with or without fee is hereby granted, provided that the above copyright notice --and this permission notice appear in all copies. -- --THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL --WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT --SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR --CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM --LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, --NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION --WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -diff --git a/LICENCE.kaweth b/LICENCE.kaweth -deleted file mode 100644 -index 75a59c0..0000000 ---- a/LICENCE.kaweth -+++ /dev/null -@@ -1,28 +0,0 @@ --Copyright 1999 Kawasaki LSI. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions --are met: --1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. --2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. --3. All advertising materials mentioning features or use of this software -- must display the following acknowledgement: -- This product includes software developed by Kawasaki LSI. --4. Neither the name of the company nor the names of its contributors -- may be used to endorse or promote products derived from this software -- without specific prior written permission. -- --THIS SOFTWARE IS PROVIDED BY KAWASAKI LSI ``AS IS'' AND ANY EXPRESS OR --IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED --WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE --DISCLAIMED. IN NO EVENT SHALL KAWASAKI LSI BE LIABLE FOR ANY DIRECT, --INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES --(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR --SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) --HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, --STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING --IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE --POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENCE.moxa b/LICENCE.moxa -deleted file mode 100644 -index 120017b..0000000 ---- a/LICENCE.moxa -+++ /dev/null -@@ -1,16 +0,0 @@ --The software accompanying this license statement (the “Software”) --is the property of Moxa Inc. (the “Moxa”), and is protected by --United States and International Copyright Laws and International --treaty provisions. No ownership rights are granted by this --Agreement or possession of the Software. Therefore, you must treat --the Licensed Software like any other copyrighted material. Your --rights and obligations in its use are described as follows: -- --1. You may freely redistribute this software under this license. --2. You may freely download and use this software on Moxa's device. --3. You may not modify or attempt to reverse engineer the software, or -- make any attempt to change or even examine the source code of the -- software. --4. You may not re-license or sub-license the software to any person or -- business, using any other license. --5. Moxa(r) is worldwide registered trademark. -diff --git a/LICENCE.r8a779x_usb3 b/LICENCE.r8a779x_usb3 -deleted file mode 100644 -index e2afcc9..0000000 ---- a/LICENCE.r8a779x_usb3 -+++ /dev/null -@@ -1,26 +0,0 @@ --Copyright (c) 2014, Renesas Electronics Corporation --All rights reserved. -- --Redistribution and use in binary form, without modification, are permitted --provided that the following conditions are met: -- --1. Redistribution in binary form must reproduce the above copyright notice, -- this list of conditions and the following disclaimer in the documentation -- and/or other materials provided with the distribution. --2. The name of Renesas Electronics Corporation may not be used to endorse or -- promote products derived from this software without specific prior written -- permission. --3. Reverse engineering, decompilation, or disassembly of this software is -- not permitted. -- --THIS SOFTWARE IS PROVIDED "AS IS" AND RENESAS ELECTRONICS CORPORATION DISCLAIMS --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED --WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND --NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL RENESAS ELECTRONICS --CORPORATION BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, --OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF --SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS --INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN --CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) --ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE --POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENCE.ueagle-atm4-firmware b/LICENCE.ueagle-atm4-firmware -deleted file mode 100644 -index 333675d..0000000 ---- a/LICENCE.ueagle-atm4-firmware -+++ /dev/null -@@ -1,39 +0,0 @@ --This license applies to eagle4 firmware & DSPcode --namely, the files eagleIV.fw DSP4p.bin* -- --| Copyright (2006) Ikanos Communications, Inc. --| --| Redistribution and use in source and binary forms, with or without --| modification, are permitted provided that the following --| conditions are met: --| --| * Redistribution of source code must retain the above copyright --| notice, this list of conditions and the following disclaimer. --| --| * Redistribution in binary form must reproduce the above --| copyright notice, this list of conditions and the following --| disclaimer in the documentation and/or other materials provided --| with the distribution. --| --| * The name of Ikanos Corporation may not be used to endorse --| or promote products derived from this source code without specific --| prior written consent of Ikanos Corporation. --| --| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS --| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT --| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR --| A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT --| OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, --| SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT --| LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, --| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY --| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT --| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE --| OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --| USER ACKNOWLEDGES AND AGREES THAT THE PURCHASE OR USE OF THIS SOFTWARE WILL --| NOT CREATE OR GIVE GROUNDS FOR A --| LICENSE BY IMPLICATION, ESTOPPEL, OR OTHERWISE IN ANY INTELLECTUAL --| PROPERTY RIGHTS (PATENT, COPYRIGHT, TRADE SECRET, MASK WORK, OR OTHER --| PROPRIETARY RIGHT) EMBODIED IN ANY OTHER IKANOS HARDWARE OR SOFTWARE --| EITHER SOLELY OR IN COMBINATION WITH THIS SOFTWARE. -- -diff --git a/LICENCE.via_vt6656 b/LICENCE.via_vt6656 -deleted file mode 100644 -index f231f98..0000000 ---- a/LICENCE.via_vt6656 -+++ /dev/null -@@ -1,25 +0,0 @@ --The following license applies to the binary-only VT6656 firmware --as contained in the file "vntwusb.fw" --================================================================ --Copyright 1998-2010 VIA Technologies, Inc. All Rights Reserved. -- --Permission is hereby granted, free of charge, to any person --obtaining a copy of this software and associated documentation --files (the "Software"), to deal in the Software without --restriction, including without limitation the rights to use, --copy, modify, merge, publish, distribute, sublicense, and/or sell --copies of the Software, and to permit persons to whom the --Software is furnished to do so, subject to the following --conditions: -- --The above copyright notice and this permission notice shall be --included in all copies or substantial portions of the Software. -- --THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, --EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES --OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND --NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT --HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, --WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING --FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR --OTHER DEALINGS IN THE SOFTWARE. -diff --git a/WHENCE b/WHENCE -index bf5204f..2ed9e9a 100644 ---- a/WHENCE -+++ b/WHENCE -@@ -8,226 +8,6 @@ kernel. - - -------------------------------------------------------------------------- - --Driver: kaweth -- USB KLSI KL5USB101-based Ethernet device -- --File: kaweth/new_code.bin --File: kaweth/new_code_fix.bin --File: kaweth/trigger_code.bin --File: kaweth/trigger_code_fix.bin -- --Licence: Redistributable. See LICENCE.kaweth for details -- --Found in hex form in the kernel source. -- ---------------------------------------------------------------------------- -- --Driver: keyspan -- USB Keyspan USA-xxx serial device -- --File: keyspan/mpr.fw --File: keyspan/usa18x.fw --File: keyspan/usa19.fw --File: keyspan/usa19qi.fw --File: keyspan/usa19qw.fw --File: keyspan/usa19w.fw --File: keyspan/usa28.fw --File: keyspan/usa28xa.fw --File: keyspan/usa28xb.fw --File: keyspan/usa28x.fw --File: keyspan/usa49w.fw --File: keyspan/usa49wlc.fw -- --Converted from Intel HEX files, used in our binary representation of ihex. -- --Original licence information: -- -- Copyright (C) 1999-2001 -- Keyspan, A division of InnoSys Incorporated ("Keyspan") -- -- as an unpublished work. This notice does not imply unrestricted or -- public access to the source code from which this firmware image is -- derived. Except as noted below this firmware image may not be -- reproduced, used, sold or transferred to any third party without -- Keyspan's prior written consent. All Rights Reserved. -- -- Permission is hereby granted for the distribution of this firmware -- image as part of a Linux or other Open Source operating system kernel -- in text or binary form as required. -- -- This firmware may not be modified and may only be used with -- Keyspan hardware. Distribution and/or Modification of the -- keyspan.c driver which includes this firmware, in whole or in -- part, requires the inclusion of this statement." -- ---------------------------------------------------------------------------- -- --Driver: keyspan_pda -- USB Keyspan PDA single-port serial device -- --File: keyspan_pda/keyspan_pda.fw --Source: keyspan_pda/keyspan_pda.S -- --File: keyspan_pda/xircom_pgs.fw --Source: keyspan_pda/xircom_pgs.S -- --Source: keyspan_pda/Makefile -- --Licence: GPLv2 or later. See GPL-2 and GPL-3 for details. -- --Compiled from original 8051 source into Intel HEX, used in our binary ihex form. -- ---------------------------------------------------------------------------- -- --Driver: emi26 -- EMI 2|6 USB Audio interface -- --File: emi26/bitstream.fw --Version: 1.1.1.131 --Info: DATE=2001dec06 -- --File: emi26/firmware.fw --Version: 1.0.2.916 --Info: DATE=12.02.2002 -- --File: emi26/loader.fw -- --Converted from Intel HEX files, used in our binary representation of ihex. -- --Original licence information: --/* -- * This firmware is for the Emagic EMI 2|6 Audio Interface -- * -- * The firmware contained herein is Copyright (c) 1999-2002 Emagic -- * as an unpublished work. This notice does not imply unrestricted -- * or public access to this firmware which is a trade secret of Emagic, -- * and which may not be reproduced, used, sold or transferred to -- * any third party without Emagic's written consent. All Rights Reserved. -- * -- * Permission is hereby granted for the distribution of this firmware -- * image as part of a Linux or other Open Source operating system kernel -- * in text or binary form as required. -- * -- * This firmware may not be modified and may only be used with the -- * Emagic EMI 2|6 Audio Interface. Distribution and/or Modification of -- * any driver which includes this firmware, in whole or in part, -- * requires the inclusion of this statement. -- */ -- ---------------------------------------------------------------------------- -- --Driver: emi62 -- EMI 6|2m USB Audio interface -- --File: emi62/bitstream.fw --Version: 1.0.0.191 --Info: DATE= 2002oct28 -- --File: emi62/loader.fw --Version: 1.0.2.002 --Info: DATE=10.01.2002 -- --File: emi62/midi.fw --Version: 1.04.062 --Info: DATE=16.10.2002 -- --File: emi62/spdif.fw --Version: 1.04.062 --Info: DATE=16.10.2002 -- --Converted from Intel HEX files, used in our binary representation of ihex. -- --Original licence information: None -- ---------------------------------------------------------------------------- -- --Driver: ti_usb_3410_5052 -- USB TI 3410/5052 serial device -- --File: ti_3410.fw --Info: firmware 9/10/04 FW3410_Special_StartWdogOnStartPort -- --File: ti_5052.fw --Info: firmware 9/18/04 -- --Licence: Allegedly GPLv2+, but no source visible. Marked: -- Copyright (C) 2004 Texas Instruments -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: ti_usb_3410_5052 -- Multi-Tech USB cell modems -- --File: mts_cdma.fw --File: mts_gsm.fw --File: mts_edge.fw -- --Licence: "all firmware components are redistributable in binary form" -- per support@multitech.com -- Copyright (C) 2005 Multi-Tech Systems, Inc. -- --Found in hex form in ftp://ftp.multitech.com/wireless/wireless_linux.zip -- ---------------------------------------------------------------------------- -- --Driver: ti_usb_3410_5052 -- Multi-Tech USB fax modems -- --File: mts_mt9234mu.fw --File: mts_mt9234zba.fw -- --Licence: Unknown -- ---------------------------------------------------------------------------- -- --Driver: whiteheat -- USB ConnectTech WhiteHEAT serial device -- --File: whiteheat.fw --Version: 4.06 -- --File: whiteheat_loader.fw -- --Licence: Allegedly GPLv2, but no source visible. Marked: -- Copyright (C) 2000-2002 ConnectTech Inc -- --Debug loader claims the following behaviour: -- Port 1 LED flashes when the vend_ax program is running -- Port 2 LED flashes when any SETUP command arrives -- Port 3 LED flashes when any valid VENDOR request occurs -- Port 4 LED flashes when the EXTERNAL RAM DOWNLOAD request occurs -- --Converted from Intel HEX files, used in our binary representation of ihex. -- ---------------------------------------------------------------------------- -- --Driver: io_edgeport - USB Inside Out Edgeport Serial Driver -- --File: edgeport/boot.fw --File: edgeport/boot2.fw --File: edgeport/down.fw --File: edgeport/down2.fw -- --Licence: Allegedly GPLv2+, but no source visible. Marked: --//************************************************************** --//* Edgeport/4 Binary Image --//* Generated by HEX2C v1.06 --//* Copyright (C) 1998 Inside Out Networks, All rights reserved. --//************************************************************** -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: io_ti - USB Inside Out Edgeport Serial Driver --(TI Devices) -- --File: edgeport/down3.bin -- --Licence: --//************************************************************** --//* Edgeport Binary Image (for TI based products) --//* Generated by TIBin2C v2.00 (watchport) --//* Copyright (C) 2001 Inside Out Networks, All rights reserved. --//************************************************************** -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: dsp56k - Atari DSP56k support - - File: dsp56k/bootstrap.bin -@@ -242,17 +22,6 @@ http://www.zdomain.com/a56.html - - -------------------------------------------------------------------------- - --Driver: orinoco - Agere/Prism/Symbol Orinoco support -- --File: agere_sta_fw.bin --Version: 9.48 Hermes I --File: agere_ap_fw.bin --Version: 9.48 Hermes I -- --Licence: Redistributable. See LICENCE.agere for details -- ---------------------------------------------------------------------------- -- - Driver: cassini - Sun Cassini - - File: sun/cassini.bin -@@ -503,90 +272,6 @@ Found in hex form in kernel source. - - -------------------------------------------------------------------------- - --Driver: pcnet_cs - NE2000 compatible PCMCIA adapter -- --File: cis/LA-PCM.cis --File: cis/PCMLM28.cis --File: cis/DP83903.cis --File: cis/NE2K.cis --File: cis/tamarack.cis --File: cis/PE-200.cis --File: cis/PE520.cis --Source: cis/ -- --Licence: Dual GPLv2/MPL -- --Originally developed by the pcmcia-cs project --Copyright (C) 1998, 1999, 2000 David A. Hinds -- ---------------------------------------------------------------------------- -- --Driver: 3c589_cs - 3Com PCMCIA adapter -- --File: cis/3CXEM556.cis --Source: cis/src/3CXEM556.cis -- --Licence: Dual GPLv2/MPL -- --Originally developed by the pcmcia-cs project --Copyright (C) 1998, 1999, 2000 David A. Hinds -- ---------------------------------------------------------------------------- -- --Driver: 3c574_cs - 3Com PCMCIA adapter -- --File: cis/3CCFEM556.cis --Source: cis/src/3CCFEM556.cis -- --Licence: Dual GPLv2/MPL -- --Originally developed by the pcmcia-cs project --Copyright (C) 1998, 1999, 2000 David A. Hinds -- ---------------------------------------------------------------------------- -- --Driver: serial_cs - Serial PCMCIA adapter -- --File: cis/MT5634ZLX.cis --File: cis/RS-COM-2P.cis --File: cis/COMpad2.cis --File: cis/COMpad4.cis --Source: cis/src/MT5634ZLX.cis --Source: cis/src/RS-COM-2P.cis --Source: cis/src/COMpad2.cis --Source: cis/src/COMpad4.cis -- --Licence: Dual GPLv2/MPL -- --Originally developed by the pcmcia-cs project --Copyright (C) 1998, 1999, 2000 David A. Hinds -- ---------------------------------------------------------------------------- -- --Driver: serial_cs - Serial PCMCIA adapter -- --File: cis/SW_555_SER.cis --File: cis/SW_7xx_SER.cis --File: cis/SW_8xx_SER.cis -- --Licence: GPLv3. See GPL-3 for details. -- --Copyright Sierra Wireless -- ---------------------------------------------------------------------------- -- --Driver: smc91c92_cs - SMC 91Cxx PCMCIA -- --File: ositech/Xilinx7OD.bin -- --Licence: Allegedly GPL, but no source visible. Marked: -- This file contains the firmware of Seven of Diamonds from OSITECH. -- (Special thanks to Kevin MacPherson of OSITECH) -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: myri_sbus - MyriCOM Gigabit Ethernet - - File: myricom/lanai.bin -@@ -660,19 +345,6 @@ Available from http://ldriver.qlogic.com/firmware/netxen_nic/new/ - - -------------------------------------------------------------------------- - --Driver: usbdux/usbduxfast/usbduxsigma - usbdux data acquisition cards -- --File: usbdux_firmware.bin --File: usbduxfast_firmware.bin --File: usbduxsigma_firmware.bin --Source: usbdux/ -- --Licence: GPLv2. See GPL-2 for details. -- --Provided from the author, Bernd Porr -- ---------------------------------------------------------------------------- -- - Driver: mga - Matrox G200/G400/G550 - - File: matrox/g200_warp.fw -@@ -1571,23 +1243,6 @@ Licence: Redistributable. See LICENSE.amdgpu for details. - - -------------------------------------------------------------------------- - --Driver: s2255drv -- --File: f2255usb.bin --Version: 1.2.8 -- --Licence: Redistributable. -- -- Sensoray grants permission to use and redistribute these firmware -- files for use with Sensoray devices, but not as a part of the Linux -- kernel or in any other form which would require these files themselves -- to be covered by the terms of the GNU General Public License. -- These firmware files are distributed in the hope that they will be -- useful, but WITHOUT ANY WARRANTY; without even the implied warranty -- of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -- ---------------------------------------------------------------------------- -- - Driver: ib_qib - QLogic Infiniband - - File: qlogic/sd7220.fw -@@ -1662,47 +1317,6 @@ Licence: - - -------------------------------------------------------------------------- - --Driver: ueagle-atm - Driver for USB ADSL Modems based on Eagle IV Chipset -- --File: ueagle-atm/CMV4p.bin.v2 --File: ueagle-atm/DSP4p.bin --File: ueagle-atm/eagleIV.fw --Version: 1.0 -- --Licence: Redistributable. See LICENCE.ueagle-atm4-firmware for details -- ---------------------------------------------------------------------------- -- --Driver: ueagle-atm - Driver for USB ADSL Modems based on Eagle I,II,III -- --File: ueagle-atm/930-fpga.bin --File: ueagle-atm/CMVeiWO.bin --File: ueagle-atm/CMVepFR10.bin --File: ueagle-atm/DSP9p.bin --File: ueagle-atm/eagleIII.fw --File: ueagle-atm/adi930.fw --File: ueagle-atm/CMVep.bin --File: ueagle-atm/CMVepFR.bin --File: ueagle-atm/DSPei.bin --File: ueagle-atm/CMV9i.bin --File: ueagle-atm/CMVepES03.bin --File: ueagle-atm/CMVepIT.bin --File: ueagle-atm/DSPep.bin --File: ueagle-atm/CMV9p.bin --File: ueagle-atm/CMVepES.bin --File: ueagle-atm/CMVepWO.bin --File: ueagle-atm/eagleI.fw --File: ueagle-atm/CMVei.bin --File: ueagle-atm/CMVepFR04.bin --File: ueagle-atm/DSP9i.bin --File: ueagle-atm/eagleII.fw --Version: 1.1 -- --Licence: Redistributable. Based on -- https://mail.gna.org/public/eagleusb-dev/2004-11/msg00172.html -- ---------------------------------------------------------------------------- -- - Driver: vxge - Exar X3100 Series 10GbE PCIe I/O Virtualized Server Adapter - - File: vxge/X3fw.ncf -@@ -1720,14 +1334,6 @@ Licence: - - -------------------------------------------------------------------------- - --Driver: vt6656 - VIA VT6656 USB wireless driver -- --File: vntwusb.fw -- --Licence: Redistributable. See LICENCE.via_vt6656 for details. -- ---------------------------------------------------------------------------- -- - Driver: myri10ge - Myri10GE 10GbE NIC driver - - File: myri10ge_eth_z8e.dat -@@ -1742,37 +1348,6 @@ Version: 1.4.57 - - License: Redistributable. See LICENCE.myri10ge_firmware for details. - ---------------------------------------------------------------------------- --Driver: ene-ub6250 -- ENE UB6250 SD card reader driver -- --File: ene-ub6250/sd_init1.bin --File: ene-ub6250/sd_init2.bin --File: ene-ub6250/sd_rdwr.bin --File: ene-ub6250/ms_init.bin --File: ene-ub6250/msp_rdwr.bin --File: ene-ub6250/ms_rdwr.bin -- --Licence: Redistributable. See LICENCE.ene_firmware for details. -- ---------------------------------------------------------------------------- -- --Driver: rp2 -- Comtrol RocketPort 2 serial driver -- --File: rp2.fw -- --Licence: Redistributable. -- --Copyright (C) 2013 Comtrol Corporation -- --Comtrol grants permission to use and redistribute these firmware --files for use with Comtrol devices, but not as part of the Linux --kernel or in any other form which would require these files themselves --to be covered by the terms of the GNU General Public License. -- --These firmware files are distributed in the hope that they will be --useful, but WITHOUT ANY WARRANTY; without even the implied warranty --of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -- - -------------------------------------------------------------------------- - - Driver: ccp - Platform Security Processor (PSP) device -@@ -1811,34 +1386,6 @@ License: Redistributable. See LICENSE.amd-ucode for details - - -------------------------------------------------------------------------- - --Driver: mxu11x0 - MOXA UPort 11x0 USB Serial hub driver -- --File: moxa/moxa-1110.fw --File: moxa/moxa-1130.fw --File: moxa/moxa-1131.fw --File: moxa/moxa-1150.fw --File: moxa/moxa-1151.fw -- --License: Redistributable. See LICENCE.moxa for details -- ---------------------------------------------------------------------------- -- --Driver: mxuport - MOXA UPort USB Serial hub driver -- --File: moxa/moxa-1250.fw --File: moxa/moxa-1251.fw --File: moxa/moxa-1410.fw --File: moxa/moxa-1450.fw --File: moxa/moxa-1451.fw --File: moxa/moxa-1613.fw --File: moxa/moxa-1618.fw --File: moxa/moxa-1653.fw --File: moxa/moxa-1658.fw -- --License: Redistributable. See LICENCE.moxa for details -- ---------------------------------------------------------------------------- -- - Driver: qat - Intel(R) QAT crypto accelerator - - File: qat_895xcc.bin -@@ -1855,48 +1402,6 @@ Licence: Redistributable. See LICENCE.qat_firmware for details - - -------------------------------------------------------------------------- - --Driver: xhci-rcar -- Renesas R-Car Gen2/3 USB 3.0 host controller driver -- --File: r8a779x_usb3_v1.dlmem --File: r8a779x_usb3_v2.dlmem --File: r8a779x_usb3_v3.dlmem -- --Licence: Redistributable. See LICENCE.r8a779x_usb3 for details. -- ---------------------------------------------------------------------------- -- --Driver: xhci-tegra -- NVIDIA Tegra XHCI driver -- --File: nvidia/tegra124/xusb.bin --Version: v45.46 -- --File: nvidia/tegra210/xusb.bin --Version: v50.24 -- --File: nvidia/tegra186/xusb.bin --Version: v55.15 -- --File: nvidia/tegra194/xusb.bin --Version: v60.06 -- --Licence: Redistributable. See LICENCE.nvidia for details -- ---------------------------------------------------------------------------- -- --Driver: atusb - ATUSB IEEE 802.15.4 transceiver driver -- --File: atusb/atusb-0.2.dfu --Version: 0.2 --File: atusb/atusb-0.3.dfu --Version: 0.3 --File: atusb/rzusb-0.3.bin --Version: 0.3 --Info: atusb/ChangeLog -- --Licence: GPLv2 or later. See GPL-2 and GPL-3 for details. -- ---------------------------------------------------------------------------- -- - Driver: liquidio -- Cavium LiquidIO driver - - File: liquidio/lio_23xx_nic.bin --- -2.40.1 - diff --git a/packages/linux-firmware/0006-linux-firmware-ethernet-Remove-firmware-for-ethernet.patch b/packages/linux-firmware/0006-linux-firmware-ethernet-Remove-firmware-for-ethernet.patch deleted file mode 100644 index d5bdb1242f5..00000000000 --- a/packages/linux-firmware/0006-linux-firmware-ethernet-Remove-firmware-for-ethernet.patch +++ /dev/null @@ -1,539 +0,0 @@ -From 138cb336108faab12961813bdf7ccc1ae4e1822b Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Wed, 26 Jul 2023 08:40:14 +0000 -Subject: [PATCH] linux-firmware: ethernet: Remove firmware for ethernet/IB - devices - -Bottlerocket does not ship drivers for older network equipment. Without -the drivers shipping the firmware for thesde devices does not make -sense. Drop the firmware to reduce image size. - -The following list maps driver names as specified in WHENCE to kernel -config options enabling the driver. This way we can easily decide if we -need to add firmware back into the package when we enable new drivers. - -* cassini - CONFIG_CASSINI -* slicoss - CONFIG_SLICOSS -* sxg - CONFIG_SXG -* cxgb3 - CONFIG_CHELSIO_T3 -* e100 - CONFIG_E100 -* acenic - CONFIG_ACENIC -* tehuti - CONFIG_TEHUTI -* bnx2 - CONFIG_BNX2 -* ib_qib - CONFIG_INFINIBAND_QIB -* myri_sbus - CONFIG_MYRI_SBUS (dropped upstream after 3.0) -* hfi1 - CONFIG_INFINIBAND_HFI1 -* starfire - CONFIG_ADAPTEC_STARFIRE -* typhoon - CONFIG_TYPHOON -* vxge - CONFIG_VXGE -* mscc-phy - CONFIG_MICROSEMI_PHY - -Signed-off-by: Leonard Foerster ---- - LICENCE.e100 | 28 ---- - LICENCE.microchip | 40 ------ - LICENSE.hfi1_firmware | 39 ------ - WHENCE | 303 ------------------------------------------ - 4 files changed, 410 deletions(-) - delete mode 100644 LICENCE.e100 - delete mode 100644 LICENCE.microchip - delete mode 100644 LICENSE.hfi1_firmware - -diff --git a/LICENCE.e100 b/LICENCE.e100 -deleted file mode 100644 -index 0553817..0000000 ---- a/LICENCE.e100 -+++ /dev/null -@@ -1,28 +0,0 @@ --Copyright (c) 1999-2001, Intel Corporation -- --All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions are met: -- -- 1. Redistributions of source code must retain the above copyright notice, -- this list of conditions and the following disclaimer. -- -- 2. Redistributions in binary form must reproduce the above copyright notice, -- this list of conditions and the following disclaimer in the documentation -- and/or other materials provided with the distribution. -- -- 3. Neither the name of Intel Corporation nor the names of its contributors -- may be used to endorse or promote products derived from this software -- without specific prior written permission. -- --THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' --AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE --DISCLAIMED. IN NO EVENT SHALL CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT --LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR --PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF --LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING --NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, --EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENCE.microchip b/LICENCE.microchip -deleted file mode 100644 -index f270c99..0000000 ---- a/LICENCE.microchip -+++ /dev/null -@@ -1,40 +0,0 @@ --Copyright (C) 2018 Microchip Technology Incorporated and its subsidiaries. --All rights reserved. -- --REDISTRIBUTION: Permission is hereby granted by Microchip Technology --Incorporated (Microchip), free of any license fees, to any person obtaining a --copy of this firmware (the "Software"), to install, reproduce, copy and --distribute copies, in binary form, hexadecimal or equivalent formats only, the --Software and to permit persons to whom the Software is provided to do the same, --subject to the following conditions: -- --* Any redistribution of the Software must reproduce the above copyright notice, -- this license notice, and the following disclaimers and notices in the -- documentation and/or other materials provided with the Software. -- --* Neither the name of Microchip, its products nor the names of its suppliers -- may be used to endorse or promote products derived from this Software without -- specific prior written permission. -- --* No reverse engineering, decompilation, or disassembly of this Software is -- permitted. -- --Limited patent license. Microchip grants a world-wide, royalty-free, --non-exclusive, revocable license under any patents that it now has or hereafter --may have, own or control related to the Software to make, have made, use, --import, offer to sell and sell ("Utilize") this Software, but solely to the --extent that any such patent is necessary to Utilize the Software in conjunction --with Microchip processors. The patent license shall not apply to any other --combinations which include this Software nor to any other Microchip patents or --patent rights. No hardware per se is licensed hereunder. -- --DISCLAIMER: THIS SOFTWARE IS PROVIDED BY MICROCHIP "AS IS" AND ANY EXPRESS OR --IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF --MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE --DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT --LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR --PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF --LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE --OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF --ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENSE.hfi1_firmware b/LICENSE.hfi1_firmware -deleted file mode 100644 -index 01f0932..0000000 ---- a/LICENSE.hfi1_firmware -+++ /dev/null -@@ -1,39 +0,0 @@ --Copyright (c) 2015, Intel Corporation. --All rights reserved. -- --Redistribution. -- --Redistribution and use in binary form, without modification, are permitted --provided that the following conditions are met: --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials provided -- with the distribution. --* Neither the name of Intel Corporation nor the names of its suppliers may -- be used to endorse or promote products derived from this software without -- specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software is -- permitted. -- --Limited patent license. -- --Intel Corporation grants a world-wide, royalty-free, non-exclusive license --under patents it now or hereafter owns or controls to make, have made, use, --import, offer to sell and sell (“Utilize”) this software, but solely to the --extent that any such patent is necessary to Utilize the software alone. The --patent license shall not apply to any combinations which include this software. --No hardware per se is licensed hereunder. -- -- --DISCLAIMER. -- --THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED --WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE --DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR --ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES --(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; --LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON --ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT --(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS --SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- -diff --git a/WHENCE b/WHENCE -index 2ed9e9a..f6b0299 100644 ---- a/WHENCE -+++ b/WHENCE -@@ -22,98 +22,6 @@ http://www.zdomain.com/a56.html - - -------------------------------------------------------------------------- - --Driver: cassini - Sun Cassini -- --File: sun/cassini.bin -- --Licence: Unknown -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: slicoss - Alacritech IS-NIC products -- --File: slicoss/gbdownload.sys --File: slicoss/gbrcvucode.sys --File: slicoss/oasisdbgdownload.sys --File: slicoss/oasisdownload.sys --File: slicoss/oasisrcvucode.sys -- --Licence: -- Copyright (C) 1999-2009 Alacritech, Inc. -- -- as an unpublished work. This notice does not imply unrestricted or -- public access to the source code from which this firmware image is -- derived. Except as noted below this firmware image may not be -- reproduced, used, sold or transferred to any third party without -- Alacritech's prior written consent. All Rights Reserved. -- -- Permission is hereby granted for the distribution of this firmware -- image as part of a Linux or other Open Source operating system kernel -- in text or binary form as required. -- -- This firmware may not be modified. -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: sxg - Alacritech IS-NIC products -- --File: sxg/saharadownloadB.sys --File: sxg/saharadbgdownloadB.sys -- --Licence: -- Copyright (C) 1999-2009 Alacritech, Inc. -- -- as an unpublished work. This notice does not imply unrestricted or -- public access to the source code from which this firmware image is -- derived. Except as noted below this firmware image may not be -- reproduced, used, sold or transferred to any third party without -- Alacritech's prior written consent. All Rights Reserved. -- -- Permission is hereby granted for the distribution of this firmware -- image as part of a Linux or other Open Source operating system kernel -- in text or binary form as required. -- -- This firmware may not be modified. -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: cxgb3 - Chelsio Terminator 3 1G/10G Ethernet adapter -- --File: cxgb3/t3b_psram-1.1.0.bin --File: cxgb3/t3c_psram-1.1.0.bin --File: cxgb3/t3fw-7.0.0.bin --File: cxgb3/t3fw-7.1.0.bin --File: cxgb3/t3fw-7.4.0.bin --File: cxgb3/t3fw-7.10.0.bin --File: cxgb3/t3fw-7.12.0.bin -- --Licence: GPLv2 or OpenIB.org BSD license, no source visible -- ---------------------------------------------------------------------------- -- --Driver: cxgb3 - Chelsio Terminator 3 1G/10G Ethernet adapter -- --File: cxgb3/ael2005_opt_edc.bin --File: cxgb3/ael2005_twx_edc.bin --File: cxgb3/ael2020_twx_edc.bin -- --Licence: -- * Copyright (c) 2007-2009 NetLogic Microsystems, Inc. -- * -- * Permission is hereby granted for the distribution of this firmware -- * data in hexadecimal or equivalent format, provided this copyright -- * notice is accompanying it. -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: cxgb4 - Chelsio Terminator 4/5/6 1/10/25/40/100G Ethernet adapter - - File: cxgb4/t4fw-1.14.4.0.bin -@@ -141,28 +49,6 @@ Licence: Redistributable. See LICENCE.chelsio_firmware for details - - -------------------------------------------------------------------------- - --Driver: e100 -- Intel PRO/100 Ethernet NIC -- --File: e100/d101m_ucode.bin --File: e100/d101s_ucode.bin --File: e100/d102e_ucode.bin -- --Licence: Redistributable. See LICENCE.e100 for details -- ---------------------------------------------------------------------------- -- --Driver: acenic -- Alteon AceNIC Gigabit Ethernet card -- --File: acenic/tg1.bin --File: acenic/tg2.bin -- --Licence: Unknown -- --Found in hex form in kernel source, but source allegedly available at --http://alteon.shareable.org/ -- ---------------------------------------------------------------------------- -- - Driver: tg3 -- Broadcom Tigon3 based gigabit Ethernet cards - - File: tigon/tg3.bin -@@ -183,83 +69,6 @@ Found in hex form in kernel source. - - -------------------------------------------------------------------------- - --Driver: starfire - Adaptec Starfire/DuraLAN support -- --File: adaptec/starfire_rx.bin --File: adaptec/starfire_tx.bin -- --Licence: Allegedly GPLv2, but no source visible. -- --Found in hex form in kernel source, with the following notice: -- -- BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE IT IS LICENSED "AS IS" AND -- THERE IS NO WARRANTY FOR THE PROGRAM, INCLUDING BUT NOT LIMITED TO THE -- IMPLIED WARRANTIES OF MERCHANTIBILITY OR FITNESS FOR A PARTICULAR PURPOSE -- (TO THE EXTENT PERMITTED BY APPLICABLE LAW). USE OF THE PROGRAM IS AT YOUR -- OWN RISK. IN NO EVENT WILL ADAPTEC OR ITS LICENSORS BE LIABLE TO YOU FOR -- DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES -- ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM. -- ---------------------------------------------------------------------------- -- --Driver: tehuti - Tehuti Networks 10G Ethernet -- --File: tehuti/bdx.bin -- --Licence: -- -- Copyright (C) 2007 Tehuti Networks Ltd. -- -- Permission is hereby granted for the distribution of this firmware data -- in hexadecimal or equivalent format, provided this copyright notice is -- accompanying it. -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: typhoon - 3cr990 series Typhoon -- --File: 3com/typhoon.bin -- --Licence: --/* -- * Copyright 1999-2004 3Com Corporation. All Rights Reserved. -- * -- * Redistribution and use in source and binary forms of the 3c990img.h -- * microcode software are permitted provided that the following conditions -- * are met: -- * 1. Redistribution of source code must retain the above copyright -- * notice, this list of conditions and the following disclaimer. -- * 2. Redistribution in binary form must reproduce the above copyright -- * notice, this list of conditions and the following disclaimer in the -- * documentation and/or other materials provided with the distribution. -- * 3. The name of 3Com may not be used to endorse or promote products -- * derived from this software without specific prior written permission -- * -- * THIS SOFTWARE IS PROVIDED BY 3COM ``AS IS'' AND ANY EXPRESS OR -- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- * -- * USER ACKNOWLEDGES AND AGREES THAT PURCHASE OR USE OF THE 3c990img.h -- * MICROCODE SOFTWARE WILL NOT CREATE OR GIVE GROUNDS FOR A LICENSE BY -- * IMPLICATION, ESTOPPEL, OR OTHERWISE IN ANY INTELLECTUAL PROPERTY RIGHTS -- * (PATENT, COPYRIGHT, TRADE SECRET, MASK WORK, OR OTHER PROPRIETARY RIGHT) -- * EMBODIED IN ANY OTHER 3COM HARDWARE OR SOFTWARE EITHER SOLELY OR IN -- * COMBINATION WITH THE 3c990img.h MICROCODE SOFTWARE -- */ -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: yam - YAM driver for AX.25 - - File: yam/1200.bin -@@ -272,16 +81,6 @@ Found in hex form in kernel source. - - -------------------------------------------------------------------------- - --Driver: myri_sbus - MyriCOM Gigabit Ethernet -- --File: myricom/lanai.bin -- --Licence: Unknown -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: bnx2x: Broadcom Everest - - File: bnx2x/bnx2x-e1-7.13.1.0.fw -@@ -313,27 +112,6 @@ Found in hex form in kernel source. - - -------------------------------------------------------------------------- - --Driver: bnx2 - Broadcom NetXtremeII -- --File: bnx2/bnx2-mips-06-6.2.3.fw --File: bnx2/bnx2-mips-09-6.2.1b.fw --File: bnx2/bnx2-rv2p-06-6.0.15.fw --File: bnx2/bnx2-rv2p-09-6.0.17.fw --File: bnx2/bnx2-rv2p-09ax-6.0.17.fw -- --Licence: -- -- This file contains firmware data derived from proprietary unpublished -- source code, Copyright (c) 2004 - 2010 Broadcom Corporation. -- -- Permission is hereby granted for the distribution of this firmware data -- in hexadecimal or equivalent format, provided this copyright notice is -- accompanying it. -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: netxen_nic - NetXen Multi port (1/10) Gigabit Ethernet NIC - - File: phanfw.bin -@@ -1243,46 +1021,6 @@ Licence: Redistributable. See LICENSE.amdgpu for details. - - -------------------------------------------------------------------------- - --Driver: ib_qib - QLogic Infiniband -- --File: qlogic/sd7220.fw -- --Licence: -- -- * Copyright (c) 2007, 2008 QLogic Corporation. All rights reserved. -- * -- * This software is available to you under a choice of one of two -- * licenses. You may choose to be licensed under the terms of the GNU -- * General Public License (GPL) Version 2, available from the file -- * COPYING in the main directory of this source tree, or the -- * OpenIB.org BSD license below: -- * -- * Redistribution and use in source and binary forms, with or -- * without modification, are permitted provided that the following -- * conditions are met: -- * -- * - Redistributions of source code must retain the above -- * copyright notice, this list of conditions and the following -- * disclaimer. -- * -- * - Redistributions in binary form must reproduce the above -- * copyright notice, this list of conditions and the following -- * disclaimer in the documentation and/or other materials -- * provided with the distribution. -- * -- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS -- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN -- * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -- * SOFTWARE. -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: qed - QLogic 4xxxx Ethernet Driver Core Module. - - File: qed/qed_init_values_zipped-8.4.2.0.bin -@@ -1317,23 +1055,6 @@ Licence: - - -------------------------------------------------------------------------- - --Driver: vxge - Exar X3100 Series 10GbE PCIe I/O Virtualized Server Adapter -- --File: vxge/X3fw.ncf --File: vxge/X3fw-pxe.ncf --Version: 1.8.1 -- --Licence: -- -- This file contains firmware data derived from proprietary unpublished -- source code, Copyright (c) 2010 Exar Corporation. -- -- Permission is hereby granted for the distribution of this firmware data -- in hexadecimal or equivalent format, provided this copyright notice is -- accompanying it. -- ---------------------------------------------------------------------------- -- - Driver: myri10ge - Myri10GE 10GbE NIC driver - - File: myri10ge_eth_z8e.dat -@@ -2215,21 +1936,6 @@ Licence: Redistributable. See LICENCE.nvidia for details - - -------------------------------------------------------------------------- - --Driver: hfi1 - Intel OPA Gen 1 adapter -- --File: hfi1_dc8051.fw --Version: 1.27.0 --File: hfi1_fabric.fw --Version: 0x1055 --File: hfi1_pcie.fw --Version: 0x4755 --File: hfi1_sbus.fw --Version: 0x10130001 -- --Licence: Redistributable. See LICENSE.hfi1_firmware for details -- ---------------------------------------------------------------------------- -- - Driver: knav_qmss_queue - TI Keystone 2 QMSS driver - - File: ti-keystone/ks2_qmss_pdsp_acc48_k2_le_1_0_0_9.bin -@@ -2527,15 +2233,6 @@ Licence: Redistributable. See LICENSE.nxp_mc_firmware for details - - -------------------------------------------------------------------------- - --Driver: mscc-phy - Microchip PHY drivers -- --File: microchip/mscc_vsc8574_revb_int8051_29e8.bin --File: microchip/mscc_vsc8584_revb_int8051_fb48.bin -- --Licence: Redistributable. See LICENCE.microchip for details -- ---------------------------------------------------------------------------- -- - Driver: ice - Intel(R) Ethernet Connection E800 Series - - File: intel/ice/ddp/ice-1.3.30.0.pkg --- -2.40.1 - diff --git a/packages/linux-firmware/0007-linux-firmware-Remove-firmware-for-Accelarator-devic.patch b/packages/linux-firmware/0007-linux-firmware-Remove-firmware-for-Accelarator-devic.patch deleted file mode 100644 index 15bec9379fa..00000000000 --- a/packages/linux-firmware/0007-linux-firmware-Remove-firmware-for-Accelarator-devic.patch +++ /dev/null @@ -1,836 +0,0 @@ -From eaa004914098930239abf2f3c2e9f4acc79c10b0 Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Wed, 26 Jul 2023 11:06:45 +0000 -Subject: [PATCH] linux-firmware: Remove firmware for Accelarator devices - -Bottlerocket does not ship drivers for specialty accelarator hardware. -Without those drivers the firmware is of no use. Drop the firmware from -our images to reduce image size. - -The following list maps the driver names as specified in WHENCE to -kernel config options. This creates an easy reference should we need to -ship addiitonal firmware when adding drivers. - -* rvu_cptpf - CONFIG_CRYPTO_DEV_OCTEONTX_CPT && - CONFIG_CRYPTO_DEV_OCTEONTX2_CPT -* ccp - CONFIG_CRYPTO_DEV_CCP -* qat - CONFIG_CRYPTO_DEV_QAT -* liquidio - CONFIG_LIQUIDIO -* nitrox - CONFIG_NITROX -* knav_qmss_queue - CONFIG_KEYSTONE_NAVIGATOR_QMSS -* nfp - CONFIG_NFP -* fsl_mc bus - CONFIG_FSL_MC_BUS -* inside-secure - CONFIG_CRYPTO_DEV_SAFEXCEL - -Signed-off-by: Leonard Foerster ---- - LICENCE.Netronome | 65 ------------ - LICENCE.cavium | 59 ----------- - LICENCE.cavium_liquidio | 68 ------------- - LICENCE.qat_firmware | 36 ------- - LICENCE.ti-keystone | 61 ----------- - LICENSE.amd-sev | 64 ------------ - LICENSE.nxp_mc_firmware | 127 ----------------------- - WHENCE | 218 ---------------------------------------- - 8 files changed, 698 deletions(-) - delete mode 100644 LICENCE.Netronome - delete mode 100644 LICENCE.cavium - delete mode 100644 LICENCE.cavium_liquidio - delete mode 100644 LICENCE.qat_firmware - delete mode 100644 LICENCE.ti-keystone - delete mode 100644 LICENSE.amd-sev - delete mode 100644 LICENSE.nxp_mc_firmware - -diff --git a/LICENCE.Netronome b/LICENCE.Netronome -deleted file mode 100644 -index 1ed7a7c..0000000 ---- a/LICENCE.Netronome -+++ /dev/null -@@ -1,65 +0,0 @@ --Copyright (c) 2017, NETRONOME Systems, Inc. All rights reserved. -- --Agilio(r) Firmware License Agreement (the "AGREEMENT") -- --BY INSTALLING OR USING IN ANY MANNER THE SOFTWARE THAT ACCOMPANIES THIS --AGREEMENT (THE "SOFTWARE") YOU (THE "LICENSEE") ACKNOWLEDGE TO BE BOUND --BY ALL OF THE TERMS OF THIS AGREEMENT. -- --LICENSE GRANT. Subject to the terms and conditions set forth herein, --Netronome Systems, Inc. ("NETRONOME") hereby grants LICENSEE a non- --exclusive license to use, reproduce and distribute the SOFTWARE --exclusively in object form. -- --Restrictions. LICENSEE agrees that, (a) unless explicitly provided by --NETRONOME, the source code of the SOFTWARE is not being provided to --LICENSEE and is confidential and proprietary to NETRONOME and that --LICENSEE has no right to access or use such source code. Accordingly, --LICENSEE agrees that it shall not cause or permit the disassembly, --decompilation or reverse engineering of the SOFTWARE or otherwise attempt --to gain access to the source code for the SOFTWARE; and (b) LICENSEE --agrees that it shall not subject the SOFTWARE in whole or in part, to the --terms of any software license that requires, as a condition of use, --modification and/or distribution that the source code of the SOFTWARE, or --the SOFTWARE be i) disclosed or distributed in source code form; ii) --licensed for the purpose of making derivative works of the source code of --the SOFTWARE; or iii) redistribution of the source code of the SOFTWARE --at no charge. -- --DISCLAIMER OF ALL WARRANTIES. THE SOFTWARE IS PROVIDED "AS IS" AND WITH --ALL FAULTS AND NETRONOME AND ITS LICENSORS HEREBY DISCLAIM ALL EXPRESS OR --IMPLIED WARRANTIES OF ANY KIND, INCLUDING, WITHOUT LIMITATION, ANY --WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A --PARTICULAR PURPOSE. -- --LIMITATIONS OF LIABILITY. EXCEPT WHERE PROHIBITED BY LAW, IN NO EVENT --SHALL NETRONOME OR ANY OTHER PARTY INVOLVED IN THE CREATION, PRODUCTION, --OR DELIVERY OF THE SOFTWARE BE LIABLE FOR ANY LOSS OF PROFITS, DATA, USE --OF THE SOFTWARE, DOCUMENTATION OR EQUIPMENT, OR FOR ANY SPECIAL, --INCIDENTAL, CONSEQUENTIAL, EXEMPLARY, PUNITIVE, MULTIPLE OR OTHER --DAMAGES, ARISING FROM OR IN CONNECTION WITH THE SOFTWARE EVEN IF --NETRONOME OR ITS LICENSORS HAVE BEEN MADE AWARE OF THE POSSIBILITY OF --SUCH DAMAGES AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY --LIMITED REMEDY. -- --EXPORT COMPLIANCE. LICENSEE shall not use or export or transmit the --SOFTWARE, directly or indirectly, to any restricted countries or in any --other manner that would violate any applicable US and other export --control and other regulations and laws as shall from time to time govern --the delivery, license and use of technology, including without limitation --the Export Administration Act of 1979, as amended, and any regulations --issued thereunder. -- --PROHIBITION OF SOFTWARE USE IN HIGH RISK ACTIVITIES AND LIFE --SUPPORT APPLICATIONS. The SOFTWARE is not designed, manufactured or --intended for use as on-line control equipment in hazardous environments --requiring fail-safe performance, such as in the operation of nuclear --facilities, aircraft navigation or communications systems, air traffic --control, life support systems, human implantation or any other --application where product failure could lead to loss of life or --catastrophic property damage or weapons systems, in which the failure of --the SOFTWARE could lead directly to death, personal injury, or severe --physical or environmental damage ("High Risk Activities"). Accordingly --NETRONOME and, where applicable, NETRONOME'S third party licensors --specifically disclaim any express or implied warranty of fitness for High --Risk Activities. -diff --git a/LICENCE.cavium b/LICENCE.cavium -deleted file mode 100644 -index 5d2a2bb..0000000 ---- a/LICENCE.cavium -+++ /dev/null -@@ -1,59 +0,0 @@ --Copyright © 2015, Cavium, Inc. All rights reserved. -- --Software License Agreement -- --ANY USE, REPRODUCTION, OR DISTRIBUTION OF THE ACCOMPANYING BINARY SOFTWARE --CONSTITUTES LICENSEEE'S ACCEPTANCE OF THE TERMS AND CONDITIONS OF THIS AGREEMENT. -- --Licensed Software. Subject to the terms and conditions of this Agreement, --Cavium, Inc. ("Cavium") grants to Licensee a worldwide, non-exclusive, and --royalty-free license to use, reproduce, and distribute the binary software in --its complete and unmodified form as provided by Cavium. -- --Restrictions. Licensee must reproduce the Cavium copyright notice above with --each binary software copy. Licensee must not reverse engineer, decompile, --disassemble or modify in any way the binary software. Licensee must not use --the binary software in violation of any applicable law or regulation. This --Agreement shall automatically terminate upon Licensee's breach of any term or --condition of this Agreement in which case, Licensee shall destroy all copies of --the binary software. -- --Warranty Disclaimer. THE LICENSED SOFTWARE IS OFFERED "AS IS," AND CAVIUM --GRANTS AND LICENSEE RECEIVES NO WARRANTIES OF ANY KIND, WHETHER EXPRESS, --IMPLIED, STATUTORY, OR BY COURSE OF COMMUNICATION OR DEALING WITH LICENSEE, OR --OTHERWISE. CAVIUM AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY IMPLIED --WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR --NONINFRINGEMENT OF THIRD PARTY RIGHTS, CONCERNING THE LICENSED SOFTWARE, --DERIVATIVE WORKS, OR ANY DOCUMENTATION PROVIDED WITH THE FOREGOING. WITHOUT --LIMITING THE GENERALITY OF THE FOREGOING, CAVIUM DOES NOT WARRANT THAT THE --LICENSED SOFTWARE IS ERROR-FREE OR WILL OPERATE WITHOUT INTERRUPTION, AND --CAVIUM GRANTS NO WARRANTY REGARDING ITS USE OR THE RESULTS THEREFROM, INCLUDING --ITS CORRECTNESS, ACCURACY, OR RELIABILITY. -- --Limitation of Liability. IN NO EVENT WILL LICENSEE, CAVIUM, OR ANY OF CAVIUM'S --LICENSORS HAVE ANY LIABILITY HEREUNDER FOR ANY INDIRECT, SPECIAL, OR --CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER --FOR BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, ARISING OUT --OF THIS AGREEMENT, INCLUDING DAMAGES FOR LOSS OF PROFITS, OR THE COST OF --PROCUREMENT OF SUBSTITUTE GOODS, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE --POSSIBILITY OF SUCH DAMAGES. -- --Export and Import Laws. Licensee acknowledges and agrees that the Licensed --Software (including technical data and related technology) may be controlled by --the export control laws, rules, regulations, restrictions and national security --controls of the United States and other applicable foreign agencies (the --"Export Controls"), and agrees not export or re-export, or allow the export or --re-export of export-controlled the Licensed Software (including technical data --and related technology) or any copy, portion or direct product of the foregoing --in violation of the Export Controls. Licensee hereby represents that --(i) Licensee is not an entity or person to whom provision of the Licensed --Software (including technical data and related technology) is restricted or --prohibited by the Export Controls; and (ii) Licensee will not export, re-export --or otherwise transfer the export-controlled Licensed Software (including --technical data and related technology) in violation of U.S. sanction programs --or export control regulations to (a) any country, or national or resident of --any country, subject to a United States trade embargo, (b) any person or entity --to whom shipment is restricted or prohibited by the Export Controls, or --(c) anyone who is engaged in activities related to the design, development, --production, or use of nuclear materials, nuclear facilities, nuclear weapons, --missiles or chemical or biological weapons. -diff --git a/LICENCE.cavium_liquidio b/LICENCE.cavium_liquidio -deleted file mode 100644 -index 250b9fe..0000000 ---- a/LICENCE.cavium_liquidio -+++ /dev/null -@@ -1,68 +0,0 @@ --This file contains licences pertaining to the following firmwares for --LiquidIO (c) adapters -- --1. lio_nic_23xx.bin, lio_210nv_nic.bin, lio_410nv_nic.bin -- --########################################################################### -- --1. lio_nic_23xx.bin, lio_210nv_nic.bin, lio_410nv_nic.bin -- --Copyright (c) 2018, Cavium, Inc. All rights reserved. -- --Software License Agreement -- --ANY USE, REPRODUCTION, OR DISTRIBUTION OF THE ACCOMPANYING BINARY SOFTWARE --CONSTITUTES LICENSEEE'S ACCEPTANCE OF THE TERMS AND CONDITIONS OF THIS AGREEMENT. -- --Licensed Software. Subject to the terms and conditions of this Agreement, --Cavium, Inc. ("Cavium") grants to Licensee a worldwide, non-exclusive, and --royalty-free license to use, reproduce, and distribute the binary software in --its complete and unmodified form as provided by Cavium. -- --Restrictions. Licensee must reproduce the Cavium copyright notice above with --each binary software copy. Licensee must not reverse engineer, decompile, --disassemble or modify in any way the binary software. Licensee must not use --the binary software in violation of any applicable law or regulation. This --Agreement shall automatically terminate upon Licensee's breach of any term or --condition of this Agreement in which case, Licensee shall destroy all copies of --the binary software. -- --Warranty Disclaimer. THE LICENSED SOFTWARE IS OFFERED "AS IS," AND CAVIUM --GRANTS AND LICENSEE RECEIVES NO WARRANTIES OF ANY KIND, WHETHER EXPRESS, --IMPLIED, STATUTORY, OR BY COURSE OF COMMUNICATION OR DEALING WITH LICENSEE, OR --OTHERWISE. CAVIUM AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY IMPLIED --WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR --NONINFRINGEMENT OF THIRD PARTY RIGHTS, CONCERNING THE LICENSED SOFTWARE, --DERIVATIVE WORKS, OR ANY DOCUMENTATION PROVIDED WITH THE FOREGOING. WITHOUT --LIMITING THE GENERALITY OF THE FOREGOING, CAVIUM DOES NOT WARRANT THAT THE --LICENSED SOFTWARE IS ERROR-FREE OR WILL OPERATE WITHOUT INTERRUPTION, AND --CAVIUM GRANTS NO WARRANTY REGARDING ITS USE OR THE RESULTS THEREFROM, INCLUDING --ITS CORRECTNESS, ACCURACY, OR RELIABILITY. -- --Limitation of Liability. IN NO EVENT WILL LICENSEE, CAVIUM, OR ANY OF CAVIUM'S --LICENSORS HAVE ANY LIABILITY HEREUNDER FOR ANY INDIRECT, SPECIAL, OR --CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER --FOR BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, ARISING OUT --OF THIS AGREEMENT, INCLUDING DAMAGES FOR LOSS OF PROFITS, OR THE COST OF --PROCUREMENT OF SUBSTITUTE GOODS, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE --POSSIBILITY OF SUCH DAMAGES. -- --Export and Import Laws. Licensee acknowledges and agrees that the Licensed --Software (including technical data and related technology) may be controlled by --the export control laws, rules, regulations, restrictions and national security --controls of the United States and other applicable foreign agencies (the --"Export Controls"), and agrees not export or re-export, or allow the export or --re-export of export-controlled the Licensed Software (including technical data --and related technology) or any copy, portion or direct product of the foregoing --in violation of the Export Controls. Licensee hereby represents that --(i) Licensee is not an entity or person to whom provision of the Licensed --Software (including technical data and related technology) is restricted or --prohibited by the Export Controls; and (ii) Licensee will not export, re-export --or otherwise transfer the export-controlled Licensed Software (including --technical data and related technology) in violation of U.S. sanction programs --or export control regulations to (a) any country, or national or resident of --any country, subject to a United States trade embargo, (b) any person or entity --to whom shipment is restricted or prohibited by the Export Controls, or --(c) anyone who is engaged in activities related to the design, development, --production, or use of nuclear materials, nuclear facilities, nuclear weapons, --missiles or chemical or biological weapons. -diff --git a/LICENCE.qat_firmware b/LICENCE.qat_firmware -deleted file mode 100644 -index 75a4ff1..0000000 ---- a/LICENCE.qat_firmware -+++ /dev/null -@@ -1,36 +0,0 @@ --Copyright (c) 2014-2023 Intel Corporation. --All rights reserved. -- --Redistribution. Redistribution and use in binary form, without --modification, are permitted provided that the following conditions are --met: -- --* Redistributions must reproduce the above copyright notice and the -- following disclaimer in the documentation and/or other materials -- provided with the distribution. --* Neither the name of Intel Corporation nor the names of its suppliers -- may be used to endorse or promote products derived from this software -- without specific prior written permission. --* No reverse engineering, decompilation, or disassembly of this software -- is permitted. -- --Limited patent license. Intel Corporation grants a world-wide, --royalty-free, non-exclusive license under patents it now or hereafter --owns or controls to make, have made, use, import, offer to sell and --sell ("Utilize") this software, but solely to the extent that any --such patent is necessary to Utilize the software alone. The patent --license shall not apply to any other combinations which include this --software. No hardware per se is licensed hereunder. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE --COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH --DAMAGE. -diff --git a/LICENCE.ti-keystone b/LICENCE.ti-keystone -deleted file mode 100644 -index 62cc3b3..0000000 ---- a/LICENCE.ti-keystone -+++ /dev/null -@@ -1,61 +0,0 @@ --Copyright (c) 2015 Texas Instruments Incorporated -- --All rights reserved not granted herein. -- --Limited License. -- --Texas Instruments Incorporated grants a world-wide, royalty-free, non-exclusive --license under copyrights and patents it now or hereafter owns or controls to --make, have made, use, import, offer to sell and sell ("Utilize") this software --subject to the terms herein. With respect to the foregoing patent license, such --license is granted solely to the extent that any such patent is necessary to --Utilize the software alone. The patent license shall not apply to any --combinations which include this software, other than combinations with devices --manufactured by or for TI (“TI Devices”). No hardware patent is licensed --hereunder. -- --Redistributions must preserve existing copyright notices and reproduce this --license (including the above copyright notice and the disclaimer and --(if applicable) source code license limitations below) in the documentation --and/or other materials provided with the distribution -- --Redistribution and use in binary form, without modification, are permitted --provided that the following conditions are met: -- -- * No reverse engineering, decompilation, or disassembly of this -- software is permitted with respect to any software provided in binary -- form. -- -- * any redistribution and use are licensed by TI for use only with TI -- Devices. -- -- * Nothing shall obligate TI to provide you with source code for the -- software licensed and provided to you in object code. -- --If software source code is provided to you, modification and redistribution of --the source code are permitted provided that the following conditions are met: -- -- * any redistribution and use of the source code, including any -- resulting derivative works, are licensed by TI for use only with TI -- Devices. -- -- * any redistribution and use of any object code compiled from the -- source code and any resulting derivative works, are licensed by TI -- for use only with TI Devices. -- --Neither the name of Texas Instruments Incorporated nor the names of its --suppliers may be used to endorse or promote products derived from this --software without specific prior written permission. -- --DISCLAIMER. -- --THIS SOFTWARE IS PROVIDED BY TI AND TI’S LICENSORS "AS IS" AND ANY EXPRESS OR --IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF --MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO --EVENT SHALL TI AND TI’S LICENSORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT --LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR --PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF --LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE --OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF --ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENSE.amd-sev b/LICENSE.amd-sev -deleted file mode 100644 -index de4d948..0000000 ---- a/LICENSE.amd-sev -+++ /dev/null -@@ -1,64 +0,0 @@ --Copyright (C) 2015-2019 Advanced Micro Devices, Inc., All rights reserved. -- --Permission is hereby granted by Advanced Micro Devices, Inc. ("AMD"), --free of any license fees, to any person obtaining a copy of this --microcode in binary form (the "Software") ("You"), to install, --reproduce, copy and distribute copies of the Software and to permit --persons to whom the Software is provided to do the same, subject to --the following terms and conditions. Your use of any portion of the --Software shall constitute Your acceptance of the following terms and --conditions. If You do not agree to the following terms and conditions, --do not use, retain or redistribute any portion of the Software. -- --If You redistribute this Software, You must reproduce the above --copyright notice and this license with the Software. --Without specific, prior, written permission from AMD, You may not --reference AMD or AMD products in the promotion of any product derived --from or incorporating this Software in any manner that implies that --AMD endorses or has certified such product derived from or --incorporating this Software. -- --You may not reverse engineer, decompile, or disassemble this Software --or any portion thereof. -- --THE SOFTWARE IS PROVIDED "AS IS" WITHOUT ANY EXPRESS OR IMPLIED --WARRANTY OF ANY KIND, INCLUDING BUT NOT LIMITED TO WARRANTIES OF --MERCHANTABILITY, NONINFRINGEMENT, TITLE, FITNESS FOR ANY PARTICULAR --PURPOSE, OR WARRANTIES ARISING FROM CONDUCT, COURSE OF DEALING, OR --USAGE OF TRADE. IN NO EVENT SHALL AMD OR ITS LICENSORS BE LIABLE FOR --ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR --LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF DATA OR --INFORMATION) ARISING OUT OF AMD'S NEGLIGENCE, GROSS NEGLIGENCE, THE --USE OF OR INABILITY TO USE THE SOFTWARE, EVEN IF AMD HAS BEEN ADVISED --OF THE POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME JURISDICTIONS --PROHIBIT THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR --INCIDENTAL DAMAGES OR THE EXCLUSION OF IMPLIED WARRANTIES, THE ABOVE --LIMITATION MAY NOT APPLY TO YOU. -- --Without limiting the foregoing, the Software may implement third party --technologies for which You must obtain licenses from parties other --than AMD. You agree that AMD has not obtained or conveyed to You, and --that You shall be responsible for obtaining the rights to use and/or --distribute the applicable underlying intellectual property rights --related to the third party technologies. These third party --technologies are not licensed hereunder. -- --If You use the Software (in whole or in part), You shall adhere to all --applicable U.S., European, and other export laws, including but not --limited to the U.S. Export Administration Regulations ("EAR"), (15 --C.F.R. Sections 730 through 774), and E.U. Council Regulation (EC) No --1334/2000 of 22 June 2000. Further, pursuant to Section 740.6 of the --EAR, You hereby certify that, except pursuant to a license granted by --the United States Department of Commerce Bureau of Industry and --Security or as otherwise permitted pursuant to a License Exception --under the U.S. Export Administration Regulations ("EAR"), You will not --(1) export, re-export or release to a national of a country in Country --Groups D:1, E:1 or E:2 any restricted technology, software, or source --code You receive hereunder, or (2) export to Country Groups D:1, E:1 --or E:2 the direct product of such technology or software, if such --foreign produced direct product is subject to national security --controls as identified on the Commerce Control List (currently found --in Supplement 1 to Part 774 of EAR). For the most current Country --Group listings, or for additional information about the EAR or Your --obligations under those regulations, please refer to the U.S. Bureau --of Industry and Security’s website at ttp://www.bis.doc.gov/. -diff --git a/LICENSE.nxp_mc_firmware b/LICENSE.nxp_mc_firmware -deleted file mode 100644 -index 4b12f58..0000000 ---- a/LICENSE.nxp_mc_firmware -+++ /dev/null -@@ -1,127 +0,0 @@ --Copyright (c) 2018 NXP. All rights reserved. -- --Software License Agreement ("Agreement") -- --ANY USE, REPRODUCTION, OR DISTRIBUTION OF THE ACCOMPANYING BINARY SOFTWARE --CONSTITUTES LICENSEE'S ACCEPTANCE OF THE TERMS AND CONDITIONS OF THIS AGREEMENT. -- --Licensed Software. "Binary Software" means software in binary form specified in --ANNEX A. Subject to the terms and conditions of this Agreement, NXP USA, Inc. --("Licensor"), grants to you ("Licensee") a worldwide, non-exclusive, and --royalty-free license to reproduce and distribute the Binary Software in its --complete and unmodified binary form as provided by Licensor, for use solely in --conjunction with a programmable processing unit supplied directly or indirectly --from Licensor. -- --Restrictions. Licensee must reproduce the Licensor copyright notice above with --each binary copy of the Binary Software or in the accompanying documentation. --Licensee must not reverse engineer, decompile, disassemble or modify in any way --the Binary Software. Licensee must not use the Binary Software in violation of --any applicable law or regulation. This Agreement shall automatically terminate --upon Licensee's breach of any term or condition of this Agreement in which case, --Licensee shall destroy all copies of the Binary Software. Neither the name of --Licensor nor the names of its suppliers may be used to endorse or promote --products derived from this Binary Software without specific prior written --permission. -- --Disclaimer. TO THE MAXIMUM EXTENT PERMITTED BY LAW, LICENSOR EXPRESSLY --DISCLAIMS ANY WARRANTY FOR THE BINARY SOFTWARE. THE BINARY SOFTWARE IS PROVIDED --"AS IS", WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING --WITHOUT LIMITATION THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A --PARTICULAR PURPOSE, OR NON-INFRINGEMENT. WITHOUT LIMITING THE GENERALITY OF THE --FOREGOING, LICENSOR DOES NOT WARRANT THAT THE BINARY SOFTWARE IS ERROR-FREE OR --WILL OPERATE WITHOUT INTERRUPTION, AND LICENSOR GRANTS NO WARRANTY REGARDING ITS --USE OR THE RESULTS THEREFROM, INCLUDING ITS CORRECTNESS, ACCURACY, OR --RELIABILITY. -- --Limitation of Liability. IN NO EVENT WILL LICENSOR, OR ANY OF LICENSOR'S --LICENSORS HAVE ANY LIABILITY HEREUNDER FOR ANY INDIRECT, SPECIAL, OR --CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER --FOR BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, ARISING OUT --OF THIS AGREEMENT, INCLUDING DAMAGES FOR LOSS OF PROFITS, OR THE COST OF --PROCUREMENT OF SUBSTITUTE GOODS, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE --POSSIBILITY OF SUCH DAMAGES. LICENSOR'S TOTAL LIABILITY FOR ALL COSTS, DAMAGES, --CLAIMS, OR LOSSES WHATSOEVER ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT --OR THE BINARY SOFTWARE SUPPLIED UNDER THIS AGREEMENT IS LIMITED TO THE AGGREGATE --AMOUNT PAID BY LICENSEE TO LICENSOR IN CONNECTION WITH THE BINARY SOFTWARE TO --WHICH LOSSES OR DAMAGES ARE CLAIMED. -- --Trade Compliance. Licensee shall comply with all applicable export and import --control laws and regulations including but not limited to the US Export --Administration Regulation (including prohibited party lists issued by other --federal governments), Catch-all regulations and all national and international --embargoes. Licensee further agrees that it will not knowingly transfer, divert, --export or re-export, directly or indirectly, any product, software, including --software source code, or technology restricted by such regulations or by other --applicable national regulations, received from Licensor under this Agreement, --or any direct product of such software or technical data to any person, firm, --entity, country or destination to which such transfer, diversion, export or --re-export is restricted or prohibited, without obtaining prior written --authorization from the applicable competent government authorities to the extent --required by those laws. Licensee acknowledge that the "restricted encryption --software" that is subject to the US Export Administration Regulations (EAR), is --not intended for use by a government end user, as defined in part 772 of the --EAR. This provision shall survive termination or expiration of this Agreement. -- --Assignment. Licensee may not assign this Agreement without the prior written --consent of Licensor. Licensor may assign this Agreement without Licensee's --consent. -- --Governing Law. This Agreement will be governed by, construed, and enforced in --accordance with the laws of the State of Texas, USA, without regard to conflicts --of laws principles, will apply to all matters relating to this Agreement or the --Binary Software, and Licensee agrees that any litigation will be subject to the --exclusive jurisdiction of the state or federal courts Texas, USA. The United --Nations Convention on Contracts for the International Sale of Goods will not --apply to this Agreement. -- --Restrictions, Warranty Disclaimer, Limitation of Liability, Trade Compliance, --Assignment, Governing Law, and Third Party Terms shall survive termination or --expiration of this Agreement. -- --Third Party Terms. The licensed Binary Software includes the following third --party software for which the following terms apply: -- --Libfdt - Flat Device Tree manipulation --Copyright (c) 2006 David Gibson, IBM Corporation --All rights reserved. -- --Redistributions must reproduce the above copyright notice, this list of --conditions and the following disclaimer in the documentation and/or other --materials provided with the distribution. -- --THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED --WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE --DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR --ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES --(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; --LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON --ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT --(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS --SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- --LibElf --Copyright (c) 2006,2008-2011 Joseph Koshy --All rights reserved. -- --Redistributions must reproduce the above copyright notice, this list of --conditions and the following disclaimer in the documentation and/or other --materials provided with the distribution. -- --THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND --ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED --WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE --DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR --ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES --(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; --LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON --ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT --(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS --SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- -- --ANNEX A --BINARY SOFTWARE --Only software in binary form may be provided under this Agreement -- -diff --git a/WHENCE b/WHENCE -index f6b0299..58e9ca1 100644 ---- a/WHENCE -+++ b/WHENCE -@@ -1071,19 +1071,6 @@ License: Redistributable. See LICENCE.myri10ge_firmware for details. - - -------------------------------------------------------------------------- - --Driver: ccp - Platform Security Processor (PSP) device -- --File: amd/amd_sev_fam17h_model0xh.sbin --Version: 2022-2-25 --File: amd/amd_sev_fam17h_model3xh.sbin --Version: 2022-2-25 --File: amd/amd_sev_fam19h_model0xh.sbin --Version: 2022-2-25 -- --License: Redistributable. See LICENSE.amd-sev for details -- ---------------------------------------------------------------------------- -- - Driver: microcode_amd - AMD CPU Microcode Update Driver for Linux - - File: amd-ucode/microcode_amd.bin -@@ -1107,52 +1094,6 @@ License: Redistributable. See LICENSE.amd-ucode for details - - -------------------------------------------------------------------------- - --Driver: qat - Intel(R) QAT crypto accelerator -- --File: qat_895xcc.bin --File: qat_895xcc_mmp.bin --File: qat_c3xxx.bin --File: qat_c3xxx_mmp.bin --File: qat_c62x.bin --File: qat_c62x_mmp.bin --Link: qat_mmp.bin -> qat_895xcc_mmp.bin --File: qat_4xxx.bin --File: qat_4xxx_mmp.bin -- --Licence: Redistributable. See LICENCE.qat_firmware for details -- ---------------------------------------------------------------------------- -- --Driver: liquidio -- Cavium LiquidIO driver -- --File: liquidio/lio_23xx_nic.bin --Version: v1.7.2 -- --File: liquidio/lio_210nv_nic.bin --Version: v1.7.2 -- --File: liquidio/lio_210sv_nic.bin --Version: v1.7.2 -- --File: liquidio/lio_410nv_nic.bin --Version: v1.7.2 -- --Licence: Redistributable. See LICENCE.cavium_liquidio for details -- ---------------------------------------------------------------------------- -- --Driver: nitrox -- Cavium CNN55XX crypto driver -- --File: cavium/cnn55xx_ae.fw --Version: v01 -- --File: cavium/cnn55xx_se.fw --Version: v10 -- --Licence: Redistributable. See LICENCE.cavium for details -- ---------------------------------------------------------------------------- -- - Driver: i915 -- Intel Integrated Graphics driver - - File: i915/skl_dmc_ver1_23.bin -@@ -1936,14 +1877,6 @@ Licence: Redistributable. See LICENCE.nvidia for details - - -------------------------------------------------------------------------- - --Driver: knav_qmss_queue - TI Keystone 2 QMSS driver -- --File: ti-keystone/ks2_qmss_pdsp_acc48_k2_le_1_0_0_9.bin -- --Licence: Redistributable. See LICENCE.ti-keystone for details. -- ---------------------------------------------------------------------------- -- - Driver: mtk_scp - MediaTek SCP System Control Processing Driver - - File: mediatek/mt8183/scp.img -@@ -1959,100 +1892,6 @@ Licence: Redistributable. See LICENCE.mediatek for details. - - -------------------------------------------------------------------------- - --Driver: nfp - Netronome Flow Processor -- --Link: netronome/nic_AMDA0081-0001_1x40.nffw -> nic/nic_AMDA0081-0001_1x40.nffw --Link: netronome/nic_AMDA0097-0001_2x40.nffw -> nic/nic_AMDA0097-0001_2x40.nffw --Link: netronome/nic_AMDA0099-0001_2x10.nffw -> nic/nic_AMDA0099-0001_2x10.nffw --Link: netronome/nic_AMDA0081-0001_4x10.nffw -> nic/nic_AMDA0081-0001_4x10.nffw --Link: netronome/nic_AMDA0097-0001_4x10_1x40.nffw -> nic/nic_AMDA0097-0001_4x10_1x40.nffw --Link: netronome/nic_AMDA0099-0001_1x10_1x25.nffw -> nic/nic_AMDA0099-0001_1x10_1x25.nffw --Link: netronome/nic_AMDA0099-0001_2x25.nffw -> nic/nic_AMDA0099-0001_2x25.nffw --Link: netronome/nic_AMDA0096-0001_2x10.nffw -> nic/nic_AMDA0096-0001_2x10.nffw --Link: netronome/nic_AMDA0097-0001_8x10.nffw -> nic/nic_AMDA0097-0001_8x10.nffw --Link: netronome/nic_AMDA0058-0011_2x40.nffw -> nic/nic_AMDA0058-0011_2x40.nffw --Link: netronome/nic_AMDA0058-0012_2x40.nffw -> nic/nic_AMDA0058-0012_2x40.nffw --Link: netronome/nic_AMDA0078-0011_1x100.nffw -> nic/nic_AMDA0078-0011_1x100.nffw --File: netronome/nic/nic_AMDA0081-0001_1x40.nffw --File: netronome/nic/nic_AMDA0097-0001_2x40.nffw --File: netronome/nic/nic_AMDA0099-0001_2x10.nffw --File: netronome/nic/nic_AMDA0081-0001_4x10.nffw --File: netronome/nic/nic_AMDA0097-0001_4x10_1x40.nffw --File: netronome/nic/nic_AMDA0099-0001_1x10_1x25.nffw --File: netronome/nic/nic_AMDA0099-0001_2x25.nffw --File: netronome/nic/nic_AMDA0096-0001_2x10.nffw --File: netronome/nic/nic_AMDA0097-0001_8x10.nffw --File: netronome/nic/nic_AMDA0058-0011_2x40.nffw --File: netronome/nic/nic_AMDA0058-0012_2x40.nffw --File: netronome/nic/nic_AMDA0078-0011_1x100.nffw --File: netronome/nic-sriov/nic_AMDA0081-0001_1x40.nffw --File: netronome/nic-sriov/nic_AMDA0097-0001_2x40.nffw --File: netronome/nic-sriov/nic_AMDA0099-0001_2x10.nffw --File: netronome/nic-sriov/nic_AMDA0081-0001_4x10.nffw --File: netronome/nic-sriov/nic_AMDA0097-0001_4x10_1x40.nffw --File: netronome/nic-sriov/nic_AMDA0099-0001_1x10_1x25.nffw --File: netronome/nic-sriov/nic_AMDA0099-0001_2x25.nffw --File: netronome/nic-sriov/nic_AMDA0096-0001_2x10.nffw --File: netronome/nic-sriov/nic_AMDA0097-0001_8x10.nffw --File: netronome/nic-sriov/nic_AMDA0058-0011_2x40.nffw --File: netronome/nic-sriov/nic_AMDA0058-0012_2x40.nffw --File: netronome/nic-sriov/nic_AMDA0078-0011_1x100.nffw -- --Version: v2.1.16.1 -- --File: netronome/flower/nic_AMDA0099.nffw --File: netronome/flower/nic_AMDA0096.nffw --File: netronome/flower/nic_AMDA0097.nffw --File: netronome/flower/nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0081.nffw -> nic_AMDA0097.nffw --Link: netronome/flower/nic_AMDA0081-0001_1x40.nffw -> nic_AMDA0081.nffw --Link: netronome/flower/nic_AMDA0097-0001_2x40.nffw -> nic_AMDA0097.nffw --Link: netronome/flower/nic_AMDA0099-0001_2x10.nffw -> nic_AMDA0099.nffw --Link: netronome/flower/nic_AMDA0081-0001_4x10.nffw -> nic_AMDA0081.nffw --Link: netronome/flower/nic_AMDA0097-0001_4x10_1x40.nffw -> nic_AMDA0097.nffw --Link: netronome/flower/nic_AMDA0099-0001_2x25.nffw -> nic_AMDA0099.nffw --Link: netronome/flower/nic_AMDA0096-0001_2x10.nffw -> nic_AMDA0096.nffw --Link: netronome/flower/nic_AMDA0097-0001_8x10.nffw -> nic_AMDA0097.nffw --Link: netronome/flower/nic_AMDA0099-0001_1x10_1x25.nffw -> nic_AMDA0099.nffw --Link: netronome/flower/nic_AMDA0058-0011_1x100.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0058-0011_2x40.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0058-0011_4x10_1x40.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0058-0011_8x10.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0058-0012_1x100.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0058-0012_2x40.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0058-0012_4x10_1x40.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0058-0012_8x10.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0078-0011_1x100.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0078-0011_2x40.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0078-0011_4x10_1x40.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0078-0011_8x10.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0078-0012_1x100.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0078-0012_2x40.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0078-0012_4x10_1x40.nffw -> nic_AMDA0058.nffw --Link: netronome/flower/nic_AMDA0078-0012_8x10.nffw -> nic_AMDA0058.nffw -- --Version: AOTC-2.14.A.6 -- --File: netronome/bpf/nic_AMDA0081-0001_1x40.nffw --File: netronome/bpf/nic_AMDA0097-0001_2x40.nffw --File: netronome/bpf/nic_AMDA0099-0001_2x10.nffw --File: netronome/bpf/nic_AMDA0081-0001_4x10.nffw --File: netronome/bpf/nic_AMDA0097-0001_4x10_1x40.nffw --File: netronome/bpf/nic_AMDA0099-0001_1x10_1x25.nffw --File: netronome/bpf/nic_AMDA0099-0001_2x25.nffw --File: netronome/bpf/nic_AMDA0096-0001_2x10.nffw --File: netronome/bpf/nic_AMDA0097-0001_8x10.nffw --File: netronome/bpf/nic_AMDA0058-0011_2x40.nffw --File: netronome/bpf/nic_AMDA0058-0012_2x40.nffw --File: netronome/bpf/nic_AMDA0078-0011_1x100.nffw -- --Version: v2.0.6.124 -- -- --Licence: Redistributable. See LICENCE.Netronome for details -- ---------------------------------------------------------------------------- -- - Driver: imx-sdma - support for i.MX SDMA driver - - File: imx/sdma/sdma-imx6q.bin -@@ -2211,28 +2050,6 @@ Licence: - - -------------------------------------------------------------------------- - --Driver: fsl-mc bus - NXP Management Complex Bus Driver -- --File: dpaa2/mc/mc_10.10.0_ls1088a.itb --File: dpaa2/mc/mc_10.10.0_ls2088a.itb --File: dpaa2/mc/mc_10.10.0_lx2160a.itb --File: dpaa2/mc/mc_10.14.3_ls1088a.itb --File: dpaa2/mc/mc_10.14.3_ls2088a.itb --File: dpaa2/mc/mc_10.14.3_lx2160a.itb --File: dpaa2/mc/mc_10.16.2_ls1088a.itb --File: dpaa2/mc/mc_10.16.2_ls2088a.itb --File: dpaa2/mc/mc_10.16.2_lx2160a.itb --File: dpaa2/mc/mc_10.18.0_ls1088a.itb --File: dpaa2/mc/mc_10.18.0_ls2088a.itb --File: dpaa2/mc/mc_10.18.0_lx2160a.itb --File: dpaa2/mc/mc_10.28.1_ls1088a.itb --File: dpaa2/mc/mc_10.28.1_ls2088a.itb --File: dpaa2/mc/mc_10.28.1_lx2160a.itb -- --Licence: Redistributable. See LICENSE.nxp_mc_firmware for details -- ---------------------------------------------------------------------------- -- - Driver: ice - Intel(R) Ethernet Connection E800 Series - - File: intel/ice/ddp/ice-1.3.30.0.pkg -@@ -2247,21 +2064,6 @@ License: Redistributable. See LICENSE.ice_enhanced for details - - -------------------------------------------------------------------------- - --Driver: inside-secure -- Inside Secure EIP197 crypto driver -- --File: inside-secure/eip197_minifw/ipue.bin --File: inside-secure/eip197_minifw/ifpp.bin -- --Licence: Redistributable. --Copyright (c) 2019 Verimatrix, Inc. -- --Derived from proprietary unpublished source code. --Permission is hereby granted for the distribution of this firmware --as part of Linux or other Open Source operating system kernel, --provided this copyright notice is accompanying it. -- -------------------------------------------------- -- - Driver: prestera - Marvell driver for Prestera family ASIC devices - - File: mrvl/prestera/mvsw_prestera_fw-v2.0.img -@@ -2273,23 +2075,3 @@ File: mrvl/prestera/mvsw_prestera_fw_arm64-v4.1.img - Licence: Redistributable. See LICENCE.Marvell for details. - - ------------------------------------------------ -- --Driver: rvu_cptpf - Marvell CPT driver -- --File: mrvl/cpt01/ae.out --File: mrvl/cpt01/se.out --File: mrvl/cpt01/ie.out --File: mrvl/cpt02/ae.out --File: mrvl/cpt02/se.out --File: mrvl/cpt02/ie.out --File: mrvl/cpt03/ae.out --File: mrvl/cpt03/se.out --File: mrvl/cpt03/ie.out --File: mrvl/cpt04/ae.out --File: mrvl/cpt04/se.out --File: mrvl/cpt04/ie.out --Version: v1.21 -- --Licence: Redistributable. See LICENCE.Marvell for details. -- ----------------------------------------------------------------------------- --- -2.40.1 - diff --git a/packages/linux-firmware/0008-linux-firmware-gpu-Remove-firmware-for-GPU-devices.patch b/packages/linux-firmware/0008-linux-firmware-gpu-Remove-firmware-for-GPU-devices.patch deleted file mode 100644 index 92eb94f98af..00000000000 --- a/packages/linux-firmware/0008-linux-firmware-gpu-Remove-firmware-for-GPU-devices.patch +++ /dev/null @@ -1,1923 +0,0 @@ -From 2819be643186fa19869700e0af67444872d677c7 Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Wed, 26 Jul 2023 11:16:37 +0000 -Subject: [PATCH] linux-firmware: gpu: Remove firmware for GPU devices - -Bottlerocket does not provide drivers for any GPUs for any of its -kernels. Thus, shipping firmware for any of these non-supported devices -makes no sense. One exception is the nvidia drivers for tesla devices in -aws-*-nvidia variants. These variants include drivers through -kmod-*-nvidia packages which ship device specific firmware for supported -cards. - -The following list maps drivers as specified in WHENCE to kernel config -options for easy reference, should firmware be needed through driver -addition. - -* mga - CONFIG_DRM_MGA && CONFIG_DRM_MGAG200 -* r128 - CONFIG_DRM_R128 -* radeon - CONFIG_DRM_RADEON -* amdgpu - CONFIG_DRM_AMDGPU -* nouveau - CONFIG_DRM_NOUVEAU -* adreno - CONFIG_DRM_MSM - -Signed-off-by: Leonard Foerster ---- - LICENCE.nvidia | 131 ----- - LICENSE.amdgpu | 51 -- - LICENSE.qcom | 206 ------- - LICENSE.qcom_yamato | 25 - - LICENSE.radeon | 51 -- - WHENCE | 1363 ------------------------------------------- - 6 files changed, 1827 deletions(-) - delete mode 100644 LICENCE.nvidia - delete mode 100644 LICENSE.amdgpu - delete mode 100644 LICENSE.qcom - delete mode 100644 LICENSE.qcom_yamato - delete mode 100644 LICENSE.radeon - -diff --git a/LICENCE.nvidia b/LICENCE.nvidia -deleted file mode 100644 -index b99d5a3..0000000 ---- a/LICENCE.nvidia -+++ /dev/null -@@ -1,131 +0,0 @@ -- License For Customer Use of NVIDIA Software -- -- --IMPORTANT NOTICE -- READ CAREFULLY: This License For Customer Use of --NVIDIA Software ("LICENSE") is the agreement which governs use of --the software of NVIDIA Corporation and its subsidiaries ("NVIDIA") --downloadable herefrom, including computer software and associated --printed materials ("SOFTWARE"). By downloading, installing, copying, --or otherwise using the SOFTWARE, you agree to be bound by the terms --of this LICENSE. If you do not agree to the terms of this LICENSE, --do not download the SOFTWARE. -- --RECITALS -- --Use of NVIDIA's products requires three elements: the SOFTWARE, the --hardware, and a personal computer. The SOFTWARE is protected by copyright --laws and international copyright treaties, as well as other intellectual --property laws and treaties. The SOFTWARE may be protected by various --patents, and is not sold, and instead is only licensed for use, strictly --in accordance with this document. The hardware is protected by various --patents, and is sold, but this agreement does not cover that sale, since --it may not necessarily be sold as a package with the SOFTWARE. This --agreement sets forth the terms and conditions of the SOFTWARE LICENSE only. -- --1. DEFINITIONS -- --1.1 Customer. Customer means the entity or individual that --downloads or otherwise obtains the SOFTWARE. -- --2. GRANT OF LICENSE -- --2.1 Rights and Limitations of Grant. NVIDIA hereby grants Customer --the following non-exclusive, non-transferable right to use the --SOFTWARE, with the following limitations: -- --2.1.1 Rights. Customer may install and use multiple copies of the --SOFTWARE on a shared computer or concurrently on different computers, --and make multiple back-up copies of the SOFTWARE, solely for Customer's --use within Customer's Enterprise. "Enterprise" shall mean individual use --by Customer or any legal entity (such as a corporation or university) --and the subsidiaries it owns by more than fifty percent (50%). -- --2.1.2 Open Source Exception. Notwithstanding the foregoing terms --of Section 2.1.1, SOFTWARE may be copied and redistributed solely for --use on operating systems distributed under the terms of an OSI-approved --open source license as listed by the Open Source Initiative at --http://opensource.org, provided that the binary files thereof are not --modified, and Customer provides a copy of this license with the SOFTWARE. -- --2.1.3 Limitations. -- --No Reverse Engineering. Customer may not reverse engineer, --decompile, or disassemble the SOFTWARE, nor attempt in any other --manner to obtain the source code. -- --Usage. SOFTWARE is licensed only for use with microprocessor(s) which have --been (i) designed by NVIDIA and (ii) either (a) sold by or (b) licensed by --NVIDIA. Customer shall not use SOFTWARE in conjunction with, nor cause --SOFTWARE to be executed by, any other microprocessor. -- --No Translation. Customer shall not translate SOFTWARE, nor cause or permit --SOFTWARE to be translated, from the architecture or language in which it is --originally provided by NVIDIA, into any other architecture or language. -- --No Rental. Customer may not rent or lease the SOFTWARE to someone --else. -- --3. TERMINATION -- --This LICENSE will automatically terminate if Customer fails to --comply with any of the terms and conditions hereof. In such event, --Customer must destroy all copies of the SOFTWARE and all of its --component parts. -- --Defensive Suspension. If Customer commences or participates in any legal --proceeding against NVIDIA, then NVIDIA may, in its sole discretion, --suspend or terminate all license grants and any other rights provided --under this LICENSE during the pendency of such legal proceedings. -- --4. COPYRIGHT -- --All title and copyrights in and to the SOFTWARE (including but --not limited to all images, photographs, animations, video, audio, --music, text, and other information incorporated into the SOFTWARE), --the accompanying printed materials, and any copies of the SOFTWARE, --are owned by NVIDIA, or its suppliers. The SOFTWARE is protected --by copyright laws and international treaty provisions. Accordingly, --Customer is required to treat the SOFTWARE like any other copyrighted --material, except as otherwise allowed pursuant to this LICENSE --and that it may make one copy of the SOFTWARE solely for backup or --archive purposes. -- --5. APPLICABLE LAW -- --This agreement shall be deemed to have been made in, and shall be --construed pursuant to, the laws of the State of California. -- --6. DISCLAIMER OF WARRANTIES AND LIMITATION ON LIABILITY -- --6.1 No Warranties. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE --LAW, THE SOFTWARE IS PROVIDED "AS IS" AND NVIDIA AND ITS SUPPLIERS --DISCLAIM ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT --NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS --FOR A PARTICULAR PURPOSE. -- --6.2 No Liability for Consequential Damages. TO THE MAXIMUM --EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL NVIDIA OR --ITS SUPPLIERS BE LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT, OR --CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, --DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS --OF BUSINESS INFORMATION, OR ANY OTHER PECUNIARY LOSS) ARISING OUT --OF THE USE OF OR INABILITY TO USE THE SOFTWARE, EVEN IF NVIDIA HAS --BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. -- --7. MISCELLANEOUS -- --The United Nations Convention on Contracts for the International --Sale of Goods is specifically disclaimed. If any provision of this --LICENSE is inconsistent with, or cannot be fully enforced under, --the law, such provision will be construed as limited to the extent --necessary to be consistent with and fully enforceable under the law. --This agreement is the final, complete and exclusive agreement between --the parties relating to the subject matter hereof, and supersedes --all prior or contemporaneous understandings and agreements relating --to such subject matter, whether oral or written. Customer agrees --that it will not ship, transfer or export the SOFTWARE into any --country, or use the SOFTWARE in any manner, prohibited by the --United States Bureau of Export Administration or any export laws, --restrictions or regulations. This LICENSE may only be modified in --writing signed by an authorized officer of NVIDIA. -- -diff --git a/LICENSE.amdgpu b/LICENSE.amdgpu -deleted file mode 100644 -index 349e207..0000000 ---- a/LICENSE.amdgpu -+++ /dev/null -@@ -1,51 +0,0 @@ --Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved. -- --REDISTRIBUTION: Permission is hereby granted, free of any license fees, --to any person obtaining a copy of this microcode (the "Software"), to --install, reproduce, copy and distribute copies, in binary form only, of --the Software and to permit persons to whom the Software is provided to --do the same, provided that the following conditions are met: -- --No reverse engineering, decompilation, or disassembly of this Software --is permitted. -- --Redistributions must reproduce the above copyright notice, this --permission notice, and the following disclaimers and notices in the --Software documentation and/or other materials provided with the --Software. -- --DISCLAIMER: THE USE OF THE SOFTWARE IS AT YOUR SOLE RISK. THE SOFTWARE --IS PROVIDED "AS IS" AND WITHOUT WARRANTY OF ANY KIND AND COPYRIGHT --HOLDER AND ITS LICENSORS EXPRESSLY DISCLAIM ALL WARRANTIES, EXPRESS AND --IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF --MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. --COPYRIGHT HOLDER AND ITS LICENSORS DO NOT WARRANT THAT THE SOFTWARE WILL --MEET YOUR REQUIREMENTS, OR THAT THE OPERATION OF THE SOFTWARE WILL BE --UNINTERRUPTED OR ERROR-FREE. THE ENTIRE RISK ASSOCIATED WITH THE USE OF --THE SOFTWARE IS ASSUMED BY YOU. FURTHERMORE, COPYRIGHT HOLDER AND ITS --LICENSORS DO NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE --OR THE RESULTS OF THE USE OF THE SOFTWARE IN TERMS OF ITS CORRECTNESS, --ACCURACY, RELIABILITY, CURRENTNESS, OR OTHERWISE. -- --DISCLAIMER: UNDER NO CIRCUMSTANCES INCLUDING NEGLIGENCE, SHALL COPYRIGHT --HOLDER AND ITS LICENSORS OR ITS DIRECTORS, OFFICERS, EMPLOYEES OR AGENTS --("AUTHORIZED REPRESENTATIVES") BE LIABLE FOR ANY INCIDENTAL, INDIRECT, --SPECIAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS --PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, AND THE --LIKE) ARISING OUT OF THE USE, MISUSE OR INABILITY TO USE THE SOFTWARE, --BREACH OR DEFAULT, INCLUDING THOSE ARISING FROM INFRINGEMENT OR ALLEGED --INFRINGEMENT OF ANY PATENT, TRADEMARK, COPYRIGHT OR OTHER INTELLECTUAL --PROPERTY RIGHT EVEN IF COPYRIGHT HOLDER AND ITS AUTHORIZED --REPRESENTATIVES HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN --NO EVENT SHALL COPYRIGHT HOLDER OR ITS AUTHORIZED REPRESENTATIVES TOTAL --LIABILITY FOR ALL DAMAGES, LOSSES, AND CAUSES OF ACTION (WHETHER IN --CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE) EXCEED THE AMOUNT OF --US$10. -- --Notice: The Software is subject to United States export laws and --regulations. You agree to comply with all domestic and international --export laws and regulations that apply to the Software, including but --not limited to the Export Administration Regulations administered by the --U.S. Department of Commerce and International Traffic in Arm Regulations --administered by the U.S. Department of State. These laws include --restrictions on destinations, end users and end use. -diff --git a/LICENSE.qcom b/LICENSE.qcom -deleted file mode 100644 -index faacf9c..0000000 ---- a/LICENSE.qcom -+++ /dev/null -@@ -1,206 +0,0 @@ --PLEASE READ THIS LICENSE AGREEMENT ("AGREEMENT") CAREFULLY. THIS AGREEMENT IS --A BINDING LEGAL AGREEMENT ENTERED INTO BY AND BETWEEN YOU (OR IF YOU ARE --ENTERING INTO THIS AGREEMENT ON BEHALF OF AN ENTITY, THEN THE ENTITY THAT YOU --REPRESENT) AND QUALCOMM TECHNOLOGIES, INC. ("QTI" "WE" "OUR" OR "US"). THIS IS --THE AGREEMENT THAT APPLIES TO YOUR USE OF THE DESIGNATED AND/OR LINKED --APPLICATIONS, THE ENCLOSED QUALCOMM TECHNOLOGIES' MATERIALS, INCLUDING RELATED --DOCUMENTATION AND ANY UPDATES OR IMPROVEMENTS THEREOF --(COLLECTIVELY, "MATERIALS"). BY USING OR COMPLETING THE INSTALLATION OF THE --MATERIALS, YOU ARE ACCEPTING THIS AGREEMENT AND YOU AGREE TO BE BOUND BY ITS --TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO THESE TERMS, QTI IS UNWILLING TO --AND DOES NOT LICENSE THE MATERIALS TO YOU. IF YOU DO NOT AGREE TO THESE TERMS --YOU MUST DISCONTINUE THE INSTALLATION PROCESS AND YOU MAY NOT USE THE MATERIALS --OR RETAIN ANY COPIES OF THE MATERIALS. ANY USE OR POSSESSION OF THE MATERIALS --BY YOU IS SUBJECT TO THE TERMS AND CONDITIONS SET FORTH IN THIS AGREEMENT. -- --1. RIGHT TO USE DELIVERABLES; RESTRICTIONS. -- -- 1.1 License. Subject to the terms and conditions of this Agreement, -- including, without limitation, the restrictions, conditions, limitations and -- exclusions set forth in this Agreement, QTI hereby grants to you a -- nonexclusive, limited license under QTI's copyrights to: (i) install and use -- the Materials; and (ii) to reproduce and redistribute the binary code portions -- of the Materials (the "Redistributable Binary Code"). You may make and use a -- reasonable number of copies of any documentation. -- -- 1.2 Redistribution Restrictions. Distribution of the Redistributable Binary -- Code is subject to the following restrictions: (i) Redistributable Binary Code -- may only be distributed in binary format and may not be distributed in source -- code format:; (ii) the Redistributable Binary Code may only operate in -- conjunction with platforms incorporating Qualcomm Technologies, Inc. chipsets; -- (iii) redistribution of the Redistributable Binary Code must include the .txt -- file setting forth the terms and condition of this Agreement; (iv) you may not -- use Qualcomm Technologies' or its affiliates or subsidiaries name, logo or -- trademarks; and (v) copyright, trademark, patent and any other notices that -- appear on the Materials may not be removed or obscured. -- -- 1.3 Additional Restrictions. Except as expressly permitted by this Agreement, -- you shall have no right to sublicense, transfer or otherwise disclose the -- Materials to any third party. You shall not reverse engineer, reverse -- assemble, reverse translate, decompile or reduce to source code form any -- portion of the Materials provided in object code form or executable form. -- Except for the purposes expressly permitted in this Agreement, You shall not -- use the Materials for any other purpose. QTI (or its licensors) shall retain -- title and all ownership rights in and to the Materials and any alterations, -- modifications (including all derivative works), translations or adaptations -- made of the Materials, and all copies thereof, and nothing herein shall be -- deemed to grant any right to You under any of QTI's or its affiliates' -- patents. You shall not subject the Materials to any third party license -- terms (e.g., open source license terms). You shall not use the Materials for -- the purpose of identifying or providing evidence to support any potential -- patent infringement claim against QTI, its affiliates, or any of QTI's or -- QTI's affiliates' suppliers and/or direct or indirect customers. QTI hereby -- reserves all rights not expressly granted herein. -- -- 1.4 Third Party Software and Materials. The Software may contain or link to -- certain software and/or materials that are written or owned by third parties. -- Such third party code and materials may be licensed under separate or -- different terms and conditions and are not licensed to you under the terms of -- this Agreement. You agree to comply with all terms and conditions imposed on -- you in the applicable third party licenses. Such terms and conditions may -- impose certain obligations on you as a condition to the permitted use of such -- third party code and materials. QTI does not represent or warrant that such -- third party licensors have or will continue to license or make available their -- code and materials to you. -- -- 1.5 Feedback. QTI may from time to time receive suggestions, feedback or -- other information from You regarding the Materials. Any suggestions, feedback -- or other disclosures received from You are and shall be entirely voluntary on -- the part of You. Notwithstanding any other term in this Agreement, QTI shall -- be free to use suggestions, feedback or other information received from You, -- without obligation of any kind to You. The Parties agree that all inventions, -- product improvements, and modifications conceived of or made by QTI that are -- based, either in whole or in part, on ideas, feedback, suggestions, or -- recommended improvements received from You are the exclusive property of QTI, -- and all right, title and interest in and to any such inventions, product -- improvements, and modifications will vest solely in QTI. -- -- 1.6 No Technical Support. QTI is under no obligation to provide any form of -- technical support for the Materials, and if QTI, in its sole discretion, -- chooses to provide any form of support or information relating to the -- Materials, such support and information shall be deemed confidential and -- proprietary to QTI. -- --2. WARRANTY DISCLAIMER. YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT THE USE OF --THE MATERIALS IS AT YOUR SOLE RISK. THE MATERIALS AND TECHNICAL SUPPORT, IF --ANY, ARE PROVIDED "AS IS" AND WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR --IMPLIED. QTI ITS LICENSORS AND AFFILIATES MAKE NO WARRANTIES, EXPRESS OR --IMPLIED, WITH RESPECT TO THE MATERIALS OR ANY OTHER INFORMATION OR DOCUMENTATION --PROVIDED UNDER THIS AGREEMENT, INCLUDING BUT NOT LIMITED TO ANY WARRANTY OF --MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR AGAINST INFRINGEMENT, OR --ANY EXPRESS OR IMPLIED WARRANTY ARISING OUT OF TRADE USAGE OR OUT OF A COURSE OF --DEALING OR COURSE OF PERFORMANCE. NOTHING CONTAINED IN THIS AGREEMENT SHALL BE --CONSTRUED AS (I) A WARRANTY OR REPRESENTATION BY QTI, ITS LICENSORS OR --AFFILIATES AS TO THE VALIDITY OR SCOPE OF ANY PATENT, COPYRIGHT OR OTHER --INTELLECTUAL PROPERTY RIGHT OR (II) A WARRANTY OR REPRESENTATION BY QTI THAT ANY --MANUFACTURE OR USE WILL BE FREE FROM INFRINGEMENT OF PATENTS, COPYRIGHTS OR --OTHER INTELLECTUAL PROPERTY RIGHTS OF OTHERS, AND IT SHALL BE THE SOLE --RESPONSIBILITY OF YOU TO MAKE SUCH DETERMINATION AS IS NECESSARY WITH RESPECT TO --THE ACQUISITION OF LICENSES UNDER PATENTS AND OTHER INTELLECTUAL PROPERTY OF --THIRD PARTIES. -- --3. NO OTHER LICENSES OR INTELLECTUAL PROPERTY RIGHTS. Neither this Agreement, --nor any act by QTI or any of its affiliates pursuant to this Agreement or --relating to the Materials (including, without limitation, the provision by QTI --or its affiliates of the Materials), shall provide to You any license or any --other rights whatsoever under any patents, trademarks, trade secrets, copyrights --or any other intellectual property of QTI or any of its affiliates, except for --the copyright rights expressly licensed under this Agreement. You understand and --agree that: -- -- (i) Neither this Agreement, nor delivery of the Materials, grants any right to -- practice, or any other right at all with respect to, any patent of QTI or any -- of its affiliates; and -- -- (ii) A separate license agreement from QUALCOMM Incorporated is needed to use -- or practice any patent of QUALCOMM Incorporated. You agree not to contend in -- any context that, as a result of the provision or use of the Materials, either -- QTI or any of its affiliates has any obligation to extend, or You or any other -- party has obtained any right to, any license, whether express or implied, with -- respect to any patent of QTI or any of its affiliates for any purpose. -- --4. TERMINATION. This Agreement shall be effective upon acceptance, or access or --use of the Materials (whichever occurs first) by You and shall continue until --terminated. You may terminate the Agreement at any time by deleting and --destroying all copies of the Materials and all related information in Your --possession or control. This Agreement terminates immediately and automatically, --with or without notice, if You fail to comply with any provision hereof. --Additionally, QTI may at any time terminate this Agreement, without cause, upon --notice to You. Upon termination You must, to the extent possible, delete or --destroy all copies of the Materials in Your possession and the license granted --to You in this Agreement shall terminate. Sections 1.2 through 10 shall survive --the termination of this Agreement. In the event that any restrictions, --conditions, limitations are found to be either invalid or unenforceable, the --rights granted to You in Section 1 (License) shall be null, void and ineffective --from the Effective Date, and QTI shall also have the right to terminate this --Agreement immediately, and with retroactive effect to the effective date. -- --5. LIMITATION OF LIABILITY. IN NO EVENT SHALL QTI, QTI's AFFILIATES OR ITS --LICENSORS BE LIABLE TO YOU FOR ANY INCIDENTAL, CONSEQUENTIAL OR SPECIAL DAMAGES, --INCLUDING BUT NOT LIMITED TO ANY LOST PROFITS, LOST SAVINGS, OR OTHER INCIDENTAL --DAMAGES, ARISING OUT OF THE USE OR INABILITY TO USE, OR THE DELIVERY OR FAILURE --TO DELIVER, ANY OF THE DELIVERABLES, OR ANY BREACH OF ANY OBLIGATION UNDER THIS --AGREEMENT, EVEN IF QTI HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. --THE FOREGOING LIMITATION OF LIABILITY SHALL REMAIN IN FULL FORCE AND EFFECT --REGARDLESS OF WHETHER YOUR REMEDIES HEREUNDER ARE DETERMINED TO HAVE FAILED OF --THEIR ESSENTIAL PURPOSE. THE ENTIRE LIABILITY OF QTI, QTI's AFFILIATES AND ITS --LICENSORS, AND THE SOLE AND EXCLUSIVE REMEDY OF YOU, FOR ANY CLAIM OR CAUSE OF --ACTION ARISING HEREUNDER (WHETHER IN CONTRACT, TORT, OR OTHERWISE) SHALL NOT --EXCEED US$50. -- --6. INDEMNIFICATION. You agree to indemnify and hold harmless QTI and its --officers, directors, employees and successors and assigns against any and all --third party claims, demands, causes of action, losses, liabilities, damages, --costs and expenses, incurred by QTI (including but not limited to costs of --defense, investigation and reasonable attorney's fees) arising out of, resulting --from or related to: (i) any breach of this Agreement by You; and (ii) your acts, --omissions, products and services. If requested by QTI, You agree to defend QTI --in connection with any third party claims, demands, or causes of action --resulting from, arising out of or in connection with any of the foregoing. -- --7. ASSIGNMENT. You shall not assign this Agreement or any right or interest --under this Agreement, nor delegate any obligation to be performed under this --Agreement, without QTI's prior written consent. For purposes of this Section 7, --an "assignment" by You under this Section shall be deemed to include, without --limitation, any merger, consolidation, sale of all or substantially all of its --assets, or any substantial change in the management or control of You. --Any attempted assignment in contravention of this Section 9 shall be void. --QTI may freely assign this Agreement or delegate any or all of its rights and --obligations hereunder to any third party. -- --8. COMPLIANCE WITH LAWS; APPLICABLE LAW. You agree to comply with all --applicable local, international and national laws and regulations and with U.S. --Export Administration Regulations, as they apply to the subject matter of this --Agreement. This Agreement is governed by the laws of the State of California, --excluding California's choice of law rules. -- --9. CONTRACTING PARTIES. If the Materials are downloaded on any computer owned --by a corporation or other legal entity, then this Agreement is formed by and --between QTI and such entity. The individual accepting the terms of this --Agreement represents and warrants to QTI that they have the authority to bind --such entity to the terms and conditions of this Agreement. -- --10. MISCELLANEOUS PROVISIONS. This Agreement, together with all exhibits --attached hereto, which are incorporated herein by this reference, constitutes --the entire agreement between QTI and You and supersedes all prior negotiations, --representations and agreements between the parties with respect to the subject --matter hereof. No addition or modification of this Agreement shall be effective --unless made in writing and signed by the respective representatives of QTI and --You. The restrictions, limitations, exclusions and conditions set forth in this --Agreement shall apply even if QTI or any of its affiliates becomes aware of or --fails to act in a manner to address any violation or failure to comply --therewith. You hereby acknowledge and agree that the restrictions, limitations, --conditions and exclusions imposed in this Agreement on the rights granted in --this Agreement are not a derogation of the benefits of such rights. You further --acknowledges that, in the absence of such restrictions, limitations, conditions --and exclusions, QTI would not have entered into this Agreement with You. Each --party shall be responsible for and shall bear its own expenses in connection --with this Agreement. If any of the provisions of this Agreement are determined --to be invalid, illegal, or otherwise unenforceable, the remaining provisions --shall remain in full force and effect. This Agreement is entered into solely --in the English language, and if for any reason any other language version is --prepared by any party, it shall be solely for convenience and the English --version shall govern and control all aspects. If You are located in the --province of Quebec, Canada, the following applies: The Parties hereby confirm --they have requested this Agreement and all related documents be prepared --in English. -diff --git a/LICENSE.qcom_yamato b/LICENSE.qcom_yamato -deleted file mode 100644 -index 1fd702b..0000000 ---- a/LICENSE.qcom_yamato -+++ /dev/null -@@ -1,25 +0,0 @@ --Copyright (c) 2008-2011, QUALCOMM Incorporated. All rights reserved. -- --Redistribution and use in source and binary forms, with or without --modification, are permitted provided that the following conditions are met: -- * Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- * Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- * Neither the name of QUALCOMM Incorporated nor -- the names of its contributors may be used to endorse or promote -- products derived from this software without specific prior written -- permission. -- --THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" --AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE --IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE --ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE --LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR --CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF --SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS --INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN --CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) --ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE --POSSIBILITY OF SUCH DAMAGE. -diff --git a/LICENSE.radeon b/LICENSE.radeon -deleted file mode 100644 -index b05e714..0000000 ---- a/LICENSE.radeon -+++ /dev/null -@@ -1,51 +0,0 @@ --Copyright (C) 2009-2017 Advanced Micro Devices, Inc. All rights reserved. -- --REDISTRIBUTION: Permission is hereby granted, free of any license fees, --to any person obtaining a copy of this microcode (the "Software"), to --install, reproduce, copy and distribute copies, in binary form only, of --the Software and to permit persons to whom the Software is provided to --do the same, provided that the following conditions are met: -- --No reverse engineering, decompilation, or disassembly of this Software --is permitted. -- --Redistributions must reproduce the above copyright notice, this --permission notice, and the following disclaimers and notices in the --Software documentation and/or other materials provided with the --Software. -- --DISCLAIMER: THE USE OF THE SOFTWARE IS AT YOUR SOLE RISK. THE SOFTWARE --IS PROVIDED "AS IS" AND WITHOUT WARRANTY OF ANY KIND AND COPYRIGHT --HOLDER AND ITS LICENSORS EXPRESSLY DISCLAIM ALL WARRANTIES, EXPRESS AND --IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF --MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. --COPYRIGHT HOLDER AND ITS LICENSORS DO NOT WARRANT THAT THE SOFTWARE WILL --MEET YOUR REQUIREMENTS, OR THAT THE OPERATION OF THE SOFTWARE WILL BE --UNINTERRUPTED OR ERROR-FREE. THE ENTIRE RISK ASSOCIATED WITH THE USE OF --THE SOFTWARE IS ASSUMED BY YOU. FURTHERMORE, COPYRIGHT HOLDER AND ITS --LICENSORS DO NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE --OR THE RESULTS OF THE USE OF THE SOFTWARE IN TERMS OF ITS CORRECTNESS, --ACCURACY, RELIABILITY, CURRENTNESS, OR OTHERWISE. -- --DISCLAIMER: UNDER NO CIRCUMSTANCES INCLUDING NEGLIGENCE, SHALL COPYRIGHT --HOLDER AND ITS LICENSORS OR ITS DIRECTORS, OFFICERS, EMPLOYEES OR AGENTS --("AUTHORIZED REPRESENTATIVES") BE LIABLE FOR ANY INCIDENTAL, INDIRECT, --SPECIAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS --PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, AND THE --LIKE) ARISING OUT OF THE USE, MISUSE OR INABILITY TO USE THE SOFTWARE, --BREACH OR DEFAULT, INCLUDING THOSE ARISING FROM INFRINGEMENT OR ALLEGED --INFRINGEMENT OF ANY PATENT, TRADEMARK, COPYRIGHT OR OTHER INTELLECTUAL --PROPERTY RIGHT EVEN IF COPYRIGHT HOLDER AND ITS AUTHORIZED --REPRESENTATIVES HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN --NO EVENT SHALL COPYRIGHT HOLDER OR ITS AUTHORIZED REPRESENTATIVES TOTAL --LIABILITY FOR ALL DAMAGES, LOSSES, AND CAUSES OF ACTION (WHETHER IN --CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE) EXCEED THE AMOUNT OF --US$10. -- --Notice: The Software is subject to United States export laws and --regulations. You agree to comply with all domestic and international --export laws and regulations that apply to the Software, including but --not limited to the Export Administration Regulations administered by the --U.S. Department of Commerce and International Traffic in Arm Regulations --administered by the U.S. Department of State. These laws include --restrictions on destinations, end users and end use. -diff --git a/WHENCE b/WHENCE -index 58e9ca1..3bb6523 100644 ---- a/WHENCE -+++ b/WHENCE -@@ -123,904 +123,6 @@ Available from http://ldriver.qlogic.com/firmware/netxen_nic/new/ - - -------------------------------------------------------------------------- - --Driver: mga - Matrox G200/G400/G550 -- --File: matrox/g200_warp.fw --File: matrox/g400_warp.fw -- --Licence: -- --Copyright 1999 Matrox Graphics Inc. --All Rights Reserved. -- --Permission is hereby granted, free of charge, to any person obtaining a --copy of this software and associated documentation files (the "Software"), --to deal in the Software without restriction, including without limitation --the rights to use, copy, modify, merge, publish, distribute, sublicense, --and/or sell copies of the Software, and to permit persons to whom the --Software is furnished to do so, subject to the following conditions: -- --The above copyright notice and this permission notice shall be included --in all copies or substantial portions of the Software. -- --THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS --OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, --FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL --MATROX GRAPHICS INC., OR ANY OTHER CONTRIBUTORS BE LIABLE FOR ANY CLAIM, --DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR --OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE --OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: r128 - ATI Rage 128 -- --File: r128/r128_cce.bin -- --Licence: -- --Copyright 2000 Advanced Micro Devices, Inc. -- -- * Permission is hereby granted, free of charge, to any person obtaining a -- * copy of this software and associated documentation files (the "Software"), -- * to deal in the Software without restriction, including without limitation -- * the rights to use, copy, modify, merge, publish, distribute, sublicense, -- * and/or sell copies of the Software, and to permit persons to whom the -- * Software is furnished to do so, subject to the following conditions: -- * -- * The above copyright notice and this permission notice (including the next -- * paragraph) shall be included in all copies or substantial portions of the -- * Software. -- * -- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL -- * PRECISION INSIGHT AND/OR ITS SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR -- * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, -- * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -- * DEALINGS IN THE SOFTWARE. -- --Found in decimal form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: radeon - ATI Radeon -- --File: radeon/R100_cp.bin --File: radeon/R200_cp.bin --File: radeon/R300_cp.bin --File: radeon/R420_cp.bin --File: radeon/RS600_cp.bin --File: radeon/RS690_cp.bin --File: radeon/R520_cp.bin --File: radeon/R600_pfp.bin --File: radeon/R600_me.bin --File: radeon/RV610_pfp.bin --File: radeon/RV610_me.bin --File: radeon/RV630_pfp.bin --File: radeon/RV630_me.bin --File: radeon/RV620_pfp.bin --File: radeon/RV620_me.bin --File: radeon/RV635_pfp.bin --File: radeon/RV635_me.bin --File: radeon/RV670_pfp.bin --File: radeon/RV670_me.bin --File: radeon/RS780_pfp.bin --File: radeon/RS780_me.bin --File: radeon/RV770_pfp.bin --File: radeon/RV770_me.bin --File: radeon/RV730_pfp.bin --File: radeon/RV730_me.bin --File: radeon/RV710_pfp.bin --File: radeon/RV710_me.bin -- --Licence: -- -- * Copyright 2007-2009 Advanced Micro Devices, Inc. -- * All Rights Reserved. -- * -- * Permission is hereby granted, free of charge, to any person obtaining a -- * copy of this software and associated documentation files (the "Software"), -- * to deal in the Software without restriction, including without limitation -- * the rights to use, copy, modify, merge, publish, distribute, sublicense, -- * and/or sell copies of the Software, and to permit persons to whom the -- * Software is furnished to do so, subject to the following conditions: -- * -- * The above copyright notice and this permission notice (including the next -- * paragraph) shall be included in all copies or substantial portions of the -- * Software. -- * -- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL -- * IN NO EVENT SHALL THE COPYRIGHT OWNER(S) AND/OR ITS SUPPLIERS BE -- * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -- * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -- * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- --Driver: radeon - ATI Radeon -- --File: radeon/R600_rlc.bin --File: radeon/R600_uvd.bin --File: radeon/RS780_uvd.bin --File: radeon/R700_rlc.bin --File: radeon/RV710_uvd.bin --File: radeon/RV710_smc.bin --File: radeon/RV730_smc.bin --File: radeon/RV740_smc.bin --File: radeon/RV770_smc.bin --File: radeon/RV770_uvd.bin --File: radeon/CEDAR_me.bin --File: radeon/CEDAR_pfp.bin --File: radeon/CEDAR_rlc.bin --File: radeon/CEDAR_smc.bin --File: radeon/CYPRESS_me.bin --File: radeon/CYPRESS_pfp.bin --File: radeon/CYPRESS_rlc.bin --File: radeon/CYPRESS_uvd.bin --File: radeon/CYPRESS_smc.bin --File: radeon/JUNIPER_me.bin --File: radeon/JUNIPER_pfp.bin --File: radeon/JUNIPER_rlc.bin --File: radeon/JUNIPER_smc.bin --File: radeon/REDWOOD_me.bin --File: radeon/REDWOOD_pfp.bin --File: radeon/REDWOOD_rlc.bin --File: radeon/REDWOOD_smc.bin --File: radeon/PALM_me.bin --File: radeon/PALM_pfp.bin --File: radeon/SUMO_rlc.bin --File: radeon/SUMO_uvd.bin --File: radeon/BARTS_mc.bin --File: radeon/BARTS_me.bin --File: radeon/BARTS_pfp.bin --File: radeon/BARTS_smc.bin --File: radeon/BTC_rlc.bin --File: radeon/CAICOS_mc.bin --File: radeon/CAICOS_me.bin --File: radeon/CAICOS_pfp.bin --File: radeon/CAICOS_smc.bin --File: radeon/TURKS_mc.bin --File: radeon/TURKS_me.bin --File: radeon/TURKS_pfp.bin --File: radeon/TURKS_smc.bin --File: radeon/CAYMAN_mc.bin --File: radeon/CAYMAN_me.bin --File: radeon/CAYMAN_pfp.bin --File: radeon/CAYMAN_rlc.bin --File: radeon/CAYMAN_smc.bin --File: radeon/SUMO_pfp.bin --File: radeon/SUMO_me.bin --File: radeon/SUMO2_pfp.bin --File: radeon/SUMO2_me.bin --File: radeon/ARUBA_me.bin --File: radeon/ARUBA_pfp.bin --File: radeon/ARUBA_rlc.bin --File: radeon/PITCAIRN_ce.bin --File: radeon/PITCAIRN_mc.bin --File: radeon/PITCAIRN_mc2.bin --File: radeon/PITCAIRN_me.bin --File: radeon/PITCAIRN_pfp.bin --File: radeon/PITCAIRN_rlc.bin --File: radeon/PITCAIRN_smc.bin --File: radeon/TAHITI_ce.bin --File: radeon/TAHITI_mc.bin --File: radeon/TAHITI_mc2.bin --File: radeon/TAHITI_me.bin --File: radeon/TAHITI_pfp.bin --File: radeon/TAHITI_rlc.bin --File: radeon/TAHITI_uvd.bin --File: radeon/TAHITI_smc.bin --File: radeon/TAHITI_vce.bin --File: radeon/VERDE_ce.bin --File: radeon/VERDE_mc.bin --File: radeon/VERDE_mc2.bin --File: radeon/VERDE_me.bin --File: radeon/VERDE_pfp.bin --File: radeon/VERDE_rlc.bin --File: radeon/VERDE_smc.bin --File: radeon/OLAND_ce.bin --File: radeon/OLAND_mc.bin --File: radeon/OLAND_mc2.bin --File: radeon/OLAND_me.bin --File: radeon/OLAND_pfp.bin --File: radeon/OLAND_rlc.bin --File: radeon/OLAND_smc.bin --File: radeon/HAINAN_ce.bin --File: radeon/HAINAN_mc.bin --File: radeon/HAINAN_mc2.bin --File: radeon/HAINAN_me.bin --File: radeon/HAINAN_pfp.bin --File: radeon/HAINAN_rlc.bin --File: radeon/HAINAN_smc.bin --File: radeon/BONAIRE_ce.bin --File: radeon/BONAIRE_mc.bin --File: radeon/BONAIRE_mc2.bin --File: radeon/BONAIRE_me.bin --File: radeon/BONAIRE_mec.bin --File: radeon/BONAIRE_pfp.bin --File: radeon/BONAIRE_rlc.bin --File: radeon/BONAIRE_sdma.bin --File: radeon/BONAIRE_uvd.bin --File: radeon/BONAIRE_smc.bin --File: radeon/BONAIRE_vce.bin --File: radeon/KABINI_ce.bin --File: radeon/KABINI_me.bin --File: radeon/KABINI_mec.bin --File: radeon/KABINI_pfp.bin --File: radeon/KABINI_rlc.bin --File: radeon/KABINI_sdma.bin --File: radeon/KAVERI_ce.bin --File: radeon/KAVERI_me.bin --File: radeon/KAVERI_mec.bin --File: radeon/KAVERI_pfp.bin --File: radeon/KAVERI_rlc.bin --File: radeon/KAVERI_sdma.bin --File: radeon/HAWAII_ce.bin --File: radeon/HAWAII_mc.bin --File: radeon/HAWAII_mc2.bin --File: radeon/HAWAII_me.bin --File: radeon/HAWAII_mec.bin --File: radeon/HAWAII_pfp.bin --File: radeon/HAWAII_rlc.bin --File: radeon/HAWAII_sdma.bin --File: radeon/HAWAII_smc.bin --File: radeon/MULLINS_ce.bin --File: radeon/MULLINS_me.bin --File: radeon/MULLINS_mec.bin --File: radeon/MULLINS_pfp.bin --File: radeon/MULLINS_rlc.bin --File: radeon/MULLINS_sdma.bin --File: radeon/pitcairn_ce.bin --File: radeon/pitcairn_k_smc.bin --File: radeon/pitcairn_mc.bin --File: radeon/pitcairn_me.bin --File: radeon/pitcairn_pfp.bin --File: radeon/pitcairn_rlc.bin --File: radeon/pitcairn_smc.bin --File: radeon/tahiti_ce.bin --File: radeon/tahiti_k_smc.bin --File: radeon/tahiti_mc.bin --File: radeon/tahiti_me.bin --File: radeon/tahiti_pfp.bin --File: radeon/tahiti_rlc.bin --File: radeon/tahiti_smc.bin --File: radeon/verde_ce.bin --File: radeon/verde_k_smc.bin --File: radeon/verde_mc.bin --File: radeon/verde_me.bin --File: radeon/verde_pfp.bin --File: radeon/verde_rlc.bin --File: radeon/verde_smc.bin --File: radeon/oland_ce.bin --File: radeon/oland_k_smc.bin --File: radeon/oland_mc.bin --File: radeon/oland_me.bin --File: radeon/oland_pfp.bin --File: radeon/oland_rlc.bin --File: radeon/oland_smc.bin --File: radeon/hainan_ce.bin --File: radeon/hainan_k_smc.bin --File: radeon/hainan_mc.bin --File: radeon/hainan_me.bin --File: radeon/hainan_pfp.bin --File: radeon/hainan_rlc.bin --File: radeon/hainan_smc.bin --File: radeon/bonaire_ce.bin --File: radeon/bonaire_k_smc.bin --File: radeon/bonaire_mc.bin --File: radeon/bonaire_me.bin --File: radeon/bonaire_mec.bin --File: radeon/bonaire_pfp.bin --File: radeon/bonaire_rlc.bin --File: radeon/bonaire_sdma.bin --File: radeon/bonaire_sdma1.bin --File: radeon/bonaire_smc.bin --File: radeon/bonaire_uvd.bin --File: radeon/bonaire_vce.bin --File: radeon/kabini_ce.bin --File: radeon/kabini_me.bin --File: radeon/kabini_mec.bin --File: radeon/kabini_pfp.bin --File: radeon/kabini_rlc.bin --File: radeon/kabini_sdma.bin --File: radeon/kabini_sdma1.bin --File: radeon/kabini_uvd.bin --File: radeon/kabini_vce.bin --File: radeon/kaveri_ce.bin --File: radeon/kaveri_me.bin --File: radeon/kaveri_mec.bin --File: radeon/kaveri_mec2.bin --File: radeon/kaveri_pfp.bin --File: radeon/kaveri_rlc.bin --File: radeon/kaveri_sdma.bin --File: radeon/kaveri_sdma1.bin --File: radeon/kaveri_uvd.bin --File: radeon/kaveri_vce.bin --File: radeon/hawaii_ce.bin --File: radeon/hawaii_k_smc.bin --File: radeon/hawaii_mc.bin --File: radeon/hawaii_me.bin --File: radeon/hawaii_mec.bin --File: radeon/hawaii_pfp.bin --File: radeon/hawaii_rlc.bin --File: radeon/hawaii_sdma.bin --File: radeon/hawaii_sdma1.bin --File: radeon/hawaii_smc.bin --File: radeon/hawaii_uvd.bin --File: radeon/hawaii_vce.bin --File: radeon/mullins_ce.bin --File: radeon/mullins_me.bin --File: radeon/mullins_mec.bin --File: radeon/mullins_pfp.bin --File: radeon/mullins_rlc.bin --File: radeon/mullins_sdma.bin --File: radeon/mullins_sdma1.bin --File: radeon/mullins_uvd.bin --File: radeon/mullins_vce.bin --File: radeon/banks_k_2_smc.bin --File: radeon/si58_mc.bin -- --Licence: Redistributable. See LICENSE.radeon for details. -- ---------------------------------------------------------------------------- -- --Driver: amdgpu - AMD Radeon -- --File: amdgpu/tahiti_ce.bin --File: amdgpu/tahiti_k_smc.bin --File: amdgpu/tahiti_mc.bin --File: amdgpu/tahiti_me.bin --File: amdgpu/tahiti_pfp.bin --File: amdgpu/tahiti_rlc.bin --File: amdgpu/tahiti_smc.bin --File: amdgpu/tahiti_uvd.bin --File: amdgpu/pitcairn_ce.bin --File: amdgpu/pitcairn_k_smc.bin --File: amdgpu/pitcairn_mc.bin --File: amdgpu/pitcairn_me.bin --File: amdgpu/pitcairn_pfp.bin --File: amdgpu/pitcairn_rlc.bin --File: amdgpu/pitcairn_smc.bin --File: amdgpu/pitcairn_uvd.bin --File: amdgpu/verde_ce.bin --File: amdgpu/verde_k_smc.bin --File: amdgpu/verde_mc.bin --File: amdgpu/verde_me.bin --File: amdgpu/verde_pfp.bin --File: amdgpu/verde_rlc.bin --File: amdgpu/verde_smc.bin --File: amdgpu/verde_uvd.bin --File: amdgpu/hainan_ce.bin --File: amdgpu/hainan_k_smc.bin --File: amdgpu/hainan_mc.bin --File: amdgpu/hainan_me.bin --File: amdgpu/hainan_pfp.bin --File: amdgpu/hainan_rlc.bin --File: amdgpu/hainan_smc.bin --File: amdgpu/oland_ce.bin --File: amdgpu/oland_k_smc.bin --File: amdgpu/oland_mc.bin --File: amdgpu/oland_me.bin --File: amdgpu/oland_pfp.bin --File: amdgpu/oland_rlc.bin --File: amdgpu/oland_smc.bin --File: amdgpu/oland_uvd.bin --File: amdgpu/si58_mc.bin --File: amdgpu/banks_k_2_smc.bin --File: amdgpu/bonaire_ce.bin --File: amdgpu/bonaire_k_smc.bin --File: amdgpu/bonaire_mc.bin --File: amdgpu/bonaire_me.bin --File: amdgpu/bonaire_mec.bin --File: amdgpu/bonaire_pfp.bin --File: amdgpu/bonaire_rlc.bin --File: amdgpu/bonaire_sdma.bin --File: amdgpu/bonaire_sdma1.bin --File: amdgpu/bonaire_smc.bin --File: amdgpu/bonaire_uvd.bin --File: amdgpu/bonaire_vce.bin --File: amdgpu/hawaii_ce.bin --File: amdgpu/hawaii_k_smc.bin --File: amdgpu/hawaii_mc.bin --File: amdgpu/hawaii_me.bin --File: amdgpu/hawaii_mec.bin --File: amdgpu/hawaii_pfp.bin --File: amdgpu/hawaii_rlc.bin --File: amdgpu/hawaii_sdma.bin --File: amdgpu/hawaii_sdma1.bin --File: amdgpu/hawaii_smc.bin --File: amdgpu/hawaii_uvd.bin --File: amdgpu/hawaii_vce.bin --File: amdgpu/kabini_ce.bin --File: amdgpu/kabini_me.bin --File: amdgpu/kabini_mec.bin --File: amdgpu/kabini_pfp.bin --File: amdgpu/kabini_rlc.bin --File: amdgpu/kabini_sdma.bin --File: amdgpu/kabini_sdma1.bin --File: amdgpu/kabini_uvd.bin --File: amdgpu/kabini_vce.bin --File: amdgpu/mullins_ce.bin --File: amdgpu/mullins_me.bin --File: amdgpu/mullins_mec.bin --File: amdgpu/mullins_pfp.bin --File: amdgpu/mullins_rlc.bin --File: amdgpu/mullins_sdma.bin --File: amdgpu/mullins_sdma1.bin --File: amdgpu/mullins_uvd.bin --File: amdgpu/mullins_vce.bin --File: amdgpu/kaveri_ce.bin --File: amdgpu/kaveri_me.bin --File: amdgpu/kaveri_mec.bin --File: amdgpu/kaveri_mec2.bin --File: amdgpu/kaveri_pfp.bin --File: amdgpu/kaveri_rlc.bin --File: amdgpu/kaveri_sdma.bin --File: amdgpu/kaveri_sdma1.bin --File: amdgpu/kaveri_uvd.bin --File: amdgpu/kaveri_vce.bin --File: amdgpu/topaz_ce.bin --File: amdgpu/topaz_k_smc.bin --File: amdgpu/topaz_mc.bin --File: amdgpu/topaz_me.bin --File: amdgpu/topaz_mec2.bin --File: amdgpu/topaz_mec.bin --File: amdgpu/topaz_pfp.bin --File: amdgpu/topaz_rlc.bin --File: amdgpu/topaz_sdma1.bin --File: amdgpu/topaz_sdma.bin --File: amdgpu/topaz_smc.bin --File: amdgpu/tonga_ce.bin --File: amdgpu/tonga_k_smc.bin --File: amdgpu/tonga_mc.bin --File: amdgpu/tonga_me.bin --File: amdgpu/tonga_mec2.bin --File: amdgpu/tonga_mec.bin --File: amdgpu/tonga_pfp.bin --File: amdgpu/tonga_rlc.bin --File: amdgpu/tonga_sdma1.bin --File: amdgpu/tonga_sdma.bin --File: amdgpu/tonga_smc.bin --File: amdgpu/tonga_uvd.bin --File: amdgpu/tonga_vce.bin --File: amdgpu/carrizo_ce.bin --File: amdgpu/carrizo_me.bin --File: amdgpu/carrizo_mec2.bin --File: amdgpu/carrizo_mec.bin --File: amdgpu/carrizo_pfp.bin --File: amdgpu/carrizo_rlc.bin --File: amdgpu/carrizo_sdma1.bin --File: amdgpu/carrizo_sdma.bin --File: amdgpu/carrizo_uvd.bin --File: amdgpu/carrizo_vce.bin --File: amdgpu/fiji_ce.bin --File: amdgpu/fiji_mc.bin --File: amdgpu/fiji_me.bin --File: amdgpu/fiji_mec2.bin --File: amdgpu/fiji_mec.bin --File: amdgpu/fiji_pfp.bin --File: amdgpu/fiji_rlc.bin --File: amdgpu/fiji_sdma1.bin --File: amdgpu/fiji_sdma.bin --File: amdgpu/fiji_smc.bin --File: amdgpu/fiji_uvd.bin --File: amdgpu/fiji_vce.bin --File: amdgpu/stoney_ce.bin --File: amdgpu/stoney_me.bin --File: amdgpu/stoney_mec.bin --File: amdgpu/stoney_pfp.bin --File: amdgpu/stoney_rlc.bin --File: amdgpu/stoney_sdma.bin --File: amdgpu/stoney_uvd.bin --File: amdgpu/stoney_vce.bin --File: amdgpu/polaris10_ce.bin --File: amdgpu/polaris10_ce_2.bin --File: amdgpu/polaris10_mc.bin --File: amdgpu/polaris10_k_mc.bin --File: amdgpu/polaris10_me.bin --File: amdgpu/polaris10_me_2.bin --File: amdgpu/polaris10_mec2.bin --File: amdgpu/polaris10_mec2_2.bin --File: amdgpu/polaris10_mec.bin --File: amdgpu/polaris10_mec_2.bin --File: amdgpu/polaris10_pfp.bin --File: amdgpu/polaris10_pfp_2.bin --File: amdgpu/polaris10_rlc.bin --File: amdgpu/polaris10_sdma1.bin --File: amdgpu/polaris10_sdma.bin --File: amdgpu/polaris10_smc.bin --File: amdgpu/polaris10_k_smc.bin --File: amdgpu/polaris10_k2_smc.bin --File: amdgpu/polaris10_smc_sk.bin --File: amdgpu/polaris10_uvd.bin --File: amdgpu/polaris10_vce.bin --File: amdgpu/polaris11_ce.bin --File: amdgpu/polaris11_ce_2.bin --File: amdgpu/polaris11_mc.bin --File: amdgpu/polaris11_k_mc.bin --File: amdgpu/polaris11_me.bin --File: amdgpu/polaris11_me_2.bin --File: amdgpu/polaris11_mec2.bin --File: amdgpu/polaris11_mec2_2.bin --File: amdgpu/polaris11_mec.bin --File: amdgpu/polaris11_mec_2.bin --File: amdgpu/polaris11_pfp.bin --File: amdgpu/polaris11_pfp_2.bin --File: amdgpu/polaris11_rlc.bin --File: amdgpu/polaris11_sdma1.bin --File: amdgpu/polaris11_sdma.bin --File: amdgpu/polaris11_smc.bin --File: amdgpu/polaris11_k_smc.bin --File: amdgpu/polaris11_k2_smc.bin --File: amdgpu/polaris11_smc_sk.bin --File: amdgpu/polaris11_uvd.bin --File: amdgpu/polaris11_vce.bin --File: amdgpu/polaris12_ce.bin --File: amdgpu/polaris12_ce_2.bin --File: amdgpu/polaris12_mc.bin --File: amdgpu/polaris12_k_mc.bin --File: amdgpu/polaris12_32_mc.bin --File: amdgpu/polaris12_me.bin --File: amdgpu/polaris12_me_2.bin --File: amdgpu/polaris12_mec.bin --File: amdgpu/polaris12_mec_2.bin --File: amdgpu/polaris12_mec2.bin --File: amdgpu/polaris12_mec2_2.bin --File: amdgpu/polaris12_pfp.bin --File: amdgpu/polaris12_pfp_2.bin --File: amdgpu/polaris12_rlc.bin --File: amdgpu/polaris12_sdma.bin --File: amdgpu/polaris12_sdma1.bin --File: amdgpu/polaris12_smc.bin --File: amdgpu/polaris12_k_smc.bin --File: amdgpu/polaris12_uvd.bin --File: amdgpu/polaris12_vce.bin --File: amdgpu/vegam_ce.bin --File: amdgpu/vegam_me.bin --File: amdgpu/vegam_mec.bin --File: amdgpu/vegam_mec2.bin --File: amdgpu/vegam_pfp.bin --File: amdgpu/vegam_rlc.bin --File: amdgpu/vegam_sdma.bin --File: amdgpu/vegam_sdma1.bin --File: amdgpu/vegam_smc.bin --File: amdgpu/vegam_uvd.bin --File: amdgpu/vegam_vce.bin --File: amdgpu/vega10_acg_smc.bin --File: amdgpu/vega10_asd.bin --File: amdgpu/vega10_ce.bin --File: amdgpu/vega10_gpu_info.bin --File: amdgpu/vega10_me.bin --File: amdgpu/vega10_mec.bin --File: amdgpu/vega10_mec2.bin --File: amdgpu/vega10_pfp.bin --File: amdgpu/vega10_rlc.bin --File: amdgpu/vega10_sdma.bin --File: amdgpu/vega10_sdma1.bin --File: amdgpu/vega10_smc.bin --File: amdgpu/vega10_sos.bin --File: amdgpu/vega10_uvd.bin --File: amdgpu/vega10_vce.bin --File: amdgpu/vega12_asd.bin --File: amdgpu/vega12_ce.bin --File: amdgpu/vega12_gpu_info.bin --File: amdgpu/vega12_me.bin --File: amdgpu/vega12_mec.bin --File: amdgpu/vega12_mec2.bin --File: amdgpu/vega12_pfp.bin --File: amdgpu/vega12_rlc.bin --File: amdgpu/vega12_sdma.bin --File: amdgpu/vega12_sdma1.bin --File: amdgpu/vega12_smc.bin --File: amdgpu/vega12_sos.bin --File: amdgpu/vega12_uvd.bin --File: amdgpu/vega12_vce.bin --File: amdgpu/vega20_asd.bin --File: amdgpu/vega20_ce.bin --File: amdgpu/vega20_me.bin --File: amdgpu/vega20_mec.bin --File: amdgpu/vega20_mec2.bin --File: amdgpu/vega20_pfp.bin --File: amdgpu/vega20_rlc.bin --File: amdgpu/vega20_sdma.bin --File: amdgpu/vega20_sdma1.bin --File: amdgpu/vega20_smc.bin --File: amdgpu/vega20_sos.bin --File: amdgpu/vega20_uvd.bin --File: amdgpu/vega20_vce.bin --File: amdgpu/vega20_ta.bin --File: amdgpu/raven_asd.bin --File: amdgpu/raven_ce.bin --File: amdgpu/raven_gpu_info.bin --File: amdgpu/raven_me.bin --File: amdgpu/raven_mec.bin --File: amdgpu/raven_mec2.bin --File: amdgpu/raven_pfp.bin --File: amdgpu/raven_rlc.bin --File: amdgpu/raven_sdma.bin --File: amdgpu/raven_vcn.bin --File: amdgpu/raven_dmcu.bin --File: amdgpu/raven_kicker_rlc.bin --File: amdgpu/raven_ta.bin --File: amdgpu/picasso_asd.bin --File: amdgpu/picasso_ce.bin --File: amdgpu/picasso_gpu_info.bin --File: amdgpu/picasso_me.bin --File: amdgpu/picasso_mec.bin --File: amdgpu/picasso_mec2.bin --File: amdgpu/picasso_pfp.bin --File: amdgpu/picasso_rlc.bin --File: amdgpu/picasso_rlc_am4.bin --File: amdgpu/picasso_sdma.bin --File: amdgpu/picasso_vcn.bin --File: amdgpu/picasso_ta.bin --File: amdgpu/raven2_asd.bin --File: amdgpu/raven2_ce.bin --File: amdgpu/raven2_gpu_info.bin --File: amdgpu/raven2_me.bin --File: amdgpu/raven2_mec.bin --File: amdgpu/raven2_mec2.bin --File: amdgpu/raven2_pfp.bin --File: amdgpu/raven2_rlc.bin --File: amdgpu/raven2_sdma.bin --File: amdgpu/raven2_vcn.bin --File: amdgpu/raven2_ta.bin --File: amdgpu/navi10_asd.bin --File: amdgpu/navi10_ce.bin --File: amdgpu/navi10_gpu_info.bin --File: amdgpu/navi10_me.bin --File: amdgpu/navi10_mec.bin --File: amdgpu/navi10_mec2.bin --File: amdgpu/navi10_pfp.bin --File: amdgpu/navi10_rlc.bin --File: amdgpu/navi10_sdma.bin --File: amdgpu/navi10_sdma1.bin --File: amdgpu/navi10_smc.bin --File: amdgpu/navi10_sos.bin --File: amdgpu/navi10_vcn.bin --File: amdgpu/navi10_ta.bin --File: amdgpu/navi14_asd.bin --File: amdgpu/navi14_ce.bin --File: amdgpu/navi14_ce_wks.bin --File: amdgpu/navi14_gpu_info.bin --File: amdgpu/navi14_me.bin --File: amdgpu/navi14_me_wks.bin --File: amdgpu/navi14_mec.bin --File: amdgpu/navi14_mec_wks.bin --File: amdgpu/navi14_mec2.bin --File: amdgpu/navi14_mec2_wks.bin --File: amdgpu/navi14_pfp.bin --File: amdgpu/navi14_pfp_wks.bin --File: amdgpu/navi14_rlc.bin --File: amdgpu/navi14_sdma.bin --File: amdgpu/navi14_sdma1.bin --File: amdgpu/navi14_smc.bin --File: amdgpu/navi14_sos.bin --File: amdgpu/navi14_vcn.bin --File: amdgpu/navi14_ta.bin --File: amdgpu/navi12_asd.bin --File: amdgpu/navi12_ce.bin --File: amdgpu/navi12_dmcu.bin --File: amdgpu/navi12_gpu_info.bin --File: amdgpu/navi12_me.bin --File: amdgpu/navi12_mec.bin --File: amdgpu/navi12_mec2.bin --File: amdgpu/navi12_pfp.bin --File: amdgpu/navi12_rlc.bin --File: amdgpu/navi12_sdma.bin --File: amdgpu/navi12_sdma1.bin --File: amdgpu/navi12_smc.bin --File: amdgpu/navi12_sos.bin --File: amdgpu/navi12_vcn.bin --File: amdgpu/navi12_ta.bin --File: amdgpu/renoir_asd.bin --File: amdgpu/renoir_ce.bin --File: amdgpu/renoir_gpu_info.bin --File: amdgpu/renoir_me.bin --File: amdgpu/renoir_mec.bin --File: amdgpu/renoir_mec2.bin --File: amdgpu/renoir_pfp.bin --File: amdgpu/renoir_rlc.bin --File: amdgpu/renoir_sdma.bin --File: amdgpu/renoir_vcn.bin --File: amdgpu/renoir_dmcub.bin --File: amdgpu/renoir_ta.bin --File: amdgpu/sienna_cichlid_ce.bin --File: amdgpu/sienna_cichlid_dmcub.bin --File: amdgpu/sienna_cichlid_me.bin --File: amdgpu/sienna_cichlid_mec.bin --File: amdgpu/sienna_cichlid_mec2.bin --File: amdgpu/sienna_cichlid_pfp.bin --File: amdgpu/sienna_cichlid_rlc.bin --File: amdgpu/sienna_cichlid_sdma.bin --File: amdgpu/sienna_cichlid_smc.bin --File: amdgpu/sienna_cichlid_sos.bin --File: amdgpu/sienna_cichlid_ta.bin --File: amdgpu/sienna_cichlid_vcn.bin --File: amdgpu/green_sardine_asd.bin --File: amdgpu/green_sardine_ce.bin --File: amdgpu/green_sardine_dmcub.bin --File: amdgpu/green_sardine_me.bin --File: amdgpu/green_sardine_mec2.bin --File: amdgpu/green_sardine_mec.bin --File: amdgpu/green_sardine_pfp.bin --File: amdgpu/green_sardine_rlc.bin --File: amdgpu/green_sardine_sdma.bin --File: amdgpu/green_sardine_ta.bin --File: amdgpu/green_sardine_vcn.bin --File: amdgpu/navy_flounder_ce.bin --File: amdgpu/navy_flounder_dmcub.bin --File: amdgpu/navy_flounder_me.bin --File: amdgpu/navy_flounder_mec.bin --File: amdgpu/navy_flounder_mec2.bin --File: amdgpu/navy_flounder_pfp.bin --File: amdgpu/navy_flounder_rlc.bin --File: amdgpu/navy_flounder_sdma.bin --File: amdgpu/navy_flounder_smc.bin --File: amdgpu/navy_flounder_sos.bin --File: amdgpu/navy_flounder_ta.bin --File: amdgpu/navy_flounder_vcn.bin --File: amdgpu/arcturus_asd.bin --File: amdgpu/arcturus_gpu_info.bin --File: amdgpu/arcturus_mec2.bin --File: amdgpu/arcturus_mec.bin --File: amdgpu/arcturus_rlc.bin --File: amdgpu/arcturus_sdma.bin --File: amdgpu/arcturus_smc.bin --File: amdgpu/arcturus_sos.bin --File: amdgpu/arcturus_ta.bin --File: amdgpu/arcturus_vcn.bin --File: amdgpu/dimgrey_cavefish_ce.bin --File: amdgpu/dimgrey_cavefish_dmcub.bin --File: amdgpu/dimgrey_cavefish_me.bin --File: amdgpu/dimgrey_cavefish_mec.bin --File: amdgpu/dimgrey_cavefish_mec2.bin --File: amdgpu/dimgrey_cavefish_pfp.bin --File: amdgpu/dimgrey_cavefish_rlc.bin --File: amdgpu/dimgrey_cavefish_sdma.bin --File: amdgpu/dimgrey_cavefish_smc.bin --File: amdgpu/dimgrey_cavefish_sos.bin --File: amdgpu/dimgrey_cavefish_ta.bin --File: amdgpu/dimgrey_cavefish_vcn.bin --File: amdgpu/vangogh_asd.bin --File: amdgpu/vangogh_ce.bin --File: amdgpu/vangogh_dmcub.bin --File: amdgpu/vangogh_me.bin --File: amdgpu/vangogh_mec2.bin --File: amdgpu/vangogh_mec.bin --File: amdgpu/vangogh_pfp.bin --File: amdgpu/vangogh_rlc.bin --File: amdgpu/vangogh_sdma.bin --File: amdgpu/vangogh_toc.bin --File: amdgpu/vangogh_vcn.bin --File: amdgpu/yellow_carp_asd.bin --File: amdgpu/yellow_carp_ce.bin --File: amdgpu/yellow_carp_dmcub.bin --File: amdgpu/yellow_carp_me.bin --File: amdgpu/yellow_carp_mec.bin --File: amdgpu/yellow_carp_mec2.bin --File: amdgpu/yellow_carp_pfp.bin --File: amdgpu/yellow_carp_rlc.bin --File: amdgpu/yellow_carp_sdma.bin --File: amdgpu/yellow_carp_ta.bin --File: amdgpu/yellow_carp_toc.bin --File: amdgpu/yellow_carp_vcn.bin --File: amdgpu/beige_goby_ce.bin --File: amdgpu/beige_goby_dmcub.bin --File: amdgpu/beige_goby_me.bin --File: amdgpu/beige_goby_mec.bin --File: amdgpu/beige_goby_mec2.bin --File: amdgpu/beige_goby_pfp.bin --File: amdgpu/beige_goby_rlc.bin --File: amdgpu/beige_goby_sdma.bin --File: amdgpu/beige_goby_smc.bin --File: amdgpu/beige_goby_sos.bin --File: amdgpu/beige_goby_ta.bin --File: amdgpu/beige_goby_vcn.bin --File: amdgpu/cyan_skillfish2_ce.bin --File: amdgpu/cyan_skillfish2_me.bin --File: amdgpu/cyan_skillfish2_mec.bin --File: amdgpu/cyan_skillfish2_mec2.bin --File: amdgpu/cyan_skillfish2_pfp.bin --File: amdgpu/cyan_skillfish2_rlc.bin --File: amdgpu/cyan_skillfish2_sdma.bin --File: amdgpu/cyan_skillfish2_sdma1.bin --File: amdgpu/aldebaran_mec2.bin --File: amdgpu/aldebaran_mec.bin --File: amdgpu/aldebaran_rlc.bin --File: amdgpu/aldebaran_sdma.bin --File: amdgpu/aldebaran_sjt_mec2.bin --File: amdgpu/aldebaran_sjt_mec.bin --File: amdgpu/aldebaran_smc.bin --File: amdgpu/aldebaran_sos.bin --File: amdgpu/aldebaran_ta.bin --File: amdgpu/aldebaran_vcn.bin --File: amdgpu/gc_10_3_6_ce.bin --File: amdgpu/gc_10_3_6_me.bin --File: amdgpu/gc_10_3_6_mec.bin --File: amdgpu/gc_10_3_6_mec2.bin --File: amdgpu/gc_10_3_6_pfp.bin --File: amdgpu/gc_10_3_6_rlc.bin --File: amdgpu/gc_10_3_7_ce.bin --File: amdgpu/gc_10_3_7_me.bin --File: amdgpu/gc_10_3_7_mec.bin --File: amdgpu/gc_10_3_7_mec2.bin --File: amdgpu/gc_10_3_7_pfp.bin --File: amdgpu/gc_10_3_7_rlc.bin --File: amdgpu/gc_11_0_0_imu.bin --File: amdgpu/gc_11_0_0_me.bin --File: amdgpu/gc_11_0_0_mec.bin --File: amdgpu/gc_11_0_0_mes1.bin --File: amdgpu/gc_11_0_0_mes.bin --File: amdgpu/gc_11_0_0_mes_2.bin --File: amdgpu/gc_11_0_0_pfp.bin --File: amdgpu/gc_11_0_0_rlc.bin --File: amdgpu/gc_11_0_1_imu.bin --File: amdgpu/gc_11_0_1_me.bin --File: amdgpu/gc_11_0_1_mec.bin --File: amdgpu/gc_11_0_1_mes.bin --File: amdgpu/gc_11_0_1_mes1.bin --File: amdgpu/gc_11_0_1_mes_2.bin --File: amdgpu/gc_11_0_1_pfp.bin --File: amdgpu/gc_11_0_1_rlc.bin --File: amdgpu/gc_11_0_2_imu.bin --File: amdgpu/gc_11_0_2_me.bin --File: amdgpu/gc_11_0_2_mec.bin --File: amdgpu/gc_11_0_2_mes1.bin --File: amdgpu/gc_11_0_2_mes.bin --File: amdgpu/gc_11_0_2_mes_2.bin --File: amdgpu/gc_11_0_2_pfp.bin --File: amdgpu/gc_11_0_2_rlc.bin --File: amdgpu/gc_11_0_4_imu.bin --File: amdgpu/gc_11_0_4_me.bin --File: amdgpu/gc_11_0_4_mec.bin --File: amdgpu/gc_11_0_4_mes.bin --File: amdgpu/gc_11_0_4_mes1.bin --File: amdgpu/gc_11_0_4_mes_2.bin --File: amdgpu/gc_11_0_4_pfp.bin --File: amdgpu/gc_11_0_4_rlc.bin --File: amdgpu/dcn_3_1_4_dmcub.bin --File: amdgpu/dcn_3_1_5_dmcub.bin --File: amdgpu/dcn_3_1_6_dmcub.bin --File: amdgpu/dcn_3_2_0_dmcub.bin --File: amdgpu/dcn_3_2_1_dmcub.bin --File: amdgpu/psp_13_0_0_sos.bin --File: amdgpu/psp_13_0_0_ta.bin --File: amdgpu/psp_13_0_4_ta.bin --File: amdgpu/psp_13_0_4_toc.bin --File: amdgpu/psp_13_0_5_asd.bin --File: amdgpu/psp_13_0_5_ta.bin --File: amdgpu/psp_13_0_5_toc.bin --File: amdgpu/psp_13_0_7_sos.bin --File: amdgpu/psp_13_0_7_ta.bin --File: amdgpu/psp_13_0_8_asd.bin --File: amdgpu/psp_13_0_8_ta.bin --File: amdgpu/psp_13_0_8_toc.bin --File: amdgpu/psp_13_0_11_ta.bin --File: amdgpu/psp_13_0_11_toc.bin --File: amdgpu/sdma_5_2_6.bin --File: amdgpu/sdma_5_2_7.bin --File: amdgpu/sdma_6_0_0.bin --File: amdgpu/sdma_6_0_1.bin --File: amdgpu/sdma_6_0_2.bin --File: amdgpu/smu_13_0_0.bin --File: amdgpu/smu_13_0_7.bin --File: amdgpu/vcn_3_1_2.bin --File: amdgpu/vcn_4_0_0.bin --File: amdgpu/vcn_4_0_2.bin --File: amdgpu/vcn_4_0_4.bin -- --Licence: Redistributable. See LICENSE.amdgpu for details. -- ---------------------------------------------------------------------------- -- - Driver: qed - QLogic 4xxxx Ethernet Driver Core Module. - - File: qed/qed_init_values_zipped-8.4.2.0.bin -@@ -1459,424 +561,6 @@ Version: HuC API/APB ver 8.5.0 for Meteorlake - License: Redistributable. See LICENSE.i915 for details - -------------------------------------------------------------------------- - --Driver: nouveau - NVIDIA GPU driver -- --File: nvidia/gk20a/fecs_data.bin --File: nvidia/gk20a/fecs_inst.bin --File: nvidia/gk20a/gpccs_data.bin --File: nvidia/gk20a/gpccs_inst.bin --File: nvidia/gk20a/sw_bundle_init.bin --File: nvidia/gk20a/sw_ctx.bin --File: nvidia/gk20a/sw_method_init.bin --File: nvidia/gk20a/sw_nonctx.bin --File: nvidia/gm200/acr/bl.bin --File: nvidia/gm200/acr/ucode_load.bin --File: nvidia/gm200/acr/ucode_unload.bin --File: nvidia/gm200/gr/fecs_bl.bin --File: nvidia/gm200/gr/fecs_data.bin --File: nvidia/gm200/gr/fecs_inst.bin --File: nvidia/gm200/gr/fecs_sig.bin --File: nvidia/gm200/gr/gpccs_bl.bin --File: nvidia/gm200/gr/gpccs_data.bin --File: nvidia/gm200/gr/gpccs_inst.bin --File: nvidia/gm200/gr/gpccs_sig.bin --File: nvidia/gm200/gr/sw_bundle_init.bin --File: nvidia/gm200/gr/sw_ctx.bin --File: nvidia/gm200/gr/sw_method_init.bin --File: nvidia/gm200/gr/sw_nonctx.bin --Link: nvidia/gm204/acr/bl.bin -> ../../gm200/acr/bl.bin --Link: nvidia/gm204/acr/ucode_load.bin -> ../../gm200/acr/ucode_load.bin --Link: nvidia/gm204/acr/ucode_unload.bin -> ../../gm200/acr/ucode_unload.bin --Link: nvidia/gm204/gr/fecs_bl.bin -> ../../gm200/gr/fecs_bl.bin --File: nvidia/gm204/gr/fecs_data.bin --Link: nvidia/gm204/gr/fecs_inst.bin -> ../../gm200/gr/fecs_inst.bin --File: nvidia/gm204/gr/fecs_sig.bin --Link: nvidia/gm204/gr/gpccs_bl.bin -> ../../gm200/gr/gpccs_bl.bin --File: nvidia/gm204/gr/gpccs_data.bin --Link: nvidia/gm204/gr/gpccs_inst.bin -> ../../gm200/gr/gpccs_inst.bin --File: nvidia/gm204/gr/gpccs_sig.bin --Link: nvidia/gm204/gr/sw_bundle_init.bin -> ../../gm200/gr/sw_bundle_init.bin --Link: nvidia/gm204/gr/sw_ctx.bin -> ../../gm200/gr/sw_ctx.bin --Link: nvidia/gm204/gr/sw_method_init.bin -> ../../gm200/gr/sw_method_init.bin --Link: nvidia/gm204/gr/sw_nonctx.bin -> ../../gm200/gr/sw_nonctx.bin --Link: nvidia/gm206/acr/bl.bin -> ../../gm200/acr/bl.bin --File: nvidia/gm206/acr/ucode_load.bin --File: nvidia/gm206/acr/ucode_unload.bin --Link: nvidia/gm206/gr/fecs_bl.bin -> ../../gm200/gr/fecs_bl.bin --File: nvidia/gm206/gr/fecs_data.bin --Link: nvidia/gm206/gr/fecs_inst.bin -> ../../gm200/gr/fecs_inst.bin --File: nvidia/gm206/gr/fecs_sig.bin --Link: nvidia/gm206/gr/gpccs_bl.bin -> ../../gm200/gr/gpccs_bl.bin --File: nvidia/gm206/gr/gpccs_data.bin --Link: nvidia/gm206/gr/gpccs_inst.bin -> ../../gm200/gr/gpccs_inst.bin --File: nvidia/gm206/gr/gpccs_sig.bin --Link: nvidia/gm206/gr/sw_bundle_init.bin -> ../../gm200/gr/sw_bundle_init.bin --Link: nvidia/gm206/gr/sw_ctx.bin -> ../../gm200/gr/sw_ctx.bin --Link: nvidia/gm206/gr/sw_method_init.bin -> ../../gm200/gr/sw_method_init.bin --Link: nvidia/gm206/gr/sw_nonctx.bin -> ../../gm200/gr/sw_nonctx.bin --File: nvidia/gm20b/acr/bl.bin --File: nvidia/gm20b/acr/ucode_load.bin --File: nvidia/gm20b/gr/fecs_bl.bin --File: nvidia/gm20b/gr/fecs_data.bin --File: nvidia/gm20b/gr/fecs_inst.bin --File: nvidia/gm20b/gr/fecs_sig.bin --File: nvidia/gm20b/gr/gpccs_data.bin --File: nvidia/gm20b/gr/gpccs_inst.bin --File: nvidia/gm20b/gr/sw_bundle_init.bin --File: nvidia/gm20b/gr/sw_ctx.bin --Link: nvidia/gm20b/gr/sw_method_init.bin -> ../../gm200/gr/sw_method_init.bin --File: nvidia/gm20b/gr/sw_nonctx.bin --File: nvidia/gm20b/pmu/desc.bin --File: nvidia/gm20b/pmu/image.bin --File: nvidia/gm20b/pmu/sig.bin --File: nvidia/gp100/acr/bl.bin --File: nvidia/gp100/acr/ucode_load.bin --File: nvidia/gp100/acr/ucode_unload.bin --Link: nvidia/gp100/gr/fecs_bl.bin -> ../../gm200/gr/fecs_bl.bin --File: nvidia/gp100/gr/fecs_data.bin --File: nvidia/gp100/gr/fecs_inst.bin --File: nvidia/gp100/gr/fecs_sig.bin --Link: nvidia/gp100/gr/gpccs_bl.bin -> ../../gm200/gr/gpccs_bl.bin --File: nvidia/gp100/gr/gpccs_data.bin --File: nvidia/gp100/gr/gpccs_inst.bin --File: nvidia/gp100/gr/gpccs_sig.bin --File: nvidia/gp100/gr/sw_bundle_init.bin --File: nvidia/gp100/gr/sw_ctx.bin --File: nvidia/gp100/gr/sw_method_init.bin --File: nvidia/gp100/gr/sw_nonctx.bin --File: nvidia/gp102/acr/bl.bin --File: nvidia/gp102/acr/ucode_load.bin --File: nvidia/gp102/acr/ucode_unload.bin --File: nvidia/gp102/acr/unload_bl.bin --Link: nvidia/gp102/gr/fecs_bl.bin -> ../../gm200/gr/fecs_bl.bin --File: nvidia/gp102/gr/fecs_data.bin --File: nvidia/gp102/gr/fecs_inst.bin --File: nvidia/gp102/gr/fecs_sig.bin --Link: nvidia/gp102/gr/gpccs_bl.bin -> ../../gm200/gr/gpccs_bl.bin --File: nvidia/gp102/gr/gpccs_data.bin --File: nvidia/gp102/gr/gpccs_inst.bin --File: nvidia/gp102/gr/gpccs_sig.bin --File: nvidia/gp102/gr/sw_bundle_init.bin --File: nvidia/gp102/gr/sw_ctx.bin --File: nvidia/gp102/gr/sw_method_init.bin --File: nvidia/gp102/gr/sw_nonctx.bin --File: nvidia/gp102/nvdec/scrubber.bin --File: nvidia/gp102/sec2/desc.bin --File: nvidia/gp102/sec2/image.bin --File: nvidia/gp102/sec2/sig.bin --File: nvidia/gp102/sec2/desc-1.bin --File: nvidia/gp102/sec2/image-1.bin --File: nvidia/gp102/sec2/sig-1.bin --Link: nvidia/gp104/acr/bl.bin -> ../../gp102/acr/bl.bin --Link: nvidia/gp104/acr/ucode_load.bin -> ../../gp102/acr/ucode_load.bin --Link: nvidia/gp104/acr/ucode_unload.bin -> ../../gp102/acr/ucode_unload.bin --Link: nvidia/gp104/acr/unload_bl.bin -> ../../gp102/acr/unload_bl.bin --Link: nvidia/gp104/gr/fecs_bl.bin -> ../../gp102/gr/fecs_bl.bin --File: nvidia/gp104/gr/fecs_data.bin --File: nvidia/gp104/gr/fecs_inst.bin --File: nvidia/gp104/gr/fecs_sig.bin --Link: nvidia/gp104/gr/gpccs_bl.bin -> ../../gp102/gr/gpccs_bl.bin --File: nvidia/gp104/gr/gpccs_data.bin --File: nvidia/gp104/gr/gpccs_inst.bin --File: nvidia/gp104/gr/gpccs_sig.bin --Link: nvidia/gp104/gr/sw_bundle_init.bin -> ../../gp102/gr/sw_bundle_init.bin --Link: nvidia/gp104/gr/sw_ctx.bin -> ../../gp102/gr/sw_ctx.bin --Link: nvidia/gp104/gr/sw_method_init.bin -> ../../gp102/gr/sw_method_init.bin --Link: nvidia/gp104/gr/sw_nonctx.bin -> ../../gp102/gr/sw_nonctx.bin --Link: nvidia/gp104/nvdec/scrubber.bin -> ../../gp102/nvdec/scrubber.bin --Link: nvidia/gp104/sec2/desc.bin -> ../../gp102/sec2/desc.bin --Link: nvidia/gp104/sec2/image.bin -> ../../gp102/sec2/image.bin --Link: nvidia/gp104/sec2/sig.bin -> ../../gp102/sec2/sig.bin --Link: nvidia/gp104/sec2/desc-1.bin -> ../../gp102/sec2/desc-1.bin --Link: nvidia/gp104/sec2/image-1.bin -> ../../gp102/sec2/image-1.bin --Link: nvidia/gp104/sec2/sig-1.bin -> ../../gp102/sec2/sig-1.bin --Link: nvidia/gp106/acr/bl.bin -> ../../gp102/acr/bl.bin --Link: nvidia/gp106/acr/ucode_load.bin -> ../../gp102/acr/ucode_load.bin --Link: nvidia/gp106/acr/ucode_unload.bin -> ../../gp102/acr/ucode_unload.bin --Link: nvidia/gp106/acr/unload_bl.bin -> ../../gp102/acr/unload_bl.bin --Link: nvidia/gp106/gr/fecs_bl.bin -> ../../gp102/gr/fecs_bl.bin --File: nvidia/gp106/gr/fecs_data.bin --Link: nvidia/gp106/gr/fecs_inst.bin -> ../../gp102/gr/fecs_inst.bin --File: nvidia/gp106/gr/fecs_sig.bin --Link: nvidia/gp106/gr/gpccs_bl.bin -> ../../gp102/gr/gpccs_bl.bin --File: nvidia/gp106/gr/gpccs_data.bin --Link: nvidia/gp106/gr/gpccs_inst.bin -> ../../gp102/gr/gpccs_inst.bin --File: nvidia/gp106/gr/gpccs_sig.bin --Link: nvidia/gp106/gr/sw_bundle_init.bin -> ../../gp102/gr/sw_bundle_init.bin --Link: nvidia/gp106/gr/sw_ctx.bin -> ../../gp102/gr/sw_ctx.bin --Link: nvidia/gp106/gr/sw_method_init.bin -> ../../gp102/gr/sw_method_init.bin --Link: nvidia/gp106/gr/sw_nonctx.bin -> ../../gp102/gr/sw_nonctx.bin --Link: nvidia/gp106/nvdec/scrubber.bin -> ../../gp102/nvdec/scrubber.bin --Link: nvidia/gp106/sec2/desc.bin -> ../../gp102/sec2/desc.bin --Link: nvidia/gp106/sec2/image.bin -> ../../gp102/sec2/image.bin --Link: nvidia/gp106/sec2/sig.bin -> ../../gp102/sec2/sig.bin --Link: nvidia/gp106/sec2/desc-1.bin -> ../../gp102/sec2/desc-1.bin --Link: nvidia/gp106/sec2/image-1.bin -> ../../gp102/sec2/image-1.bin --Link: nvidia/gp106/sec2/sig-1.bin -> ../../gp102/sec2/sig-1.bin --Link: nvidia/gp107/acr/bl.bin -> ../../gp102/acr/bl.bin --Link: nvidia/gp107/acr/ucode_load.bin -> ../../gp102/acr/ucode_load.bin --Link: nvidia/gp107/acr/ucode_unload.bin -> ../../gp102/acr/ucode_unload.bin --Link: nvidia/gp107/acr/unload_bl.bin -> ../../gp102/acr/unload_bl.bin --File: nvidia/gp107/gr/fecs_bl.bin --File: nvidia/gp107/gr/fecs_data.bin --File: nvidia/gp107/gr/fecs_inst.bin --File: nvidia/gp107/gr/fecs_sig.bin --File: nvidia/gp107/gr/gpccs_bl.bin --File: nvidia/gp107/gr/gpccs_data.bin --File: nvidia/gp107/gr/gpccs_inst.bin --File: nvidia/gp107/gr/gpccs_sig.bin --Link: nvidia/gp107/gr/sw_bundle_init.bin -> ../../gp102/gr/sw_bundle_init.bin --File: nvidia/gp107/gr/sw_ctx.bin --Link: nvidia/gp107/gr/sw_method_init.bin -> ../../gp102/gr/sw_method_init.bin --File: nvidia/gp107/gr/sw_nonctx.bin --Link: nvidia/gp107/nvdec/scrubber.bin -> ../../gp102/nvdec/scrubber.bin --Link: nvidia/gp107/sec2/desc.bin -> ../../gp102/sec2/desc.bin --Link: nvidia/gp107/sec2/image.bin -> ../../gp102/sec2/image.bin --Link: nvidia/gp107/sec2/sig.bin -> ../../gp102/sec2/sig.bin --Link: nvidia/gp107/sec2/desc-1.bin -> ../../gp102/sec2/desc-1.bin --Link: nvidia/gp107/sec2/image-1.bin -> ../../gp102/sec2/image-1.bin --Link: nvidia/gp107/sec2/sig-1.bin -> ../../gp102/sec2/sig-1.bin --File: nvidia/gp10b/acr/bl.bin --File: nvidia/gp10b/acr/ucode_load.bin --File: nvidia/gp10b/gr/fecs_bl.bin --File: nvidia/gp10b/gr/fecs_data.bin --File: nvidia/gp10b/gr/fecs_inst.bin --File: nvidia/gp10b/gr/fecs_sig.bin --File: nvidia/gp10b/gr/gpccs_bl.bin --File: nvidia/gp10b/gr/gpccs_data.bin --File: nvidia/gp10b/gr/gpccs_inst.bin --File: nvidia/gp10b/gr/gpccs_sig.bin --File: nvidia/gp10b/gr/sw_bundle_init.bin --File: nvidia/gp10b/gr/sw_ctx.bin --File: nvidia/gp10b/gr/sw_method_init.bin --File: nvidia/gp10b/gr/sw_nonctx.bin --File: nvidia/gp10b/pmu/desc.bin --File: nvidia/gp10b/pmu/image.bin --File: nvidia/gp10b/pmu/sig.bin --Link: nvidia/gp108/acr/bl.bin -> ../../gp102/acr/bl.bin --Link: nvidia/gp108/acr/ucode_load.bin -> ../../gp102/acr/ucode_load.bin --Link: nvidia/gp108/acr/ucode_unload.bin -> ../../gp102/acr/ucode_unload.bin --Link: nvidia/gp108/acr/unload_bl.bin -> ../../gp102/acr/unload_bl.bin --File: nvidia/gp108/gr/fecs_bl.bin --File: nvidia/gp108/gr/fecs_data.bin --File: nvidia/gp108/gr/fecs_inst.bin --File: nvidia/gp108/gr/fecs_sig.bin --File: nvidia/gp108/gr/gpccs_bl.bin --File: nvidia/gp108/gr/gpccs_data.bin --File: nvidia/gp108/gr/gpccs_inst.bin --File: nvidia/gp108/gr/gpccs_sig.bin --File: nvidia/gp108/gr/sw_bundle_init.bin --File: nvidia/gp108/gr/sw_ctx.bin --File: nvidia/gp108/gr/sw_method_init.bin --File: nvidia/gp108/gr/sw_nonctx.bin --Link: nvidia/gp108/nvdec/scrubber.bin -> ../../gp102/nvdec/scrubber.bin --Link: nvidia/gp108/sec2/desc.bin -> ../../gp102/sec2/desc-1.bin --Link: nvidia/gp108/sec2/image.bin -> ../../gp102/sec2/image-1.bin --Link: nvidia/gp108/sec2/sig.bin -> ../../gp102/sec2/sig-1.bin --File: nvidia/gv100/acr/bl.bin --File: nvidia/gv100/acr/ucode_load.bin --File: nvidia/gv100/acr/ucode_unload.bin --File: nvidia/gv100/acr/unload_bl.bin --File: nvidia/gv100/gr/fecs_bl.bin --File: nvidia/gv100/gr/fecs_data.bin --File: nvidia/gv100/gr/fecs_inst.bin --File: nvidia/gv100/gr/fecs_sig.bin --File: nvidia/gv100/gr/gpccs_bl.bin --File: nvidia/gv100/gr/gpccs_data.bin --File: nvidia/gv100/gr/gpccs_inst.bin --File: nvidia/gv100/gr/gpccs_sig.bin --File: nvidia/gv100/gr/sw_bundle_init.bin --File: nvidia/gv100/gr/sw_ctx.bin --File: nvidia/gv100/gr/sw_method_init.bin --File: nvidia/gv100/gr/sw_nonctx.bin --File: nvidia/gv100/nvdec/scrubber.bin --File: nvidia/gv100/sec2/desc.bin --File: nvidia/gv100/sec2/image.bin --File: nvidia/gv100/sec2/sig.bin --File: nvidia/tu102/acr/bl.bin --File: nvidia/tu102/acr/ucode_ahesasc.bin --File: nvidia/tu102/acr/ucode_asb.bin --File: nvidia/tu102/acr/unload_bl.bin --File: nvidia/tu102/acr/ucode_unload.bin --File: nvidia/tu102/gr/fecs_bl.bin --File: nvidia/tu102/gr/fecs_data.bin --File: nvidia/tu102/gr/fecs_inst.bin --File: nvidia/tu102/gr/fecs_sig.bin --File: nvidia/tu102/gr/gpccs_bl.bin --File: nvidia/tu102/gr/gpccs_data.bin --File: nvidia/tu102/gr/gpccs_inst.bin --File: nvidia/tu102/gr/gpccs_sig.bin --File: nvidia/tu102/gr/sw_bundle_init.bin --File: nvidia/tu102/gr/sw_ctx.bin --File: nvidia/tu102/gr/sw_method_init.bin --File: nvidia/tu102/gr/sw_nonctx.bin --File: nvidia/tu102/gr/sw_veid_bundle_init.bin --File: nvidia/tu102/nvdec/scrubber.bin --File: nvidia/tu102/sec2/desc.bin --File: nvidia/tu102/sec2/image.bin --File: nvidia/tu102/sec2/sig.bin --Link: nvidia/tu104/acr/bl.bin -> ../../tu102/acr/bl.bin --Link: nvidia/tu104/acr/ucode_ahesasc.bin -> ../../tu102/acr/ucode_ahesasc.bin --Link: nvidia/tu104/acr/ucode_asb.bin -> ../../tu102/acr/ucode_asb.bin --Link: nvidia/tu104/acr/unload_bl.bin -> ../../tu102/acr/unload_bl.bin --Link: nvidia/tu104/acr/ucode_unload.bin -> ../../tu102/acr/ucode_unload.bin --Link: nvidia/tu104/gr/fecs_bl.bin -> ../../tu102/gr/fecs_bl.bin --File: nvidia/tu104/gr/fecs_data.bin --File: nvidia/tu104/gr/fecs_inst.bin --File: nvidia/tu104/gr/fecs_sig.bin --Link: nvidia/tu104/gr/gpccs_bl.bin -> ../../tu102/gr/gpccs_bl.bin --File: nvidia/tu104/gr/gpccs_data.bin --File: nvidia/tu104/gr/gpccs_inst.bin --File: nvidia/tu104/gr/gpccs_sig.bin --File: nvidia/tu104/gr/sw_bundle_init.bin --File: nvidia/tu104/gr/sw_ctx.bin --File: nvidia/tu104/gr/sw_method_init.bin --File: nvidia/tu104/gr/sw_nonctx.bin --File: nvidia/tu104/gr/sw_veid_bundle_init.bin --Link: nvidia/tu104/nvdec/scrubber.bin -> ../../tu102/nvdec/scrubber.bin --Link: nvidia/tu104/sec2/desc.bin -> ../../tu102/sec2/desc.bin --Link: nvidia/tu104/sec2/image.bin -> ../../tu102/sec2/image.bin --Link: nvidia/tu104/sec2/sig.bin -> ../../tu102/sec2/sig.bin --Link: nvidia/tu106/acr/bl.bin -> ../../tu102/acr/bl.bin --Link: nvidia/tu106/acr/ucode_ahesasc.bin -> ../../tu102/acr/ucode_ahesasc.bin --Link: nvidia/tu106/acr/ucode_asb.bin -> ../../tu102/acr/ucode_asb.bin --Link: nvidia/tu106/acr/unload_bl.bin -> ../../tu102/acr/unload_bl.bin --Link: nvidia/tu106/acr/ucode_unload.bin -> ../../tu102/acr/ucode_unload.bin --Link: nvidia/tu106/gr/fecs_bl.bin -> ../../tu102/gr/fecs_bl.bin --File: nvidia/tu106/gr/fecs_data.bin --File: nvidia/tu106/gr/fecs_inst.bin --File: nvidia/tu106/gr/fecs_sig.bin --Link: nvidia/tu106/gr/gpccs_bl.bin -> ../../tu102/gr/gpccs_bl.bin --File: nvidia/tu106/gr/gpccs_data.bin --File: nvidia/tu106/gr/gpccs_inst.bin --File: nvidia/tu106/gr/gpccs_sig.bin --File: nvidia/tu106/gr/sw_bundle_init.bin --File: nvidia/tu106/gr/sw_ctx.bin --File: nvidia/tu106/gr/sw_method_init.bin --File: nvidia/tu106/gr/sw_nonctx.bin --File: nvidia/tu106/gr/sw_veid_bundle_init.bin --Link: nvidia/tu106/nvdec/scrubber.bin -> ../../tu102/nvdec/scrubber.bin --Link: nvidia/tu106/sec2/desc.bin -> ../../tu102/sec2/desc.bin --Link: nvidia/tu106/sec2/image.bin -> ../../tu102/sec2/image.bin --Link: nvidia/tu106/sec2/sig.bin -> ../../tu102/sec2/sig.bin --File: nvidia/tu116/acr/bl.bin --File: nvidia/tu116/acr/ucode_ahesasc.bin --File: nvidia/tu116/acr/ucode_asb.bin --File: nvidia/tu116/acr/ucode_unload.bin --File: nvidia/tu116/acr/unload_bl.bin --File: nvidia/tu116/gr/fecs_bl.bin --File: nvidia/tu116/gr/fecs_data.bin --File: nvidia/tu116/gr/fecs_inst.bin --File: nvidia/tu116/gr/fecs_sig.bin --File: nvidia/tu116/gr/gpccs_bl.bin --File: nvidia/tu116/gr/gpccs_data.bin --File: nvidia/tu116/gr/gpccs_inst.bin --File: nvidia/tu116/gr/gpccs_sig.bin --File: nvidia/tu116/gr/sw_bundle_init.bin --File: nvidia/tu116/gr/sw_ctx.bin --File: nvidia/tu116/gr/sw_method_init.bin --File: nvidia/tu116/gr/sw_nonctx.bin --File: nvidia/tu116/gr/sw_veid_bundle_init.bin --File: nvidia/tu116/nvdec/scrubber.bin --File: nvidia/tu116/sec2/desc.bin --File: nvidia/tu116/sec2/image.bin --File: nvidia/tu116/sec2/sig.bin --Link: nvidia/tu117/acr/bl.bin -> ../../tu116/acr/bl.bin --Link: nvidia/tu117/acr/ucode_ahesasc.bin -> ../../tu116/acr/ucode_ahesasc.bin --Link: nvidia/tu117/acr/ucode_asb.bin -> ../../tu116/acr/ucode_asb.bin --Link: nvidia/tu117/acr/ucode_unload.bin -> ../../tu116/acr/ucode_unload.bin --Link: nvidia/tu117/acr/unload_bl.bin -> ../../tu116/acr/unload_bl.bin --Link: nvidia/tu117/gr/fecs_bl.bin -> ../../tu116/gr/fecs_bl.bin --File: nvidia/tu117/gr/fecs_data.bin --File: nvidia/tu117/gr/fecs_inst.bin --File: nvidia/tu117/gr/fecs_sig.bin --Link: nvidia/tu117/gr/gpccs_bl.bin -> ../../tu116/gr/gpccs_bl.bin --File: nvidia/tu117/gr/gpccs_data.bin --File: nvidia/tu117/gr/gpccs_inst.bin --File: nvidia/tu117/gr/gpccs_sig.bin --File: nvidia/tu117/gr/sw_bundle_init.bin --File: nvidia/tu117/gr/sw_ctx.bin --File: nvidia/tu117/gr/sw_method_init.bin --File: nvidia/tu117/gr/sw_nonctx.bin --File: nvidia/tu117/gr/sw_veid_bundle_init.bin --Link: nvidia/tu117/nvdec/scrubber.bin -> ../../tu116/nvdec/scrubber.bin --Link: nvidia/tu117/sec2/desc.bin -> ../../tu116/sec2/desc.bin --Link: nvidia/tu117/sec2/image.bin -> ../../tu116/sec2/image.bin --Link: nvidia/tu117/sec2/sig.bin -> ../../tu116/sec2/sig.bin --File: nvidia/ga102/acr/ucode_ahesasc.bin --File: nvidia/ga102/acr/ucode_asb.bin --File: nvidia/ga102/acr/ucode_unload.bin --File: nvidia/ga102/gr/fecs_bl.bin --File: nvidia/ga102/gr/fecs_sig.bin --File: nvidia/ga102/gr/gpccs_bl.bin --File: nvidia/ga102/gr/gpccs_sig.bin --File: nvidia/ga102/gr/NET_img.bin --File: nvidia/ga102/nvdec/scrubber.bin --File: nvidia/ga102/sec2/desc.bin --File: nvidia/ga102/sec2/hs_bl_sig.bin --File: nvidia/ga102/sec2/image.bin --File: nvidia/ga102/sec2/sig.bin --Link: nvidia/ga103/acr/ucode_ahesasc.bin -> ../../ga102/acr/ucode_ahesasc.bin --Link: nvidia/ga103/acr/ucode_asb.bin -> ../../ga102/acr/ucode_asb.bin --Link: nvidia/ga103/acr/ucode_unload.bin -> ../../ga102/acr/ucode_unload.bin --File: nvidia/ga103/gr/fecs_bl.bin --File: nvidia/ga103/gr/fecs_sig.bin --File: nvidia/ga103/gr/gpccs_bl.bin --File: nvidia/ga103/gr/gpccs_sig.bin --File: nvidia/ga103/gr/NET_img.bin --Link: nvidia/ga103/nvdec/scrubber.bin -> ../../ga102/nvdec/scrubber.bin --Link: nvidia/ga103/sec2/desc.bin -> ../../ga102/sec2/desc.bin --Link: nvidia/ga103/sec2/hs_bl_sig.bin -> ../../ga102/sec2/hs_bl_sig.bin --Link: nvidia/ga103/sec2/image.bin -> ../../ga102/sec2/image.bin --Link: nvidia/ga103/sec2/sig.bin -> ../../ga102/sec2/sig.bin --Link: nvidia/ga104/acr/ucode_ahesasc.bin -> ../../ga102/acr/ucode_ahesasc.bin --Link: nvidia/ga104/acr/ucode_asb.bin -> ../../ga102/acr/ucode_asb.bin --Link: nvidia/ga104/acr/ucode_unload.bin -> ../../ga102/acr/ucode_unload.bin --File: nvidia/ga104/gr/fecs_bl.bin --File: nvidia/ga104/gr/fecs_sig.bin --File: nvidia/ga104/gr/gpccs_bl.bin --File: nvidia/ga104/gr/gpccs_sig.bin --File: nvidia/ga104/gr/NET_img.bin --Link: nvidia/ga104/nvdec/scrubber.bin -> ../../ga102/nvdec/scrubber.bin --Link: nvidia/ga104/sec2/desc.bin -> ../../ga102/sec2/desc.bin --Link: nvidia/ga104/sec2/hs_bl_sig.bin -> ../../ga102/sec2/hs_bl_sig.bin --Link: nvidia/ga104/sec2/image.bin -> ../../ga102/sec2/image.bin --Link: nvidia/ga104/sec2/sig.bin -> ../../ga102/sec2/sig.bin --Link: nvidia/ga106/acr/ucode_ahesasc.bin -> ../../ga102/acr/ucode_ahesasc.bin --Link: nvidia/ga106/acr/ucode_asb.bin -> ../../ga102/acr/ucode_asb.bin --Link: nvidia/ga106/acr/ucode_unload.bin -> ../../ga102/acr/ucode_unload.bin --File: nvidia/ga106/gr/fecs_bl.bin --File: nvidia/ga106/gr/fecs_sig.bin --File: nvidia/ga106/gr/gpccs_bl.bin --File: nvidia/ga106/gr/gpccs_sig.bin --File: nvidia/ga106/gr/NET_img.bin --Link: nvidia/ga106/nvdec/scrubber.bin -> ../../ga102/nvdec/scrubber.bin --Link: nvidia/ga106/sec2/desc.bin -> ../../ga102/sec2/desc.bin --Link: nvidia/ga106/sec2/hs_bl_sig.bin -> ../../ga102/sec2/hs_bl_sig.bin --Link: nvidia/ga106/sec2/image.bin -> ../../ga102/sec2/image.bin --Link: nvidia/ga106/sec2/sig.bin -> ../../ga102/sec2/sig.bin --Link: nvidia/ga107/acr/ucode_ahesasc.bin -> ../../ga102/acr/ucode_ahesasc.bin --Link: nvidia/ga107/acr/ucode_asb.bin -> ../../ga102/acr/ucode_asb.bin --Link: nvidia/ga107/acr/ucode_unload.bin -> ../../ga102/acr/ucode_unload.bin --File: nvidia/ga107/gr/fecs_bl.bin --File: nvidia/ga107/gr/fecs_sig.bin --File: nvidia/ga107/gr/gpccs_bl.bin --File: nvidia/ga107/gr/gpccs_sig.bin --File: nvidia/ga107/gr/NET_img.bin --Link: nvidia/ga107/nvdec/scrubber.bin -> ../../ga102/nvdec/scrubber.bin --Link: nvidia/ga107/sec2/desc.bin -> ../../ga102/sec2/desc.bin --Link: nvidia/ga107/sec2/hs_bl_sig.bin -> ../../ga102/sec2/hs_bl_sig.bin --Link: nvidia/ga107/sec2/image.bin -> ../../ga102/sec2/image.bin --Link: nvidia/ga107/sec2/sig.bin -> ../../ga102/sec2/sig.bin -- --File: nvidia/tu10x/typec/ccg_primary.cyacd --File: nvidia/tu10x/typec/ccg_secondary.cyacd --File: nvidia/tu10x/typec/ccg_boot.cyacd -- --Licence: Redistributable. See LICENCE.nvidia for details -- ---------------------------------------------------------------------------- -- - Driver: mtk_scp - MediaTek SCP System Control Processing Driver - - File: mediatek/mt8183/scp.img -@@ -1903,53 +587,6 @@ Licence: Redistributable. See LICENSE.sdma_firmware for details - - -------------------------------------------------------------------------- - --Driver: adreno - Qualcomm Adreno GPU firmware -- --File: qcom/a300_pfp.fw --Link: a300_pfp.fw -> qcom/a300_pfp.fw --File: qcom/a300_pm4.fw --Link: a300_pm4.fw -> qcom/a300_pm4.fw --File: qcom/a330_pfp.fw --File: qcom/a330_pm4.fw --File: qcom/a420_pfp.fw --File: qcom/a420_pm4.fw --File: qcom/a530_pfp.fw --File: qcom/a530_pm4.fw --File: qcom/a530v3_gpmu.fw2 --File: qcom/apq8096/a530_zap.mbn --Link: qcom/a530_zap.mdt -> apq8096/a530_zap.mbn --File: qcom/a630_gmu.bin --File: qcom/a630_sqe.fw --File: qcom/sdm845/a630_zap.mbn --File: qcom/a650_gmu.bin --File: qcom/a650_sqe.fw --File: qcom/sm8250/a650_zap.mbn --File: qcom/a660_gmu.bin --File: qcom/a660_sqe.fw --File: qcom/leia_pfp_470.fw --File: qcom/leia_pm4_470.fw --File: qcom/sc8280xp/LENOVO/21BX/qcdxkmsuc8280.mbn -- --Licence: Redistributable. See LICENSE.qcom and qcom/NOTICE.txt for details -- --Binary files supplied originally from --https://developer.qualcomm.com/hardware/dragonboard-410c/tools -- ---------------------------------------------------------------------------- -- --Driver: adreno - Qualcomm Adreno GPU firmware -- --File: qcom/yamato_pfp.fw --File: qcom/yamato_pm4.fw -- --Licence: Redistributable, BSD-3-Clause licence, See LICENSE.qcom_yamato for details -- --Binary files generated from header files in EfikaMX kernel sources. A prefix of --four zero bytes was prepended to make them work with the DRM MSM driver. See --https://github.com/genesi/linux-legacy/tree/master/drivers/mxc/amd-gpu -- ---------------------------------------------------------------------------- -- - Driver: mlxsw_spectrum - Mellanox Spectrum switch - - File: mellanox/mlxsw_spectrum-13.1420.122.mfa2 --- -2.40.1 - diff --git a/packages/linux-firmware/0009-linux-firmware-various-Remove-firmware-for-various-d.patch b/packages/linux-firmware/0009-linux-firmware-various-Remove-firmware-for-various-d.patch deleted file mode 100644 index 09372aca9f8..00000000000 --- a/packages/linux-firmware/0009-linux-firmware-various-Remove-firmware-for-various-d.patch +++ /dev/null @@ -1,324 +0,0 @@ -From aa70d48430741bc74b64f9ceb0df1348e7a0aa6d Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Wed, 26 Jul 2023 11:23:46 +0000 -Subject: [PATCH] linux-firmware: various: Remove firmware for various devices - -This patch is a catch all for any specialized hardware that did not -losely fit into any of the other categories. Bottlerocket does not -provide drivers for any of these devices, so there is no use in shipping -firmware for them. - -The following list maps driver names as specified in WHENCE to kernel -config options to allow for easy adding of firmware should driver -enablement make that necessary. - -* dsp56k - CONFIG_ATARI_DSP56K -* yam - CONFIG_YAM -* mtk_scp - CONFIG_MTK_SCP -* imx-sdma - CONFIG_IMX_SDMA -* mlxsw_spectrum - CONFIG_MLXSW_SPECTRUM -* prestera - CONFIG_PRESTERA - -Signed-off-by: Leonard Foerster ---- - LICENCE.Marvell | 22 ------ - LICENCE.mediatek | 9 --- - LICENSE.sdma_firmware | 47 ------------ - WHENCE | 164 ------------------------------------------ - 4 files changed, 242 deletions(-) - delete mode 100644 LICENCE.Marvell - delete mode 100644 LICENCE.mediatek - delete mode 100644 LICENSE.sdma_firmware - -diff --git a/LICENCE.Marvell b/LICENCE.Marvell -deleted file mode 100644 -index fdf4cda..0000000 ---- a/LICENCE.Marvell -+++ /dev/null -@@ -1,22 +0,0 @@ --Copyright © 2019. Marvell International Ltd. All rights reserved. -- --Redistribution and use in binary form is permitted provided that the following --conditions are met: -- --1. Redistributions must reproduce the above copyright notice, this list of --conditions and the following disclaimer in the documentation and/or other --materials provided with the distribution. -- --2. Redistribution and use shall be used only with Marvell silicon products. --Any other use, reproduction, modification, translation, or compilation of the --Software is prohibited. -- --3. No reverse engineering, decompilation, or disassembly is permitted. -- --TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THIS SOFTWARE IS PROVIDED --“AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING, WITHOUT LIMITATION, ANY EXPRESS --OR IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS OR SUFFICIENCY FOR A --PARTICULAR PURPOSE, SATISFACTORY QUALITY, CORRESPONDENCE WITH DESCRIPTION, QUIET --ENJOYMENT OR NON-INFRINGEMENT OF THIRD PARTY INTELLECTUAL PROPERTY RIGHTS. --MARVELL, ITS AFFILIATES AND THEIR SUPPLIERS DISCLAIM ANY WARRANTY THAT THE --DELIVERABLES WILL OPERATE WITHOUT INTERRUPTION OR BE ERROR-FREE. -diff --git a/LICENCE.mediatek b/LICENCE.mediatek -deleted file mode 100644 -index 6886c61..0000000 ---- a/LICENCE.mediatek -+++ /dev/null -@@ -1,9 +0,0 @@ --MediaTek Inc. grants permission to use and redistribute aforementioned firmware --files for the use with devices containing MediaTek chipsets, but not as part of --the Linux kernel or in any other form which would require these files themselves --to be covered by the terms of the GNU General Public License or the GNU Lesser --General Public License. -- --These firmware files are distributed in the hope that they will be useful, but --are provided WITHOUT ANY WARRANTY, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTY --OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. -diff --git a/LICENSE.sdma_firmware b/LICENSE.sdma_firmware -deleted file mode 100644 -index 0d3d562..0000000 ---- a/LICENSE.sdma_firmware -+++ /dev/null -@@ -1,47 +0,0 @@ --Copyright 2017, NXP --All rights reserved. -- --Redistribution. Reproduction and redistribution in binary form, without --modification, for use solely in conjunction with a NXP --chipset, is permitted provided that the following conditions are met: -- -- . Redistributions must reproduce the above copyright notice and the following -- disclaimer in the documentation and/or other materials provided with the -- distribution. -- -- . Neither the name of NXP nor the names of its suppliers -- may be used to endorse or promote products derived from this Software -- without specific prior written permission. -- -- . No reverse engineering, decompilation, or disassembly of this Software is -- permitted. -- --Limited patent license. NXP (.Licensor.) grants you --(.Licensee.) a limited, worldwide, royalty-free, non-exclusive license under --the Patents to make, have made, use, import, offer to sell and sell the --Software. No hardware per se is licensed hereunder. --The term .Patents. as used in this agreement means only those patents or patent --applications owned solely and exclusively by Licensor as of the date of --Licensor.s submission of the Software and any patents deriving priority (i.e., --having a first effective filing date) therefrom. The term .Software. as used in --this agreement means the firmware image submitted by Licensor, under the terms --of this license, to git://git.kernel.org/pub/scm/linux/kernel/git/firmware/ --linux-firmware.git. --Notwithstanding anything to the contrary herein, Licensor does not grant and --Licensee does not receive, by virtue of this agreement or the Licensor's --submission of any Software, any license or other rights under any patent or --patent application owned by any affiliate of Licensor or any other entity --(other than Licensor), whether expressly, impliedly, by virtue of estoppel or --exhaustion, or otherwise. -- --DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND --CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, --BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND --FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL --THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, --INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, --BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS --OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND --ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR --TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE --USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -diff --git a/WHENCE b/WHENCE -index 3bb6523..748a81e 100644 ---- a/WHENCE -+++ b/WHENCE -@@ -8,20 +8,6 @@ kernel. - - -------------------------------------------------------------------------- - --Driver: dsp56k - Atari DSP56k support -- --File: dsp56k/bootstrap.bin --Source: dsp56k/bootstrap.asm --Source: dsp56k/Makefile --Source: dsp56k/concat-bootstrap.pl -- --Licence: GPLv2 or later. See GPL-2 and GPL-3 for details. -- --DSP56001 assembler, buildable with a56 from --http://www.zdomain.com/a56.html -- ---------------------------------------------------------------------------- -- - Driver: cxgb4 - Chelsio Terminator 4/5/6 1/10/25/40/100G Ethernet adapter - - File: cxgb4/t4fw-1.14.4.0.bin -@@ -69,18 +55,6 @@ Found in hex form in kernel source. - - -------------------------------------------------------------------------- - --Driver: yam - YAM driver for AX.25 -- --File: yam/1200.bin --File: yam/9600.bin -- --Licence: -- * (C) F6FBB 1998 -- --Found in hex form in kernel source. -- ---------------------------------------------------------------------------- -- - Driver: bnx2x: Broadcom Everest - - File: bnx2x/bnx2x-e1-7.13.1.0.fw -@@ -561,132 +535,6 @@ Version: HuC API/APB ver 8.5.0 for Meteorlake - License: Redistributable. See LICENSE.i915 for details - -------------------------------------------------------------------------- - --Driver: mtk_scp - MediaTek SCP System Control Processing Driver -- --File: mediatek/mt8183/scp.img --Version: v2.0.13324 --File: mediatek/mt8186/scp.img --Version: v0.0.9 --File: mediatek/mt8192/scp.img --Version: v2.0.20536 --File: mediatek/mt8195/scp.img --Version: v2.0.11966 -- --Licence: Redistributable. See LICENCE.mediatek for details. -- ---------------------------------------------------------------------------- -- --Driver: imx-sdma - support for i.MX SDMA driver -- --File: imx/sdma/sdma-imx6q.bin --Version: 3.3 --File: imx/sdma/sdma-imx7d.bin --Version: 4.2 -- --Licence: Redistributable. See LICENSE.sdma_firmware for details -- ---------------------------------------------------------------------------- -- --Driver: mlxsw_spectrum - Mellanox Spectrum switch -- --File: mellanox/mlxsw_spectrum-13.1420.122.mfa2 --File: mellanox/mlxsw_spectrum-13.1530.152.mfa2 --File: mellanox/mlxsw_spectrum-13.1620.192.mfa2 --File: mellanox/mlxsw_spectrum-13.1702.6.mfa2 --File: mellanox/mlxsw_spectrum-13.1703.4.mfa2 --File: mellanox/mlxsw_spectrum-13.1910.622.mfa2 --File: mellanox/mlxsw_spectrum-13.2000.1122.mfa2 --File: mellanox/mlxsw_spectrum-13.2000.1886.mfa2 --File: mellanox/mlxsw_spectrum-13.2000.2308.mfa2 --File: mellanox/mlxsw_spectrum2-29.2000.2308.mfa2 --File: mellanox/mlxsw_spectrum-13.2000.2714.mfa2 --File: mellanox/mlxsw_spectrum2-29.2000.2714.mfa2 --File: mellanox/mlxsw_spectrum-13.2007.1168.mfa2 --File: mellanox/mlxsw_spectrum2-29.2007.1168.mfa2 --File: mellanox/mlxsw_spectrum3-30.2007.1168.mfa2 --File: mellanox/mlxsw_spectrum-13.2008.1036.mfa2 --File: mellanox/mlxsw_spectrum2-29.2008.1036.mfa2 --File: mellanox/mlxsw_spectrum3-30.2008.1036.mfa2 --File: mellanox/mlxsw_spectrum-13.2008.1310.mfa2 --File: mellanox/mlxsw_spectrum2-29.2008.1310.mfa2 --File: mellanox/mlxsw_spectrum3-30.2008.1310.mfa2 --File: mellanox/mlxsw_spectrum-13.2008.1312.mfa2 --File: mellanox/mlxsw_spectrum2-29.2008.1312.mfa2 --File: mellanox/mlxsw_spectrum3-30.2008.1312.mfa2 --File: mellanox/mlxsw_spectrum-13.2008.2018.mfa2 --File: mellanox/mlxsw_spectrum2-29.2008.2018.mfa2 --File: mellanox/mlxsw_spectrum3-30.2008.2018.mfa2 --File: mellanox/mlxsw_spectrum-13.2008.2304.mfa2 --File: mellanox/mlxsw_spectrum2-29.2008.2304.mfa2 --File: mellanox/mlxsw_spectrum3-30.2008.2304.mfa2 --File: mellanox/mlxsw_spectrum-13.2008.2406.mfa2 --File: mellanox/mlxsw_spectrum2-29.2008.2406.mfa2 --File: mellanox/mlxsw_spectrum3-30.2008.2406.mfa2 --File: mellanox/mlxsw_spectrum-13.2008.2438.mfa2 --File: mellanox/mlxsw_spectrum2-29.2008.2438.mfa2 --File: mellanox/mlxsw_spectrum3-30.2008.2438.mfa2 --File: mellanox/mlxsw_spectrum-13.2008.2946.mfa2 --File: mellanox/mlxsw_spectrum2-29.2008.2946.mfa2 --File: mellanox/mlxsw_spectrum3-30.2008.2946.mfa2 --File: mellanox/mlxsw_spectrum-13.2008.3326.mfa2 --File: mellanox/mlxsw_spectrum2-29.2008.3326.mfa2 --File: mellanox/mlxsw_spectrum3-30.2008.3326.mfa2 --File: mellanox/mlxsw_spectrum-13.2010.1006.mfa2 --File: mellanox/mlxsw_spectrum2-29.2010.1006.mfa2 --File: mellanox/mlxsw_spectrum3-30.2010.1006.mfa2 --File: mellanox/lc_ini_bundle_2010_1006.bin --File: mellanox/mlxsw_spectrum-13.2010.1232.mfa2 --File: mellanox/mlxsw_spectrum2-29.2010.1232.mfa2 --File: mellanox/mlxsw_spectrum3-30.2010.1232.mfa2 --File: mellanox/mlxsw_spectrum-13.2010.1406.mfa2 --File: mellanox/mlxsw_spectrum2-29.2010.1406.mfa2 --File: mellanox/mlxsw_spectrum3-30.2010.1406.mfa2 --File: mellanox/mlxsw_spectrum-13.2010.1502.mfa2 --File: mellanox/mlxsw_spectrum2-29.2010.1502.mfa2 --File: mellanox/mlxsw_spectrum3-30.2010.1502.mfa2 --File: mellanox/lc_ini_bundle_2010_1502.bin --File: mellanox/mlxsw_spectrum-13.2010.3020.mfa2 --File: mellanox/mlxsw_spectrum2-29.2010.3020.mfa2 --File: mellanox/mlxsw_spectrum3-30.2010.3020.mfa2 --File: mellanox/lc_ini_bundle_2010_3020.bin --File: mellanox/mlxsw_spectrum-13.2010.3146.mfa2 --File: mellanox/mlxsw_spectrum2-29.2010.3146.mfa2 --File: mellanox/mlxsw_spectrum3-30.2010.3146.mfa2 --File: mellanox/lc_ini_bundle_2010_3146.bin -- --Licence: -- Copyright (c) 2017-2020 Mellanox Technologies, Ltd. All rights reserved. -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions are met: -- -- 1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- 2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- 3. Neither the names of the copyright holders nor the names of its -- contributors may be used to endorse or promote products derived from -- this software without specific prior written permission. -- -- Alternatively, this software may be distributed under the terms of the -- GNU General Public License ("GPL") version 2 as published by the Free -- Software Foundation. -- -- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -- AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -- ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE -- LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -- CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -- POSSIBILITY OF SUCH DAMAGE. -- ---------------------------------------------------------------------------- -- - Driver: ice - Intel(R) Ethernet Connection E800 Series - - File: intel/ice/ddp/ice-1.3.30.0.pkg -@@ -700,15 +548,3 @@ File: intel/ice/ddp-wireless_edge/ice_wireless_edge-1.3.10.0.pkg - License: Redistributable. See LICENSE.ice_enhanced for details - - -------------------------------------------------------------------------- -- --Driver: prestera - Marvell driver for Prestera family ASIC devices -- --File: mrvl/prestera/mvsw_prestera_fw-v2.0.img --File: mrvl/prestera/mvsw_prestera_fw-v3.0.img --File: mrvl/prestera/mvsw_prestera_fw-v4.0.img --File: mrvl/prestera/mvsw_prestera_fw-v4.1.img --File: mrvl/prestera/mvsw_prestera_fw_arm64-v4.1.img -- --Licence: Redistributable. See LICENCE.Marvell for details. -- -------------------------------------------------- --- -2.40.1 - diff --git a/packages/linux-firmware/0010-linux-firmware-amd-ucode-Remove-amd-microcode.patch b/packages/linux-firmware/0010-linux-firmware-amd-ucode-Remove-amd-microcode.patch deleted file mode 100644 index d1082c148ef..00000000000 --- a/packages/linux-firmware/0010-linux-firmware-amd-ucode-Remove-amd-microcode.patch +++ /dev/null @@ -1,122 +0,0 @@ -From 820980a4ec6d39dcec84639fb4b7a80bb33f8a21 Mon Sep 17 00:00:00 2001 -From: Leonard Foerster -Date: Wed, 26 Jul 2023 11:28:35 +0000 -Subject: [PATCH] linux-firmware: amd-ucode: Remove amd microcode - -Bottlerocket ships AMD microcode as part of the kernel packages already. -There is no need to ship these microcode images twice. - -Signed-off-by: Leonard Foerster ---- - LICENSE.amd-ucode | 64 ----------------------------------------------- - WHENCE | 23 ----------------- - 2 files changed, 87 deletions(-) - delete mode 100644 LICENSE.amd-ucode - -diff --git a/LICENSE.amd-ucode b/LICENSE.amd-ucode -deleted file mode 100644 -index ea47c57..0000000 ---- a/LICENSE.amd-ucode -+++ /dev/null -@@ -1,64 +0,0 @@ --Copyright (C) 2010-2022 Advanced Micro Devices, Inc., All rights reserved. -- --Permission is hereby granted by Advanced Micro Devices, Inc. ("AMD"), --free of any license fees, to any person obtaining a copy of this --microcode in binary form (the "Software") ("You"), to install, --reproduce, copy and distribute copies of the Software and to permit --persons to whom the Software is provided to do the same, subject to --the following terms and conditions. Your use of any portion of the --Software shall constitute Your acceptance of the following terms and --conditions. If You do not agree to the following terms and conditions, --do not use, retain or redistribute any portion of the Software. -- --If You redistribute this Software, You must reproduce the above --copyright notice and this license with the Software. --Without specific, prior, written permission from AMD, You may not --reference AMD or AMD products in the promotion of any product derived --from or incorporating this Software in any manner that implies that --AMD endorses or has certified such product derived from or --incorporating this Software. -- --You may not reverse engineer, decompile, or disassemble this Software --or any portion thereof. -- --THE SOFTWARE IS PROVIDED "AS IS" WITHOUT ANY EXPRESS OR IMPLIED --WARRANTY OF ANY KIND, INCLUDING BUT NOT LIMITED TO WARRANTIES OF --MERCHANTABILITY, NONINFRINGEMENT, TITLE, FITNESS FOR ANY PARTICULAR --PURPOSE, OR WARRANTIES ARISING FROM CONDUCT, COURSE OF DEALING, OR --USAGE OF TRADE. IN NO EVENT SHALL AMD OR ITS LICENSORS BE LIABLE FOR --ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR --LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF DATA OR --INFORMATION) ARISING OUT OF AMD'S NEGLIGENCE, GROSS NEGLIGENCE, THE --USE OF OR INABILITY TO USE THE SOFTWARE, EVEN IF AMD HAS BEEN ADVISED --OF THE POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME JURISDICTIONS --PROHIBIT THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR --INCIDENTAL DAMAGES OR THE EXCLUSION OF IMPLIED WARRANTIES, THE ABOVE --LIMITATION MAY NOT APPLY TO YOU. -- --Without limiting the foregoing, the Software may implement third party --technologies for which You must obtain licenses from parties other --than AMD. You agree that AMD has not obtained or conveyed to You, and --that You shall be responsible for obtaining the rights to use and/or --distribute the applicable underlying intellectual property rights --related to the third party technologies. These third party --technologies are not licensed hereunder. -- --If You use the Software (in whole or in part), You shall adhere to all --applicable U.S., European, and other export laws, including but not --limited to the U.S. Export Administration Regulations ("EAR"), (15 --C.F.R. Sections 730 through 774), and E.U. Council Regulation (EC) No --1334/2000 of 22 June 2000. Further, pursuant to Section 740.6 of the --EAR, You hereby certify that, except pursuant to a license granted by --the United States Department of Commerce Bureau of Industry and --Security or as otherwise permitted pursuant to a License Exception --under the U.S. Export Administration Regulations ("EAR"), You will not --(1) export, re-export or release to a national of a country in Country --Groups D:1, E:1 or E:2 any restricted technology, software, or source --code You receive hereunder, or (2) export to Country Groups D:1, E:1 --or E:2 the direct product of such technology or software, if such --foreign produced direct product is subject to national security --controls as identified on the Commerce Control List (currently found --in Supplement 1 to Part 774 of EAR). For the most current Country --Group listings, or for additional information about the EAR or Your --obligations under those regulations, please refer to the U.S. Bureau --of Industry and Security?s website at ttp://www.bis.doc.gov/. -diff --git a/WHENCE b/WHENCE -index 748a81e..5c19692 100644 ---- a/WHENCE -+++ b/WHENCE -@@ -147,29 +147,6 @@ License: Redistributable. See LICENCE.myri10ge_firmware for details. - - -------------------------------------------------------------------------- - --Driver: microcode_amd - AMD CPU Microcode Update Driver for Linux -- --File: amd-ucode/microcode_amd.bin --Raw: amd-ucode/microcode_amd.bin --Version: 2013-07-10 --File: amd-ucode/microcode_amd_fam15h.bin --Raw: amd-ucode/microcode_amd_fam15h.bin --Version: 2018-05-24 --File: amd-ucode/microcode_amd_fam16h.bin --Raw: amd-ucode/microcode_amd_fam16h.bin --Version: 2014-10-28 --File: amd-ucode/microcode_amd_fam17h.bin --Raw: amd-ucode/microcode_amd_fam17h.bin --Version: 2023-04-13 --File: amd-ucode/microcode_amd_fam19h.bin --Raw: amd-ucode/microcode_amd_fam19h.bin --Version: 2023-01-31 --File: amd-ucode/README -- --License: Redistributable. See LICENSE.amd-ucode for details -- ---------------------------------------------------------------------------- -- - Driver: i915 -- Intel Integrated Graphics driver - - File: i915/skl_dmc_ver1_23.bin --- -2.40.1 - diff --git a/packages/linux-firmware/Cargo.toml b/packages/linux-firmware/Cargo.toml deleted file mode 100644 index 6cfbb6b027d..00000000000 --- a/packages/linux-firmware/Cargo.toml +++ /dev/null @@ -1,16 +0,0 @@ -[package] -name = "linux-firmware" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] -package-name = "linux-firmware" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -url = "https://www.kernel.org/pub/linux/kernel/firmware/linux-firmware-20230625.tar.xz" -sha512 = "0e48aa7f63495485426d37491c7cb61843165625bd47f912c5d83628c6de871759f1a78be3af3d651f7c396bd87dff07e21ba7afc47896c1c143106d5f16d351" diff --git a/packages/linux-firmware/latest-upstream-tags.sh b/packages/linux-firmware/latest-upstream-tags.sh deleted file mode 100755 index 3177af68a15..00000000000 --- a/packages/linux-firmware/latest-upstream-tags.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -echo "Latest upstream tag for linux-firmware:" -git ls-remote --tags --refs https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git | tail -1 diff --git a/packages/linux-firmware/linux-firmware.spec b/packages/linux-firmware/linux-firmware.spec deleted file mode 100644 index a70d43abc26..00000000000 --- a/packages/linux-firmware/linux-firmware.spec +++ /dev/null @@ -1,59 +0,0 @@ -%global debug_package %{nil} - -%global fwdir %{_cross_libdir}/firmware - -# Many of the firmware files have specialized binary formats that are not supported -# by the strip binary used in __spec_install_post macro. Work around build failures -# by skipping striping. -%global __strip /usr/bin/true - -Name: %{_cross_os}linux-firmware -Version: 20230625 -Release: 1%{?dist} -Summary: Firmware files used by the Linux kernel -# The following list of SPDX identifiers was constructed with help of scancode -# tooling and has turned up the following licenses for different drivers by -# checking the different LICENCE/LICENSE files and the licenses in WHENCE: -# * BSD-Source-Code - myri10ge -# * LicenseRef-scancode-chelsio-linux-firmware - cxgb4 -# * LicenseRef-scancode-qlogic-firmware - netxen_nic -# * LicenseRef-scancode-intel - i915, ice -# * LicenseRef-scancode-proprietary-license - bnx2x, qed -# * LicenseRef-scancode-free-unknown - tg3 -License: GPL-1.0-or-later AND GPL-2.0-or-later AND BSD-Source-Code AND LicenseRef-scancode-chelsio-linux-firmware AND LicenseRef-scancode-qlogic-firmware AND LicenseRef-scancode-intel AND LicenseRef-scancode-proprietary-license AND LicenseRef-scancode-free-unknown -URL: https://www.kernel.org/ - -Source0: https://www.kernel.org/pub/linux/kernel/firmware/linux-firmware-%{version}.tar.xz - -Patch0001: 0001-linux-firmware-snd-remove-firmware-for-snd-audio-dev.patch -Patch0002: 0002-linux-firmware-video-Remove-firmware-for-video-broad.patch -Patch0003: 0003-linux-firmware-bt-wifi-Remove-firmware-for-Bluetooth.patch -Patch0004: 0004-linux-firmware-scsi-Remove-firmware-for-SCSI-devices.patch -Patch0005: 0005-linux-firmware-usb-remove-firmware-for-USB-Serial-PC.patch -Patch0006: 0006-linux-firmware-ethernet-Remove-firmware-for-ethernet.patch -Patch0007: 0007-linux-firmware-Remove-firmware-for-Accelarator-devic.patch -Patch0008: 0008-linux-firmware-gpu-Remove-firmware-for-GPU-devices.patch -Patch0009: 0009-linux-firmware-various-Remove-firmware-for-various-d.patch -Patch0010: 0010-linux-firmware-amd-ucode-Remove-amd-microcode.patch - -%description -%{summary}. - -%prep -%autosetup -n linux-firmware-%{version} -p1 - -%build - -%install -mkdir -p %{buildroot}/%{fwdir} -mkdir -p %{buildroot}/%{fwdir}/updates - -# Use zstd compression for firmware files to reduce size on disk. This relies on -# kernel support through FW_LOADER_COMPRESS (and FW_LOADER_COMPRESS_ZSTD for kernels >=5.19) -make DESTDIR=%{buildroot}/ FIRMWAREDIR=%{fwdir} install-zst - -%files -%dir %{fwdir} -%{fwdir}/* -%license LICENCE.* LICENSE.* GPL* WHENCE -%{_cross_attribution_file} diff --git a/packages/login/Cargo.toml b/packages/login/Cargo.toml deleted file mode 100644 index 9ce0ce89bd6..00000000000 --- a/packages/login/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "login" -version = "0.0.1" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] - -[lib] -path = "../packages.rs" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -bash = { path = "../bash" } -systemd = { path = "../systemd" } diff --git a/packages/login/login b/packages/login/login deleted file mode 100755 index 7a8789a7c79..00000000000 --- a/packages/login/login +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -exec bash --login diff --git a/packages/login/login.spec b/packages/login/login.spec deleted file mode 100644 index 202cd4c60d2..00000000000 --- a/packages/login/login.spec +++ /dev/null @@ -1,32 +0,0 @@ -%global _cross_first_party 1 - -Name: %{_cross_os}login -Version: 0.0.1 -Release: 1%{?dist} -Summary: A login helper -License: Apache-2.0 OR MIT -URL: https://github.com/bottlerocket-os/bottlerocket -Source0: login -BuildRequires: %{_cross_os}glibc-devel -Requires: %{_cross_os}bash -Requires: %{_cross_os}systemd-console - -%description -%{summary}. - -%prep - -%build - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 %{S:0} %{buildroot}%{_cross_bindir}/login - -install -d %{buildroot}%{_cross_sbindir} -ln -s ../bin/login %{buildroot}%{_cross_sbindir}/sulogin - -%files -%{_cross_bindir}/login -%{_cross_sbindir}/sulogin - -%changelog diff --git a/packages/makedumpfile/0000-fix-strip-invocation-for-TARGET-env-variable.patch b/packages/makedumpfile/0000-fix-strip-invocation-for-TARGET-env-variable.patch deleted file mode 100644 index 8e63b5ca9d0..00000000000 --- a/packages/makedumpfile/0000-fix-strip-invocation-for-TARGET-env-variable.patch +++ /dev/null @@ -1,25 +0,0 @@ -From acedb0fbaabaef778380560b1524a3d4e3a459e8 Mon Sep 17 00:00:00 2001 -From: Arnaldo Garcia Rincon -Date: Thu, 27 May 2021 19:02:52 +0000 -Subject: [PATCH] fix strip invocation for TARGET env variable - ---- - Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile b/Makefile -index 6fa00bc..6c02afb 100644 ---- a/Makefile -+++ b/Makefile -@@ -17,7 +17,7 @@ CFLAGS_ARCH := $(CFLAGS_BASE) - HOST_ARCH := $(shell uname -m) - # Use TARGET as the target architecture if specified. - # Defaults to uname -m --ifeq ($(strip($TARGET)),) -+ifeq ($(strip $(TARGET)),) - TARGET := $(HOST_ARCH) - endif - --- -2.30.2 - diff --git a/packages/makedumpfile/0001-do-not-overlink-with-bzip2.patch b/packages/makedumpfile/0001-do-not-overlink-with-bzip2.patch deleted file mode 100644 index 737ddb353ae..00000000000 --- a/packages/makedumpfile/0001-do-not-overlink-with-bzip2.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 856f65f52d9e96655d6bb1b49047fc0b853780e4 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Sat, 4 May 2024 18:59:23 +0000 -Subject: [PATCH] do not overlink with bzip2 - -Signed-off-by: Ben Cressey ---- - Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile b/Makefile -index 0934f14..38172c1 100644 ---- a/Makefile -+++ b/Makefile -@@ -50,7 +50,7 @@ OBJ_PART=$(patsubst %.c,%.o,$(SRC_PART)) - SRC_ARCH = arch/arm.c arch/arm64.c arch/x86.c arch/x86_64.c arch/ia64.c arch/ppc64.c arch/s390x.c arch/ppc.c arch/sparc64.c arch/mips64.c arch/loongarch64.c arch/riscv64.c - OBJ_ARCH=$(patsubst %.c,%.o,$(SRC_ARCH)) - --LIBS = -ldw -lbz2 -ldl -lelf -lz -+LIBS = -ldw -ldl -lelf -lz - ifneq ($(LINKTYPE), dynamic) - LIBS := -static $(LIBS) -llzma - endif --- -2.44.0 - diff --git a/packages/makedumpfile/Cargo.toml b/packages/makedumpfile/Cargo.toml deleted file mode 100644 index b3cc86b2c32..00000000000 --- a/packages/makedumpfile/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "makedumpfile" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/makedumpfile/makedumpfile/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/makedumpfile/makedumpfile/archive/1.7.5/makedumpfile-1.7.5.tar.gz" -sha512 = "6bb84a87959d2aa530f952acacacc669e888b6a0ae5fe3c6c627647a0e2566a73f05c70ba7b2428f9c740bfe40a773792bb302039ab62c0fa646e148c69f7c6f" - -[build-dependencies] -glibc = { path = "../glibc" } -libelf = { path = "../libelf" } -libz = { path = "../libz" } diff --git a/packages/makedumpfile/makedumpfile.spec b/packages/makedumpfile/makedumpfile.spec deleted file mode 100644 index e594908e5d9..00000000000 --- a/packages/makedumpfile/makedumpfile.spec +++ /dev/null @@ -1,49 +0,0 @@ -Name: %{_cross_os}makedumpfile -Version: 1.7.5 -Release: 1%{?dist} -Summary: Tool to create dumps from kernel memory images -License: GPL-2.0-or-later AND GPL-2.0-only -URL: https://github.com/makedumpfile/makedumpfile -Source0: https://github.com/makedumpfile/makedumpfile/archive/%{version}/makedumpfile-%{version}.tar.gz - -# First party patches from 0 to 1000 -Patch0000: 0000-fix-strip-invocation-for-TARGET-env-variable.patch -Patch0001: 0001-do-not-overlink-with-bzip2.patch - -BuildRequires: %{_cross_os}libz-devel -BuildRequires: %{_cross_os}libelf-devel -BuildRequires: %{_cross_os}glibc-devel -Requires: %{_cross_os}libelf -Requires: %{_cross_os}libz - -%description -%{summary}. - -%prep -%autosetup -n makedumpfile-%{version} - -%global set_env \ -%set_cross_build_flags \\\ -export CC=%{_cross_target}-gcc \\\ -export DESTDIR=%{buildroot}%{_cross_rootdir} \\\ -export TARGET=%{_cross_arch} \\\ -export LINKTYPE="dynamic" \\\ -export USELZO="off" \\\ -export USESNAPPY="off" \\\ -%{nil} - -%build -%set_env -%make_build - -%install -%set_env -make install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_sbindir}/makedumpfile -%exclude %{_cross_mandir} -%exclude %{_cross_sbindir}/makedumpfile-R.pl -%exclude %{_cross_prefix}/share/makedumpfile diff --git a/packages/mdadm/0001-report-monitor-output-to-syslog.patch b/packages/mdadm/0001-report-monitor-output-to-syslog.patch deleted file mode 100644 index d2ca60a607f..00000000000 --- a/packages/mdadm/0001-report-monitor-output-to-syslog.patch +++ /dev/null @@ -1,39 +0,0 @@ -From a277a7b7d171dbc7cee691ee20a9990fec524581 Mon Sep 17 00:00:00 2001 -From: Todd Neal -Date: Fri, 7 Jun 2024 18:22:52 +0000 -Subject: [PATCH] report monitor output to syslog and remove env script - ---- - systemd/mdmonitor-oneshot.service | 3 +-- - systemd/mdmonitor.service | 3 +-- - 2 files changed, 2 insertions(+), 4 deletions(-) - -diff --git a/systemd/mdmonitor-oneshot.service b/systemd/mdmonitor-oneshot.service -index ba86b44..c54f080 100644 ---- a/systemd/mdmonitor-oneshot.service -+++ b/systemd/mdmonitor-oneshot.service -@@ -10,7 +10,6 @@ Description=Reminder for degraded MD arrays - Documentation=man:mdadm(8) - - [Service] --Environment=MDADM_MONITOR_ARGS=--scan -+Environment=MDADM_MONITOR_ARGS="--scan --syslog" - EnvironmentFile=-/run/sysconfig/mdadm --ExecStartPre=-/usr/lib/mdadm/mdadm_env.sh - ExecStart=BINDIR/mdadm --monitor --oneshot $MDADM_MONITOR_ARGS -diff --git a/systemd/mdmonitor.service b/systemd/mdmonitor.service -index 9c36478..fcf895b 100644 ---- a/systemd/mdmonitor.service -+++ b/systemd/mdmonitor.service -@@ -11,7 +11,6 @@ DefaultDependencies=no - Documentation=man:mdadm(8) - - [Service] --Environment= MDADM_MONITOR_ARGS=--scan -+Environment= MDADM_MONITOR_ARGS="--scan --syslog" - EnvironmentFile=-/run/sysconfig/mdadm --ExecStartPre=-/usr/lib/mdadm/mdadm_env.sh - ExecStart=BINDIR/mdadm --monitor $MDADM_MONITOR_ARGS --- -2.40.1 - diff --git a/packages/mdadm/Cargo.toml b/packages/mdadm/Cargo.toml deleted file mode 100644 index bb678b2ed36..00000000000 --- a/packages/mdadm/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "mdadm" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://cdn.kernel.org/pub/linux/utils/raid/mdadm/" - -[[package.metadata.build-package.external-files]] -url = "https://cdn.kernel.org/pub/linux/utils/raid/mdadm/mdadm-4.3.tar.xz" -sha512 = "e44977f2f80d2471cb313803a60c92dafe8282ac06bbbfd41ae90ca493c64a3da94db924538788d045fd7f0667333912dabedb0b070f9abf5c0540b32e0fa08f" - -[build-dependencies] -glibc = { path = "../glibc" } -systemd = { path = "../systemd" } diff --git a/packages/mdadm/mdadm-tmpfiles.conf b/packages/mdadm/mdadm-tmpfiles.conf deleted file mode 100644 index bb01ca5b181..00000000000 --- a/packages/mdadm/mdadm-tmpfiles.conf +++ /dev/null @@ -1,2 +0,0 @@ -d /var/run/mdadm 0700 root root - -Z /var/run/mdadm 0700 root root - diff --git a/packages/mdadm/mdadm.spec b/packages/mdadm/mdadm.spec deleted file mode 100644 index 139bdb7f13b..00000000000 --- a/packages/mdadm/mdadm.spec +++ /dev/null @@ -1,68 +0,0 @@ -Name: %{_cross_os}mdadm -Version: 4.3 -Release: 1%{?dist} -Summary: mdadm is used for controlling Linux md devices (aka RAID arrays) -License: GPL-2.0-only -URL: https://cdn.kernel.org/pub/linux/utils/raid/mdadm/ -Source0: https://cdn.kernel.org/pub/linux/utils/raid/mdadm/mdadm-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}systemd-devel - -Source100: mdadm-tmpfiles.conf -Patch100: 0001-report-monitor-output-to-syslog.patch - -%description -%{summary}. - -%global set_env \ -%set_cross_build_flags \\\ -export CC=%{_cross_target}-gcc \\\ -CXFLAGS="%{_cross_cflags} -DNO_COROSYNC -DNO_DLM" \ -%{nil} - -%prep -%autosetup -n mdadm-%{version} -p1 - -%build -%set_env -make LDFLAGS="%{_cross_ldflags}" - -%install -%set_env -make install-bin DESTDIR=%{buildroot}%{_cross_rootdir}/usr -make install-udev DESTDIR=%{buildroot} -make install-systemd DESTDIR= SYSTEMD_DIR=%{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:100} %{buildroot}%{_cross_tmpfilesdir}/mdadm.conf - -%files -%license COPYING -%{_cross_attribution_file} - -%{_cross_sbindir}/mdadm -%{_cross_sbindir}/mdmon - -%{_cross_tmpfilesdir}/mdadm.conf - -%{_cross_udevrulesdir}/01-md-raid-creating.rules -%{_cross_udevrulesdir}/63-md-raid-arrays.rules -%{_cross_udevrulesdir}/64-md-raid-assembly.rules -%{_cross_udevrulesdir}/69-md-clustered-confirm-device.rules - -%{_cross_unitdir}/mdadm-last-resort@.service -%{_cross_unitdir}/mdadm-last-resort@.timer -%{_cross_unitdir}/mdadm-grow-continue@.service -%{_cross_unitdir}/mdmon@.service -%{_cross_unitdir}/mdmonitor.service -%{_cross_unitdir}-shutdown/mdadm.shutdown - -# periodically runs an mdcheck bash script -%exclude %{_cross_unitdir}/mdcheck_continue.service -%exclude %{_cross_unitdir}/mdcheck_continue.timer -%exclude %{_cross_unitdir}/mdcheck_start.service -%exclude %{_cross_unitdir}/mdcheck_start.timer - -# no mail address or alert command, so no-ops -%exclude %{_cross_unitdir}/mdmonitor-oneshot.service -%exclude %{_cross_unitdir}/mdmonitor-oneshot.timer diff --git a/packages/microcode/Cargo.toml b/packages/microcode/Cargo.toml deleted file mode 100644 index f8469310d99..00000000000 --- a/packages/microcode/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "microcode" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -# Check the two upstream repositories for the latest releases - -[[package.metadata.build-package.external-files]] -url = "https://www.kernel.org/pub/linux/kernel/firmware/linux-firmware-20231111.tar.xz" -sha512 = "dd8eb7e8a51fe14479e2f4e1081a8a31f13d041ddd6180eaae6fe865dbad303c89aaaed2b9df237923f74f1cf9fe8c2e5492b4de5fce991ddb02bb091c95dc58" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/refs/tags/microcode-20231114.tar.gz" -sha512 = "a684444ef81e81687ff43b8255e95675eed1d728053bb1a483a60e94e2d2d43f10fc12522510b22daf90c4debd8f035e6b9a565813aa799c2e1e3a464124f59b" diff --git a/packages/microcode/latest-upstream-tags.sh b/packages/microcode/latest-upstream-tags.sh deleted file mode 100755 index 717c7ba823f..00000000000 --- a/packages/microcode/latest-upstream-tags.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -echo "Latest upstream tag for Intel ucode (microcode-ctl):" -git ls-remote --tags --refs https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files.git | tail -1 - -echo "Latest upstream tag for AMD ucode (linux-firmware):" -git ls-remote --tags --refs https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git | tail -1 diff --git a/packages/microcode/microcode.spec b/packages/microcode/microcode.spec deleted file mode 100644 index 697949dbd40..00000000000 --- a/packages/microcode/microcode.spec +++ /dev/null @@ -1,135 +0,0 @@ -# This is a wrapper package for binary-only microcode from Intel and AMD. -%global debug_package %{nil} - -# These are specific to the upstream source RPM, and will likely need to be -# updated for each new version. -%global amd_ucode_version 20231111 -%global intel_ucode_version 20231114 - -Name: %{_cross_os}microcode -Version: 0.0 -Release: 1%{?dist} -Summary: Microcode for AMD and Intel processors -License: LicenseRef-scancode-amd-linux-firmware-export AND LicenseRef-scancode-intel-mcu-2018 - -# Packaging AMD and Intel microcode together is specific to Bottlerocket, and -# RPM only allows one URL field per package, so this is about as accurate as we -# can be. The real upstream URLs for AMD and Intel microcode are given below in -# the subpackage definitions. -URL: https://github.com/bottlerocket-os/bottlerocket/tree/develop/packages/microcode - -Source0: https://www.kernel.org/pub/linux/kernel/firmware/linux-firmware-%{amd_ucode_version}.tar.xz -Source1: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/refs/tags/microcode-%{intel_ucode_version}.tar.gz - -# Lets us install "microcode" to pull in the AMD and Intel updates. -Requires: %{_cross_os}microcode-amd -Requires: %{_cross_os}microcode-intel - -%description -%{summary}. - -%package amd -Summary: Microcode for AMD processors -License: LicenseRef-scancode-amd-linux-firmware-export -URL: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/amd-ucode -Requires: %{_cross_os}microcode-amd-license - -%description amd -%{summary}. - -%package amd-license -Summary: License files for microcode for AMD processors -License: LicenseRef-scancode-amd-linux-firmware-export -URL: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/LICENSE.amd-ucode - -%description amd-license -%{summary}. - -%package intel -Summary: Microcode for Intel processors -License: LicenseRef-scancode-intel-mcu-2018 -URL: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files -Requires: %{_cross_os}microcode-intel-license - -%description intel -%{summary}. - -%package intel-license -Summary: License files for microcode for Intel processors -License: LicenseRef-scancode-intel-mcu-2018 -URL: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/blob/main/license - -%description intel-license -%{summary}. - -# Lets us install "microcode-licenses" for just the license files. -%package licenses -Summary: License files for microcode for AMD and Intel processors -License: LicenseRef-scancode-amd-linux-firmware-export AND LicenseRef-scancode-intel-mcu-2018 -URL: https://github.com/bottlerocket-os/bottlerocket/tree/develop/packages/microcode -Requires: %{_cross_os}microcode-amd-license -Requires: %{_cross_os}microcode-intel-license - -%description licenses -%{summary}. - -%prep -mkdir amd intel -tar -C amd --strip-components=1 -xof %{SOURCE0} -tar -C intel --strip-components=1 -xof %{SOURCE1} -# CVE-2023-20569 - "AMD Inception" -# This is adding new microcode for Zen3/Zen4 AMD cpus. The patch was taken -# directly from the linux-firmware repository, but has not been part of a -# release there, yet. -# Unfortunately the setup here with two separate sources being brought into -# separate directories and the patch only affecting one of the two is not conducive -# of using the standard way of applying git binary patches through `autosetup -S git ...` -# Hence we have to extract some of the parts from that macro to let the patch -# apply. -# -# As soon as we update to a release that includes this patch everything from here... -pushd amd -%global __scm git -%__scm_setup_git -%autopatch -p1 -popd -# ... to here can be dropped -cp {amd/,}LICENSE.amd-ucode -cp intel/intel-ucode-with-caveats/* intel/intel-ucode -cp intel/license LICENSE.intel-ucode - -# Create links to the SPDX identifiers we're using, so they're easier to match -# up with the license text. -ln -s LICENSE.intel-ucode LicenseRef-scancode-intel-mcu-2018 -ln -s LICENSE.amd-ucode LicenseRef-scancode-amd-linux-firmware-export - -%build - -%install -install -d %{buildroot}%{_cross_libdir}/firmware/{amd,intel}-ucode -install -p -m 0644 amd/amd-ucode/*.bin %{buildroot}%{_cross_libdir}/firmware/amd-ucode -install -p -m 0644 intel/intel-ucode/* %{buildroot}%{_cross_libdir}/firmware/intel-ucode - -%files - -%files amd -%dir %{_cross_libdir}/firmware -%dir %{_cross_libdir}/firmware/amd-ucode -%{_cross_libdir}/firmware/amd-ucode/microcode_amd*.bin - -%files amd-license -%license LICENSE.amd-ucode LicenseRef-scancode-amd-linux-firmware-export - -%files intel -%dir %{_cross_libdir}/firmware -%dir %{_cross_libdir}/firmware/intel-ucode -%{_cross_libdir}/firmware/intel-ucode/??-??-?? -%exclude %{_cross_libdir}/firmware/intel-ucode/??-??-??_DUPLICATE - -%files intel-license -%license LICENSE.intel-ucode LicenseRef-scancode-intel-mcu-2018 - -%files licenses -%{_cross_attribution_file} - -%changelog diff --git a/packages/netdog/00-resolved.conf b/packages/netdog/00-resolved.conf deleted file mode 100644 index 4671259eb3f..00000000000 --- a/packages/netdog/00-resolved.conf +++ /dev/null @@ -1,10 +0,0 @@ -[Resolve] -LLMNR=no -MulticastDNS=no -DNSSEC=no -DNSOverTLS=no -Cache=no-negative -CacheFromLocalhost=no -DNSStubListener=yes -ReadEtcHosts=yes -ResolveUnicastSingleLabel=no diff --git a/packages/netdog/Cargo.toml b/packages/netdog/Cargo.toml deleted file mode 100644 index 630dab1dd3c..00000000000 --- a/packages/netdog/Cargo.toml +++ /dev/null @@ -1,23 +0,0 @@ -[package] -name = "netdog" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -source-groups = [ - "netdog", - "dogtag", -] - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -[dependencies] -wicked = { path = "../wicked" } -systemd = { path = "../systemd" } diff --git a/packages/netdog/disable-udp-offload.service b/packages/netdog/disable-udp-offload.service deleted file mode 100644 index baeb768287f..00000000000 --- a/packages/netdog/disable-udp-offload.service +++ /dev/null @@ -1,20 +0,0 @@ -[Unit] -Description=Disables UDP offload -After=network-online.target -# Block manual interactions with this service -RefuseManualStart=true -RefuseManualStop=true -# This unit disables UDP offload for the default primary interface (eth0) in -# VMware. This avoids an issue with the VXLAN / Geneve tunnels used by Cilium, -# which affects the vmxnet3 driver in recent kernels. -ConditionVirtualization=vmware - -[Service] -Type=oneshot -ExecStart=/usr/sbin/ethtool -K eth0 tx-udp_tnl-segmentation off -ExecStart=/usr/sbin/ethtool -K eth0 tx-udp_tnl-csum-segmentation off -RemainAfterExit=true -StandardError=journal+console - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/netdog/generate-network-config.service b/packages/netdog/generate-network-config.service deleted file mode 100644 index 77110075e5c..00000000000 --- a/packages/netdog/generate-network-config.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=Generate network configuration -# Block manual interactions with this service, since it could leave the system in an -# unexpected state -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -ExecStart=/usr/bin/netdog generate-net-config -RemainAfterExit=true -StandardError=journal+console - -[Install] -RequiredBy=network-pre.target diff --git a/packages/netdog/netdog-tmpfiles.conf b/packages/netdog/netdog-tmpfiles.conf deleted file mode 100644 index be5cf57edfe..00000000000 --- a/packages/netdog/netdog-tmpfiles.conf +++ /dev/null @@ -1,2 +0,0 @@ -d /var/lib/netdog 0700 root root - -Z /var/lib/netdog 0700 root root - diff --git a/packages/netdog/netdog.spec b/packages/netdog/netdog.spec deleted file mode 100644 index 7db01863af5..00000000000 --- a/packages/netdog/netdog.spec +++ /dev/null @@ -1,123 +0,0 @@ -%global _cross_first_party 1 -%undefine _debugsource_packages - -Name: %{_cross_os}netdog -Version: 0.1.1 -Release: 0%{?dist} -Summary: Bottlerocket network configuration helper -License: Apache-2.0 OR MIT -URL: https://github.com/bottlerocket-os/bottlerocket - -Source0: netdog-tmpfiles.conf - -Source10: run-netdog.mount -Source11: write-network-status.service -Source12: generate-network-config.service -Source13: disable-udp-offload.service - -Source20: 00-resolved.conf - -BuildRequires: %{_cross_os}glibc-devel -Requires: %{_cross_os}hostname-reverse-dns -Requires: (%{_cross_os}hostname-imds if %{_cross_os}variant-platform(aws)) -Requires: (%{_cross_os}netdog-systemd-networkd if %{_cross_os}image-feature(systemd-networkd)) -Requires: (%{_cross_os}netdog-wicked if %{_cross_os}image-feature(no-systemd-networkd)) - -%description -%{summary}. - -%package systemd-networkd -Summary: Bottlerocket network configuration helper -Requires: %{name} -Requires: %{_cross_os}systemd-networkd -Requires: %{_cross_os}systemd-resolved -Conflicts: (%{_cross_os}netdog-wicked or %{_cross_os}image-feature(no-systemd-networkd)) -%description -n %{_cross_os}netdog-systemd-networkd -%{summary}. - -%package wicked -Summary: Bottlerocket network configuration helper -Requires: %{name} -Requires: %{_cross_os}wicked -Conflicts: (%{_cross_os}netdog-systemd-networkd or %{_cross_os}image-feature(systemd-networkd)) -%description -n %{_cross_os}netdog-wicked -%{summary}. - -%package -n %{_cross_os}hostname-reverse-dns -Summary: Reverse DNS Hostname detector -%description -n %{_cross_os}hostname-reverse-dns -%{summary} - -%package -n %{_cross_os}hostname-imds -Summary: IMDS Hostname detector -%description -n %{_cross_os}hostname-imds -%{summary} - -%prep -%setup -T -c -%cargo_prep - -%build -mkdir bin - -echo "** Build Dogtag Hostname Detectors" -%cargo_build --manifest-path %{_builddir}/sources/Cargo.toml \ - -p dogtag \ - --bins \ - --target-dir=${HOME}/.cache/dogtag - -echo "** Build Netdog Binaries" -%cargo_build --manifest-path %{_builddir}/sources/Cargo.toml \ - -p netdog \ - --features default \ - --target-dir=${HOME}/.cache/networkd -%cargo_build --manifest-path %{_builddir}/sources/Cargo.toml \ - -p netdog \ - --features wicked \ - --target-dir=${HOME}/.cache/wicked - -%install -install -d %{buildroot}%{_cross_libexecdir}/hostname-detectors -install -p -m 0755 ${HOME}/.cache/dogtag/%{__cargo_target}/release/20-imds %{buildroot}%{_cross_libexecdir}/hostname-detectors/20-imds -install -p -m 0755 ${HOME}/.cache/dogtag/%{__cargo_target}/release/10-reverse-dns %{buildroot}%{_cross_libexecdir}/hostname-detectors/10-reverse-dns - -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${HOME}/.cache/networkd/%{__cargo_target}/release/netdog %{buildroot}%{_cross_bindir}/netdog-systemd-networkd -install -p -m 0755 ${HOME}/.cache/wicked/%{__cargo_target}/release/netdog %{buildroot}%{_cross_bindir}/netdog-wicked - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:0} %{buildroot}%{_cross_tmpfilesdir}/netdog.conf - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:10} %{S:11} %{S:12} %{S:13} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_libdir} -install -d %{buildroot}%{_cross_libdir}/systemd/resolved.conf.d -install -p -m 0644 %{S:20} %{buildroot}%{_cross_libdir}/systemd/resolved.conf.d - -%post wicked -p -posix.symlink("netdog-wicked", "%{_cross_bindir}/netdog") - -%post systemd-networkd -p -posix.symlink("netdog-systemd-networkd", "%{_cross_bindir}/netdog") - -%files -%{_cross_tmpfilesdir}/netdog.conf -%{_cross_unitdir}/generate-network-config.service -%{_cross_unitdir}/disable-udp-offload.service -%{_cross_unitdir}/run-netdog.mount - -%files -n %{_cross_os}hostname-reverse-dns -%{_cross_libexecdir}/hostname-detectors/10-reverse-dns - -%files -n %{_cross_os}hostname-imds -%{_cross_libexecdir}/hostname-detectors/20-imds - -%files systemd-networkd -%{_cross_bindir}/netdog-systemd-networkd -%{_cross_unitdir}/write-network-status.service -%dir %{_cross_libdir}/systemd/resolved.conf.d -%{_cross_libdir}/systemd/resolved.conf.d/00-resolved.conf - -%files wicked -%{_cross_bindir}/netdog-wicked diff --git a/packages/netdog/run-netdog.mount b/packages/netdog/run-netdog.mount deleted file mode 100644 index ad287271099..00000000000 --- a/packages/netdog/run-netdog.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Ephemeral netdog configuration directory -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/run/netdog -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:lease_t:s0,mode=0755 - -[Install] -WantedBy=network-pre.target diff --git a/packages/netdog/write-network-status.service b/packages/netdog/write-network-status.service deleted file mode 100644 index 4f8745da8a2..00000000000 --- a/packages/netdog/write-network-status.service +++ /dev/null @@ -1,20 +0,0 @@ -[Unit] -Description=Write network status -# Block manual interactions with this service, since it could leave the system in an -# unexpected state -RefuseManualStart=true -RefuseManualStop=true -Before=early-boot-config.service -# This service creates a symlink to the resolv.conf systemd-resolved creates -# and we would like it to exist first -After=systemd-networkd-wait-online.service systemd-resolved.service -Wants=systemd-networkd-wait-online.service systemd-resolved.service - -[Service] -Type=oneshot -ExecStart=/usr/bin/netdog write-primary-interface-status -RemainAfterExit=true -StandardError=journal+console - -[Install] -WantedBy=network-online.target diff --git a/packages/nvidia-container-toolkit/Cargo.toml b/packages/nvidia-container-toolkit/Cargo.toml deleted file mode 100644 index f722c3c8d9a..00000000000 --- a/packages/nvidia-container-toolkit/Cargo.toml +++ /dev/null @@ -1,23 +0,0 @@ -[package] -name = "nvidia-container-toolkit" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/NVIDIA/nvidia-container-toolkit/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/NVIDIA/nvidia-container-toolkit/archive/v1.13.5/nvidia-container-toolkit-1.13.5.tar.gz" -sha512 = "7266e779abf27f2bc1b7c801e5eb4720b82be22bed3ec90171e4f5499b2bc7376f1369e4931d4db55edc8f5fd5e44d5e817eb258ec39bf55f16424fe725188d6" - -[build-dependencies] -glibc = { path = "../glibc" } -libnvidia-container = { path = "../libnvidia-container" } -# This package depends on `shimpei`, but it is built in the `os` package -# which is expected to be pulled in -# os = { path = "../os" } diff --git a/packages/nvidia-container-toolkit/nvidia-container-toolkit-config-ecs.toml b/packages/nvidia-container-toolkit/nvidia-container-toolkit-config-ecs.toml deleted file mode 100644 index b2f2501e604..00000000000 --- a/packages/nvidia-container-toolkit/nvidia-container-toolkit-config-ecs.toml +++ /dev/null @@ -1,5 +0,0 @@ -[nvidia-container-cli] -root = "/" -path = "/usr/bin/nvidia-container-cli" -environment = [] -ldconfig = "@/sbin/ldconfig" diff --git a/packages/nvidia-container-toolkit/nvidia-container-toolkit-config-k8s.toml b/packages/nvidia-container-toolkit/nvidia-container-toolkit-config-k8s.toml deleted file mode 100644 index 9ef532c8962..00000000000 --- a/packages/nvidia-container-toolkit/nvidia-container-toolkit-config-k8s.toml +++ /dev/null @@ -1,8 +0,0 @@ -accept-nvidia-visible-devices-as-volume-mounts = true -accept-nvidia-visible-devices-envvar-when-unprivileged = false - -[nvidia-container-cli] -root = "/" -path = "/usr/bin/nvidia-container-cli" -environment = [] -ldconfig = "@/sbin/ldconfig" diff --git a/packages/nvidia-container-toolkit/nvidia-container-toolkit-tmpfiles-ecs.conf b/packages/nvidia-container-toolkit/nvidia-container-toolkit-tmpfiles-ecs.conf deleted file mode 100644 index 472f348fa86..00000000000 --- a/packages/nvidia-container-toolkit/nvidia-container-toolkit-tmpfiles-ecs.conf +++ /dev/null @@ -1 +0,0 @@ -C /etc/nvidia-container-runtime/config.toml - - - - /usr/share/factory/nvidia-container-runtime/nvidia-container-toolkit-config-ecs.toml diff --git a/packages/nvidia-container-toolkit/nvidia-container-toolkit-tmpfiles-k8s.conf b/packages/nvidia-container-toolkit/nvidia-container-toolkit-tmpfiles-k8s.conf deleted file mode 100644 index 011192e391b..00000000000 --- a/packages/nvidia-container-toolkit/nvidia-container-toolkit-tmpfiles-k8s.conf +++ /dev/null @@ -1 +0,0 @@ -C /etc/nvidia-container-runtime/config.toml - - - - /usr/share/factory/nvidia-container-runtime/nvidia-container-toolkit-config-k8s.toml diff --git a/packages/nvidia-container-toolkit/nvidia-container-toolkit.spec b/packages/nvidia-container-toolkit/nvidia-container-toolkit.spec deleted file mode 100644 index 93412ba7757..00000000000 --- a/packages/nvidia-container-toolkit/nvidia-container-toolkit.spec +++ /dev/null @@ -1,86 +0,0 @@ -%global goproject github.com/NVIDIA -%global gorepo nvidia-container-toolkit -%global goimport %{goproject}/%{gorepo} - -%global gover 1.13.5 -%global rpmver %{gover} - -Name: %{_cross_os}nvidia-container-toolkit -Version: %{rpmver} -Release: 1%{?dist} -Summary: Tool to build and run GPU accelerated containers -License: Apache-2.0 -URL: https://%{goimport} - -Source0: https://%{goimport}/archive/v%{gover}/nvidia-container-toolkit-%{gover}.tar.gz -Source1: nvidia-container-toolkit-config-k8s.toml -Source2: nvidia-container-toolkit-config-ecs.toml -Source3: nvidia-oci-hooks-json -Source4: nvidia-gpu-devices.rules -Source5: nvidia-container-toolkit-tmpfiles-ecs.conf -Source6: nvidia-container-toolkit-tmpfiles-k8s.conf - -BuildRequires: %{_cross_os}glibc-devel -Requires: %{_cross_os}libnvidia-container -Requires: %{_cross_os}shimpei - -%description -%{summary}. - -%package ecs -Summary: Files specific for the ECS variants -Requires: %{name} -Conflicts: %{name}-k8s - -%description ecs -%{summary}. - -%package k8s -Summary: Files specific for the Kubernetes variants -Requires: %{name} -Conflicts: %{name}-ecs - -%description k8s -%{summary}. - -%prep -%autosetup -n %{gorepo}-%{gover} -p1 -%cross_go_setup %{gorepo}-%{gover} %{goproject} %{goimport} - -%build -%cross_go_configure %{goimport} -go build -ldflags="${GOLDFLAGS}" -o nvidia-container-runtime-hook ./cmd/nvidia-container-runtime-hook -go build -ldflags="${GOLDFLAGS}" -o nvidia-ctk ./cmd/nvidia-ctk - -%install -install -d %{buildroot}%{_cross_bindir} -install -d %{buildroot}%{_cross_tmpfilesdir} -install -d %{buildroot}%{_cross_templatedir} -install -d %{buildroot}%{_cross_udevrulesdir} -install -d %{buildroot}%{_cross_datadir}/nvidia-container-toolkit -install -d %{buildroot}%{_cross_factorydir}/nvidia-container-runtime -install -p -m 0755 nvidia-container-runtime-hook %{buildroot}%{_cross_bindir}/ -install -p -m 0755 nvidia-ctk %{buildroot}%{_cross_bindir}/ -install -m 0644 %{S:1} %{S:2} %{buildroot}%{_cross_factorydir}/nvidia-container-runtime/ -install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/nvidia-oci-hooks-json -install -p -m 0644 %{S:4} %{buildroot}%{_cross_udevrulesdir}/90-nvidia-gpu-devices.rules -install -m 0644 %{S:5} %{buildroot}%{_cross_tmpfilesdir}/nvidia-container-toolkit-ecs.conf -install -m 0644 %{S:6} %{buildroot}%{_cross_tmpfilesdir}/nvidia-container-toolkit-k8s.conf -ln -s shimpei %{buildroot}%{_cross_bindir}/nvidia-oci - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_bindir}/nvidia-container-runtime-hook -%{_cross_bindir}/nvidia-ctk -%{_cross_bindir}/nvidia-oci -%{_cross_templatedir}/nvidia-oci-hooks-json -%{_cross_udevrulesdir}/90-nvidia-gpu-devices.rules - -%files ecs -%{_cross_factorydir}/nvidia-container-runtime/nvidia-container-toolkit-config-ecs.toml -%{_cross_tmpfilesdir}/nvidia-container-toolkit-ecs.conf - -%files k8s -%{_cross_factorydir}/nvidia-container-runtime/nvidia-container-toolkit-config-k8s.toml -%{_cross_tmpfilesdir}/nvidia-container-toolkit-k8s.conf diff --git a/packages/nvidia-container-toolkit/nvidia-gpu-devices.rules b/packages/nvidia-container-toolkit/nvidia-gpu-devices.rules deleted file mode 100644 index 4d2c80104b5..00000000000 --- a/packages/nvidia-container-toolkit/nvidia-gpu-devices.rules +++ /dev/null @@ -1,2 +0,0 @@ -# This will create /dev/char symlinks to all device nodes -ACTION=="add", DEVPATH=="/bus/pci/drivers/nvidia", RUN+="/usr/bin/nvidia-ctk system create-dev-char-symlinks --create-all" diff --git a/packages/nvidia-container-toolkit/nvidia-oci-hooks-json b/packages/nvidia-container-toolkit/nvidia-oci-hooks-json deleted file mode 100644 index fad6e2c605f..00000000000 --- a/packages/nvidia-container-toolkit/nvidia-oci-hooks-json +++ /dev/null @@ -1,13 +0,0 @@ -+++ -{ - "hooks": { - "prestart": [ - { - "path": "/usr/bin/nvidia-container-runtime-hook", - "args": ["nvidia-container-runtime-hook", "prestart"] - } - ], - "poststart": [ - ] - } -} diff --git a/packages/nvidia-k8s-device-plugin/Cargo.toml b/packages/nvidia-k8s-device-plugin/Cargo.toml deleted file mode 100644 index 3a683c9be58..00000000000 --- a/packages/nvidia-k8s-device-plugin/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "nvidia-k8s-device-plugin" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/NVIDIA/k8s-device-plugin/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/NVIDIA/k8s-device-plugin/archive/v0.14.4/v0.14.4.tar.gz" -path = "k8s-device-plugin-0.14.4.tar.gz" -sha512 = "055439c2aac797b2d594846d9fb572f2f46ad5caeb9f44107a2fc05211904823c01a8fd8a2329c13a47ef440fd017086067f7ec55d482970cdbc1663b36d714c" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/nvidia-k8s-device-plugin/nvidia-k8s-device-plugin.service b/packages/nvidia-k8s-device-plugin/nvidia-k8s-device-plugin.service deleted file mode 100644 index b11778aecb4..00000000000 --- a/packages/nvidia-k8s-device-plugin/nvidia-k8s-device-plugin.service +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Start NVIDIA kubernetes device plugin -RefuseManualStart=true -RefuseManualStop=true -After=kubelet.service -Wants=kubelet.service - -[Service] -ExecStart=/usr/bin/nvidia-device-plugin --device-list-strategy volume-mounts --device-id-strategy index --pass-device-specs=true -Type=simple -TimeoutSec=0 -RestartSec=2 -Restart=always -StandardError=journal+console - -[Install] -WantedBy=multi-user.target diff --git a/packages/nvidia-k8s-device-plugin/nvidia-k8s-device-plugin.spec b/packages/nvidia-k8s-device-plugin/nvidia-k8s-device-plugin.spec deleted file mode 100644 index 313ca74ab56..00000000000 --- a/packages/nvidia-k8s-device-plugin/nvidia-k8s-device-plugin.spec +++ /dev/null @@ -1,74 +0,0 @@ -%global goproject github.com/NVIDIA -%global gorepo k8s-device-plugin -%global goimport %{goproject}/%{gorepo} - -%global gover 0.14.4 -%global rpmver %{gover} - -Name: %{_cross_os}nvidia-k8s-device-plugin -Version: %{rpmver} -Release: 1%{?dist} -Summary: Kubernetes device plugin for NVIDIA GPUs -License: Apache-2.0 -URL: https://github.com/NVIDIA/k8s-device-plugin -Source0: https://%{goimport}/archive/v%{gover}/v%{gover}.tar.gz#/k8s-device-plugin-%{gover}.tar.gz -Source1: nvidia-k8s-device-plugin.service - -BuildRequires: %{_cross_os}glibc-devel -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Kubernetes device plugin for NVIDIA GPUs binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Kubernetes device plugin for NVIDIA GPUs binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%autosetup -n %{gorepo}-%{gover} -p1 -%cross_go_setup %{gorepo}-%{gover} %{goproject} %{goimport} - -%build -%cross_go_configure %{goimport} -# We don't set `-Wl,-z,now`, because the binary uses lazy loading -# to load the NVIDIA libraries in the host -export CGO_LDFLAGS="-Wl,-z,relro -Wl,--export-dynamic" -export GOLDFLAGS="-compressdwarf=false -linkmode=external -extldflags '${CGO_LDFLAGS}'" - -go build -ldflags="${GOLDFLAGS}" -o nvidia-device-plugin ./cmd/nvidia-device-plugin/ -gofips build -ldflags="${GOLDFLAGS}" -o fips/nvidia-device-plugin ./cmd/nvidia-device-plugin/ - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 nvidia-device-plugin %{buildroot}%{_cross_bindir} - -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 fips/nvidia-device-plugin %{buildroot}%{_cross_fips_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{buildroot}%{_cross_unitdir} - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_unitdir}/nvidia-k8s-device-plugin.service - -%files bin -%{_cross_bindir}/nvidia-device-plugin - -%files fips-bin -%{_cross_fips_bindir}/nvidia-device-plugin diff --git a/packages/nvme-cli/Cargo.toml b/packages/nvme-cli/Cargo.toml deleted file mode 100644 index 82af2c6cf1f..00000000000 --- a/packages/nvme-cli/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "nvme-cli" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/linux-nvme/nvme-cli/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/linux-nvme/nvme-cli/archive/v2.9.1/nvme-cli-2.9.1.tar.gz" -sha512 = "c9c86e7567c2d4c59aff1eb9d18f4775923db3c81a89c628b819121c32150d4bc2d65d0dacac764c64594369890b380d0fd06bc7c1f83f4a7f3e71a51a6fee24" - -[build-dependencies] -glibc = { path = "../glibc" } -libnvme = { path = "../libnvme" } diff --git a/packages/nvme-cli/nvme-cli.spec b/packages/nvme-cli/nvme-cli.spec deleted file mode 100644 index 9557973eb1d..00000000000 --- a/packages/nvme-cli/nvme-cli.spec +++ /dev/null @@ -1,45 +0,0 @@ -Name: %{_cross_os}nvme-cli -Version: 2.9.1 -Release: 1%{?dist} -Summary: CLI to interact with NVMe devices -License: LGPL-2.1-only AND GPL-2.0-only AND CC0-1.0 AND MIT -URL: https://github.com/linux-nvme/nvme-cli -Source0: https://github.com/linux-nvme/nvme-cli/archive/v%{version}/nvme-cli-%{version}.tar.gz - -BuildRequires: meson -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libnvme-devel -Requires: %{_cross_os}libnvme - -%description -%{summary}. - -%prep -%autosetup -n nvme-cli-%{version} -p1 - -%build -CONFIGURE_OPTS=( - -Ddocs=false - -Ddocs-build=false - -Djson-c=disabled -) - -%cross_meson "${CONFIGURE_OPTS[@]}" -%cross_meson_build - -%install -%cross_meson_install -# This is an empty configuration file with comments with examples of how to -# configure the systemd services -rm %{buildroot}%{_sysconfdir}/nvme/discovery.conf - -%files -%license LICENSE ccan/licenses/LGPL-2.1 ccan/licenses/BSD-MIT ccan/licenses/CC0 -%{_cross_attribution_file} -%{_cross_sbindir}/nvme -%exclude %{_cross_udevrulesdir} -%exclude %{_cross_unitdir} -%exclude %{_cross_datadir} -%exclude %{_cross_prefix}/lib/dracut - -%changelog diff --git a/packages/oci-add-hooks/Cargo.toml b/packages/oci-add-hooks/Cargo.toml deleted file mode 100644 index 347eab6ca59..00000000000 --- a/packages/oci-add-hooks/Cargo.toml +++ /dev/null @@ -1,17 +0,0 @@ -[package] -name = "oci-add-hooks" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/awslabs/oci-add-hooks/archive/ef29fe312d2e1858d5eb28ab0abe0cbee298a165/oci-add-hooks-ef29fe3.tar.gz" -sha512 = "018b561f838172e768a70acdeb2c27939f931391ced019a23c5193eee6b8970bc02a3e5fa05917010ca2064d1876649ef139d7657700c42a3ddd6e2c174f27dc" -bundle-modules = [ "go" ] - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/oci-add-hooks/oci-add-hooks.spec b/packages/oci-add-hooks/oci-add-hooks.spec deleted file mode 100644 index 1fbc8fc3481..00000000000 --- a/packages/oci-add-hooks/oci-add-hooks.spec +++ /dev/null @@ -1,40 +0,0 @@ -%global goproject github.com/awslabs -%global gorepo oci-add-hooks -%global goimport %{goproject}/%{gorepo} - -%global gitrev ef29fe312d2e1858d5eb28ab0abe0cbee298a165 -%global shortrev %(c=%{gitrev}; echo ${c:0:7}) - -Name: %{_cross_os}oci-add-hooks -Version: 1.0.0 -Release: 1%{?dist} -Summary: OCI runtime wrapper that injects OCI hooks -License: Apache-2.0 AND MIT -URL: https://github.com/awslabs/oci-add-hooks -Source0: %{gorepo}-%{shortrev}.tar.gz -Source1: bundled-%{gorepo}-%{shortrev}.tar.gz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%prep -%setup -n %{gorepo}-%{gitrev} -%setup -T -D -n %{gorepo}-%{gitrev} -b 1 - -%build -%set_cross_go_flags -export LD_VERSION="-X main.commit=oci-add-hooks-%{gitrev}" -go build -ldflags="${GOLDFLAGS} ${LD_VERSION}" -o oci-add-hooks - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 oci-add-hooks %{buildroot}%{_cross_bindir} - -%cross_scan_attribution go-vendor vendor - -%files -%license LICENSE NOTICE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_bindir}/oci-add-hooks diff --git a/packages/open-vm-tools/0001-no_cflags_werror.patch b/packages/open-vm-tools/0001-no_cflags_werror.patch deleted file mode 100644 index 3378cb8e7dd..00000000000 --- a/packages/open-vm-tools/0001-no_cflags_werror.patch +++ /dev/null @@ -1,18 +0,0 @@ -configure.ac: disable -Werror - -Disable the mandatory flag -Werror in configure.ac. - -Signed-off-by: Karoly Kasza - ---- open-vm-tools/configure.ac 2015-06-17 10:02:00.000000000 +0200 -+++ open-vm-tools/configure.ac 2015-06-17 10:02:00.000000000 +0200 -@@ -935,7 +935,7 @@ - - ### General flags / actions - CFLAGS="$CFLAGS -Wall" --CFLAGS="$CFLAGS -Werror" -+# CFLAGS="$CFLAGS -Werror" - - # -Wno-unknown-pragmas is due to gcc not understanding '#pragma ident' - # in Xlib.h on OpenSolaris. - diff --git a/packages/open-vm-tools/0002-dont-force-cppflags.patch b/packages/open-vm-tools/0002-dont-force-cppflags.patch deleted file mode 100644 index eb2fe16ba9d..00000000000 --- a/packages/open-vm-tools/0002-dont-force-cppflags.patch +++ /dev/null @@ -1,21 +0,0 @@ -m4: do not force -I/usr/include in CPPFLAGS - -This is so horribly broken for cross-compilation. :-( - -Signed-off-by: "Yann E. MORIN" - ---- open-vm-tools/m4/vmtools.m4 2015-06-17 10:03:00.000000000 +0200 -+++ open-vm-tools/m4/vmtools.m4 2015-06-17 10:03:00.000000000 +0200 -@@ -281,10 +281,10 @@ - if test "$os" = freebsd; then - CUSTOM_$1_CPPFLAGS="-I/usr/local/include" - else -- CUSTOM_$1_CPPFLAGS="-I/usr/include" -+ CUSTOM_$1_CPPFLAGS=" " - fi - if test -n "$2"; then -- CUSTOM_$1_CPPFLAGS="${CUSTOM_$1_CPPFLAGS}/$2" -+ : CUSTOM_$1_CPPFLAGS="${CUSTOM_$1_CPPFLAGS}/$2" - fi - fi - ]) diff --git a/packages/open-vm-tools/0003-Update-shutdown-code-to-work-for-Bottlerocket.patch b/packages/open-vm-tools/0003-Update-shutdown-code-to-work-for-Bottlerocket.patch deleted file mode 100644 index 9e83a908966..00000000000 --- a/packages/open-vm-tools/0003-Update-shutdown-code-to-work-for-Bottlerocket.patch +++ /dev/null @@ -1,76 +0,0 @@ -From f3ae441a5ff9d27a3dd8223d55a7367ae519a0c8 Mon Sep 17 00:00:00 2001 -From: Matthew Yeazel -Date: Wed, 7 Jun 2023 13:34:49 -0700 -Subject: [PATCH] Update shutdown code to work for Bottlerocket - -Bottlerocket doesn't have /bin/sh which makes the call system() fail -with an unexpected error code. This results in the guest shutdown and -reboot calls via vmtoolsd returning as if the request was successful but -the call actually failed completely. This commit replaces the current -call to system() with g_spawn_sync() which should be a drop in -replacement for system(). - -Signed-off-by: Matthew Yeazel ---- - lib/system/Makefile.am | 3 +++ - lib/system/systemLinux.c | 14 +++++++++++++- - 2 files changed, 16 insertions(+), 1 deletion(-) - -diff --git a/lib/system/Makefile.am b/lib/system/Makefile.am -index 52b1a1dd..d2613c43 100644 ---- a/lib/system/Makefile.am -+++ b/lib/system/Makefile.am -@@ -17,5 +17,8 @@ - - noinst_LTLIBRARIES = libSystem.la - -+libSystem_la_CPPFLAGS = -+libSystem_la_CPPFLAGS += @GLIB2_CPPFLAGS@ -+ - libSystem_la_SOURCES = - libSystem_la_SOURCES += systemLinux.c -diff --git a/lib/system/systemLinux.c b/lib/system/systemLinux.c -index a688ab25..d24e2c4c 100644 ---- a/lib/system/systemLinux.c -+++ b/lib/system/systemLinux.c -@@ -54,6 +54,7 @@ - #include - #include - #include -+#include - - #if defined sun || defined __APPLE__ - # include -@@ -305,6 +306,8 @@ void - System_Shutdown(Bool reboot) // IN: "reboot or shutdown" flag - { - char *cmd; -+ int exit_status = 0; -+ Bool success; - - if (reboot) { - #if defined(sun) -@@ -325,10 +328,19 @@ System_Shutdown(Bool reboot) // IN: "reboot or shutdown" flag - cmd = "/sbin/shutdown -h now"; - #endif - } -- if (system(cmd) == -1) { -+ -+ success = g_spawn_command_line_sync(cmd, -+ NULL, -+ NULL, -+ &exit_status, -+ NULL); -+ if (!success) { - fprintf(stderr, "Unable to execute %s command: \"%s\"\n", - reboot ? "reboot" : "shutdown", cmd); - } -+ if ((success) && exit_status != 0) { -+ fprintf(stderr, "Command %s failed with exit %d\n", cmd, exit_status); -+ } - } - - --- -2.37.1 (Apple Git-137.1) - diff --git a/packages/open-vm-tools/Cargo.toml b/packages/open-vm-tools/Cargo.toml deleted file mode 100644 index a264458393e..00000000000 --- a/packages/open-vm-tools/Cargo.toml +++ /dev/null @@ -1,22 +0,0 @@ -[package] -name = "open-vm-tools" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/vmware/open-vm-tools/releases/" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/vmware/open-vm-tools/releases/download/stable-12.3.5/open-vm-tools-12.3.5-22544099.tar.gz" -sha512 = "7a81d929ea4871b8af0af0fa3dc62a821ac4286235255103f1bcf014e3b04b5bbbfa178a9328a16d67cfd595c4ce726dc9e195adbe21ec5c68a4d1abb1561ff6" - -[build-dependencies] -glibc = { path = "../glibc" } -libglib = { path = "../libglib" } -libtirpc = { path = "../libtirpc" } -libxcrypt = { path = "../libxcrypt" } diff --git a/packages/open-vm-tools/open-vm-tools-tmpfiles.conf b/packages/open-vm-tools/open-vm-tools-tmpfiles.conf deleted file mode 100644 index 9f5cb959b04..00000000000 --- a/packages/open-vm-tools/open-vm-tools-tmpfiles.conf +++ /dev/null @@ -1 +0,0 @@ -C /etc/vmware-tools/tools.conf - - - - diff --git a/packages/open-vm-tools/open-vm-tools.spec b/packages/open-vm-tools/open-vm-tools.spec deleted file mode 100644 index 26dfbf62667..00000000000 --- a/packages/open-vm-tools/open-vm-tools.spec +++ /dev/null @@ -1,118 +0,0 @@ -%global buildver 22544099 - -Name: %{_cross_os}open-vm-tools -Version: 12.3.5 -Release: 1%{?dist} -Summary: Tools for VMware -License: LGPL-2.1-or-later -URL: https://github.com/vmware/open-vm-tools -Source0: https://github.com/vmware/open-vm-tools/releases/download/stable-%{version}/open-vm-tools-%{version}-%{buildver}.tar.gz -Source1: vmtoolsd.service -Source2: tools.conf -Source3: open-vm-tools-tmpfiles.conf -Patch0001: 0001-no_cflags_werror.patch -Patch0002: 0002-dont-force-cppflags.patch -Patch0003: 0003-Update-shutdown-code-to-work-for-Bottlerocket.patch -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libglib-devel -BuildRequires: %{_cross_os}libtirpc-devel -BuildRequires: %{_cross_os}libxcrypt-devel -Requires: %{_cross_os}libglib -Requires: %{_cross_os}libtirpc -Requires: %{_cross_os}libxcrypt - -%description -%{summary}. - -%package devel -Summary: Files for development using the tools for VMware -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n open-vm-tools-%{version}-%{buildver} -p1 - -%build -autoreconf -fi -%cross_configure \ - --disable-deploypkg \ - --disable-docs \ - --disable-libappmonitor \ - --disable-multimon \ - --disable-resolutionkms \ - --disable-servicediscovery \ - --disable-tests \ - --disable-vgauth \ - --disable-containerinfo \ - --with-tirpc \ - --with-udev-rules-dir=%{_cross_udevrulesdir} \ - --without-dnet \ - --without-gtk2 \ - --without-gtk3 \ - --without-gtkmm \ - --without-gtkmm3 \ - --without-icu \ - --without-kernel-modules \ - --without-pam \ - --without-ssl \ - --without-x \ - --without-xerces \ - --without-xml2 \ - --without-xmlsec1 \ - --without-xmlsecurity \ - -%force_disable_rpath - -%make_build - -%install -%make_install - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{buildroot}%{_cross_unitdir}/vmtoolsd.service - -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/vmware-tools -install -p -m 0644 %{S:2} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/vmware-tools - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:3} %{buildroot}%{_cross_tmpfilesdir}/open-vm-tools.conf - -find %{buildroot} -name '*.la' -delete - -%files -%license COPYING LICENSE -%{_cross_attribution_file} -%{_cross_bindir}/vmtoolsd -%{_cross_bindir}/vmware-toolbox-cmd -%{_cross_unitdir}/vmtoolsd.service -%dir %{_cross_factorydir}%{_cross_sysconfdir}/vmware-tools -%{_cross_factorydir}%{_cross_sysconfdir}/vmware-tools/tools.conf -%{_cross_tmpfilesdir}/open-vm-tools.conf - -%{_cross_libdir}/*.so.* -%dir %{_cross_libdir}/open-vm-tools -%{_cross_libdir}/open-vm-tools/* -%dir %{_cross_datadir}/open-vm-tools -%{_cross_datadir}/open-vm-tools/* - -%exclude %{_cross_bindir}/vmware-checkvm -%exclude %{_cross_bindir}/vmware-namespace-cmd -%exclude %{_cross_bindir}/vmware-rpctool -%exclude %{_cross_bindir}/vmware-xferlogs -%exclude %{_cross_bindir}/vmware-hgfsclient -%exclude %{_cross_sysconfdir} -%exclude %{_cross_udevrulesdir} - -%exclude %{_bindir} -%exclude /sbin - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/vmGuestLib -%{_cross_includedir}/vmGuestLib/* -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/open-vm-tools/tools.conf b/packages/open-vm-tools/tools.conf deleted file mode 100644 index d176bb23ca6..00000000000 --- a/packages/open-vm-tools/tools.conf +++ /dev/null @@ -1,9 +0,0 @@ -[powerops] -poweron-script=/usr/bin/true -poweroff-script=/usr/bin/true -resume-script=/usr/bin/true -suspend-script=/usr/bin/true - -[guestinfo] -primary-nics=eth0 -exclude-nics=antrea-*,cali*,cilium*,lxc*,ovs-system,br*,flannel*,veth*,docker*,virbr*,vxlan_sys_*,genev_sys_*,gre_sys_*,stt_sys_*,????????-?????? diff --git a/packages/open-vm-tools/vmtoolsd.service b/packages/open-vm-tools/vmtoolsd.service deleted file mode 100644 index 97c6d8a52de..00000000000 --- a/packages/open-vm-tools/vmtoolsd.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=VMware Tools service -Documentation=https://github.com/vmware/open-vm-tools -ConditionVirtualization=vmware - -[Service] -ExecStart=/usr/bin/vmtoolsd -Restart=always -RestartSec=5 - -[Install] -WantedBy=multi-user.target diff --git a/packages/os/COPYRIGHT b/packages/os/COPYRIGHT deleted file mode 100644 index d670cbd2189..00000000000 --- a/packages/os/COPYRIGHT +++ /dev/null @@ -1,19 +0,0 @@ -Copyright Amazon.com, Inc., its affiliates, or other contributors. All Rights Reserved. - -Except as otherwise noted (below and/or in individual files), Bottlerocket is dual-licensed under -the Apache License, version 2.0 or the MIT license , at your option. - -Copyrights in Bottlerocket are retained by their contributors. No copyright assignment is required -to contribute to Bottlerocket. Contributions to Bottlerocket are explicitly made under both the -Apache License, version 2.0, and the MIT license. For full authorship information, see the version -control history. - -Bottlerocket operating system images include packages written by third parties, which may carry -their own copyright notices and license terms. These are available in /usr/share/licenses on the -operating system images. - -=^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= - -Contains modified hyper-proxy files [mod.rs, stream.rs, tunnel.rs] from -https://github.com/tafia/hyper-proxy 2021-09-20. -Copyright (c) 2017 Johann Tuffe. Licensed under the MIT License. diff --git a/packages/os/Cargo.toml b/packages/os/Cargo.toml deleted file mode 100644 index f8f91bea581..00000000000 --- a/packages/os/Cargo.toml +++ /dev/null @@ -1,53 +0,0 @@ -[package] -name = "os" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] -source-groups = [ - "api", - "bottlerocket-release", - "metricdog", - "parse-datetime", - "ghostdog", - "updater", - "logdog", - "models", - "imdsclient", - "retry-read", - "shimpei", - "driverdog", - "cfsignal", - "bloodhound", - "xfscli", -] - -[lib] -path = "../packages.rs" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } - -# RPM Requires -[dependencies] -# FIXME: this dependency will be removed when this package moves out of tree. -settings-plugins = { path = "../settings-plugins" } - -# FIXME: this dependency will also be removed -settings-defaults = { path = "../settings-defaults" } - -# We depend on these packages at runtime, and are expected to be pulled in -# by way of the `release` package. -# `host-ctr` for host containers functionality -# host-ctr = { path = "../host-ctr" } -# kexec-tools and makedumpfile required for prairiedog functionality -# kexec-tools = { path = "../kexec-tools" } -# makedumpfile = { path = "../makedumpfile" } -# binutils required for driverdog functionality -# binutils = { path = "../binutils" } -# oci-add-hooks required for shimpei functionality -# oci-add-hooks = { path = "../oci-add-hooks" } -# nvme-cli = { path = "../nvme-cli" } diff --git a/packages/os/LICENSE-APACHE b/packages/os/LICENSE-APACHE deleted file mode 100644 index d6456956733..00000000000 --- a/packages/os/LICENSE-APACHE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/packages/os/LICENSE-MIT b/packages/os/LICENSE-MIT deleted file mode 100644 index df3c0d623a8..00000000000 --- a/packages/os/LICENSE-MIT +++ /dev/null @@ -1,8 +0,0 @@ -MIT License -Copyright Amazon.com, Inc., its affiliates, or other contributors. All Rights Reserved. - -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/packages/os/api-sysusers.conf b/packages/os/api-sysusers.conf deleted file mode 100644 index 323da272f6d..00000000000 --- a/packages/os/api-sysusers.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Create `api` group with gid of 274 to limit access to the Bottlerocket API socket -g api 274 - diff --git a/packages/os/apiserver.service b/packages/os/apiserver.service deleted file mode 100644 index 29af00b04e7..00000000000 --- a/packages/os/apiserver.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Bottlerocket API server -After=storewolf.service migrator.service -Requires=storewolf.service migrator.service - -[Service] -Type=notify -ExecStart=/usr/bin/apiserver --datastore-path /var/lib/bottlerocket/datastore/current --socket-gid 274 -Restart=always -RestartSec=5 -StandardError=journal+console - -[Install] -WantedBy=preconfigured.target diff --git a/packages/os/bootstrap-containers-tmpfiles.conf b/packages/os/bootstrap-containers-tmpfiles.conf deleted file mode 100644 index 00c3c035e20..00000000000 --- a/packages/os/bootstrap-containers-tmpfiles.conf +++ /dev/null @@ -1,4 +0,0 @@ -d /etc/bootstrap-containers 0750 root root - -d /run/bootstrap-containers 0755 root root - -d /local/bootstrap-containers 0700 root root - -T /local/bootstrap-containers - - - - security.selinux=system_u:object_r:secret_t:s0 diff --git a/packages/os/bootstrap-containers-toml b/packages/os/bootstrap-containers-toml deleted file mode 100644 index 3988328f453..00000000000 --- a/packages/os/bootstrap-containers-toml +++ /dev/null @@ -1,17 +0,0 @@ -[required-extensions] -bootstrap-containers = "v1" -std = { version = "v1", helpers = ["if_not_null"] } -+++ -{{#if_not_null settings.bootstrap-containers}} -{{#each settings.bootstrap-containers}} -["{{@key}}"] -source = "{{{this.source}}}" -mode = "{{{this.mode}}}" -{{#if_not_null this.user-data}} -user-data = "{{{this.user-data}}}" -{{/if_not_null}} -{{#if_not_null this.essential}} -essential = {{this.essential}} -{{/if_not_null}} -{{/each}} -{{/if_not_null}} diff --git a/packages/os/bootstrap-containers@.service b/packages/os/bootstrap-containers@.service deleted file mode 100644 index d15b9bd5503..00000000000 --- a/packages/os/bootstrap-containers@.service +++ /dev/null @@ -1,30 +0,0 @@ -[Unit] -Description=bootstrap container %i -Before=configured.target -After=host-containerd.service -Wants=host-containers.service -# Block manual interactions with bootstrap containers, since they should only be -# started by systemd -RefuseManualStart=true -RefuseManualStop=true -# If a sentinel file exists for this bootstrap container, it means we should skip -# since we've run this bootstrap container already. -ConditionPathExists=!/run/bootstrap-containers/%i.ran - -[Service] -Type=oneshot -EnvironmentFile=/etc/bootstrap-containers/%i.env -# Create a sentinel file to mark that we've run -ExecStart=/usr/bin/touch /run/bootstrap-containers/%i.ran -# Run the bootstrap container -ExecStart=/usr/bin/host-ctr run \ - --container-id='%i' \ - --source='${CTR_SOURCE}' \ - --container-type='bootstrap' \ - --registry-config=/etc/host-containers/host-ctr.toml -ExecStartPost=/usr/bin/bootstrap-containers mark-bootstrap \ - --container-id '%i' \ - --mode '${CTR_MODE}' -RemainAfterExit=true -StandardError=journal+console -SyslogIdentifier=bootstrap-containers@%i diff --git a/packages/os/bottlerocket-cis-checks-metadata-json b/packages/os/bottlerocket-cis-checks-metadata-json deleted file mode 100644 index 933bcfb183d..00000000000 --- a/packages/os/bottlerocket-cis-checks-metadata-json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "name": "CIS Bottlerocket Benchmark", - "version": "v1.0.0", - "url": "https://www.cisecurity.org/benchmark/bottlerocket" -} diff --git a/packages/os/bottlerocket-fips-checks-metadata-json b/packages/os/bottlerocket-fips-checks-metadata-json deleted file mode 100644 index f4ba1a60ad6..00000000000 --- a/packages/os/bottlerocket-fips-checks-metadata-json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "name": "FIPS Security Policy", - "version": "v1.0.0", - "url": "https://csrc.nist.gov/" -} diff --git a/packages/os/certdog-toml b/packages/os/certdog-toml deleted file mode 100644 index 4a4d8939428..00000000000 --- a/packages/os/certdog-toml +++ /dev/null @@ -1,10 +0,0 @@ -[required-extensions] -pki = "v1" -+++ -{{#if settings.pki}} -{{#each settings.pki}} -["{{@key}}"] -trusted = {{this.trusted}} -data = "{{{this.data}}}" -{{/each}} -{{/if}} diff --git a/packages/os/cfsignal-toml b/packages/os/cfsignal-toml deleted file mode 100644 index 9c8dadd50ec..00000000000 --- a/packages/os/cfsignal-toml +++ /dev/null @@ -1,6 +0,0 @@ -[required-extensions] -cloudformation = "v1" -+++ -should_signal = {{settings.cloudformation.should-signal}} -stack_name = "{{settings.cloudformation.stack-name}}" -logical_resource_id = "{{settings.cloudformation.logical-resource-id}}" diff --git a/packages/os/cfsignal.service b/packages/os/cfsignal.service deleted file mode 100644 index 804591740fe..00000000000 --- a/packages/os/cfsignal.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=Send signal to CloudFormation Stack -After=network-online.target settings-applier.service -Requires=settings-applier.service -Wants=network-online.target -# We only want to run once, at first boot. This file is created by cfsignal -# after a successful run. -ConditionPathExists=!/var/lib/bottlerocket/cfsignal.ran - -[Service] -Type=simple -ExecStart=/usr/bin/cfsignal - -[Install] -WantedBy=preconfigured.target diff --git a/packages/os/corndog-toml b/packages/os/corndog-toml deleted file mode 100644 index 70fab7f31e3..00000000000 --- a/packages/os/corndog-toml +++ /dev/null @@ -1,12 +0,0 @@ -[required-extensions] -kernel = "v1" -+++ -{{#if settings.kernel.lockdown}} -lockdown = "{{{settings.kernel.lockdown}}}" -{{/if}} -{{#if settings.kernel.sysctl}} -[sysctl] -{{#each settings.kernel.sysctl}} -"{{@key}}" = "{{{this}}}" -{{/each}} -{{/if}} diff --git a/packages/os/ebs-volumes.rules b/packages/os/ebs-volumes.rules deleted file mode 100644 index 64c644ac1c9..00000000000 --- a/packages/os/ebs-volumes.rules +++ /dev/null @@ -1,15 +0,0 @@ -ACTION=="remove", GOTO="ebs_volumes_end" -KERNEL!="nvme*", GOTO="ebs_volumes_end" -SUBSYSTEM!="block", GOTO="ebs_volumes_end" -ATTRS{model}!="Amazon Elastic Block Store", GOTO="ebs_volumes_end" - -# Follow AWS recommendation of never timing out IO on EBS volumes attached via NVMe -ENV{DEVTYPE}=="disk", ATTR{queue/io_timeout}="4294967295" - -# Add symlink for disk -KERNEL=="nvme[0-9]*n[0-9]*", ENV{DEVTYPE}=="disk", IMPORT{program}="/usr/bin/ghostdog ebs-device-name $devnode", SYMLINK+="$env{XVD_DEVICE_NAME}" - -# Add symlink for partition -KERNEL=="nvme[0-9]*n[0-9]*p[0-9]*", ENV{DEVTYPE}=="partition", IMPORT{parent}="XVD_DEVICE_NAME", SYMLINK+="$env{XVD_DEVICE_NAME}$number" - -LABEL="ebs_volumes_end" diff --git a/packages/os/eni-max-pods b/packages/os/eni-max-pods deleted file mode 100644 index a77ffc54395..00000000000 --- a/packages/os/eni-max-pods +++ /dev/null @@ -1,835 +0,0 @@ -# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"). You may -# not use this file except in compliance with the License. A copy of the -# License is located at -# -# http://aws.amazon.com/apache2.0/ -# -# or in the "license" file accompanying this file. This file is distributed -# on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either -# express or implied. See the License for the specific language governing -# permissions and limitations under the License. -# -# The regions queried were: -# - ap-northeast-1 -# - ap-northeast-2 -# - ap-northeast-3 -# - ap-south-1 -# - ap-southeast-1 -# - ap-southeast-2 -# - ca-central-1 -# - eu-central-1 -# - eu-central-2 -# - eu-north-1 -# - eu-west-1 -# - eu-west-2 -# - eu-west-3 -# - sa-east-1 -# - us-east-1 -# - us-east-2 -# - us-west-1 -# - us-west-2 -# -# Mapping is calculated from AWS EC2 API using the following formula: -# * First IP on each ENI is not used for pods -# * +2 for the pods that use host-networking (AWS CNI and kube-proxy) -# -# # of ENI * (# of IPv4 per ENI - 1) + 2 -# -# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI -# -a1.2xlarge 58 -a1.4xlarge 234 -a1.large 29 -a1.medium 8 -a1.metal 234 -a1.xlarge 58 -bmn-sf1.metal 737 -c1.medium 12 -c1.xlarge 58 -c3.2xlarge 58 -c3.4xlarge 234 -c3.8xlarge 234 -c3.large 29 -c3.xlarge 58 -c4.2xlarge 58 -c4.4xlarge 234 -c4.8xlarge 234 -c4.large 29 -c4.xlarge 58 -c5.12xlarge 234 -c5.18xlarge 737 -c5.24xlarge 737 -c5.2xlarge 58 -c5.4xlarge 234 -c5.9xlarge 234 -c5.large 29 -c5.metal 737 -c5.xlarge 58 -c5a.12xlarge 234 -c5a.16xlarge 737 -c5a.24xlarge 737 -c5a.2xlarge 58 -c5a.4xlarge 234 -c5a.8xlarge 234 -c5a.large 29 -c5a.metal 737 -c5a.xlarge 58 -c5ad.12xlarge 234 -c5ad.16xlarge 737 -c5ad.24xlarge 737 -c5ad.2xlarge 58 -c5ad.4xlarge 234 -c5ad.8xlarge 234 -c5ad.large 29 -c5ad.metal 737 -c5ad.xlarge 58 -c5d.12xlarge 234 -c5d.18xlarge 737 -c5d.24xlarge 737 -c5d.2xlarge 58 -c5d.4xlarge 234 -c5d.9xlarge 234 -c5d.large 29 -c5d.metal 737 -c5d.xlarge 58 -c5n.18xlarge 737 -c5n.2xlarge 58 -c5n.4xlarge 234 -c5n.9xlarge 234 -c5n.large 29 -c5n.metal 737 -c5n.xlarge 58 -c6a.12xlarge 234 -c6a.16xlarge 737 -c6a.24xlarge 737 -c6a.2xlarge 58 -c6a.32xlarge 737 -c6a.48xlarge 737 -c6a.4xlarge 234 -c6a.8xlarge 234 -c6a.large 29 -c6a.metal 737 -c6a.xlarge 58 -c6g.12xlarge 234 -c6g.16xlarge 737 -c6g.2xlarge 58 -c6g.4xlarge 234 -c6g.8xlarge 234 -c6g.large 29 -c6g.medium 8 -c6g.metal 737 -c6g.xlarge 58 -c6gd.12xlarge 234 -c6gd.16xlarge 737 -c6gd.2xlarge 58 -c6gd.4xlarge 234 -c6gd.8xlarge 234 -c6gd.large 29 -c6gd.medium 8 -c6gd.metal 737 -c6gd.xlarge 58 -c6gn.12xlarge 234 -c6gn.16xlarge 737 -c6gn.2xlarge 58 -c6gn.4xlarge 234 -c6gn.8xlarge 234 -c6gn.large 29 -c6gn.medium 8 -c6gn.xlarge 58 -c6i.12xlarge 234 -c6i.16xlarge 737 -c6i.24xlarge 737 -c6i.2xlarge 58 -c6i.32xlarge 737 -c6i.4xlarge 234 -c6i.8xlarge 234 -c6i.large 29 -c6i.metal 737 -c6i.xlarge 58 -c6id.12xlarge 234 -c6id.16xlarge 737 -c6id.24xlarge 737 -c6id.2xlarge 58 -c6id.32xlarge 737 -c6id.4xlarge 234 -c6id.8xlarge 234 -c6id.large 29 -c6id.metal 737 -c6id.xlarge 58 -c6in.12xlarge 234 -c6in.16xlarge 737 -c6in.24xlarge 737 -c6in.2xlarge 58 -c6in.32xlarge 394 -c6in.4xlarge 234 -c6in.8xlarge 234 -c6in.large 29 -c6in.metal 394 -c6in.xlarge 58 -c7a.12xlarge 234 -c7a.16xlarge 737 -c7a.24xlarge 737 -c7a.2xlarge 58 -c7a.32xlarge 737 -c7a.48xlarge 737 -c7a.4xlarge 234 -c7a.8xlarge 234 -c7a.large 29 -c7a.medium 8 -c7a.metal-48xl 737 -c7a.xlarge 58 -c7g.12xlarge 234 -c7g.16xlarge 737 -c7g.2xlarge 58 -c7g.4xlarge 234 -c7g.8xlarge 234 -c7g.large 29 -c7g.medium 8 -c7g.metal 737 -c7g.xlarge 58 -c7gd.12xlarge 234 -c7gd.16xlarge 737 -c7gd.2xlarge 58 -c7gd.4xlarge 234 -c7gd.8xlarge 234 -c7gd.large 29 -c7gd.medium 8 -c7gd.metal 737 -c7gd.xlarge 58 -c7gn.12xlarge 234 -c7gn.16xlarge 737 -c7gn.2xlarge 58 -c7gn.4xlarge 234 -c7gn.8xlarge 234 -c7gn.large 29 -c7gn.medium 8 -c7gn.metal 737 -c7gn.xlarge 58 -c7i.12xlarge 234 -c7i.16xlarge 737 -c7i.24xlarge 737 -c7i.2xlarge 58 -c7i.48xlarge 737 -c7i.4xlarge 234 -c7i.8xlarge 234 -c7i.large 29 -c7i.metal-24xl 737 -c7i.metal-48xl 737 -c7i.xlarge 58 -cr1.8xlarge 234 -d2.2xlarge 58 -d2.4xlarge 234 -d2.8xlarge 234 -d2.xlarge 58 -d3.2xlarge 18 -d3.4xlarge 38 -d3.8xlarge 59 -d3.xlarge 10 -d3en.12xlarge 89 -d3en.2xlarge 18 -d3en.4xlarge 38 -d3en.6xlarge 58 -d3en.8xlarge 78 -d3en.xlarge 10 -dl1.24xlarge 737 -dl2q.24xlarge 737 -f1.16xlarge 394 -f1.2xlarge 58 -f1.4xlarge 234 -g3.16xlarge 737 -g3.4xlarge 234 -g3.8xlarge 234 -g3s.xlarge 58 -g4ad.16xlarge 234 -g4ad.2xlarge 8 -g4ad.4xlarge 29 -g4ad.8xlarge 58 -g4ad.xlarge 8 -g4dn.12xlarge 234 -g4dn.16xlarge 58 -g4dn.2xlarge 29 -g4dn.4xlarge 29 -g4dn.8xlarge 58 -g4dn.metal 737 -g4dn.xlarge 29 -g5.12xlarge 737 -g5.16xlarge 234 -g5.24xlarge 737 -g5.2xlarge 58 -g5.48xlarge 345 -g5.4xlarge 234 -g5.8xlarge 234 -g5.xlarge 58 -g5g.16xlarge 737 -g5g.2xlarge 58 -g5g.4xlarge 234 -g5g.8xlarge 234 -g5g.metal 737 -g5g.xlarge 58 -g6.12xlarge 234 -g6.16xlarge 737 -g6.24xlarge 737 -g6.2xlarge 58 -g6.48xlarge 737 -g6.4xlarge 234 -g6.8xlarge 234 -g6.xlarge 58 -gr6.4xlarge 234 -gr6.8xlarge 234 -h1.16xlarge 394 -h1.2xlarge 58 -h1.4xlarge 234 -h1.8xlarge 234 -hpc6a.48xlarge 100 -hpc6id.32xlarge 51 -hpc7a.12xlarge 100 -hpc7a.24xlarge 100 -hpc7a.48xlarge 100 -hpc7a.96xlarge 100 -hpc7g.16xlarge 198 -hpc7g.4xlarge 198 -hpc7g.8xlarge 198 -hs1.8xlarge 234 -i2.2xlarge 58 -i2.4xlarge 234 -i2.8xlarge 234 -i2.xlarge 58 -i3.16xlarge 737 -i3.2xlarge 58 -i3.4xlarge 234 -i3.8xlarge 234 -i3.large 29 -i3.metal 737 -i3.xlarge 58 -i3en.12xlarge 234 -i3en.24xlarge 737 -i3en.2xlarge 58 -i3en.3xlarge 58 -i3en.6xlarge 234 -i3en.large 29 -i3en.metal 737 -i3en.xlarge 58 -i4g.16xlarge 737 -i4g.2xlarge 58 -i4g.4xlarge 234 -i4g.8xlarge 234 -i4g.large 29 -i4g.xlarge 58 -i4i.12xlarge 234 -i4i.16xlarge 737 -i4i.24xlarge 437 -i4i.2xlarge 58 -i4i.32xlarge 737 -i4i.4xlarge 234 -i4i.8xlarge 234 -i4i.large 29 -i4i.metal 737 -i4i.xlarge 58 -im4gn.16xlarge 737 -im4gn.2xlarge 58 -im4gn.4xlarge 234 -im4gn.8xlarge 234 -im4gn.large 29 -im4gn.xlarge 58 -inf1.24xlarge 321 -inf1.2xlarge 38 -inf1.6xlarge 234 -inf1.xlarge 38 -inf2.24xlarge 737 -inf2.48xlarge 737 -inf2.8xlarge 234 -inf2.xlarge 58 -is4gen.2xlarge 58 -is4gen.4xlarge 234 -is4gen.8xlarge 234 -is4gen.large 29 -is4gen.medium 8 -is4gen.xlarge 58 -m1.large 29 -m1.medium 12 -m1.small 8 -m1.xlarge 58 -m2.2xlarge 118 -m2.4xlarge 234 -m2.xlarge 58 -m3.2xlarge 118 -m3.large 29 -m3.medium 12 -m3.xlarge 58 -m4.10xlarge 234 -m4.16xlarge 234 -m4.2xlarge 58 -m4.4xlarge 234 -m4.large 20 -m4.xlarge 58 -m5.12xlarge 234 -m5.16xlarge 737 -m5.24xlarge 737 -m5.2xlarge 58 -m5.4xlarge 234 -m5.8xlarge 234 -m5.large 29 -m5.metal 737 -m5.xlarge 58 -m5a.12xlarge 234 -m5a.16xlarge 737 -m5a.24xlarge 737 -m5a.2xlarge 58 -m5a.4xlarge 234 -m5a.8xlarge 234 -m5a.large 29 -m5a.xlarge 58 -m5ad.12xlarge 234 -m5ad.16xlarge 737 -m5ad.24xlarge 737 -m5ad.2xlarge 58 -m5ad.4xlarge 234 -m5ad.8xlarge 234 -m5ad.large 29 -m5ad.xlarge 58 -m5d.12xlarge 234 -m5d.16xlarge 737 -m5d.24xlarge 737 -m5d.2xlarge 58 -m5d.4xlarge 234 -m5d.8xlarge 234 -m5d.large 29 -m5d.metal 737 -m5d.xlarge 58 -m5dn.12xlarge 234 -m5dn.16xlarge 737 -m5dn.24xlarge 737 -m5dn.2xlarge 58 -m5dn.4xlarge 234 -m5dn.8xlarge 234 -m5dn.large 29 -m5dn.metal 737 -m5dn.xlarge 58 -m5n.12xlarge 234 -m5n.16xlarge 737 -m5n.24xlarge 737 -m5n.2xlarge 58 -m5n.4xlarge 234 -m5n.8xlarge 234 -m5n.large 29 -m5n.metal 737 -m5n.xlarge 58 -m5zn.12xlarge 737 -m5zn.2xlarge 58 -m5zn.3xlarge 234 -m5zn.6xlarge 234 -m5zn.large 29 -m5zn.metal 737 -m5zn.xlarge 58 -m6a.12xlarge 234 -m6a.16xlarge 737 -m6a.24xlarge 737 -m6a.2xlarge 58 -m6a.32xlarge 737 -m6a.48xlarge 737 -m6a.4xlarge 234 -m6a.8xlarge 234 -m6a.large 29 -m6a.metal 737 -m6a.xlarge 58 -m6g.12xlarge 234 -m6g.16xlarge 737 -m6g.2xlarge 58 -m6g.4xlarge 234 -m6g.8xlarge 234 -m6g.large 29 -m6g.medium 8 -m6g.metal 737 -m6g.xlarge 58 -m6gd.12xlarge 234 -m6gd.16xlarge 737 -m6gd.2xlarge 58 -m6gd.4xlarge 234 -m6gd.8xlarge 234 -m6gd.large 29 -m6gd.medium 8 -m6gd.metal 737 -m6gd.xlarge 58 -m6i.12xlarge 234 -m6i.16xlarge 737 -m6i.24xlarge 737 -m6i.2xlarge 58 -m6i.32xlarge 737 -m6i.4xlarge 234 -m6i.8xlarge 234 -m6i.large 29 -m6i.metal 737 -m6i.xlarge 58 -m6id.12xlarge 234 -m6id.16xlarge 737 -m6id.24xlarge 737 -m6id.2xlarge 58 -m6id.32xlarge 737 -m6id.4xlarge 234 -m6id.8xlarge 234 -m6id.large 29 -m6id.metal 737 -m6id.xlarge 58 -m6idn.12xlarge 234 -m6idn.16xlarge 737 -m6idn.24xlarge 737 -m6idn.2xlarge 58 -m6idn.32xlarge 394 -m6idn.4xlarge 234 -m6idn.8xlarge 234 -m6idn.large 29 -m6idn.metal 394 -m6idn.xlarge 58 -m6in.12xlarge 234 -m6in.16xlarge 737 -m6in.24xlarge 737 -m6in.2xlarge 58 -m6in.32xlarge 394 -m6in.4xlarge 234 -m6in.8xlarge 234 -m6in.large 29 -m6in.metal 394 -m6in.xlarge 58 -m7a.12xlarge 234 -m7a.16xlarge 737 -m7a.24xlarge 737 -m7a.2xlarge 58 -m7a.32xlarge 737 -m7a.48xlarge 737 -m7a.4xlarge 234 -m7a.8xlarge 234 -m7a.large 29 -m7a.medium 8 -m7a.metal-48xl 737 -m7a.xlarge 58 -m7g.12xlarge 234 -m7g.16xlarge 737 -m7g.2xlarge 58 -m7g.4xlarge 234 -m7g.8xlarge 234 -m7g.large 29 -m7g.medium 8 -m7g.metal 737 -m7g.xlarge 58 -m7gd.12xlarge 234 -m7gd.16xlarge 737 -m7gd.2xlarge 58 -m7gd.4xlarge 234 -m7gd.8xlarge 234 -m7gd.large 29 -m7gd.medium 8 -m7gd.metal 737 -m7gd.xlarge 58 -m7i-flex.2xlarge 58 -m7i-flex.4xlarge 234 -m7i-flex.8xlarge 234 -m7i-flex.large 29 -m7i-flex.xlarge 58 -m7i.12xlarge 234 -m7i.16xlarge 737 -m7i.24xlarge 737 -m7i.2xlarge 58 -m7i.48xlarge 737 -m7i.4xlarge 234 -m7i.8xlarge 234 -m7i.large 29 -m7i.metal-24xl 737 -m7i.metal-48xl 737 -m7i.xlarge 58 -mac1.metal 234 -mac2-m2.metal 234 -mac2-m2pro.metal 234 -mac2.metal 234 -p2.16xlarge 234 -p2.8xlarge 234 -p2.xlarge 58 -p3.16xlarge 234 -p3.2xlarge 58 -p3.8xlarge 234 -p3dn.24xlarge 737 -p4d.24xlarge 737 -p4de.24xlarge 737 -p5.48xlarge 100 -r3.2xlarge 58 -r3.4xlarge 234 -r3.8xlarge 234 -r3.large 29 -r3.xlarge 58 -r4.16xlarge 737 -r4.2xlarge 58 -r4.4xlarge 234 -r4.8xlarge 234 -r4.large 29 -r4.xlarge 58 -r5.12xlarge 234 -r5.16xlarge 737 -r5.24xlarge 737 -r5.2xlarge 58 -r5.4xlarge 234 -r5.8xlarge 234 -r5.large 29 -r5.metal 737 -r5.xlarge 58 -r5a.12xlarge 234 -r5a.16xlarge 737 -r5a.24xlarge 737 -r5a.2xlarge 58 -r5a.4xlarge 234 -r5a.8xlarge 234 -r5a.large 29 -r5a.xlarge 58 -r5ad.12xlarge 234 -r5ad.16xlarge 737 -r5ad.24xlarge 737 -r5ad.2xlarge 58 -r5ad.4xlarge 234 -r5ad.8xlarge 234 -r5ad.large 29 -r5ad.xlarge 58 -r5b.12xlarge 234 -r5b.16xlarge 737 -r5b.24xlarge 737 -r5b.2xlarge 58 -r5b.4xlarge 234 -r5b.8xlarge 234 -r5b.large 29 -r5b.metal 737 -r5b.xlarge 58 -r5d.12xlarge 234 -r5d.16xlarge 737 -r5d.24xlarge 737 -r5d.2xlarge 58 -r5d.4xlarge 234 -r5d.8xlarge 234 -r5d.large 29 -r5d.metal 737 -r5d.xlarge 58 -r5dn.12xlarge 234 -r5dn.16xlarge 737 -r5dn.24xlarge 737 -r5dn.2xlarge 58 -r5dn.4xlarge 234 -r5dn.8xlarge 234 -r5dn.large 29 -r5dn.metal 737 -r5dn.xlarge 58 -r5n.12xlarge 234 -r5n.16xlarge 737 -r5n.24xlarge 737 -r5n.2xlarge 58 -r5n.4xlarge 234 -r5n.8xlarge 234 -r5n.large 29 -r5n.metal 737 -r5n.xlarge 58 -r6a.12xlarge 234 -r6a.16xlarge 737 -r6a.24xlarge 737 -r6a.2xlarge 58 -r6a.32xlarge 737 -r6a.48xlarge 737 -r6a.4xlarge 234 -r6a.8xlarge 234 -r6a.large 29 -r6a.metal 737 -r6a.xlarge 58 -r6g.12xlarge 234 -r6g.16xlarge 737 -r6g.2xlarge 58 -r6g.4xlarge 234 -r6g.8xlarge 234 -r6g.large 29 -r6g.medium 8 -r6g.metal 737 -r6g.xlarge 58 -r6gd.12xlarge 234 -r6gd.16xlarge 737 -r6gd.2xlarge 58 -r6gd.4xlarge 234 -r6gd.8xlarge 234 -r6gd.large 29 -r6gd.medium 8 -r6gd.metal 737 -r6gd.xlarge 58 -r6i.12xlarge 234 -r6i.16xlarge 737 -r6i.24xlarge 737 -r6i.2xlarge 58 -r6i.32xlarge 737 -r6i.4xlarge 234 -r6i.8xlarge 234 -r6i.large 29 -r6i.metal 737 -r6i.xlarge 58 -r6id.12xlarge 234 -r6id.16xlarge 737 -r6id.24xlarge 737 -r6id.2xlarge 58 -r6id.32xlarge 737 -r6id.4xlarge 234 -r6id.8xlarge 234 -r6id.large 29 -r6id.metal 737 -r6id.xlarge 58 -r6idn.12xlarge 234 -r6idn.16xlarge 737 -r6idn.24xlarge 737 -r6idn.2xlarge 58 -r6idn.32xlarge 394 -r6idn.4xlarge 234 -r6idn.8xlarge 234 -r6idn.large 29 -r6idn.metal 394 -r6idn.xlarge 58 -r6in.12xlarge 234 -r6in.16xlarge 737 -r6in.24xlarge 737 -r6in.2xlarge 58 -r6in.32xlarge 394 -r6in.4xlarge 234 -r6in.8xlarge 234 -r6in.large 29 -r6in.metal 394 -r6in.xlarge 58 -r7a.12xlarge 234 -r7a.16xlarge 737 -r7a.24xlarge 737 -r7a.2xlarge 58 -r7a.32xlarge 737 -r7a.48xlarge 737 -r7a.4xlarge 234 -r7a.8xlarge 234 -r7a.large 29 -r7a.medium 8 -r7a.metal-48xl 737 -r7a.xlarge 58 -r7g.12xlarge 234 -r7g.16xlarge 737 -r7g.2xlarge 58 -r7g.4xlarge 234 -r7g.8xlarge 234 -r7g.large 29 -r7g.medium 8 -r7g.metal 737 -r7g.xlarge 58 -r7gd.12xlarge 234 -r7gd.16xlarge 737 -r7gd.2xlarge 58 -r7gd.4xlarge 234 -r7gd.8xlarge 234 -r7gd.large 29 -r7gd.medium 8 -r7gd.metal 737 -r7gd.xlarge 58 -r7i.12xlarge 234 -r7i.16xlarge 737 -r7i.24xlarge 737 -r7i.2xlarge 58 -r7i.48xlarge 737 -r7i.4xlarge 234 -r7i.8xlarge 234 -r7i.large 29 -r7i.metal-24xl 737 -r7i.metal-48xl 737 -r7i.xlarge 58 -r7iz.12xlarge 234 -r7iz.16xlarge 737 -r7iz.2xlarge 58 -r7iz.32xlarge 737 -r7iz.4xlarge 234 -r7iz.8xlarge 234 -r7iz.large 29 -r7iz.metal-16xl 737 -r7iz.metal-32xl 737 -r7iz.xlarge 58 -t1.micro 4 -t2.2xlarge 44 -t2.large 35 -t2.medium 17 -t2.micro 4 -t2.nano 4 -t2.small 11 -t2.xlarge 44 -t3.2xlarge 58 -t3.large 35 -t3.medium 17 -t3.micro 4 -t3.nano 4 -t3.small 11 -t3.xlarge 58 -t3a.2xlarge 58 -t3a.large 35 -t3a.medium 17 -t3a.micro 4 -t3a.nano 4 -t3a.small 8 -t3a.xlarge 58 -t4g.2xlarge 58 -t4g.large 35 -t4g.medium 17 -t4g.micro 4 -t4g.nano 4 -t4g.small 11 -t4g.xlarge 58 -trn1.2xlarge 58 -trn1.32xlarge 247 -trn1n.32xlarge 247 -u-12tb1.112xlarge 737 -u-12tb1.metal 147 -u-18tb1.112xlarge 737 -u-18tb1.metal 737 -u-24tb1.112xlarge 737 -u-24tb1.metal 737 -u-3tb1.56xlarge 234 -u-6tb1.112xlarge 737 -u-6tb1.56xlarge 737 -u-6tb1.metal 147 -u-9tb1.112xlarge 737 -u-9tb1.metal 147 -vt1.24xlarge 737 -vt1.3xlarge 58 -vt1.6xlarge 234 -x1.16xlarge 234 -x1.32xlarge 234 -x1e.16xlarge 234 -x1e.2xlarge 58 -x1e.32xlarge 234 -x1e.4xlarge 58 -x1e.8xlarge 58 -x1e.xlarge 29 -x2gd.12xlarge 234 -x2gd.16xlarge 737 -x2gd.2xlarge 58 -x2gd.4xlarge 234 -x2gd.8xlarge 234 -x2gd.large 29 -x2gd.medium 8 -x2gd.metal 737 -x2gd.xlarge 58 -x2idn.16xlarge 737 -x2idn.24xlarge 737 -x2idn.32xlarge 737 -x2idn.metal 737 -x2iedn.16xlarge 737 -x2iedn.24xlarge 737 -x2iedn.2xlarge 58 -x2iedn.32xlarge 737 -x2iedn.4xlarge 234 -x2iedn.8xlarge 234 -x2iedn.metal 737 -x2iedn.xlarge 58 -x2iezn.12xlarge 737 -x2iezn.2xlarge 58 -x2iezn.4xlarge 234 -x2iezn.6xlarge 234 -x2iezn.8xlarge 234 -x2iezn.metal 737 -z1d.12xlarge 737 -z1d.2xlarge 58 -z1d.3xlarge 234 -z1d.6xlarge 234 -z1d.large 29 -z1d.metal 737 -z1d.xlarge 58 diff --git a/packages/os/ephemeral-storage.rules b/packages/os/ephemeral-storage.rules deleted file mode 100644 index c8c1e4cf402..00000000000 --- a/packages/os/ephemeral-storage.rules +++ /dev/null @@ -1,27 +0,0 @@ -# ephemeral storage links: /dev/disk/ephemeral - -ACTION=="remove", GOTO="ephemeral_storage_end" -SUBSYSTEM!="block", GOTO="ephemeral_storage_end" -ENV{DEVTYPE}!="disk", GOTO="ephemeral_storage_end" - -# Known sources of ephemeral disks: -# - EC2 instance types with instance storage volumes -# - KVM VMs with additional virtio disks -KERNEL!="nvme*|vd*", GOTO="ephemeral_storage_end" - -# We can't be sure that devices with similar kernel names are all ephemeral. -# Our udev helper checks for known system partitions to classify the device. -IMPORT{program}=="/usr/bin/ghostdog scan $devnode" -ENV{BOTTLEROCKET_DEVICE_TYPE}!="ephemeral", GOTO="ephemeral_storage_end" - -# EBS volumes will show up as "Amazon Elastic Block Store", but we expect these -# to be either system volumes or managed by the EBS CSI driver. -KERNEL=="nvme*", ATTRS{model}=="Amazon EC2 NVMe Instance Storage*", ENV{ID_SERIAL}=="?*", \ - SYMLINK+="disk/ephemeral/nvme-$env{ID_SERIAL}" - -# Fow now, virtio support is meant to enable local development, so only create -# links if the serial matches a specific prefix. -KERNEL=="vd*", ENV{ID_SERIAL}=="eph*", \ - SYMLINK+="disk/ephemeral/virtio-$env{ID_SERIAL}" - -LABEL="ephemeral_storage_end" diff --git a/packages/os/has-boot-ever-succeeded.service b/packages/os/has-boot-ever-succeeded.service deleted file mode 100644 index fb531b323d2..00000000000 --- a/packages/os/has-boot-ever-succeeded.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Checks and marks if boot has ever succeeded before -DefaultDependencies=no -Before=label-data-a.service label-data-b.service -RequiresMountsFor=/etc - -[Service] -Type=oneshot -# Check if boot has ever succeeded before -ExecStart=/bin/signpost has-boot-ever-succeeded -RemainAfterExit=true -# If boot has succeeded before, the marker file will be non-zero-sized -StandardOutput=file:/etc/has-boot-ever-succeeded - -[Install] -WantedBy=local-fs.target diff --git a/packages/os/host-containers-tmpfiles.conf b/packages/os/host-containers-tmpfiles.conf deleted file mode 100644 index 781bd9fa667..00000000000 --- a/packages/os/host-containers-tmpfiles.conf +++ /dev/null @@ -1,3 +0,0 @@ -d /etc/host-containers 0750 root root - -d /local/host-containers 0700 root root - -T /local/host-containers - - - - security.selinux=system_u:object_r:secret_t:s0 diff --git a/packages/os/host-containers-toml b/packages/os/host-containers-toml deleted file mode 100644 index 39178838a07..00000000000 --- a/packages/os/host-containers-toml +++ /dev/null @@ -1,21 +0,0 @@ -[required-extensions] -host-containers = "v1" -std = { version = "v1", helpers = ["if_not_null"]} -+++ -{{#if_not_null settings.host-containers}} -{{#each settings.host-containers}} -[host-containers."{{{@key}}}"] -{{#if_not_null this.source}} -source = "{{{this.source}}}" -{{/if_not_null}} -{{#if_not_null this.enabled}} -enabled = {{this.enabled}} -{{/if_not_null}} -{{#if_not_null this.superpowered}} -superpowered = {{this.superpowered}} -{{/if_not_null}} -{{#if_not_null this.user-data}} -user-data = "{{{this.user-data}}}" -{{/if_not_null}} -{{/each}} -{{/if_not_null}} diff --git a/packages/os/host-containers@.service b/packages/os/host-containers@.service deleted file mode 100644 index be8b24f6e9e..00000000000 --- a/packages/os/host-containers@.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Host container: %i -After=host-containerd.service -Wants=host-containerd.service - -[Service] -Type=simple -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=/etc/host-containers/%i.env -Environment=LOCAL_DIR=/local -ExecStart=/usr/bin/host-ctr run \ - --container-id='%i' \ - --source='${CTR_SOURCE}' \ - --superpowered='${CTR_SUPERPOWERED}' \ - --registry-config=/etc/host-containers/host-ctr.toml -Restart=always -RestartSec=45 -TimeoutStopSec=60 -StandardError=journal+console -SyslogIdentifier=host-containers@%i - -[Install] -WantedBy=multi-user.target diff --git a/packages/os/host-ctr-toml b/packages/os/host-ctr-toml deleted file mode 100644 index e9044234df5..00000000000 --- a/packages/os/host-ctr-toml +++ /dev/null @@ -1,32 +0,0 @@ -[required-extensions] -container-registry = "v1" -std = { version = "v1", helpers = ["join_array"] } -+++ -{{#if settings.container-registry.mirrors}} -{{#each settings.container-registry.mirrors}} -[mirrors."{{registry}}"] -endpoints = [{{join_array ", " endpoint }}] -{{/each}} -{{/if}} - -{{#if settings.container-registry.credentials}} -{{#each settings.container-registry.credentials}} -{{#if (eq registry "docker.io" )~}} -[creds."registry-1.docker.io"] -{{else}} -[creds."{{registry}}"] -{{/if}} -{{#if username}} -username = "{{{username}}}" -{{/if}} -{{#if password}} -password = "{{{password}}}" -{{/if}} -{{#if auth}} -auth = "{{{auth}}}" -{{/if}} -{{#if identitytoken}} -identitytoken = "{{{identitytoken}}}" -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/os/kubernetes-cis-checks-metadata-json b/packages/os/kubernetes-cis-checks-metadata-json deleted file mode 100644 index 67980dd3150..00000000000 --- a/packages/os/kubernetes-cis-checks-metadata-json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "name": "CIS Kubernetes Benchmark (Worker Node)", - "version": "v1.8.0", - "url": "https://www.cisecurity.org/benchmark/kubernetes" -} diff --git a/packages/os/link-kernel-modules.service.in b/packages/os/link-kernel-modules.service.in deleted file mode 100644 index 79e5956b4ab..00000000000 --- a/packages/os/link-kernel-modules.service.in +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=Link additional kernel modules -RequiresMountsFor=PREFIX/lib/modules PREFIX/src/kernels -# Rerunning this service after the system is fully loaded will override -# the already linked kernel modules. This doesn't affect the running system, -# since kernel modules are linked early in the boot sequence, but we still -# disable manual restarts to prevent unnecessary kernel modules rewrites. -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -ExecStart=/usr/bin/driverdog link-modules -RemainAfterExit=true -StandardError=journal+console - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/os/load-kernel-modules.service.in b/packages/os/load-kernel-modules.service.in deleted file mode 100644 index ce8416bfe14..00000000000 --- a/packages/os/load-kernel-modules.service.in +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=Load additional kernel modules -RequiresMountsFor=PREFIX/lib/modules PREFIX/src/kernels -After=link-kernel-modules.service -Requires=link-kernel-modules.service -# Disable manual restarts to prevent loading kernel modules -# that weren't linked by the running system -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -ExecStart=/usr/bin/driverdog load-modules -RemainAfterExit=true -StandardError=journal+console - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/os/mark-successful-boot.service b/packages/os/mark-successful-boot.service deleted file mode 100644 index 362d0c28276..00000000000 --- a/packages/os/mark-successful-boot.service +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=Call signpost to mark the boot as successful after all required targets are met. -# This unit is in charge of updating the partitions on successful boots. Use other service -# units instead of adding more `ExecStart*` lines to prevent indirect dependencies on -# other units not listed in the `RequiredBy` section. -Requires=migrator.service -# Block manual interactions with this service, manually running it could leave the system in an -# unexpected state -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -RemainAfterExit=true -ExecStart=/bin/signpost mark-successful-boot - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/os/metricdog-toml b/packages/os/metricdog-toml deleted file mode 100644 index cb971c552c0..00000000000 --- a/packages/os/metricdog-toml +++ /dev/null @@ -1,17 +0,0 @@ -[required-extensions] -aws = "v1" -metrics = "v1" -std = { version = "v1", helpers = ["join_array"] } -updates = "v1" -+++ -metrics_url = "{{settings.metrics.metrics-url}}" -send_metrics = {{settings.metrics.send-metrics}} -service_checks = [{{join_array ", " settings.metrics.service-checks}}] -seed = {{settings.updates.seed}} -version_lock = "{{settings.updates.version-lock}}" -ignore_waves = {{settings.updates.ignore-waves}} -{{#if settings.aws.region}} -region = "{{settings.aws.region}}" -{{else}} -region = "global" -{{/if}} diff --git a/packages/os/metricdog.service b/packages/os/metricdog.service deleted file mode 100644 index 6a1b67bf87b..00000000000 --- a/packages/os/metricdog.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Send a Metricdog Ping - -[Service] -EnvironmentFile=/etc/network/proxy.env -Type=oneshot -RemainAfterExit=false -StandardError=journal+console -ExecStart=/usr/bin/metricdog send-health-ping -TimeoutStartSec=30s diff --git a/packages/os/metricdog.timer b/packages/os/metricdog.timer deleted file mode 100644 index 44bcf5f32c6..00000000000 --- a/packages/os/metricdog.timer +++ /dev/null @@ -1,19 +0,0 @@ -[Unit] -Description=Scheduled Metricdog Pings - -[Timer] -# Don't run missed executions -Persistent=false -# Run 120 seconds after startup -OnStartupSec=120 -# Run every 6 hours thereafter -OnUnitActiveSec=21600 -# Don't fire at exactly the same second across machines started together. -RandomizedDelaySec=3600 -# We don't want to extend the startup report too long after the requested time. -AccuracySec=10 -# File describing job to execute -Unit=metricdog.service - -[Install] -WantedBy=timers.target diff --git a/packages/os/migration-tmpfiles.conf b/packages/os/migration-tmpfiles.conf deleted file mode 100644 index 7e70dfaa853..00000000000 --- a/packages/os/migration-tmpfiles.conf +++ /dev/null @@ -1 +0,0 @@ -d /var/lib/bottlerocket-migrations 0700 root root - diff --git a/packages/os/migrator.service b/packages/os/migrator.service deleted file mode 100644 index df181c2d3b4..00000000000 --- a/packages/os/migrator.service +++ /dev/null @@ -1,19 +0,0 @@ -[Unit] -Description=Bottlerocket data store migrator -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -ExecStart=/usr/bin/migrator \ - --datastore-path /var/lib/bottlerocket/datastore/current \ - --migration-directory /var/lib/bottlerocket-migrations \ - --root-path /usr/share/updog/root.json \ - --metadata-directory /var/cache/bottlerocket-metadata \ - --migrate-to-version-from-os-release -RemainAfterExit=true -StandardOutput=journal+console -StandardError=journal+console - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/os/oci-default-hooks-json b/packages/os/oci-default-hooks-json deleted file mode 100644 index ab08bab5d85..00000000000 --- a/packages/os/oci-default-hooks-json +++ /dev/null @@ -1,9 +0,0 @@ -+++ -{ - "hooks": { - "prestart": [ - ], - "poststart": [ - ] - } -} diff --git a/packages/os/os.spec b/packages/os/os.spec deleted file mode 100644 index 7287d4968c3..00000000000 --- a/packages/os/os.spec +++ /dev/null @@ -1,692 +0,0 @@ -%global _cross_first_party 1 -%undefine _debugsource_packages - -Name: %{_cross_os}os -Version: 0.0 -Release: 0%{?dist} -Summary: Bottlerocket's first-party code -License: Apache-2.0 OR MIT -URL: https://github.com/bottlerocket-os/bottlerocket - -# sources < 100: misc -Source2: api-sysusers.conf -# Generated by https://github.com/aws/amazon-vpc-cni-k8s/blob/master/scripts/gen_vpc_ip_limits.go -Source3: eni-max-pods - -# updog requires a root.json as the root of trust for repos, but the right one -# can't be known until the image is built. -#SourceX: root.json - -Source5: updog-toml -Source6: metricdog-toml -Source7: host-ctr-toml -Source8: oci-default-hooks-json -Source9: cfsignal-toml -Source10: warm-pool-wait-toml -Source11: bottlerocket-cis-checks-metadata-json -Source13: kubernetes-cis-checks-metadata-json -Source14: certdog-toml -Source15: prairiedog-toml -Source16: thar-be-updates-toml -Source17: corndog-toml -Source18: bootstrap-containers-toml -Source19: host-containers-toml -Source20: bottlerocket-fips-checks-metadata-json - -# 1xx sources: systemd units -Source100: apiserver.service -Source102: sundog.service -Source103: storewolf.service -Source105: settings-applier.service -Source106: migrator.service -Source107: host-containers@.service -Source110: mark-successful-boot.service -Source111: metricdog.service -Source112: metricdog.timer -Source113: send-boot-success.service -Source114: bootstrap-containers@.service -Source115: link-kernel-modules.service.in -Source116: load-kernel-modules.service.in -Source117: cfsignal.service -Source119: reboot-if-required.service -Source120: warm-pool-wait.service -Source122: has-boot-ever-succeeded.service -Source123: pluto.service - -# 2xx sources: tmpfilesd configs -Source200: migration-tmpfiles.conf -Source201: host-containers-tmpfiles.conf -Source202: thar-be-updates-tmpfiles.conf -Source203: bootstrap-containers-tmpfiles.conf -Source204: storewolf-tmpfiles.conf - -# 3xx sources: udev rules -Source300: ephemeral-storage.rules -Source301: ebs-volumes.rules -Source302: supplemental-storage.rules - -# 4xx sources: Bottlerocket licenses -Source400: COPYRIGHT -Source401: LICENSE-MIT -Source402: LICENSE-APACHE - -BuildRequires: %{_cross_os}glibc-devel -Requires: %{_cross_os}apiclient -Requires: %{_cross_os}apiserver -Requires: %{_cross_os}bloodhound -Requires: %{_cross_os}bootstrap-containers -Requires: %{_cross_os}bork -Requires: %{_cross_os}corndog -Requires: %{_cross_os}certdog -Requires: %{_cross_os}ghostdog -Requires: %{_cross_os}host-containers -Requires: %{_cross_os}logdog -Requires: %{_cross_os}metricdog -Requires: %{_cross_os}migration -Requires: %{_cross_os}prairiedog -Requires: %{_cross_os}schnauzer -Requires: %{_cross_os}settings-committer -Requires: %{_cross_os}shimpei -Requires: %{_cross_os}signpost -Requires: %{_cross_os}storewolf -Requires: %{_cross_os}sundog -Requires: %{_cross_os}xfscli -Requires: %{_cross_os}thar-be-settings -Requires: %{_cross_os}thar-be-updates -Requires: %{_cross_os}updog - -Requires: (%{_cross_os}pluto if %{_cross_os}variant-family(aws-k8s)) -Requires: (%{_cross_os}shibaken if %{_cross_os}variant-platform(aws)) -Requires: (%{_cross_os}cfsignal if %{_cross_os}variant-platform(aws)) - -Requires: (%{_cross_os}warm-pool-wait if %{_cross_os}variant-family(aws-k8s)) - -Requires: (%{_cross_os}driverdog if %{_cross_os}variant-flavor(nvidia)) - -%description -%{summary}. - -%package -n %{_cross_os}apiserver -Summary: Bottlerocket API server -Requires: %{_cross_os}settings-plugins -%description -n %{_cross_os}apiserver -%{summary}. - -%package -n %{_cross_os}apiclient -Summary: Bottlerocket API client -%description -n %{_cross_os}apiclient -%{summary}. - -%package -n %{_cross_os}sundog -Summary: Updates settings dynamically based on user-specified generators -%description -n %{_cross_os}sundog -%{summary}. - -%package -n %{_cross_os}bork -Summary: Dynamic setting generator for updog -%description -n %{_cross_os}bork -%{summary}. - -%package -n %{_cross_os}corndog -Summary: Bottlerocket sysctl helper -%description -n %{_cross_os}corndog -%{summary}. - -%package -n %{_cross_os}schnauzer -Summary: Setting generator for templated settings values. -%description -n %{_cross_os}schnauzer -%{summary}. - -%package -n %{_cross_os}thar-be-settings -Summary: Applies changed settings to a Bottlerocket system -%description -n %{_cross_os}thar-be-settings -%{summary}. - -%package -n %{_cross_os}thar-be-updates -Summary: Dispatches Bottlerocket update commands -%description -n %{_cross_os}thar-be-updates -%{summary}. - -%package -n %{_cross_os}host-containers -Summary: Manages system- and user-defined host containers -Requires: %{_cross_os}host-ctr -%description -n %{_cross_os}host-containers -%{summary}. - -%package -n %{_cross_os}storewolf -Summary: Data store creator -Requires: %{_cross_os}settings-defaults -%description -n %{_cross_os}storewolf -%{summary}. - -%package -n %{_cross_os}migration -Summary: Tools to migrate version formats -%description -n %{_cross_os}migration - -%package -n %{_cross_os}settings-committer -Summary: Commits settings from user data, defaults, and generators at boot -%description -n %{_cross_os}settings-committer -%{summary}. - -%package -n %{_cross_os}ghostdog -Summary: Tool to manage ephemeral disks -Requires: %{_cross_os}nvme-cli -%description -n %{_cross_os}ghostdog -%{summary}. - -%package -n %{_cross_os}signpost -Summary: Bottlerocket GPT priority querier/switcher -%description -n %{_cross_os}signpost -%{summary}. - -%package -n %{_cross_os}updog -Summary: Bottlerocket updater CLI -%description -n %{_cross_os}updog -not much what's up with you - -%package -n %{_cross_os}metricdog -Summary: Bottlerocket health metrics sender -%description -n %{_cross_os}metricdog -%{summary}. - -%package -n %{_cross_os}logdog -Summary: Bottlerocket log extractor -%description -n %{_cross_os}logdog -use logdog to extract logs from the Bottlerocket host - -%package -n %{_cross_os}migrations -Summary: Thar data store migrations -%description -n %{_cross_os}migrations -%{summary}. - -%package -n %{_cross_os}prairiedog -Summary: Tools for kdump support -Requires: %{_cross_os}kexec-tools -Requires: %{_cross_os}makedumpfile -%description -n %{_cross_os}prairiedog -%{summary}. - -%package -n %{_cross_os}certdog -Summary: Bottlerocket certificates handler -%description -n %{_cross_os}certdog -%{summary}. - -%package -n %{_cross_os}pluto -Summary: Dynamic setting generator for kubernetes -%description -n %{_cross_os}pluto -%{summary}. - -%package -n %{_cross_os}shibaken -Summary: Run tasks reliant on IMDS -%description -n %{_cross_os}shibaken -%{summary}. - -%package -n %{_cross_os}warm-pool-wait -Summary: Warm pool wait for aws k8s -Requires: %{_cross_os}shibaken -%description -n %{_cross_os}warm-pool-wait -%{summary}. - -%package -n %{_cross_os}cfsignal -Summary: Bottlerocket CloudFormation Stack signaler -%description -n %{_cross_os}cfsignal -%{summary}. - -%package -n %{_cross_os}shimpei -Summary: OCI-compatible shim around oci-add-hooks -Requires: %{_cross_os}oci-add-hooks -%description -n %{_cross_os}shimpei -%{summary}. - -%package -n %{_cross_os}driverdog -Summary: Tool to load additional drivers -Requires: %{_cross_os}binutils -%description -n %{_cross_os}driverdog -%{summary}. - -%package -n %{_cross_os}bootstrap-containers -Summary: Manages bootstrap-containers -%description -n %{_cross_os}bootstrap-containers -%{summary}. - -%package -n %{_cross_os}bloodhound -Summary: Compliance check framework -Requires: (%{_cross_os}bloodhound-k8s if %{_cross_os}variant-runtime(k8s)) -Requires: (%{_cross_os}bloodhound-fips if %{_cross_os}image-feature(fips)) -%description -n %{_cross_os}bloodhound -%{summary}. - -%package -n %{_cross_os}bloodhound-k8s -Summary: Compliance checks for Kubernetes -Requires: (%{_cross_os}bloodhound and %{_cross_os}variant-runtime(k8s)) -%description -n %{_cross_os}bloodhound-k8s -%{summary}. - -%package -n %{_cross_os}bloodhound-fips -Summary: Compliance checks for FIPS -Requires: (%{_cross_os}bloodhound and %{_cross_os}image-feature(fips)) -%description -n %{_cross_os}bloodhound-fips -%{summary}. - -%package -n %{_cross_os}xfscli -Summary: XFS progs cli -%description -n %{_cross_os}xfscli -%{summary}. - -%prep -%setup -T -c -%cargo_prep - -%build -mkdir bin - -# We want to build some components statically: -# * apiclient, because it needs to run from containers that don't have the same libraries available. -# * migrations, because they need to run after a system update where available libraries can change. -# -# Most of our components don't need to be static, though. This means we run cargo once for static -# and once for non-static. There's a long tail of crate builds for each of these that can be -# mitigated by running them in parallel, saving a fair amount of time. To do this, we kick off the -# static build in the background, run the non-static (main) build in the foreground, and then wait -# for the static build and print its output afterward. A failure of either will stop the build. - -# For static builds, first we find the migrations in the source tree. We assume the directory name -# is the same as the crate name. -migrations=() -for migration in $(find %{_builddir}/sources/api/migration/migrations/v[0-9]* -mindepth 1 -maxdepth 1 -type d); do - migrations+=("-p $(basename ${migration})") -done - -# Since RPM automatically logs the commands that run, and since we want to display those commands -# along with the output from the background job, we do some file descriptor juggling below. -# exec 3>&1 4>&2 - save stdout and stderr to fds 3 and 4 -# exec 1>"${output}" 2>&1 - redirect stdout and stderr to job-specific log -# exec 1>&3 2>&4 - restore stdout and stderr from fds 3 and 4 - -# Store the output so we can print it after waiting for the backgrounded job. -exec 3>&1 4>&2 -static_output="$(mktemp)" -exec 1>"${static_output}" 2>&1 -# Build static binaries in the background. -%cargo_build_static --manifest-path %{_builddir}/sources/Cargo.toml \ - -p apiclient \ - ${migrations[*]} \ - & -# Save the PID so we can wait for it later. -static_pid="$!" -exec 1>&3 2>&4 - -# The AWS SDK crates are extremely slow to build with only one codegen unit. -# Pessimize the release build for just the crates that depend on them. -# Store the output so we can print it after waiting for the backgrounded job. -exec 3>&1 4>&2 -aws_sdk_output="$(mktemp)" -exec 1>"${aws_sdk_output}" 2>&1 -RUSTFLAGS="$(echo "%{__global_rustflags_shared}" | sed -e 's,-Ccodegen-units=1,,g')" \ -%{__cargo_cross_env} \ -CARGO_TARGET_DIR="${HOME}/.cache/.aws-sdk" \ -%{__cargo} build \ - %{__cargo_cross_opts} \ - --release \ - --manifest-path %{_builddir}/sources/Cargo.toml \ - -p pluto \ - -p cfsignal \ - & -# Save the PID so we can wait for it later. -aws_sdk_pid="$!" -exec 1>&3 2>&4 - -# Run non-static builds in the foreground. -echo "** Output from non-static builds:" -%cargo_build --manifest-path %{_builddir}/sources/Cargo.toml \ - -p apiserver \ - -p sundog \ - -p schnauzer \ - -p bork \ - -p thar-be-settings \ - -p thar-be-updates \ - -p host-containers \ - -p storewolf \ - -p settings-committer \ - -p migrator \ - -p signpost \ - -p updog \ - -p logdog \ - -p metricdog \ - -p ghostdog \ - -p corndog \ - -p bootstrap-containers \ - -p prairiedog \ - -p certdog \ - -p shimpei \ - -p bloodhound \ - -p xfscli \ - -p shibaken \ - -p driverdog \ - %{nil} - -# Wait for static builds from the background, if they're not already done. -set +e; wait "${static_pid}"; static_rc="${?}"; set -e -echo -e "\n** Output from static builds:" -cat "${static_output}" -if [ "${static_rc}" -ne 0 ]; then - exit "${static_rc}" -fi - -# Wait for AWS SDK builds from the background, if they're not already done. -set +e; wait "${aws_sdk_pid}"; aws_sdk_rc="${?}"; set -e -echo -e "\n** Output from AWS SDK builds:" -cat "${aws_sdk_output}" -if [ "${aws_sdk_rc}" -ne 0 ]; then - exit "${aws_sdk_rc}" -fi - -%install -install -d %{buildroot}%{_cross_bindir} -for p in \ - apiserver \ - sundog schnauzer schnauzer-v2 bork \ - corndog thar-be-settings thar-be-updates host-containers \ - storewolf settings-committer \ - migrator prairiedog certdog \ - signpost updog metricdog logdog \ - ghostdog bootstrap-containers \ - shimpei bloodhound \ - bottlerocket-cis-checks \ - bottlerocket-fips-checks \ - kubernetes-cis-checks \ - shibaken \ - driverdog \ -; do - install -p -m 0755 ${HOME}/.cache/%{__cargo_target}/release/${p} %{buildroot}%{_cross_bindir} -done - -for p in \ - pluto \ - cfsignal \ -; do - install -p -m 0755 ${HOME}/.cache/.aws-sdk/%{__cargo_target}/release/${p} %{buildroot}%{_cross_bindir} -done - -install -d %{buildroot}%{_cross_sbindir} -for p in \ - xfs_admin xfs_info \ -; do - install -p -m 0755 ${HOME}/.cache/%{__cargo_target}/release/${p} %{buildroot}%{_cross_sbindir}/ -done -# Rename fsck_xfs binary to fsck.xfs -install -p -m 0755 ${HOME}/.cache/%{__cargo_target}/release/fsck_xfs %{buildroot}%{_cross_sbindir}/fsck.xfs - -# Add the bloodhound checker symlinks -mkdir -p %{buildroot}%{_cross_libexecdir}/cis-checks/bottlerocket -for p in \ - br01020100 br01060000 br03040103 br03040203 \ - br01010101 br01030100 br01040100 br01040200 br01040300 br01040400 \ - br01050100 br01050200 br02010101 br03010100 br03020100 br03020200 \ - br03020300 br03020400 br03020500 br03020600 br03020700 br03030100 \ - br03040101 br03040102 br03040201 br03040202 br04010101 br04010200 \ -; do - ln -rs %{buildroot}%{_cross_bindir}/bottlerocket-cis-checks \ - %{buildroot}%{_cross_libexecdir}/cis-checks/bottlerocket/${p} -done -install -m 0644 %{S:11} %{buildroot}%{_cross_libexecdir}/cis-checks/bottlerocket/metadata.json - -mkdir -p %{buildroot}%{_cross_libexecdir}/fips-checks/bottlerocket -for p in \ - fips01000000 fips01010000 fips01020000 fips01030000 \ -; do - ln -rs %{buildroot}%{_cross_bindir}/bottlerocket-fips-checks \ - %{buildroot}%{_cross_libexecdir}/fips-checks/bottlerocket/${p} -done -install -m 0644 %{S:20} %{buildroot}%{_cross_libexecdir}/fips-checks/bottlerocket/metadata.json - -# Only add the k8s checks if it is a k8s variant -mkdir -p %{buildroot}%{_cross_libexecdir}/cis-checks/kubernetes -for p in \ - k8s04010300 k8s04010400 k8s04020700 k8s04020800 \ - k8s04010100 k8s04010200 k8s04010500 k8s04010600 k8s04010700 \ - k8s04010800 k8s04010900 k8s04011000 k8s04020100 k8s04020200 \ - k8s04020300 k8s04020400 k8s04020500 k8s04020600 k8s04020900 \ - k8s04021000 k8s04021100 k8s04021200 k8s04021300 \ -; do - ln -rs %{buildroot}%{_cross_bindir}/kubernetes-cis-checks \ - %{buildroot}%{_cross_libexecdir}/cis-checks/kubernetes/${p} -done -install -m 0644 %{S:13} %{buildroot}%{_cross_libexecdir}/cis-checks/kubernetes/metadata.json - -for p in apiclient ; do - install -p -m 0755 ${HOME}/.cache/.static/%{__cargo_target_static}/release/${p} %{buildroot}%{_cross_bindir} -done - -install -d %{buildroot}%{_cross_datadir}/migrations -for version_path in %{_builddir}/sources/api/migration/migrations/v[0-9]*; do - [ -e "${version_path}" ] || continue - for migration_path in "${version_path}"/*; do - [ -e "${migration_path}" ] || continue - - version="${version_path##*/}" - crate_name="${migration_path##*/}" - migration_binary_name="migrate_${version}_${crate_name#migrate-}" - built_path="${HOME}/.cache/.static/%{__cargo_target_static}/release/${crate_name}" - target_path="%{buildroot}%{_cross_datadir}/migrations/${migration_binary_name}" - - install -m 0555 "${built_path}" "${target_path}" - done -done - -install -d %{buildroot}%{_cross_datadir}/bottlerocket - -install -d %{buildroot}%{_cross_sysusersdir} -install -p -m 0644 %{S:2} %{buildroot}%{_cross_sysusersdir}/api.conf - -install -d %{buildroot}%{_cross_datadir}/eks -install -p -m 0644 %{S:3} %{buildroot}%{_cross_datadir}/eks - -# Always install updog's data directory. -install -d %{buildroot}%{_cross_datadir}/updog - -# Older versions of Twoliter arranged to copy root.json into place by way of the -# Dockerfile, and made its path available in the _cross_repo_root_json macro. -# Newer versions defer the install of root.json to image creation time instead, -# so the file may not be present. -if [ -s "%{_cross_repo_root_json}" ] ; then - install -p -m 0644 %{_cross_repo_root_json} %{buildroot}%{_cross_datadir}/updog -fi - -install -d %{buildroot}%{_cross_templatedir} -install -p -m 0644 %{S:5} %{S:6} %{S:7} %{S:8} %{S:14} %{S:15} %{S:16} %{S:17} %{S:18} %{S:19} \ - %{buildroot}%{_cross_templatedir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 \ - %{S:100} %{S:102} %{S:103} %{S:105} \ - %{S:106} %{S:107} %{S:110} %{S:111} %{S:112} \ - %{S:113} %{S:114} %{S:119} %{S:122} %{S:123} \ - %{buildroot}%{_cross_unitdir} - -sed -e 's|PREFIX|%{_cross_prefix}|g' %{S:115} > link-kernel-modules.service -sed -e 's|PREFIX|%{_cross_prefix}|g' %{S:116} > load-kernel-modules.service -install -p -m 0644 \ - link-kernel-modules.service \ - load-kernel-modules.service \ - %{buildroot}%{_cross_unitdir} - -install -p -m 0644 %{S:10} %{buildroot}%{_cross_templatedir} -install -p -m 0644 %{S:120} %{buildroot}%{_cross_unitdir} - -install -p -m 0644 %{S:9} %{buildroot}%{_cross_templatedir} -install -p -m 0644 %{S:117} %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:200} %{buildroot}%{_cross_tmpfilesdir}/migration.conf -install -p -m 0644 %{S:201} %{buildroot}%{_cross_tmpfilesdir}/host-containers.conf -install -p -m 0644 %{S:202} %{buildroot}%{_cross_tmpfilesdir}/thar-be-updates.conf -install -p -m 0644 %{S:203} %{buildroot}%{_cross_tmpfilesdir}/bootstrap-containers.conf -install -p -m 0644 %{S:204} %{buildroot}%{_cross_tmpfilesdir}/storewolf.conf - -install -d %{buildroot}%{_cross_udevrulesdir} -install -p -m 0644 %{S:300} %{buildroot}%{_cross_udevrulesdir}/80-ephemeral-storage.rules -install -p -m 0644 %{S:301} %{buildroot}%{_cross_udevrulesdir}/81-ebs-volumes.rules -install -p -m 0644 %{S:302} %{buildroot}%{_cross_udevrulesdir}/82-supplemental-storage.rules - -%cross_scan_attribution --clarify %{_builddir}/sources/clarify.toml \ - cargo --offline --locked %{_builddir}/sources/Cargo.toml - -# Install licenses -install -d %{buildroot}%{_cross_licensedir} -install -p -m 0644 %{S:400} %{S:401} %{S:402} %{buildroot}%{_cross_licensedir} - -%files -%{_cross_attribution_vendor_dir} -%{_cross_licensedir}/COPYRIGHT -%{_cross_licensedir}/LICENSE-MIT -%{_cross_licensedir}/LICENSE-APACHE - -%files -n %{_cross_os}apiserver -%{_cross_bindir}/apiserver -%{_cross_unitdir}/apiserver.service -%{_cross_unitdir}/migrator.service -%{_cross_sysusersdir}/api.conf - -%files -n %{_cross_os}apiclient -%{_cross_bindir}/apiclient - -%files -n %{_cross_os}corndog -%{_cross_bindir}/corndog -%{_cross_templatedir}/corndog-toml - -%files -n %{_cross_os}sundog -%{_cross_bindir}/sundog -%{_cross_unitdir}/sundog.service - -%files -n %{_cross_os}schnauzer -%{_cross_bindir}/schnauzer -%{_cross_bindir}/schnauzer-v2 - -%files -n %{_cross_os}bork -%{_cross_bindir}/bork - -%files -n %{_cross_os}thar-be-settings -%{_cross_bindir}/thar-be-settings -%{_cross_unitdir}/settings-applier.service - -%files -n %{_cross_os}thar-be-updates -%{_cross_bindir}/thar-be-updates -%{_cross_tmpfilesdir}/thar-be-updates.conf -%{_cross_templatedir}/thar-be-updates-toml - -%files -n %{_cross_os}host-containers -%{_cross_bindir}/host-containers -%{_cross_unitdir}/host-containers@.service -%{_cross_tmpfilesdir}/host-containers.conf -%dir %{_cross_templatedir} -%{_cross_templatedir}/host-ctr-toml -%{_cross_templatedir}/host-containers-toml - -%files -n %{_cross_os}storewolf -%{_cross_bindir}/storewolf -%{_cross_unitdir}/storewolf.service -%{_cross_tmpfilesdir}/storewolf.conf - -%files -n %{_cross_os}migration -%{_cross_bindir}/migrator -%{_cross_tmpfilesdir}/migration.conf - -%files -n %{_cross_os}migrations -%dir %{_cross_datadir}/migrations -%{_cross_datadir}/migrations - -%files -n %{_cross_os}settings-committer -%{_cross_bindir}/settings-committer - -%files -n %{_cross_os}ghostdog -%{_cross_bindir}/ghostdog -%{_cross_udevrulesdir}/80-ephemeral-storage.rules -%{_cross_udevrulesdir}/81-ebs-volumes.rules -%{_cross_udevrulesdir}/82-supplemental-storage.rules - -%files -n %{_cross_os}signpost -%{_cross_bindir}/signpost -%{_cross_unitdir}/mark-successful-boot.service -%{_cross_unitdir}/has-boot-ever-succeeded.service - -%files -n %{_cross_os}updog -%{_cross_bindir}/updog -%{_cross_datadir}/updog -%dir %{_cross_templatedir} -%{_cross_templatedir}/updog-toml - -%files -n %{_cross_os}metricdog -%{_cross_bindir}/metricdog -%dir %{_cross_templatedir} -%{_cross_templatedir}/metricdog-toml -%{_cross_unitdir}/metricdog.service -%{_cross_unitdir}/metricdog.timer -%{_cross_unitdir}/send-boot-success.service - -%files -n %{_cross_os}logdog -%{_cross_bindir}/logdog - -%files -n %{_cross_os}shibaken -%{_cross_bindir}/shibaken -%dir %{_cross_templatedir} - -%files -n %{_cross_os}warm-pool-wait -%{_cross_templatedir}/warm-pool-wait-toml -%{_cross_unitdir}/warm-pool-wait.service - -%files -n %{_cross_os}cfsignal -%{_cross_bindir}/cfsignal -%dir %{_cross_templatedir} -%{_cross_templatedir}/cfsignal-toml -%{_cross_unitdir}/cfsignal.service - -%files -n %{_cross_os}driverdog -%{_cross_bindir}/driverdog -%{_cross_unitdir}/link-kernel-modules.service -%{_cross_unitdir}/load-kernel-modules.service - -%files -n %{_cross_os}pluto -%{_cross_bindir}/pluto -%{_cross_unitdir}/pluto.service -%dir %{_cross_datadir}/eks -%{_cross_datadir}/eks/eni-max-pods - -%files -n %{_cross_os}shimpei -%{_cross_bindir}/shimpei -%{_cross_templatedir}/oci-default-hooks-json - -%files -n %{_cross_os}prairiedog -%{_cross_bindir}/prairiedog -%{_cross_unitdir}/reboot-if-required.service -%{_cross_templatedir}/prairiedog-toml - -%files -n %{_cross_os}certdog -%{_cross_bindir}/certdog -%{_cross_templatedir}/certdog-toml - -%files -n %{_cross_os}bootstrap-containers -%{_cross_bindir}/bootstrap-containers -%{_cross_unitdir}/bootstrap-containers@.service -%{_cross_tmpfilesdir}/bootstrap-containers.conf -%{_cross_templatedir}/bootstrap-containers-toml - -%files -n %{_cross_os}bloodhound -%{_cross_bindir}/bloodhound -%{_cross_bindir}/bottlerocket-cis-checks -%{_cross_libexecdir}/cis-checks/bottlerocket - -%files -n %{_cross_os}bloodhound-k8s -%{_cross_bindir}/kubernetes-cis-checks -%{_cross_libexecdir}/cis-checks/kubernetes - -%files -n %{_cross_os}bloodhound-fips -%{_cross_bindir}/bottlerocket-fips-checks -%{_cross_libexecdir}/fips-checks/bottlerocket - -%files -n %{_cross_os}xfscli -%{_cross_sbindir}/xfs_admin -%{_cross_sbindir}/xfs_info -%{_cross_sbindir}/fsck.xfs - -%changelog diff --git a/packages/os/pluto.service b/packages/os/pluto.service deleted file mode 100644 index 5e5298faec8..00000000000 --- a/packages/os/pluto.service +++ /dev/null @@ -1,30 +0,0 @@ -[Unit] -Description=Generate additional settings for Kubernetes -# Treat pluto as an honorary settings generator. It should run after sundog runs other -# settings generators, and before settings-applier commits all the settings, renders -# config files, and restarts services. -After=network-online.target apiserver.service sundog.service -Before=settings-applier.service -Requires=sundog.service -# We don't want to restart the unit if the network goes offline or apiserver restarts -Wants=network-online.target apiserver.service -# Block manual interactions with this service, since it could leave the system in additional -# unexpected state -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -# pluto needs access to any Kubernetes settings supplied through user-data, along with -# network-related settings such as proxy servers. Commit any settings that might have -# been generated during the sundog phase. -ExecStartPre=/usr/bin/settings-committer -ExecStart=/usr/bin/pluto -RemainAfterExit=true -StandardError=journal+console - -[Install] -# settings-applier requires sundog to succeed as a signal that all settings generators ran -# successfully. Since pluto is an honorary settings generator, settings-applier also needs -# it to succeed before it can start. -RequiredBy=settings-applier.service diff --git a/packages/os/prairiedog-toml b/packages/os/prairiedog-toml deleted file mode 100644 index 9736dd2517a..00000000000 --- a/packages/os/prairiedog-toml +++ /dev/null @@ -1,19 +0,0 @@ -[required-extensions] -boot = "v1" -std = { version = "v1", helpers = ["default"]} -+++ -{{#if settings.boot}} -reboot-to-reconcile = {{default false settings.boot.reboot-to-reconcile}} -{{#if settings.boot.kernel}} -[kernel] -{{#each settings.boot.kernel}} -"{{@key}}" = [ {{#each this}}"{{{this}}}",{{/each}} ] -{{/each}} -{{/if}} -{{#if settings.boot.init}} -[init] -{{#each settings.boot.init}} -"{{@key}}" = [ {{#each this}}"{{{this}}}",{{/each}} ] -{{/each}} -{{/if}} -{{/if}} diff --git a/packages/os/reboot-if-required.service b/packages/os/reboot-if-required.service deleted file mode 100644 index 708a5a887e8..00000000000 --- a/packages/os/reboot-if-required.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Reboot system if needed for configuration changes to take effect -# Block manual interactions for now to prevent unplanned reboots. -RefuseManualStart=true -RefuseManualStop=true -After=configured.target - -[Service] -Type=oneshot -ExecStart=/usr/bin/prairiedog reboot-if-required -StandardError=journal+console diff --git a/packages/os/send-boot-success.service b/packages/os/send-boot-success.service deleted file mode 100644 index e4b544cb86b..00000000000 --- a/packages/os/send-boot-success.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Send boot success -# The unit depends on 'configured.target' since Metricdog indirectly -# depends on the proxy.env file created by settings-applier in the -# preconfigured target -After=network-online.target configured.target -Wants=network-online.target configured.target - -[Service] -Type=oneshot -RemainAfterExit=true -EnvironmentFile=/etc/network/proxy.env -ExecStart=-/usr/bin/metricdog send-boot-success - -[Install] -WantedBy=multi-user.target diff --git a/packages/os/settings-applier.service b/packages/os/settings-applier.service deleted file mode 100644 index f7d1198dc3a..00000000000 --- a/packages/os/settings-applier.service +++ /dev/null @@ -1,20 +0,0 @@ -[Unit] -Description=Applies settings to create config files -After=storewolf.service sundog.service early-boot-config.service apiserver.service -Requires=storewolf.service sundog.service early-boot-config.service -# We don't want to restart the unit if apiserver restarts -Wants=apiserver.service -# Block manual interactions with this service, since it could leave the system in an -# unexpected state -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -ExecStartPre=/usr/bin/settings-committer -ExecStart=/usr/bin/thar-be-settings --all -RemainAfterExit=true -StandardError=journal+console - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/os/storewolf-tmpfiles.conf b/packages/os/storewolf-tmpfiles.conf deleted file mode 100644 index 57c309b368b..00000000000 --- a/packages/os/storewolf-tmpfiles.conf +++ /dev/null @@ -1 +0,0 @@ -d /etc/storewolf 0700 root root - diff --git a/packages/os/storewolf.service b/packages/os/storewolf.service deleted file mode 100644 index 776db12481d..00000000000 --- a/packages/os/storewolf.service +++ /dev/null @@ -1,19 +0,0 @@ -[Unit] -Description=Datastore creator -After=migrator.service -Requires=migrator.service -# Block manual interactions with this service, since it could leave the system in an -# unexpected state -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -ExecStart=/usr/bin/storewolf \ - --data-store-base-path /var/lib/bottlerocket/datastore \ - --inventory-file-symlink-path /var/lib/bottlerocket/inventory/application.json -RemainAfterExit=true -StandardError=journal+console - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/os/sundog.service b/packages/os/sundog.service deleted file mode 100644 index 093089e935b..00000000000 --- a/packages/os/sundog.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=User-specified setting generators -# Needs network access to support commands talking to IMDS. -After=network-online.target apiserver.service early-boot-config.service -Requires=early-boot-config.service -# We don't want to restart the unit if the network goes offline or apiserver restarts -Wants=network-online.target apiserver.service -# Block manual interactions with this service, since it could leave the system in an -# unexpected state -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot -# Commit first so we can use settings from user data. -ExecStartPre=/usr/bin/settings-committer -ExecStart=/usr/bin/sundog -RemainAfterExit=true -StandardError=journal+console - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/os/supplemental-storage.rules b/packages/os/supplemental-storage.rules deleted file mode 100644 index f72e9d239e2..00000000000 --- a/packages/os/supplemental-storage.rules +++ /dev/null @@ -1,24 +0,0 @@ -# supplemental storage links: /dev/disk/by-volume-type-partuuid -# -# The purpose of the additional links is to encode what kind of backing device -# the partition resides on, for cases where systemd units need this information -# for conditional logic. - -ACTION=="remove", GOTO="supplemental_storage_end" -SUBSYSTEM!="block", GOTO="supplemental_storage_end" -ENV{DEVTYPE}!="partition", GOTO="supplemental_storage_end" - -# Only these drivers have "interesting" volume types. -KERNEL!="nvme*|xvd*|vd*", GOTO="supplemental_storage_end" - -# Set the volume type for each supported driver, annotating it with the volume -# sub-type, if any. -ENV{BOTTLEROCKET_VOLUME_TYPE}!="?*", KERNEL=="nvme*", ATTRS{model}=="Amazon EC2 NVMe Instance Storage*", ENV{BOTTLEROCKET_VOLUME_TYPE}="nvme-instance-store" -ENV{BOTTLEROCKET_VOLUME_TYPE}!="?*", KERNEL=="nvme*", ATTRS{model}=="Amazon Elastic Block Store*", ENV{BOTTLEROCKET_VOLUME_TYPE}="nvme-ebs" -ENV{BOTTLEROCKET_VOLUME_TYPE}!="?*", KERNEL=="nvme*", ENV{BOTTLEROCKET_VOLUME_TYPE}="nvme" -ENV{BOTTLEROCKET_VOLUME_TYPE}!="?*", KERNEL=="xvd*", ENV{BOTTLEROCKET_VOLUME_TYPE}="xen" -ENV{BOTTLEROCKET_VOLUME_TYPE}!="?*", KERNEL=="vd*", ENV{BOTTLEROCKET_VOLUME_TYPE}="virtio" - -ENV{ID_PART_ENTRY_UUID}=="?*" SYMLINK+="disk/by-volume-type-partuuid/$env{BOTTLEROCKET_VOLUME_TYPE}-$env{ID_PART_ENTRY_UUID}" - -LABEL="supplemental_storage_end" diff --git a/packages/os/thar-be-updates-tmpfiles.conf b/packages/os/thar-be-updates-tmpfiles.conf deleted file mode 100644 index c6103173ad4..00000000000 --- a/packages/os/thar-be-updates-tmpfiles.conf +++ /dev/null @@ -1 +0,0 @@ -d /run/cache/thar-be-updates 0755 root root - diff --git a/packages/os/thar-be-updates-toml b/packages/os/thar-be-updates-toml deleted file mode 100644 index d3f6abb37d2..00000000000 --- a/packages/os/thar-be-updates-toml +++ /dev/null @@ -1,5 +0,0 @@ -[required-extensions] -updates = "v1" -std = { version = "v1", helpers = ["default"] } -+++ -version-lock = "{{{default "latest" settings.updates.version-lock}}}" diff --git a/packages/os/updog-toml b/packages/os/updog-toml deleted file mode 100644 index 1b9520617b5..00000000000 --- a/packages/os/updog-toml +++ /dev/null @@ -1,16 +0,0 @@ -[required-extensions] -network = "v1" -std = { version = "v1", helpers = ["join_array"] } -updates = "v1" -+++ -metadata_base_url = "{{settings.updates.metadata-base-url}}" -targets_base_url = "{{settings.updates.targets-base-url}}" -seed = {{settings.updates.seed}} -version_lock = "{{settings.updates.version-lock}}" -ignore_waves = {{settings.updates.ignore-waves}} -{{#if settings.network.https-proxy}} -https_proxy="{{settings.network.https-proxy}}" -{{/if}} -{{#if settings.network.no-proxy}} -no_proxy=[{{join_array ", " settings.network.no-proxy}}] -{{/if}} diff --git a/packages/os/warm-pool-wait-toml b/packages/os/warm-pool-wait-toml deleted file mode 100644 index 78aafc5b332..00000000000 --- a/packages/os/warm-pool-wait-toml +++ /dev/null @@ -1,5 +0,0 @@ -[required-extensions] -autoscaling = "v1" -+++ -should_wait = {{settings.autoscaling.should-wait}} -marker_path = "/var/lib/bottlerocket/warm-pool-wait.ran" diff --git a/packages/os/warm-pool-wait.service b/packages/os/warm-pool-wait.service deleted file mode 100644 index 11dad21d7fc..00000000000 --- a/packages/os/warm-pool-wait.service +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Wait for the instance to be in service -After=configured.target -Wants=configured.target -Before=kubelet.service -# We only want to run once, at first boot. This file is created by shibaken -# after a successful run. -ConditionPathExists=!/var/lib/bottlerocket/warm-pool-wait.ran - -[Service] -Type=oneshot -ExecStart=/usr/bin/shibaken warm-pool-wait -RemainAfterExit=true - -[Install] -WantedBy=multi-user.target -RequiredBy=kubelet.service diff --git a/packages/pigz/Cargo.toml b/packages/pigz/Cargo.toml deleted file mode 100644 index 63a0e5b182f..00000000000 --- a/packages/pigz/Cargo.toml +++ /dev/null @@ -1,22 +0,0 @@ -[package] -name = "pigz" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -url = "https://zlib.net/pigz/pigz-2.8.tar.gz" -sha512 = "ae3d9d593e1645d65f9ab77aa828600c9af4bb30d0a073da7ae3dd805e65b87efaf6a0efb980f2d0168e475ae506eba194547d6479956dabb9d88293a9078a7f" - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } -libz = { path = "../libz" } - -# RPM Requires -[dependencies] -# None diff --git a/packages/pigz/pigz.spec b/packages/pigz/pigz.spec deleted file mode 100644 index cba9d43b53b..00000000000 --- a/packages/pigz/pigz.spec +++ /dev/null @@ -1,35 +0,0 @@ -Name: %{_cross_os}pigz -Version: 2.8 -Release: 1%{?dist} -Summary: pigz is a parallel implementation of gzip which utilizes multiple cores -License: Zlib AND Apache-2.0 -URL: http://www.zlib.net/pigz -Source0: https://zlib.net/pigz/pigz-%{version}.tar.gz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libz-devel - -%description -%{summary}. - -%prep -%autosetup -n pigz-%{version} -p1 - -%global set_env \ -%set_cross_build_flags \\\ -export CC=%{_cross_target}-gcc \\\ -%{nil} - -%build -%set_env -%make_build CC="${CC}" CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}" - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 unpigz %{buildroot}%{_cross_bindir} - -%files -%license README zopfli/COPYING -%{_cross_bindir}/unpigz -%{_cross_attribution_file} - -%changelog diff --git a/packages/policycoreutils/Cargo.toml b/packages/policycoreutils/Cargo.toml deleted file mode 100644 index 733c33c0c2e..00000000000 --- a/packages/policycoreutils/Cargo.toml +++ /dev/null @@ -1,22 +0,0 @@ -[package] -name = "policycoreutils" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/SELinuxProject/selinux/releases/" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/SELinuxProject/selinux/releases/download/3.6/policycoreutils-3.6.tar.gz" -sha512 = "e1f32e6e0310b879a5aadab157b103314a61bf3b8fd59c1212d701fbf39900e3b9a0b727338988103d784a7e505355a871ba519dd91520b135a3b9dae40bf1b0" - -[build-dependencies] -glibc = { path = "../glibc" } -libselinux = { path = "../libselinux" } -libsemanage = { path = "../libsemanage" } -libsepol = { path = "../libsepol" } diff --git a/packages/policycoreutils/policycoreutils.spec b/packages/policycoreutils/policycoreutils.spec deleted file mode 100644 index ebc27833c08..00000000000 --- a/packages/policycoreutils/policycoreutils.spec +++ /dev/null @@ -1,60 +0,0 @@ -Name: %{_cross_os}policycoreutils -Version: 3.6 -Release: 1%{?dist} -Summary: A set of SELinux policy tools -License: GPL-2.0-only -URL: https://github.com/SELinuxProject/ -Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/policycoreutils-%{version}.tar.gz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libselinux-devel -BuildRequires: %{_cross_os}libsemanage-devel -BuildRequires: %{_cross_os}libsepol-devel -Requires: %{_cross_os}libselinux -Requires: %{_cross_os}libselinux-utils -Requires: %{_cross_os}libsemanage -Requires: %{_cross_os}libsepol - -%description -%{summary}. - -%prep -%autosetup -n policycoreutils-%{version} -p1 - -%global set_env \ -%set_cross_build_flags \\\ -export CC="%{_cross_target}-gcc" \\\ -export DESTDIR='%{buildroot}' \\\ -export PREFIX='%{_cross_prefix}' \\\ -export SBINDIR='%{_cross_sbindir}' \\\ -export LOCALEDIR='%{_cross_localedir}' \\\ -%{nil} - -%build -%set_env -for dir in load_policy semodule sestatus setfiles ; do - %make_build -C ${dir} -done - -%install -%set_env -for dir in load_policy semodule sestatus setfiles ; do - %make_install -C ${dir} -done -# remove unneeded compatibility symlink -rm %{buildroot}%{_cross_sbindir}/sestatus - -%files -%license LICENSE -%{_cross_attribution_file} -%{_cross_sbindir}/load_policy -%{_cross_sbindir}/semodule -%{_cross_bindir}/sestatus -%{_cross_sbindir}/setfiles -%exclude %{_cross_sbindir}/genhomedircon -%exclude %{_cross_sbindir}/restorecon -%exclude %{_cross_sbindir}/restorecon_xattr -%exclude %{_cross_bashdir} -%exclude %{_cross_mandir} -%exclude %{_cross_sysconfdir} - -%changelog diff --git a/packages/procps/Cargo.toml b/packages/procps/Cargo.toml deleted file mode 100644 index b9feef8065e..00000000000 --- a/packages/procps/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "procps" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://gitlab.com/procps-ng/procps/-/tags" - -[[package.metadata.build-package.external-files]] -url = "https://gitlab.com/procps-ng/procps/-/archive/v4.0.4/procps-v4.0.4.tar.gz" -sha512 = "b7ba28391b71ad95fda6de25c539132face53c308402d615aa6f5bdde0b5c3de3f5b1b7623e4b1fb92dc36bc2d5b73268afda21c992ef94b1059ba0cd2b6a340" - -[build-dependencies] -glibc = { path = "../glibc" } -libselinux = { path = "../libselinux" } diff --git a/packages/procps/procps.spec b/packages/procps/procps.spec deleted file mode 100644 index cae7fd459e2..00000000000 --- a/packages/procps/procps.spec +++ /dev/null @@ -1,74 +0,0 @@ -Name: %{_cross_os}procps -Version: 4.0.4 -Release: 1%{?dist} -Summary: A set of process monitoring tools -License: GPL-2.0-or-later AND LGPL-2.1-or-later -URL: https://gitlab.com/procps-ng/procps -Source0: https://gitlab.com/procps-ng/procps/-/archive/v%{version}/procps-v%{version}.tar.gz -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libselinux-devel -Requires: %{_cross_os}libselinux - -%description -%{summary}. - -%package devel -Summary: Files for development using the process monitoring tools -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n procps-v%{version} -p1 - -%build -./autogen.sh -%cross_configure \ - --enable-libselinux \ - --enable-skill \ - --disable-kill \ - --disable-modern-top \ - --disable-nls \ - --disable-w-from \ - --without-ncurses \ - --without-systemd \ - -%force_disable_rpath - -%make_build - -%install -%make_install - -%files -%license COPYING COPYING.LIB -%{_cross_attribution_file} -%{_cross_bindir}/free -%{_cross_bindir}/pgrep -%{_cross_bindir}/pidof -%{_cross_bindir}/pkill -%{_cross_bindir}/pmap -%{_cross_bindir}/ps -%{_cross_bindir}/pwdx -%{_cross_bindir}/pidwait -%{_cross_bindir}/skill -%{_cross_bindir}/snice -%{_cross_bindir}/tload -%{_cross_bindir}/uptime -%{_cross_bindir}/vmstat -%{_cross_bindir}/w -%{_cross_sbindir}/sysctl -%{_cross_libdir}/*.so.* - -%exclude %{_cross_docdir}/* -%exclude %{_cross_mandir}/* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/libproc2 -%{_cross_includedir}/libproc2/*.h -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/readline/Cargo.toml b/packages/readline/Cargo.toml deleted file mode 100644 index 07ffe53106b..00000000000 --- a/packages/readline/Cargo.toml +++ /dev/null @@ -1,20 +0,0 @@ -[package] -name = "readline" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://ftp.gnu.org/gnu/readline" - -[[package.metadata.build-package.external-files]] -url = "https://ftp.gnu.org/gnu/readline/readline-8.2.tar.gz" -sha512 = "0a451d459146bfdeecc9cdd94bda6a6416d3e93abd80885a40b334312f16eb890f8618a27ca26868cebbddf1224983e631b1cbc002c1a4d1cd0d65fba9fea49a" - -[build-dependencies] -glibc = { path = "../glibc" } -libncurses = { path = "../libncurses" } diff --git a/packages/readline/readline-8.2-shlib.patch b/packages/readline/readline-8.2-shlib.patch deleted file mode 100644 index bbeff8c245e..00000000000 --- a/packages/readline/readline-8.2-shlib.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff --git a/shlib/Makefile.in b/shlib/Makefile.in -index d138524..b68b0cc 100644 ---- a/shlib/Makefile.in -+++ b/shlib/Makefile.in -@@ -178,7 +178,7 @@ $(SHARED_READLINE): $(SHARED_OBJ) - - $(SHARED_HISTORY): $(SHARED_HISTOBJ) xmalloc.so xfree.so - $(RM) $@ -- $(SHOBJ_LD) ${SHOBJ_LDFLAGS} ${SHLIB_XLDFLAGS} -o $@ $(SHARED_HISTOBJ) xmalloc.so xfree.so $(SHLIB_LIBS) -+ $(SHOBJ_LD) ${SHOBJ_LDFLAGS} ${SHLIB_XLDFLAGS} -o $@ $(SHARED_HISTOBJ) xmalloc.so xfree.so - - # Since tilde.c is shared between readline and bash, make sure we compile - # it with the right flags when it's built as part of readline -diff --git a/support/shobj-conf b/support/shobj-conf -index cd7634d..b9df437 100644 ---- a/support/shobj-conf -+++ b/support/shobj-conf -@@ -126,10 +126,11 @@ sunos5*|solaris2*) - linux*-*|gnu*-*|k*bsd*-gnu-*|midnightbsd*|freebsd*|dragonfly*) - SHOBJ_CFLAGS=-fPIC - SHOBJ_LD='${CC}' -- SHOBJ_LDFLAGS='-shared -Wl,-soname,$@' -+ SHOBJ_LDFLAGS='$(CFLAGS) -shared -Wl,-soname,$@' - -- SHLIB_XLDFLAGS='-Wl,-rpath,$(libdir) -Wl,-soname,`basename $@ $(SHLIB_MINOR)`' -+ SHLIB_XLDFLAGS='-Wl,-soname,`basename $@ $(SHLIB_MINOR)`' - SHLIB_LIBVERSION='$(SHLIB_LIBSUFF).$(SHLIB_MAJOR)$(SHLIB_MINOR)' -+ SHLIB_LIBS='-ltinfo' - ;; - - # Darwin/MacOS X diff --git a/packages/readline/readline.spec b/packages/readline/readline.spec deleted file mode 100644 index b817ae24d52..00000000000 --- a/packages/readline/readline.spec +++ /dev/null @@ -1,48 +0,0 @@ -Name: %{_cross_os}readline -Version: 8.2 -Release: 1%{?dist} -Summary: A library for editing typed command lines -License: GPL-3.0-or-later -URL: https://tiswww.case.edu/php/chet/readline/rltop.html -Source0: https://ftp.gnu.org/gnu/readline/readline-%{version}.tar.gz -Patch1: readline-8.2-shlib.patch -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libncurses-devel -Requires: %{_cross_os}libncurses - -%description -%{summary}. - -%package devel -Summary: Files for development using a library for editing typed command lines -Requires: %{name} - -%description devel -%{summary}. - -%prep -%autosetup -n readline-%{version} -p1 - -%build -%cross_configure --with-curses --disable-install-examples -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_libdir}/*.so.* -%exclude %{_cross_infodir} -%exclude %{_cross_mandir} -%exclude %{_cross_datadir}/doc/readline/* - -%files devel -%{_cross_libdir}/*.a -%{_cross_libdir}/*.so -%dir %{_cross_includedir}/readline -%{_cross_includedir}/readline/*.h -%{_cross_pkgconfigdir}/*.pc - -%changelog diff --git a/packages/release/80-release.link b/packages/release/80-release.link deleted file mode 100644 index 4c364bd5d99..00000000000 --- a/packages/release/80-release.link +++ /dev/null @@ -1,11 +0,0 @@ -[Match] -OriginalName=* - -[Link] -# Bottlerocket disables hwdb so don't include "database" in NamePolicy -NamePolicy=keep kernel onboard slot path -AlternativeNamesPolicy=onboard slot path - -# Applying a MAC address policy can confuse CNI plugins, which do -# not expect addresses to change for devices like veth pairs. -MACAddressPolicy=none diff --git a/packages/release/Cargo.toml b/packages/release/Cargo.toml deleted file mode 100644 index e0bd4def63a..00000000000 --- a/packages/release/Cargo.toml +++ /dev/null @@ -1,55 +0,0 @@ -[package] -name = "release" -version = "0.0.0" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] - -[lib] -path = "../packages.rs" - -# RPM BuildRequires -[build-dependencies] -# None - -# RPM Requires -[dependencies] -acpid = { path = "../acpid" } -binutils = { path = "../binutils" } -chrony = { path = "../chrony" } -conntrack-tools = { path = "../conntrack-tools" } -containerd = { path = "../containerd" } -coreutils = { path = "../coreutils" } -dbus-broker = { path = "../dbus-broker" } -e2fsprogs = { path = "../e2fsprogs" } -early-boot-config = { path = "../early-boot-config" } -ethtool = { path = "../ethtool" } -filesystem = { path = "../filesystem" } -findutils = { path = "../findutils" } -glibc = { path = "../glibc" } -grep = { path = "../grep" } -grub = { path = "../grub" } -host-ctr = { path = "../host-ctr" } -iproute = { path = "../iproute" } -iptables = { path = "../iptables" } -kexec-tools = { path = "../../packages/kexec-tools" } -keyutils = { path = "../keyutils" } -libaudit = { path = "../libaudit" } -libgcc = { path = "../libgcc" } -libkcapi = { path = "../libkcapi" } -libstd-rust = { path = "../libstd-rust" } -mdadm = { path = "../mdadm" } -nvme-cli = { path = "../nvme-cli" } -makedumpfile = { path = "../../packages/makedumpfile" } -netdog = {path = "../netdog" } -os = { path = "../os" } -oci-add-hooks = { path = "../oci-add-hooks" } -policycoreutils = { path = "../policycoreutils" } -procps = { path = "../procps" } -selinux-policy = { path = "../selinux-policy" } -shim = { path = "../shim" } -systemd = { path = "../systemd" } -util-linux = { path = "../util-linux" } -xfsprogs = { path = "../xfsprogs" } diff --git a/packages/release/activate-configured.service b/packages/release/activate-configured.service deleted file mode 100644 index d99b90d0503..00000000000 --- a/packages/release/activate-configured.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Isolates configured.target -After=preconfigured.target -Requires=preconfigured.target - -[Service] -Type=oneshot -ExecStart=/usr/bin/systemctl set-default configured -ExecStart=/usr/bin/systemctl isolate default --no-block -RemainAfterExit=true -StandardError=journal+console - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/activate-multi-user.service b/packages/release/activate-multi-user.service deleted file mode 100644 index 694f6f60f9b..00000000000 --- a/packages/release/activate-multi-user.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Isolates multi-user.target -After=configured.target reboot-if-required.service -Requires=configured.target reboot-if-required.service - -[Service] -Type=oneshot -ExecStart=/usr/bin/systemctl set-default multi-user -ExecStart=/usr/bin/systemctl isolate default --no-block -RemainAfterExit=true -StandardError=journal+console - -[Install] -WantedBy=configured.target diff --git a/packages/release/activate-preconfigured.service b/packages/release/activate-preconfigured.service deleted file mode 100644 index 48618017397..00000000000 --- a/packages/release/activate-preconfigured.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Isolates preconfigured.target -DefaultDependencies=no -After=fipscheck.target -Requires=fipscheck.target - -[Service] -Type=oneshot -ExecStart=/usr/bin/systemctl set-default preconfigured -ExecStart=/usr/bin/systemctl isolate default --no-block -RemainAfterExit=true -StandardOutput=tty -StandardError=inherit - -[Install] -WantedBy=fipscheck.target diff --git a/packages/release/aws-config b/packages/release/aws-config deleted file mode 100644 index f0e4490e851..00000000000 --- a/packages/release/aws-config +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -aws = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.aws.config~}} -{{base64_decode settings.aws.config}} -{{~/if~}} \ No newline at end of file diff --git a/packages/release/aws-credentials b/packages/release/aws-credentials deleted file mode 100644 index f8ce41fef71..00000000000 --- a/packages/release/aws-credentials +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -aws = "v1" -std = { version = "v1", helpers = ["base64_decode"] } -+++ -{{~#if settings.aws.credentials~}} -{{base64_decode settings.aws.credentials}} -{{~/if~}} \ No newline at end of file diff --git a/packages/release/bootconfig-fips.conf b/packages/release/bootconfig-fips.conf deleted file mode 100644 index ed9be5ffc82..00000000000 --- a/packages/release/bootconfig-fips.conf +++ /dev/null @@ -1,2 +0,0 @@ -kernel.fips = 1 -init.systemd.unit = fipscheck.target diff --git a/packages/release/capture-kernel-dump.service b/packages/release/capture-kernel-dump.service deleted file mode 100644 index 0c9f5c10872..00000000000 --- a/packages/release/capture-kernel-dump.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Capture dump after kernel crash -DefaultDependencies=no -Requires=local-fs.target systemd-sysusers.service systemd-udevd.service systemd-udev-trigger.service systemd-tmpfiles-setup.service systemd-tmpfiles-setup-dev.service -After=local-fs.target systemd-sysusers.service systemd-udevd.service systemd-udev-trigger.service systemd-tmpfiles-setup.service systemd-tmpfiles-setup-dev.service - -[Service] -Type=oneshot -ExecStart=/usr/bin/prairiedog capture-dump -ExecStopPost=/usr/bin/systemctl reboot -StandardError=journal+console diff --git a/packages/release/check-fips-modules.service b/packages/release/check-fips-modules.service deleted file mode 100644 index e9c1e47627d..00000000000 --- a/packages/release/check-fips-modules.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=Run FIPS crypto module check -RefuseManualStart=true -RefuseManualStop=true -DefaultDependencies=no -Before=fipscheck.target -After=check-kernel-integrity.service -Requires=check-kernel-integrity.service -ConditionKernelCommandLine=fips=1 -ConditionPathExists=!/etc/.fips-module-check-passed - -[Service] -Type=oneshot -ExecStart=/usr/bin/modprobe tcrypt -ExecStart=/usr/bin/rmmod tcrypt -ExecStart=/usr/bin/touch /etc/.fips-module-check-passed -RemainAfterExit=true -StandardOutput=tty -StandardError=inherit - -[Install] -RequiredBy=fipscheck.target diff --git a/packages/release/check-kernel-integrity.service b/packages/release/check-kernel-integrity.service deleted file mode 100644 index e239b42e4f0..00000000000 --- a/packages/release/check-kernel-integrity.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=Run FIPS kernel integrity check -RefuseManualStart=true -RefuseManualStop=true -DefaultDependencies=no -Before=fipscheck.target -After=prepare-boot.service -Requires=prepare-boot.service -ConditionKernelCommandLine=fips=1 -ConditionPathExists=!/etc/.fips-kernel-check-passed - -[Service] -Type=oneshot -WorkingDirectory=/boot -ExecStart=/usr/bin/sha512hmac -q -c /boot/.vmlinuz.hmac -ExecStart=/usr/bin/touch /etc/.fips-kernel-check-passed -RemainAfterExit=true -StandardOutput=tty -StandardError=inherit - -[Install] -RequiredBy=fipscheck.target diff --git a/packages/release/configured.target b/packages/release/configured.target deleted file mode 100644 index 4b315c39b6c..00000000000 --- a/packages/release/configured.target +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Bottlerocket final configuration complete -After=preconfigured.target -Requires=preconfigured.target -AllowIsolate=yes - -[Install] -RequiredBy=multi-user.target diff --git a/packages/release/deprecation-warning@.service b/packages/release/deprecation-warning@.service deleted file mode 100644 index 6b5d19507da..00000000000 --- a/packages/release/deprecation-warning@.service +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Deprecation warning for %i - -[Service] -Type=simple -EnvironmentFile=/etc/deprecated-settings/%i -ExecStart=/usr/bin/logger -p4 The setting "${DEPRECATED_SETTING}" is deprecated and has no effect. It will be removed in future versions of Bottlerocket. -StandardError=journal+console diff --git a/packages/release/deprecation-warning@.timer b/packages/release/deprecation-warning@.timer deleted file mode 100644 index a7ae4632075..00000000000 --- a/packages/release/deprecation-warning@.timer +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Scheduled deprecation warning for %i -ConditionFileNotEmpty=/etc/deprecated-settings/%i - -[Timer] -Persistent=false -# Run immediately on startup -OnStartupSec=0 -# Run every 6 hours thereafter -OnUnitActiveSec=21600 -AccuracySec=10 - -[Install] -WantedBy=timers.target diff --git a/packages/release/disable-kexec-load.service b/packages/release/disable-kexec-load.service deleted file mode 100644 index 0d0cad96c7e..00000000000 --- a/packages/release/disable-kexec-load.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Disable kexec load syscalls -RefuseManualStart=true -RefuseManualStop=true -After=load-crash-kernel.service - -[Service] -Type=oneshot -# Set the kernel setting using sysctl since this is -# a security setting we are trying to enforce -ExecStart=/sbin/sysctl kernel.kexec_load_disabled=1 -RemainAfterExit=true -StandardError=journal+console - -[Install] -RequiredBy=preconfigured.target diff --git a/packages/release/etc-cni.mount b/packages/release/etc-cni.mount deleted file mode 100644 index a73927381d5..00000000000 --- a/packages/release/etc-cni.mount +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=CNI Configuration Directory (/etc/cni) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target - -[Mount] -What=tmpfs -Where=/etc/cni -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,mode=0755 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/fips-modprobe@.service b/packages/release/fips-modprobe@.service deleted file mode 100644 index 9b0d61f7c2d..00000000000 --- a/packages/release/fips-modprobe@.service +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=Load FIPS crypto module %i -RefuseManualStart=true -RefuseManualStop=true -DefaultDependencies=no -Before=fipscheck.target -After=check-kernel-integrity.service -Requires=check-kernel-integrity.service -StartLimitIntervalSec=0 -ConditionKernelCommandLine=fips=1 -ConditionPathExists=!/etc/.fips-module-check-passed - -[Service] -Type=oneshot -# Check if it's a generic algorithm the kernel provides. If so, don't continue. -ExecCondition=/usr/bin/grep -qvzE '(name|driver)\\s+:\\s+%i\\s+' /proc/crypto -# Otherwise, attempt to load the module. -ExecStart=-/sbin/modprobe %i -# Ensure that the stderr file exists. Otherwise, grep fails on an empty file. -ExecStart=-/usr/bin/touch /.read-only.%i -# Succeed unless there was a fatal error. -ExecStart=/usr/bin/grep -Fqvzw FATAL /etc/.fips-modprobe.%i -RemainAfterExit=true -StandardOutput=tty -StandardError=append:/etc/.fips-modprobe.%i diff --git a/packages/release/fipscheck.target b/packages/release/fipscheck.target deleted file mode 100644 index 25bb15ec0da..00000000000 --- a/packages/release/fipscheck.target +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=FIPS integrity check -AllowIsolate=false -RefuseManualStart=true -RefuseManualStop=true - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/hostname-env b/packages/release/hostname-env deleted file mode 100644 index 1e68d643eb3..00000000000 --- a/packages/release/hostname-env +++ /dev/null @@ -1,4 +0,0 @@ -[required-extensions] -network = "v1" -+++ -HOSTNAME={{settings.network.hostname}} diff --git a/packages/release/hosts.template b/packages/release/hosts.template deleted file mode 100644 index 0a2264af272..00000000000 --- a/packages/release/hosts.template +++ /dev/null @@ -1,7 +0,0 @@ -[required-extensions] -network = { version = "v1", helpers = ["localhost_aliases", "etc_hosts_entries"] } -+++ -127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 {{localhost_aliases "ipv4" settings.network.hostname settings.network.hosts}} -::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 {{localhost_aliases "ipv6" settings.network.hostname settings.network.hosts}} - -{{etc_hosts_entries settings.network.hosts}} diff --git a/packages/release/lib-modules.mount.in b/packages/release/lib-modules.mount.in deleted file mode 100644 index 1dd1ca00cf0..00000000000 --- a/packages/release/lib-modules.mount.in +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Kernel Modules (Read-Write) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -Wants=prepare-var.service -After=prepare-var.service -RequiresMountsFor=/var - -[Mount] -What=overlay -Where=PREFIX/lib/modules -Type=overlay -Options=nosuid,nodev,noexec,noatime,lowerdir=/lib/modules,upperdir=/var/lib/kernel-modules/.overlay/upper,workdir=/var/lib/kernel-modules/.overlay/work,context=system_u:object_r:state_t:s0 - -[Install] -WantedBy=local-fs.target diff --git a/packages/release/load-crash-kernel.service b/packages/release/load-crash-kernel.service deleted file mode 100644 index 90cb27811c3..00000000000 --- a/packages/release/load-crash-kernel.service +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Load crash kernel -ConditionKernelCommandLine=crashkernel -ConditionPathExists=!/proc/vmcore -RefuseManualStart=true -RefuseManualStop=true -Requires=prepare-boot.service -After=prepare-boot.service - -[Service] -Type=oneshot -ExecStart=/usr/bin/prairiedog load-crash-kernel -RemainAfterExit=true -StandardError=journal+console - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/local.mount b/packages/release/local.mount deleted file mode 100644 index d0d9bd317b7..00000000000 --- a/packages/release/local.mount +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Local Directory (/local) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=prepare-local-fs.service -Requires=prepare-local-fs.service - -[Mount] -What=/dev/disk/by-partlabel/BOTTLEROCKET-DATA -Where=/local -# "noexec" omitted to allow containers and migrations to run -Options=defaults,nosuid,nodev,noatime,private -StandardError=journal+console - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/log4j-hotpatch-enabled b/packages/release/log4j-hotpatch-enabled deleted file mode 100644 index b70960ac13c..00000000000 --- a/packages/release/log4j-hotpatch-enabled +++ /dev/null @@ -1,6 +0,0 @@ -[required-extensions] -oci-hooks = { version = "v1", optional = true } -+++ -{{~#if settings.oci-hooks.log4j-hotpatch-enabled~}} -DEPRECATED_SETTING=oci-hooks.log4j-hotpatch-enabled -{{~/if~}} diff --git a/packages/release/logdog.common.conf b/packages/release/logdog.common.conf deleted file mode 100644 index bfc61675cde..00000000000 --- a/packages/release/logdog.common.conf +++ /dev/null @@ -1,19 +0,0 @@ -exec containerd-config containerd --config /etc/containerd/config.toml config dump -exec containerd-config-host containerd --config /etc/host-containerd/config.toml config dump -exec df df -h -exec df-inodes df -hi -exec dmesg dmesg --color=never --nopager -exec iptables-filter iptables -nvL -t filter -exec iptables-nat iptables -nvL -t nat -exec journalctl-boots journalctl --list-boots --no-pager -exec journalctl.errors journalctl -p err -a --no-pager -exec journalctl.log journalctl -o short-precise -a --no-pager -exec systemd-analyze-blame systemd-analyze blame --no-pager -exec systemd-analyze-critical-chain systemd-analyze critical-chain --no-pager preconfigured.target configured.target multi-user.target -exec systemd-analyze-plot.svg systemd-analyze plot -# file copy does not work for this, use cat command instead -exec proc-mounts cat /proc/mounts -exec signpost signpost status -file os-release /etc/os-release -glob /var/log/kdump/* -settings settings.json diff --git a/packages/release/mask-local-mnt.service b/packages/release/mask-local-mnt.service deleted file mode 100644 index 4deb43f73d2..00000000000 --- a/packages/release/mask-local-mnt.service +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=Mask Local Mnt Directory (/local/mnt) -DefaultDependencies=no -RequiresMountsFor=/local /mnt -BindsTo=mnt.mount -ConditionPathIsMountPoint=!/local/mnt -Conflicts=umount.target -Before=umount.target -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Mask `/local/mnt` to avoid confusion, since it will have most of the contents -# of `/mnt` but not any of the mounts. -ExecStart=/usr/bin/mount --bind --options nosuid,nodev,noexec,private /srv /local/mnt - -# If `/mnt` is unmounted, this unit will stop because of `BindsTo` above. Try -# to undo the mount since otherwise the empty directory could be bind-mounted -# over `/mnt` if `mnt.mount` is restarted. -ExecStop=/usr/bin/umount /local/mnt - -RemainAfterExit=true -StandardError=journal+console diff --git a/packages/release/mask-local-opt.service b/packages/release/mask-local-opt.service deleted file mode 100644 index 26f4ed53174..00000000000 --- a/packages/release/mask-local-opt.service +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=Mask Local Opt Directory (/local/opt) -DefaultDependencies=no -RequiresMountsFor=/local /opt -BindsTo=opt.mount -ConditionPathIsMountPoint=!/local/opt -Conflicts=umount.target -Before=umount.target -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Mask `/local/opt` to avoid confusion, since it will have most of the contents -# of `/opt` but not any of the mounts. -ExecStart=/usr/bin/mount --bind --options nosuid,nodev,noexec,private /srv /local/opt - -# If `/opt` is unmounted, this unit will stop because of `BindsTo` above. Try -# to undo the mount since otherwise the empty directory could be bind-mounted -# over `/opt` if `opt.mount` is restarted. -ExecStop=-/usr/bin/umount /local/opt - -RemainAfterExit=true -StandardError=journal+console diff --git a/packages/release/mask-local-var.service b/packages/release/mask-local-var.service deleted file mode 100644 index 4dfc2d123cb..00000000000 --- a/packages/release/mask-local-var.service +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=Mask Local Var Directory (/local/var) -DefaultDependencies=no -RequiresMountsFor=/local /var -BindsTo=var.mount -ConditionPathIsMountPoint=!/local/var -Conflicts=umount.target -Before=umount.target -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Mask `/local/var` to avoid confusion, since it will have most of the contents -# of `/var` but not any of the mounts. -ExecStart=/usr/bin/mount --bind --options nosuid,nodev,noexec,private /srv /local/var - -# If `/var` is unmounted, this unit will stop because of `BindsTo` above. Try -# to undo the mount since otherwise the empty directory could be bind-mounted -# over `/var` if `var.mount` is restarted. -ExecStop=-/usr/bin/umount /local/var - -RemainAfterExit=true -StandardError=journal+console diff --git a/packages/release/media-cdrom.mount b/packages/release/media-cdrom.mount deleted file mode 100644 index be9c7a38887..00000000000 --- a/packages/release/media-cdrom.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=CD-ROM mount (/media/cdrom) -# Only run this unit if /dev/cdrom exists and is tracked via systemd. (systemd -# ships with a udev rule to tag and symlink the first suspected cdrom device to -# /dev/cdrom) -BindsTo=dev-cdrom.device -After=dev-cdrom.device -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target - -[Mount] -What=/dev/cdrom -Where=/media/cdrom -Type=iso9660 -Options=ro,defaults,nosuid,nodev,noexec,noatime diff --git a/packages/release/mnt.mount b/packages/release/mnt.mount deleted file mode 100644 index 970df33c949..00000000000 --- a/packages/release/mnt.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Mnt Directory (/mnt) -DefaultDependencies=no -Conflicts=umount.target -Wants=mask-local-mnt.service -Before=local-fs.target umount.target mask-local-mnt.service -RequiresMountsFor=/local - -[Mount] -What=/local/mnt -Where=/mnt -Type=none -Options=rbind,rshared - -[Install] -WantedBy=local-fs.target diff --git a/packages/release/modprobe-conf.template b/packages/release/modprobe-conf.template deleted file mode 100644 index dfcfa7e3884..00000000000 --- a/packages/release/modprobe-conf.template +++ /dev/null @@ -1,10 +0,0 @@ -[required-extensions] -kernel = "v1" -+++ -{{#if settings.kernel.modules}} -{{#each settings.kernel.modules}} -{{#unless this.allowed }} -install {{@key}} /bin/true -{{/unless}} -{{/each}} -{{/if}} diff --git a/packages/release/modules-load.template b/packages/release/modules-load.template deleted file mode 100644 index f5fef81bcec..00000000000 --- a/packages/release/modules-load.template +++ /dev/null @@ -1,12 +0,0 @@ -[required-extensions] -kernel = "v1" -+++ -{{#if settings.kernel.modules}} -{{#each settings.kernel.modules}} -{{#if this.allowed}} -{{#if this.autoload}} -{{@key}} -{{/if}} -{{/if}} -{{/each}} -{{/if}} diff --git a/packages/release/motd.template b/packages/release/motd.template deleted file mode 100644 index e4862dc1dc9..00000000000 --- a/packages/release/motd.template +++ /dev/null @@ -1,4 +0,0 @@ -[required-extensions] -motd = "v1" -+++ -{{ settings.motd }} diff --git a/packages/release/mount-cdrom.rules b/packages/release/mount-cdrom.rules deleted file mode 100644 index 3bf9a434174..00000000000 --- a/packages/release/mount-cdrom.rules +++ /dev/null @@ -1,8 +0,0 @@ -ACTION!="change", GOTO="mount_cdrom_end" -SUBSYSTEM!="block", GOTO="mount_cdrom_end" -KERNEL!="sr[0-9]*|vdisk*|xvd*", GOTO="mount_cdrom_end" -ENV{DEVTYPE}!="disk", GOTO="mount_cdrom_end" -# If media is present, we want to mount the CD-ROM. -ENV{ID_CDROM}=="1", ENV{ID_CDROM_MEDIA}=="1", ENV{ID_FS_TYPE}=="iso9660", \ - ENV{SYSTEMD_WANTS}="media-cdrom.mount" -LABEL="mount_cdrom_end" diff --git a/packages/release/multi-user.target b/packages/release/multi-user.target deleted file mode 100644 index 90f872579e9..00000000000 --- a/packages/release/multi-user.target +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=Multi-User System -Documentation=man:systemd.special(7) -Requires=basic.target configured.target -Conflicts=rescue.service rescue.target -After=basic.target rescue.service rescue.target configured.target -AllowIsolate=yes diff --git a/packages/release/netdog.template b/packages/release/netdog.template deleted file mode 100644 index bdaf6f77502..00000000000 --- a/packages/release/netdog.template +++ /dev/null @@ -1,10 +0,0 @@ -[required-extensions] -dns = "v1" -std = { version = "v1", helpers = ["join_array"] } -+++ -{{#if settings.dns.name-servers}} -name-servers = [{{join_array ", " settings.dns.name-servers }}] -{{/if}} -{{#if settings.dns.search-list}} -search-list = [{{join_array ", " settings.dns.search-list }}] -{{/if}} diff --git a/packages/release/nsswitch.conf b/packages/release/nsswitch.conf deleted file mode 100644 index e4b85674952..00000000000 --- a/packages/release/nsswitch.conf +++ /dev/null @@ -1,4 +0,0 @@ -passwd: files -group: files -shadow: files -hosts: files dns diff --git a/packages/release/opt-cni.mount b/packages/release/opt-cni.mount deleted file mode 100644 index c5b6b526344..00000000000 --- a/packages/release/opt-cni.mount +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=CNI Plugin Directory (/opt/cni) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -Wants=prepare-opt.service prepare-var.service -After=prepare-opt.service prepare-var.service -RequiresMountsFor=/opt /var - -[Mount] -What=overlay -Where=/opt/cni -Type=overlay -# "noexec" omitted because containerd needs to execute CNI plugins -Options=nosuid,nodev,noatime,lowerdir=/usr/libexec/cni,upperdir=/var/lib/cni-plugins/.overlay/upper,workdir=/var/lib/cni-plugins/.overlay/work,context=system_u:object_r:cni_exec_t:s0 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/opt-csi.mount b/packages/release/opt-csi.mount deleted file mode 100644 index 1482c5f4445..00000000000 --- a/packages/release/opt-csi.mount +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=CSI Helper Directory (/opt/csi) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -Wants=prepare-opt.service prepare-var.service -After=prepare-opt.service prepare-var.service -RequiresMountsFor=/opt /var - -[Mount] -What=overlay -Where=/opt/csi -Type=overlay -# "noexec" omitted because containerd needs to execute CSI helpers -Options=nosuid,nodev,noatime,lowerdir=/usr/libexec/csi,upperdir=/var/lib/csi-helpers/.overlay/upper,workdir=/var/lib/csi-helpers/.overlay/work,context=system_u:object_r:csi_exec_t:s0 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/opt.mount b/packages/release/opt.mount deleted file mode 100644 index eec2789f75d..00000000000 --- a/packages/release/opt.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Opt Directory (/opt) -DefaultDependencies=no -Conflicts=umount.target -Wants=prepare-opt.service mask-local-opt.service -Before=local-fs.target umount.target prepare-opt.service mask-local-opt.service -RequiresMountsFor=/local - -[Mount] -What=/local/opt -Where=/opt -Type=none -Options=rbind,rshared - -[Install] -WantedBy=local-fs.target diff --git a/packages/release/preconfigured.target b/packages/release/preconfigured.target deleted file mode 100644 index 92032d17246..00000000000 --- a/packages/release/preconfigured.target +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Bottlerocket initial configuration complete -AllowIsolate=yes -After=basic.target -Requires=basic.target - -[Install] -RequiredBy=configured.target multi-user.target diff --git a/packages/release/prepare-boot.service b/packages/release/prepare-boot.service deleted file mode 100644 index cffe8dc000f..00000000000 --- a/packages/release/prepare-boot.service +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Prepare Boot Directory (/boot) -RefuseManualStart=true -RefuseManualStop=true -DefaultDependencies=no - -[Service] -Type=oneshot -# We need a helper program to mount the boot partition since it isn't -# trivial to figure out which partition set is active -ExecStart=/usr/bin/prairiedog prepare-boot -RemainAfterExit=true -StandardOutput=tty -StandardError=inherit - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/prepare-local-fs.service b/packages/release/prepare-local-fs.service deleted file mode 100644 index d74433e095b..00000000000 --- a/packages/release/prepare-local-fs.service +++ /dev/null @@ -1,27 +0,0 @@ -[Unit] -Description=Prepare Local Filesystem (/local) -DefaultDependencies=no -Before=local-fs.target -Wants=dev-disk-by\x2dpartlabel-BOTTLEROCKET\x2dDATA.device -After=dev-disk-by\x2dpartlabel-BOTTLEROCKET\x2dDATA.device -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -EnvironmentFile=/usr/share/bottlerocket/image-features.env -# Create the filesystem on the partition, if it doesn't exist. -ExecStart=/usr/lib/systemd/systemd-makefs ${DATA_PARTITION_FILESYSTEM} /dev/disk/by-partlabel/BOTTLEROCKET-DATA - -# Stop and mask the repart-data-* oneshots in case they're waiting on non-existent data partitions. -# 'BOTTLEROCKET-DATA' already exists so we can move on. -ExecStart=/usr/bin/systemctl stop repart-data-preferred repart-data-fallback --no-block -ExecStart=/usr/bin/ln -s /dev/null /etc/systemd/system/repart-data-preferred.service -ExecStart=/usr/bin/ln -s /dev/null /etc/systemd/system/repart-data-fallback.service - -RemainAfterExit=true -StandardError=journal+console - -[Install] -WantedBy=local-fs.target diff --git a/packages/release/prepare-opt.service b/packages/release/prepare-opt.service deleted file mode 100644 index f64b8c6f564..00000000000 --- a/packages/release/prepare-opt.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Prepare Opt Directory (/opt) -DefaultDependencies=no -RequiresMountsFor=/opt -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Create the directories for a read-write overlayfs for CNI plugins. -ExecStart=/usr/bin/rm -rf /opt/cni -ExecStart=/usr/bin/mkdir -p /opt/cni - -# Create the directories for a read-write overlayfs for CSI helpers. -ExecStart=/usr/bin/rm -rf /opt/csi -ExecStart=/usr/bin/mkdir -p /opt/csi - -RemainAfterExit=true -StandardError=journal+console - -[Install] -WantedBy=local-fs.target diff --git a/packages/release/prepare-var.service b/packages/release/prepare-var.service deleted file mode 100644 index 0417c5f72c1..00000000000 --- a/packages/release/prepare-var.service +++ /dev/null @@ -1,44 +0,0 @@ -[Unit] -Description=Prepare Var Directory (/var) -DefaultDependencies=no -After=selinux-policy-files.service -Wants=selinux-policy-files.service -RequiresMountsFor=/var -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Create the directories we need to set up a read-write overlayfs for kernel -# development sources, kernel modules, and CNI plugins. -ExecStart=/usr/bin/rm -rf \ - /var/lib/kernel-devel \ - /var/lib/kernel-modules \ - /var/lib/cni-plugins \ - /var/lib/csi-helpers - -ExecStart=/usr/bin/mkdir -p \ - /var/lib/kernel-devel/.overlay/lower \ - /var/lib/kernel-devel/.overlay/upper \ - /var/lib/kernel-devel/.overlay/work \ - /var/lib/kernel-modules/.overlay/upper \ - /var/lib/kernel-modules/.overlay/work \ - /var/lib/cni-plugins/.overlay/upper \ - /var/lib/cni-plugins/.overlay/work \ - /var/lib/csi-helpers/.overlay/upper \ - /var/lib/csi-helpers/.overlay/work - -# Ensure the directories are labeled as expected. -ExecStart=/usr/sbin/setfiles \ - -F /etc/selinux/fortified/contexts/files/file_contexts \ - /var/lib/kernel-devel \ - /var/lib/kernel-modules \ - /var/lib/cni-plugins \ - /var/lib/csi-helpers - -RemainAfterExit=true -StandardError=journal+console - -[Install] -WantedBy=local-fs.target diff --git a/packages/release/proxy-env b/packages/release/proxy-env deleted file mode 100644 index 5d941947a77..00000000000 --- a/packages/release/proxy-env +++ /dev/null @@ -1,10 +0,0 @@ -[required-extensions] -kubernetes = "v1" -network = { version = "v1", helpers = ["host"] } -+++ -{{#if settings.network.https-proxy}} -HTTPS_PROXY={{settings.network.https-proxy}} -https_proxy={{settings.network.https-proxy}} -{{/if}} -NO_PROXY={{#each settings.network.no-proxy}}{{this}},{{else}}{{/each}}localhost,127.0.0.1{{#if settings.kubernetes.api-server}},{{host settings.kubernetes.api-server}}{{/if}}{{#if settings.kubernetes.cluster-domain}},.{{settings.kubernetes.cluster-domain}}{{/if}} -no_proxy={{#each settings.network.no-proxy}}{{this}},{{else}}{{/each}}localhost,127.0.0.1{{#if settings.kubernetes.api-server}},{{host settings.kubernetes.api-server}}{{/if}}{{#if settings.kubernetes.cluster-domain}},.{{settings.kubernetes.cluster-domain}}{{/if}} diff --git a/packages/release/release-ca-certificates-tmpfiles.conf b/packages/release/release-ca-certificates-tmpfiles.conf deleted file mode 100644 index 3f47d5c8b26..00000000000 --- a/packages/release/release-ca-certificates-tmpfiles.conf +++ /dev/null @@ -1,2 +0,0 @@ -C /etc/pki/tls/certs/ca-bundle.crt - - - - -L /etc/ssl/certs - - - - ../pki/tls/certs diff --git a/packages/release/release-fips-tmpfiles.conf b/packages/release/release-fips-tmpfiles.conf deleted file mode 100644 index f53c0919f13..00000000000 --- a/packages/release/release-fips-tmpfiles.conf +++ /dev/null @@ -1,2 +0,0 @@ -f+ /etc/system-fips 0644 root root - -r /etc/.fips-modprobe.* diff --git a/packages/release/release-repart-local.conf b/packages/release/release-repart-local.conf deleted file mode 100644 index 54ff6debf59..00000000000 --- a/packages/release/release-repart-local.conf +++ /dev/null @@ -1,15 +0,0 @@ -[Partition] -# We want to label this partition 'BOTTLEROCKET-DATA' -Label=BOTTLEROCKET-DATA - -# This is the partition type UUID for BOTTLEROCKET-DATA, which will be resized -# to fill the remaining sectors on the disk where it resides. -Type=626f7474-6c65-6474-6861-726d61726b73 - -# We want the partition to end on the last 1 MiB boundary before the end of -# the disk, to match the historical implementation. Assuming the disk itself is -# an even multiple of MiBs in size, and using 512 byte sectors as an example, -# we need 33 sectors for the GPT label in the last MiB, and therefore want 2015 -# sectors left, or 1031680 bytes. The repart tool expects a multiple of 4096, -# which is (1031680 - (1031680 % 4096)), or 1028096 bytes. -PaddingMinBytes=1028096 diff --git a/packages/release/release-sysctl.conf b/packages/release/release-sysctl.conf deleted file mode 100644 index 2126c45ef83..00000000000 --- a/packages/release/release-sysctl.conf +++ /dev/null @@ -1,67 +0,0 @@ -## AL2 defaults ## -# Wait 10 seconds and then reboot -kernel.panic = 10 - -# Controls the kernel's behaviour when an oops or BUG is encountered -kernel.panic_on_oops = 1 - -# Allow neighbor cache entries to expire even when the cache is not full -net.ipv4.neigh.default.gc_thresh1 = 0 -net.ipv6.neigh.default.gc_thresh1 = 0 - -# Avoid neighbor table contention in large subnets -net.ipv4.neigh.default.gc_thresh2 = 15360 -net.ipv6.neigh.default.gc_thresh2 = 15360 -net.ipv4.neigh.default.gc_thresh3 = 16384 -net.ipv6.neigh.default.gc_thresh3 = 16384 - -# Increasing to account for skb structure growth since the 3.4.x kernel series -net.ipv4.tcp_wmem = 4096 20480 4194304 - -# Bumped the default TTL to 255 (maximum) -net.ipv4.ip_default_ttl = 255 - -## Bottlerocket settings ## -# Enable IPv4 forwarding for container networking. -net.ipv4.conf.all.forwarding = 1 - -# Enable IPv6 forwarding for container networking. -net.ipv6.conf.all.forwarding = 1 - -# This is generally considered a safe ephemeral port range -net.ipv4.ip_local_port_range = 32768 60999 - -# Connection tracking to prevent dropped connections -net.netfilter.nf_conntrack_max = 1048576 -net.netfilter.nf_conntrack_generic_timeout = 120 - -# Enable loose mode for reverse path filter -net.ipv4.conf.lo.rp_filter = 2 - -## Kernel hardening settings -## Settings & descriptions sourced from the KSPP wiki, see -## https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings#sysctls -# Try to keep kernel address exposures out of various /proc files (kallsyms, modules, etc). -kernel.kptr_restrict = 1 - -# Avoid kernel memory address exposures via dmesg. -kernel.dmesg_restrict = 1 - -# Avoid non-ancestor ptrace access to running processes and their credentials. -kernel.yama.ptrace_scope = 1 - -# Disable User Namespaces, as it opens up a large attack surface to unprivileged users. -user.max_user_namespaces = 0 - -# Turn off unprivileged eBPF access. -kernel.unprivileged_bpf_disabled = 1 - -# Turn on BPF JIT hardening, if the JIT is enabled. -net.core.bpf_jit_harden = 2 - -# Increase inotify limits to allow for a greater number of containers -fs.inotify.max_user_instances = 8192 -fs.inotify.max_user_watches = 524288 - -# Increase virtual memory to allow for larger workloads -vm.max_map_count = 524288 diff --git a/packages/release/release-systemd-networkd.conf b/packages/release/release-systemd-networkd.conf deleted file mode 100644 index 6dd7728c686..00000000000 --- a/packages/release/release-systemd-networkd.conf +++ /dev/null @@ -1,4 +0,0 @@ -# Do not clobber any routes or rules added by CNI. -[Network] -ManageForeignRoutes=no -ManageForeignRoutingPolicyRules=no diff --git a/packages/release/release-systemd-system.conf b/packages/release/release-systemd-system.conf deleted file mode 100644 index 03bd6a70dbf..00000000000 --- a/packages/release/release-systemd-system.conf +++ /dev/null @@ -1,4 +0,0 @@ -[Manager] -DefaultTimeoutStopSec=10s -DefaultEnvironment=TZ=:UTC -ManagerEnvironment=TZ=:UTC diff --git a/packages/release/release-tmpfiles.conf b/packages/release/release-tmpfiles.conf deleted file mode 100644 index 3b7447a4d63..00000000000 --- a/packages/release/release-tmpfiles.conf +++ /dev/null @@ -1,10 +0,0 @@ -C /etc/nsswitch.conf - - - - -d /etc/deprecated-settings 0700 root root - -d /var/log/kdump 0700 root root - -d /sys/fs/cgroup/cpuset/runtime.slice 0755 root root - -d /sys/fs/cgroup/hugetlb/runtime.slice 0755 root root - -d /sys/fs/cgroup/cpuset/system.slice 0755 root root - -d /sys/fs/cgroup/hugetlb/system.slice 0755 root root - -T /var/log/kdump - - - - security.selinux=system_u:object_r:secret_t:s0 -d /var/log/support 0755 root root - -T /var/log/support - - - - security.selinux=system_u:object_r:secret_t:s0 diff --git a/packages/release/release.spec b/packages/release/release.spec deleted file mode 100644 index 0d26792565e..00000000000 --- a/packages/release/release.spec +++ /dev/null @@ -1,341 +0,0 @@ -%global debug_package %{nil} -%global _cross_first_party 1 - -Name: %{_cross_os}release -Version: 0.0 -Release: 0%{?dist} -Summary: Bottlerocket release -License: Apache-2.0 OR MIT -URL: https://github.com/bottlerocket-os/bottlerocket - -Source11: nsswitch.conf -Source93: release-tmpfiles.conf -Source94: release-fips-tmpfiles.conf -Source95: release-systemd-networkd.conf -Source96: release-repart-local.conf -Source97: release-sysctl.conf -Source98: release-systemd-system.conf -Source99: release-ca-certificates-tmpfiles.conf - -Source200: motd.template -Source201: proxy-env -Source202: hostname-env -Source203: hosts.template -Source204: modprobe-conf.template -Source205: netdog.template -Source206: aws-config -Source207: aws-credentials -Source208: modules-load.template -Source209: log4j-hotpatch-enabled - -# Core targets, services, and slices. -Source1001: multi-user.target -Source1002: configured.target -Source1003: preconfigured.target -Source1004: fipscheck.target -Source1005: activate-preconfigured.service -Source1006: activate-configured.service -Source1007: activate-multi-user.service -Source1008: set-hostname.service -Source1009: runtime.slice - -# Mount units. -Source1020: var.mount -Source1021: opt.mount -Source1022: var-lib-bottlerocket.mount -Source1023: etc-cni.mount -Source1024: mnt.mount -Source1025: local.mount -Source1026: media-cdrom.mount -Source1027: root-.aws.mount -Source1028: opt-cni.mount -Source1029: opt-csi.mount - -# Mounts that require helper programs. -Source1040: prepare-boot.service -Source1041: prepare-opt.service -Source1042: prepare-var.service -Source1043: repart-local.service -Source1044: mask-local-mnt.service -Source1045: mask-local-opt.service -Source1046: mask-local-var.service -Source1047: repart-data-preferred.service -Source1048: repart-data-fallback.service -Source1049: prepare-local-fs.service - -# Feature-specific units. -Source1060: capture-kernel-dump.service -Source1061: disable-kexec-load.service -Source1062: load-crash-kernel.service -Source1063: deprecation-warning@.service -Source1064: deprecation-warning@.timer -Source1065: check-kernel-integrity.service -Source1066: check-fips-modules.service -Source1067: fips-modprobe@.service - -# Mounts that require build-time edits. -Source1080: var-lib-kernel-devel-lower.mount.in -Source1081: usr-src-kernels.mount.in -Source1082: usr-share-licenses.mount.in -Source1083: lib-modules.mount.in -Source1084: usr-bin.mount.in -Source1085: usr-libexec.mount.in - -# Drop-in units to override defaults -Source1100: systemd-tmpfiles-setup-service-debug.conf -Source1101: systemd-resolved-service-env.conf -Source1102: systemd-networkd-service-env.conf - -# network link rules -Source1200: 80-release.link - -# udev rules -Source1300: mount-cdrom.rules - -# Common logdog configuration -Source1400: logdog.common.conf - -# bootconfig snippets. -Source1500: bootconfig-fips.conf - -Requires: %{_cross_os}acpid -Requires: %{_cross_os}audit -Requires: %{_cross_os}chrony -Requires: %{_cross_os}conntrack-tools -Requires: %{_cross_os}containerd -Requires: %{_cross_os}coreutils -Requires: %{_cross_os}dbus-broker -Requires: %{_cross_os}e2fsprogs -Requires: %{_cross_os}early-boot-config -Requires: %{_cross_os}ethtool -Requires: %{_cross_os}libgcc -Requires: %{_cross_os}libstd-rust -Requires: %{_cross_os}filesystem -Requires: %{_cross_os}findutils -Requires: %{_cross_os}glibc -Requires: %{_cross_os}grep -Requires: %{_cross_os}grub -Requires: %{_cross_os}host-ctr -Requires: %{_cross_os}iproute -Requires: %{_cross_os}iptables -Requires: %{_cross_os}kexec-tools -Requires: %{_cross_os}keyutils -Requires: %{_cross_os}makedumpfile -Requires: %{_cross_os}mdadm -Requires: %{_cross_os}netdog -Requires: %{_cross_os}os -Requires: %{_cross_os}policycoreutils -Requires: %{_cross_os}procps -Requires: %{_cross_os}selinux-policy -Requires: %{_cross_os}shim -Requires: %{_cross_os}systemd -Requires: %{_cross_os}util-linux -Requires: %{_cross_os}xfsprogs -Requires: (%{name}-fips if %{_cross_os}image-feature(fips)) - -%description -%{summary}. - -%package fips -Summary: Bottlerocket release, FIPS edition -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: %{_cross_os}image-feature(no-fips) -Requires: %{_cross_os}libkcapi - -%description fips -%{summary}. - -%prep - -%build - -%install -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir} -install -p -m 0644 %{S:11} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir} - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:93} %{buildroot}%{_cross_tmpfilesdir}/release.conf -install -p -m 0644 %{S:99} %{buildroot}%{_cross_tmpfilesdir}/release-ca-certificates.conf -install -p -m 0644 %{S:94} %{buildroot}%{_cross_tmpfilesdir}/release-fips.conf - -install -d %{buildroot}%{_cross_libdir}/systemd/networkd.conf.d -install -p -m 0644 %{S:95} %{buildroot}%{_cross_libdir}/systemd/networkd.conf.d/80-release.conf - -install -d %{buildroot}%{_cross_libdir}/repart.d/ -install -p -m 0644 %{S:96} %{buildroot}%{_cross_libdir}/repart.d/80-local.conf - -install -d %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:97} %{buildroot}%{_cross_sysctldir}/80-release.conf - -install -d %{buildroot}%{_cross_libdir}/systemd/system.conf.d -install -p -m 0644 %{S:98} %{buildroot}%{_cross_libdir}/systemd/system.conf.d/80-release.conf - -install -d %{buildroot}%{_cross_libdir}/systemd/network -install -p -m 0644 %{S:1200} %{buildroot}%{_cross_libdir}/systemd/network/80-release.link - -cat >%{buildroot}%{_cross_libdir}/os-release < ${LOWERPATH}.mount -install -p -m 0644 ${LOWERPATH}.mount %{buildroot}%{_cross_unitdir} - -# Mounting on usr/src/kernels requires using the real path: %{_cross_usrsrc}/kernels -KERNELPATH=$(systemd-escape --path %{_cross_usrsrc}/kernels) -sed -e 's|PREFIX|%{_cross_prefix}|' %{S:1081} > ${KERNELPATH}.mount -install -p -m 0644 ${KERNELPATH}.mount %{buildroot}%{_cross_unitdir} - -# Mounting on usr/share/licenses requires using the real path: %{_cross_datadir}/licenses -LICENSEPATH=$(systemd-escape --path %{_cross_licensedir}) -sed -e 's|PREFIX|%{_cross_prefix}|' %{S:1082} > ${LICENSEPATH}.mount -install -p -m 0644 ${LICENSEPATH}.mount %{buildroot}%{_cross_unitdir} - -# Mounting on lib/modules requires using the real path: %{_cross_libdir}/modules -LIBDIRPATH=$(systemd-escape --path %{_cross_libdir}) -sed -e 's|PREFIX|%{_cross_prefix}|' %{S:1083} > ${LIBDIRPATH}-modules.mount -install -p -m 0644 ${LIBDIRPATH}-modules.mount %{buildroot}%{_cross_unitdir} - -# Mounting on usr/bin requires using the real path: %{_cross_bindir} -BINDIRPATH=$(systemd-escape --path %{_cross_bindir}) -sed -e 's|PREFIX|%{_cross_prefix}|g' %{S:1084} > ${BINDIRPATH}.mount -install -p -m 0644 ${BINDIRPATH}.mount %{buildroot}%{_cross_unitdir} - -# Mounting on usr/libexec requires using the real path: %{_cross_libexecdir} -LIBEXECDIRPATH=$(systemd-escape --path %{_cross_libexecdir}) -sed -e 's|PREFIX|%{_cross_prefix}|g' %{S:1085} > ${LIBEXECDIRPATH}.mount -install -p -m 0644 ${LIBEXECDIRPATH}.mount %{buildroot}%{_cross_unitdir} - -install -d %{buildroot}%{_cross_templatedir} -install -p -m 0644 %{S:200} %{buildroot}%{_cross_templatedir}/motd -install -p -m 0644 %{S:201} %{buildroot}%{_cross_templatedir}/proxy-env -install -p -m 0644 %{S:202} %{buildroot}%{_cross_templatedir}/hostname-env -install -p -m 0644 %{S:203} %{buildroot}%{_cross_templatedir}/hosts -install -p -m 0644 %{S:204} %{buildroot}%{_cross_templatedir}/modprobe-conf -install -p -m 0644 %{S:205} %{buildroot}%{_cross_templatedir}/netdog-toml -install -p -m 0644 %{S:206} %{buildroot}%{_cross_templatedir}/aws-config -install -p -m 0644 %{S:207} %{buildroot}%{_cross_templatedir}/aws-credentials -install -p -m 0644 %{S:208} %{buildroot}%{_cross_templatedir}/modules-load -install -p -m 0644 %{S:209} %{buildroot}%{_cross_templatedir}/log4j-hotpatch-enabled - -install -d %{buildroot}%{_cross_udevrulesdir} -install -p -m 0644 %{S:1300} %{buildroot}%{_cross_udevrulesdir}/61-mount-cdrom.rules - -install -d %{buildroot}%{_cross_datadir}/logdog.d -install -p -m 0644 %{S:1400} %{buildroot}%{_cross_datadir}/logdog.d - -install -d %{buildroot}%{_cross_bootconfigdir} -install -p -m 0644 %{S:1500} %{buildroot}%{_cross_bootconfigdir}/10-fips.conf - -ln -s preconfigured.target %{buildroot}%{_cross_unitdir}/default.target - -%files -%{_cross_factorydir}%{_cross_sysconfdir}/nsswitch.conf -%{_cross_sysctldir}/80-release.conf -%{_cross_tmpfilesdir}/release.conf -%{_cross_tmpfilesdir}/release-ca-certificates.conf -%{_cross_libdir}/os-release -%dir %{_cross_libdir}/repart.d -%{_cross_libdir}/repart.d/80-local.conf -%{_cross_libdir}/systemd/network/80-release.link -%{_cross_libdir}/systemd/networkd.conf.d/80-release.conf -%{_cross_libdir}/systemd/system.conf.d/80-release.conf -%{_cross_unitdir}/configured.target -%{_cross_unitdir}/preconfigured.target -%{_cross_unitdir}/multi-user.target -%{_cross_unitdir}/default.target -%{_cross_unitdir}/activate-configured.service -%{_cross_unitdir}/activate-multi-user.service -%{_cross_unitdir}/disable-kexec-load.service -%{_cross_unitdir}/capture-kernel-dump.service -%{_cross_unitdir}/load-crash-kernel.service -%{_cross_unitdir}/prepare-boot.service -%{_cross_unitdir}/prepare-opt.service -%{_cross_unitdir}/prepare-var.service -%{_cross_unitdir}/repart-local.service -%{_cross_unitdir}/var.mount -%{_cross_unitdir}/opt.mount -%{_cross_unitdir}/mnt.mount -%{_cross_unitdir}/etc-cni.mount -%{_cross_unitdir}/opt-cni.mount -%{_cross_unitdir}/opt-csi.mount -%{_cross_unitdir}/media-cdrom.mount -%{_cross_unitdir}/local.mount -%{_cross_unitdir}/*-lower.mount -%{_cross_unitdir}/*-kernels.mount -%{_cross_unitdir}/*-licenses.mount -%{_cross_unitdir}/var-lib-bottlerocket.mount -%{_cross_unitdir}/*-modules.mount -%{_cross_unitdir}/runtime.slice -%{_cross_unitdir}/set-hostname.service -%{_cross_unitdir}/mask-local-mnt.service -%{_cross_unitdir}/mask-local-opt.service -%{_cross_unitdir}/mask-local-var.service -%{_cross_unitdir}/root-.aws.mount -%{_cross_unitdir}/repart-data-preferred.service -%{_cross_unitdir}/repart-data-fallback.service -%{_cross_unitdir}/prepare-local-fs.service -%{_cross_unitdir}/deprecation-warning@.service -%{_cross_unitdir}/deprecation-warning@.timer -%dir %{_cross_unitdir}/systemd-resolved.service.d -%{_cross_unitdir}/systemd-resolved.service.d/00-env.conf -%dir %{_cross_unitdir}/systemd-networkd.service.d -%{_cross_unitdir}/systemd-networkd.service.d/00-env.conf -%dir %{_cross_unitdir}/systemd-tmpfiles-setup.service.d -%{_cross_unitdir}/systemd-tmpfiles-setup.service.d/00-debug.conf -%dir %{_cross_templatedir} -%{_cross_templatedir}/modprobe-conf -%{_cross_templatedir}/netdog-toml -%{_cross_templatedir}/motd -%{_cross_templatedir}/proxy-env -%{_cross_templatedir}/hostname-env -%{_cross_templatedir}/hosts -%{_cross_templatedir}/aws-config -%{_cross_templatedir}/aws-credentials -%{_cross_templatedir}/modules-load -%{_cross_templatedir}/log4j-hotpatch-enabled -%{_cross_udevrulesdir}/61-mount-cdrom.rules -%{_cross_datadir}/logdog.d/logdog.common.conf - -%files fips -%{_cross_bootconfigdir}/10-fips.conf -%{_cross_tmpfilesdir}/release-fips.conf -%{_cross_unitdir}/*-bin.mount -%{_cross_unitdir}/*-libexec.mount -%{_cross_unitdir}/fipscheck.target -%{_cross_unitdir}/activate-preconfigured.service -%{_cross_unitdir}/check-kernel-integrity.service -%{_cross_unitdir}/check-fips-modules.service -%dir %{_cross_unitdir}/check-fips-modules.service.d -%{_cross_unitdir}/fips-modprobe@.service - -%changelog diff --git a/packages/release/repart-data-fallback.service b/packages/release/repart-data-fallback.service deleted file mode 100644 index cbfc38dff04..00000000000 --- a/packages/release/repart-data-fallback.service +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=Repart fallback data partition -DefaultDependencies=no -Conflicts=shutdown.target -# Only run this if a partition labeled 'BOTTLEROCKET-DATA' does not exist already. -ConditionPathIsSymbolicLink=!/dev/disk/by-partlabel/BOTTLEROCKET-DATA -# Only run this if the data partition is not on a Xen virtual device and also not on an EBS volume. -ConditionPathIsSymbolicLink=!/dev/disk/by-volume-type-partuuid/xen-69040874-417d-4e26-a764-7885f22007ea -ConditionPathIsSymbolicLink=!/dev/disk/by-volume-type-partuuid/nvme-ebs-69040874-417d-4e26-a764-7885f22007ea -# Only run if this boot has never succeeded before -ConditionFileNotEmpty=!/etc/has-boot-ever-succeeded -# This is the partition GUID for fallback data partition. -Wants=dev-disk-by\x2dpartuuid-69040874\x2d417d\x2d4e26\x2da764\x2d7885f22007ea.device -After=dev-disk-by\x2dpartuuid-69040874\x2d417d\x2d4e26\x2da764\x2d7885f22007ea.device - -[Service] -Type=oneshot - -# Label the partition as 'BOTTLEROCKET-DATA' and resize the partition, whether or not it resides on the same disk as /. -ExecStart=-/usr/bin/systemd-repart --dry-run=no /dev/disk/by-partuuid/69040874-417d-4e26-a764-7885f22007ea - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/release/repart-data-preferred.service b/packages/release/repart-data-preferred.service deleted file mode 100644 index 2f2e878f3f0..00000000000 --- a/packages/release/repart-data-preferred.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=Repart preferred data partition -DefaultDependencies=no -Conflicts=shutdown.target -# Only run this if a partition labeled 'BOTTLEROCKET-DATA' does not exist already. -ConditionPathIsSymbolicLink=!/dev/disk/by-partlabel/BOTTLEROCKET-DATA -# Only run if this boot has never succeeded before -ConditionFileNotEmpty=!/etc/has-boot-ever-succeeded -# This is the partition GUID for the preferred data partition. -Wants=dev-disk-by\x2dpartuuid-5b94e8df\x2d28b8\x2d485c\x2d9d19\x2d362263b5944c.device -After=dev-disk-by\x2dpartuuid-5b94e8df\x2d28b8\x2d485c\x2d9d19\x2d362263b5944c.device - -[Service] -Type=oneshot - -# Label the partition as 'BOTTLEROCKET-DATA' and resize the partition, whether or not it resides on the same disk as /. -ExecStart=-/usr/bin/systemd-repart --dry-run=no /dev/disk/by-partuuid/5b94e8df-28b8-485c-9d19-362263b5944c - -RemainAfterExit=true - -[Install] -WantedBy=local-fs.target diff --git a/packages/release/repart-local.service b/packages/release/repart-local.service deleted file mode 100644 index f74d74dc818..00000000000 --- a/packages/release/repart-local.service +++ /dev/null @@ -1,29 +0,0 @@ -[Unit] -Description=Resize Data Partition -DefaultDependencies=no -Conflicts=shutdown.target -Wants=dev-disk-by\x2dpartlabel-BOTTLEROCKET\x2dDATA.device -After=dev-disk-by\x2dpartlabel-BOTTLEROCKET\x2dDATA.device - -# Ensure the device is mounted first, to avoid racing with the unit that tries -# to mount it since the symlink can disappear if the partition is resized. -RequiresMountsFor=/local - -[Service] -Type=oneshot - -# Resize the partition, whether or not it resides on the same disk as /. -ExecStart=-/usr/bin/systemd-repart --dry-run=no /dev/disk/by-partlabel/BOTTLEROCKET-DATA - -# Grow the filesystem to fill the partition. Doing this in another unit could -# introduce a race if the underlying block device is not ready after resizing. -ExecStart=/usr/lib/systemd/systemd-growfs /local - -RemainAfterExit=true -StandardError=journal+console - -# systemd-repart returns 77 if there's no existing GPT partition table -SuccessExitStatus=77 - -[Install] -WantedBy=local-fs.target diff --git a/packages/release/root-.aws.mount b/packages/release/root-.aws.mount deleted file mode 100644 index a72f7b63048..00000000000 --- a/packages/release/root-.aws.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=AWS configuration directory (/root/.aws) -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target -After=selinux-policy-files.service -Wants=selinux-policy-files.service - -[Mount] -What=tmpfs -Where=/root/.aws -Type=tmpfs -Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:secret_t:s0,mode=0700 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/runtime.slice b/packages/release/runtime.slice deleted file mode 100644 index 5e189639afe..00000000000 --- a/packages/release/runtime.slice +++ /dev/null @@ -1,4 +0,0 @@ -[Unit] -Description=Kubernetes and container runtime slice -Documentation=man:systemd.special(7) -Before=slices.target diff --git a/packages/release/set-hostname.service b/packages/release/set-hostname.service deleted file mode 100644 index 40c765db536..00000000000 --- a/packages/release/set-hostname.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Sets the hostname -After=settings-applier.service -Requires=settings-applier.service - -[Service] -Type=oneshot -EnvironmentFile=/etc/network/hostname.env -ExecStart=/usr/bin/netdog set-hostname '${HOSTNAME}' -RemainAfterExit=true -StandardError=journal+console - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/systemd-networkd-service-env.conf b/packages/release/systemd-networkd-service-env.conf deleted file mode 100644 index e81831b77f6..00000000000 --- a/packages/release/systemd-networkd-service-env.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -Environment=SYSTEMD_NETLINK_DEFAULT_TIMEOUT=infinity diff --git a/packages/release/systemd-resolved-service-env.conf b/packages/release/systemd-resolved-service-env.conf deleted file mode 100644 index 05d8911dd30..00000000000 --- a/packages/release/systemd-resolved-service-env.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -Environment=SYSTEMD_RESOLVED_SYNTHESIZE_HOSTNAME=0 diff --git a/packages/release/systemd-tmpfiles-setup-service-debug.conf b/packages/release/systemd-tmpfiles-setup-service-debug.conf deleted file mode 100644 index 6631441e905..00000000000 --- a/packages/release/systemd-tmpfiles-setup-service-debug.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -Environment=SYSTEMD_LOG_LEVEL=debug diff --git a/packages/release/usr-bin.mount.in b/packages/release/usr-bin.mount.in deleted file mode 100644 index f21430812a3..00000000000 --- a/packages/release/usr-bin.mount.in +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Binaries -DefaultDependencies=no -Conflicts=umount.target -Before=umount.target - -[Mount] -What=overlay -Where=PREFIX/bin -Type=overlay -Options=lowerdir=PREFIX/fips/bin:PREFIX/bin - -[Install] -WantedBy=local-fs-pre.target diff --git a/packages/release/usr-libexec.mount.in b/packages/release/usr-libexec.mount.in deleted file mode 100644 index 401b2bc33bb..00000000000 --- a/packages/release/usr-libexec.mount.in +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Program Binaries -DefaultDependencies=no -Conflicts=umount.target -Before=umount.target opt-cni.mount opt-csi.mount - -[Mount] -What=overlay -Where=PREFIX/libexec -Type=overlay -Options=lowerdir=PREFIX/fips/libexec:PREFIX/libexec - -[Install] -WantedBy=local-fs-pre.target diff --git a/packages/release/usr-share-licenses.mount.in b/packages/release/usr-share-licenses.mount.in deleted file mode 100644 index 11d77dd6163..00000000000 --- a/packages/release/usr-share-licenses.mount.in +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=License files -DefaultDependencies=no -Conflicts=umount.target -Before=umount.target -After=local-fs.target - -[Mount] -What=PREFIX/share/bottlerocket/licenses.squashfs -Where=PREFIX/share/licenses -Type=squashfs -Options=defaults,ro,loop,nosuid,nodev,noexec,noatime,context=system_u:object_r:os_t:s0 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/usr-src-kernels.mount.in b/packages/release/usr-src-kernels.mount.in deleted file mode 100644 index 25b97441a51..00000000000 --- a/packages/release/usr-src-kernels.mount.in +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Kernel Development Sources (Read-Write) -DefaultDependencies=no -Conflicts=umount.target -RequiresMountsFor=/var/lib/kernel-devel/.overlay/lower -Before=umount.target -After=local-fs.target - -[Mount] -What=overlay -Where=PREFIX/src/kernels -Type=overlay -# "noexec" omitted to allow objtool to run -Options=nosuid,nodev,noatime,lowerdir=/var/lib/kernel-devel/.overlay/lower,upperdir=/var/lib/kernel-devel/.overlay/upper,workdir=/var/lib/kernel-devel/.overlay/work,context=system_u:object_r:state_t:s0 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/var-lib-bottlerocket.mount b/packages/release/var-lib-bottlerocket.mount deleted file mode 100644 index f6c6d18f82e..00000000000 --- a/packages/release/var-lib-bottlerocket.mount +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=Private Directory (/var/lib/bottlerocket) -DefaultDependencies=no -Conflicts=umount.target -RequiresMountsFor=/var -Before=local-fs.target umount.target - -[Mount] -What=/dev/disk/by-partlabel/BOTTLEROCKET-PRIVATE -Where=/var/lib/bottlerocket -Type=ext4 -Options=defaults,nosuid,nodev,noexec,noatime,private,context=system_u:object_r:private_t:s0 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/var-lib-kernel-devel-lower.mount.in b/packages/release/var-lib-kernel-devel-lower.mount.in deleted file mode 100644 index 0a6220584f9..00000000000 --- a/packages/release/var-lib-kernel-devel-lower.mount.in +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Kernel Development Sources (Read-Only) -DefaultDependencies=no -Conflicts=umount.target -Before=umount.target -Wants=prepare-var.service -After=prepare-var.service local-fs.target -RequiresMountsFor=/var - -[Mount] -What=PREFIX/share/bottlerocket/kernel-devel.squashfs -Where=/var/lib/kernel-devel/.overlay/lower -Type=squashfs -Options=defaults,ro,loop,nosuid,nodev,noexec,noatime,context=system_u:object_r:os_t:s0 - -[Install] -WantedBy=preconfigured.target diff --git a/packages/release/var.mount b/packages/release/var.mount deleted file mode 100644 index 38423ba7549..00000000000 --- a/packages/release/var.mount +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Var Directory (/var) -DefaultDependencies=no -Conflicts=umount.target -Wants=prepare-var.service mask-local-var.service -Before=local-fs.target umount.target prepare-var.service mask-local-var.service -RequiresMountsFor=/local - -[Mount] -What=/local/var -Where=/var -Type=none -Options=rbind,rshared - -[Install] -WantedBy=local-fs.target diff --git a/packages/runc/Cargo.toml b/packages/runc/Cargo.toml deleted file mode 100644 index 71101a8f0b0..00000000000 --- a/packages/runc/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -name = "runc" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/opencontainers/runc/releases/" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/opencontainers/runc/releases/download/v1.1.12/runc.tar.xz" -path = "runc-v1.1.12.tar.xz" -sha512 = "61afae94dc78253c2f6b305b48ddf76c71813f5735e69fde7f3ae6f51539f10131a37a0917cbcb23b303490c62ac78dafd79eb2a6f2849ec17638f3bd5833136" - -[build-dependencies] -glibc = { path = "../glibc" } -libseccomp = { path = "../libseccomp" } diff --git a/packages/runc/runc.spec b/packages/runc/runc.spec deleted file mode 100644 index 2c9123860da..00000000000 --- a/packages/runc/runc.spec +++ /dev/null @@ -1,83 +0,0 @@ -%global goproject github.com/opencontainers -%global gorepo runc -%global goimport %{goproject}/%{gorepo} -%global commit 51d5e94601ceffbbd85688df1c928ecccbfa4685 -%global gover 1.1.12 - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}%{gorepo} -Version: %{gover} -Release: 1%{?dist} -Summary: CLI for running Open Containers -License: Apache-2.0 -URL: https://%{goimport} -Source0: https://%{goimport}/releases/download/v%{gover}/%{gorepo}.tar.xz#/%{gorepo}-v%{gover}.tar.xz - -BuildRequires: git -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libseccomp-devel -Requires: %{_cross_os}libseccomp -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: CLI for running Open Containers binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: CLI for running Open Containers binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%autosetup -Sgit -n %{gorepo}-%{gover} -p1 -%cross_go_setup %{gorepo}-%{gover} %{goproject} %{goimport} - -%build -%cross_go_configure %{goimport} -export LD_VERSION="-X main.version=%{gover}+bottlerocket" -export LD_COMMIT="-X main.gitCommit=%{commit}" -export BUILDTAGS="ambient seccomp selinux" - -declare -a BUILD_ARGS -BUILD_ARGS=( - -ldflags="${GOLDFLAGS} ${LD_VERSION} ${LD_COMMIT}" - -tags="${BUILDTAGS}" -) - -go build "${BUILD_ARGS[@]}" -o bin/runc . -gofips build "${BUILD_ARGS[@]}" -o fips/bin/runc . - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 bin/runc %{buildroot}%{_cross_bindir} - -install -d %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 fips/bin/runc %{buildroot}%{_cross_fips_bindir} - -%cross_scan_attribution go-vendor vendor - -%files -%license LICENSE NOTICE -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} - -%files bin -%{_cross_bindir}/runc - -%files fips-bin -%{_cross_fips_bindir}/runc - -%changelog diff --git a/packages/selinux-policy/Cargo.toml b/packages/selinux-policy/Cargo.toml deleted file mode 100644 index ef43c153172..00000000000 --- a/packages/selinux-policy/Cargo.toml +++ /dev/null @@ -1,11 +0,0 @@ -[package] -name = "selinux-policy" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[package.metadata.build-package] - -[lib] -path = "../packages.rs" diff --git a/packages/selinux-policy/base.cil b/packages/selinux-policy/base.cil deleted file mode 100644 index 18e66d1cf83..00000000000 --- a/packages/selinux-policy/base.cil +++ /dev/null @@ -1,63 +0,0 @@ -; Build an MLS policy. Ensures that we emit the sensitivity tag in -; file_contexts, which makes it compatible as input to `setfiles`. -(mls true) - -; MLS has concepts of sensitivities and levels that we can ignore -; since we're not writing a true MLS policy. However, they are still -; required arguments in many places, so we need a minimal set. -(sensitivity s0) -(sensitivityorder (s0)) -(sensitivitycategory s0 (range c0 c1023)) - -(level s0 (s0)) -(levelrange s0 (s0 s0)) - -(level s0-s0 (s0 (range c0 c1023))) -(levelrange s0-s0 (s0 s0-s0)) - -; The system_r role is used for processes. -(role system_r) - -; The object_r role is used for files. -(role object_r) - -; Our system_u user has both roles. -(user system_u) -(userrole system_u system_r) -(userrole system_u object_r) -(userlevel system_u s0-s0) -(userrange system_u s0-s0) - -; Take the context from the target file rather than the source -; process when computing the level for new file objects. We can -; expect the directory where files are created to have the right -; range of categories applied, but the process creating the file -; may be privileged and have the full range or no range at all. -(defaultrange files target low-high) - -; Enable policy to use consolidated network peer controls. This -; avoids a function call to the compatibility mode helper, and -; will be faster when no network labeling rules are defined. -(policycap "network_peer_controls") - -; Enable policy to check "open" actions for file classes. -(policycap "open_perms") - -; Enable policy to use separate socket security classes. -(policycap "extended_socket_class") - -; Disable policy to force packet checks even if no network labeling -; rules are defined. -; (policycap "always_check_network") - -; Enable policy to allow the cgroup filesystem to be labeled. -(policycap "cgroup_seclabel") - -; Enable policy to allow domain transitions when executing with the -; "no new privs" bit enabled, or when the executable is on a "nosuid" -; filesystem. -(policycap "nnp_nosuid_transition") - -; Enable policy to label symlinks on kernel file systems using -; "genfscon" statements, as with directories and files. -(policycap "genfs_seclabel_symlinks") diff --git a/packages/selinux-policy/catgen.sh b/packages/selinux-policy/catgen.sh deleted file mode 100755 index 7918bb7240f..00000000000 --- a/packages/selinux-policy/catgen.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -# Docker uses MCS labels for container separation. It picks low and -# high numbers from the range of 1024 categories to create a unique -# label that does not dominate and is not dominated by other labels. -# For this to work, all categories must be included in the policy. - -for i in {0..1023} ; do - echo "(category c${i})" -done - -echo "(categoryorder (" -for i in {0..1023} ; do - echo -n " c${i}" -done -echo "))" diff --git a/packages/selinux-policy/class.cil b/packages/selinux-policy/class.cil deleted file mode 100644 index 2d7993f245c..00000000000 --- a/packages/selinux-policy/class.cil +++ /dev/null @@ -1,276 +0,0 @@ -; Add all process permissions. -(class process ( - fork transition sigchld sigkill sigstop signull signal ptrace - getsched setsched getsession getpgid setpgid getcap setcap - share getattr setexec setfscreate noatsecure siginh setrlimit - rlimitinh dyntransition setcurrent execmem execstack execheap - setkeycreate setsockcreate getrlimit)) - -(class process2 ( - nnp_transition nosuid_transition)) - -; Add all filesystem permissions. -(class filesystem ( - mount remount unmount getattr relabelfrom relabelto associate - quotamod quotaget watch)) - -; Add all capability permissions. -(common capability ( - chown dac_override dac_read_search fowner fsetid kill setgid - setuid setpcap linux_immutable net_bind_service net_broadcast - net_admin net_raw ipc_lock ipc_owner sys_module sys_rawio - sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice - sys_resource sys_time sys_tty_config mknod lease audit_write - audit_control setfcap)) -(classcommon capability capability) -(classcommon cap_userns capability) - -(common capability2 ( - mac_override mac_admin syslog wake_alarm block_suspend - audit_read perfmon bpf checkpoint_restore)) -(classcommon capability2 capability2) -(classcommon cap2_userns capability2) - -; Add permissions specific to some capability classes. -(class capability ()) -(class capability2 ()) -(class cap_userns ()) -(class cap2_userns ()) - -; Add permissions shared by all file classes. -(common file ( - ioctl read write create getattr setattr lock relabelfrom - relabelto append map unlink link rename execute quotaon - mounton audit_access open execmod watch watch_mount watch_sb - watch_with_perm watch_reads)) -(classcommon file file) -(classcommon dir file) -(classcommon lnk_file file) -(classcommon chr_file file) -(classcommon blk_file file) -(classcommon sock_file file) -(classcommon fifo_file file) -(classcommon anon_inode file) - -; Add permissions specific to some file classes. -(class file (execute_no_trans entrypoint)) -(class dir (add_name remove_name reparent search rmdir)) -(class fd (use)) -(class lnk_file ()) -(class chr_file ()) -(class blk_file ()) -(class sock_file ()) -(class fifo_file ()) -(class anon_inode ()) - -; Add permissions shared by all socket classes. -(common socket ( - ioctl read write create getattr setattr lock relabelfrom - relabelto append map bind connect listen accept getopt - setopt shutdown recvfrom sendto name_bind)) -(classcommon socket socket) -(classcommon tcp_socket socket) -(classcommon udp_socket socket) -(classcommon rawip_socket socket) -(classcommon netlink_socket socket) -(classcommon packet_socket socket) -(classcommon key_socket socket) -(classcommon unix_stream_socket socket) -(classcommon unix_dgram_socket socket) -(classcommon netlink_route_socket socket) -(classcommon netlink_tcpdiag_socket socket) -(classcommon netlink_nflog_socket socket) -(classcommon netlink_xfrm_socket socket) -(classcommon netlink_selinux_socket socket) -(classcommon netlink_iscsi_socket socket) -(classcommon netlink_audit_socket socket) -(classcommon netlink_fib_lookup_socket socket) -(classcommon netlink_connector_socket socket) -(classcommon netlink_netfilter_socket socket) -(classcommon netlink_dnrt_socket socket) -(classcommon netlink_kobject_uevent_socket socket) -(classcommon netlink_generic_socket socket) -(classcommon netlink_scsitransport_socket socket) -(classcommon netlink_rdma_socket socket) -(classcommon netlink_crypto_socket socket) -(classcommon appletalk_socket socket) -(classcommon dccp_socket socket) -(classcommon tun_socket socket) -(classcommon sctp_socket socket) -(classcommon icmp_socket socket) -(classcommon ax25_socket socket) -(classcommon ipx_socket socket) -(classcommon netrom_socket socket) -(classcommon atmpvc_socket socket) -(classcommon x25_socket socket) -(classcommon rose_socket socket) -(classcommon decnet_socket socket) -(classcommon atmsvc_socket socket) -(classcommon rds_socket socket) -(classcommon irda_socket socket) -(classcommon pppox_socket socket) -(classcommon llc_socket socket) -(classcommon can_socket socket) -(classcommon tipc_socket socket) -(classcommon bluetooth_socket socket) -(classcommon iucv_socket socket) -(classcommon rxrpc_socket socket) -(classcommon isdn_socket socket) -(classcommon phonet_socket socket) -(classcommon ieee802154_socket socket) -(classcommon caif_socket socket) -(classcommon alg_socket socket) -(classcommon nfc_socket socket) -(classcommon vsock_socket socket) -(classcommon kcm_socket socket) -(classcommon qipcrtr_socket socket) -(classcommon smc_socket socket) -(classcommon xdp_socket socket) -(classcommon mctp_socket socket) - -; Add permissions specific to some socket classes. -(class socket ()) -(class tcp_socket (node_bind name_connect)) -(class udp_socket (node_bind)) -(class rawip_socket (node_bind)) -(class netlink_socket ()) -(class packet_socket ()) -(class key_socket ()) -(class unix_stream_socket (connectto)) -(class unix_dgram_socket ()) -(class netlink_route_socket (nlmsg_read nlmsg_write)) -(class netlink_tcpdiag_socket (nlmsg_read nlmsg_write)) -(class netlink_nflog_socket ()) -(class netlink_xfrm_socket (nlmsg_read nlmsg_write)) -(class netlink_selinux_socket ()) -(class netlink_iscsi_socket ()) -(class netlink_audit_socket ( - nlmsg_read nlmsg_write nlmsg_relay nlmsg_readpriv - nlmsg_tty_audit)) -(class netlink_fib_lookup_socket ()) -(class netlink_connector_socket ()) -(class netlink_netfilter_socket ()) -(class netlink_dnrt_socket ()) -(class netlink_kobject_uevent_socket ()) -(class netlink_generic_socket ()) -(class netlink_scsitransport_socket ()) -(class netlink_rdma_socket ()) -(class netlink_crypto_socket ()) -(class appletalk_socket ()) -(class dccp_socket (node_bind name_connect)) -(class tun_socket (attach_queue)) -(class sctp_socket (node_bind name_connect association)) -(class icmp_socket (node_bind)) -(class ax25_socket ()) -(class ipx_socket ()) -(class netrom_socket ()) -(class atmpvc_socket ()) -(class x25_socket ()) -(class rose_socket ()) -(class decnet_socket ()) -(class atmsvc_socket ()) -(class rds_socket ()) -(class irda_socket ()) -(class pppox_socket ()) -(class llc_socket ()) -(class can_socket ()) -(class tipc_socket ()) -(class bluetooth_socket ()) -(class iucv_socket ()) -(class rxrpc_socket ()) -(class isdn_socket ()) -(class phonet_socket ()) -(class ieee802154_socket ()) -(class caif_socket ()) -(class alg_socket ()) -(class nfc_socket ()) -(class vsock_socket ()) -(class kcm_socket ()) -(class qipcrtr_socket ()) -(class smc_socket ()) -(class xdp_socket ()) -(class mctp_socket ()) - -; Add permissions for various network classes. -(class node (recvfrom sendto)) -(class netif (ingress egress)) -(class association (sendto recvfrom setcontext polmatch)) -(class packet ( - send recv relabelto relabelfrom forward_in forward_out)) -(class peer (recv)) -(class infiniband_pkey (access)) -(class infiniband_endport (manage_subnet)) - -; Add permissions shared by all IPC classes. -(common ipc ( - create destroy getattr setattr read write associate unix_read - unix_write)) -(classcommon sem ipc) -(classcommon msg ipc) -(classcommon msgq ipc) -(classcommon shm ipc) -(classcommon ipc ipc) - -; Add permissions specific to some IPC classes. -(class sem ()) -(class msg (send receive)) -(class msgq (enqueue)) -(class shm (lock)) -(class ipc ()) - -; Add permissions for the system class. -; This includes service-related actions that are not defined in -; the kernel, but are checked by systemd for DBUS requests. -(class system ( - ipc_info syslog_read syslog_mod syslog_console module_request - module_load halt reboot status start stop enable disable - reload)) - -; Add permissions for other classes. -(class security ( - compute_av compute_create compute_member check_context - load_policy compute_relabel compute_user setenforce setbool - setsecparam setcheckreqprot read_policy validate_trans)) -(class key (view read write search link setattr create)) -(class memprotect (mmap_zero)) -(class kernel_service (use_as_override create_files_as)) -(class binder (impersonate call set_context_mgr transfer)) -(class bpf (map_create map_read map_write prog_load prog_run)) -(class perf_event (open cpu kernel tracepoint read write)) -(class lockdown (integrity confidentiality)) -(class io_uring (override_creds sqpoll cmd)) -(class user_namespace (create)) - -; Match the kernel's class order. -(classorder ( - security process process2 system capability filesystem file - dir fd lnk_file chr_file blk_file sock_file fifo_file socket - tcp_socket udp_socket rawip_socket node netif netlink_socket - packet_socket key_socket unix_stream_socket unix_dgram_socket - sem msg msgq shm ipc netlink_route_socket - netlink_tcpdiag_socket netlink_nflog_socket - netlink_xfrm_socket netlink_selinux_socket - netlink_iscsi_socket netlink_audit_socket - netlink_fib_lookup_socket netlink_connector_socket - netlink_netfilter_socket netlink_dnrt_socket association - netlink_kobject_uevent_socket netlink_generic_socket - netlink_scsitransport_socket netlink_rdma_socket - netlink_crypto_socket appletalk_socket packet key dccp_socket - memprotect peer capability2 kernel_service tun_socket binder - cap_userns cap2_userns sctp_socket icmp_socket ax25_socket - ipx_socket netrom_socket atmpvc_socket x25_socket rose_socket - decnet_socket atmsvc_socket rds_socket irda_socket - pppox_socket llc_socket can_socket tipc_socket - bluetooth_socket iucv_socket rxrpc_socket isdn_socket - phonet_socket ieee802154_socket caif_socket alg_socket - nfc_socket vsock_socket kcm_socket qipcrtr_socket smc_socket - infiniband_pkey infiniband_endport bpf xdp_socket - mctp_socket perf_event lockdown anon_inode io_uring - user_namespace)) - -; Add permissions for SELinux-aware applications. -; This includes systemd and dbus-broker. -(class service (start stop status reload enable disable)) -(class dbus (acquire_svc send_msg)) - -(classorder (unordered service dbus)) diff --git a/packages/selinux-policy/files.cil b/packages/selinux-policy/files.cil deleted file mode 100644 index 811f821e38a..00000000000 --- a/packages/selinux-policy/files.cil +++ /dev/null @@ -1,355 +0,0 @@ -; Permission groups for files. -(classmap files (relabel mount relax enter describe load execute mutate block)) - -; Permission group for relabeling files. -(classmapping files relabel relabel_file) -(classmapping files relabel relabel_dir) -(classmapping files relabel relabel_lnk_file) -(classmapping files relabel relabel_chr_file) -(classmapping files relabel relabel_blk_file) -(classmapping files relabel relabel_sock_file) -(classmapping files relabel relabel_fifo_file) -(classmapping files relabel relabel_anon_inode) - -; Permission group for mounts. -(classmapping files mount mount_file) -(classmapping files mount mount_dir) -(classmapping files mount mount_lnk_file) -(classmapping files mount mount_chr_file) -(classmapping files mount mount_blk_file) -(classmapping files mount mount_sock_file) -(classmapping files mount mount_fifo_file) -(classmapping files mount mount_filesystem) -(classmapping files mount mount_anon_inode) - -; Permission group for relaxing security constraints on files. -(classmapping files relax relax_file) -(classmapping files relax relax_dir) -(classmapping files relax relax_lnk_file) -(classmapping files relax relax_chr_file) -(classmapping files relax relax_blk_file) -(classmapping files relax relax_sock_file) -(classmapping files relax relax_fifo_file) -(classmapping files relax relax_anon_inode) - -; Permission group for using files as entry points. -(classmapping files enter enter_file) - -; Permission group for describing files. -(classmapping files describe describe_file) -(classmapping files describe describe_dir) -(classmapping files describe describe_lnk_file) -(classmapping files describe describe_chr_file) -(classmapping files describe describe_blk_file) -(classmapping files describe describe_sock_file) -(classmapping files describe describe_fifo_file) -(classmapping files describe describe_filesystem) -(classmapping files describe describe_anon_inode) - -; Permission group for reading files. -(classmapping files load load_file) -(classmapping files load load_dir) -(classmapping files load load_lnk_file) -(classmapping files load load_chr_file) -(classmapping files load load_blk_file) -(classmapping files load load_sock_file) -(classmapping files load load_fifo_file) -(classmapping files load load_filesystem) -(classmapping files load load_fd) -(classmapping files load load_anon_inode) -(classmapping files load load_io_uring) - -; Permission group for executing files. -(classmapping files execute execute_file) -(classmapping files execute execute_dir) -(classmapping files execute execute_lnk_file) -(classmapping files execute execute_chr_file) -(classmapping files execute execute_blk_file) -(classmapping files execute execute_sock_file) -(classmapping files execute execute_fifo_file) - -; Permission group for blocking access to files. -(classmapping files block block_file) -(classmapping files block block_dir) -(classmapping files block block_lnk_file) -(classmapping files block block_chr_file) -(classmapping files block block_blk_file) -(classmapping files block block_sock_file) -(classmapping files block block_fifo_file) -(classmapping files block block_anon_inode) - -; Permission group for mutating files. -(classmapping files mutate mutate_file) -(classmapping files mutate mutate_dir) -(classmapping files mutate mutate_lnk_file) -(classmapping files mutate mutate_chr_file) -(classmapping files mutate mutate_blk_file) -(classmapping files mutate mutate_sock_file) -(classmapping files mutate mutate_fifo_file) -(classmapping files mutate mutate_anon_inode) - -; Sets of permissions for relabeling file objects. -(classpermission relabel_file) -(classpermission relabel_dir) -(classpermission relabel_lnk_file) -(classpermission relabel_chr_file) -(classpermission relabel_blk_file) -(classpermission relabel_sock_file) -(classpermission relabel_fifo_file) -(classpermission relabel_anon_inode) -(classpermissionset relabel_file ( - file (relabelfrom relabelto))) -(classpermissionset relabel_dir ( - dir (relabelfrom relabelto))) -(classpermissionset relabel_lnk_file ( - lnk_file (relabelfrom relabelto))) -(classpermissionset relabel_chr_file ( - chr_file (relabelfrom relabelto))) -(classpermissionset relabel_blk_file ( - blk_file (relabelfrom relabelto))) -(classpermissionset relabel_sock_file ( - sock_file (relabelfrom relabelto))) -(classpermissionset relabel_fifo_file ( - fifo_file (relabelfrom relabelto))) -(classpermissionset relabel_anon_inode( - anon_inode (relabelfrom relabelto))) - -; Sets of permissions for mounts. -(classpermission mount_file) -(classpermission mount_dir) -(classpermission mount_lnk_file) -(classpermission mount_chr_file) -(classpermission mount_blk_file) -(classpermission mount_sock_file) -(classpermission mount_fifo_file) -(classpermission mount_filesystem) -(classpermission mount_anon_inode) -(classpermissionset mount_file ( - file (mounton quotaon))) -(classpermissionset mount_dir ( - dir (mounton quotaon))) -(classpermissionset mount_lnk_file ( - lnk_file (mounton quotaon))) -(classpermissionset mount_chr_file ( - chr_file (mounton quotaon))) -(classpermissionset mount_blk_file ( - blk_file (mounton quotaon))) -(classpermissionset mount_sock_file ( - sock_file (mounton quotaon))) -(classpermissionset mount_fifo_file ( - fifo_file (mounton quotaon))) -(classpermissionset mount_filesystem ( - filesystem (mount quotamod remount unmount))) -(classpermissionset mount_anon_inode ( - anon_inode (mounton quotaon))) - -; Sets of permissions that relax security constraints for file objects. -(classpermission relax_file) -(classpermission relax_dir) -(classpermission relax_lnk_file) -(classpermission relax_chr_file) -(classpermission relax_blk_file) -(classpermission relax_sock_file) -(classpermission relax_fifo_file) -(classpermission relax_anon_inode) -(classpermissionset relax_file ( - file (execmod))) -(classpermissionset relax_dir ( - dir (execmod))) -(classpermissionset relax_lnk_file ( - lnk_file (execmod))) -(classpermissionset relax_chr_file ( - chr_file (execmod))) -(classpermissionset relax_blk_file ( - blk_file (execmod))) -(classpermissionset relax_sock_file ( - sock_file (execmod))) -(classpermissionset relax_fifo_file ( - fifo_file (execmod))) -(classpermissionset relax_anon_inode ( - anon_inode (execmod))) - -; Sets of permissions for using file objects as entry points. -(classpermission enter_file) -(classpermissionset enter_file ( - file (entrypoint))) - -; Sets of permissions for describing file objects. -(classpermission describe_file) -(classpermission describe_dir) -(classpermission describe_lnk_file) -(classpermission describe_chr_file) -(classpermission describe_blk_file) -(classpermission describe_sock_file) -(classpermission describe_fifo_file) -(classpermission describe_filesystem) -(classpermission describe_anon_inode) -(classpermissionset describe_file ( - file (getattr))) -(classpermissionset describe_dir ( - dir (getattr))) -(classpermissionset describe_lnk_file ( - lnk_file (getattr))) -(classpermissionset describe_chr_file ( - chr_file (getattr))) -(classpermissionset describe_blk_file ( - blk_file (getattr))) -(classpermissionset describe_sock_file ( - sock_file (getattr))) -(classpermissionset describe_fifo_file ( - fifo_file (getattr))) -(classpermissionset describe_filesystem ( - filesystem (getattr quotaget))) -(classpermissionset describe_anon_inode ( - anon_inode (getattr))) - -; Sets of permissions for read-only actions that do not affect the -; integrity of file objects. -(classpermission load_file) -(classpermission load_dir) -(classpermission load_lnk_file) -(classpermission load_chr_file) -(classpermission load_blk_file) -(classpermission load_sock_file) -(classpermission load_fifo_file) -(classpermission load_filesystem) -(classpermission load_fd) -(classpermission load_anon_inode) -(classpermission load_io_uring) -(classpermissionset load_file ( - file ( - ioctl map open read watch watch_mount watch_reads watch_sb))) -(classpermissionset load_dir ( - dir ( - ioctl map open read search watch watch_mount watch_reads watch_sb))) -(classpermissionset load_lnk_file ( - lnk_file ( - ioctl map open read watch watch_mount watch_reads watch_sb))) -(classpermissionset load_chr_file ( - chr_file ( - ioctl map open read watch watch_mount watch_reads watch_sb))) -(classpermissionset load_blk_file ( - blk_file ( - ioctl map open read watch watch_mount watch_reads watch_sb))) -(classpermissionset load_sock_file ( - sock_file ( - ioctl map open read watch watch_mount watch_reads watch_sb))) -(classpermissionset load_fifo_file ( - fifo_file ( - ioctl map open read watch watch_mount watch_reads watch_sb))) -(classpermissionset load_filesystem ( - filesystem (watch))) -(classpermissionset load_fd ( - fd (use))) -(classpermissionset load_anon_inode ( - anon_inode ( - execute ioctl map open read - watch watch_mount watch_reads watch_sb))) -(classpermissionset load_io_uring ( - io_uring (cmd))) - -; Sets of permissions for execute actions on file objects. -(classpermission execute_file) -(classpermission execute_dir) -(classpermission execute_lnk_file) -(classpermission execute_chr_file) -(classpermission execute_blk_file) -(classpermission execute_sock_file) -(classpermission execute_fifo_file) -(classpermissionset execute_file ( - file (execute execute_no_trans))) -(classpermissionset execute_dir ( - dir (execute))) -(classpermissionset execute_lnk_file ( - lnk_file (execute))) -(classpermissionset execute_chr_file ( - chr_file (execute))) -(classpermissionset execute_blk_file ( - blk_file (execute))) -(classpermissionset execute_sock_file ( - sock_file (execute))) -(classpermissionset execute_fifo_file ( - fifo_file (execute))) - -; Sets of permissions for blocking access to file objects. -(classpermission block_file) -(classpermission block_dir) -(classpermission block_lnk_file) -(classpermission block_chr_file) -(classpermission block_blk_file) -(classpermission block_sock_file) -(classpermission block_fifo_file) -(classpermission block_anon_inode) -(classpermissionset block_file ( - file (watch_with_perm))) -(classpermissionset block_dir ( - dir (watch_with_perm))) -(classpermissionset block_lnk_file ( - lnk_file (watch_with_perm))) -(classpermissionset block_chr_file ( - chr_file (watch_with_perm))) -(classpermissionset block_blk_file ( - blk_file (watch_with_perm))) -(classpermissionset block_sock_file ( - sock_file (watch_with_perm))) -(classpermissionset block_fifo_file ( - fifo_file (watch_with_perm))) -(classpermissionset block_anon_inode ( - anon_inode (watch_with_perm))) - -; Sets of permissions for mutating file objects, which includes all -; actions that are not covered by other policy restrictions. -(classpermission mutate_file) -(classpermission mutate_dir) -(classpermission mutate_lnk_file) -(classpermission mutate_chr_file) -(classpermission mutate_blk_file) -(classpermission mutate_sock_file) -(classpermission mutate_fifo_file) -(classpermission mutate_anon_inode) -(classpermissionset mutate_file ( - file (not ( - entrypoint execute_no_trans - execute ioctl getattr map open read execmod - relabelfrom relabelto mounton quotaon - watch watch_mount watch_reads watch_sb watch_with_perm)))) -(classpermissionset mutate_dir ( - dir (not ( - search - execute ioctl getattr map open read execmod - relabelfrom relabelto mounton quotaon - watch watch_mount watch_reads watch_sb watch_with_perm)))) -(classpermissionset mutate_lnk_file ( - lnk_file (not ( - execute ioctl getattr map open read execmod - relabelfrom relabelto mounton quotaon - watch watch_mount watch_reads watch_sb watch_with_perm)))) -(classpermissionset mutate_chr_file ( - chr_file (not ( - execute ioctl getattr map open read execmod - relabelfrom relabelto mounton quotaon - watch watch_mount watch_reads watch_sb watch_with_perm)))) -(classpermissionset mutate_blk_file ( - blk_file (not ( - execute ioctl getattr map open read execmod - relabelfrom relabelto mounton quotaon - watch watch_mount watch_reads watch_sb watch_with_perm)))) -(classpermissionset mutate_sock_file ( - sock_file (not ( - execute ioctl getattr map open read execmod - relabelfrom relabelto mounton quotaon - watch watch_mount watch_reads watch_sb watch_with_perm)))) -(classpermissionset mutate_fifo_file ( - fifo_file (not ( - execute ioctl getattr map open read execmod - relabelfrom relabelto mounton quotaon - watch watch_mount watch_reads watch_sb watch_with_perm)))) -(classpermissionset mutate_anon_inode ( - anon_inode (not ( - execute ioctl getattr map open read execmod - relabelfrom relabelto mounton quotaon - watch watch_mount watch_reads watch_sb watch_with_perm)))) - -; Permission group for filesystems. -(classmap filesystems (relabel)) -(classmapping filesystems relabel (filesystem (relabelfrom relabelto))) diff --git a/packages/selinux-policy/fs.cil b/packages/selinux-policy/fs.cil deleted file mode 100644 index 3d6c0a9522c..00000000000 --- a/packages/selinux-policy/fs.cil +++ /dev/null @@ -1,119 +0,0 @@ -; Label inodes by using xattrs for supported filesystems. -(fsuse xattr ext4 local) -(fsuse xattr overlay local) -(fsuse xattr xfs local) - -; Label inodes by using the type of the creating task. -(fsuse task eventpollfs any) -(fsuse task pipefs any) -(fsuse task sockfs any) - -; Label inodes by deriving a type from the creating task. -(fsuse trans devpts any) -(fsuse trans devtmpfs any) -(fsuse trans hugetlbfs any) -(fsuse trans mqueue any) -(fsuse trans shm any) -(fsuse trans tmpfs any) - -; Specify a context for filesystems that do not support other ways to label. -(genfscon autofs / any) -(genfscon bdev / any) -(genfscon binfmt_misc / any) -(genfscon bpf / any) -(genfscon cgroup / any) -(genfscon cgroup2 / any) -(genfscon debugfs / any) -(genfscon kvmfs / any) -(genfscon nsfs / any) -(genfscon proc / proc) -(genfscon pstore / any) -(genfscon ramfs / any) -(genfscon rootfs / any) -(genfscon securityfs / any) -(genfscon selinuxfs / any) -(genfscon sysfs / any) -(genfscon tracefs / any) - -; Label most files. -(filecon "/.*" any os) - -; Label entry points. -(filecon "/.*/usr/lib/systemd/systemd" file init_exec) -(filecon "/.*/usr/bin/mount" file mount_exec) -(filecon "/.*/usr/bin/apiserver" file api_exec) -(filecon "/.*/usr/bin/early-boot-config" file api_exec) -(filecon "/.*/usr/bin/migrator" file api_exec) -(filecon "/.*/usr/bin/storewolf" file api_exec) -(filecon "/.*/usr/bin/cfsignal" file api_exec) -(filecon "/.*/usr/bin/thar-be-settings" file api_exec) -(filecon "/.*/usr/bin/dbus-broker.*" file bus_exec) -(filecon "/.*/usr/sbin/chronyd" file clock_exec) -(filecon "/.*/usr/sbin/wicked.*" file network_exec) -(filecon "/.*/usr/libexec/wicked/bin/wicked.*" file network_exec) -(filecon "/.*/usr/lib/systemd/systemd-networkd.*" file network_exec) -(filecon "/.*/usr(/fips)?/bin/containerd.*" file runtime_exec) -(filecon "/.*/usr(/fips)?/bin/docker.*" file runtime_exec) -(filecon "/.*/usr(/fips)?/bin/host-ctr" file runtime_exec) -(filecon "/.*/usr(/fips)?/bin/runc.*" file runtime_exec) -(filecon "/.*/usr/bin/shibaken" file api_exec) - -; Label local storage mounts. -(filecon "/local" any local) -(filecon "/local/.*" any ()) -(filecon "/opt" any local) -(filecon "/opt/.*" any ()) -(filecon "/var" any local) -(filecon "/var/.*" any ()) - -; Label local state directories. -(filecon "/local/host-containers" any secret) -(filecon "/local/host-containers/.*" any secret) -(filecon "/local/bootstrap-containers" any secret) -(filecon "/local/bootstrap-containers/.*" any secret) -(filecon "/var/lib/chrony" any measure) -(filecon "/var/lib/chrony/.*" any measure) -(filecon "/var/lib/systemd" any state) -(filecon "/var/lib/systemd/.*" any state) -(filecon "/var/lib/systemd/random-seed" any secret) -(filecon "/var/lib/wicked" any lease) -(filecon "/var/lib/wicked/.*" any lease) -(filecon "/var/log/journal" any state) -(filecon "/var/log/journal/.*" any state) -(filecon "/var/lib/selinux" any state) -(filecon "/var/lib/selinux/.*" any state) -(filecon "/var/lib/netdog" any lease) -(filecon "/var/lib/netdog/.*" any lease) - -; Label local directories for overlayfs mounts. -(filecon "/var/lib/cni-plugins" any state) -(filecon "/var/lib/cni-plugins/.*" any state) -(filecon "/var/lib/csi-helpers" any state) -(filecon "/var/lib/csi-helpers/.*" any state) -(filecon "/var/lib/kernel-devel" any state) -(filecon "/var/lib/kernel-devel/.*" any state) -(filecon "/var/lib/kernel-modules" any state) -(filecon "/var/lib/kernel-modules/.*" any state) - -; Label kernel filesystem mounts. -(filecon "/proc" any proc) -(filecon "/proc/.*" any ()) -(filecon "/sys" any any) -(filecon "/sys/.*" any ()) -(filecon "/dev" any any) -(filecon "/dev/.*" any ()) - -; Label tmpfs mounts. -(filecon "/etc" any etc) -(filecon "/etc/.*" any ()) -(filecon "/tmp" any any) -(filecon "/tmp/.*" any ()) -(filecon "/run" any any) -(filecon "/run/.*" any ()) - -; Label external filesystem mounts. -(filecon "/mnt" any local) -(filecon "/mnt/.*" any ()) -(filecon "/media" any local) -(filecon "/media/cdrom" any local) -(filecon "/media/.*" any ()) diff --git a/packages/selinux-policy/ipcs.cil b/packages/selinux-policy/ipcs.cil deleted file mode 100644 index f8691482de7..00000000000 --- a/packages/selinux-policy/ipcs.cil +++ /dev/null @@ -1,9 +0,0 @@ -; Permission groups for IPCs. -(classmap ipcs (use)) - -; Permission group for all IPC actions. -(classmapping ipcs use (sem (all))) -(classmapping ipcs use (msg (all))) -(classmapping ipcs use (msgq (all))) -(classmapping ipcs use (shm (all))) -(classmapping ipcs use (ipc (all))) diff --git a/packages/selinux-policy/lxc_contexts b/packages/selinux-policy/lxc_contexts deleted file mode 100644 index bd7c4c7493b..00000000000 --- a/packages/selinux-policy/lxc_contexts +++ /dev/null @@ -1,12 +0,0 @@ -# Runtimes that use the Go SELinux implementation, such as Docker and -# the containerd CRI plugin, will apply the 'process' label to the -# initial process for unprivileged containers, unless the option for -# automatic labeling is disabled. -process = "system_u:system_r:container_t:s0" - -# The 'file' label should always be applied to the container's root -# filesystem, regardless of privileged status or automatic labeling. -file = "system_u:object_r:data_t:s0" - -# The 'ro_file' label is not currently used by the above runtimes. -ro_file = "system_u:object_r:cache_t:s0" diff --git a/packages/selinux-policy/mcs.cil b/packages/selinux-policy/mcs.cil deleted file mode 100644 index b1766a583eb..00000000000 --- a/packages/selinux-policy/mcs.cil +++ /dev/null @@ -1,107 +0,0 @@ -; SELinux dominance rules are somewhat involved but the usage below -; is straightforward. A quick summary of the relevant details: -; -; * s0:c0,c1 (source) dominates s0:c1 (target) since it has two -; categories, one of which is c1 -; * s0:c0.c4 (source) dominates s0:c1 (target) since it has a range of -; categories, from c0 to c4, which includes c1 -; * s0:c0,c1 (source) neither dominates or is dominated by s0:c1,c2 -; (target) since only one of the two categories is shared -; * s0:c0,c1 (source) likewise does not dominate s0:c2,c3 (target) -; since neither of the categories is shared -; -; In practice, the container runtime will assign two categories at -; random to each unprivileged container, such that no container has a -; level that dominates or is dominated by any other. We refer to the -; two random categories as an MCS pair. - -; All the `(dom h1 h2)` checks below can be read as testing whether -; an unprivileged process running in a container is interacting with -; its own processes, or reading and writing to its own files. -; -; Privileged containers are left alone by the container runtime and -; inherit the default level, which covers the range of categories - -; `s0-s0:c0.1023`. They would also pass the dominance check. However, -; since we have privileged subjects that run outside of containers, -; we check for that with `(eq t1 privileged_s)`. -; -; The current policy attempts to avoid propagating MCS pairs to types -; that are not `data_t`, but that was not previously done and we may -; encounter labels like `system_u:object_r:local_t:s0:cX,cY`. The -; `(eq t2 unconstrained_o)` check is intended to preserve access to -; these files after an upgrade. -; -; Actions that change the label of a process or file are restricted -; to trusted processes, unless the new label is identical to the old -; one. This allows programs that attempt to sync all file attributes -; to work while preserving the intended access restrictions. - -; =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= - -; Restrict file reads unless one of these conditions is met: -; * the source dominates the target -; * the source context is a privileged subject (e.g. `control_t`) -; * the target context is for a subject (e.g. /proc//) -; * the target context is for an unconstrained object - -(mlsconstrain (files (load)) - (or (dom h1 h2) - (or (eq t1 privileged_s) - (or (eq t2 all_s) - (eq t2 unconstrained_o))))) - -; Restrict file writes unless one of these conditions is met: -; * the source dominates the target -; * the source context is for a privileged subject (e.g. `control_t`) -; * the target context is for an unconstrained object - -(mlsconstrain (files (mutate)) - (or (dom h1 h2) - (or (eq t1 privileged_s) - (eq t2 unconstrained_o)))) - -; Restrict file transitions unless one of these conditions is met: -; * the new label exactly matches the old label -; * the process context is trusted - -(mlsvalidatetrans files - (or (eq t3 trusted_s) - (and (and (and (and - (eq u1 u2) - (eq r1 r2)) - (eq t1 t2)) - (eq h1 h2)) - (eq l1 l2)))) - -; =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= - -; Restrict process interactions unless one of these conditions is met: -; * the source dominates the target -; * the source context is for a privileged subject (e.g. `control_t`) - -(mlsconstrain (processes (interact)) - (or (dom h1 h2) - (eq t1 privileged_s))) - -; Restrict process transitions unless one of these conditions is met: -; * the new label exactly matches the old label -; * the source context is for a trusted subject - -(mlsconstrain (processes (transform)) - (or (eq t1 trusted_s) - (and (and (and (and - (eq u1 u2) - (eq r1 r2)) - (eq t1 t2)) - (eq h1 h2)) - (eq l1 l2)))) - -; =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= =^..^= - -; Restrict system interactions unless one of these conditions is met: -; * the source dominates the target -; * the source context is for a privileged subject (e.g. `control_t`) - -(mlsconstrain (systems (use)) - (or (dom h1 h2) - (eq t1 privileged_s))) diff --git a/packages/selinux-policy/networks.cil b/packages/selinux-policy/networks.cil deleted file mode 100644 index c1eab6f79ed..00000000000 --- a/packages/selinux-policy/networks.cil +++ /dev/null @@ -1,15 +0,0 @@ -; Permission groups for network actions. -(classmap networks (relabel use)) - -; Permission groups for relabeling network flows. -(classmapping networks relabel (association (setcontext polmatch))) -(classmapping networks relabel (packet (relabelto))) - -; Permission group for other network actions. -(classmapping networks use (node (all))) -(classmapping networks use (netif (all))) -(classmapping networks use (association (not (setcontext polmatch)))) -(classmapping networks use (packet (not (relabelto)))) -(classmapping networks use (peer (all))) -(classmapping networks use (infiniband_pkey (all))) -(classmapping networks use (infiniband_endport (all))) diff --git a/packages/selinux-policy/object.cil b/packages/selinux-policy/object.cil deleted file mode 100644 index 1d2688e0cfd..00000000000 --- a/packages/selinux-policy/object.cil +++ /dev/null @@ -1,210 +0,0 @@ -; -; Objects are the resources in the system. They answer the question of -; what is being accessed when policy rules are checked. -; - -; Files shipped with the OS. -(type os_t) -(roletype object_r os_t) -(context os (system_u object_r os_t s0)) - -; Executable files for PID 1 such as /sbin/init. -(type init_exec_t) -(roletype object_r init_exec_t) -(context init_exec (system_u object_r init_exec_t s0)) - -; Executable files for the API such as /usr/bin/apiserver. -(type api_exec_t) -(roletype object_r api_exec_t) -(context api_exec (system_u object_r api_exec_t s0)) - -; Executable files for NTP daemons such as /usr/sbin/chronyd. -(type clock_exec_t) -(roletype object_r clock_exec_t) -(context clock_exec (system_u object_r clock_exec_t s0)) - -; Executable files for network daemons such as /usr/sbin/wickedd. -(type network_exec_t) -(roletype object_r network_exec_t) -(context network_exec (system_u object_r network_exec_t s0)) - -; Executable files for message bus daemons such as -; /usr/bin/dbus-broker-launch. -(type bus_exec_t) -(roletype object_r bus_exec_t) -(context bus_exec (system_u object_r bus_exec_t s0)) - -; Executable files for container runtimes such as /usr/bin/containerd. -(type runtime_exec_t) -(roletype object_r runtime_exec_t) -(context runtime_exec (system_u object_r runtime_exec_t s0)) - -; Executable files for managing mounts such as /usr/bin/mount. -(type mount_exec_t) -(roletype object_r mount_exec_t) -(context mount_exec (system_u object_r mount_exec_t s0)) - -; Executable CNI plugins. -(type cni_exec_t) -(roletype object_r cni_exec_t) -(context cni_exec (system_u object_r cni_exec_t s0)) - -; Executable CSI helpers. -(type csi_exec_t) -(roletype object_r csi_exec_t) -(context csi_exec (system_u object_r csi_exec_t s0)) - -; Files under /proc. -(type proc_t) -(roletype object_r proc_t) -(context proc (system_u object_r proc_t s0)) - -; Files where we have no specific policy objectives, such as -; tmpfs mounts and various kernel filesystems. -(type any_t) -(roletype object_r any_t) -(context any (system_u object_r any_t s0)) - -; Files for system configuration. -(type etc_t) -(roletype object_r etc_t) -(context etc (system_u object_r etc_t s0)) - -; Files created on local storage. -(type local_t) -(roletype object_r local_t) -(context local (system_u object_r local_t s0)) - -; The "external_t" and "unlabeled_t" types were removed to simplify -; the policy. Add aliases for backwards compatibility. -(typealias external_t) -(typealias unlabeled_t) -(typealiasactual external_t local_t) -(typealiasactual unlabeled_t local_t) - -; Files created by containers, or on their behalf. -(type data_t) -(roletype object_r data_t) -(context data (system_u object_r data_t s0)) - -; Alias "container_file_t" to "local_t" for compatibility with the -; container-selinux policy. Ideally it would be aliased to `data_t` -; but then kubelet applies the wrong label to plugin directories. -(typealias container_file_t) -(typealiasactual container_file_t local_t) - -; Files for the API components. -(type private_t) -(roletype object_r private_t) -(context private (system_u object_r private_t s0)) - -; Files that are the API socket. -(type api_socket_t) -(roletype object_r api_socket_t) -(context api_socket (system_u object_r api_socket_t s0)) - -; Files for cached container layers. -(type cache_t) -(roletype object_r cache_t) -(context cache (system_u object_r cache_t s0)) - -; Alias "container_ro_file_t" to "cache_t" for compatibility with -; the container-selinux policy. -(typealias container_ro_file_t) -(typealiasactual container_ro_file_t cache_t) - -; Files for saved DHCP leases. -(type lease_t) -(roletype object_r lease_t) -(context lease (system_u object_r lease_t s0)) - -; Files for saved clock measurements. -(type measure_t) -(roletype object_r measure_t) -(context measure (system_u object_r measure_t s0)) - -; Files for saved system state. -(type state_t) -(roletype object_r state_t) -(context state (system_u object_r state_t s0)) - -; Files for saved system secrets. -(type secret_t) -(roletype object_r secret_t) -(context secret (system_u object_r secret_t s0)) - -; Dynamic objects are files on temporary storage with special rules. -(typeattribute dynamic_o) -(typeattributeset dynamic_o (etc_t)) - -; Shared objects are files on local storage for containers. -(typeattribute shared_o) -(typeattributeset shared_o (local_t data_t cni_exec_t)) - -; Unshared objects are all other files. -(typeattribute unshared_o) -(typeattributeset unshared_o (xor (all_o) (shared_o))) - -; Constrained objects are files where MCS constraints apply. -(typeattribute constrained_o) -(typeattributeset constrained_o (data_t)) - -; Unconstrained objects are not affected by MCS constraints. -(typeattribute unconstrained_o) -(typeattributeset unconstrained_o (xor (all_o) (constrained_o))) - -; Write-restricted objects are files on local storage that can only be -; modified by system-level processes. -(typeattribute write_restricted_o) -(typeattributeset write_restricted_o ( - cache_t csi_exec_t lease_t measure_t secret_t state_t private_t)) - -; Read-restricted objects are files on local storage that can only be -; opened by system-level processes. -(typeattribute read_restricted_o) -(typeattributeset read_restricted_o ( - xor (write_restricted_o) (cache_t lease_t measure_t state_t))) - -; Sensitive objects are files on local storage that can only be modified -; by unconfined system-level processes. -(typeattribute sensitive_o) -(typeattributeset sensitive_o (csi_exec_t secret_t state_t)) - -; Immutable objects reside on read-only storage. -(typeattribute immutable_o) -(typeattributeset immutable_o ( - os_t init_exec_t api_exec_t clock_exec_t - network_exec_t bus_exec_t runtime_exec_t - mount_exec_t)) - -; Mutable objects are all other files. -(typeattribute mutable_o) -(typeattributeset mutable_o (xor (all_o) (immutable_o))) - -; Ephemeral objects reside on tmpfs filesystems. -(typeattribute ephemeral_o) -(typeattributeset ephemeral_o (any_t proc_t)) - -; Executable objects that are entry points into containers. -(typeattribute container_exec_o) -(typeattributeset container_exec_o (data_t cache_t secret_t cni_exec_t csi_exec_t)) - -; Executable objects that transition into unprivileged containers by default. -(typeattribute unprivileged_container_exec_o) -(typeattributeset unprivileged_container_exec_o (cni_exec_t)) - -; Executable objects that transition into privileged containers by default. -(typeattribute privileged_container_exec_o) -(typeattributeset privileged_container_exec_o ( - xor (container_exec_o) (unprivileged_container_exec_o))) - -; The set of all objects. -(typeattribute all_o) -(typeattributeset all_o ( - os_t init_exec_t api_exec_t clock_exec_t - network_exec_t bus_exec_t runtime_exec_t - mount_exec_t cni_exec_t csi_exec_t - any_t etc_t proc_t - local_t data_t private_t secret_t cache_t - lease_t measure_t state_t - api_socket_t)) diff --git a/packages/selinux-policy/processes.cil b/packages/selinux-policy/processes.cil deleted file mode 100644 index d4f05e5a163..00000000000 --- a/packages/selinux-policy/processes.cil +++ /dev/null @@ -1,32 +0,0 @@ -; Permission groups for processes. -(classmap processes (transform describe relax interact)) - -; Permission group for changing labels on processes. -(classmapping processes transform ( - process ( - dyntransition transition setcurrent setexec - setfscreate setkeycreate setsockcreate))) -(classmapping processes transform ( - process2 (nnp_transition nosuid_transition))) -(classmapping processes transform ( - io_uring (override_creds))) - -(classmapping processes describe ( - process ( - getsched getsession getpgid getcap getattr getrlimit))) - -; Permission group for relaxing security constraints on processes. -(classmapping processes relax ( - process (execheap execmem execstack))) -(classmapping processes relax ( - memprotect (mmap_zero))) - -; Permission group for other actions. -(classmapping processes interact ( - process (not ( - dyntransition transition setcurrent setexec - setfscreate setkeycreate setsockcreate - getsched getsession getpgid getcap getattr getrlimit - execheap execmem execstack)))) -(classmapping processes interact ( - io_uring (sqpoll))) diff --git a/packages/selinux-policy/rules.cil b/packages/selinux-policy/rules.cil deleted file mode 100644 index 3800d22eb10..00000000000 --- a/packages/selinux-policy/rules.cil +++ /dev/null @@ -1,341 +0,0 @@ -; Deny any action that is not defined by the policy. -(handleunknown deny) - -; Define the set of all subject and object types, to allow certain actions to -; be allowed or denied for everything. -(typeattribute global) -(typeattributeset global ((all_s) (all_o))) - -; Define a subset of these types which are considered public. -(typeattribute public) -(typeattributeset public (xor (global) (read_restricted_o))) - -; All subjects are allowed to describe all processes. -(allow all_s all_s (processes (describe))) - -; All subjects are allowed to use the label they already have. -(allow all_s self (processes (transform))) - -; All subjects are allowed to interact with their own processes in most ways -; without policy restrictions. -(allow all_s self (processes (interact))) - -; Only privileged components can interact with all processes. -(allow privileged_s all_s (processes (interact))) - -; Unprivileged components cannot interact with privileged processes. -(neverallow unprivileged_s privileged_s (processes (interact))) - -; PID 1 starts as "kernel_t" and becomes "init_t". -(typetransition kernel_t init_exec_t process init_t) -(allow kernel_t init_t (processes (transform))) -(allow init_t init_exec_t (file (entrypoint))) - -; PID 1 starts most daemons as "system_t". -(typetransition init_t os_t process system_t) -(allow init_t system_t (processes (transform))) -(allow system_t os_t (file (entrypoint))) - -; PID 1 starts mount processes as "mount_t". -(typetransition init_t mount_exec_t process mount_t) -(allow init_t mount_t (processes (transform))) -(allow mount_t mount_exec_t (file (entrypoint))) - -; PID 1 starts API components as "api_t". -(typetransition init_t api_exec_t process api_t) -(allow init_t api_t (processes (transform))) -(allow api_t api_exec_t (file (entrypoint))) - -; PID1 starts NTP daemons as "clock_t". -(typetransition init_t clock_exec_t process clock_t) -(allow init_t clock_t (processes (transform))) -(allow clock_t clock_exec_t (file (entrypoint))) - -; PID1 starts network daemons as "network_t". -(typetransition init_t network_exec_t process network_t) -(allow init_t network_t (processes (transform))) -(allow network_t network_exec_t (file (entrypoint))) - -; PID1 starts DBUS daemons as "bus_t". -(typetransition init_t bus_exec_t process bus_t) -(allow init_t bus_t (processes (transform))) -(allow bus_t bus_exec_t (file (entrypoint))) - -; PID 1 starts container runtimes as "runtime_t". -(typetransition init_t runtime_exec_t process runtime_t) -(allow init_t runtime_t (processes (transform))) -(allow runtime_t runtime_exec_t (file (entrypoint))) - -; `runc` can transition to any of the container subject labels, for -; a process started from any of the container object labels. -(allow runtime_t container_s (processes (transform))) -(allow container_s container_exec_o (file (entrypoint))) - -; `runc` starts container processes as "control_t" by default, but it -; can use other "container" subject labels like "container_t". This -; depends on correct labeling for objects on local storage. -; -; Runtimes that use the Go SELinux library will override this label -; with the "process" label from the `lxc_contexts` when launching -; unprivileged containers, unless automatic labeling is disabled. -; -; The level range is adjusted to span all categories, since privileged -; containers won't get an MCS pair assigned. -(typetransition runtime_t privileged_container_exec_o process control_t) -(rangetransition runtime_t privileged_container_exec_o process s0-s0) - -; Some processes should transition to unprivileged containers by default. -(typetransition runtime_t unprivileged_container_exec_o process container_t) -(rangetransition runtime_t unprivileged_container_exec_o process s0) - -; If PID 1 is used to invoke a CSI helper directly, it should also -; run as a privileged container. -(typetransition init_t csi_exec_t process control_t) -(rangetransition init_t csi_exec_t process s0-s0) -(allow init_t control_t (processes (transform))) - -; Allow transitions to container labels for programs invoked by OCI -; hooks. There's no matching type or range transition since `runc` -; also needs to run other OS programs. -(allow container_s os_t (file (entrypoint))) - -; Also allow entry to container domains through `docker-init`, which -; is mounted from the root filesystem and used as the init process. -(allow container_s runtime_exec_t (file (entrypoint))) - -; Allow containers to communicate with runtimes via pipes. -(allow container_s runtime_t (files (mutate))) - -; If a runtime process creates a directory for cached container archives -; or snapshot layers on local storage, it receives the "cache_t" label. -; ... containerd's pristine archives -(typetransition runtime_t local_t dir "io.containerd.content.v1.content" cache_t) -; ... containerd's metadata database -(typetransition runtime_t local_t dir "io.containerd.metadata.v1.bolt" cache_t) -; ... containerd's snapshot layers -(typetransition runtime_t local_t dir "io.containerd.snapshotter.v1.overlayfs" cache_t) -; ... docker's image layers -(typetransition runtime_t local_t dir "overlay2" cache_t) - -; If a system process creates a directory for host or bootstrap container -; state, it receives the "secret_t" label. -(typetransition system_t local_t dir "host-containers" secret_t) -(typetransition system_t local_t dir "bootstrap-containers" secret_t) - -; The socket for the API server gets the "api_socket_t" label. -(typetransition api_t any_t sock_file "api.sock" api_socket_t) - -; All subjects can describe anything. -(allow all_s global (files (describe))) - -; All subjects can read from anything that's public. -(allow all_s public (files (load))) - -; Privileged subjects can read from anything at all. -(allow privileged_s global (files (load))) - -; Unprivileged subjects cannot read or execute restricted objects. -(neverallow unprivileged_s read_restricted_o (files (load execute))) - -; Container subjects can execute anything that's public. -(allow container_s public (files (execute))) - -; Runtime subjects can execute anything at all. -(allow runtime_s global (files (execute))) - -; Privileged containers can also execute anything. -(allow control_t global (files (execute))) - -; `mount` can also execute anything. For overlayfs, the mounting process -; credentials are saved and used for subsequent access checks from other -; processes, so those credentials need to grant a superset of permissions. -; This lets us further restrict what other host processes can execute. -(allow mount_t global (files (execute))) - -; Programs like `migrator` that are part of the API can run migrations, -; which are executed from sealed, anonymous memory-backed files. They can -; also run other system binaries. -(allow api_t any_t (files (execute))) -(allow api_t immutable_o (files (execute))) - -; `systemd` can only run immutable files, with the exception of CSI helpers -; that may be required for FUSE mounts. -(allow init_t immutable_o (files (execute))) -(allow init_t csi_exec_t (files (execute))) - -; Subjects that must run verified code can execute immutable objects, since -; those are all protected by dm-verity. -(allow verified_s immutable_o (files (execute))) - -; Subjects that must run verified code cannot execute mutable objects. -(neverallow verified_s mutable_o (files (execute))) - -; All subjects are allowed to write to objects with their own label. -; This includes files like the ones under /proc/self. -(allow all_s self (files (mutate))) - -; All subjects are allowed to write to and manage mounts for -; "ephemeral" objects, such as files in /mnt and /tmp. -(allow all_s ephemeral_o (files (mutate mount))) - -; Trusted subjects are allowed to write to and manage mounts -; for "dynamic" files in /etc. -(allow trusted_s dynamic_o (files (mutate mount))) - -; wicked calls netdog which writes /etc/resolv.conf. -(allow network_t etc_t (files (mutate))) - -; Other subjects cannot modify these "dynamic" files. -(neverallow other_s dynamic_o (files (mutate mount))) - -; Most subjects are allowed to write to and manage mounts for -; most of the files and directories on /local. -(allow unconfined_s shared_o (files (mutate mount))) - -; Helpers spawned by apiserver can write to and manage mounts for -; "secret" files and directories on /local. Our runtimes also need to -; be able to perform these operations so that they can launch host -; containers. -(allow api_s secret_t (files (mutate mount))) -(allow runtime_s secret_t (files (mutate mount))) - -; Subjects that control the OS can write to and manage mounts for -; "sensitive" files and directories on /local. -(allow control_s sensitive_o (files (mutate mount))) - -; `mount` can also write to sensitive directories, which is required -; to set up overlayfs mounts that can subsequently be written to. -(allow mount_t sensitive_o (files (mutate))) - -; Unprivileged subjects cannot modify "sensitive" files. -(neverallow unprivileged_s sensitive_o (files (mutate mount))) - -; Confined subjects are a subset of unprivileged subjects that cannot -; modify "shared" files either. -(neverallow confined_s shared_o (files (mutate mount))) - -; Trusted components are allowed to manage mounts everywhere. -(allow trusted_s global (files (mount))) - -; Only specific components can write to these objects, as they -; provide a means to persist changes across container restarts -; and reboots. -(allow api_s private_t (files (mutate))) -(allow clock_s measure_t (files (mutate))) -(allow network_s lease_t (files (mutate))) -(allow runtime_s cache_t (files (mutate))) - -; Other components should not be permitted to modify these files, -; or to manage mounts for these directories. -(neverallow other_s write_restricted_o (files (mutate mount))) - -; Only the API server and specific components can use the API -; socket, as this provides a means to escalate privileges and -; persist changes. -(allow api_s api_socket_t (files (mutate))) -(allow control_s api_socket_t (files (mutate))) - -; Unprivileged components are not allowed to use the API socket. -(neverallow unprivileged_s api_socket_t (files (mutate))) - -; Only trusted components are allowed to relabel all files, and to -; override filesystem labels through "*context=" mount options. -(allow trusted_s global (files (relabel))) -(allow trusted_s global (filesystems (relabel))) - -; Containers are allowed to "relabel" constrained files, but are -; governed by additional MCS constraints that require the old and -; new labels to match exactly. -(allow container_s constrained_o (files (relabel))) - -; Containers are also allowed to "relabel" filesystems at mount time -; using "*context=" options, but only to and from "local_t". -(allow container_s local_t (filesystems (relabel))) - -; Untrusted components are not allowed to relabel most files, and -; cannot use "*context=" options to impose arbitrary labels. -(neverallow untrusted_s all_s (files (relabel))) -(neverallow untrusted_s unconstrained_o (files (relabel))) -(neverallow untrusted_s unshared_o (filesystems (relabel))) - -; Containers may copy or move files from constrained directories -; into unconstrained ones, such as tmpfs mounts. If they attempt to -; also copy the "security.selinux" xattr then this is treated as a -; relabel operation and blocked. Since the operation is otherwise -; successful, suppress this particular audit message. -(dontaudit container_t any_t (file (relabelfrom))) - -; Trusted components are allowed to block access to objects with -; fanotify permission events. -(allow trusted_s all_o (files (block))) - -; Untrusted components are not allowed to block any files. -(neverallow untrusted_s global (files (block))) - -; All subject labels can be used for files on /proc. -(allow all_s proc_t (filesystem (associate))) - -; All object labels can be used for files on filesystems that have -; the same label, and for files on ephemeral storage. -(allow all_o self (filesystem (associate))) -(allow all_o ephemeral_o (filesystem (associate))) - -; Write-restricted object labels can be used on local storage. -(allow write_restricted_o local_t (filesystem (associate))) - -; Shared object labels can also be used, so that volume types like -; emptyDir can be relabeled on behalf of containers. -(allow shared_o local_t (filesystem (associate))) - -; Containers are allowed to relax security constraints, since we -; don't control what code they run or how it's built. -(allow container_s self (processes (relax))) -(allow container_s global (files (relax))) - -; Host processes should not need to relax security constraints. -(neverallow host_s global (processes (relax))) -(neverallow host_s global (files (relax))) - -; Files and directories that reside on the dm-verity backed root -; filesystem are not mutable, and the policy should not permit it. -(neverallow all_s immutable_o (files (mutate))) - -; Files that exist elsewhere should not be an entrypoint. -(neverallow all_s ephemeral_o (files (enter))) -(neverallow all_s dynamic_o (files (enter))) - -; All subjects are allowed to use most actions related to sockets, -; networks, and IPC mechanisms. -(allow all_s global (sockets (use))) -(allow all_s global (networks (use))) -(allow all_s global (ipcs (use))) - -; Only trusted components are allowed to relabel sockets and packets. -(allow trusted_s global (sockets (relabel))) -(allow trusted_s global (networks (relabel))) - -; Untrusted components cannot relabel sockets or packets. -(neverallow untrusted_s global (sockets (relabel))) -(neverallow untrusted_s global (networks (relabel))) - -; All subjects are allowed to use most systems-level functionality, -; such as bpf and capabilities. -(allow all_s global (systems (use))) - -; Only trusted components can use systems-level management functions. -; This includes interactions with SELinux-aware userspace programs -; such as systemd. -(allow trusted_s global (systems (manage))) - -; dbus-broker implements DBUS and uses SELinux for access control. -; It also queries systemd for job status. -(allow bus_t global (dbus (all))) -(allow bus_t global (security (compute_av))) -(allow bus_t init_t (system (status))) - -; wicked needs DBUS for IPC. -(allow network_t bus_t (dbus (all))) -(allow network_t network_t (dbus (all))) - -; Other components cannot use systems-level management functions. -(neverallow other_s global (systems (manage))) diff --git a/packages/selinux-policy/selinux-policy-files.service b/packages/selinux-policy/selinux-policy-files.service deleted file mode 100644 index 32638772fc2..00000000000 --- a/packages/selinux-policy/selinux-policy-files.service +++ /dev/null @@ -1,21 +0,0 @@ -[Unit] -Description=Copy SELinux policy files -DefaultDependencies=no -RefuseManualStart=true -RefuseManualStop=true - -[Service] -Type=oneshot - -# Userspace expects the SELinux policy files to be available in /etc/selinux. -# Because our /etc is a tmpfs mount, we need to copy the policy files from the -# root filesystem during startup. Ordinarily we would use a tmpfiles.d snippet -# for this, but we need to ensure that the file_contexts are available before -# tmpfiles.d runs, so that relabel directives work as expected. -ExecStart=/usr/bin/cp -r -n /usr/share/factory/etc/selinux /etc - -RemainAfterExit=true -StandardError=journal+console - -[Install] -WantedBy=local-fs.target diff --git a/packages/selinux-policy/selinux-policy-tmpfiles.conf b/packages/selinux-policy/selinux-policy-tmpfiles.conf deleted file mode 100644 index 66345bf40d9..00000000000 --- a/packages/selinux-policy/selinux-policy-tmpfiles.conf +++ /dev/null @@ -1,3 +0,0 @@ -R /var/lib/selinux - - - - -C /var/lib/selinux - - - - -Z /var/lib/selinux 0700 root root - diff --git a/packages/selinux-policy/selinux-policy.spec b/packages/selinux-policy/selinux-policy.spec deleted file mode 100644 index 12090735f5e..00000000000 --- a/packages/selinux-policy/selinux-policy.spec +++ /dev/null @@ -1,90 +0,0 @@ -%global debug_package %{nil} - -%global _cross_first_party 1 -%global policytype fortified - -Name: %{_cross_os}selinux-policy -Version: 0.0 -Release: 0%{?dist} -Summary: SELinux policy -License: Apache-2.0 OR MIT -URL: https://github.com/bottlerocket-os/bottlerocket - -# CIL policy files -Source0: base.cil -Source1: sid.cil -Source2: class.cil -Source3: subject.cil -Source4: object.cil -Source5: fs.cil -Source6: processes.cil -Source7: files.cil -Source8: sockets.cil -Source9: networks.cil -Source10: ipcs.cil -Source11: systems.cil -Source12: rules.cil -Source13: mcs.cil - -# Helpers for generating CIL -Source50: catgen.sh - -# Misc config files -Source100: selinux.config -Source101: lxc_contexts -Source102: selinux-policy-files.service -Source103: selinux-policy-tmpfiles.conf - -BuildRequires: secilc - -%description -%{summary}. - -%prep -%setup -T -c -cp -p \ - %{S:0} %{S:1} %{S:2} %{S:3} %{S:4} %{S:5} \ - %{S:6} %{S:7} %{S:8} %{S:9} %{S:10} %{S:11} \ - %{S:12} %{S:13} . - -%build -%{_sourcedir}/catgen.sh > category.cil -secilc --policyvers=31 *.cil - -%install -poldir="%{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/selinux" -install -d "${poldir}/%{policytype}/"{contexts/files,policy} -install -p -m 0644 %{S:100} "${poldir}/config" -install -p -m 0644 %{S:101} "${poldir}/%{policytype}/contexts" -install -p -m 0644 file_contexts "${poldir}/%{policytype}/contexts/files" -install -p -m 0644 policy.31 "${poldir}/%{policytype}/policy" - -moddir="%{buildroot}%{_cross_factorydir}%{_cross_sharedstatedir}/selinux/%{policytype}/active/modules/100" -install -d "${moddir}" -for m in *.cil ; do - mod="${m%.*}" - install -d "${moddir}/${mod}" - install -p -m 0644 "${m}" "${moddir}/${mod}/cil" - echo -n "cil" > "${moddir}/${mod}/lang_ext" -done - -install -d %{buildroot}%{_cross_sysconfdir} -ln -s ..%{_cross_factorydir}%{_cross_sysconfdir}/selinux %{buildroot}%{_cross_sysconfdir}/selinux - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:102} %{buildroot}%{_cross_unitdir}/selinux-policy-files.service - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:103} %{buildroot}%{_cross_tmpfilesdir}/selinux-policy.conf - -%files -%{_cross_factorydir}%{_cross_sysconfdir}/selinux/config -%{_cross_factorydir}%{_cross_sysconfdir}/selinux/%{policytype}/contexts/files/file_contexts -%{_cross_factorydir}%{_cross_sysconfdir}/selinux/%{policytype}/contexts/lxc_contexts -%{_cross_factorydir}%{_cross_sysconfdir}/selinux/%{policytype}/policy/policy.31 -%{_cross_factorydir}%{_cross_sharedstatedir}/selinux/%{policytype} -%{_cross_sysconfdir}/selinux -%{_cross_tmpfilesdir}/selinux-policy.conf -%{_cross_unitdir}/selinux-policy-files.service - -%changelog diff --git a/packages/selinux-policy/selinux.config b/packages/selinux-policy/selinux.config deleted file mode 100644 index f34643854bb..00000000000 --- a/packages/selinux-policy/selinux.config +++ /dev/null @@ -1,2 +0,0 @@ -SELINUX=enforcing -SELINUXTYPE=fortified diff --git a/packages/selinux-policy/sid.cil b/packages/selinux-policy/sid.cil deleted file mode 100644 index 1ca70727987..00000000000 --- a/packages/selinux-policy/sid.cil +++ /dev/null @@ -1,56 +0,0 @@ -; Security identifiers (SIDs) are opaque references to contexts. -; Initial SIDs (ISIDs) are used for initialization and to label -; fixed objects. The list of ISIDs is defined by the kernel: -; security/selinux/include/initial_sid_to_string.h -(sid kernel) -(sid security) -(sid unlabeled) -(sid fs) -(sid file) -(sid file_labels) -(sid init) -(sid any_socket) -(sid port) -(sid netif) -(sid netmsg) -(sid node) -(sid igmp_packet) -(sid icmp_socket) -(sid tcp_socket) -(sid sysctl_modprobe) -(sid sysctl) -(sid sysctl_fs) -(sid sysctl_kernel) -(sid sysctl_net) -(sid sysctl_net_unix) -(sid sysctl_vm) -(sid sysctl_dev) -(sid kmod) -(sid policy) -(sid scmp_packet) -(sid devnull) - -; The order of ISIDs must match the kernel's order, for now. -(sidorder ( - kernel security unlabeled fs file file_labels init any_socket port - netif netmsg node igmp_packet icmp_socket tcp_socket sysctl_modprobe - sysctl sysctl_fs sysctl_kernel sysctl_net sysctl_net_unix sysctl_vm - sysctl_dev kmod policy scmp_packet devnull)) - -; Apply the "kernel" context for kernel and SELinux-related entities. -(sidcontext kernel kernel) -(sidcontext security kernel) -(sidcontext devnull kernel) - -; Apply the "local" context for entities with an invalid context, and -; for files with no context at all, which are treated the same. -(sidcontext unlabeled local) -(sidcontext file local) - -; Apply the "any" context for entities like sockets, ports, and -; network interfaces if they are otherwise unlabeled. -(sidcontext any_socket any) -(sidcontext port any) -(sidcontext netif any) -(sidcontext netmsg any) -(sidcontext node any) diff --git a/packages/selinux-policy/sockets.cil b/packages/selinux-policy/sockets.cil deleted file mode 100644 index cf1e9119c88..00000000000 --- a/packages/selinux-policy/sockets.cil +++ /dev/null @@ -1,242 +0,0 @@ -; Permission groups for sockets. -(classmap sockets (relabel use)) - -; Permission group for relabeling sockets. -(classmapping sockets relabel ( - socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - tcp_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - udp_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - rawip_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - packet_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - key_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - unix_stream_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - unix_dgram_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_route_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_tcpdiag_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_nflog_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_xfrm_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_selinux_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_iscsi_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_audit_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_fib_lookup_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_connector_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_netfilter_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_dnrt_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_kobject_uevent_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_generic_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_scsitransport_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_rdma_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netlink_crypto_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - appletalk_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - dccp_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - tun_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - sctp_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - icmp_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - ax25_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - ipx_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - netrom_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - atmpvc_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - x25_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - rose_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - decnet_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - atmsvc_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - rds_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - irda_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - pppox_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - llc_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - can_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - tipc_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - bluetooth_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - iucv_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - rxrpc_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - isdn_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - phonet_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - ieee802154_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - caif_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - alg_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - nfc_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - vsock_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - kcm_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - qipcrtr_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - smc_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - xdp_socket (relabelfrom relabelto))) -(classmapping sockets relabel ( - mctp_socket (relabelfrom relabelto))) - -; Permission group for other socket actions. -(classmapping sockets use ( - socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - tcp_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - udp_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - rawip_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - packet_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - key_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - unix_stream_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - unix_dgram_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_route_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_tcpdiag_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_nflog_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_xfrm_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_selinux_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_iscsi_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_audit_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_fib_lookup_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_connector_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_netfilter_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_dnrt_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_kobject_uevent_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_generic_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_scsitransport_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_rdma_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netlink_crypto_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - appletalk_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - dccp_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - tun_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - sctp_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - icmp_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - ax25_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - ipx_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - netrom_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - atmpvc_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - x25_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - rose_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - decnet_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - atmsvc_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - rds_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - irda_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - pppox_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - llc_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - can_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - tipc_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - bluetooth_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - iucv_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - rxrpc_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - isdn_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - phonet_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - ieee802154_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - caif_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - alg_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - nfc_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - vsock_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - kcm_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - qipcrtr_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - smc_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - xdp_socket (not (relabelfrom relabelto)))) -(classmapping sockets use ( - mctp_socket (not (relabelfrom relabelto)))) diff --git a/packages/selinux-policy/subject.cil b/packages/selinux-policy/subject.cil deleted file mode 100644 index eb296b2c591..00000000000 --- a/packages/selinux-policy/subject.cil +++ /dev/null @@ -1,136 +0,0 @@ -; -; Subjects are the actors in the system. They answer the question of -; who is performing the access when policy rules are checked. -; - -; Kernel threads. -(type kernel_t) -(roletype system_r kernel_t) -(context kernel (system_u system_r kernel_t s0)) - -; PID 1. -(type init_t) -(roletype system_r init_t) -(context init (system_u system_r init_t s0)) - -; Most processes that run outside of containers. -(type system_t) -(roletype system_r system_t) -(context system (system_u system_r system_t s0)) - -; Processes for managing mounts. -(type mount_t) -(roletype system_r mount_t) -(context mount (system_u system_r mount_t s0)) - -; Processes that back the API. -(type api_t) -(roletype system_r api_t) -(context api (system_u system_r api_t s0)) - -; Processes that run containers. -(type runtime_t) -(roletype system_r runtime_t) -(context runtime (system_u system_r runtime_t s0)) - -; Processes that manage network interfaces. -(type network_t) -(roletype system_r network_t) -(context network (system_u system_r network_t s0)) - -; Processes that manage the system clock. -(type clock_t) -(roletype system_r clock_t) -(context clock (system_u system_r clock_t s0)) - -; Processes that manage the system message bus. -(type bus_t) -(roletype system_r bus_t) -(context bus (system_u system_r bus_t s0)) - -; Processes that run inside containers. -(type container_t) -(roletype system_r container_t) -(context container (system_u system_r container_t s0)) - -; Processes that run inside containers that control the OS. -(type control_t) -(roletype system_r control_t) -(context control (system_u system_r control_t s0)) - -; Alias "spc_t" to "control_t" for compatibility with the -; container-selinux policy. -(typealias spc_t) -(typealiasactual spc_t control_t) - -; Processes that run inside highly privileged containers. -(type super_t) -(roletype system_r super_t) -(context admin (system_u system_r super_t s0)) - -; The set of all subjects. -(typeattribute all_s) -(typeattributeset all_s ( - kernel_t init_t system_t mount_t api_t - network_t clock_t bus_t runtime_t - container_t control_t super_t)) - -; Subjects that are treated as a privileged part of the OS. -(typeattribute privileged_s) -(typeattributeset privileged_s (xor (all_s) (unprivileged_s))) - -; Subjects that are treated as a trusted part of the OS. -(typeattribute trusted_s) -(typeattributeset trusted_s (xor (privileged_s) (control_t))) - -; Subjects that are part of the OS, but confined through policy. -(typeattribute confined_s) -(typeattributeset confined_s (network_t clock_t bus_t)) - -; Subjects that are not confined by policy. -(typeattribute unconfined_s) -(typeattributeset unconfined_s (xor (all_s) (confined_s))) - -; Subjects that are not part of the OS. -(typeattribute other_s) -(typeattributeset other_s (container_t)) - -; Subjects that are not treated as a privileged part of the OS. -(typeattribute unprivileged_s) -(typeattributeset unprivileged_s (confined_s other_s)) - -; Subjects that are not treated as a trusted part of the OS. -(typeattribute untrusted_s) -(typeattributeset untrusted_s (xor (all_s) (trusted_s))) - -; Subjects that are started from containers. -(typeattribute container_s) -(typeattributeset container_s (container_t control_t super_t)) - -; Subjects that are shipped with the OS. -(typeattribute host_s) -(typeattributeset host_s (xor (all_s) (container_s))) - -; Subjects that are allowed to manage the API datastore. -(typeattribute api_s) -(typeattributeset api_s (api_t super_t)) - -; Subjects that are treated as container runtimes. -(typeattribute runtime_s) -(typeattributeset runtime_s (runtime_t super_t)) - -; Subjects shipped with the OS that should only execute verified code. -(typeattribute verified_s) -(typeattributeset verified_s (xor (host_s) (runtime_t mount_t api_t init_t))) - -; Subjects that are allowed to manage the system clock. -(typeattribute clock_s) -(typeattributeset clock_s (clock_t system_t super_t)) - -; Subjects that are allowed to manage network interfaces. -(typeattribute network_s) -(typeattributeset network_s (network_t system_t super_t control_t)) - -; Subjects that are allowed to control system files. -(typeattribute control_s) -(typeattributeset control_s (control_t system_t super_t)) diff --git a/packages/selinux-policy/systems.cil b/packages/selinux-policy/systems.cil deleted file mode 100644 index c877e58faf7..00000000000 --- a/packages/selinux-policy/systems.cil +++ /dev/null @@ -1,26 +0,0 @@ -; Permission groups for OS functions. -(classmap systems (manage use)) - -; Permission group for managing the OS. -(classmapping systems manage (capability2 (mac_override mac_admin))) -(classmapping systems manage (cap2_userns (mac_override mac_admin))) -(classmapping systems manage (dbus (all))) -(classmapping systems manage (kernel_service (all))) -(classmapping systems manage (security (all))) -(classmapping systems manage (service (all))) -(classmapping systems manage ( - system (halt reboot status start stop enable disable reload))) - -; Permission group for other OS functions. -(classmapping systems use (binder (all))) -(classmapping systems use (bpf (all))) -(classmapping systems use (capability (all))) -(classmapping systems use (capability2 (not (mac_override mac_admin)))) -(classmapping systems use (cap_userns (all))) -(classmapping systems use (cap2_userns (not (mac_override mac_admin)))) -(classmapping systems use (key (all))) -(classmapping systems use (lockdown (all))) -(classmapping systems use (perf_event (all))) -(classmapping systems use ( - system (not (halt reboot status start stop enable disable reload)))) -(classmapping systems use (user_namespace (all))) diff --git a/packages/settings-defaults/Cargo.toml b/packages/settings-defaults/Cargo.toml index cb9809bc592..3d16914ff99 100644 --- a/packages/settings-defaults/Cargo.toml +++ b/packages/settings-defaults/Cargo.toml @@ -15,7 +15,6 @@ source-groups = [ # RPM BuildRequires [build-dependencies] -glibc = { path = "../glibc" } # RPM Requires [dependencies] diff --git a/packages/static-pods/Cargo.toml b/packages/settings-migrations/Cargo.toml similarity index 69% rename from packages/static-pods/Cargo.toml rename to packages/settings-migrations/Cargo.toml index 6725e8b145f..072e62b22c7 100644 --- a/packages/static-pods/Cargo.toml +++ b/packages/settings-migrations/Cargo.toml @@ -1,19 +1,20 @@ [package] -name = "static-pods" +name = "settings-migrations" version = "0.1.0" edition = "2021" publish = false build = "../build.rs" +[lib] +path = "../packages.rs" + [package.metadata.build-package] source-groups = [ - "static-pods" + "settings-migrations" ] -[lib] -path = "../packages.rs" - +# RPM BuildRequires [build-dependencies] -glibc = { path = "../glibc" } +# RPM Requires [dependencies] diff --git a/packages/settings-migrations/settings-migrations.spec b/packages/settings-migrations/settings-migrations.spec new file mode 100644 index 00000000000..db12cb2c10f --- /dev/null +++ b/packages/settings-migrations/settings-migrations.spec @@ -0,0 +1,53 @@ +%global _cross_first_party 1 +%undefine _debugsource_packages + +Name: %{_cross_os}migrations +Version: 0.0 +Release: 0%{?dist} +Summary: Settings migrations +License: Apache-2.0 OR MIT +URL: https://github.com/bottlerocket-os/bottlerocket + +# Ideally this would be the package name, but for now the build system expects to find a package +# named "bottlerocket-migrations". +Provides: %{_cross_os}settings-migrations + +%description +%{summary}. + +%prep +%setup -T -c +%cargo_prep + +%build +# First we find the migrations in the source tree. We assume the directory name is the same as +# the crate name. +migrations=() +for migration in $(find %{_builddir}/sources/settings-migrations/v[0-9]* -mindepth 1 -maxdepth 1 -type d); do + migrations+=("-p $(basename ${migration})") +done + +# We need to build migrations statically, because they need to run after a system update where +# available libraries can change. +%cargo_build_static --manifest-path %{_builddir}/sources/Cargo.toml ${migrations[*]} + +%install +install -d %{buildroot}%{_cross_datadir}/migrations +for version_path in %{_builddir}/sources/settings-migrations/v[0-9]*; do + [ -e "${version_path}" ] || continue + for migration_path in "${version_path}"/*; do + [ -e "${migration_path}" ] || continue + + version="${version_path##*/}" + crate_name="${migration_path##*/}" + migration_binary_name="migrate_${version}_${crate_name#migrate-}" + built_path="%{__cargo_outdir_static}/${crate_name}" + target_path="%{buildroot}%{_cross_datadir}/migrations/${migration_binary_name}" + + install -m 0555 "${built_path}" "${target_path}" + done +done + +%files +%dir %{_cross_datadir}/migrations +%{_cross_datadir}/migrations diff --git a/packages/settings-plugins/Cargo.toml b/packages/settings-plugins/Cargo.toml index 363cfac42ae..e1a5b775ab7 100644 --- a/packages/settings-plugins/Cargo.toml +++ b/packages/settings-plugins/Cargo.toml @@ -15,7 +15,6 @@ source-groups = [ # RPM BuildRequires [build-dependencies] -glibc = { path = "../glibc" } # RPM Requires [dependencies] diff --git a/packages/settings-plugins/settings-plugins.spec b/packages/settings-plugins/settings-plugins.spec index 184b84ae85f..e459d6945d0 100644 --- a/packages/settings-plugins/settings-plugins.spec +++ b/packages/settings-plugins/settings-plugins.spec @@ -1,6 +1,10 @@ %global _cross_first_party 1 %undefine _debugsource_packages +# Do not prefer shared linking, since the libstd we use at build time +# may not match the one installed on the final image. +%global __global_rustflags_shared %__global_rustflags + %global _cross_pluginsdir %{_cross_libdir}/settings-plugins Name: %{_cross_os}settings-plugins diff --git a/packages/shim/Cargo.toml b/packages/shim/Cargo.toml deleted file mode 100644 index c402f5bf2e2..00000000000 --- a/packages/shim/Cargo.toml +++ /dev/null @@ -1,13 +0,0 @@ -[package] -name = "shim" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/rhboot/shim/releases/download/15.8/shim-15.8.tar.bz2" -sha512 = "30b3390ae935121ea6fe728d8f59d37ded7b918ad81bea06e213464298b4bdabbca881b30817965bd397facc596db1ad0b8462a84c87896ce6c1204b19371cd1" diff --git a/packages/shim/shim.spec b/packages/shim/shim.spec deleted file mode 100644 index 159e9992ef0..00000000000 --- a/packages/shim/shim.spec +++ /dev/null @@ -1,63 +0,0 @@ -%global debug_package %{nil} -%global __strip %{_bindir}/true - -%global efidir /boot/efi/EFI/BOOT -%global boot_efi_image boot%{_cross_efi_arch}.efi -%global grub_efi_image grub%{_cross_efi_arch}.efi -%global shim_efi_image shim%{_cross_efi_arch}.efi -%global mokm_efi_image mm%{_cross_efi_arch}.efi - -%global shimver 15.8 -%global commit 5914984a1ffeab841f482c791426d7ca9935a5e6 - -Name: %{_cross_os}shim -Version: %{shimver} -Release: 1%{?dist} -Summary: UEFI shim loader -License: BSD-3-Clause -URL: https://github.com/rhboot/shim/ -Source0: https://github.com/rhboot/shim/archive/%{shimver}/shim-%{shimver}.tar.bz2 - -%description -%{summary}. - -%prep -%autosetup -n shim-%{shimver} -p1 - -# Make sure the `.vendor_cert` section is large enough to cover a replacement -# certificate, or `objcopy` may silently retain the existing section. -# 4096 - 16 (for cert_table structure) = 4080 bytes. -truncate -s 4080 empty.cer - -%global shim_make \ -make\\\ - ARCH="%{_cross_arch}"\\\ - CROSS_COMPILE="%{_cross_target}-"\\\ - COMMIT_ID="%{commit}"\\\ - RELEASE="%{release}"\\\ - DEFAULT_LOADER="%{grub_efi_image}"\\\ - DISABLE_REMOVABLE_LOAD_OPTIONS=y\\\ - DESTDIR="%{buildroot}"\\\ - EFIDIR="BOOT"\\\ - VENDOR_CERT_FILE="empty.cer"\\\ - POST_PROCESS_PE_FLAGS="-N"\\\ -%{nil} - -%build -%shim_make - -%install -%shim_make install-as-data -install -d %{buildroot}%{efidir} -find %{buildroot}%{_datadir} -name '%{shim_efi_image}' -exec \ - mv {} "%{buildroot}%{efidir}/%{boot_efi_image}" \; -find %{buildroot}%{_datadir} -name '%{mokm_efi_image}' -exec \ - mv {} "%{buildroot}%{efidir}/%{mokm_efi_image}" \; -rm -rf %{buildroot}%{_datadir} - -%files -%license COPYRIGHT -%{_cross_attribution_file} -%dir %{efidir} -%{efidir}/%{boot_efi_image} -%{efidir}/%{mokm_efi_image} diff --git a/packages/socat/0001-xioopts-conditionally-compile-applyopts_termios_valu.patch b/packages/socat/0001-xioopts-conditionally-compile-applyopts_termios_valu.patch deleted file mode 100644 index 8ea4f0197f6..00000000000 --- a/packages/socat/0001-xioopts-conditionally-compile-applyopts_termios_valu.patch +++ /dev/null @@ -1,34 +0,0 @@ -From c1fa329155c1b6805d64fcc7de4cb5c5ca80d387 Mon Sep 17 00:00:00 2001 -From: Kush Upadhyay -Date: Thu, 13 Jun 2024 15:27:14 +0000 -Subject: [PATCH] xioopts: conditionally compile applyopts_termios_value - function - -Signed-off-by: Kush Upadhyay ---- - xioopts.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/xioopts.c b/xioopts.c -index 4b651aa..e957ba3 100644 ---- a/xioopts.c -+++ b/xioopts.c -@@ -4041,6 +4041,7 @@ int applyopt_spec( - return 0; - } - -+#if WITH_TERMIOS - int applyopts_termios_value( - int fd, - struct opt *opt) -@@ -4057,6 +4058,7 @@ int applyopts_termios_value( - } - return 0; - } -+#endif /* WITH_TERMIOS */ - - /* Note: not all options can be applied this way (e.g. OFUNC_SPEC with PH_OPEN) - implemented are: OFUNC_FCNTL, OFUNC_SOCKOPT (probably not all types), --- -2.40.1 - diff --git a/packages/socat/Cargo.toml b/packages/socat/Cargo.toml deleted file mode 100644 index 6c0e9948c45..00000000000 --- a/packages/socat/Cargo.toml +++ /dev/null @@ -1,16 +0,0 @@ -[package] -name = "socat" -version = "0.1.0" -edition = "2018" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[[package.metadata.build-package.external-files]] -url = "http://www.dest-unreach.org/socat/download/socat-1.8.0.0.tar.gz" -sha512 = "edf459a9f1907a14025e13b3101ad29787f9a72795cffcd00017ce98847562884db29a95b9ae478a6a50868137548b142947c43fb18e975eb5853a763c42902c" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/socat/socat.spec b/packages/socat/socat.spec deleted file mode 100644 index eba6530fa79..00000000000 --- a/packages/socat/socat.spec +++ /dev/null @@ -1,84 +0,0 @@ -Name: %{_cross_os}socat -Version: 1.8.0.0 -Release: 1%{?dist} -Summary: Transfer data between two channels -License: GPL-2.0-only -URL: http://www.dest-unreach.org/socat/ -Source0: http://www.dest-unreach.org/socat/download/socat-%{version}.tar.gz -Patch0001: 0001-xioopts-conditionally-compile-applyopts_termios_valu.patch - -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%prep -%autosetup -n socat-%{version} -p0001 - -%build -%cross_configure \ - CFLAGS="-Wformat ${CFLAGS}" \ - --enable-help \ - --enable-ip4 \ - --enable-ip6 \ - --enable-listen \ - --enable-stdio \ - --enable-tcp \ - --enable-udp \ - --enable-unix \ - --disable-abstract-unixsocket \ - --disable-creat \ - --disable-dccp \ - --disable-exec \ - --disable-ext2 \ - --disable-fdnum \ - --disable-filan \ - --disable-file \ - --disable-fips \ - --disable-fs \ - --disable-genericsocket \ - --disable-gopen \ - --disable-interface \ - --disable-largefile \ - --disable-libwrap \ - --disable-namespaces \ - --disable-openssl \ - --disable-option-checking \ - --disable-pipe \ - --disable-posixmq \ - --disable-proxy \ - --disable-pty \ - --disable-rawip \ - --disable-readline \ - --disable-retry \ - --disable-sctp \ - --disable-shell \ - --disable-socketpair \ - --disable-socks4 \ - --disable-socks4a \ - --disable-stats \ - --disable-sycls \ - --disable-system \ - --disable-termios \ - --disable-tun \ - --disable-udplite \ - --disable-vsock \ - -%make_build - -%install -%make_install - -%files -%license COPYING -%{_cross_attribution_file} -%{_cross_bindir}/socat -%{_cross_bindir}/socat1 -%exclude %{_cross_bindir}/filan -%exclude %{_cross_bindir}/procan -%exclude %{_cross_bindir}/socat-broker.sh -%exclude %{_cross_bindir}/socat-chain.sh -%exclude %{_cross_bindir}/socat-mux.sh -%exclude %{_cross_mandir}/* - -%changelog diff --git a/packages/soci-snapshotter/Cargo.toml b/packages/soci-snapshotter/Cargo.toml deleted file mode 100644 index 7bf927d08ec..00000000000 --- a/packages/soci-snapshotter/Cargo.toml +++ /dev/null @@ -1,29 +0,0 @@ -[package] -name = "soci-snapshotter" -version = "0.1.0" -publish = false -build = "../build.rs" -edition = "2021" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/awslabs/soci-snapshotter/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/awslabs/soci-snapshotter/archive/refs/tags/v0.5.0.tar.gz" -sha512 = "9980688b71c149ea0f36c52906ba0cc862ca65b9ee0e4b813fef0df83716e313137886986cc78b694e35516fb21095b0cd0436caf485d4b63bd01b150769b6f4" -bundle-root-path = "soci-snapshotter-0.5.0/cmd" -bundle-output-path = "bundled-cmd.tar.gz" -bundle-modules = [ "go" ] - -[[package.metadata.build-package.external-files]] -url = "https://github.com/awslabs/soci-snapshotter/archive/refs/tags/v0.5.0.tar.gz" -sha512 = "9980688b71c149ea0f36c52906ba0cc862ca65b9ee0e4b813fef0df83716e313137886986cc78b694e35516fb21095b0cd0436caf485d4b63bd01b150769b6f4" -bundle-modules = [ "go" ] - -# RPM BuildRequires -[build-dependencies] -glibc = { path = "../glibc" } -libz = { path = "../libz" } diff --git a/packages/soci-snapshotter/clarify.toml b/packages/soci-snapshotter/clarify.toml deleted file mode 100644 index 3658fe189bb..00000000000 --- a/packages/soci-snapshotter/clarify.toml +++ /dev/null @@ -1,5 +0,0 @@ -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00}, -] diff --git a/packages/soci-snapshotter/soci-snapshotter.service b/packages/soci-snapshotter/soci-snapshotter.service deleted file mode 100644 index 3b76f5ed7aa..00000000000 --- a/packages/soci-snapshotter/soci-snapshotter.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=soci snapshotter containerd plugin -Documentation=https://github.com/awslabs/soci-snapshotter -After=configured.target -Wants=configured.target -Before=containerd.service - -[Service] -Type=notify -ExecStart=/usr/bin/soci-snapshotter-grpc -Restart=always -RestartSec=5 - -[Install] -WantedBy=multi-user.target -RequiredBy=containerd.service diff --git a/packages/soci-snapshotter/soci-snapshotter.spec b/packages/soci-snapshotter/soci-snapshotter.spec deleted file mode 100644 index 58802997594..00000000000 --- a/packages/soci-snapshotter/soci-snapshotter.spec +++ /dev/null @@ -1,82 +0,0 @@ -%global gorepo soci-snapshotter -%global gover 0.5.0 -%global rpmver %{gover} - -Name: %{_cross_os}soci-snapshotter -Version: %{gover} -Release: 1%{?dist} -Summary: A containerd snapshotter plugin which enables lazy loading for OCI images. -License: Apache-2.0 -URL: https://github.com/awslabs/soci-snapshotter -Source0: https://github.com/awslabs/soci-snapshotter/archive/refs/tags/v0.5.0.tar.gz -Source1: bundled-v%{gover}.tar.gz -Source2: bundled-cmd.tar.gz -Source101: soci-snapshotter.service -Source1000: clarify.toml - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libz-devel -Requires: %{name}(binaries) - -%description -%{summary}. - -%package bin -Summary: Remote management agent binaries -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(no-fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(fips) or %{name}-fips-bin) - -%description bin -%{summary}. - -%package fips-bin -Summary: Remote management agent binaries, FIPS edition -Provides: %{name}(binaries) -Requires: (%{_cross_os}image-feature(fips) and %{name}) -Conflicts: (%{_cross_os}image-feature(no-fips) or %{name}-bin) - -%description fips-bin -%{summary}. - -%prep -%setup -n %{gorepo}-%{gover} -q -%setup -T -D -n %{gorepo}-%{gover} -b 1 -q -%setup -T -D -n %{gorepo}-%{gover} -b 2 -q - -%build -%set_cross_go_flags - -go build -C cmd -ldflags="${GOLDFLAGS}" -o "../out/soci-snapshotter-grpc" ./soci-snapshotter-grpc -go build -C cmd -ldflags="${GOLDFLAGS}" -o "../out/soci" ./soci - -gofips build -C cmd -ldflags="${GOLDFLAGS}" -o "../out/fips/soci-snapshotter-grpc" ./soci-snapshotter-grpc -gofips build -C cmd -ldflags="${GOLDFLAGS}" -o "../out/fips/soci" ./soci - -%install -install -d %{buildroot}%{_cross_bindir} -install -d %{buildroot}%{_cross_fips_bindir} -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0755 out/soci-snapshotter-grpc %{buildroot}%{_cross_bindir} -install -p -m 0755 out/soci %{buildroot}%{_cross_bindir} -install -p -m 0755 out/fips/soci-snapshotter-grpc %{buildroot}%{_cross_fips_bindir} -install -p -m 0755 out/fips/soci %{buildroot}%{_cross_fips_bindir} -install -D -p -m 0644 %{S:101} %{buildroot}%{_cross_unitdir} - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -%files -%license LICENSE NOTICE.md -%{_cross_unitdir}/soci-snapshotter.service -%{_cross_attribution_vendor_dir} -%{_cross_attribution_file} - -%files bin -%{_cross_bindir}/soci-snapshotter-grpc -%{_cross_bindir}/soci - -%files fips-bin -%{_cross_fips_bindir}/soci-snapshotter-grpc -%{_cross_fips_bindir}/soci - -%changelog diff --git a/packages/static-pods/static-pods-toml b/packages/static-pods/static-pods-toml deleted file mode 100644 index 1c6d7bebe49..00000000000 --- a/packages/static-pods/static-pods-toml +++ /dev/null @@ -1,15 +0,0 @@ -[required-extensions] -kubernetes = "v1" -std = { version = "v1", helpers = ["if_not_null"] } -+++ -{{#if_not_null settings.kubernetes.static-pods}} -{{#each settings.kubernetes.static-pods}} -["{{@key}}"] -{{#if_not_null this.enabled}} -enabled = {{this.enabled}} -{{/if_not_null}} -{{#if_not_null this.manifest}} -manifest = "{{{this.manifest}}}" -{{/if_not_null}} -{{/each}} -{{/if_not_null}} diff --git a/packages/static-pods/static-pods.spec b/packages/static-pods/static-pods.spec deleted file mode 100644 index 37239ba5bed..00000000000 --- a/packages/static-pods/static-pods.spec +++ /dev/null @@ -1,38 +0,0 @@ -%global _cross_first_party 1 -%undefine _debugsource_packages - -Name: %{_cross_os}static-pods -Version: 0.1 -Release: 0%{?dist} -Summary: Manages user-defined K*S static pods -License: Apache-2.0 OR MIT -URL: https://github.com/bottlerocket-os/bottlerocket - -Source0: static-pods-toml - -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%prep -%setup -T -c -%cargo_prep - -%build -mkdir bin - -echo "** Compile static-pods agent" -%cargo_build --manifest-path %{_builddir}/sources/Cargo.toml \ - -p static-pods - -%install -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${HOME}/.cache/%{__cargo_target}/release/static-pods %{buildroot}%{_cross_bindir} - -install -d %{buildroot}%{_cross_templatedir} -install -p -m 0644 %{S:0} %{buildroot}%{_cross_templatedir} - -%files -%{_cross_bindir}/static-pods -%{_cross_templatedir}/static-pods-toml diff --git a/packages/strace/Cargo.toml b/packages/strace/Cargo.toml deleted file mode 100644 index 12c41129500..00000000000 --- a/packages/strace/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "strace" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://strace.io/files" - -[[package.metadata.build-package.external-files]] -url = "https://strace.io/files/6.8/strace-6.8.tar.xz" -sha512 = "c477724a77112a74a5236a38b7dbaa9b6199622a1d21cc6253cac80dc4ddea78aeaf8cddf4a51ee4119e00e1adaf95f64f64e20d9775ec3edd77cd82c8f7b30e" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/strace/strace.spec b/packages/strace/strace.spec deleted file mode 100644 index 75b249bb96f..00000000000 --- a/packages/strace/strace.spec +++ /dev/null @@ -1,33 +0,0 @@ -Name: %{_cross_os}strace -Version: 6.8 -Release: 1%{?dist} -Summary: Linux syscall tracer -License: LGPL-2.1-or-later -URL: https://strace.io/ -Source0: https://strace.io/files/%{version}/strace-%{version}.tar.xz -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%prep -%autosetup -n strace-%{version} -p1 - -%build -%cross_configure \ - --disable-mpers \ - -%make_build - -%install -%make_install - -%files -%license COPYING LGPL-2.1-or-later -%{_cross_attribution_file} -%{_cross_bindir}/strace -%exclude %{_cross_bindir}/strace-graph -%exclude %{_cross_bindir}/strace-log-merge -%exclude %{_cross_mandir}/* - -%changelog diff --git a/packages/systemd/1001-sd-netlink-make-calc_elapse-return-USEC_INFINITY-whe.patch b/packages/systemd/1001-sd-netlink-make-calc_elapse-return-USEC_INFINITY-whe.patch deleted file mode 100644 index 146d416ecfa..00000000000 --- a/packages/systemd/1001-sd-netlink-make-calc_elapse-return-USEC_INFINITY-whe.patch +++ /dev/null @@ -1,117 +0,0 @@ -From 926bf2c26d6e69e2e31a74c9ec50f882c3af8d79 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Sun, 1 Oct 2023 12:04:52 +0900 -Subject: [PATCH] sd-netlink: make calc_elapse() return USEC_INFINITY when no - timeout is requested - -Then, timout_compare() becomes simplar, the timeout value becomes -consistent with what sd_netlink_get_timeout() provides. - -This also drop unnecessary assignment of reply_callback.timeout after -the slot is dropped from the prioq. ---- - src/libsystemd/sd-netlink/netlink-slot.c | 2 +- - src/libsystemd/sd-netlink/sd-netlink.c | 24 ++++++------------------ - 2 files changed, 7 insertions(+), 19 deletions(-) - -diff --git a/src/libsystemd/sd-netlink/netlink-slot.c b/src/libsystemd/sd-netlink/netlink-slot.c -index 34f527d07f..b2525ff9cf 100644 ---- a/src/libsystemd/sd-netlink/netlink-slot.c -+++ b/src/libsystemd/sd-netlink/netlink-slot.c -@@ -63,7 +63,7 @@ void netlink_slot_disconnect(sd_netlink_slot *slot, bool unref) { - case NETLINK_REPLY_CALLBACK: - (void) hashmap_remove(nl->reply_callbacks, &slot->reply_callback.serial); - -- if (slot->reply_callback.timeout != 0) -+ if (slot->reply_callback.timeout != USEC_INFINITY) - prioq_remove(nl->reply_callbacks_prioq, &slot->reply_callback, &slot->reply_callback.prioq_idx); - - break; -diff --git a/src/libsystemd/sd-netlink/sd-netlink.c b/src/libsystemd/sd-netlink/sd-netlink.c -index 74f297243a..01a04eb308 100644 ---- a/src/libsystemd/sd-netlink/sd-netlink.c -+++ b/src/libsystemd/sd-netlink/sd-netlink.c -@@ -254,7 +254,6 @@ static int process_timeout(sd_netlink *nl) { - return r; - - assert_se(prioq_pop(nl->reply_callbacks_prioq) == c); -- c->timeout = 0; - hashmap_remove(nl->reply_callbacks, UINT32_TO_PTR(c->serial)); - - slot = container_of(c, sd_netlink_slot, reply_callback); -@@ -287,10 +286,8 @@ static int process_reply(sd_netlink *nl, sd_netlink_message *m) { - if (!c) - return 0; - -- if (c->timeout != 0) { -+ if (c->timeout != USEC_INFINITY) - prioq_remove(nl->reply_callbacks_prioq, c, &c->prioq_idx); -- c->timeout = 0; -- } - - r = sd_netlink_message_get_type(m, &type); - if (r < 0) -@@ -419,10 +416,7 @@ int sd_netlink_process(sd_netlink *nl, sd_netlink_message **ret) { - return r; - } - --static usec_t calc_elapse(uint64_t usec) { -- if (usec == UINT64_MAX) -- return 0; -- -+static usec_t timespan_to_timestamp(usec_t usec) { - if (usec == 0) - usec = NETLINK_DEFAULT_TIMEOUT_USEC; - -@@ -476,12 +470,6 @@ int sd_netlink_wait(sd_netlink *nl, uint64_t timeout_usec) { - static int timeout_compare(const void *a, const void *b) { - const struct reply_callback *x = a, *y = b; - -- if (x->timeout != 0 && y->timeout == 0) -- return -1; -- -- if (x->timeout == 0 && y->timeout != 0) -- return 1; -- - return CMP(x->timeout, y->timeout); - } - -@@ -521,7 +509,7 @@ int sd_netlink_call_async( - return r; - - slot->reply_callback.callback = callback; -- slot->reply_callback.timeout = calc_elapse(usec); -+ slot->reply_callback.timeout = timespan_to_timestamp(usec); - - k = sd_netlink_send(nl, m, &slot->reply_callback.serial); - if (k < 0) -@@ -531,7 +519,7 @@ int sd_netlink_call_async( - if (r < 0) - return r; - -- if (slot->reply_callback.timeout != 0) { -+ if (slot->reply_callback.timeout != USEC_INFINITY) { - r = prioq_put(nl->reply_callbacks_prioq, &slot->reply_callback, &slot->reply_callback.prioq_idx); - if (r < 0) { - (void) hashmap_remove(nl->reply_callbacks, UINT32_TO_PTR(slot->reply_callback.serial)); -@@ -562,7 +550,7 @@ int sd_netlink_read( - assert_return(nl, -EINVAL); - assert_return(!netlink_pid_changed(nl), -ECHILD); - -- timeout = calc_elapse(usec); -+ timeout = timespan_to_timestamp(usec); - - for (;;) { - usec_t left; -@@ -609,7 +597,7 @@ int sd_netlink_read( - /* received message, so try to process straight away */ - continue; - -- if (timeout > 0) { -+ if (timeout != USEC_INFINITY) { - usec_t n; - - n = now(CLOCK_MONOTONIC); --- -2.38.1 - diff --git a/packages/systemd/1002-sd-netlink-make-the-default-timeout-configurable-by-.patch b/packages/systemd/1002-sd-netlink-make-the-default-timeout-configurable-by-.patch deleted file mode 100644 index 08d7a58191a..00000000000 --- a/packages/systemd/1002-sd-netlink-make-the-default-timeout-configurable-by-.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 5e518008b9015ced364e92648ad17f51e95442bc Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Sun, 1 Oct 2023 12:04:59 +0900 -Subject: [PATCH] sd-netlink: make the default timeout configurable by - environment variable - -On normal systems, triggering a timeout should be a bug in code or -configuration error, so I do not think we should extend the default -timeout. Also, we should not introduce a 'first class' configuration -option about that. But, making it configurable may be useful for cases -such that "an extremely highly utilized system (lots of OOM kills, -very high CPU utilization, etc)". - -Closes #25441. ---- - docs/ENVIRONMENT.md | 3 +++ - src/libsystemd/sd-netlink/sd-netlink.c | 23 +++++++++++++++++++++-- - 2 files changed, 24 insertions(+), 2 deletions(-) - -diff --git a/docs/ENVIRONMENT.md b/docs/ENVIRONMENT.md -index 1e7a75a36c..81b3c36d58 100644 ---- a/docs/ENVIRONMENT.md -+++ b/docs/ENVIRONMENT.md -@@ -108,6 +108,9 @@ All tools: - for example in `systemd-nspawn`, will be logged to the audit log, if the - kernel supports this. - -+* `$SYSTEMD_NETLINK_DEFAULT_TIMEOUT` — specifies the default timeout of waiting -+ replies for netlink messages from the kernel. Defaults to 25 seconds. -+ - `systemctl`: - - * `$SYSTEMCTL_FORCE_BUS=1` — if set, do not connect to PID 1's private D-Bus -diff --git a/src/libsystemd/sd-netlink/sd-netlink.c b/src/libsystemd/sd-netlink/sd-netlink.c -index 01a04eb308..dd74a1aa78 100644 ---- a/src/libsystemd/sd-netlink/sd-netlink.c -+++ b/src/libsystemd/sd-netlink/sd-netlink.c -@@ -417,8 +417,27 @@ int sd_netlink_process(sd_netlink *nl, sd_netlink_message **ret) { - } - - static usec_t timespan_to_timestamp(usec_t usec) { -- if (usec == 0) -- usec = NETLINK_DEFAULT_TIMEOUT_USEC; -+ static bool default_timeout_set = false; -+ static usec_t default_timeout; -+ int r; -+ -+ if (usec == 0) { -+ if (!default_timeout_set) { -+ const char *e; -+ -+ default_timeout_set = true; -+ default_timeout = NETLINK_DEFAULT_TIMEOUT_USEC; -+ -+ e = getenv("SYSTEMD_NETLINK_DEFAULT_TIMEOUT"); -+ if (e) { -+ r = parse_sec(e, &default_timeout); -+ if (r < 0) -+ log_debug_errno(r, "sd-netlink: Failed to parse $SYSTEMD_NETLINK_DEFAULT_TIMEOUT environment variable, ignoring: %m"); -+ } -+ } -+ -+ usec = default_timeout; -+ } - - return usec_add(now(CLOCK_MONOTONIC), usec); - } --- -2.38.1 - diff --git a/packages/systemd/9001-use-absolute-path-for-var-run-symlink.patch b/packages/systemd/9001-use-absolute-path-for-var-run-symlink.patch deleted file mode 100644 index 8a72deed1ff..00000000000 --- a/packages/systemd/9001-use-absolute-path-for-var-run-symlink.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 2e4d5ecb4c47a9d2d20cb4de42484eda032a5262 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Mon, 3 Jan 2022 20:22:17 +0000 -Subject: [PATCH] use absolute path for /var/run symlink - -Otherwise the symlink may be broken if /var is a bind mount from -somewhere else. - -Signed-off-by: Ben Cressey ---- - tmpfiles.d/var.conf.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tmpfiles.d/var.conf.in b/tmpfiles.d/var.conf.in -index 557dd20..bf84f5a 100644 ---- a/tmpfiles.d/var.conf.in -+++ b/tmpfiles.d/var.conf.in -@@ -9,7 +9,7 @@ - - q /var 0755 - - - - --L /var/run - - - - ../run -+L+ /var/run - - - - /run - - d /var/log 0755 - - - - {% if ENABLE_UTMP %} --- -2.40.1 - diff --git a/packages/systemd/9002-core-add-separate-timeout-for-system-shutdown.patch b/packages/systemd/9002-core-add-separate-timeout-for-system-shutdown.patch deleted file mode 100644 index 68c6726e65c..00000000000 --- a/packages/systemd/9002-core-add-separate-timeout-for-system-shutdown.patch +++ /dev/null @@ -1,67 +0,0 @@ -From e66920d0a95a3e53b24a2f270420a85d0f2395ea Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Tue, 10 Mar 2020 20:30:10 +0000 -Subject: [PATCH] core: add separate timeout for system shutdown - -There is an existing setting for this (DefaultTimeoutStopUSec), but -changing it has no effect because `reset_arguments()` is called just -before `become_shutdown()`, which sets everything back to the stock -values. - -It's also awkward to use a single timeout value for stopping normal -services, and for cleaning up stray processes after most of userspace -has gone away. - -Signed-off-by: Ben Cressey -Signed-off-by: Arnaldo Garcia Rincon ---- - src/basic/def.h | 3 +++ - src/core/main.c | 4 +++- - 2 files changed, 6 insertions(+), 1 deletion(-) - -diff --git a/src/basic/def.h b/src/basic/def.h -index 2b4de29..22034c7 100644 ---- a/src/basic/def.h -+++ b/src/basic/def.h -@@ -18,6 +18,9 @@ - * the watchdog pings will keep the loop busy. */ - #define DEFAULT_EXIT_USEC (30*USEC_PER_SEC) - -+/* The default time after which processes are killed on shutdown. */ -+#define DEFAULT_TIMEOUT_SHUTDOWN_USEC (10*USEC_PER_SEC) -+ - /* The default value for the net.unix.max_dgram_qlen sysctl */ - #define DEFAULT_UNIX_MAX_DGRAM_QLEN 512UL - -diff --git a/src/core/main.c b/src/core/main.c -index a84fafa..0981742 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -133,6 +133,7 @@ static ExecOutput arg_default_std_error; - static usec_t arg_default_restart_usec; - static usec_t arg_default_timeout_start_usec; - static usec_t arg_default_timeout_stop_usec; -+static usec_t arg_default_timeout_shutdown_usec; - static usec_t arg_default_timeout_abort_usec; - static usec_t arg_default_device_timeout_usec; - static bool arg_default_timeout_abort_set; -@@ -1492,7 +1493,7 @@ static int become_shutdown( - env_block = strv_copy(environ); - - xsprintf(log_level, "--log-level=%d", log_get_max_level()); -- xsprintf(timeout, "--timeout=%" PRI_USEC "us", arg_default_timeout_stop_usec); -+ xsprintf(timeout, "--timeout=%" PRI_USEC "us", arg_default_timeout_shutdown_usec); - - switch (log_get_target()) { - -@@ -2410,6 +2411,7 @@ static void reset_arguments(void) { - arg_default_restart_usec = DEFAULT_RESTART_USEC; - arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC; - arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC; -+ arg_default_timeout_shutdown_usec = DEFAULT_TIMEOUT_SHUTDOWN_USEC; - arg_default_timeout_abort_usec = DEFAULT_TIMEOUT_USEC; - arg_default_timeout_abort_set = false; - arg_default_device_timeout_usec = DEFAULT_TIMEOUT_USEC; --- -2.40.1 - diff --git a/packages/systemd/9003-machine-id-setup-generate-stable-ID-under-Xen-and-VM.patch b/packages/systemd/9003-machine-id-setup-generate-stable-ID-under-Xen-and-VM.patch deleted file mode 100644 index 8400c8ebae1..00000000000 --- a/packages/systemd/9003-machine-id-setup-generate-stable-ID-under-Xen-and-VM.patch +++ /dev/null @@ -1,42 +0,0 @@ -From dd1d0221bb0ff143277faa4a7341e290a3941587 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Mon, 3 Jan 2022 21:57:11 +0000 -Subject: [PATCH] machine-id-setup: generate stable ID under Xen and VMware - -Signed-off-by: Ben Cressey -Signed-off-by: Arnaldo Garcia Rincon ---- - src/libsystemd/sd-id128/id128-util.c | 2 ++ - src/shared/machine-id-setup.c | 3 ++- - 2 files changed, 4 insertions(+), 1 deletion(-) - -diff --git a/src/libsystemd/sd-id128/id128-util.c b/src/libsystemd/sd-id128/id128-util.c -index 2cf8848..fd011a1 100644 ---- a/src/libsystemd/sd-id128/id128-util.c -+++ b/src/libsystemd/sd-id128/id128-util.c -@@ -184,6 +184,8 @@ int id128_get_product(sd_id128_t *ret) { - r = id128_read("/sys/class/dmi/id/product_uuid", ID128_FORMAT_UUID, &uuid); - if (r == -ENOENT) - r = id128_read("/proc/device-tree/vm,uuid", ID128_FORMAT_UUID, &uuid); -+ if (r == -ENOENT) -+ r = id128_read("/sys/hypervisor/uuid", ID128_FORMAT_UUID, &uuid); - if (r < 0) - return r; - -diff --git a/src/shared/machine-id-setup.c b/src/shared/machine-id-setup.c -index 787c076..eccb332 100644 ---- a/src/shared/machine-id-setup.c -+++ b/src/shared/machine-id-setup.c -@@ -60,7 +60,8 @@ static int generate_machine_id(const char *root, sd_id128_t *ret) { - return 0; - } - -- } else if (IN_SET(detect_vm(), VIRTUALIZATION_KVM, VIRTUALIZATION_AMAZON, VIRTUALIZATION_QEMU)) { -+ } else if (IN_SET(detect_vm(), VIRTUALIZATION_KVM, VIRTUALIZATION_AMAZON, VIRTUALIZATION_QEMU, -+ VIRTUALIZATION_XEN, VIRTUALIZATION_VMWARE)) { - - /* If we are not running in a container, see if we are running in a VM that provides - * a system UUID via the SMBIOS/DMI interfaces. Such environments include QEMU/KVM --- -2.40.1 - diff --git a/packages/systemd/9004-units-mount-tmp-with-noexec.patch b/packages/systemd/9004-units-mount-tmp-with-noexec.patch deleted file mode 100644 index ff3e3597f88..00000000000 --- a/packages/systemd/9004-units-mount-tmp-with-noexec.patch +++ /dev/null @@ -1,23 +0,0 @@ -From d9eb89767267d43f13c30ce74f6e9c34c4000274 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Sat, 28 May 2022 03:52:28 +0000 -Subject: [PATCH] units: mount /tmp with noexec - -Signed-off-by: Ben Cressey ---- - units/tmp.mount | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/units/tmp.mount b/units/tmp.mount -index 734acea..e4990b7 100644 ---- a/units/tmp.mount -+++ b/units/tmp.mount -@@ -22,4 +22,4 @@ After=swap.target - What=tmpfs - Where=/tmp - Type=tmpfs --Options=mode=1777,strictatime,nosuid,nodev,size=50%%,nr_inodes=1m -+Options=mode=1777,strictatime,nosuid,nodev,noexec,size=50%%,nr_inodes=1m --- -2.40.1 - diff --git a/packages/systemd/9005-mount-setup-apply-noexec-to-more-mounts.patch b/packages/systemd/9005-mount-setup-apply-noexec-to-more-mounts.patch deleted file mode 100644 index 904aa07a743..00000000000 --- a/packages/systemd/9005-mount-setup-apply-noexec-to-more-mounts.patch +++ /dev/null @@ -1,40 +0,0 @@ -From e6565e7f288f84b9e5f723c55ca9e5619b0db846 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Sat, 28 May 2022 03:49:46 +0000 -Subject: [PATCH] mount-setup: apply noexec to more mounts - -Signed-off-by: Ben Cressey ---- - src/shared/mount-setup.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c -index 7ba579e..03fc774 100644 ---- a/src/shared/mount-setup.c -+++ b/src/shared/mount-setup.c -@@ -73,18 +73,18 @@ static const MountPoint mount_table[] = { - #if ENABLE_SMACK - { "smackfs", "/sys/fs/smackfs", "smackfs", "smackfsdef=*", MS_NOSUID|MS_NOEXEC|MS_NODEV, - mac_smack_use, MNT_FATAL }, -- { "tmpfs", "/dev/shm", "tmpfs", "mode=1777,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME, -+ { "tmpfs", "/dev/shm", "tmpfs", "mode=1777,smackfsroot=*", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, - mac_smack_use, MNT_FATAL }, - #endif -- { "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME, -+ { "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, - NULL, MNT_FATAL|MNT_IN_CONTAINER }, - { "devpts", "/dev/pts", "devpts", "mode=620,gid=" STRINGIFY(TTY_GID), MS_NOSUID|MS_NOEXEC, - NULL, MNT_IN_CONTAINER }, - #if ENABLE_SMACK -- { "tmpfs", "/run", "tmpfs", "mode=755,smackfsroot=*" TMPFS_LIMITS_RUN, MS_NOSUID|MS_NODEV|MS_STRICTATIME, -+ { "tmpfs", "/run", "tmpfs", "mode=755,smackfsroot=*" TMPFS_LIMITS_RUN, MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, - mac_smack_use, MNT_FATAL }, - #endif -- { "tmpfs", "/run", "tmpfs", "mode=755" TMPFS_LIMITS_RUN, MS_NOSUID|MS_NODEV|MS_STRICTATIME, -+ { "tmpfs", "/run", "tmpfs", "mode=755" TMPFS_LIMITS_RUN, MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, - NULL, MNT_FATAL|MNT_IN_CONTAINER }, - { "cgroup2", "/sys/fs/cgroup", "cgroup2", "nsdelegate,memory_recursiveprot", MS_NOSUID|MS_NOEXEC|MS_NODEV, - cg_is_unified_wanted, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE }, --- -2.40.1 - diff --git a/packages/systemd/9006-mount-setup-mount-etc-with-specific-label.patch b/packages/systemd/9006-mount-setup-mount-etc-with-specific-label.patch deleted file mode 100644 index 664301813d9..00000000000 --- a/packages/systemd/9006-mount-setup-mount-etc-with-specific-label.patch +++ /dev/null @@ -1,38 +0,0 @@ -From d45be2a1f7a2d58efff7921c350fffe8f26901a4 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Thu, 9 Jul 2020 20:00:36 +0000 -Subject: [PATCH] mount-setup: mount /etc with specific label - -The filesystem is mounted after we load the SELinux policy, so we can -apply the label we need to restrict access. - -Signed-off-by: Ben Cressey ---- - src/shared/mount-setup.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c -index 03fc774..8a25823 100644 ---- a/src/shared/mount-setup.c -+++ b/src/shared/mount-setup.c -@@ -61,6 +61,8 @@ typedef struct MountPoint { - #define N_EARLY_MOUNT 4 - #endif - -+#define ETC_CONTEXT ",context=system_u:object_r:etc_t:s0" -+ - static const MountPoint mount_table[] = { - { "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, - NULL, MNT_FATAL|MNT_IN_CONTAINER|MNT_FOLLOW_SYMLINK }, -@@ -112,6 +114,8 @@ static const MountPoint mount_table[] = { - #endif - { "bpf", "/sys/fs/bpf", "bpf", "mode=700", MS_NOSUID|MS_NOEXEC|MS_NODEV, - NULL, MNT_NONE, }, -+ { "tmpfs", "/etc", "tmpfs", "mode=755" ETC_CONTEXT, MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_NOATIME, -+ NULL, MNT_FATAL|MNT_IN_CONTAINER }, - }; - - bool mount_point_is_api(const char *path) { --- -2.40.1 - diff --git a/packages/systemd/9007-pkg-config-stop-hardcoding-prefix-to-usr.patch b/packages/systemd/9007-pkg-config-stop-hardcoding-prefix-to-usr.patch deleted file mode 100644 index d27612f7323..00000000000 --- a/packages/systemd/9007-pkg-config-stop-hardcoding-prefix-to-usr.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 692205df10b9a803d5324c5284605481722b27a1 Mon Sep 17 00:00:00 2001 -From: Erikson Tung -Date: Mon, 3 Jan 2022 22:07:25 +0000 -Subject: [PATCH] pkg-config: stop hardcoding prefix to /usr - -While we ensure /usr points to the sys-root at runtime, for Bottlerocket's -packaging we need to be careful to avoid dependencies on the host OS so -the prefix needs to be configurable. ---- - src/core/systemd.pc.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in -index 693433b..c5ba688 100644 ---- a/src/core/systemd.pc.in -+++ b/src/core/systemd.pc.in -@@ -11,7 +11,7 @@ - # considered deprecated (though there is no plan to remove them). New names - # shall have underscores. - --prefix=/usr -+prefix={{PREFIX}} - root_prefix={{ROOTPREFIX_NOSLASH}} - rootprefix=${root_prefix} - sysconf_dir={{SYSCONF_DIR}} --- -2.40.1 - diff --git a/packages/systemd/9008-sysctl-do-not-set-rp_filter-via-wildcard.patch b/packages/systemd/9008-sysctl-do-not-set-rp_filter-via-wildcard.patch deleted file mode 100644 index 3c836678f54..00000000000 --- a/packages/systemd/9008-sysctl-do-not-set-rp_filter-via-wildcard.patch +++ /dev/null @@ -1,36 +0,0 @@ -From e100d5345ad9104697ece66a4d638807df74e6b8 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Mon, 21 Jun 2021 20:53:47 +0000 -Subject: [PATCH] sysctl: do not set rp_filter via wildcard - -The wildcard matches existing interfaces when `systemd-sysctl` runs -at startup, but also applies to new interfaces when it is invoked by -a udev rule in `99-systemd.rules`. - -This effectively makes `net.ipv4.conf.default` useless for setting a -default value for rp_filter, since the wildcard will also match and -clobber the value. - -It also interferes with CNI plugins that attempt to configure the -rp_filter value for newly created interfaces. - -Signed-off-by: Ben Cressey ---- - sysctl.d/50-default.conf | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf -index f41e24b..9a6ae96 100644 ---- a/sysctl.d/50-default.conf -+++ b/sysctl.d/50-default.conf -@@ -23,7 +23,6 @@ kernel.core_uses_pid = 1 - - # Source route verification - net.ipv4.conf.default.rp_filter = 2 --net.ipv4.conf.*.rp_filter = 2 - -net.ipv4.conf.all.rp_filter - - # Do not accept source routing --- -2.40.1 - diff --git a/packages/systemd/9009-sysusers-set-root-shell-to-sbin-nologin.patch b/packages/systemd/9009-sysusers-set-root-shell-to-sbin-nologin.patch deleted file mode 100644 index 782c93f6b62..00000000000 --- a/packages/systemd/9009-sysusers-set-root-shell-to-sbin-nologin.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 060606c86791071663373a9ac45bd06cc3966552 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Sat, 28 May 2022 04:12:07 +0000 -Subject: [PATCH] sysusers: set root shell to /sbin/nologin - -Signed-off-by: Ben Cressey -Signed-off-by: Arnaldo Garcia Rincon ---- - sysusers.d/basic.conf.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in -index 0aec080..d825aad 100644 ---- a/sysusers.d/basic.conf.in -+++ b/sysusers.d/basic.conf.in -@@ -7,7 +7,7 @@ - - # The superuser - g root 0 - - --u root 0:0 "Super User" /root -+u root 0:0 "Super User" /root /usr/sbin/nologin - - # The nobody user/group for NFS file systems - g {{NOBODY_GROUP_NAME}} 65534 - - --- -2.40.1 - diff --git a/packages/systemd/9010-units-keep-modprobe-service-units-running.patch b/packages/systemd/9010-units-keep-modprobe-service-units-running.patch deleted file mode 100644 index d354b4f0765..00000000000 --- a/packages/systemd/9010-units-keep-modprobe-service-units-running.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 4444604feb71d9b31896fbf0a5bf02e8270a3411 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Sun, 17 Jul 2022 16:21:16 +0000 -Subject: [PATCH] units: keep modprobe service units running - -Otherwise, the units are restarted when the default target changes. - -Signed-off-by: Ben Cressey ---- - units/modprobe@.service | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/units/modprobe@.service b/units/modprobe@.service -index 85a2c08..2994082 100644 ---- a/units/modprobe@.service -+++ b/units/modprobe@.service -@@ -18,3 +18,4 @@ StartLimitIntervalSec=0 - [Service] - Type=oneshot - ExecStart=-/sbin/modprobe -abq %i -+RemainAfterExit=true --- -2.40.1 - diff --git a/packages/systemd/9011-systemd-networkd-Conditionalize-hostnamed-timezoned-.patch b/packages/systemd/9011-systemd-networkd-Conditionalize-hostnamed-timezoned-.patch deleted file mode 100644 index e41492ea393..00000000000 --- a/packages/systemd/9011-systemd-networkd-Conditionalize-hostnamed-timezoned-.patch +++ /dev/null @@ -1,121 +0,0 @@ -From 1539259546fe7f686d07e256d700ee2929b78064 Mon Sep 17 00:00:00 2001 -From: Zac Mrowicki -Date: Thu, 6 Jul 2023 17:50:28 +0000 -Subject: [PATCH] systemd-networkd: Conditionalize hostnamed/timezoned DBUS - calls - -systemd-networkd registers a function to call when first connecting to -DBUS. This function makes three calls to other DBUS services (hostnamed -and timedated) which aren't used in Bottlerocket. Calls to the same -DBUS services are made in the DHCP clients. This change makes a patch -to systemd-networkd that conditionalizes these calls based on the -underlying services being built, returning 0 if the service isn't built. - -Removing the calls to non-existent services cleans up some confusing and -inconsequential messages in the journal on boot. ---- - src/network/networkd-dhcp-common.c | 2 ++ - src/network/networkd-dhcp-common.h | 6 ++++++ - src/network/networkd-manager.c | 4 ++++ - src/network/networkd-manager.h | 13 +++++++++++++ - 4 files changed, 25 insertions(+) - -diff --git a/src/network/networkd-dhcp-common.c b/src/network/networkd-dhcp-common.c -index 7b0b2de..43cf30d 100644 ---- a/src/network/networkd-dhcp-common.c -+++ b/src/network/networkd-dhcp-common.c -@@ -171,6 +171,7 @@ static int get_product_uuid_handler(sd_bus_message *m, void *userdata, sd_bus_er - return 0; - } - -+#if ENABLE_HOSTNAMED - int manager_request_product_uuid(Manager *m) { - static bool bus_method_is_called = false; - int r; -@@ -206,6 +207,7 @@ int manager_request_product_uuid(Manager *m) { - - return 0; - } -+#endif - - int dhcp_configure_duid(Link *link, const DUID *duid) { - Manager *m; -diff --git a/src/network/networkd-dhcp-common.h b/src/network/networkd-dhcp-common.h -index c19bc10..9d13cde 100644 ---- a/src/network/networkd-dhcp-common.h -+++ b/src/network/networkd-dhcp-common.h -@@ -72,7 +72,13 @@ static inline const DUID *link_get_dhcp6_duid(Link *link) { - } - - int dhcp_configure_duid(Link *link, const DUID *duid); -+#if ENABLE_HOSTNAMED - int manager_request_product_uuid(Manager *m); -+#else -+static inline int manager_request_product_uuid(_unused_ Manager *m) { -+ return 0; -+} -+#endif - - bool address_is_filtered(int family, const union in_addr_union *address, uint8_t prefixlen, Set *allow_list, Set *deny_list); - static inline bool in4_address_is_filtered(const struct in_addr *address, Set *allow_list, Set *deny_list) { -diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c -index cdfd29b..d226b1f 100644 ---- a/src/network/networkd-manager.c -+++ b/src/network/networkd-manager.c -@@ -1002,6 +1002,7 @@ static int set_hostname_handler(sd_bus_message *m, void *userdata, sd_bus_error - return 1; - } - -+#if ENABLE_HOSTNAMED - int manager_set_hostname(Manager *m, const char *hostname) { - int r; - -@@ -1031,6 +1032,7 @@ int manager_set_hostname(Manager *m, const char *hostname) { - - return 0; - } -+#endif - - static int set_timezone_handler(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) { - const sd_bus_error *e; -@@ -1047,6 +1049,7 @@ static int set_timezone_handler(sd_bus_message *m, void *userdata, sd_bus_error - return 1; - } - -+#if ENABLE_TIMEDATED - int manager_set_timezone(Manager *m, const char *tz) { - int r; - -@@ -1078,3 +1081,4 @@ int manager_set_timezone(Manager *m, const char *tz) { - - return 0; - } -+#endif -diff --git a/src/network/networkd-manager.h b/src/network/networkd-manager.h -index 40e6092..cab2a6a 100644 ---- a/src/network/networkd-manager.h -+++ b/src/network/networkd-manager.h -@@ -112,7 +112,20 @@ int manager_load_config(Manager *m); - - int manager_enumerate(Manager *m); - -+#if ENABLE_HOSTNAMED - int manager_set_hostname(Manager *m, const char *hostname); -+#else -+static inline int manager_set_hostname(_unused_ Manager *m, _unused_ const char *hostname) { -+ return 0; -+} -+#endif /* ENABLE_HOSTNAMED */ -+ -+#if ENABLE_TIMEDATED - int manager_set_timezone(Manager *m, const char *timezone); -+#else -+static inline int manager_set_timezone(_unused_ Manager *m, _unused_ const char *timezone) { -+ return 0; -+} -+#endif /* ENABLE_TIMEDATED */ - - DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free); --- -2.40.1 - diff --git a/packages/systemd/9012-core-mount-increase-mount-rate-limit-burst-to-25.patch b/packages/systemd/9012-core-mount-increase-mount-rate-limit-burst-to-25.patch deleted file mode 100644 index fc3500ffcd5..00000000000 --- a/packages/systemd/9012-core-mount-increase-mount-rate-limit-burst-to-25.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 1f8d86a74c09738eb000aacec6bbd74360177796 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Thu, 31 Aug 2023 19:14:13 +0000 -Subject: [PATCH] core/mount: increase mount rate limit burst to 25 - -On systems where many mounts are set up on boot, the default rate -limit is too low and leads to several stalls. - -Signed-off-by: Ben Cressey ---- - src/core/mount.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/core/mount.c b/src/core/mount.c -index d82092a..7ba009b 100644 ---- a/src/core/mount.c -+++ b/src/core/mount.c -@@ -1928,7 +1928,7 @@ static void mount_enumerate(Manager *m) { - mnt_init_debug(0); - - if (!m->mount_monitor) { -- unsigned mount_rate_limit_burst = 5; -+ unsigned mount_rate_limit_burst = 25; - int fd; - - m->mount_monitor = mnt_new_monitor(); --- -2.40.1 - diff --git a/packages/systemd/9013-sd-dhcp-lease-parse-multiple-domains-in-option-15.patch b/packages/systemd/9013-sd-dhcp-lease-parse-multiple-domains-in-option-15.patch deleted file mode 100644 index 3d474fb60b5..00000000000 --- a/packages/systemd/9013-sd-dhcp-lease-parse-multiple-domains-in-option-15.patch +++ /dev/null @@ -1,131 +0,0 @@ -From 4c79d11d6888944f251681003a7b8b41606e108b Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Sat, 2 Sep 2023 16:19:22 +0000 -Subject: [PATCH] sd-dhcp-lease: parse multiple domains in option 15 - -Non-compliant DHCP servers may pass through multiple domain names in -Option 15, separated by a space character. This is then normalized -into "032" by systemd-networkd, which effectively synthesizes a new -domain name that doesn't match any of the expected ones. - -DHCP also supports Option 119 which specifies a compression scheme to -avoid repeating any shared suffixes of the domain names. This option -doesn't support space-separated domains either, so working around the -problem isn't as straightforward as treating an Option 15 payload as -a 119 payload instead. - -Deal with this by splitting the Option 15 payload on spaces first, -before normalizing the individual domain names. If multiple domains -are found, use them as the list of search domains unless Option 119 -is also present. - -Signed-off-by: Ben Cressey ---- - src/libsystemd-network/sd-dhcp-lease.c | 69 +++++++++++++++++++++----- - 1 file changed, 56 insertions(+), 13 deletions(-) - -diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c -index b14ad57..263e97e 100644 ---- a/src/libsystemd-network/sd-dhcp-lease.c -+++ b/src/libsystemd-network/sd-dhcp-lease.c -@@ -401,34 +401,70 @@ static int lease_parse_string(const uint8_t *option, size_t len, char **ret) { - return 0; - } - --static int lease_parse_domain(const uint8_t *option, size_t len, char **ret) { -- _cleanup_free_ char *name = NULL, *normalized = NULL; -+static int lease_parse_domain_list(const uint8_t *option, size_t len, char ***ret) { -+ _cleanup_free_ char *parsed = NULL; -+ _cleanup_strv_free_ char **names = NULL, **normalized_names = NULL; - int r; - - assert(option); - assert(ret); - -- r = lease_parse_string(option, len, &name); -+ r = lease_parse_string(option, len, &parsed); - if (r < 0) - return r; -- if (!name) { -- *ret = mfree(*ret); -+ -+ if (!parsed) - return 0; -+ -+ names = strv_split(parsed, " "); -+ if (!names) -+ return -ENOMEM; -+ -+ STRV_FOREACH(name, names) { -+ _cleanup_free_ char *normalized = NULL; -+ -+ r = dns_name_normalize(*name, 0, &normalized); -+ if (r < 0) -+ return r; -+ -+ if (is_localhost(normalized)) -+ return -EINVAL; -+ -+ if (dns_name_is_root(normalized)) -+ return -EINVAL; -+ -+ r = strv_extend(&normalized_names, normalized); -+ if (r < 0) -+ return r; - } - -- r = dns_name_normalize(name, 0, &normalized); -+ strv_free_and_replace(*ret, normalized_names); -+ return 0; -+} -+ -+static int lease_parse_domain(const uint8_t *option, size_t len, char **ret) { -+ _cleanup_strv_free_ char **names = NULL; -+ size_t n; -+ int r; -+ -+ assert(option); -+ assert(ret); -+ -+ r = lease_parse_domain_list(option, len, &names); - if (r < 0) - return r; - -- if (is_localhost(normalized)) -- return -EINVAL; -- -- if (dns_name_is_root(normalized)) -- return -EINVAL; -+ n = strv_length(names); -+ if (n == 0) { -+ *ret = mfree(*ret); -+ return 0; -+ } - -- free_and_replace(*ret, normalized); -+ r = free_and_strdup(ret, names[0]); -+ if (r < 0) -+ return r; - -- return 0; -+ return n; - } - - static int lease_parse_in_addrs(const uint8_t *option, size_t len, struct in_addr **ret, size_t *n_ret) { -@@ -725,6 +761,13 @@ int dhcp_lease_parse_options(uint8_t code, uint8_t len, const void *option, void - return 0; - } - -+ if (r <= 1 || !strv_isempty(lease->search_domains)) -+ break; -+ -+ r = lease_parse_domain_list(option, len, &lease->search_domains); -+ if (r < 0) -+ log_debug_errno(r, "Failed to parse Domain Search List, ignoring: %m"); -+ - break; - - case SD_DHCP_OPTION_DOMAIN_SEARCH: --- -2.40.1 - diff --git a/packages/systemd/9014-meson-make-gpt-auto-generator-selectable-at-build-ti.patch b/packages/systemd/9014-meson-make-gpt-auto-generator-selectable-at-build-ti.patch deleted file mode 100644 index 82f88f6b99e..00000000000 --- a/packages/systemd/9014-meson-make-gpt-auto-generator-selectable-at-build-ti.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 33a689a000d56444ed47803b2fbec4376814e633 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Thu, 9 Nov 2023 15:02:14 +0000 -Subject: [PATCH] meson: make gpt-auto-generator selectable at build-time - -Signed-off-by: Markus Boehme ---- - meson.build | 21 ++++++++++++--------- - meson_options.txt | 2 ++ - 2 files changed, 14 insertions(+), 9 deletions(-) - -diff --git a/meson.build b/meson.build -index 3bef553..16421ce 100644 ---- a/meson.build -+++ b/meson.build -@@ -1851,6 +1851,7 @@ foreach term : ['analyze', - 'efi', - 'environment-d', - 'firstboot', -+ 'gpt-auto-generator', - 'gshadow', - 'hibernate', - 'hostnamed', -@@ -2424,15 +2425,17 @@ if conf.get('ENABLE_HIBERNATE') == 1 - endif - - if conf.get('HAVE_BLKID') == 1 -- executable( -- 'systemd-gpt-auto-generator', -- 'src/gpt-auto-generator/gpt-auto-generator.c', -- include_directories : includes, -- link_with : [libshared], -- dependencies : libblkid, -- install_rpath : rootpkglibdir, -- install : true, -- install_dir : systemgeneratordir) -+ if conf.get('ENABLE_GPT_AUTO_GENERATOR') == 1 -+ executable( -+ 'systemd-gpt-auto-generator', -+ 'src/gpt-auto-generator/gpt-auto-generator.c', -+ include_directories : includes, -+ link_with : [libshared], -+ dependencies : libblkid, -+ install_rpath : rootpkglibdir, -+ install : true, -+ install_dir : systemgeneratordir) -+ endif - - public_programs += executable( - 'systemd-dissect', -diff --git a/meson_options.txt b/meson_options.txt -index 26dfab5..2df5361 100644 ---- a/meson_options.txt -+++ b/meson_options.txt -@@ -176,6 +176,8 @@ option('html', type : 'combo', choices : ['auto', 'true', 'false'], - description : 'build and install html pages') - option('translations', type : 'boolean', value : true, - description : 'build and install translations') -+option('gpt-auto-generator', type : 'boolean', value : true, -+ description : 'build and install systemd-gpt-auto-generator') - - option('certificate-root', type : 'string', value : '/etc/ssl', - description : 'the prefix for TLS certificates') --- -2.40.1 - diff --git a/packages/systemd/Cargo.toml b/packages/systemd/Cargo.toml deleted file mode 100644 index 32bc5a0d580..00000000000 --- a/packages/systemd/Cargo.toml +++ /dev/null @@ -1,27 +0,0 @@ -[package] -name = "systemd" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/systemd/systemd-stable/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/systemd/systemd-stable/archive/v252.22/systemd-stable-252.22.tar.gz" -sha512 = "cc394b7c5f9149bc68b59ff23c4db9384deac073c0b96d5047c4d4ea36e82b930eabc03d5978155e7ab5e8617ccfebd67804cb7b19c3a43fdaf96abc48a3e3e2" - -[build-dependencies] -glibc = { path = "../glibc" } -kmod = { path = "../kmod" } -libacl = { path = "../libacl" } -libattr = { path = "../libattr" } -libcap = { path = "../libcap" } -libseccomp = { path = "../libseccomp" } -libselinux = { path = "../libselinux" } -libxcrypt = { path = "../libxcrypt" } -util-linux = { path = "../util-linux" } diff --git a/packages/systemd/issue b/packages/systemd/issue deleted file mode 100644 index 962b80737b9..00000000000 --- a/packages/systemd/issue +++ /dev/null @@ -1,10 +0,0 @@ -\S -Kernel \r on an \m (\l) - - ╱╲ - ╱┄┄╲ - │▗▖│ - ╱│ │╲ - │╰╮╭╯│ - ╹╹ - diff --git a/packages/systemd/journald.conf b/packages/systemd/journald.conf deleted file mode 100644 index 9628979d11f..00000000000 --- a/packages/systemd/journald.conf +++ /dev/null @@ -1,3 +0,0 @@ -[Journal] -Storage=persistent -SplitMode=none diff --git a/packages/systemd/systemd-journald.conf b/packages/systemd/systemd-journald.conf deleted file mode 100644 index 2d8d85439be..00000000000 --- a/packages/systemd/systemd-journald.conf +++ /dev/null @@ -1,3 +0,0 @@ -[Service] -Environment=SYSTEMD_JOURNAL_KEYED_HASH=0 -Environment=SYSTEMD_JOURNAL_COMPACT=0 diff --git a/packages/systemd/systemd-modules-load.conf b/packages/systemd/systemd-modules-load.conf deleted file mode 100644 index f9cda6a6c17..00000000000 --- a/packages/systemd/systemd-modules-load.conf +++ /dev/null @@ -1 +0,0 @@ -nf_conntrack diff --git a/packages/systemd/systemd-sysusers.conf b/packages/systemd/systemd-sysusers.conf deleted file mode 100644 index d5e54c0fa5e..00000000000 --- a/packages/systemd/systemd-sysusers.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Unit] -After=selinux-policy-files.service diff --git a/packages/systemd/systemd-tmpfiles.conf b/packages/systemd/systemd-tmpfiles.conf deleted file mode 100644 index 2781b74eef7..00000000000 --- a/packages/systemd/systemd-tmpfiles.conf +++ /dev/null @@ -1,8 +0,0 @@ -d /run/cache 0755 root root - -d /run/lock 0755 root root - -L /var/lock - - - - /run/lock -Z /var/lib/systemd 0755 root root - -z /var/lib/systemd/random-seed 600 root root - -R /var/lib/systemd/linger -D /var/lib/systemd/linger 0700 root root - -d /etc/sysctl.d 0700 root root - diff --git a/packages/systemd/systemd.spec b/packages/systemd/systemd.spec deleted file mode 100644 index e1360268af7..00000000000 --- a/packages/systemd/systemd.spec +++ /dev/null @@ -1,508 +0,0 @@ -# Skip check-rpaths since we expect them for systemd. -%global __brp_check_rpaths %{nil} - -Name: %{_cross_os}systemd -Version: 252.22 -Release: 1%{?dist} -Summary: System and Service Manager -License: GPL-2.0-or-later AND GPL-2.0-only AND LGPL-2.1-or-later -URL: https://www.freedesktop.org/wiki/Software/systemd -Source0: https://github.com/systemd/systemd-stable/archive/v%{version}/systemd-stable-%{version}.tar.gz -Source1: systemd-tmpfiles.conf -Source2: systemd-modules-load.conf -Source3: journald.conf -Source4: issue -Source5: systemd-journald.conf -Source6: systemd-sysusers.conf - -# Backport of upstream patches that make the netlink default timeout -# configurable. Bottlerocket carries this patch and configures the timeout in -# an effort to avoid a situation where a network link becomes unusable if the -# system is under load and doesn't process the RTM_NEWROUTE acknowledgement -# within the default timeout of 25 seconds. -# Reference issue: github.com/systemd/systemd/issues/25441 -Patch1001: 1001-sd-netlink-make-calc_elapse-return-USEC_INFINITY-whe.patch -Patch1002: 1002-sd-netlink-make-the-default-timeout-configurable-by-.patch - -# Local patch to work around the fact that /var is a bind mount from -# /local/var, and we want the /local/var/run symlink to point to /run. -Patch9001: 9001-use-absolute-path-for-var-run-symlink.patch - -# TODO: this could potentially be submitted upstream, but needs a better -# way to be configured at build time or during execution first. -Patch9002: 9002-core-add-separate-timeout-for-system-shutdown.patch - -# TODO: this could be submitted upstream as well, but needs to account for -# the dom0 case first, where the UUID is all zeroes and hence not unique. -Patch9003: 9003-machine-id-setup-generate-stable-ID-under-Xen-and-VM.patch - -# Local patch to mount /tmp with "noexec". -Patch9004: 9004-units-mount-tmp-with-noexec.patch - -# Local patch to mount additional filesystems with "noexec". -Patch9005: 9005-mount-setup-apply-noexec-to-more-mounts.patch - -# Local patch to handle mounting /etc with our SELinux label. -Patch9006: 9006-mount-setup-mount-etc-with-specific-label.patch - -# We need `prefix` to be configurable for our own packaging so we can avoid -# dependencies on the host OS. -Patch9007: 9007-pkg-config-stop-hardcoding-prefix-to-usr.patch - -# Local patch to stop overriding rp_filter defaults with wildcard values. -Patch9008: 9008-sysctl-do-not-set-rp_filter-via-wildcard.patch - -# Local patch to set root's shell to /sbin/nologin rather than /bin/sh. -Patch9009: 9009-sysusers-set-root-shell-to-sbin-nologin.patch - -# Local patch to keep modprobe units running to avoid repeated log entries. -Patch9010: 9010-units-keep-modprobe-service-units-running.patch - -# Local patch to conditionalize systemd-networkd calls to hostname and timezone -# DBUS services not used in Bottlerocket -Patch9011: 9011-systemd-networkd-Conditionalize-hostnamed-timezoned-.patch - -# Local patch to adjust the default mount rate limit to 25 per second. -# Carried as a patch so that SYSTEMD_DEFAULT_MOUNT_RATE_LIMIT_BURST can be used -# as a kernel command line parameter to override. -Patch9012: 9012-core-mount-increase-mount-rate-limit-burst-to-25.patch - -# Local patch to work around a potentially non-compliant Option 15 in the DHCP -# lease in EC2. -Patch9013: 9013-sd-dhcp-lease-parse-multiple-domains-in-option-15.patch - -# Local patch that allows to deselect systemd-gpt-auto-generator. We deselect -# it since prairiedog mounts /boot depending on the partition bank in use. -Patch9014: 9014-meson-make-gpt-auto-generator-selectable-at-build-ti.patch - -BuildRequires: gperf -BuildRequires: intltool -BuildRequires: meson -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}kmod-devel -BuildRequires: %{_cross_os}libacl-devel -BuildRequires: %{_cross_os}libattr-devel -BuildRequires: %{_cross_os}libblkid-devel -BuildRequires: %{_cross_os}libcap-devel -BuildRequires: %{_cross_os}libfdisk-devel -BuildRequires: %{_cross_os}libmount-devel -BuildRequires: %{_cross_os}libseccomp-devel -BuildRequires: %{_cross_os}libselinux-devel -BuildRequires: %{_cross_os}libuuid-devel -BuildRequires: %{_cross_os}libxcrypt-devel -Requires: %{_cross_os}kmod -Requires: %{_cross_os}libacl -Requires: %{_cross_os}libattr -Requires: %{_cross_os}libblkid -Requires: %{_cross_os}libcap -Requires: %{_cross_os}libfdisk -Requires: %{_cross_os}libmount -Requires: %{_cross_os}libseccomp -Requires: %{_cross_os}libselinux -Requires: %{_cross_os}libuuid -Requires: %{_cross_os}libxcrypt - -%description -%{summary}. - -%package console -Summary: Files for console login using the System and Service Manager - -%description console -%{summary}. - -%package devel -Summary: Files for development using the System and Service Manager -Requires: %{name} - -%description devel -%{summary}. - -%package networkd -Summary: Files for networkd - -%description networkd -%{summary}. - -%package resolved -Summary: Files for resolved - -%description resolved -%{summary}. - -%prep -%autosetup -n systemd-stable-%{version} -p1 - -%build -CONFIGURE_OPTS=( - -Dmode=release - - -Dsplit-usr=false - -Dsplit-bin=true - -Drootprefix='%{_cross_prefix}' - -Drootlibdir='%{_cross_libdir}' - -Dlink-udev-shared=true - -Dlink-systemctl-shared=true - -Dlink-networkd-shared=false - -Dlink-timesyncd-shared=false - -Dlink-boot-shared=false - -Dstatic-libsystemd=false - -Dstatic-libudev=false - - -Dsysvinit-path='' - -Dsysvrcnd-path='' - -Dinitrd=false - -Dnscd=false - - -Dutmp=false - -Dhibernate=false - -Dldconfig=true - -Dresolve=true - -Defi=true - -Dtpm=false - -Denvironment-d=false - -Dbinfmt=false - -Drepart=true - -Dcoredump=false - -Dpstore=true - -Doomd=false - -Dlogind=true - -Dhostnamed=false - -Dlocaled=false - -Dmachined=false - -Dportabled=false - -Dsysext=false - -Dsysupdate=false - -Duserdb=false - -Dhomed=false - -Dnetworkd=true - -Dtimedated=false - -Dtimesyncd=false - -Dremote=false - -Dnss-myhostname=false - -Dnss-mymachines=false - -Dnss-resolve=true - -Dnss-systemd=false - -Dfirstboot=false - -Drandomseed=true - -Dbacklight=false - -Dvconsole=false - -Dquotacheck=false - -Dsysusers=true - -Dtmpfiles=true - -Dimportd=false - -Dhwdb=false - -Drfkill=false - -Dxdg-autostart=false - -Dman=false - -Dhtml=false - -Dtranslations=false - -Dgpt-auto-generator=false - -Dlog-message-verification=false - - -Dcertificate-root='%{_cross_sysconfdir}/ssl' - -Dpkgconfigdatadir='%{_cross_pkgconfigdir}' - -Dpkgconfiglibdir='%{_cross_pkgconfigdir}' - - -Ddefault-hierarchy=unified - - -Dadm-group=false - -Dwheel-group=false - - -Dgshadow=true - - -Ddefault-dnssec=no - -Ddefault-dns-over-tls=no - -Ddefault-mdns=no - -Ddefault-llmnr=no - -Ddns-over-tls=false - -Ddns-servers="" - - -Dsupport-url="https://github.com/bottlerocket-os/bottlerocket/discussions" - - -Dseccomp=auto - -Dselinux=auto - -Dapparmor=false - -Dsmack=false - -Dpolkit=false - -Dima=false - - -Dacl=true - -Daudit=false - -Dblkid=true - -Dfdisk=true - -Dkmod=true - -Dpam=false - -Dpwquality=false - -Dmicrohttpd=false - -Dlibcryptsetup=false - -Dlibcurl=false - -Didn=false - -Dlibidn2=false - -Dlibidn=false - -Dlibiptc=false - -Dqrencode=false - -Dgcrypt=false - -Dgnutls=false - -Dopenssl=false - -Dp11kit=false - -Dlibfido2=false - -Dtpm2=false - -Delfutils=false - -Dzlib=false - -Dbzip2=false - -Dxz=false - -Dlz4=false - -Dzstd=false - -Dxkbcommon=false - -Dpcre2=false - -Dglib=false - -Ddbus=false - - -Dgnu-efi=false - -Defi-tpm-pcr-compat=false - - -Dbashcompletiondir=no - -Dzshcompletiondir=no - - -Dtests=false - -Dslow-tests=false - -Dfuzz-tests=false - -Dinstall-tests=false - - -Durlify=false - -Dfexecve=false - - -Doss-fuzz=false - -Dllvm-fuzz=false - -Dkernel-install=false - -Danalyze=true - - -Dbpf-framework=false -) - -%cross_meson "${CONFIGURE_OPTS[@]}" -%cross_meson_build - -%install -%cross_meson_install - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:1} %{buildroot}%{_cross_tmpfilesdir}/systemd-tmpfiles.conf - -install -d %{buildroot}%{_cross_libdir}/modules-load.d -install -p -m 0644 %{S:2} %{buildroot}%{_cross_libdir}/modules-load.d/nf_conntrack.conf - -install -d %{buildroot}%{_cross_libdir}/systemd/journald.conf.d -install -p -m 0644 %{S:3} %{buildroot}%{_cross_libdir}/systemd/journald.conf.d/journald.conf - -install -d %{buildroot}%{_cross_unitdir}/systemd-journald.service.d -install -p -m 0644 %{S:5} %{buildroot}%{_cross_unitdir}/systemd-journald.service.d/systemd-journald.conf - -install -d %{buildroot}%{_cross_unitdir}/systemd-sysusers.service.d -install -p -m 0644 %{S:6} %{buildroot}%{_cross_unitdir}/systemd-sysusers.service.d/systemd-sysusers.conf - -# Remove all stock network configurations, as they can interfere -# with container networking by attempting to manage veth devices. -rm -f %{buildroot}%{_cross_libdir}/systemd/network/* - -# Remove default, multi-user and graphical targets provided by systemd, -# we override default/multi-user in the release spec and graphical -# is never used -rm -f %{buildroot}%{_cross_libdir}/systemd/{system,user}/default.target -rm -f %{buildroot}%{_cross_libdir}/systemd/{system,user}/multi-user.target -rm -f %{buildroot}%{_cross_libdir}/systemd/{system,user}/graphical.target - -# Add art to the console -install -d %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir} -install -p -m 0644 %{S:4} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/issue - -%files -%license LICENSE.GPL2 LICENSE.LGPL2.1 -%{_cross_attribution_file} -%{_cross_bindir}/busctl -%{_cross_bindir}/journalctl -%{_cross_bindir}/systemctl -%{_cross_bindir}/systemd-analyze -%{_cross_bindir}/systemd-ask-password -%{_cross_bindir}/systemd-cat -%{_cross_bindir}/systemd-cgls -%{_cross_bindir}/systemd-cgtop -%{_cross_bindir}/systemd-creds -%{_cross_bindir}/systemd-dissect -%{_cross_bindir}/systemd-delta -%{_cross_bindir}/systemd-detect-virt -%{_cross_bindir}/systemd-escape -%{_cross_bindir}/systemd-id128 -%{_cross_bindir}/systemd-inhibit -%{_cross_bindir}/systemd-machine-id-setup -%{_cross_bindir}/systemd-mount -%{_cross_bindir}/systemd-notify -%{_cross_bindir}/systemd-nspawn -%{_cross_bindir}/systemd-path -%{_cross_bindir}/systemd-repart -%{_cross_bindir}/systemd-run -%{_cross_bindir}/systemd-socket-activate -%{_cross_bindir}/systemd-stdio-bridge -%{_cross_bindir}/systemd-sysusers -%{_cross_bindir}/systemd-tmpfiles -%{_cross_bindir}/systemd-tty-ask-password-agent -%{_cross_bindir}/systemd-umount -%{_cross_bindir}/udevadm -%{_cross_bindir}/loginctl - -%{_cross_sbindir}/halt -%{_cross_sbindir}/init -%{_cross_sbindir}/poweroff -%{_cross_sbindir}/reboot -%{_cross_sbindir}/shutdown - -%{_cross_libdir}/libsystemd.so.* -%{_cross_libdir}/libudev.so.* - -%dir %{_cross_libdir}/modprobe.d -%{_cross_libdir}/modprobe.d/* - -%dir %{_cross_libdir}/modules-load.d -%{_cross_libdir}/modules-load.d/nf_conntrack.conf - -%dir %{_cross_sysctldir} -%{_cross_sysctldir}/* - -%dir %{_cross_libdir}/systemd -%{_cross_libdir}/systemd/* -%exclude %{_cross_libdir}/systemd/systemd-user-runtime-dir -%exclude %{_cross_unitdir}/dbus-org.freedesktop.login1.service -%exclude %{_cross_unitdir}/systemd-repart.service -%exclude %{_cross_unitdir}/user-runtime-dir@.service -%exclude %{_cross_unitdir}/user@.service -%exclude %{_cross_unitdir}/user@.service.d -%exclude %{_cross_unitdir}/user@0.service.d - -%dir %{_cross_libdir}/udev -%{_cross_libdir}/udev/* -%exclude %{_cross_libdir}/udev/rules.d/70-uaccess.rules -%exclude %{_cross_libdir}/udev/rules.d/71-seat.rules -%exclude %{_cross_libdir}/udev/rules.d/73-seat-late.rules - -%dir %{_cross_sysusersdir} -%{_cross_sysusersdir}/* - -%dir %{_cross_tmpfilesdir} -%{_cross_tmpfilesdir}/* -%exclude %{_cross_tmpfilesdir}/x11.conf - -%{_cross_datadir}/dbus-1/* -%exclude %{_cross_datadir}/dbus-1/system-services - -%dir %{_cross_factorydir} -%{_cross_factorydir}%{_cross_sysconfdir}/issue -%{_cross_factorydir}%{_cross_sysconfdir}/locale.conf -%exclude %{_cross_factorydir}%{_cross_sysconfdir}/nsswitch.conf -%exclude %{_cross_factorydir}%{_cross_sysconfdir}/pam.d -%exclude %{_cross_factorydir}%{_cross_sysconfdir}/pam.d/other -%exclude %{_cross_factorydir}%{_cross_sysconfdir}/pam.d/system-auth - -%exclude %{_cross_datadir}/polkit-1 -%exclude %{_cross_docdir} -%exclude %{_cross_libdir}/pam.d/systemd-user -%exclude %{_cross_sysconfdir}/systemd/ -%exclude %{_cross_sysconfdir}/udev/ -%exclude %{_cross_sysconfdir}/X11 -%exclude %{_cross_sysconfdir}/xdg - -# exclude files for subpackages -%exclude %{_cross_bindir}/systemd-ask-password -%exclude %{_cross_bindir}/systemd-tty-ask-password-agent -%exclude %{_cross_datadir}/dbus-1/system.d/org.freedesktop.network1.conf -%exclude %{_cross_datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf -%exclude %{_cross_libdir}/systemd/resolv.conf -%exclude %{_cross_libdir}/systemd/systemd-networkd -%exclude %{_cross_libdir}/systemd/systemd-networkd-wait-online -%exclude %{_cross_libdir}/systemd/systemd-reply-password -%exclude %{_cross_libdir}/systemd/systemd-resolved -%exclude %{_cross_libdir}/systemd/systemd-sulogin-shell -%exclude %{_cross_systemdgeneratordir}/systemd-debug-generator -%exclude %{_cross_systemdgeneratordir}/systemd-getty-generator -%exclude %{_cross_sysusersdir}/systemd-network.conf -%exclude %{_cross_sysusersdir}/systemd-resolve.conf -%exclude %{_cross_tmpfilesdir}/systemd-network.conf -%exclude %{_cross_tmpfilesdir}/systemd-resolve.conf -%exclude %{_cross_unitdir}/autovt@.service -%exclude %{_cross_unitdir}/console-getty.service -%exclude %{_cross_unitdir}/container-getty@.service -%exclude %{_cross_unitdir}/debug-shell.service -%exclude %{_cross_unitdir}/emergency.service -%exclude %{_cross_unitdir}/emergency.target -%exclude %{_cross_unitdir}/getty@.service -%exclude %{_cross_unitdir}/rescue.service -%exclude %{_cross_unitdir}/rescue.target -%exclude %{_cross_unitdir}/serial-getty@.service -%exclude %{_cross_unitdir}/systemd-ask-password-console.service -%exclude %{_cross_unitdir}/systemd-ask-password-console.path -%exclude %{_cross_unitdir}/systemd-ask-password-wall.path -%exclude %{_cross_unitdir}/systemd-networkd.service -%exclude %{_cross_unitdir}/systemd-networkd-wait-online.service -%exclude %{_cross_unitdir}/systemd-networkd-wait-online@.service -%exclude %{_cross_unitdir}/systemd-networkd.socket -%exclude %{_cross_unitdir}/systemd-resolved.service -%exclude %{_cross_unitdir}/sysinit.target.wants/systemd-ask-password-console.path -%exclude %{_cross_unitdir}/multi-user.target.wants/systemd-ask-password-wall.path - -%files devel -%{_cross_libdir}/libsystemd.so -%{_cross_libdir}/libudev.so -%{_cross_includedir}/libudev.h -%dir %{_cross_includedir}/systemd -%{_cross_includedir}/systemd/*.h -%{_cross_pkgconfigdir}/*.pc -%exclude %{_cross_libdir}/rpm/macros.d - -%files console -%{_cross_bindir}/systemd-ask-password -%{_cross_bindir}/systemd-tty-ask-password-agent -%{_cross_libdir}/systemd/systemd-sulogin-shell -%{_cross_libdir}/systemd/systemd-reply-password -%{_cross_systemdgeneratordir}/systemd-debug-generator -%{_cross_systemdgeneratordir}/systemd-getty-generator -%{_cross_unitdir}/autovt@.service -%{_cross_unitdir}/console-getty.service -%{_cross_unitdir}/container-getty@.service -%{_cross_unitdir}/debug-shell.service -%{_cross_unitdir}/emergency.service -%{_cross_unitdir}/emergency.target -%{_cross_unitdir}/getty@.service -%{_cross_unitdir}/rescue.service -%{_cross_unitdir}/rescue.target -%{_cross_unitdir}/serial-getty@.service -%{_cross_unitdir}/systemd-ask-password-console.service -%{_cross_unitdir}/systemd-ask-password-console.path -%{_cross_unitdir}/systemd-ask-password-wall.path -%{_cross_unitdir}/sysinit.target.wants/systemd-ask-password-console.path -%{_cross_unitdir}/multi-user.target.wants/systemd-ask-password-wall.path - -%files networkd -%{_cross_bindir}/networkctl -%{_cross_libdir}/systemd/systemd-networkd -%{_cross_libdir}/systemd/systemd-networkd-wait-online -%{_cross_sysusersdir}/systemd-network.conf -%{_cross_tmpfilesdir}/systemd-network.conf -%{_cross_unitdir}/systemd-networkd.service -%{_cross_unitdir}/systemd-networkd-wait-online.service -%{_cross_unitdir}/systemd-networkd-wait-online@.service -%{_cross_unitdir}/systemd-networkd.socket -%{_cross_datadir}/dbus-1/system.d/org.freedesktop.network1.conf - -%files resolved -%{_cross_bindir}/resolvectl -%{_cross_libdir}/libnss_resolve.so.* -%{_cross_libdir}/systemd/resolv.conf -%{_cross_libdir}/systemd/systemd-resolved -%{_cross_sysusersdir}/systemd-resolve.conf -%{_cross_tmpfilesdir}/systemd-resolve.conf -%{_cross_unitdir}/systemd-resolved.service -%{_cross_datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf -%exclude %{_cross_bindir}/systemd-resolve -%exclude %{_cross_sbindir}/resolvconf - -%changelog diff --git a/packages/util-linux/Cargo.toml b/packages/util-linux/Cargo.toml deleted file mode 100644 index 87970b76995..00000000000 --- a/packages/util-linux/Cargo.toml +++ /dev/null @@ -1,23 +0,0 @@ -[package] -name = "util-linux" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://www.kernel.org/pub/linux/utils/util-linux" - -[[package.metadata.build-package.external-files]] -url = "https://www.kernel.org/pub/linux/utils/util-linux/v2.39/util-linux-2.39.3.tar.xz" -sha512 = "a2de1672f06ca5d2d431db1265a8499808770c3781019ec4a3a40170df4685826d8e3ca120841dcc5df4681ca8c935a993317bd0dc70465b21bf8e0efef65afa" - -[build-dependencies] -glibc = { path = "../glibc" } -libacl = { path = "../libacl" } -libselinux = { path = "../libselinux" } -libxcrypt = { path = "../libxcrypt" } -libncurses = { path = "../libncurses" } diff --git a/packages/util-linux/util-linux.spec b/packages/util-linux/util-linux.spec deleted file mode 100644 index 24f04745552..00000000000 --- a/packages/util-linux/util-linux.spec +++ /dev/null @@ -1,354 +0,0 @@ -%global majorminor 2.39 -%global version %{majorminor}.3 - -Name: %{_cross_os}util-linux -Version: %{version} -Release: 1%{?dist} -Summary: A collection of basic system utilities -License: BSD-3-Clause AND BSD-4-Clause-UC AND GPL-1.0-or-later AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-or-later AND LGPL-2.0-or-later AND LGPL-2.1-or-later AND MIT -URL: http://en.wikipedia.org/wiki/Util-linux -Source0: https://www.kernel.org/pub/linux/utils/util-linux/v%{majorminor}/util-linux-%{version}.tar.xz - -BuildRequires: %{_cross_os}glibc-devel -BuildRequires: %{_cross_os}libacl-devel -BuildRequires: %{_cross_os}libncurses-devel -BuildRequires: %{_cross_os}libselinux-devel -BuildRequires: %{_cross_os}libxcrypt-devel -Requires: %{_cross_os}libacl -Requires: %{_cross_os}libblkid -Requires: %{_cross_os}libncurses -Requires: %{_cross_os}libmount -Requires: %{_cross_os}libselinux -Requires: %{_cross_os}libsmartcols -Requires: %{_cross_os}libuuid -Requires: %{_cross_os}libxcrypt - -%description -%{summary}. - -%package -n %{_cross_os}libblkid -Summary: Block device ID library -License: LGPL-2.1-or-later - -%description -n %{_cross_os}libblkid -%{summary}. - -%package -n %{_cross_os}libblkid-devel -Summary: Files for development using the block device ID library -License: LGPL-2.1-or-later -Requires: %{_cross_os}libblkid - -%description -n %{_cross_os}libblkid-devel -%{summary}. - -%package -n %{_cross_os}libfdisk -Summary: Partition table library -License: LGPL-2.1-or-later - -%description -n %{_cross_os}libfdisk -%{summary}. - -%package -n %{_cross_os}libfdisk-devel -Summary: Files for development using the partition table library -License: LGPL-2.1-or-later -Requires: %{_cross_os}libfdisk - -%description -n %{_cross_os}libfdisk-devel -%{summary}. - -%package -n %{_cross_os}libmount -Summary: Device mounting library -License: LGPL-2.1-or-later -Requires: %{_cross_os}libblkid -Requires: %{_cross_os}libselinux - -%description -n %{_cross_os}libmount -%{summary}. - -%package -n %{_cross_os}libmount-devel -Summary: Files for development using the device mounting library -License: LGPL-2.1-or-later -Requires: %{_cross_os}libblkid-devel -Requires: %{_cross_os}libmount - -%description -n %{_cross_os}libmount-devel -%{summary}. - -%package -n %{_cross_os}libsmartcols -Summary: Formatting library for ls-like programs -License: LGPL-2.1-or-later - -%description -n %{_cross_os}libsmartcols -%{summary}. - -%package -n %{_cross_os}libsmartcols-devel -Summary: Files for development using the formatting library for ls-like programs -License: LGPL-2.1-or-later -Requires: %{_cross_os}libsmartcols - -%description -n %{_cross_os}libsmartcols-devel -%{summary}. - -%package -n %{_cross_os}libuuid -Summary: Universally unique ID library -License: BSD-3-Clause - -%description -n %{_cross_os}libuuid -%{summary}. - -%package -n %{_cross_os}libuuid-devel -Summary: Files for development using the universally unique ID library -License: BSD-3-Clause -Requires: %{_cross_os}libuuid - -%description -n %{_cross_os}libuuid-devel -%{summary}. - -%prep -%autosetup -n util-linux-%{version} -p1 - -cp Documentation/licenses/COPYING.* . - -%build - -%cross_configure \ - --disable-makeinstall-chown \ - --disable-nls \ - --disable-rpath \ - --enable-all-programs \ - --enable-libblkid \ - --enable-libfdisk \ - --enable-libmount \ - --enable-libsmartcols \ - --enable-libuuid \ - --enable-usrdir-path \ - --with-selinux \ - --without-audit \ - --without-python \ - --without-readline \ - --without-systemd \ - --without-udev \ - --without-utempter \ - -%force_disable_rpath - -%make_build - -%install -%make_install - -# add attribution.txt files for lib subpackages that need them, since the -# default macro only generates attribution.txt for the main package -for lib in lib{blkid,fdisk,mount,smartcols,uuid}; do - mkdir -p %{buildroot}%{_cross_licensedir}/${lib} - echo "${lib} - %{url}" >> %{buildroot}%{_cross_licensedir}/${lib}/attribution.txt -done - -# most lib subpackages are LGPL-2.1-or-later -for lib in lib{blkid,fdisk,mount,smartcols}; do - echo "SPDX-License-Identifier: LGPL-2.1-or-later" \ - | tee -a %{buildroot}%{_cross_licensedir}/${lib}/attribution.txt >/dev/null - cp -a COPYING.LGPL-2.1-or-later %{buildroot}%{_cross_licensedir}/${lib} -done - -# libuuid is BSD-3-Clause -for lib in libuuid; do - echo "SPDX-License-Identifier: BSD-3-Clause" \ - | tee -a %{buildroot}%{_cross_licensedir}/${lib}/attribution.txt >/dev/null - cp -a COPYING.BSD-3-Clause %{buildroot}%{_cross_licensedir}/${lib} -done - -%files -%license COPYING.BSD-3-Clause COPYING.BSD-4-Clause-UC COPYING.GPL-2.0-or-later COPYING.LGPL-2.1-or-later -%{_cross_attribution_file} -%{_cross_bindir}/chmem -%{_cross_bindir}/choom -%{_cross_bindir}/chrt -%{_cross_bindir}/dmesg -%{_cross_bindir}/fallocate -%{_cross_bindir}/findmnt -%{_cross_bindir}/flock -%{_cross_bindir}/ionice -%{_cross_bindir}/ipcmk -%{_cross_bindir}/ipcrm -%{_cross_bindir}/ipcs -%{_cross_bindir}/irqtop -%{_cross_bindir}/kill -%{_cross_bindir}/logger -%{_cross_bindir}/lsblk -%{_cross_bindir}/lscpu -%{_cross_bindir}/lsipc -%{_cross_bindir}/lsirq -%{_cross_bindir}/lsfd -%{_cross_bindir}/lslocks -%{_cross_bindir}/lsmem -%{_cross_bindir}/lsns -%{_cross_sbindir}/mkswap -%{_cross_bindir}/more -%{_cross_bindir}/mount -%{_cross_bindir}/newgrp -%{_cross_bindir}/nsenter -%{_cross_bindir}/prlimit -%{_cross_bindir}/renice -%{_cross_bindir}/setsid -%{_cross_sbindir}/swaplabel -%{_cross_sbindir}/swapoff -%{_cross_sbindir}/swapon -%{_cross_bindir}/taskset -%{_cross_bindir}/uclampset -%{_cross_bindir}/umount -%{_cross_bindir}/unshare -%{_cross_bindir}/uuidgen -%{_cross_bindir}/uuidparse -%exclude %{_cross_bindir}/cal -%exclude %{_cross_bindir}/col -%exclude %{_cross_bindir}/colcrt -%exclude %{_cross_bindir}/colrm -%exclude %{_cross_bindir}/column -%exclude %{_cross_bindir}/eject -%exclude %{_cross_bindir}/fincore -%exclude %{_cross_bindir}/getopt -%exclude %{_cross_bindir}/hardlink -%exclude %{_cross_bindir}/hexdump -%exclude %{_cross_bindir}/isosize -%exclude %{_cross_bindir}/last -%exclude %{_cross_bindir}/lastb -%exclude %{_cross_bindir}/line -%exclude %{_cross_bindir}/linux32 -%exclude %{_cross_bindir}/linux64 -%exclude %{_cross_bindir}/look -%exclude %{_cross_bindir}/lslogins -%exclude %{_cross_bindir}/mcookie -%exclude %{_cross_bindir}/mesg -%exclude %{_cross_bindir}/mountpoint -%exclude %{_cross_bindir}/namei -%exclude %{_cross_bindir}/pg -%exclude %{_cross_bindir}/rename -%exclude %{_cross_bindir}/rev -%exclude %{_cross_bindir}/script -%exclude %{_cross_bindir}/scriptlive -%exclude %{_cross_bindir}/scriptreplay -%exclude %{_cross_bindir}/setarch -%exclude %{_cross_bindir}/setterm -%exclude %{_cross_bindir}/ul -%exclude %{_cross_bindir}/uname26 -%exclude %{_cross_bindir}/utmpdump -%exclude %{_cross_bindir}/wall -%exclude %{_cross_bindir}/wdctl -%exclude %{_cross_bindir}/whereis -%exclude %{_cross_bindir}/write -%exclude %{_cross_bindir}/fadvise -%exclude %{_cross_bindir}/pipesz -%exclude %{_cross_bindir}/waitpid -%if "%{_cross_arch}" == "x86_64" -%exclude %{_cross_bindir}/i386 -%exclude %{_cross_bindir}/x86_64 -%endif - -%{_cross_sbindir}/addpart -%{_cross_sbindir}/agetty -%{_cross_sbindir}/blkdiscard -%{_cross_sbindir}/blkid -%{_cross_sbindir}/blkzone -%{_cross_sbindir}/blockdev -%{_cross_sbindir}/chcpu -%{_cross_sbindir}/delpart -%{_cross_sbindir}/findfs -%{_cross_sbindir}/fsck -%{_cross_sbindir}/fsfreeze -%{_cross_sbindir}/fstrim -%{_cross_sbindir}/losetup -%{_cross_sbindir}/mkfs -%{_cross_sbindir}/nologin -%{_cross_sbindir}/partx -%{_cross_sbindir}/pivot_root -%{_cross_sbindir}/resizepart -%{_cross_sbindir}/switch_root -%{_cross_sbindir}/wipefs -%exclude %{_cross_sbindir}/hwclock -%exclude %{_cross_sbindir}/cfdisk -%exclude %{_cross_sbindir}/ctrlaltdel -%exclude %{_cross_sbindir}/fdformat -%exclude %{_cross_sbindir}/fdisk -%exclude %{_cross_sbindir}/fsck.minix -%exclude %{_cross_sbindir}/ldattach -%exclude %{_cross_sbindir}/mkfs.bfs -%exclude %{_cross_sbindir}/mkfs.minix -%exclude %{_cross_sbindir}/raw -%exclude %{_cross_sbindir}/readprofile -%exclude %{_cross_sbindir}/rfkill -%exclude %{_cross_sbindir}/rtcwake -%exclude %{_cross_sbindir}/sfdisk -%exclude %{_cross_sbindir}/sulogin -%exclude %{_cross_sbindir}/tunelp -%exclude %{_cross_sbindir}/uuidd -%exclude %{_cross_sbindir}/vigr -%exclude %{_cross_sbindir}/vipw -%exclude %{_cross_sbindir}/zramctl -%exclude %{_cross_sbindir}/blkpr - -%exclude %{_cross_bashdir} -%exclude %{_cross_docdir} -%exclude %{_cross_mandir} - -%files -n %{_cross_os}libblkid -%license %{_cross_licensedir}/libblkid/COPYING.LGPL-2.1-or-later -%license %{_cross_licensedir}/libblkid/attribution.txt -%{_cross_libdir}/libblkid.so.* - -%files -n %{_cross_os}libblkid-devel -%{_cross_libdir}/libblkid.a -%{_cross_libdir}/libblkid.so -%dir %{_cross_includedir}/blkid -%{_cross_includedir}/blkid/blkid.h -%{_cross_pkgconfigdir}/blkid.pc - -%files -n %{_cross_os}libfdisk -%license %{_cross_licensedir}/libfdisk/COPYING.LGPL-2.1-or-later -%license %{_cross_licensedir}/libfdisk/attribution.txt -%{_cross_libdir}/libfdisk.so.* - -%files -n %{_cross_os}libfdisk-devel -%{_cross_libdir}/libfdisk.a -%{_cross_libdir}/libfdisk.so -%dir %{_cross_includedir}/libfdisk -%{_cross_includedir}/libfdisk/libfdisk.h -%{_cross_pkgconfigdir}/fdisk.pc - -%files -n %{_cross_os}libmount -%license %{_cross_licensedir}/libmount/COPYING.LGPL-2.1-or-later -%license %{_cross_licensedir}/libmount/attribution.txt -%{_cross_libdir}/libmount.so.* - -%files -n %{_cross_os}libmount-devel -%{_cross_libdir}/libmount.a -%{_cross_libdir}/libmount.so -%dir %{_cross_includedir}/libmount -%{_cross_includedir}/libmount/libmount.h -%{_cross_pkgconfigdir}/mount.pc - -%files -n %{_cross_os}libsmartcols -%license %{_cross_licensedir}/libsmartcols/COPYING.LGPL-2.1-or-later -%license %{_cross_licensedir}/libsmartcols/attribution.txt -%{_cross_libdir}/libsmartcols.so.* - -%files -n %{_cross_os}libsmartcols-devel -%{_cross_libdir}/libsmartcols.a -%{_cross_libdir}/libsmartcols.so -%dir %{_cross_includedir}/libsmartcols -%{_cross_includedir}/libsmartcols/libsmartcols.h -%{_cross_pkgconfigdir}/smartcols.pc - -%files -n %{_cross_os}libuuid -%license %{_cross_licensedir}/libuuid/COPYING.BSD-3-Clause -%license %{_cross_licensedir}/libuuid/attribution.txt -%{_cross_libdir}/libuuid.so.* - -%files -n %{_cross_os}libuuid-devel -%{_cross_libdir}/libuuid.a -%{_cross_libdir}/libuuid.so -%dir %{_cross_includedir}/uuid -%{_cross_includedir}/uuid/uuid.h -%{_cross_pkgconfigdir}/uuid.pc - -%changelog diff --git a/packages/wicked/0001-dhcp6-refresh-ipv6-flags-on-staring-in-auto-mode.patch b/packages/wicked/0001-dhcp6-refresh-ipv6-flags-on-staring-in-auto-mode.patch deleted file mode 100644 index cafe18359b9..00000000000 --- a/packages/wicked/0001-dhcp6-refresh-ipv6-flags-on-staring-in-auto-mode.patch +++ /dev/null @@ -1,43 +0,0 @@ -From c207c8b8dfd2d6e73f2014da69bbe437e49f21db Mon Sep 17 00:00:00 2001 -From: Marius Tomaschewski -Date: Thu, 13 Oct 2022 14:57:15 +0200 -Subject: [PATCH] dhcp6: refresh ipv6 flags on staring in auto mode - -In some cases, like during an "ifup ; ifup" there is no NEWLINK -event from kernel providing the IPv6 ready, rs-sent, ra-rcvd, -ra-managed or ra-otherconf flags about the router advertisement -(RA) processing we're using to reliably resolve the auto mode -(aka follow-ra mode), so we've changed to actively query them. - -(cherry picked from commit 3f1604e716729ae410ed64a9512a87e1868fcf34) ---- - src/dhcp6/device.c | 6 ++---- - 1 file changed, 2 insertions(+), 4 deletions(-) - -diff --git a/src/dhcp6/device.c b/src/dhcp6/device.c -index 9b9bb009..f36b16c9 100644 ---- a/src/dhcp6/device.c -+++ b/src/dhcp6/device.c -@@ -487,8 +487,7 @@ ni_dhcp6_device_start_auto_prefix(ni_dhcp6_device_t *dev) - - /* refresh in case kernel forgot to send it - * (we increment timeout between attempts) */ -- if (dev->config->dry_run != NI_DHCP6_RUN_NORMAL) -- ni_dhcp6_device_refresh_mode(dev, ifp); -+ ni_dhcp6_device_refresh_mode(dev, ifp); - - /* request prefix after 1/3 defer timeout */ - ni_timer_get_time(&now); -@@ -524,8 +523,7 @@ ni_dhcp6_device_start_auto(ni_dhcp6_device_t *dev) - - /* refresh in case kernel forgot to send it - * (we increment timeout between attempts) */ -- if (dev->config->dry_run != NI_DHCP6_RUN_NORMAL) -- ni_dhcp6_device_refresh_mode(dev, ifp); -+ ni_dhcp6_device_refresh_mode(dev, ifp); - - if (dev->config->mode & NI_BIT(NI_DHCP6_MODE_AUTO)) - return ni_dhcp6_device_start_timer_arm(dev); --- -2.40.1 - diff --git a/packages/wicked/1001-avoid-gcrypt-dependency.patch b/packages/wicked/1001-avoid-gcrypt-dependency.patch deleted file mode 100644 index a80cde3c505..00000000000 --- a/packages/wicked/1001-avoid-gcrypt-dependency.patch +++ /dev/null @@ -1,231 +0,0 @@ -From 86613c3486af4c01c3281b8064ffeaea1566732b Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Fri, 9 Aug 2019 16:39:28 +0000 -Subject: [PATCH 1/4] avoid gcrypt dependency - -gcrypt is only used for its implementations of SHA-1 and MD5, in order -to generate UUIDs to fingerprint the XML configuration files. These -UUIDs are considered by `wicked ifreload` to determine whether file -contents have changed. - -For now we expect a single networking configuration file and do not -need to reload it, so we can bypass this mechanism and the unwanted -dependency on gcrypt. - -Signed-off-by: Ben Cressey ---- - configure.ac | 8 -------- - src/hashcsum.c | 48 +++++++++++++++--------------------------------- - src/netinfo.c | 42 ------------------------------------------ - 3 files changed, 15 insertions(+), 83 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 08df65ca..b94dcf48 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -242,14 +242,6 @@ AC_CHECK_LIB([anl], [getaddrinfo_a], [LIBANL_LIBS="-lanl"],[ - ]) - AC_SUBST(LIBANL_LIBS) - --# Checks for libgcrypt and it's minimal version; --# libgcrypt-1.5.0 as on SLE-11-SP3 is sufficient. --REQUIRE_LIBGCRYPT="1.5.0" --AM_PATH_LIBGCRYPT([$REQUIRE_LIBGCRYPT],,[ -- AC_MSG_ERROR([Unable to find sufficient libgcrypt version]) --]) --AC_SUBST(REQUIRE_LIBGCRYPT) -- - # Checks for pkg-config modules. - PKG_CHECK_MODULES(LIBNL, [libnl-3.0 libnl-route-3.0]) - PKG_CHECK_MODULES(LIBDBUS, [dbus-1]) -diff --git a/src/hashcsum.c b/src/hashcsum.c -index 4fc0dfce..eeb41eee 100644 ---- a/src/hashcsum.c -+++ b/src/hashcsum.c -@@ -27,10 +27,12 @@ - - #include - #include --#include -+#include -+ -+#define NI_HASHCTX_MD5_MD_LENGTH 16 -+#define NI_HASHCTX_SHA1_MD_LENGTH 20 - - struct ni_hashctx { -- gcry_md_hd_t handle; - unsigned int md_length; - }; - -@@ -38,20 +40,16 @@ struct ni_hashctx { - * Create a new hash context - */ - ni_hashctx_t * --__ni_hashctx_new(int algo) -+__ni_hashctx_new(int len) - { - ni_hashctx_t *ctx; -- gcry_error_t err; -- - ctx = calloc(1, sizeof(*ctx)); -- err = gcry_md_open(&ctx->handle, algo, 0); -- if (err) { -- ni_error("%s: gcry_md_open failed", __func__); -- ni_hashctx_free(ctx); -+ if (ctx == NULL) { -+ ni_error("%s: calloc failed", __func__); - return NULL; - } - -- ctx->md_length = gcry_md_get_algo_dlen(algo); -+ ctx->md_length = len; - return ctx; - } - -@@ -60,9 +58,9 @@ ni_hashctx_new(ni_hashctx_algo_t algo) - { - switch (algo) { - case NI_HASHCTX_MD5: -- return __ni_hashctx_new(GCRY_MD_MD5); -+ return __ni_hashctx_new(NI_HASHCTX_MD5_MD_LENGTH); - case NI_HASHCTX_SHA1: -- return __ni_hashctx_new(GCRY_MD_SHA1); -+ return __ni_hashctx_new(NI_HASHCTX_SHA1_MD_LENGTH); - - default: - return NULL; -@@ -75,10 +73,6 @@ ni_hashctx_new(ni_hashctx_algo_t algo) - void - ni_hashctx_free(ni_hashctx_t *ctx) - { -- if (ctx && ctx->handle) { -- gcry_md_close(ctx->handle); -- ctx->handle = NULL; -- } - free(ctx); - } - -@@ -88,13 +82,13 @@ ni_hashctx_free(ni_hashctx_t *ctx) - void - ni_hashctx_begin(ni_hashctx_t *ctx) - { -- gcry_md_reset(ctx->handle); -+ // no-op - } - - void - ni_hashctx_finish(ni_hashctx_t *ctx) - { -- gcry_md_final(ctx->handle); -+ // no-op - } - - unsigned int -@@ -106,19 +100,9 @@ ni_hashctx_get_digest_length(ni_hashctx_t *ctx) - int - ni_hashctx_get_digest(ni_hashctx_t *ctx, void *md_buffer, size_t md_size) - { -- void *md; -- -- if (ctx->handle == NULL) -- return -1; -- -- if (!(md = gcry_md_read(ctx->handle, 0))) { -- ni_error("%s: failed to obtain digest", __func__); -- return -1; -- } -- - if (md_size > ctx->md_length) - md_size = ctx->md_length; -- memcpy(md_buffer, md, md_size); -+ memset(md_buffer, 0, md_size); - return md_size; - } - -@@ -128,14 +112,12 @@ ni_hashctx_get_digest(ni_hashctx_t *ctx, void *md_buffer, size_t md_size) - void - ni_hashctx_put(ni_hashctx_t *ctx, const void *data, size_t len) - { -- if (data && len) -- gcry_md_write(ctx->handle, data, len); -+ // no-op - } - - void - ni_hashctx_puts(ni_hashctx_t *ctx, const char *string) - { -- if (string) -- gcry_md_write(ctx->handle, string, strlen(string)); -+ // no-op - } - -diff --git a/src/netinfo.c b/src/netinfo.c -index 9598155d..63bb6a9f 100644 ---- a/src/netinfo.c -+++ b/src/netinfo.c -@@ -33,7 +33,6 @@ - #include "modem-manager.h" - #include "dhcp6/options.h" - #include "dhcp.h" --#include - - extern void ni_addrconf_updater_free(ni_addrconf_updater_t **); - -@@ -70,44 +69,6 @@ ni_init(const char *appname) - return ni_init_ex(appname, NULL, NULL); - } - --static int --__ni_init_gcrypt(void) --{ --/* -- * gcry_check_version checks for minmum version -- * we want consider sufficient and returns NULL -- * on failures. -- * -- * configure.ac checks and defines the minimum; -- * when our requirements change, adjust there. -- * -- * With NULL, we don't require a minimum version -- * but call the function to initialize libgcrypt -- * and trust the linker and library soname. -- */ --#ifndef REQUIRE_LIBGCRYPT --#define REQUIRE_LIBGCRYPT NULL --#endif -- if (!gcry_check_version(REQUIRE_LIBGCRYPT)) { -- ni_error("libgcrypt version mismatch: built %s, required >= %s", -- GCRYPT_VERSION, REQUIRE_LIBGCRYPT); -- return -1; -- } -- -- if (gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) -- return 0; -- -- gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); -- gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0); -- gcry_control (GCRYCTL_RESUME_SECMEM_WARN); -- gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); -- if (!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) { -- ni_error("Unable to initialize libgcrypt"); -- return -1; -- } -- return 0; --} -- - int - ni_init_ex(const char *appname, ni_init_appdata_callback_t *cb, void *appdata) - { -@@ -121,9 +82,6 @@ ni_init_ex(const char *appname, ni_init_appdata_callback_t *cb, void *appdata) - /* We're using randomized timeouts. Seed the RNG */ - ni_srandom(); - -- if (__ni_init_gcrypt() < 0) -- return -1; -- - if (ni_global.config_path == NULL) { - if (appname == NULL) { - /* Backward compatible - for now. --- -2.32.0 - diff --git a/packages/wicked/1002-exclude-unused-components.patch b/packages/wicked/1002-exclude-unused-components.patch deleted file mode 100644 index ee815414310..00000000000 --- a/packages/wicked/1002-exclude-unused-components.patch +++ /dev/null @@ -1,31 +0,0 @@ -From ddd3d20d40b8df6c97312f8ad723ca543a08e046 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Sat, 10 Aug 2019 04:53:31 +0000 -Subject: [PATCH 2/4] exclude unused components - -The extensions are all shell scripts, which we don't support. The docs -require a native helper program to generate, which doesn't work. While -we're at it, turn off the man pages and the testing code that we won't -end up using. - -Signed-off-by: Ben Cressey ---- - Makefile.am | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile.am b/Makefile.am -index 71c2fbb5..0278e40b 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -6,7 +6,7 @@ MAINTAINERCLEANFILES = Makefile.in aclocal.m4 config.guess config.* \ - $(DIST_ARCHIVES) $(PACKAGE)-*.tar.bz2 - - SUBDIRS = include src util schema client server nanny \ -- autoip4 dhcp4 dhcp6 etc extensions man doc testing -+ dhcp4 dhcp6 etc - - - pkgconfig_DATA = wicked.pc --- -2.32.0 - diff --git a/packages/wicked/1003-ship-mkconst-and-schema-sources-for-runtime-use.patch b/packages/wicked/1003-ship-mkconst-and-schema-sources-for-runtime-use.patch deleted file mode 100644 index 65ec8ce39d5..00000000000 --- a/packages/wicked/1003-ship-mkconst-and-schema-sources-for-runtime-use.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 66a794b0eeda8c293e29614c2072f265586d8805 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Sat, 10 Aug 2019 18:31:42 +0000 -Subject: [PATCH 3/4] ship mkconst and schema sources for runtime use - -`mkconst` needs to be compiled for the host architecture, but relies -on most of the sources in wicked and needs all of the same libraries. - -This is a much greater dependency on the host OS than we care to take. -For now we punt the problem to runtime and expect `constants.xml` to -be created out-of-band. - -Signed-off-by: Ben Cressey ---- - schema/Makefile.am | 2 +- - util/Makefile.am | 3 ++- - 2 files changed, 3 insertions(+), 2 deletions(-) - -diff --git a/schema/Makefile.am b/schema/Makefile.am -index 462dc044..03a4bcd3 100644 ---- a/schema/Makefile.am -+++ b/schema/Makefile.am -@@ -4,7 +4,7 @@ MAINTAINERCLEANFILES = Makefile.in - - wicked_schema_DATA = \ - $(wicked_schema_files) \ -- $(wicked_schema_built) -+ $(wicked_schema_sources) - - wicked_schema_files = \ - addrconf.xml \ -diff --git a/util/Makefile.am b/util/Makefile.am -index 2af1435b..bb9697e1 100644 ---- a/util/Makefile.am -+++ b/util/Makefile.am -@@ -2,7 +2,8 @@ - CLEANFILES = *~ - MAINTAINERCLEANFILES = Makefile.in - --noinst_PROGRAMS = mkconst schema2html -+wicked_sbin_PROGRAMS = mkconst -+noinst_PROGRAMS = schema2html - - AM_CPPFLAGS = -I$(top_srcdir)/src \ - -I$(top_srcdir)/include --- -2.32.0 - diff --git a/packages/wicked/1004-adjust-safeguard-for-dhcp6-defer-timeout.patch b/packages/wicked/1004-adjust-safeguard-for-dhcp6-defer-timeout.patch deleted file mode 100644 index 3847e685bd9..00000000000 --- a/packages/wicked/1004-adjust-safeguard-for-dhcp6-defer-timeout.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 872581355f4bff115abd849267b52bb96ef8d4bb Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Mon, 8 Nov 2021 05:13:35 +0000 -Subject: [PATCH 4/4] adjust safeguard for dhcp6 defer timeout - -For low timeout values, such as one second, we could sometimes wait -twice as long as expected if the timer fired early. If we're within -one second of the deadline, consider it done. - -Signed-off-by: Ben Cressey ---- - src/dhcp6/fsm.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/dhcp6/fsm.c b/src/dhcp6/fsm.c -index 08624b49..b864efd6 100644 ---- a/src/dhcp6/fsm.c -+++ b/src/dhcp6/fsm.c -@@ -569,7 +569,7 @@ ni_dhcp6_fsm_timeout(ni_dhcp6_device_t *dev) - /* Do we still need this safeguard? */ - deadline = ni_lifetime_left(dev->config->defer_timeout, - &dev->start_time, NULL); -- if (deadline) { -+ if (deadline > 1) { - ni_dhcp6_fsm_set_timeout_sec(dev, deadline); - dev->fsm.fail_on_timeout = 0; - return; --- -2.32.0 - diff --git a/packages/wicked/1005-client-validate-ethernet-namespace-node.patch b/packages/wicked/1005-client-validate-ethernet-namespace-node.patch deleted file mode 100644 index 077353990b2..00000000000 --- a/packages/wicked/1005-client-validate-ethernet-namespace-node.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 63bd7bb45b45ef7a44afb4190a7f04bf83e841f5 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Tue, 25 Oct 2022 18:05:20 +0000 -Subject: [PATCH] client: validate ethernet namespace node - -Validate the ethernet namespace node in config files to identify -interfaces via other means than their name, here via their hardware -address. This restores a previously existing feature (see -samples/wicked/eth0-identify.xml) that stopped working due to extra -validation added at a later point. - -Fixes: ad7b47d0a ("client: Check for config priorities at reading stage") -Signed-off-by: Markus Boehme ---- - client/read-config.c | 56 ++++++++++++++++++++++++++++++++++++++++---- - 1 file changed, 51 insertions(+), 5 deletions(-) - -diff --git a/client/read-config.c b/client/read-config.c -index 231d656..8965848 100644 ---- a/client/read-config.c -+++ b/client/read-config.c -@@ -327,19 +327,23 @@ __ifconfig_read_get_ifname(xml_node_t *ifnode, unsigned int *ifindex) - const char *namespace; - char *ifname = NULL; - -- /* Check for node */ -+ /* Check for node */ - nnode = xml_node_get_child(ifnode, "name"); -- if (!nnode || ni_string_empty(nnode->cdata)) { -+ if (!nnode) { - ni_debug_ifconfig("cannot get interface name - " -- "config has no valid node"); -+ "config has no node"); - goto error; - } - -- ifname = nnode->cdata; -- - /* Resolve a namespace if specified */ - namespace = xml_node_get_attr(nnode, "namespace"); - if (ni_string_empty(namespace)) { -+ if (ni_string_empty(nnode->cdata)) { -+ ni_debug_ifconfig("config is missing an interface name in node"); -+ goto error; -+ } -+ ifname = nnode->cdata; -+ - if (ifindex) - *ifindex = if_nametoindex(ifname); - } -@@ -347,6 +351,12 @@ __ifconfig_read_get_ifname(xml_node_t *ifnode, unsigned int *ifindex) - unsigned int value; - char name_buf[IF_NAMESIZE+1]; - -+ if (ni_string_empty(nnode->cdata)) { -+ ni_debug_ifconfig("config is missing an interface name in node"); -+ goto error; -+ } -+ ifname = nnode->cdata; -+ - if (ni_parse_uint(ifname, &value, 10) < 0) { - ni_debug_ifconfig("unable to parse ifindex value " - " specified via "); -@@ -366,6 +376,42 @@ __ifconfig_read_get_ifname(xml_node_t *ifnode, unsigned int *ifindex) - if (ifindex) - *ifindex = value; - } -+ else if (ni_string_eq(namespace, "ethernet")) { -+ xml_node_t *addrnode = NULL; -+ ni_string_array_t all_ifnames = NI_STRING_ARRAY_INIT; -+ unsigned int i; -+ -+ addrnode = xml_node_get_child(nnode, "permanent-address"); -+ if (!addrnode || ni_string_empty(addrnode->cdata)) { -+ ni_debug_ifconfig("cannot get interface name - " -+ "config has no valid node"); -+ goto error; -+ } -+ -+ if (ni_scandir("/sys/class/net", NULL, &all_ifnames) <= 0) { -+ ni_debug_ifconfig("unable to enumerate network interfaces in sysfs"); -+ goto error; -+ } -+ -+ for (i = 0; i < all_ifnames.count; i++) { -+ const char *cur_ifname = all_ifnames.data[i]; -+ char *cur_address = NULL; -+ ni_bool_t address_matches = FALSE; -+ -+ if (ni_sysfs_netif_get_string(cur_ifname, "address", &cur_address) < 0) -+ continue; -+ cur_address = ni_string_strip_suffix(cur_address, "\n"); -+ -+ address_matches = ni_string_eq_nocase(cur_address, addrnode->cdata); -+ ni_string_free(&cur_address); -+ if (address_matches) { -+ ni_string_dup(&ifname, cur_ifname); -+ break; -+ } -+ } -+ -+ ni_string_array_destroy(&all_ifnames); -+ } - else { - /* TODO: Implement other namespaces */; - } --- -2.36.1 - diff --git a/packages/wicked/1006-server-discover-hardware-address-of-unconfigured-int.patch b/packages/wicked/1006-server-discover-hardware-address-of-unconfigured-int.patch deleted file mode 100644 index 74dad02bef9..00000000000 --- a/packages/wicked/1006-server-discover-hardware-address-of-unconfigured-int.patch +++ /dev/null @@ -1,39 +0,0 @@ -From acec9e1b2ece15c0c2cceeef3339dc41384373f3 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Tue, 25 Oct 2022 19:34:25 +0000 -Subject: [PATCH] server: discover hardware address of unconfigured interface - -When restarting wickedd while an interface is left unconfigured, its -hardware address will not be discovered and hence the interface cannot -be identified (and subsequently brought up) via its hardware address. - -During start, the server requests a dump of all interfaces from the -kernel via netlink. Hardware addresses are queried for if the interface -is marked ready. However, the interface will only be marked ready at a -later point during start, when the interface state is discovered via -calls to udev. - -Fix this by (re-)querying the hardware address when the interface state -is discovered, not only when the kernel informs wicked about interface -changes. - -Signed-off-by: Markus Boehme ---- - server/main.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/server/main.c b/server/main.c -index 375a808..3e5c707 100644 ---- a/server/main.c -+++ b/server/main.c -@@ -328,6 +328,7 @@ discover_udev_netdev_state(ni_netdev_t *dev) - * flag (rules processed / already renamed by udev) - * as ethtool is a query by ifname... - */ -+ __ni_system_ethernet_refresh(dev); - ni_system_ethtool_refresh(dev); - } - --- -2.36.1 - diff --git a/packages/wicked/1007-dhpc6-don-t-cancel-transmission-if-random-delay-happ.patch b/packages/wicked/1007-dhpc6-don-t-cancel-transmission-if-random-delay-happ.patch deleted file mode 100644 index ec3eb1d632c..00000000000 --- a/packages/wicked/1007-dhpc6-don-t-cancel-transmission-if-random-delay-happ.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 1a913cf6bae1e170229c1ddb49d0c2a099eb8789 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Fri, 26 May 2023 13:27:28 +0200 -Subject: [PATCH] dhpc6: don't cancel transmission if random delay happens to - be 0 ms - -If the randomized transmission delay in ni_dhcp6_device_transmit_arm_delay -happens to be 0 ms including jitter then ni_dhcp6_fsm_set_timeout_msec will -interpret that as the request to cancel the timer and no message will be -sent. In the case of a Solicitation message, no lease will ever be -acquired. Fix this by signaling the intent to transmit immediately to the -caller if the delay happens to be 0 ms. - -Reported-by: Zac Mrowicki -Signed-off-by: Markus Boehme ---- - src/dhcp6/device.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/src/dhcp6/device.c b/src/dhcp6/device.c -index f36b16c..e5ee99e 100644 ---- a/src/dhcp6/device.c -+++ b/src/dhcp6/device.c -@@ -790,6 +790,8 @@ ni_dhcp6_device_transmit_arm_delay(ni_dhcp6_device_t *dev) - jitter.min = 0; - jitter.max = dev->retrans.delay; - delay = ni_timeout_randomize(0, &jitter); -+ if (delay == 0) -+ return FALSE; - - ni_debug_dhcp("%s: setting initial transmit delay of 0 .. %u.%03us", - dev->ifname, NI_TIMEOUT_SEC(delay), NI_TIMEOUT_MSEC(delay)); --- -2.40.1 - diff --git a/packages/wicked/1008-dhcp6-reduce-maximum-initial-solicitation-delay-to-1.patch b/packages/wicked/1008-dhcp6-reduce-maximum-initial-solicitation-delay-to-1.patch deleted file mode 100644 index 5246674ac34..00000000000 --- a/packages/wicked/1008-dhcp6-reduce-maximum-initial-solicitation-delay-to-1.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 5aa6eff182204b312007ac44dcfffdf4dc6b7428 Mon Sep 17 00:00:00 2001 -From: Markus Boehme -Date: Fri, 26 May 2023 16:21:11 +0200 -Subject: [PATCH] dhcp6: reduce maximum initial solicitation delay to 100 ms - -While RFC 3315 requires the initial solicitation delay to be randomly -chosen between 0 and 1000 ms to prevent a thundering herd of synchronized -clients during mass reboots, not all clients (e.g. systemd-networkd) follow -this. Reduce the maximum delay to 100 ms which, together with natural -jitter during boot, still seems plenty and cuts down the time to lease. - -Note that the more recent RFC 8415 softened its stance a bit. The -initial solicitation delay "SHOULD" be followed, i.e. is recommended but -not required. - -Signed-off-by: Markus Boehme ---- - src/dhcp6/protocol.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/dhcp6/protocol.h b/src/dhcp6/protocol.h -index cd917ba..5f40902 100644 ---- a/src/dhcp6/protocol.h -+++ b/src/dhcp6/protocol.h -@@ -119,7 +119,7 @@ enum NI_DHCP6_MSG_TYPE { - * Parameter Value Description - * --------------------------------------------------------------------------- - */ --#define NI_DHCP6_SOL_MAX_DELAY 1000 /* Max delay of first Solicit */ -+#define NI_DHCP6_SOL_MAX_DELAY 100 /* Max delay of first Solicit */ - #define NI_DHCP6_SOL_TIMEOUT 1000 /* Initial Solicit timeout */ - #define NI_DHCP6_SOL_MAX_RT 3600000 /* Max Solicit timeout value */ - #define NI_DHCP6_REQ_TIMEOUT 1000 /* Initial Request timeout */ --- -2.40.1 - diff --git a/packages/wicked/Cargo.toml b/packages/wicked/Cargo.toml deleted file mode 100644 index c779670050d..00000000000 --- a/packages/wicked/Cargo.toml +++ /dev/null @@ -1,23 +0,0 @@ -[package] -name = "wicked" -version = "0.1.0" -edition = "2021" -publish = false -build = "../build.rs" - -[lib] -path = "../packages.rs" - -[package.metadata.build-package] -releases-url = "https://github.com/openSUSE/wicked/releases" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/openSUSE/wicked/archive/version-0.6.68.tar.gz" -sha512 = "b087d58b84d44a33ae9e88fdf3a8a4c5dbe5046c7a42450bd449fcd9903bb0c6e1635f1bdf7ba98ffdb9729133f7450065ea4605542e779caf44ff241d91cb93" - -[build-dependencies] -glibc = { path = "../glibc" } -libdbus = { path = "../libdbus" } -libiw = { path = "../libiw" } -libnl = { path = "../libnl" } -systemd = { path = "../systemd" } diff --git a/packages/wicked/client.xml b/packages/wicked/client.xml deleted file mode 100644 index 5f87f298e97..00000000000 --- a/packages/wicked/client.xml +++ /dev/null @@ -1,14 +0,0 @@ - - - - - -