aboutsummaryrefslogtreecommitdiffstats
path: root/scripts
Commit message (Collapse)AuthorAgeFilesLines
* scripts: ext-tools: add option to only refresh timestampsChristian Marangi2023-01-231-4/+20
| | | | | | | It's possible to have prebuilt tools already extracted. Add option to just refresh the timestamps. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts: ext-tools: follow links for host tools pathChristian Marangi2023-01-231-1/+1
| | | | | | | Host tools path may be a symbolic link. Use -H with find to follow path links passed from command line to find command. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts/dl_github_archieve.py: fix generating unreproducible tarChristian Marangi2023-01-121-1/+1
| | | | | | | | | | | | | | | Allign dl_github_archieve.py to 8252511dc0b5a71e9e64b96f233a27ad73e28b7f change. On supported system the sigid bit is applied to files and tar archieve that on tar creation. This cause unreproducible tar for these system and these bit should be dropped to produce reproducible tar. Add the missing option following the command options used in other scripts. Fixes: 75ab064d2b38 ("build: download code from github using archive API") Suggested-by: Eneas U de Queiroz <cotequeiroz@gmail.com> Tested-by: Robert Marko <robimarko@gmail.com> Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts: add Apache fastly mirrorDavid Bauer2023-01-071-0/+1
| | | | | | | Add the Apache fastly mirror as preferred download source. This service is using a dual-stacked CDN. Signed-off-by: David Bauer <mail@david-bauer.net>
* scripts: remove redundant character '0x0a' from Linksys image signatureShiji Yang2022-11-271-3/+0
| | | | | | | | | The redundant character '0x0a' after the 192 bytes '0x00' padding broke the factory image. We need to remove it to make things work again. Fixes: e6769d11f3 scripts: fix missing character '0' issue in linksys image Tested-by: Tony Butler <spudz76@gmail.com> Signed-off-by: Shiji Yang <yangshiji66@qq.com>
* scripts: fix dl_cleanup.py argument handlingAndre Heider2022-11-151-3/+6
| | | | | | | | | | The -w|--whitelist and -D|--download-dir arguments pass an additional value, properly evaluate that. Also allow to pass the download directory without -D|--download-dir, just as the usage describes. Finally fix spitting out the wrong error messages about those args. Signed-off-by: Andre Heider <a.heider@gmail.com>
* scripts/mkits.sh: fix portability issueFelix Fietkau2022-11-091-2/+2
| | | | | | | BSD wc can output more whitespaces, which breaks the cut usage. Replace the cut invocation with awk, which is more portable. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mkits: support definition of DTB loadaddrDavid Bauer2022-11-081-1/+7
| | | | | | | Support defining a per-device loadaddress for the DTB. This is required for devices which to not align the DTB from the bootloader correctly. Signed-off-by: David Bauer <mail@david-bauer.net>
* scripts: fix missing character '0' issue in linksys imageShiji Yang2022-10-301-2/+2
| | | | | | | | In the stock firmware of Linksys, there is a '0' after the crc checksum. Validated on EA6350V3, EA7300 and EA7300V2's stock images. Fixes: 892d741259 build: add a script for generating Linksys factory images Signed-off-by: Shiji Yang <yangshiji66@qq.com>
* scripts/download.pl: pass aria2 config in ENV onlyZhang Hua2022-10-201-0/+1
| | | | | | | | | | | | | The aria2c command tries to load config from ${XDG_CONFIG_HOME:-${HOME}/.config}/aria2/aria2.conf by default, which may result unexpected behavior. As a replacement, people can use environment variable ARIA2C_OPTIONS to custom arguments passed to aria2c like curl and wget below. Including --conf-path=/path/to/config.conf in ARIA2C_OPTIONS can also set a custom config file path easily if needed. Signed-off-by: Zhang Hua <zhanghuadedn@gmail.com>
* scripts/download.pl: make the download tool configurableChristian Marangi2022-10-201-13/+35
| | | | | | | | | | | | | | | | | | | | | | Introduce a new option in the "Advanced configuration options" to configure a custom download tool. By declaring a string in "Use custom download tool" an user can force what command to use to download package. With the string empty the default tool used is curl, with wget as a fallback if not available. download.pl supports 3 tools officially aria2c, curl and wget. If one of the tool is used in this config, download.pl will use the default args to make use of them. If the provided string is different than aria2c, curl or wget, the command is used as is and the download url will be appended at the end of such command. While at it also tweak the tool selection logic and chose the tool only once when the script is called and move aria2c specific variables in the relevant section. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts/ext-tools: introduce new script to install prebuilt toolsChristian Marangi2022-09-301-0/+98
| | | | | | | | | | | | | | | Add a simple script to make it easier to install a prebuilt tools tar. Currently it will be used by our tools container and kernel workflow on github. Simple script that take a tar that contains prebuilt host tools, extract them and refresh the timestamps to skip recompilation of such host tools. By default it refresh timestamps of build_dir/host and staging_dir/host/stamp. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts/download.pl: add tsinghua and ustc mirrorsBradford Zhang2022-09-301-0/+9
| | | | | | Add https://mirrors.tuna.tsinghua.edu.cn/ and https://mirrors.ustc.edu.cn/ mirrors into download.pl to speed up download in China. Signed-off-by: Bradford Zhang <zyc@zyc.name>
* scripts/download.pl: generilize and simplify download tool checkChristian Marangi2022-09-281-16/+17
| | | | | | | | | Generilize download tool check and skip other check if a download tool has been found. While at it also reintroduce c836ca84e8f641e10a8349a8f9b7432b33d6cec1 that was previously dropped with aria2c support. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts/download.pl: fix support for aria2c download tool on macosChristian Marangi2022-09-261-6/+8
| | | | | | | | | Currently we use /dev/shm to place aria2c tmp file. This is not present on macos. Use the openwrt tmp directory instead of the linux-only /dev/shm to save compatibility with more os. Fixes: d39123626931 ("download.pl: add aria2c support") Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts/download.pl: fix mirrors regression for curl and wgetChristian Marangi2022-09-261-1/+1
| | | | | | | | | With the introduction of aria2c support, curl and wget no longer try to download the file from mirrors. Fix this regression by emptying the remaining mirrors list only when aria2c is used. Fixes: d39123626931 ("download.pl: add aria2c support") Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts/download.pl: fix whitespace in mirror urls and drop forChristian Marangi2022-09-251-7/+2
| | | | | | | Fix whitespace in mirror urls and replace for loop with join+map logic. Fixes: d39123626931 ("download.pl: add aria2c support") Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* download.pl: add aria2c supportBradford Zhang2022-09-251-13/+40
| | | | | | | | | | | | Use aria2c download tool by default on package download if available in the system. aria2c permits to use multiple mirrors and may improve download speed on special context where servers are hard to reach. Co-authored-by: Christian Marangi <ansuelsmth@gmail.com> Signed-off-by: Bradford Zhang <zyc@zyc.name> [ fix wrong var in the script and improve commit description ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts/dl_cleanup: add support for subdirectoriesMichael Pratt2022-09-221-9/+18
| | | | | | | | | | | Allow comparing subdirectories exactly like files. Handle a corner case where the new subdirectory has the same tarball inside of it as the one that was downloaded before a subdirectory for that package was established. Signed-off-by: Michael Pratt <mcpratt@pm.me>
* scripts: add clean of build dir to dl_cleanup scriptAnsuel Smith2022-09-141-3/+35
| | | | | | | | | | Improve dl_cleanup by adding an option to also clean the build directory related to the downloaded package. The script will check every directory in build_dir/ and check if any old package is present there. If outdated package are found, the old one are cleared leaving only the last one. Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* scripts: assume dl/ the default dir for dl_cleanup scriptAnsuel Smith2022-09-141-8/+12
| | | | | | | Assume dl/ the default dl dir and make it configurable if someone have that in a different place. Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* scripts: add additional regex for dl_cleanupAnsuel Smith2022-09-141-0/+2
| | | | | | | Add additional regex for dl_cleanup script to handle case with xxx-v1.2a and xxx-v1.2.3a Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* scripts/download.pl: fix downloads with wgetPetr Štetiar2022-09-131-2/+8
| | | | | | | | | | | | | | | | | | | | Several users of wget for downloads (curl is not available in the system) have reported broken download functionality: wget --tries=5 --timeout=20 --output-document=- https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.10.142.tar.xz http://: Invalid host name. Thats all happening due to '' was passed as an argument, which got later expanded to http://. In the context of a list constructor '' is not nothing, it is an empty string element. So fix it by using () as it will yield "nothing" and thus not introduce an empty string element. Fixes: #10692 Fixes: 90c6e3aedf16 ("scripts: always check certificates") Signed-off-by: Jo-Philipp Wich <jo@mein.io> [shellwords() -> ()] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* scripts/download.pl: silence can't exec curl warningPetr Štetiar2022-09-131-1/+1
| | | | | | | | | | | When running build in verbose mode `make V=s` we can see a lot of following warnings when curl is not available in the system: Can't exec "curl": No such file or directory at scripts/download.pl line 77. So lets fix it by redirecting of the stderr to null hole. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* scripts: always check certificatesJosh Roys2022-09-101-2/+4
| | | | | | | | | | | | | | | Remove flags from wget and curl instructing them to ignore bad server certificates. Although other mechanisms can protect against malicious modifications of downloads, other vectors of attack may be available to an adversary. TLS certificate verification can be disabled by turning oof the "Enable TLS certificate verification during package download" option enabled by default in the "Global build settings" in "make menuconfig" Signed-off-by: Josh Roys <roysjosh@gmail.com> [ add additional info on how to disable this option ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts: xxdi.pl: add xxd -i compat modePetr Štetiar2022-09-061-18/+19
| | | | | | | | | | | So it can serve as a standalone drop in replacement for xxd utility used currently mostly in U-Boot packages with `xxd -i` mode which outputs C include file style, with aim for byte to byte identical output, so the eventual difference in the generated output is easily spottable. Fixes: #10555 Signed-off-by: Petr Štetiar <ynezz@true.cz> Signed-off-by: Jo-Philipp Wich <jo@mein.io> [perl-fu]
* scripts: xxdi.pl: remove File::Slurp dependencyJo-Philipp Wich2022-09-061-2/+17
| | | | | | | In order to make it more portable. Signed-off-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* scripts: add xxdi.plPetr Štetiar2022-09-061-0/+50
| | | | | | | | | xxdi.pl is a Perl script that implements vim's 'xxd -i' mode so that packages do not have to use all of vim just to get this functionality. References: #10555 Source: https://github.com/gregkh/xxdi/blob/97a6bd5cee05d1b15851981ec38ef5a460ddfcb1/xxdi.pl Signed-off-by: Petr Štetiar <ynezz@true.cz>
* scripts: ext-toolchain: add support for muslChristian Marangi2022-07-241-2/+12
| | | | | | | | Openwrt now supports only glibc and musl. Add support for musl and rework the libc check to handle the new config flags and correctly compile package basend on that. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts: ext-toolchain: add support for info.mk in probe_ccChristian Marangi2022-07-241-0/+7
| | | | | | | Openwrt generate info.mk that contains the libc type. For probe_cc check if the file exist and parse directly it for LIBC type. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts: ext-toolchain: actually probe libc type on config generationChristian Marangi2022-07-241-0/+1
| | | | | | | | Currently we never call probe_cc before config generation, this cause the script to never actually detect the correct libc type. Call probe_cc before config generation to correctl set the .config file. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts: ext-toolchain: add option to overwrite configChristian Marangi2022-07-241-4/+18
| | | | | | | | It can be useful to overwrite an already generated config. Option are simply added at the end of the config and make defconfig will overwrite the relevant option with the new one. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* scripts: ext-toolchain: fix wrong prefix in print_config generationChristian Marangi2022-07-241-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | The parsed prefix in print_config is wrong and this produce broken generated .config that won't work with any external toolchain. Currently the prefix from a CC of 'arm-openwrt-linux-muslgnueabi-gcc-12.1.0' produce a prefix 'arm-openwrt-linux-muslgnueabi-gcc-' This is wrong as the real prefix should be 'arm-openwrt-linux-muslgnueabi-' This is probably caused by a change in how the toolchain is now handled that now append also the gcc version. Probably in ancient days the version wasn't part of the name and the prefix generation stripped the '-gcc' instead of the gcc version. Fix this and correctly strip the gcc version and the gcc suffix to correctly call toolchain bins. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* ramips: add support for ZyXEL NWA50AX / NWA55AXEDavid Bauer2022-07-201-0/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hardware -------- CPU: Mediatek MT7621 RAM: 256M DDR3 FLASH: 128M NAND ETH: 1x Gigabit Ethernet WiFi: Mediatek MT7915 (2.4/5GHz 802.11ax 2x2 DBDC) BTN: 1x Reset (NWA50AX only) LED: 1x Multi-Color (NWA50AX only) UART Console ------------ NWA50AX: Available below the rubber cover next to the ethernet port. NWA55AXE: Available on the board when disassembling the device. Settings: 115200 8N1 Layout: <12V> <LAN> GND-RX-TX-VCC Logic-Level is 3V3. Don't connect VCC to your UART adapter! Installation Web-UI ------------------- Upload the Factory image using the devices Web-Interface. As the device uses a dual-image partition layout, OpenWrt can only installed on Slot A. This requires the current active image prior flashing the device to be on Slot B. If the currently installed image is started from Slot A, the device will flash OpenWrt to Slot B. OpenWrt will panic upon first boot in this case and the device will return to the ZyXEL firmware upon next boot. If this happens, first install a ZyXEL firmware upgrade of any version and install OpenWrt after that. Installation TFTP ----------------- This installation routine is especially useful in case * unknown device password (NWA55AXE lacks reset button) * bricked device Attach to the UART console header of the device. Interrupt the boot procedure by pressing Enter. The bootloader has a reduced command-set available from CLI, but more commands can be executed by abusing the atns command. Boot a OpenWrt initramfs image available on a TFTP server at 192.168.1.66. Rename the image to owrt.bin $ atnf owrt.bin $ atna 192.168.1.88 $ atns "192.168.1.66; tftpboot; bootm" Upon booting, set the booted image to the correct slot: $ zyxel-bootconfig /dev/mtd10 get-status $ zyxel-bootconfig /dev/mtd10 set-image-status 0 valid $ zyxel-bootconfig /dev/mtd10 set-active-image 0 Copy the OpenWrt ramboot-factory image to the device using scp. Write the factory image to NAND and reboot the device. $ mtd write ramboot-factory.bin firmware $ reboot Signed-off-by: David Bauer <mail@david-bauer.net>
* image: add support for Netgear encrypted imageWenli Looi2022-07-191-0/+68
| | | | | | | | | | | | | | | | | | | | | | | | Netgear encrypted image is used in various devices including WAX202, WAX206, and EX6400v3. This image format also requires a dummy squashfs4 image which is added here as well. References in WAX202 GPL source: https://www.downloads.netgear.com/files/GPL/WAX202_V1.0.5.1_Source.rar * openwrt/bootloader/u-boot-mt7621-2018.09-gitb178829-20200526/board/ralink/common/dual_image.c Bootloader code that verifies the presence of a squashfs4 image, thus a dummy image is added here. * openwrt/tools/imgencoder/src/gj_enc.c Contains code that generates the encrypted image. There is support for adding an RSA signature, but it does not look like the signature is verified by the stock firmware or bootloader. * openwrt/tools/imgencoder/src/imagekey.h Contains the encryption key and IV. It appears the same key/IV is used for other Netgear devices including WAX206 and EX6400v3. Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
* scripts: fix CAMEO tag generatorSander Vanheule2022-07-051-1/+1
| | | | | | | | | | | What should have been only cosmetic changes, ended up in breaking the script. Rename UIMAGE_CRC_SLICE back to (the original) UIMAGE_CRC_OFF. Fixes issue #10204 "cameo-tag.py broken" Reported-by: Markus Stockhausen <markus.stockhausen@gmx.de> Fixes: f9e840b65700 ("scripts: add CAMEO tag generator") Signed-off-by: Sander Vanheule <sander@svanheule.net>
* scripts: add CAMEO tag generatorMarkus Stockhausen2022-07-051-0/+117
| | | | | | | | | | | | This script inserts CAMEO tags into an uImage to make U-Boot of DGS-1210 switches happy. Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de> Suggested-by: Sander Vanheule <sander@svanheule.net> # Mutual checksum algorithm [commit title prefix, trailing whitespace, OpenWrt capitalisation, move CRC calculation comment, use UIMAGE_NAME_*, remove parentheses for return, use f-string instead of str()] Signed-off-by: Sander Vanheule <sander@svanheule.net>
* scripts: add support for Sercomm PIDMikhail Zhilkin2022-07-031-0/+102
| | | | | | | | | | | | | | | | | | | | This scripts creates Sercomm PID file. PID is necessary for the factory images creation of variuos Sercomm-based devices (Beeline, Netgear, Etisalat). Size: 0x70 +-------+------+---------------+------------------+ | Start | Size | Value* (ASCII)| Description | +=======+======+===============+==================+ | 0x0 | 0x8 | 10100 | Hardware version | +-------+------+---------------+------------------+ | 0x8 | 0x8 | 444245 (DBE) | Hardware ID | +-------+------+---------------+------------------+ | 0x64 | 0x4 | 1002 | Software version | +-------+------+---------------+------------------+ *for Beeline Smartbox GIGA Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
* scripts: add support for Sercomm kernel headerMikhail Zhilkin2022-07-031-0/+121
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This scripts creates custom kernel header that necessary for Sercomm mt7621 devices: - Sercomm S3 - Beeline SmartBox Giga - Beeline SmartBox Pro - Beeline Smartbox Turbo - Beeline Smartbox Turbo+ - WiFire S1500.NBN Header format ------------- +--------+---------------+------------------------+ | Offset | Value | Description | +========+===============+========================+ | 0x0 | 53 65 72 00 | Magic "Ser." | +--------+---------------+------------------------+ | 0x4 | 04 00 00 01 | End offset of RootFS | +--------+---------------+------------------------+ | | | This header checksum | | 0x8 | d6 14 9a c1 | htonl(~crc) | +--------+---------------+------------------------+ | 0xc | 02 ff ff ff | Constant | +--------+---------------+------------------------+ | 0x10 | 00 01 40 00 | Kernel start offset | +--------+---------------+------------------------+ | 0x14 | c6 94 24 00 | Kernel length | +--------+---------------+------------------------+ | | | Kernel checksum | | 0x18 | e7 78 89 f1 | htonl(~crc) | +--------+---------------+------------------------+ | 0x1c | 00 00 00 00 | Constant | +--------+---------------+------------------------+ | 0x20 | ff ff ff ff | Constant | +--------+---------------+------------------------+ | 0x24 | ff ff ff ff | Constant | +--------+---------------+------------------------+ | 0x28 | 00 00 00 01 | RootFS offset | +--------+---------------+------------------------+ | | | RootFS length | | 0x2c | 04 00 00 00 | Always 0x4, we check | | | | UBI magic only | +--------+---------------+------------------------+ | | | RootFS checksum | | 0x30 | 1c fc 55 2d | htonl(~crc) | | | | Const for UBI magic | +--------+---------------+------------------------+ | 0x34 | 00 00 00 00 | Constant | +--------+---------------+------------------------+ | 0x38 | ff ff ff ff … | Pad to 0x100 | +--------+---------------+------------------------+ Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>
* scripts: add cameo image header generatorLuiz Angelo Daros de Luca2022-06-281-0/+86
| | | | | | | | | | The cameo header is a 0x40-byte header used by D-Link DGS 1210 switches and Apresia ApresiaLightGS series. cameo-imghdr.py is a clean-room reimplementation of imghdr present in the DGS-1210-28-GPL package. Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com> [fix board_version argument's help text] Signed-off-by: Sander Vanheule <sander@svanheule.net>
* build: use numeric-owner in ipkg-buildPaul Spooren2022-04-191-3/+3
| | | | | | | | | | | | | | | | | | | To create packages the `ipkg-build` script is used which double packs `control.tar.gz` and `data.tar.gz` to a single package. By default it's using a verbose username instead of a numeric value for files. Official OpenWrt images (artifacts) are created within docker containers which do not seem to contain those verbose usernames and instead defaults to numeric values. This becomes a problem when rebuilding public artifacts because other build environments may offer verbose usernames and there the created packages is different from the official ones. With this commit `ipkg-build` always uses numeric values for user/group and thereby making it easier to reproduce official artifacts. Signed-off-by: Paul Spooren <mail@aparcar.org>
* scripts: format to blackDoug Kerr2022-04-162-144/+184
| | | | | | clean up formatting with black using 80 character line limit Signed-off-by: Doug Kerr <dek3rr@gmail.com>
* scripts: use std library for jam crc32 calculationDoug Kerr2022-04-162-152/+9
| | | | | | | CRC32 is available in a standard library. It seems reasonable to defer to that rather than run a custom implementation. Signed-off-by: Doug Kerr <dek3rr@gmail.com>
* scripts/gen_image_generic.sh: fix order of files in EFI bootfsDaniel Golle2022-04-151-2/+19
| | | | | | | | | | | | mtools recursive copy (mcopy -s ...) is using READDIR(3) to iterate over the directory entries, hence they end up in the FAT filesystem in traversal order which breaks reproducibility (rather than being added to the FAT filesystem in a reproducible order). Implement recursive copy in gen_image_generic.sh in Shell code instead, as in that way we can force files to be copied in reproducible order. Fixes: aece8f5ae8 ("scripts/gen_image_generic.sh: generate reproducible EFI filesystem") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* scripts/gen_image_generic.sh: generate reproducible EFI filesystemDaniel Golle2022-04-111-2/+3
| | | | | | | | | Generate FAT filesystem for EFI boot in a reproducible way: * use '--invariant' option of mkfs.fat * set timestamps of all files to SOURCE_DATE_EPOCH * make sure files are ordered locale-independent Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* scripts: make sure sort-order is independent from localeDaniel Golle2022-04-061-1/+1
| | | | | | | | Set LC_ALL=C environment variable when calling 'sort' as the sort order otherwise depends on the locale set. Fixes: 56ce110b73 ("scripts: make sure conffiles are sorted") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* scripts: make sure conffiles are sortedPaul Spooren2022-04-011-1/+2
| | | | | | | | | It may happen that conffiles are in different order on different builds. Make sure they have the same order by sorting them. FIX: #9612 Signed-off-by: Paul Spooren <mail@aparcar.org>
* build: store sha256_unsigned in JSONPaul Spooren2022-03-291-4/+12
| | | | | | | | | | | | Introduce `sha256_unsigned` which is a checksum of the image _before_ a signature is attached. This is helpful to compare image reproducibility. Since the `.sha256sum` file is located in the $(KDIR) folder, switch $(BIN_DIR) with $(KDIR) to simplify the code. The value of $(BIN_DIR) itself is not stored inside the resulting JSON file, so it can be replaced. Signed-off-by: Paul Spooren <mail@aparcar.org>
* scripts/gen_image_generic.sh: make ext4 bootfs reproducibleDaniel Golle2022-03-281-1/+1
| | | | | | | Set fixed timestamp for kernel other files in /boot filesystem. This should help making x86 *combined* images reproducible. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* scripts/mkits.sh: replace forgotten '-' with ${REFERENCE_CHAR}Daniel Golle2022-03-241-1/+1
| | | | | | | Cosmetical change to improve style in mkits.sh. Fixes: fd679086473 ("scripts: mkits.sh: Allow legacy @ mode for dts creation") Signed-off-by: Daniel Golle <daniel@makrotopia.org>