diff --git a/.gitignore b/.gitignore index a8f1800..563f8ef 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,3 @@ -/images -/linux -/output -/repos/x-portage -/.built -/.prepared -/.host-tools +portage/*/etc/portage/make.profile +portage/*/etc/portage/repos.conf +portage/target/etc/portage/make.conf/10-crossdev.conf diff --git a/.gitmodules b/.gitmodules index e69de29..182565a 100644 --- a/.gitmodules +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "aimee-os"] + path = aimee-os + url = gitea@git.pyrocufflink.blue:AimeeOS/aimee-os.git diff --git a/Makefile b/Makefile deleted file mode 100644 index 3d887ae..0000000 --- a/Makefile +++ /dev/null @@ -1,134 +0,0 @@ -O ?= . -IMAGESDIR ?= $(O)/images -CONFIGDIR ?= . - -export CONFIGDIR - -update.tar: $(IMAGESDIR)/update.tar.zstd - -$(O)/.prepared: \ - prepare.sh \ - setup-local-repo.sh \ - $(shell find patches/ebuilds -type f) - ./prepare.sh - ./setup-local-repo.sh - mkdir -p $(O) - touch $(O)/.prepared - -prepare: $(O)/.prepared - -$(O)/.host-tools: \ - build-host-tools.sh \ - host-tools.packages \ - $(shell find $(CONFIGDIR)/portage/host -type f) \ - $(O)/.prepared - ./build-host-tools.sh - touch $(O)/.host-tools - -host-tools: $(O)/.host-tools - -$(O)/.built: \ - build.sh \ - build.packages \ - install.packages \ - $(CONFIGDIR)/build.packages \ - $(CONFIGDIR)/install.packages \ - $(shell find $(CONFIGDIR)/portage/target -type f) \ - $(O)/.host-tools \ - $(O)/.prepared - ./build.sh - touch $(O)/.built - -build: $(O)/.built - -$(O)/semanage.mods: \ - semanage.mods \ - $(wildcard $(CONFIGDIR)/semanage.mods) - cat $^ > $@ - -$(O)/.ready: \ - build-rootfs.sh \ - install.packages \ - $(CONFIGDIR)/install.packages \ - $(CONFIGDIR)/installonly.packages \ - $(CONFIGDIR)/busybox.symlinks \ - $(O)/linux/arch/arm64/boot/Image.gz \ - $(O)/semanage.mods \ - $(shell find overlay -type f) \ - $(shell find $(CONFIGDIR)/overlay -type f 2>/dev/null) \ - $(O)/.host-tools \ - $(O)/.built - ./build-rootfs.sh "$(O)" - touch $(O)/.ready - -$(O)/squashfs.exclude: \ - squashfs.exclude \ - $(shell test -f $(CONFIGDIR)/squashfs.exclude && echo $(CONFIGDIR)/squashfs.exclude) - mkdir -p $(O) - sort $^ > $@ - -$(O)/squashfs.pseudo: \ - $(wildcard $(CONFIGDIR)/squashfs.pseudo) - sort /dev/null $^ > $@ - -$(IMAGESDIR)/rootfs.squashfs: \ - build-squashfs.sh \ - $(O)/squashfs.exclude \ - $(O)/squashfs.pseudo \ - $(O)/.ready - ./build-squashfs.sh "$(O)" "$(IMAGESDIR)" - -squashfs: $(IMAGESDIR)/rootfs.squashfs - -$(O)/linux/arch/arm64/boot/Image.gz: \ - build-kernel.sh \ - $(CONFIGDIR)/linux.config \ - $(O)/.host-tools \ - $(O)/.prepared - ./build-kernel.sh "$(O)" - -kernel: $(O)/linux/arch/arm64/boot/Image.gz - -$(O)/efi-part/EFI/BOOT/BOOTAA64.efi: \ - build-grub.sh \ - grub.cfg \ - $(O)/.host-tools \ - $(O)/.prepared - ./build-grub.sh "$(O)" - -grub: $(O)/efi-part/EFI/BOOT/BOOTAA64.efi - -$(IMAGESDIR)/sdcard.img: \ - genimage.cfg \ - genimage.sh \ - post-build.sh \ - $(O)/efi-part/EFI/BOOT/BOOTAA64.efi \ - $(IMAGESDIR)/rootfs.squashfs - ./post-build.sh "$(O)" - ./genimage.sh "$(O)" "$(IMAGESDIR)" - -sdcard.img: $(IMAGESDIR)/sdcard.img - -$(IMAGESDIR)/firmware.img: $(IMAGESDIR)/sdcard.img - -$(IMAGESDIR)/update.tar.zstd: \ - $(IMAGESDIR)/rootfs.squashfs \ - $(IMAGESDIR)/firmware.img \ - install-update.sh \ - $(O)/.host-tools \ - $(O)/.prepared - ./build-update.sh "$(IMAGESDIR)" - -clean: - rm -rf $(O)/linux $(O)/output $(IMAGESDIR) $(O)/tmp - rm -f $(O)/.prepared $(O)/.host-tools - -.PHONY: \ - build \ - grub \ - host-tools \ - kernel \ - prepare \ - sdcard.img \ - squashfs \ - update.tar diff --git a/README.md b/README.md deleted file mode 100644 index 86f04e9..0000000 --- a/README.md +++ /dev/null @@ -1,18 +0,0 @@ -## Errors - -### SWIOTLB Buffer - -> OF: reserved mem: failed to allocate memory for node -> … -> Can not allocate SWIOTLB buffer earlier and can't now provide you with the -> DMA bounce buffer - -Ensure `start_x=1` is in `config.txt` and `start_file`/`fixup_file` are not -specified. - - -### U-Boot: Overwrite Reserved Memory - -> ** Reading file would overwrite reserved memory ** - -Set `CONFIG_LMB_MAX_REGIONS=16` in `u-boot/.config` diff --git a/aimee-os b/aimee-os new file mode 160000 index 0000000..c821ec1 --- /dev/null +++ b/aimee-os @@ -0,0 +1 @@ +Subproject commit c821ec1ec44c64d70b2d904dcec3e29a14c77698 diff --git a/build-grub.sh b/build-grub.sh deleted file mode 100755 index 2bdabf6..0000000 --- a/build-grub.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -set -e - -. "${CONFIGDIR:=${PWD}}"/config - -O="${1}" - -GRUB_MODULES=' -boot -echo -efi_gop -eval -fat -gzio -linux -loadenv -normal -part_gpt -probe -regexp -serial -squash4 -test -xzio -zstd -' - -echo 'Creating GRUB image ...' -mkdir -p "${O}"/efi-part/EFI/BOOT -grub-mkimage \ - -O arm64-efi \ - -o "${O}"/efi-part/EFI/BOOT/BOOTAA64.efi \ - -d /usr/${target}/usr/lib/grub/arm64-efi \ - -p /EFI/gentoo \ - ${GRUB_MODULES} - -echo 'Generating GRUB configuration file ...' -mkdir -p "${O}"/efi-part/EFI/gentoo -cp -uv grub.cfg "${O}"/efi-part/EFI/gentoo -grub-editenv "${O}"/efi-part/EFI/gentoo/grubenv set rootflags='ro' -grub-editenv "${O}"/efi-part/EFI/gentoo/grubenv set default=0 -grub-editenv "${O}"/efi-part/EFI/gentoo/grubenv set timeout=5 diff --git a/build-host-tools.sh b/build-host-tools.sh deleted file mode 100755 index e8de078..0000000 --- a/build-host-tools.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -PORTAGE_CONFIGROOT="${CONFIGDIR:=${PWD}}"/portage/host \ -< host-tools.packages xargs -ro \ -emerge -vnuUj --rebuilt-binaries=y diff --git a/build-kernel.sh b/build-kernel.sh deleted file mode 100755 index b2ae962..0000000 --- a/build-kernel.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -set -e - -O="${1}" - -. "${CONFIGDIR:=${PWD}}"/config - -PORTAGE_CONFIGROOT="${CONFIGDIR}"/portage/host \ -emerge -vnj ${kernel_pkg} - -export ARCH=arm64 CROSS_COMPILE=${target}- -unset MAKEFLAGS MAKEOVERRIDES MAKELEVEL -mkdir -p "${O}"/linux -/usr/src/linux/scripts/kconfig/merge_config.sh -m \ - -O "${O}"/linux \ - /usr/src/linux/arch/*/configs/${kernel_defconfig}_defconfig \ - "${CONFIGDIR}"/linux.config -cd "${O}"/linux -make -C /usr/src/linux O=${PWD} olddefconfig -make -j$(nproc) -touch arch/arm64/boot/Image.gz -kver=$(make -s kernelversion) -make modules_install INSTALL_MOD_PATH=/mnt/gentoo/usr -cd - - -printf 'Installing Kernel %s ...\n' "${kver}" -mkdir -p /mnt/gentoo/boot -cp -au "${O}"/linux/arch/arm64/boot/Image.gz /mnt/gentoo/boot/vmlinuz-${kver} -cp -au "${O}"/linux/.config /mnt/gentoo/boot/config-${kver} -cp -au "${O}"/linux/System.map /mnt/gentoo/boot/System.map-${kver} - -printf 'Installing device tree binaries ...\n' -mkdir -p "${O}"/efi-part/overlays -cp -u "${O}"/linux/arch/arm64/boot/dts/${device_tree} "${O}"/efi-part/ -cp -u \ - "${O}"/linux/arch/arm64/boot/dts/overlays/*.dtb \ - "${O}"/linux/arch/arm64/boot/dts/overlays/*.dtbo \ - "${O}"/efi-part/overlays/ diff --git a/build-rootfs.sh b/build-rootfs.sh deleted file mode 100755 index c8d64ff..0000000 --- a/build-rootfs.sh +++ /dev/null @@ -1,116 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -set -e - -. "${CONFIGDIR:=${PWD}}"/config - -O="${1}" - -mkdir -p \ - /mnt/gentoo/usr/bin \ - /mnt/gentoo/usr/lib \ - /mnt/gentoo/usr/lib64 \ - || exit -[ -h /mnt/gentoo/bin ] || ln -s usr/bin /mnt/gentoo/bin -[ -h /mnt/gentoo/sbin ] || ln -s usr/sbin /mnt/gentoo/sbin -[ -h /mnt/gentoo/usr/sbin ] || ln -s bin /mnt/gentoo/usr/sbin -[ -h /mnt/gentoo/lib ] || ln -s usr/lib /mnt/gentoo/lib -[ -h /mnt/gentoo/lib64 ] || ln -s usr/lib64 /mnt/gentoo/lib64 - -mkdir -p /mnt/gentoo/etc/portage -ln -snf \ - /var/db/repos/gentoo/profiles/${profile} \ - /mnt/gentoo/etc/portage/make.profile - -cat \ - install.packages \ - "${CONFIGDIR}"/install.packages \ - | xargs -ro \ -${target}-emerge \ - --root=/mnt/gentoo \ - --config-root="${CONFIGDIR}"/portage/target \ - -KvnuUDj \ - --rebuilt-binaries=y - -< "${CONFIGDIR}"/installonly.packages xargs -ro \ -${target}-emerge \ - --root=/mnt/gentoo \ - --config-root="${CONFIGDIR}"/portage/target \ - -vnuUDj - -ROOT=/mnt/gentoo \ -locale-gen - -mkdir -p \ - /mnt/gentoo/boot/efi \ - /mnt/gentoo/dev \ - /mnt/gentoo/home \ - /mnt/gentoo/proc \ - /mnt/gentoo/sys \ - || exit - -: > /mnt/gentoo/etc/machine-id - -while read name; do - if [ ! -h /mnt/gentoo/bin/"${name}" ]; then - printf "'/bin/%s' -> 'busybox'\n" "${name}" - ln -snf busybox /mnt/gentoo/bin/"${name}" \ - || printf 'Failed to create busybox symlink for %s\n' "${name}" - fi -done < "${CONFIGDIR}"/busybox.symlinks - -rsync -rltpDO overlay/ /mnt/gentoo/ -if [ -d "${CONFIGDIR}"/overlay ]; then - rsync -rltpDO "${CONFIGDIR}"/overlay/ /mnt/gentoo/ -fi - -cp -uv /usr/${target}/usr/bin/grub-editenv /mnt/gentoo/usr/bin/ - -if [ -d /mnt/gentoo/usr/${target} ]; then - rsync -aO /mnt/gentoo/usr/${target}/ /mnt/gentoo/ -fi - -if [ -f /mnt/gentoo/etc/udev/hwdb.bin ]; then - mv /mnt/gentoo/etc/udev/hwdb.bin /mnt/gentoo/usr/lib/udev/ -fi - -rm -f /mnt/gentoo/lib/tmpfiles.d/provision.conf -systemd-tmpfiles --root=/mnt/gentoo -E --exclude-prefix=/var --create - -systemctl preset-all --root=/mnt/gentoo -rm -f /mnt/gentoo/lib/systemd/system/sysinit.target.wants/ldconfig.service - -systemd-sysusers --root=/mnt/gentoo -if grep -q '^root:.*/bin/bash$' /mnt/gentoo/etc/passwd; then - sed -ri 's@(root:.*):/bin/bash@\1:/bin/sh@' /mnt/gentoo/etc/passwd -fi - -if ! grep -q Include /mnt/gentoo/etc/ssh/sshd_config; then - echo 'Include /etc/ssh/sshd_config.d/*.conf' \ - >> /mnt/gentoo/etc/ssh/sshd_config -fi - -# Although `semanage` accepts a `--store` argument that supposedly -# instructs it to operate on an alternate SELinux policy store, it -# doesn't actually work. As such, we have to run `semanage` in an -# alternate mount namespace with the target policy store bind-mounted -# at the default location so `semanage` can operate on it. -unshare -m sh -e < digests -sha256sum rootfs.squashfs >> digests -cp -u "${OLDPWD}"/install-update.sh install -tar -c --zstd -f update.tar.zstd \ - digests \ - firmware.img \ - rootfs.squashfs \ - install \ - || exit -rm install diff --git a/build.packages b/build.packages index 9677552..3a5cf6b 100644 --- a/build.packages +++ b/build.packages @@ -1,2 +1 @@ -sys-boot/raspberrypi-firmware -sys-boot/u-boot +sys-boot/grub diff --git a/build.sh b/build.sh index 583247b..8d62353 100755 --- a/build.sh +++ b/build.sh @@ -1,21 +1,4 @@ #!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : -set -e - -. "${CONFIGDIR}"/config - -unset MAKEFLAGS MAKEOVERRIDES MAKELEVEL - -export PORTAGE_CONFIGROOT="${CONFIGDIR}"/portage/target - -${target}-emerge -vuUDj sys-apps/util-linux - -cat \ - build.packages \ - install.packages \ - "${CONFIGDIR}"/build.packages \ - "${CONFIGDIR}"/install.packages \ - | xargs -rot \ -${target}-emerge -bkvnuUDj -${target}-emerge -bv @preserved-rebuild +aimee-os/ocivm.sh -- \ +make -C aimee-os 'CONFIGDIR=${PWD}' 'IMAGESDIR=${PWD}/images' O=/tmp/build diff --git a/yellow/busybox.symlinks b/busybox.symlinks similarity index 100% rename from yellow/busybox.symlinks rename to busybox.symlinks diff --git a/yellow/config b/config similarity index 100% rename from yellow/config rename to config diff --git a/yellow/config.txt b/config.txt similarity index 100% rename from yellow/config.txt rename to config.txt diff --git a/flash.sh b/flash.sh deleted file mode 100755 index c5ffbb6..0000000 --- a/flash.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -dev=$(readlink -f "$1") -wipefs -fa "${dev}" -pv images/sdcard.img \ - | dd of="${dev}" bs=1M conv=sparse oflag=sync -sync; sync; sync -sleep 1 -for p in /sys/class/block/${dev##*/}/*/partition; do - [ -f "${p}" ] || continue - case $(cat "${p}") in - 1|2) - ;; - *) - p=${p%/*} - wipefs -fa /dev/${p##*/} - ;; - esac -done diff --git a/genimage.cfg b/genimage.cfg deleted file mode 100644 index 90b4fc3..0000000 --- a/genimage.cfg +++ /dev/null @@ -1,41 +0,0 @@ -# vim: set sw=4 ts=4 sts=4 : - -image firmware.img { - vfat { - } - - srcpath = "efi-part" - size = 32M -} - -image sdcard.img { - hdimage { - partition-table-type = hybrid - align = 1M - } - - partition "EFI System Partition" { - partition-type = 0xC - partition-type-uuid = "U" - bootable = true - image = "firmware.img" - } - - partition rootfs-a { - partition-type-uuid = "L" - image = "rootfs.squashfs" - size = 512M - } - - partition rootfs-b { - partition-type-uuid = "L" - size = 512M - } - - partition dch-data { - partition-type-uuid = "L" - autoresize = true - } - - size = 4G -} diff --git a/genimage.sh b/genimage.sh deleted file mode 100755 index 2001d92..0000000 --- a/genimage.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -set -e - -cleanup() { - if [ -n "${tmproot}" ]; then - if [ "${tmproot}" != / ]; then - rm -rf "${tmproot}" - fi - unset tmproot - fi -} - -. "${CONFIGDIR:=${PWD}}"/config - -O="${1}" -IMAGESDIR="${2}" - -trap cleanup INT TERM QUIT EXIT -tmproot=$(mktemp -d) -tmppath=$(mktemp -d) - -cd "${O}" -genimage \ - --rootpath "${tmproot}" \ - --tmppath "${tmppath}" \ - --inputpath "${IMAGESDIR}" \ - --outputpath "${IMAGESDIR}" \ - --mkdosfs mkfs.vfat \ - --config "${OLDPWD}"/genimage.cfg diff --git a/grub.cfg b/grub.cfg deleted file mode 100644 index add5758..0000000 --- a/grub.cfg +++ /dev/null @@ -1,19 +0,0 @@ -# vim: set ft=sh : -# vim: set sw=4 ts=4 sts=4 et: - -load_env -regexp --set 1:disk '(.*),.*' $root -for dev in ($disk,gpt*); do - probe --set partuuid --part-uuid $dev - for path in $dev/boot/vmlinuz-*; do - if [ -f $path ]; then - regexp --set 1:kernel '.*/(vmlinuz-.*)' $path - regexp --set 1:kver 'vmlinuz-(.*)' $kernel - menuentry "Gentoo Linux $kver on $dev" --class gnu-linux --id "id-$partuuid-$kver" "$dev" "$kernel" $partuuid { - set root="$2" - linux "/boot/$3" root=PARTUUID=$4 $rootflags - } - fi - done -done - diff --git a/host-tools.packages b/host-tools.packages deleted file mode 100644 index 4fa55fa..0000000 --- a/host-tools.packages +++ /dev/null @@ -1,9 +0,0 @@ -sec-policy/selinux-base -sys-apps/policycoreutils -sys-apps/systemd -sys-boot/grub -sys-fs/btrfs-progs -sys-fs/dosfstools -sys-fs/genimage -sys-fs/mtools -sys-fs/squashfs-tools diff --git a/install-update.sh b/install-update.sh deleted file mode 100755 index 92d9eee..0000000 --- a/install-update.sh +++ /dev/null @@ -1,94 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -. /lib/gentoo/functions.sh - -die() { - rc=$? - if [ $rc -eq 0 ]; then - rc=1 - fi - eerror "$@" - exit $rc -} - -get_partuuid() { - blkid -o value -s PARTUUID "$1" -} - -set_default_boot() { - _rc=0 - mkdir -p newroot || return - mount -oro "$1" newroot || return - _kernel=$(find newroot/boot -name 'vmlinuz-*' -printf '%P\n' \ - | sort -V \ - | tail -n1 - ) - _kver=${_kernel#vmlinuz-} - _partuuid=$(get_partuuid "$1") - _id=id-${_partuuid}-${_kver} - ebegin 'Setting default boot entry' - veindent - veinfo "Menu entry ID: ${_id}" - veoutdent - grub-editenv /boot/efi/EFI/gentoo/grubenv set "default=${_id}" || _rc=$? - eend $_rc - umount newroot - return $_rc -} - -write_firmware() { - _rc=0 - _esp=$(findfs PARTLABEL='EFI System Partition') - if [ -z "${_esp}" ]; then - eerror 'Could not identify EFI System Partition' - return 1 - fi - if ! mountpoint -q /boot/efi; then - mount -o ro "${_esp}" /boot/efi \ - || ewarn 'Failed to mount EFI System Partition' - fi - if [ -f /boot/efi/EFI/gentoo/grubenv ]; then - ebegin 'Saving current GRUB environment' - cp /boot/efi/EFI/gentoo/grubenv . - ewend $? 'Failed to save GRUB environment' - fi - if mountpoint -q /boot/efi; then - umount /boot/efi || return - fi - ebegin "Writing firmware image to EFI System Partition (${_esp})" - dd if=firmware.img of="${_esp}" bs=1M || _rc=$? - if [ $_rc -eq 0 ]; then - mount -orw "${_esp}" /boot/efi || rc=$? - fi - if [ $_rc -eq 0 ]; then - if [ -f grubenv ]; then - ebegin 'Restoring GRUB environment' - cp grubenv /boot/efi/EFI/gentoo/grubenv || _rc=$? - eend $_rc - fi - fi - return $_rc -} - -write_rootfs() { - _rc=0 - ebegin "Writing rootfs image to $1" - dd if=rootfs.squashfs of="$1" bs=1M || _rc=$? - eend $_rc -} - -rc=0 -newroot="$1" - -write_rootfs "${newroot}" || die 'Failed to write new rootfs image to disk' -write_firmware || die 'Failed to write new firmware image to disk' -if ! set_default_boot "${newroot}"; then - rc=$? - eerror 'Failed to set default boot option' -fi - -if [ $rc -eq 0 ]; then - einfo 'Successfully installed update' -fi -exit $rc diff --git a/install.packages b/install.packages index 19d1144..eb4a49e 100644 --- a/install.packages +++ b/install.packages @@ -1,6 +1,4 @@ -net-misc/openssh -net-misc/wget -sec-policy/selinux-aimee-os -sys-apps/busybox -sys-apps/systemd -sys-fs/btrfs-progs +acct-group/nginx +acct-user/nginx +app-backup/burp +app-containers/podman diff --git a/yellow/installonly.packages b/installonly.packages similarity index 100% rename from yellow/installonly.packages rename to installonly.packages diff --git a/yellow/linux.config b/linux.config similarity index 100% rename from yellow/linux.config rename to linux.config diff --git a/ocivm.sh b/ocivm.sh deleted file mode 100755 index 951132d..0000000 --- a/ocivm.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/sh - -set -e - -. "${CONFIGDIR:=${PWD}}"/config - -name=build_yellow -if ! ocivm list | grep -q localhost/cross-${target}; then - ocivm import localhost/cross-${target} -fi -ocivm \ - --log-level DEBUG \ - run \ - -m 8G \ - -n ${name} \ - -w /tmp/src \ - -v "${PWD}":/tmp/src \ - -v portagecache:/var/cache:size=16G \ - -v portage:/var/db/repos/gentoo:size=4G \ - localhost/cross-aarch64-unknown-linux-gnu \ - "$@" diff --git a/yellow/overlay/etc/aimee-os/writable-etc b/overlay/etc/aimee-os/writable-etc similarity index 100% rename from yellow/overlay/etc/aimee-os/writable-etc rename to overlay/etc/aimee-os/writable-etc diff --git a/yellow/overlay/etc/containers/policy.json b/overlay/etc/containers/policy.json similarity index 100% rename from yellow/overlay/etc/containers/policy.json rename to overlay/etc/containers/policy.json diff --git a/yellow/overlay/etc/containers/registries.conf b/overlay/etc/containers/registries.conf similarity index 100% rename from yellow/overlay/etc/containers/registries.conf rename to overlay/etc/containers/registries.conf diff --git a/yellow/overlay/etc/containers/systemd/home-assistant.container b/overlay/etc/containers/systemd/home-assistant.container similarity index 100% rename from yellow/overlay/etc/containers/systemd/home-assistant.container rename to overlay/etc/containers/systemd/home-assistant.container diff --git a/yellow/overlay/etc/containers/systemd/mosquitto.container b/overlay/etc/containers/systemd/mosquitto.container similarity index 100% rename from yellow/overlay/etc/containers/systemd/mosquitto.container rename to overlay/etc/containers/systemd/mosquitto.container diff --git a/yellow/overlay/etc/containers/systemd/nginx.container b/overlay/etc/containers/systemd/nginx.container similarity index 100% rename from yellow/overlay/etc/containers/systemd/nginx.container rename to overlay/etc/containers/systemd/nginx.container diff --git a/yellow/overlay/etc/containers/systemd/zigbee2mqtt.container b/overlay/etc/containers/systemd/zigbee2mqtt.container similarity index 100% rename from yellow/overlay/etc/containers/systemd/zigbee2mqtt.container rename to overlay/etc/containers/systemd/zigbee2mqtt.container diff --git a/yellow/overlay/etc/containers/systemd/zwavejs2mqtt.container b/overlay/etc/containers/systemd/zwavejs2mqtt.container similarity index 100% rename from yellow/overlay/etc/containers/systemd/zwavejs2mqtt.container rename to overlay/etc/containers/systemd/zwavejs2mqtt.container diff --git a/overlay/etc/fstab b/overlay/etc/fstab deleted file mode 100644 index 1d8992a..0000000 --- a/overlay/etc/fstab +++ /dev/null @@ -1 +0,0 @@ -PARTLABEL=dch-data /var btrfs subvol=var,nosuid,noexec,nodev 0 2 diff --git a/overlay/etc/locale.conf b/overlay/etc/locale.conf deleted file mode 100644 index 01ec548..0000000 --- a/overlay/etc/locale.conf +++ /dev/null @@ -1 +0,0 @@ -LANG=en_US.UTF-8 diff --git a/overlay/etc/locale.gen b/overlay/etc/locale.gen deleted file mode 100644 index a66d814..0000000 --- a/overlay/etc/locale.gen +++ /dev/null @@ -1 +0,0 @@ -en_US.UTF-8 UTF-8 diff --git a/yellow/overlay/etc/mosquitto/mosquitto.conf b/overlay/etc/mosquitto/mosquitto.conf similarity index 100% rename from yellow/overlay/etc/mosquitto/mosquitto.conf rename to overlay/etc/mosquitto/mosquitto.conf diff --git a/yellow/overlay/etc/nginx/conf.d/default.conf b/overlay/etc/nginx/conf.d/default.conf similarity index 100% rename from yellow/overlay/etc/nginx/conf.d/default.conf rename to overlay/etc/nginx/conf.d/default.conf diff --git a/yellow/overlay/etc/nginx/nginx.conf b/overlay/etc/nginx/nginx.conf similarity index 100% rename from yellow/overlay/etc/nginx/nginx.conf rename to overlay/etc/nginx/nginx.conf diff --git a/overlay/etc/resolv.conf b/overlay/etc/resolv.conf deleted file mode 120000 index e499f2d..0000000 --- a/overlay/etc/resolv.conf +++ /dev/null @@ -1 +0,0 @@ -../run/systemd/resolve/resolv.conf \ No newline at end of file diff --git a/overlay/etc/selinux/config b/overlay/etc/selinux/config deleted file mode 100644 index f4ec7c8..0000000 --- a/overlay/etc/selinux/config +++ /dev/null @@ -1,15 +0,0 @@ -# This file controls the state of SELinux on the system on boot. - -# SELINUX can take one of these three values: -# enforcing - SELinux security policy is enforced. -# permissive - SELinux prints warnings instead of enforcing. -# disabled - No SELinux policy is loaded. -SELINUX=enforcing - -# SELINUXTYPE can take one of these four values: -# targeted - Only targeted network daemons are protected. -# strict - Full SELinux protection. -# mls - Full SELinux protection with Multi-Level Security -# mcs - Full SELinux protection with Multi-Category Security -# (mls, but only one sensitivity level) -SELINUXTYPE=mcs diff --git a/overlay/etc/ssh/sshd_config b/overlay/etc/ssh/sshd_config deleted file mode 100644 index 9e377dc..0000000 --- a/overlay/etc/ssh/sshd_config +++ /dev/null @@ -1,16 +0,0 @@ -PasswordAuthentication no - -UsePAM yes -PrintMotd no -PrintLastLog no - -Subsystem sftp /usr/lib64/misc/sftp-server - -AcceptEnv LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE -AcceptEnv COLORTERM - -HostKey /var/lib/ssh/ssh_host_rsa_key -HostKey /var/lib/ssh/ssh_host_ecdsa_key -HostKey /var/lib/ssh/ssh_host_ed25519_key - -Include /etc/ssh/sshd_config.d/*.conf diff --git a/overlay/etc/ssh/sshd_config.d/authorized-keys-command.conf b/overlay/etc/ssh/sshd_config.d/authorized-keys-command.conf deleted file mode 100644 index 0bdac7d..0000000 --- a/overlay/etc/ssh/sshd_config.d/authorized-keys-command.conf +++ /dev/null @@ -1,2 +0,0 @@ -AuthorizedKeysCommand /usr/libexec/ssh-authorized-keys %u %t -AuthorizedKeysCommandUser nobody diff --git a/overlay/etc/systemd/network/90-default.network b/overlay/etc/systemd/network/90-default.network deleted file mode 100644 index a61291d..0000000 --- a/overlay/etc/systemd/network/90-default.network +++ /dev/null @@ -1,5 +0,0 @@ -[Match] -Type=ether - -[Network] -DHCP=yes diff --git a/yellow/overlay/etc/systemd/system/gen-nginx-cert.service b/overlay/etc/systemd/system/gen-nginx-cert.service similarity index 100% rename from yellow/overlay/etc/systemd/system/gen-nginx-cert.service rename to overlay/etc/systemd/system/gen-nginx-cert.service diff --git a/yellow/overlay/etc/sysusers.d/homeassistant.conf b/overlay/etc/sysusers.d/homeassistant.conf similarity index 100% rename from yellow/overlay/etc/sysusers.d/homeassistant.conf rename to overlay/etc/sysusers.d/homeassistant.conf diff --git a/yellow/overlay/etc/sysusers.d/mosquitto.conf b/overlay/etc/sysusers.d/mosquitto.conf similarity index 100% rename from yellow/overlay/etc/sysusers.d/mosquitto.conf rename to overlay/etc/sysusers.d/mosquitto.conf diff --git a/yellow/overlay/etc/sysusers.d/zigbee2mqtt.conf b/overlay/etc/sysusers.d/zigbee2mqtt.conf similarity index 100% rename from yellow/overlay/etc/sysusers.d/zigbee2mqtt.conf rename to overlay/etc/sysusers.d/zigbee2mqtt.conf diff --git a/yellow/overlay/etc/sysusers.d/zwavejs2mqtt.conf b/overlay/etc/sysusers.d/zwavejs2mqtt.conf similarity index 100% rename from yellow/overlay/etc/sysusers.d/zwavejs2mqtt.conf rename to overlay/etc/sysusers.d/zwavejs2mqtt.conf diff --git a/yellow/overlay/etc/tmpfiles.d/homeassistant.conf b/overlay/etc/tmpfiles.d/homeassistant.conf similarity index 100% rename from yellow/overlay/etc/tmpfiles.d/homeassistant.conf rename to overlay/etc/tmpfiles.d/homeassistant.conf diff --git a/yellow/overlay/etc/tmpfiles.d/mosquitto.conf b/overlay/etc/tmpfiles.d/mosquitto.conf similarity index 100% rename from yellow/overlay/etc/tmpfiles.d/mosquitto.conf rename to overlay/etc/tmpfiles.d/mosquitto.conf diff --git a/yellow/overlay/etc/tmpfiles.d/zigbee2mqtt.conf b/overlay/etc/tmpfiles.d/zigbee2mqtt.conf similarity index 100% rename from yellow/overlay/etc/tmpfiles.d/zigbee2mqtt.conf rename to overlay/etc/tmpfiles.d/zigbee2mqtt.conf diff --git a/yellow/overlay/etc/tmpfiles.d/zwavejs.conf b/overlay/etc/tmpfiles.d/zwavejs.conf similarity index 100% rename from yellow/overlay/etc/tmpfiles.d/zwavejs.conf rename to overlay/etc/tmpfiles.d/zwavejs.conf diff --git a/overlay/usr/bin/factory-reset b/overlay/usr/bin/factory-reset deleted file mode 100755 index c4cc513..0000000 --- a/overlay/usr/bin/factory-reset +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -. /lib/gentoo/functions.sh - -confirm() { - unset _confirm - printf '%s [y/N] ' "${1-Do you want to continue?}" - read _confirm - case "${_confirm}" in - [Yy]|[Yy][Ee][Ss]) - return 0 - ;; - *) - return 1 - ;; - esac -} - -printf "${WARN}" -printf 'This operation will COMPLETELY ERASE all data and information ' -printf 'stored on this system!\n' -printf "${NORMAL}" -confirm || exit 9 -ewarn 'The system will now reboot and wipe all data.' -systemctl enable --runtime factory-reset.service -systemctl reboot diff --git a/overlay/usr/bin/set-root-password b/overlay/usr/bin/set-root-password deleted file mode 100755 index c26a8bd..0000000 --- a/overlay/usr/bin/set-root-password +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -if [ -z "${_UNSHARED}" ]; then - export _UNSHARED=1 - exec unshare -m "$0" "$@" -fi -unset _UNSHARED - -cleanup() { - if is_mount -q /etc; then - umount -R /etc - fi - if [ -n "${tmpdir}" ] && [ "${tmpdir}" != / ]; then - if is_mount "${tmpdir}"; then - umount -R "${tmpdir}" - fi - rm -rf "${tmpdir}" - fi - unset tmpdir -} - -is_mount() { - awk ' - BEGIN { rc = 1 } - $5 == "'"${1}"'" { rc = 0 } - END { exit rc } - ' /proc/self/mountinfo -} - -tmpdir=$(mktemp -d) -trap 'cleanup' INT QUIT TERM EXIT -mount \ - -t tmpfs \ - -o private,rootcontext=system_u:object_r:etc_t:s0 \ - tmpfs \ - "${tmpdir}" \ - || exit - -mkdir -p \ - "${tmpdir}"/etc \ - "${tmpdir}"/etc/pam.d \ - "${tmpdir}"/etc/security \ - "${tmpdir}"/etc/selinux \ - || exit -cp -a /etc/passwd /etc/shadow "${tmpdir}"/etc || exit -mount -o bind /etc/pam.d "${tmpdir}"/etc/pam.d || exit -mount -o bind /etc/security "${tmpdir}"/etc/security || exit -mount -o bind /etc/selinux "${tmpdir}"/etc/selinux || exit -mount --rbind "${tmpdir}"/etc /etc || exit - -passwd || exit - -mv /etc/shadow "${tmpdir}"/shadow || exit -umount -R /etc || exit -cat "${tmpdir}"/shadow > /etc/shadow || exit diff --git a/overlay/usr/bin/system-update b/overlay/usr/bin/system-update deleted file mode 100755 index 5e9c798..0000000 --- a/overlay/usr/bin/system-update +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -cleanup() { - cd / - if [ -n "${workdir}" ] && [ "${workdir}" != / ]; then - rm -rf "${workdir}" - fi - unset workdir -} - -die() { - rc=$? - if [ $rc -eq 0 ]; then - rc=1 - fi - error "$@" - exit $rc -} - -error() { - if [ $# -eq 1 ]; then - echo "$1" >&2 - elif [ $# -gt 1 ]; then - printf "$@" >&2 - fi -} - -extract_update() { - zstd -dc update.tar.zstd | tar -x \ - || die 'Could not extract update source' - sha256sum -c digests \ - || die 'Invalid update source: checksum mismatch' -} - -fetch_update() { - wget -O update.tar.zstd "$1" -} - -get_root() { - set -- $(cat /proc/cmdline) - while [ $# -gt 0 ]; do - case "$1" in - root=*) - _root=${1#root=} - ;; - esac - shift - done - echo $(findfs "${_root}") -} - -get_partlabel() { - blkid -o value -s PARTLABEL "$1" -} - -help() { - usage -} - -info() { - if [ $# -eq 1 ]; then - echo "$1" >&2 - elif [ $# -gt 1 ]; then - printf "$@" >&2 - fi -} - -usage() { - printf 'usage: %s source_url\n' "${0##*/}" -} - -while [ $# -gt 0 ]; do - case "$1" in - --help) - help - exit 0 - ;; - *) - if [ -z "${source_url}" ]; then - source_url="$1" - else - usage >&2 - exit 2 - fi - ;; - esac - shift -done - -if [ -z "${source_url}" ]; then - usage >&2 - exit 2 -fi - -root=$(get_root) -partlabel=$(get_partlabel "${root}") - -case "${partlabel}" in -rootfs-a) - newpartlabel=rootfs-b - ;; -rootfs-b) - newpartlabel=rootfs-a - ;; -*) - die \ - 'Unsupported system configuration: invalid rootfs partition label: %s\n' \ - "${partlabel}" >&2 -esac -newroot=$(findfs PARTLABEL="${newpartlabel}") -if [ -z "${newroot}" ]; then - die 'Could not find partition with label %s\n' "${partlabel}" -fi -info 'Current rootfs: %s (%s)\n' "${partlabel}" "${root}" -info 'New rootfs: %s (%s)\n' "${newpartlabel}" "${newroot}" - -trap cleanup INT TERM QUIT EXIT -workdir=$(mktemp -d) -cd "${workdir}" - -fetch_update "${source_url}" || die 'Failed to fetch update source' -extract_update || die 'Failed to extact update source' -./install "${newroot}" || die 'Error installing system update' - -printf 'Do you want to reboot now? [y/N] ' -read confirm -case "${confirm}" in -[yY]|[yY][eE][sS]) - systemctl reboot - ;; -*) - info 'A reboot is required to complete the update' - ;; -esac diff --git a/overlay/usr/lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module-ha-yellow.bin.xz b/overlay/usr/lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module-ha-yellow.bin.xz deleted file mode 120000 index 97bd3fd..0000000 --- a/overlay/usr/lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module-ha-yellow.bin.xz +++ /dev/null @@ -1 +0,0 @@ -../cypress/cyfmac43455-sdio.bin.xz \ No newline at end of file diff --git a/overlay/usr/lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module-ha-yellow.txt.xz b/overlay/usr/lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module-ha-yellow.txt.xz deleted file mode 120000 index dfb33d5..0000000 --- a/overlay/usr/lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module-ha-yellow.txt.xz +++ /dev/null @@ -1 +0,0 @@ -brcmfmac43455-sdio.raspberrypi,4-model-b.txt.xz \ No newline at end of file diff --git a/overlay/usr/lib/systemd/system-preset/80-local-default.preset b/overlay/usr/lib/systemd/system-preset/80-local-default.preset deleted file mode 100644 index 9ed307d..0000000 --- a/overlay/usr/lib/systemd/system-preset/80-local-default.preset +++ /dev/null @@ -1,19 +0,0 @@ -enable auditd.service - -enable restorecon.service - -disable ldconfig.service - -disable systemd-userdbd.service -disable systemd-userdbd.socket - -enable systemd-networkd-wait-online.service -enable systemd-networkd.service -enable systemd-networkd.socket - -#enable systemd-time-wait-sync.service - -disable getty@.service - -enable sshd.socket -enable ssh-keygen.target diff --git a/overlay/usr/lib/systemd/system/auditd.service.d/augenrules.conf b/overlay/usr/lib/systemd/system/auditd.service.d/augenrules.conf deleted file mode 100644 index ba0918e..0000000 --- a/overlay/usr/lib/systemd/system/auditd.service.d/augenrules.conf +++ /dev/null @@ -1,5 +0,0 @@ -[Service] -# Do not run augenrules; read audit rules from the audit.rules file as -# it exists already. Audit rules are generated at build time. -ExecStartPost= -ExecStartPost=-/sbin/auditctl -R /etc/audit/audit.rules diff --git a/overlay/usr/lib/systemd/system/factory-reset.service b/overlay/usr/lib/systemd/system/factory-reset.service deleted file mode 100644 index c4eb1e9..0000000 --- a/overlay/usr/lib/systemd/system/factory-reset.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=Perform a factory reset -DefaultDependencies=no -After=umount.target -Before=systemd-reboot.service - -[Service] -Type=oneshot -ExecStart=/usr/libexec/factory-reset -StandardOutput=kmsg+console - -[Install] -WantedBy=final.target diff --git a/overlay/usr/lib/systemd/system/init-storage.service b/overlay/usr/lib/systemd/system/init-storage.service deleted file mode 100644 index 4ec04bd..0000000 --- a/overlay/usr/lib/systemd/system/init-storage.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=Initialize persistent data storage -DefaultDependencies=no -Before=local-fs-pre.target -After=systemd-journald.service -After=systemd-remount-fs.service -After=systemd-sysctl.service -After=systemd-udev-trigger.service - -[Service] -Type=oneshot -ExecStart=/usr/libexec/init-storage -StandardInput=null -StandardOutput=journal+console -StandardError=journal+console diff --git a/overlay/usr/lib/systemd/system/ssh-keygen.target b/overlay/usr/lib/systemd/system/ssh-keygen.target deleted file mode 100644 index 09372b4..0000000 --- a/overlay/usr/lib/systemd/system/ssh-keygen.target +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Wants=ssh-keygen@rsa.service -Wants=ssh-keygen@ecdsa.service -Wants=ssh-keygen@ed25519.service - -[Install] -WantedBy=multi-user.target diff --git a/overlay/usr/lib/systemd/system/ssh-keygen@.service b/overlay/usr/lib/systemd/system/ssh-keygen@.service deleted file mode 100644 index 0da6894..0000000 --- a/overlay/usr/lib/systemd/system/ssh-keygen@.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Generate SSH %I host key -ConditionPathExists=!%S/ssh/ssh_host_%I_key - -[Service] -Type=oneshot -StateDirectory=ssh -ExecStart=/usr/bin/ssh-keygen -t %I -f %S/ssh/ssh_host_%I_key -N '' - -[Install] -WantedBy=sshd-keygen.target diff --git a/overlay/usr/lib/systemd/system/sysinit.target.wants/init-storage.service b/overlay/usr/lib/systemd/system/sysinit.target.wants/init-storage.service deleted file mode 120000 index 8ecb074..0000000 --- a/overlay/usr/lib/systemd/system/sysinit.target.wants/init-storage.service +++ /dev/null @@ -1 +0,0 @@ -../init-storage.service \ No newline at end of file diff --git a/overlay/usr/lib/systemd/system/systemd-tmpfiles-setup.service.d/force-subvol.conf b/overlay/usr/lib/systemd/system/systemd-tmpfiles-setup.service.d/force-subvol.conf deleted file mode 100644 index 0aba01f..0000000 --- a/overlay/usr/lib/systemd/system/systemd-tmpfiles-setup.service.d/force-subvol.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -Environment=SYSTEMD_TMPFILES_FORCE_SUBVOL=1 diff --git a/overlay/usr/libexec/factory-reset b/overlay/usr/libexec/factory-reset deleted file mode 100755 index b1a74f7..0000000 --- a/overlay/usr/libexec/factory-reset +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -DATAPART=$(awk '$2=="/var"{print $1}' /etc/fstab) - -dev=$(findfs "${DATAPART}") -if [ -z "${dev}" ]; then - printf 'Could not find data partition (%s)\n' "${DATAPART}" >&2 - exit 1 -fi -wipefs -fa "${dev}" diff --git a/yellow/overlay/usr/libexec/gen-nginx-cert b/overlay/usr/libexec/gen-nginx-cert similarity index 100% rename from yellow/overlay/usr/libexec/gen-nginx-cert rename to overlay/usr/libexec/gen-nginx-cert diff --git a/overlay/usr/libexec/init-storage b/overlay/usr/libexec/init-storage deleted file mode 100755 index 963b74e..0000000 --- a/overlay/usr/libexec/init-storage +++ /dev/null @@ -1,180 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -SUBVOLUMES=' - /var - /var/log - /var/tmp - /etc -' - -cleanup() { - if [ -n "${tmpdir}" ] && [ "${tmpdir}" != / ]; then - if mountpoint -q "${tmpdir}"; then - umount "${tmpdir}" - fi - rm -rf "${tmpdir}" - unset tmpdir - fi -} - -copy_var() { - dev="$1" - - echo 'Copying /var contents to data volume' - mount -o subvol=var "${dev}" "${tmpdir}" || exit - cp -acuv /var/. "${tmpdir}" || exit - umount "${tmpdir}" -} - -format_dev() { - dev="$1" - partno=$(partition_number "${dev}") - if [ -n "${partno}" ]; then - disk="$(get_disk "${dev}")" - if [ -n "${disk}" ]; then - printf 'Resizing partition %d on disk %s\n' \ - "${partno}" \ - "${disk}" \ - >&2 - resize_partition "${disk}" "${partno}" - else - printf 'Could not find disk for device %s\n' \ - "${dev}" \ - >&2 - fi - fi - - printf 'Creating BTRFS filesystem on %s\n' "${dev}" - mkfs.btrfs "${dev}" || exit - - mount "${dev}" "${tmpdir}" || exit - for vol in ${SUBVOLUMES}; do - mkdir -p "${tmpdir}${vol%/*}" || exit - btrfs subvolume create "${tmpdir}${vol}" || exit - done - relabel_all - umount "${dev}" || exit -} - -get_disk() { - _syspath=/sys/class/block/${1##*/} - [ -d "${_syspath}" ] || return 1 - if [ ! -f "${_syspath}"/partition ]; then - readlink -f "${1}" - return $? - fi - _disk=$(readlink -f "${_syspath}"/..) - if [ -n "${_disk}" ]; then - printf '/dev/%s\n' "${_disk##*/}" - return 0 - fi - return 1 -} - -has_fs() { - dev="$1" - fstype=$(blkid -o value -s TYPE "${dev}") - [ -n "${fstype}" ] -} - -last_partition() { - cat /sys/class/block/"${1##*/}"/*/partition \ - | sort -n \ - | tail -n1 -} - -partition_number() { - cat /sys/class/block/${1##*/}/partition -} - -relabel_all() { - selinuxtype=$(. /etc/selinux/config && echo ${SELINUXTYPE}) - find "${tmpdir}" | \ - setfiles \ - -v \ - -F \ - -m \ - -r "${tmpdir}" \ - -s \ - /etc/selinux/${selinuxtype}/contexts/files/file_contexts -} - -resize_partition() { - _disk="${1}" - _part="${2}" - _lastpart=$(last_partition "${_disk}") - if [ "${_part}" -ne "${_lastpart}" ]; then - printf 'Cannot resize %s, it is not the last partition on the disk\n' \ - "${_dev}" \ - >&2 - return 1 - fi - _uuid=$(sfdisk --part-uuid "${_disk}" "${_part}") || return $? - _type=$(sfdisk --part-type "${_disk}" "${_part}") || return $? - _label=$(sfdisk --part-label "${_disk}" "${_part}") || return $? - sfdisk --delete "${_disk}" "${_part}" || return $? - printf 'type=%s, uuid=%s, name="%s"\n' \ - "${_type}" \ - "${_uuid}" \ - "${_label}" \ - | sfdisk -N "${_part}" "${_disk}" --force \ - || return $? - partx -u "${_disk}" -} - -setup_etc() { - dev="$1" - - echo 'Initializing writable paths in /etc' - mount -o subvol=etc "${dev}" "${tmpdir}" || exit - if [ ! -f "${tmpdir}"/shadow ]; then - cp -ca /etc/shadow "${tmpdir}"/shadow || exit - fi - mount -o bind "${tmpdir}"/shadow /etc/shadow || exit - if [ -f /etc/aimee-os/writable-etc ]; then - while read type path; do - if [ ! -e "${tmpdir}/${path}" ]; then - if [ -e /etc/"${path}" ]; then - case "${path}" in - */*) - mkdir -p "${tmpdir}/${path%/*}" - ;; - esac - cp -ca /etc/"${path}" "${tmpdir}/${path}" - elif [ "${type}" = d ]; then - mkdir -p "${tmpdir}/${path}" - elif [ "${type}" = f ]; then - : > "${tmpdir}/${path}" - else - printf 'Invalid path type %s for %s\n' \ - "${type}" \ - "${path}" \ - >&2 - continue - fi - fi - mount -o bind "${tmpdir}/${path}" /etc/"${path}" - done < /etc/aimee-os/writable-etc - fi - umount "${tmpdir}" -} - -datapart=$(findfs $(awk '$2=="/var"{print $1}' /etc/fstab)) -if [ -b "${datapart}" ]; then - printf 'Found data partition: %s\n' "${datapart}" -else - echo 'Could not identify data partition' >&2 - exit 1 -fi - -trap cleanup INT TERM QUIT EXIT -tmpdir=/run/storinit -mkdir -p "${tmpdir}" - -if ! has_fs "${datapart}"; then - format_dev "${datapart}" -fi - -setup_etc "${datapart}" -copy_var "${datapart}" diff --git a/overlay/usr/libexec/ssh-authorized-keys b/overlay/usr/libexec/ssh-authorized-keys deleted file mode 100755 index fdaab3a..0000000 --- a/overlay/usr/libexec/ssh-authorized-keys +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -exec wget -q -O - https://sshkeys.pyrocufflink.blue/"$1"/"$2".pub diff --git a/yellow/overlay/usr/share/factory/var/lib/homeassistant/automations.yaml b/overlay/usr/share/factory/var/lib/homeassistant/automations.yaml similarity index 100% rename from yellow/overlay/usr/share/factory/var/lib/homeassistant/automations.yaml rename to overlay/usr/share/factory/var/lib/homeassistant/automations.yaml diff --git a/yellow/overlay/usr/share/factory/var/lib/homeassistant/configuration.yaml b/overlay/usr/share/factory/var/lib/homeassistant/configuration.yaml similarity index 100% rename from yellow/overlay/usr/share/factory/var/lib/homeassistant/configuration.yaml rename to overlay/usr/share/factory/var/lib/homeassistant/configuration.yaml diff --git a/yellow/overlay/usr/share/factory/var/lib/homeassistant/groups.yaml b/overlay/usr/share/factory/var/lib/homeassistant/groups.yaml similarity index 100% rename from yellow/overlay/usr/share/factory/var/lib/homeassistant/groups.yaml rename to overlay/usr/share/factory/var/lib/homeassistant/groups.yaml diff --git a/yellow/overlay/usr/share/factory/var/lib/homeassistant/http.yaml b/overlay/usr/share/factory/var/lib/homeassistant/http.yaml similarity index 100% rename from yellow/overlay/usr/share/factory/var/lib/homeassistant/http.yaml rename to overlay/usr/share/factory/var/lib/homeassistant/http.yaml diff --git a/yellow/overlay/usr/share/factory/var/lib/homeassistant/scenes.yaml b/overlay/usr/share/factory/var/lib/homeassistant/scenes.yaml similarity index 100% rename from yellow/overlay/usr/share/factory/var/lib/homeassistant/scenes.yaml rename to overlay/usr/share/factory/var/lib/homeassistant/scenes.yaml diff --git a/yellow/overlay/usr/share/factory/var/lib/homeassistant/scripts.yaml b/overlay/usr/share/factory/var/lib/homeassistant/scripts.yaml similarity index 100% rename from yellow/overlay/usr/share/factory/var/lib/homeassistant/scripts.yaml rename to overlay/usr/share/factory/var/lib/homeassistant/scripts.yaml diff --git a/yellow/overlay/usr/share/factory/var/lib/homeassistant/secrets.yaml b/overlay/usr/share/factory/var/lib/homeassistant/secrets.yaml similarity index 100% rename from yellow/overlay/usr/share/factory/var/lib/homeassistant/secrets.yaml rename to overlay/usr/share/factory/var/lib/homeassistant/secrets.yaml diff --git a/patches/ebuilds/app-containers/conmon/bdepend-go-md2man.patch b/patches/ebuilds/app-containers/conmon/bdepend-go-md2man.patch deleted file mode 100644 index f216e73..0000000 --- a/patches/ebuilds/app-containers/conmon/bdepend-go-md2man.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/conmon-2.1.6.ebuild 2023-02-22 01:40:17.000000000 -0000 -+++ b/conmon-2.1.6.ebuild 2023-03-17 15:27:37.119865995 -0000 -@@ -18,8 +18,8 @@ - RDEPEND="dev-libs/glib:= - sys-libs/libseccomp - systemd? ( sys-apps/systemd:= )" --DEPEND="${RDEPEND} -- dev-go/go-md2man" -+DEPEND="${RDEPEND}" -+BDEPEND="dev-go/go-md2man" - - src_prepare() { - default diff --git a/patches/ebuilds/app-containers/conmon/cross-pkg-config.patch b/patches/ebuilds/app-containers/conmon/cross-pkg-config.patch deleted file mode 100644 index be92ba8..0000000 --- a/patches/ebuilds/app-containers/conmon/cross-pkg-config.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/conmon-2.1.6.ebuild 2023-03-16 15:02:17.213375763 -0000 -+++ b/conmon-2.1.6.ebuild 2023-03-16 15:02:46.337375763 -0000 -@@ -34,7 +34,7 @@ - } - - src_compile() { -- tc-export CC -+ tc-export CC PKG_CONFIG - emake GIT_COMMIT="v${PV}" \ - all - } diff --git a/patches/ebuilds/app-containers/podman/go-md2man.patch b/patches/ebuilds/app-containers/podman/go-md2man.patch deleted file mode 100644 index 74e9e9d..0000000 --- a/patches/ebuilds/app-containers/podman/go-md2man.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/podman-4.4.1.ebuild 2023-03-22 01:23:44.252387512 -0000 -+++ b/podman-4.4.1.ebuild 2023-03-22 01:36:23.424387512 -0000 -@@ -37,8 +37,8 @@ - selinux? ( sys-libs/libselinux:= ) - " - DEPEND=" -- ${COMMON_DEPEND} -- dev-go/go-md2man" -+ ${COMMON_DEPEND}" -+BDEPEND="dev-go/go-md2man" - RDEPEND="${COMMON_DEPEND} - fuse? ( sys-fs/fuse-overlayfs ) - selinux? ( sec-policy/selinux-podman )" diff --git a/patches/ebuilds/app-containers/podman/tc-export.patch b/patches/ebuilds/app-containers/podman/tc-export.patch deleted file mode 100644 index beab0c9..0000000 --- a/patches/ebuilds/app-containers/podman/tc-export.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/podman-4.4.1-r1.ebuild 2023-03-23 16:15:10.845405285 -0000 -+++ b/podman-4.4.1-r1.ebuild 2023-03-23 16:15:54.433405285 -0000 -@@ -60,6 +60,8 @@ - has_version -b '>=dev-lang/go-1.13.9' || makefile_sed_args+=(-e 's:GO111MODULE=off:GO111MODULE=on:') - - sed "${makefile_sed_args[@]}" -i Makefile || die -+ -+ tc-export CC LD - } - - src_compile() { diff --git a/patches/ebuilds/sys-boot/grub/no-efibootmgr.patch b/patches/ebuilds/sys-boot/grub/no-efibootmgr.patch deleted file mode 100644 index 649f0be..0000000 --- a/patches/ebuilds/sys-boot/grub/no-efibootmgr.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff -ruN a/grub-2.06-r5.ebuild b/grub-2.06-r5.ebuild ---- a/grub-2.06-r5.ebuild 2023-02-07 10:43:00.106060206 -0600 -+++ b/grub-2.06-r5.ebuild 2023-02-07 10:43:21.884298259 -0600 -@@ -128,10 +128,6 @@ - ppc64? ( >=sys-apps/ibm-powerpc-utils-1.3.5 ) - " - RDEPEND="${DEPEND} -- kernel_linux? ( -- grub_platforms_efi-32? ( sys-boot/efibootmgr ) -- grub_platforms_efi-64? ( sys-boot/efibootmgr ) -- ) - !sys-boot/grub:0 - nls? ( sys-devel/gettext ) - " diff --git a/podman-build.sh b/podman-build.sh deleted file mode 100755 index 0761fe1..0000000 --- a/podman-build.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -set -e - -cid=$(./start-container.sh) - -./patch-uboot.sh - -podman exec -it ${cid} make - -podman stop ${cid} -podman rm ${cid} diff --git a/yellow/portage/host/etc/portage/env/nobuildpkg b/portage/host/etc/portage/env/nobuildpkg similarity index 100% rename from yellow/portage/host/etc/portage/env/nobuildpkg rename to portage/host/etc/portage/env/nobuildpkg diff --git a/yellow/portage/host/etc/portage/make.conf/15-keywords.conf b/portage/host/etc/portage/make.conf/15-keywords.conf similarity index 100% rename from yellow/portage/host/etc/portage/make.conf/15-keywords.conf rename to portage/host/etc/portage/make.conf/15-keywords.conf diff --git a/yellow/portage/host/etc/portage/make.conf/20-binpkgs.conf b/portage/host/etc/portage/make.conf/20-binpkgs.conf similarity index 100% rename from yellow/portage/host/etc/portage/make.conf/20-binpkgs.conf rename to portage/host/etc/portage/make.conf/20-binpkgs.conf diff --git a/yellow/portage/host/etc/portage/make.conf/80-quiet.conf b/portage/host/etc/portage/make.conf/80-quiet.conf similarity index 100% rename from yellow/portage/host/etc/portage/make.conf/80-quiet.conf rename to portage/host/etc/portage/make.conf/80-quiet.conf diff --git a/yellow/portage/host/etc/portage/make.profile b/portage/host/etc/portage/make.profile similarity index 100% rename from yellow/portage/host/etc/portage/make.profile rename to portage/host/etc/portage/make.profile diff --git a/yellow/portage/host/etc/portage/package.accept_keywords/genimage b/portage/host/etc/portage/package.accept_keywords/genimage similarity index 100% rename from yellow/portage/host/etc/portage/package.accept_keywords/genimage rename to portage/host/etc/portage/package.accept_keywords/genimage diff --git a/yellow/portage/host/etc/portage/package.accept_keywords/kernel b/portage/host/etc/portage/package.accept_keywords/kernel similarity index 100% rename from yellow/portage/host/etc/portage/package.accept_keywords/kernel rename to portage/host/etc/portage/package.accept_keywords/kernel diff --git a/yellow/portage/host/etc/portage/package.env/kernel b/portage/host/etc/portage/package.env/kernel similarity index 100% rename from yellow/portage/host/etc/portage/package.env/kernel rename to portage/host/etc/portage/package.env/kernel diff --git a/yellow/portage/host/etc/portage/package.use/btrfs-progs b/portage/host/etc/portage/package.use/btrfs-progs similarity index 100% rename from yellow/portage/host/etc/portage/package.use/btrfs-progs rename to portage/host/etc/portage/package.use/btrfs-progs diff --git a/yellow/portage/host/etc/portage/package.use/git b/portage/host/etc/portage/package.use/git similarity index 100% rename from yellow/portage/host/etc/portage/package.use/git rename to portage/host/etc/portage/package.use/git diff --git a/yellow/portage/host/etc/portage/package.use/grub b/portage/host/etc/portage/package.use/grub similarity index 100% rename from yellow/portage/host/etc/portage/package.use/grub rename to portage/host/etc/portage/package.use/grub diff --git a/yellow/portage/host/etc/portage/package.use/kernel b/portage/host/etc/portage/package.use/kernel similarity index 100% rename from yellow/portage/host/etc/portage/package.use/kernel rename to portage/host/etc/portage/package.use/kernel diff --git a/yellow/portage/host/etc/portage/package.use/selinux b/portage/host/etc/portage/package.use/selinux similarity index 100% rename from yellow/portage/host/etc/portage/package.use/selinux rename to portage/host/etc/portage/package.use/selinux diff --git a/yellow/portage/host/etc/portage/package.use/squashfs-tools b/portage/host/etc/portage/package.use/squashfs-tools similarity index 100% rename from yellow/portage/host/etc/portage/package.use/squashfs-tools rename to portage/host/etc/portage/package.use/squashfs-tools diff --git a/yellow/portage/host/etc/portage/package.use/systemd b/portage/host/etc/portage/package.use/systemd similarity index 100% rename from yellow/portage/host/etc/portage/package.use/systemd rename to portage/host/etc/portage/package.use/systemd diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm2711-Add-device-tree-for-Home-Assistant-Y.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm2711-Add-device-tree-for-Home-Assistant-Y.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm2711-Add-device-tree-for-Home-Assistant-Y.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm2711-Add-device-tree-for-Home-Assistant-Y.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm2711-Add-device-tree-for-Home-Assistant-Y.patch2 b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm2711-Add-device-tree-for-Home-Assistant-Y.patch2 similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm2711-Add-device-tree-for-Home-Assistant-Y.patch2 rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm2711-Add-device-tree-for-Home-Assistant-Y.patch2 diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm283x-add-compatible-picked-up-by-U-Boot.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm283x-add-compatible-picked-up-by-U-Boot.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm283x-add-compatible-picked-up-by-U-Boot.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0001-ARM-dts-bcm283x-add-compatible-picked-up-by-U-Boot.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0002-ARM-dts-bcm2711-yellow-Mux-UART4-for-SiLabs-radio-mo.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0002-ARM-dts-bcm2711-yellow-Mux-UART4-for-SiLabs-radio-mo.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0002-ARM-dts-bcm2711-yellow-Mux-UART4-for-SiLabs-radio-mo.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0002-ARM-dts-bcm2711-yellow-Mux-UART4-for-SiLabs-radio-mo.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0003-ARM-dts-bcm2711-yellow-Mux-debug-UART5.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0003-ARM-dts-bcm2711-yellow-Mux-debug-UART5.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0003-ARM-dts-bcm2711-yellow-Mux-debug-UART5.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0003-ARM-dts-bcm2711-yellow-Mux-debug-UART5.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0004-ARM-dts-bcm2711-yellow-Enable-I2C6-by-default.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0004-ARM-dts-bcm2711-yellow-Enable-I2C6-by-default.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0004-ARM-dts-bcm2711-yellow-Enable-I2C6-by-default.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0004-ARM-dts-bcm2711-yellow-Enable-I2C6-by-default.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0005-ARM-dts-bcm2711-yellow-add-I2S-audio-codec.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0005-ARM-dts-bcm2711-yellow-add-I2S-audio-codec.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0005-ARM-dts-bcm2711-yellow-add-I2S-audio-codec.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0005-ARM-dts-bcm2711-yellow-add-I2S-audio-codec.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0006-ARM-dts-bcm2711-yellow-enable-GPIO-keys.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0006-ARM-dts-bcm2711-yellow-enable-GPIO-keys.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0006-ARM-dts-bcm2711-yellow-enable-GPIO-keys.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0006-ARM-dts-bcm2711-yellow-enable-GPIO-keys.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0007-ARM-dts-bcm2711-yellow-add-user-LED.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0007-ARM-dts-bcm2711-yellow-add-user-LED.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0007-ARM-dts-bcm2711-yellow-add-user-LED.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0007-ARM-dts-bcm2711-yellow-add-user-LED.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0008-ARM-dts-bcm2711-yellow-add-NXP-PCF85063A-RTC.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0008-ARM-dts-bcm2711-yellow-add-NXP-PCF85063A-RTC.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0008-ARM-dts-bcm2711-yellow-add-NXP-PCF85063A-RTC.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0008-ARM-dts-bcm2711-yellow-add-NXP-PCF85063A-RTC.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0009-ARM-dts-bcm2711-yellow-enable-USB-host-mode-by-defau.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0009-ARM-dts-bcm2711-yellow-enable-USB-host-mode-by-defau.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0009-ARM-dts-bcm2711-yellow-enable-USB-host-mode-by-defau.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0009-ARM-dts-bcm2711-yellow-enable-USB-host-mode-by-defau.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0010-ARM-dts-bcm2711-yellow-use-generic-activity-trigger-.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0010-ARM-dts-bcm2711-yellow-use-generic-activity-trigger-.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0010-ARM-dts-bcm2711-yellow-use-generic-activity-trigger-.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0010-ARM-dts-bcm2711-yellow-use-generic-activity-trigger-.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0011-ARM-dts-bcm2711-yellow-use-USB-OTG-mode-by-default.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0011-ARM-dts-bcm2711-yellow-use-USB-OTG-mode-by-default.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0011-ARM-dts-bcm2711-yellow-use-USB-OTG-mode-by-default.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0011-ARM-dts-bcm2711-yellow-use-USB-OTG-mode-by-default.patch diff --git a/yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0012-ARM-dts-bcm2711-yellow-Add-LED-overrides.patch b/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0012-ARM-dts-bcm2711-yellow-Add-LED-overrides.patch similarity index 100% rename from yellow/portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0012-ARM-dts-bcm2711-yellow-Add-LED-overrides.patch rename to portage/host/etc/portage/patches/sys-kernel/raspberrypi-sources/0012-ARM-dts-bcm2711-yellow-Add-LED-overrides.patch diff --git a/yellow/portage/target/etc/portage/env/app-backup/burp b/portage/target/etc/portage/env/app-backup/burp similarity index 100% rename from yellow/portage/target/etc/portage/env/app-backup/burp rename to portage/target/etc/portage/env/app-backup/burp diff --git a/yellow/portage/target/etc/portage/env/nobuildpkg b/portage/target/etc/portage/env/nobuildpkg similarity index 100% rename from yellow/portage/target/etc/portage/env/nobuildpkg rename to portage/target/etc/portage/env/nobuildpkg diff --git a/yellow/portage/target/etc/portage/make.conf/10-common.conf b/portage/target/etc/portage/make.conf/10-common.conf similarity index 100% rename from yellow/portage/target/etc/portage/make.conf/10-common.conf rename to portage/target/etc/portage/make.conf/10-common.conf diff --git a/yellow/portage/target/etc/portage/make.conf/10-crossdev.conf b/portage/target/etc/portage/make.conf/10-crossdev.conf similarity index 100% rename from yellow/portage/target/etc/portage/make.conf/10-crossdev.conf rename to portage/target/etc/portage/make.conf/10-crossdev.conf diff --git a/yellow/portage/target/etc/portage/make.conf/20-binpkgs.conf b/portage/target/etc/portage/make.conf/20-binpkgs.conf similarity index 100% rename from yellow/portage/target/etc/portage/make.conf/20-binpkgs.conf rename to portage/target/etc/portage/make.conf/20-binpkgs.conf diff --git a/yellow/portage/target/etc/portage/make.conf/30-default-use.conf b/portage/target/etc/portage/make.conf/30-default-use.conf similarity index 100% rename from yellow/portage/target/etc/portage/make.conf/30-default-use.conf rename to portage/target/etc/portage/make.conf/30-default-use.conf diff --git a/yellow/portage/target/etc/portage/make.conf/40-goarch.conf b/portage/target/etc/portage/make.conf/40-goarch.conf similarity index 100% rename from yellow/portage/target/etc/portage/make.conf/40-goarch.conf rename to portage/target/etc/portage/make.conf/40-goarch.conf diff --git a/yellow/portage/target/etc/portage/make.conf/40-lang.conf b/portage/target/etc/portage/make.conf/40-lang.conf similarity index 100% rename from yellow/portage/target/etc/portage/make.conf/40-lang.conf rename to portage/target/etc/portage/make.conf/40-lang.conf diff --git a/yellow/portage/target/etc/portage/make.conf/60-selinux.conf b/portage/target/etc/portage/make.conf/60-selinux.conf similarity index 100% rename from yellow/portage/target/etc/portage/make.conf/60-selinux.conf rename to portage/target/etc/portage/make.conf/60-selinux.conf diff --git a/yellow/portage/target/etc/portage/make.conf/80-quiet.conf b/portage/target/etc/portage/make.conf/80-quiet.conf similarity index 100% rename from yellow/portage/target/etc/portage/make.conf/80-quiet.conf rename to portage/target/etc/portage/make.conf/80-quiet.conf diff --git a/yellow/portage/target/etc/portage/make.profile b/portage/target/etc/portage/make.profile similarity index 100% rename from yellow/portage/target/etc/portage/make.profile rename to portage/target/etc/portage/make.profile diff --git a/yellow/portage/target/etc/portage/package.accept_keywords/burp b/portage/target/etc/portage/package.accept_keywords/burp similarity index 100% rename from yellow/portage/target/etc/portage/package.accept_keywords/burp rename to portage/target/etc/portage/package.accept_keywords/burp diff --git a/yellow/portage/target/etc/portage/package.env/linux-firmware b/portage/target/etc/portage/package.env/linux-firmware similarity index 100% rename from yellow/portage/target/etc/portage/package.env/linux-firmware rename to portage/target/etc/portage/package.env/linux-firmware diff --git a/yellow/portage/target/etc/portage/package.env/raspberrypi-firmware b/portage/target/etc/portage/package.env/raspberrypi-firmware similarity index 100% rename from yellow/portage/target/etc/portage/package.env/raspberrypi-firmware rename to portage/target/etc/portage/package.env/raspberrypi-firmware diff --git a/yellow/portage/target/etc/portage/package.license/firmware b/portage/target/etc/portage/package.license/firmware similarity index 100% rename from yellow/portage/target/etc/portage/package.license/firmware rename to portage/target/etc/portage/package.license/firmware diff --git a/yellow/portage/target/etc/portage/package.use/awk b/portage/target/etc/portage/package.use/awk similarity index 100% rename from yellow/portage/target/etc/portage/package.use/awk rename to portage/target/etc/portage/package.use/awk diff --git a/yellow/portage/target/etc/portage/package.use/busybox b/portage/target/etc/portage/package.use/busybox similarity index 100% rename from yellow/portage/target/etc/portage/package.use/busybox rename to portage/target/etc/portage/package.use/busybox diff --git a/yellow/portage/target/etc/portage/package.use/firmware b/portage/target/etc/portage/package.use/firmware similarity index 100% rename from yellow/portage/target/etc/portage/package.use/firmware rename to portage/target/etc/portage/package.use/firmware diff --git a/yellow/portage/target/etc/portage/package.use/go b/portage/target/etc/portage/package.use/go similarity index 100% rename from yellow/portage/target/etc/portage/package.use/go rename to portage/target/etc/portage/package.use/go diff --git a/yellow/portage/target/etc/portage/package.use/grub b/portage/target/etc/portage/package.use/grub similarity index 100% rename from yellow/portage/target/etc/portage/package.use/grub rename to portage/target/etc/portage/package.use/grub diff --git a/yellow/portage/target/etc/portage/package.use/iptables b/portage/target/etc/portage/package.use/iptables similarity index 100% rename from yellow/portage/target/etc/portage/package.use/iptables rename to portage/target/etc/portage/package.use/iptables diff --git a/yellow/portage/target/etc/portage/package.use/python b/portage/target/etc/portage/package.use/python similarity index 100% rename from yellow/portage/target/etc/portage/package.use/python rename to portage/target/etc/portage/package.use/python diff --git a/yellow/portage/target/etc/portage/package.use/u-boot b/portage/target/etc/portage/package.use/u-boot similarity index 100% rename from yellow/portage/target/etc/portage/package.use/u-boot rename to portage/target/etc/portage/package.use/u-boot diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base-policy b/portage/target/etc/portage/patches/sec-policy/selinux-base-policy similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base-policy rename to portage/target/etc/portage/patches/sec-policy/selinux-base-policy diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0001-systemd-Fixes-for-systemd-resolved.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0001-systemd-Fixes-for-systemd-resolved.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0001-systemd-Fixes-for-systemd-resolved.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0001-systemd-Fixes-for-systemd-resolved.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0002-mount-Allow-mounting-on-etc_t.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0002-mount-Allow-mounting-on-etc_t.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0002-mount-Allow-mounting-on-etc_t.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0002-mount-Allow-mounting-on-etc_t.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0003-kernel-Mark-unlabeled_t-as-mount-point-type.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0003-kernel-Mark-unlabeled_t-as-mount-point-type.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0003-kernel-Mark-unlabeled_t-as-mount-point-type.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0003-kernel-Mark-unlabeled_t-as-mount-point-type.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0004-Allow-systemd-journald-list-cgroup-directories.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0004-Allow-systemd-journald-list-cgroup-directories.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0004-Allow-systemd-journald-list-cgroup-directories.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0004-Allow-systemd-journald-list-cgroup-directories.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0005-Allow-systemd-to-create-directories.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0005-Allow-systemd-to-create-directories.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0005-Allow-systemd-to-create-directories.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0005-Allow-systemd-to-create-directories.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0006-Allow-init-to-setattr-on-char-devices.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0006-Allow-init-to-setattr-on-char-devices.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0006-Allow-init-to-setattr-on-char-devices.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0006-Allow-init-to-setattr-on-char-devices.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0007-podman-Allow-crun-to-chown-stdio-sockets.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0007-podman-Allow-crun-to-chown-stdio-sockets.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0007-podman-Allow-crun-to-chown-stdio-sockets.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0007-podman-Allow-crun-to-chown-stdio-sockets.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0008-systemd-Allow-quadlet-to-read-container-configs.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0008-systemd-Allow-quadlet-to-read-container-configs.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0008-systemd-Allow-quadlet-to-read-container-configs.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0008-systemd-Allow-quadlet-to-read-container-configs.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0009-container-Allow-containers-to-use-fd-from-init.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0009-container-Allow-containers-to-use-fd-from-init.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0009-container-Allow-containers-to-use-fd-from-init.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0009-container-Allow-containers-to-use-fd-from-init.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0009-podman-Allow-podman-to-use-fd-inherited-from-init.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0009-podman-Allow-podman-to-use-fd-inherited-from-init.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0009-podman-Allow-podman-to-use-fd-inherited-from-init.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0009-podman-Allow-podman-to-use-fd-inherited-from-init.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0010-Allow-podman-to-validate-security-contexts.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0010-Allow-podman-to-validate-security-contexts.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0010-Allow-podman-to-validate-security-contexts.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0010-Allow-podman-to-validate-security-contexts.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0011-podman-Allow-conmon-to-signal-containers.patch b/portage/target/etc/portage/patches/sec-policy/selinux-base/0011-podman-Allow-conmon-to-signal-containers.patch similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-base/0011-podman-Allow-conmon-to-signal-containers.patch rename to portage/target/etc/portage/patches/sec-policy/selinux-base/0011-podman-Allow-conmon-to-signal-containers.patch diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-container b/portage/target/etc/portage/patches/sec-policy/selinux-container similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-container rename to portage/target/etc/portage/patches/sec-policy/selinux-container diff --git a/yellow/portage/target/etc/portage/patches/sec-policy/selinux-podman b/portage/target/etc/portage/patches/sec-policy/selinux-podman similarity index 100% rename from yellow/portage/target/etc/portage/patches/sec-policy/selinux-podman rename to portage/target/etc/portage/patches/sec-policy/selinux-podman diff --git a/yellow/portage/target/etc/portage/savedconfig/sys-apps/busybox b/portage/target/etc/portage/savedconfig/sys-apps/busybox similarity index 100% rename from yellow/portage/target/etc/portage/savedconfig/sys-apps/busybox rename to portage/target/etc/portage/savedconfig/sys-apps/busybox diff --git a/yellow/portage/target/etc/portage/savedconfig/sys-boot/u-boot b/portage/target/etc/portage/savedconfig/sys-boot/u-boot similarity index 100% rename from yellow/portage/target/etc/portage/savedconfig/sys-boot/u-boot rename to portage/target/etc/portage/savedconfig/sys-boot/u-boot diff --git a/yellow/portage/target/etc/portage/savedconfig/sys-kernel/linux-firmware b/portage/target/etc/portage/savedconfig/sys-kernel/linux-firmware similarity index 100% rename from yellow/portage/target/etc/portage/savedconfig/sys-kernel/linux-firmware rename to portage/target/etc/portage/savedconfig/sys-kernel/linux-firmware diff --git a/post-build.sh b/post-build.sh old mode 100755 new mode 100644 index 9c1ae6d..10f74fa --- a/post-build.sh +++ b/post-build.sh @@ -1,10 +1,9 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : +# vim: set ft=sh sw=4 ts=4 sts=4 et : -set -e - -. "${CONFIGDIR:=${PWD}}"/config - -if [ -f "${CONFIGDIR}"/post-build.sh ]; then - . "${CONFIGDIR}"/post-build.sh -fi +cp -uv \ + /usr/${target}/boot/*.bin \ + /usr/${target}/boot/*.dat \ + /usr/${target}/boot/*.elf \ + /usr/${target}/usr/share/u-boot/u-boot.bin \ + "${CONFIGDIR}"/config.txt \ + "$1"/efi-part/ diff --git a/prepare.sh b/prepare.sh deleted file mode 100755 index 3406b58..0000000 --- a/prepare.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -set -e - -. "${CONFIGDIR:=${PWD}}"/config - -# Ensure we have a Portage repo -if [ ! -f /var/db/repos/gentoo/metadata/timestamp ]; then - emerge-webrsync -fi - -chown portage: "$(portageq envvar DISTDIR)" - -ARCH=$(PORTAGE_CONFIGROOT=/usr/${target} portageq envvar ARCH) -PKGDIR=$(portageq envvar PKGDIR) -FEATURES="${FEATURES} binpkg-multi-instance" - -# For some reason, libcap installs its pkg-config files in the wrong -# place. More strangely, even though `PKG_CONFIG_PATH` contains that -# directory, `pkg-config` does not find the `.pc` files for libcap. -# We work around this by merging /usr/lib64/pkgconfig and -# /usr/lib/pkgconfig. -FEATURES="${FEATURES}" \ -PKGDIR="${PKGDIR}" \ -${target}-emerge -kb1vnj sys-libs/libcap -if [ -d /usr/${target}/usr/lib/pkgconfig ] \ - && [ ! -d /usr/${target}/usr/lib64/pkgconfig ]; then - mv /usr/${target}/usr/lib/pkgconfig /usr/${target}/usr/lib64 - ln -snf ../lib64/pkgconfig /usr/${target}/usr/lib/pkgconfig -fi - -if [ ! -f portage/make.conf/10-crossdev.conf ]; then - sed -r \ - -e 's: ?-pam::' \ - -e '/PKGDIR=/d' \ - /usr/${target}/etc/portage/make.conf \ - > "${CONFIGDIR}"/portage/target/etc/portage/make.conf/10-crossdev.conf -fi - -ln -snf /var/db/repos/gentoo/profiles/default/linux/${ARCH}/17.0 \ - /usr/${target}/etc/portage/make.profile - -FEATURES="${FEATURES}" \ -PKGDIR="${PKGDIR}" \ -${target}-emerge -bk1nvj sys-libs/glibc - -FEATURES="${FEATURES}" \ -PKGDIR=$(portageq envvar PKGDIR) \ -USE=pam \ -${target}-emerge -bknvj sys-apps/util-linux - -# Migrate to the merged-usr layout -mkdir -p /usr/${target}/bin -emerge -bknv --quiet-build=y merge-usr -merge-usr --root=/usr/${target} - -# Set the Portage profile -ln -snf \ - /var/db/repos/gentoo/profiles/${profile} \ - ${CONFIGDIR}/portage/target/etc/portage/make.profile -ln -snf \ - $(realpath /etc/portage/make.profile) \ - ${CONFIGDIR}/portage/host/etc/portage/make.profile diff --git a/rebuild-pkg.sh b/rebuild-pkg.sh deleted file mode 100755 index 3a3e711..0000000 --- a/rebuild-pkg.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -set -e - -. "${CONFIGDIR:=${PWD}}"/config - -unset MAKEFLAGS MAKEOVERRIDES MAKELEVEL - -export PORTAGE_CONFIGROOT="${CONFIGDIR}"/portage/target - -${target}-emerge -bkv1j --usepkg-exclude="$*" "$@" diff --git a/repos/aimee-os/metadata/layout.conf b/repos/aimee-os/metadata/layout.conf deleted file mode 100644 index ca9fee1..0000000 --- a/repos/aimee-os/metadata/layout.conf +++ /dev/null @@ -1,2 +0,0 @@ -masters = gentoo -thin-manifests = true diff --git a/repos/aimee-os/profiles/repo_name b/repos/aimee-os/profiles/repo_name deleted file mode 100644 index a9c9302..0000000 --- a/repos/aimee-os/profiles/repo_name +++ /dev/null @@ -1 +0,0 @@ -aimee-os diff --git a/repos/aimee-os/sec-policy/selinux-aimee-os/Manifest b/repos/aimee-os/sec-policy/selinux-aimee-os/Manifest deleted file mode 100644 index da1fdd1..0000000 --- a/repos/aimee-os/sec-policy/selinux-aimee-os/Manifest +++ /dev/null @@ -1,2 +0,0 @@ -DIST patchbundle-selinux-base-policy-2.20221101-r3.tar.bz2 444710 BLAKE2B e33cc01a8be5a354e022be1e8bf242883b09b15ead0673f859819f5e668f18773a16527f2e608878e6976695dcb2890c55658e77877e93c716ae0b2dd2ed5a9b SHA512 52e60b22346903a6fead95c9fb348fa1d4037b7dcd3e5781248a7dfc426c8c3fced258fd22762c779a5f436d8be21eaed5425ed36ff99c267daae5e1cb9c8e7f -DIST refpolicy-2.20221101.tar.bz2 583183 BLAKE2B 783d8af40fd77d7ddb848dba32e91921dd7c1380c094c45b719ada7b15f91aacbb52b410ffa6341f2f705ecbc9674b8570bd4867ce998e944fa0054ffd8bdf74 SHA512 29e5a29d90f714018c88fead2d5006ea90338fb5b7a1e4e98cb2e588c96cd861871d32176f6cc6f7c4e864ce5acae1aeed85d4c706ce2da8168986535baaf3a6 diff --git a/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.fc b/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.fc deleted file mode 100644 index 45fee53..0000000 --- a/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.fc +++ /dev/null @@ -1,8 +0,0 @@ -/usr/bin/system-update -- gen_context(system_u:object_r:aimee_sysupdate_exec_t,s0) -/usr/bin/set-root-password -- gen_context(system_u:object_r:aimee_set_root_password_exec_t,s0) -/usr/libexec/factory-reset -- gen_context(system_u:object_r:aimee_factory_reset_exec_t,s0) -/usr/libexec/init-storage -- gen_context(system_u:object_r:aimee_storinit_exec_t,s0) - -/var/run/storinit(/.*)? gen_context(system_u:object_r:aimee_storinit_runtime_t,s0) - -/var/lib/ssh/.*_key.* -- gen_context(system_u:object_r:sshd_key_t,s0) diff --git a/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.if b/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.if deleted file mode 100644 index 8884541..0000000 --- a/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.if +++ /dev/null @@ -1,135 +0,0 @@ -## Policy for Aimee OS utilities. - -######################################## -## -## Execute system-update in the aimee_sysupdate_t -## domain. -## -## -## -## Domain allowed to transition. -## -## -# -interface(`aimee_os_system_update_domtrans',` - gen_require(` - type aimee_sysupdate_t, aimee_sysupdate_exec_t; - ') - - domtrans_pattern($1, aimee_sysupdate_exec_t, aimee_sysupdate_t) -') - -######################################## -## -## Execute system-update in the aimee_sysupdate_t -## domain, and allow the specified role the -## aimee_sysupdate_t domain. -## -## -## -## Domain allowed to transition. -## -## -## -## -## Role allowed access. -## -## -## -# -interface(`aimee_os_run_system_update',` - gen_require(` - type aimee_sysupdate_t; - ') - - aimee_os_system_update_domtrans($1) - role $2 types aimee_sysupdate_t; -') - -######################################## -## -## Execute set-root-password in the -## aimee_set_root_password_t domain. -## -## -## -## Domain allowed to transition. -## -## -# -interface(`aimee_os_set_root_password_domtrans',` - gen_require(` - type aimee_set_root_password_t, aimee_set_root_password_exec_t; - ') - - domtrans_pattern($1, aimee_set_root_password_exec_t, aimee_set_root_password_t) -') - -######################################## -## -## Execute set-root-password in the -## aimee_set_root_password_t domain, and -## allow the specified role the -## aimee_set_root_password_t domain. -## -## -## -## Domain allowed to transition. -## -## -## -## -## Role allowed access. -## -## -## -# -interface(`aimee_os_run_set_root_password',` - gen_require(` - type aimee_set_root_password_t; - ') - - aimee_os_set_root_password_domtrans($1) - role $2 types aimee_set_root_password_t; - mount_run(aimee_set_root_password_t, $2) -') - -######################################## -## -## Execute set-root-password in the caller -## domain. -## -## -## -## Domain allowed access. -## -## -# -interface(`aimee_os_set_root_password_exec',` - gen_require(` - type aimee_set_root_password_exec_t; - ') - - corecmd_search_bin($1) - can_exec($1, aimee_set_root_password_exec_t) -') - -######################################## -## -## Create, read, write, and delete temporary -## files used by Aimee OS set-root-password. -## -## -## -## Domain allowed access. -## -## -# -interface(`aimee_os_manage_set_root_password_tmp_files',` - gen_require(` - type aimee_set_root_password_tmp_t; - ') - - manage_files_pattern($1, aimee_set_root_password_tmp_t, aimee_set_root_password_tmp_t) - read_lnk_files_pattern($1, aimee_set_root_password_tmp_t, aimee_set_root_password_tmp_t) -') diff --git a/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te b/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te deleted file mode 100644 index abe887b..0000000 --- a/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te +++ /dev/null @@ -1,259 +0,0 @@ -policy_module(aimee-os, 1.0) - -######################################## -# -# Declarations -# - -type aimee_storinit_t; -type aimee_storinit_exec_t; -init_daemon_domain(aimee_storinit_t, aimee_storinit_exec_t) - -type aimee_storinit_runtime_t; -files_runtime_file(aimee_storinit_runtime_t) - -type aimee_sysupdate_t; -type aimee_sysupdate_exec_t; -userdom_user_application_domain(aimee_sysupdate_t, aimee_sysupdate_exec_t) - -type aimee_sysupdate_tmp_t; -files_tmp_file(aimee_sysupdate_tmp_t) - -type aimee_factory_reset_t; -type aimee_factory_reset_exec_t; -init_daemon_domain(aimee_factory_reset_t, aimee_factory_reset_exec_t) - -type aimee_set_root_password_t; -type aimee_set_root_password_exec_t; -userdom_user_application_domain(aimee_set_root_password_t, aimee_set_root_password_exec_t) - -type aimee_set_root_password_tmp_t; -files_tmp_file(aimee_set_root_password_tmp_t) - -######################################## -# -# init-storage local policy -# - -allow aimee_storinit_t self:fifo_file rw_fifo_file_perms; -allow aimee_storinit_t self:capability { dac_read_search dac_override chown fowner fsetid sys_admin }; -allow aimee_storinit_t self:process { setfscreate }; - -manage_dirs_pattern(aimee_storinit_t, aimee_storinit_runtime_t, aimee_storinit_runtime_t) -manage_files_pattern(aimee_storinit_t, aimee_storinit_runtime_t, aimee_storinit_runtime_t) -files_runtime_filetrans(aimee_storinit_t, aimee_storinit_runtime_t, dir) - -corecmd_exec_bin(aimee_storinit_t) - -files_read_etc_files(aimee_storinit_t) -storage_raw_read_fixed_disk(aimee_storinit_t) -fstools_domtrans(aimee_storinit_t) -mount_exec(aimee_storinit_t) -miscfiles_read_localization(aimee_storinit_t) -mount_list_runtime(aimee_storinit_t) -dev_read_sysfs(aimee_storinit_t) -kernel_search_debugfs(aimee_storinit_t) -kernel_list_unlabeled(aimee_storinit_t) -fs_getattr_all_fs(aimee_storinit_t) -fs_mount_all_fs(aimee_storinit_t) -fs_unmount_all_fs(aimee_storinit_t) -allow aimee_storinit_t aimee_storinit_runtime_t:dir mounton; - -gen_require(` - type mount_runtime_t; -') -dontaudit aimee_storinit_t mount_runtime_t:dir write; - -seutil_read_config(aimee_storinit_t) -seutil_read_file_contexts(aimee_storinit_t) -seutil_read_bin_policy(aimee_storinit_t) -seutil_domtrans_setfiles(aimee_storinit_t) - -kernel_manage_unlabeled_dirs(aimee_storinit_t) - -files_manage_non_security_dirs(aimee_storinit_t) -files_relabel_non_security_dirs(aimee_storinit_t) -files_manage_non_security_files(aimee_storinit_t) -files_relabel_non_security_files(aimee_storinit_t) -logging_manage_audit_log(aimee_storinit_t) -gen_require(` - attribute non_security_file_type; -') -manage_lnk_files_pattern(aimee_storinit_t, non_security_file_type, non_security_file_type) -relabel_lnk_files_pattern(aimee_storinit_t, non_security_file_type, non_security_file_type) - -auth_manage_shadow(aimee_storinit_t) -auth_relabel_shadow(aimee_storinit_t) -gen_require(` - type shadow_t; - attribute configfile; -') -allow aimee_storinit_t shadow_t:file mounton; -allow aimee_storinit_t configfile:{file dir} mounton; - -######################################## -# -# system-update local policy -# - -allow aimee_sysupdate_t self:capability { chown fowner fsetid sys_admin }; -allow aimee_sysupdate_t self:fifo_file rw_fifo_file_perms; -allow aimee_sysupdate_t self:tcp_socket create_stream_socket_perms; - -files_tmp_filetrans(aimee_sysupdate_t, aimee_sysupdate_tmp_t, dir) -manage_dirs_pattern(aimee_sysupdate_t, aimee_sysupdate_tmp_t, aimee_sysupdate_tmp_t) -manage_files_pattern(aimee_sysupdate_t, aimee_sysupdate_tmp_t, aimee_sysupdate_tmp_t) - -filetrans_pattern(aimee_sysupdate_t, aimee_sysupdate_tmp_t, bin_t, file, "install") - -domain_use_interactive_fds(aimee_sysupdate_t) -userdom_use_inherited_user_terminals(aimee_sysupdate_t) -corecmd_exec_bin(aimee_sysupdate_t) -selinux_get_fs_mount(aimee_sysupdate_t) -seutil_read_config(aimee_sysupdate_t) -userdom_search_user_home_dirs(aimee_sysupdate_t) -kernel_read_system_state(aimee_sysupdate_t) -fstools_exec(aimee_sysupdate_t) -fstools_manage_runtime_files(aimee_sysupdate_t) -miscfiles_read_localization(aimee_sysupdate_t) -storage_raw_rw_fixed_disk(aimee_sysupdate_t) -dev_read_sysfs(aimee_sysupdate_t) -files_read_etc_files(aimee_sysupdate_t) -systemd_read_resolved_runtime(aimee_sysupdate_t) -systemd_stream_connect_resolved(aimee_sysupdate_t) -corenet_tcp_connect_http_port(aimee_sysupdate_t) -corenet_tcp_connect_soundd_port(aimee_sysupdate_t) -files_manage_non_security_dirs(aimee_sysupdate_t) -files_manage_non_security_files(aimee_sysupdate_t) -mount_exec(aimee_sysupdate_t) -mount_list_runtime(aimee_sysupdate_t) -fs_getattr_all_fs(aimee_sysupdate_t) -fs_mount_all_fs(aimee_sysupdate_t) -fs_unmount_all_fs(aimee_sysupdate_t) -dbus_system_bus_client(aimee_sysupdate_t) -systemd_dbus_chat_logind(aimee_sysupdate_t) -logging_send_syslog_msg(aimee_sysupdate_t) -files_mounton_non_security(aimee_sysupdate_t) - -gen_require(` - type sysadm_t; - role sysadm_r; -') -aimee_os_run_system_update(sysadm_t, sysadm_r) - -# factory-reset local policy -# - -allow aimee_factory_reset_t self:capability { sys_admin }; -allow aimee_factory_reset_t self:fifo_file rw_fifo_file_perms; - -corecmd_exec_bin(aimee_factory_reset_t) -dev_read_sysfs(aimee_factory_reset_t) -kernel_read_system_state(aimee_factory_reset_t) -files_read_etc_files(aimee_factory_reset_t) -fstools_exec(aimee_factory_reset_t) -fstools_manage_runtime_files(aimee_factory_reset_t) -miscfiles_read_localization(aimee_factory_reset_t) -storage_raw_rw_fixed_disk(aimee_factory_reset_t) - -######################################## -# -# set-root-password local policy -# - -gen_require(` - class passwd { passwd }; -') - -allow aimee_set_root_password_t self:capability { sys_admin }; -allow aimee_set_root_password_t self:fifo_file rw_fifo_file_perms; -allow aimee_set_root_password_t self:process setfscreate; -allow aimee_set_root_password_t self:process { ptrace sigkill sigstop signal }; -allow aimee_set_root_password_t self:passwd passwd; - -files_tmp_filetrans(aimee_set_root_password_t, aimee_set_root_password_tmp_t, dir) -manage_dirs_pattern(aimee_set_root_password_t, aimee_set_root_password_tmp_t, aimee_set_root_password_tmp_t) -manage_files_pattern(aimee_set_root_password_t, aimee_set_root_password_tmp_t, aimee_set_root_password_tmp_t) -relabel_files_pattern(aimee_set_root_password_t, aimee_set_root_password_tmp_t, aimee_set_root_password_tmp_t) - -domain_use_interactive_fds(aimee_set_root_password_t) -userdom_use_inherited_user_terminals(aimee_set_root_password_t) -userdom_search_user_home_dirs(aimee_set_root_password_t) -corecmd_exec_bin(aimee_set_root_password_t) -selinux_get_fs_mount(aimee_set_root_password_t) -seutil_read_config(aimee_set_root_password_t) -miscfiles_read_localization(aimee_set_root_password_t) -files_mounton_root(aimee_set_root_password_t) -aimee_os_set_root_password_exec(aimee_set_root_password_t) -mount_list_runtime(aimee_set_root_password_t) -fs_getattr_all_fs(aimee_set_root_password_t) -fs_mount_all_fs(aimee_set_root_password_t) -fs_unmount_all_fs(aimee_set_root_password_t) -files_read_var_lib_files(aimee_set_root_password_t) -files_manage_etc_files(aimee_set_root_password_t) -files_relabel_etc_files(aimee_set_root_password_t) -files_manage_etc_dirs(aimee_set_root_password_t) -auth_manage_shadow(aimee_set_root_password_t) -auth_relabel_shadow(aimee_set_root_password_t) -files_mounton_etc_dirs(aimee_set_root_password_t) -usermanage_domtrans_passwd(aimee_set_root_password_t) -dev_read_sysfs(aimee_set_root_password_t) -aimee_os_manage_set_root_password_tmp_files(aimee_set_root_password_t) - -gen_require(` - type mount_t; - type passwd_t; -') -allow aimee_set_root_password_t aimee_set_root_password_tmp_t:dir mounton; -allow mount_t aimee_set_root_password_tmp_t:dir mounton; -aimee_os_manage_set_root_password_tmp_files(passwd_t) - -gen_require(` - type sysadm_t; - role sysadm_r; -') -aimee_os_run_set_root_password(sysadm_t, sysadm_r) - -######################################## -# -# Additional policy rules for Aimee OS-specific behavior -# - -# Allow ssh-keygen to create host key files in /var/lib/ssh -gen_require(` - type ssh_keygen_t; - type sshd_key_t, var_lib_t; -') -allow ssh_keygen_t var_lib_t:dir rw_dir_perms; -filetrans_pattern(ssh_keygen_t, var_lib_t, sshd_key_t, file) - -# Allow login to execute /bin/busybox (via /bin/sh symlink) -gen_require(` - type local_login_t; -') -corecmd_exec_bin(local_login_t) - -# Allow root to log in on the serial console -gen_require(` - type sysadm_t; -') -init_use_fds(sysadm_t) - -# Allow podman to relabel any file (to container_file_t) -optional_policy(` - gen_require(` - type podman_t; - ') - files_relabel_non_security_dirs(podman_t) - files_relabel_non_security_files(podman_t) -') - -# Allow podman to mount /dev/log in containers -optional_policy(` - gen_require(` - type podman_t, container_t; - type devlog_t; - ') - allow podman_t devlog_t:sock_file mounton; - logging_send_syslog_msg(container_t) -') diff --git a/repos/aimee-os/sec-policy/selinux-aimee-os/selinux-aimee-os-2.20221101-r3.ebuild b/repos/aimee-os/sec-policy/selinux-aimee-os/selinux-aimee-os-2.20221101-r3.ebuild deleted file mode 100644 index 45116b9..0000000 --- a/repos/aimee-os/sec-policy/selinux-aimee-os/selinux-aimee-os-2.20221101-r3.ebuild +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright 2023 Dustin C. Hatch -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -IUSE="" -MODS="aimee-os" -POLICY_FILES="aimee-os.te aimee-os.fc aimee-os.if" - -inherit selinux-policy-2 - -DESCRIPTION="SELinux policy for AimeeOS" - -KEYWORDS="~amd64 ~arm ~arm64 ~x86" diff --git a/repos/aimee-os/sys-boot/u-boot/Manifest b/repos/aimee-os/sys-boot/u-boot/Manifest deleted file mode 100644 index 0fb1ec9..0000000 --- a/repos/aimee-os/sys-boot/u-boot/Manifest +++ /dev/null @@ -1,11 +0,0 @@ -AUX 0001-drivers-bcm283x-don-t-explicitly-disable-init.patch 1684 BLAKE2B 801bf1c6b0b5e678d2e23689edb6612af3b2acd89f21b926a36f98ca600083603b8ee53c7ad8f11dc706db67819437910ce7ba9d7406c5763b25c88cd620a338 SHA512 f39fe500ca17dfd7f32d0eb986cfd110b225edcf01c6d235a2af1d9d5fcb8c1922a5db89dc683bb1e259bd9675beecc07948543c5ab98d1ee6e5d7693b86060a -AUX 0001-rpi-Use-CONFIG_OF_BOARD-instead-of-CONFIG_EMBED.patch 2621 BLAKE2B ac8792433c3ebde967b083d12855faa21ed4fca5a0095bd38c4b597714430f77bfa81b70b8e26535fcf64650590d60510de5c4e18760d56d1ecb9ab692a44ac8 SHA512 18340a67637873179317a16a565c5b34490bd4dbf6dabac7c2ee5947349977fed6dd71253af55233c3e2912ddec6a15e17a29440b0e009b267c93deb28bc7713 -AUX 0002-drivers-bcm283x-allow-to-spawn-any-PL011-UART.patch 2228 BLAKE2B efb42405ecc011973d5f8417bb7a82618d1d24917f0bd246d908ac8abd0bee6ed062ff2d77caa485cdbc02959de5c1cc7ca1943055708a8f6ab8ff34751e1aa1 SHA512 283ec38a092c370306037324a67b40141398e6102ba04b64304f2998870e0f1aa86891894c749789eb59454b8972d094771b5a8ca7ae3747760de246812c5c2c -AUX 0002-rpi-add-NVMe-to-boot-order.patch 1290 BLAKE2B a5e911e07b7b6723845d004bd5513db9cfebe73b7de2c7e4073d0725f6e3159b7b72381f859e357abf4f28421609fb18ad8fcc669d3b94db124771a36df51497 SHA512 f3d8351235b74f234aed5893523b36a355c1afcb92ee0f481c552c83c418856e450b6cf2c7c7ad4ab40fe41d0561f0e283da403b5245e76649f1fa996f88b6fa -AUX 0003-Revert-nvme-Correct-the-prps-per-page-calculation-me.patch 1610 BLAKE2B 1a5530178fef080472e1355adf6eccc92e6ced11aba0fc3f2042f16bf7a8b0a1cdb236723b93c95d30431cef03a595258355a0d20489f9533f47e0c541d0f232 SHA512 bda4d59519caa41dd7133d39740a39ce8d01197e16738b8af4ebc8fea096a3f73f88a11763a2a7938ed181819a0f7c442d1d14211f1d8cee9ecdb2c5f6eeb4f9 -AUX 0004-usb-xhci-brcm-Make-driver-compatible-with-downstream.patch 1172 BLAKE2B 98589d6c4062e6cdc17522cd98d8c5ddcd0bdb953b0dc5a8c997f960da397a6174ab748afda5f64cfc2ad4c6ffeb65e76f9e346b2ae0a2466593968f06f32857 SHA512 1b92eabeb731f4c7ae8b2401942994b0515a673f4583a4333deb5ebac0981ac34c744c68e195dbad7a7cd92d6efe1a180446509cf3fe72ad443b094c5e74ed8e -AUX 0005-nvme-improve-readability-of-nvme_setup_prps.patch 1757 BLAKE2B 152cb9ea9662f7271b7cf3226825e825cc0d6420ed2ef77b7a8186b25b5eccf92edac32823d1f79afea3307269897c68d3899fd9b018cf11109c2739af7fccc3 SHA512 2192379f650ce1b43be1df43c06ae031f7bdbaeeecab1a195ca0f254d9e00bb7ed03256b90a5e5edc80c37bca449d0648a3a90d2d73faaec0561465f728e2b59 -AUX 0006-nvme-Use-pointer-for-CPU-addressed-buffers.patch 9077 BLAKE2B b28afb568d791bed8c93f222b62677d87629d803747bb52cba74fff50752aaa4522b0fcdece58148d9da77a7da6a547dc4d47cfc9ae5fe7de0fbe6d7a0a9a497 SHA512 a84424877cc858b7596fe4f263a48e94fca7075c2c9a10d28fe1e569ca4e893af2ba3536c26d93ce15d8792d27a6c8779ef9669730414e6cc0de7af672dd31c2 -AUX 0007-nvme-translate-virtual-addresses-into-the-bus-s-addr.patch 6480 BLAKE2B 6d7fec7096bf239f08a5e7e7ac5f8c58dcd72829b37d2f3e8b2e96c173a43449f538148cece64c5f48da68826eeec0c1db7a8ac6cc254a853a3cdf04d7431b95 SHA512 fecba2572d5f1dd7e941efdecb935a734ef1385af9b9300d84decd9bf91c4387b500fa08f655af62d33d085907353972f613ec97b3dd96ed18cac4811d5210a1 -DIST u-boot-2023.01.tar.bz2 18560442 BLAKE2B 9412da6c7c8da8be64e470347d150ea2ba9a33b84f463c8ff3109e3db6c2dbcf13c8ab2e02bf3a2c412ff57c91987da922e4dde6a26e317e7b9e65101f7a6d62 SHA512 417a28267eb7875820d08fafc7316f164663609378637539e71648b0b9b7d28796b6c381717f31b0ab6472805fefd32628ef7d1b2e7b9f3c51c8ad122993f679 -EBUILD u-boot-2023.01.ebuild 1762 BLAKE2B c0fba3aec8bfd26da6d32014bb38a2e5e8235f8ded6a7681f6cc1f5557b5437b5da6366740141465265b174832f38b6e669bd0bf956d241652acf69076596a71 SHA512 fa2b82ab1ea4fdc71ad9a5022433da137aad1722e02f18d7be0ff67d7130570a2783e4cac0f1fc1851537325750b9584d48ee4d99f01908a179fb58c0eb0724f diff --git a/repos/aimee-os/sys-boot/u-boot/files/0001-drivers-bcm283x-don-t-explicitly-disable-init.patch b/repos/aimee-os/sys-boot/u-boot/files/0001-drivers-bcm283x-don-t-explicitly-disable-init.patch deleted file mode 100644 index b1e46ea..0000000 --- a/repos/aimee-os/sys-boot/u-boot/files/0001-drivers-bcm283x-don-t-explicitly-disable-init.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 85fb54b621c1ca79f1ec8634b0597a038338e51d Mon Sep 17 00:00:00 2001 -Message-Id: <85fb54b621c1ca79f1ec8634b0597a038338e51d.1668448114.git.stefan@agner.ch> -From: Stefan Agner -Date: Thu, 14 Apr 2022 12:15:26 +0200 -Subject: [PATCH] drivers: bcm283x: don't explicitly disable init - -It seems that the reason why init doesn't succeed is the lack of clock -support in U-Boot. Setting the default clock of 48MHz for the PL011 -UARTs makes reinitialization work consistently. - -Note that for the first UART the "skip-init" is anyways set in the -device tree. This will only affect probing of UARTs not enabled by -firmware. - -Signed-off-by: Stefan Agner ---- - drivers/serial/serial_bcm283x_pl011.c | 6 ------ - include/configs/rpi.h | 3 +++ - 2 files changed, 3 insertions(+), 6 deletions(-) - -diff --git a/drivers/serial/serial_bcm283x_pl011.c b/drivers/serial/serial_bcm283x_pl011.c -index 7d172cdac0..fcba07f1c5 100644 ---- a/drivers/serial/serial_bcm283x_pl011.c -+++ b/drivers/serial/serial_bcm283x_pl011.c -@@ -51,12 +51,6 @@ static int bcm283x_pl011_serial_probe(struct udevice *dev) - if (ret) - return ret; - -- /* -- * TODO: Reinitialization doesn't always work for now, just skip -- * init always - we know we're already initialized -- */ -- plat->skip_init = true; -- - return pl01x_serial_probe(dev); - } - -diff --git a/include/configs/rpi.h b/include/configs/rpi.h -index 7257659932..7fdf2a891d 100644 ---- a/include/configs/rpi.h -+++ b/include/configs/rpi.h -@@ -33,6 +33,9 @@ - */ - #define CONFIG_SYS_SDRAM_SIZE SZ_128M - -+/* Define PL011 default clock */ -+#define CONFIG_PL011_CLOCK 48000000 -+ - /* Devices */ - /* LCD */ - --- -2.38.1 - diff --git a/repos/aimee-os/sys-boot/u-boot/files/0001-rpi-Use-CONFIG_OF_BOARD-instead-of-CONFIG_EMBED.patch b/repos/aimee-os/sys-boot/u-boot/files/0001-rpi-Use-CONFIG_OF_BOARD-instead-of-CONFIG_EMBED.patch deleted file mode 100644 index f608ecb..0000000 --- a/repos/aimee-os/sys-boot/u-boot/files/0001-rpi-Use-CONFIG_OF_BOARD-instead-of-CONFIG_EMBED.patch +++ /dev/null @@ -1,83 +0,0 @@ -From 135d886b4e5077c8fa96a5449a70d81ae9c1c3d0 Mon Sep 17 00:00:00 2001 -Message-Id: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -From: Pascal Vizeli -Date: Tue, 10 Dec 2019 09:48:46 +0000 -Subject: [PATCH] rpi: Use CONFIG_OF_BOARD instead of CONFIG_EMBED - -Signed-off-by: Pascal Vizeli ---- - configs/rpi_0_w_defconfig | 2 +- - configs/rpi_2_defconfig | 2 +- - configs/rpi_3_32b_defconfig | 2 +- - configs/rpi_3_defconfig | 2 +- - configs/rpi_defconfig | 2 +- - 5 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/configs/rpi_0_w_defconfig b/configs/rpi_0_w_defconfig -index baa8c37810..f20aa164e5 100644 ---- a/configs/rpi_0_w_defconfig -+++ b/configs/rpi_0_w_defconfig -@@ -23,7 +23,7 @@ CONFIG_CMD_GPIO=y - CONFIG_CMD_MMC=y - CONFIG_CMD_USB=y - CONFIG_CMD_FS_UUID=y --CONFIG_OF_EMBED=y -+CONFIG_OF_BOARD=y - CONFIG_ENV_FAT_DEVICE_AND_PART="0:1" - CONFIG_SYS_RELOC_GD_ENV_ADDR=y - CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y -diff --git a/configs/rpi_2_defconfig b/configs/rpi_2_defconfig -index baae6d4871..60987ad91a 100644 ---- a/configs/rpi_2_defconfig -+++ b/configs/rpi_2_defconfig -@@ -24,7 +24,7 @@ CONFIG_CMD_GPIO=y - CONFIG_CMD_MMC=y - CONFIG_CMD_USB=y - CONFIG_CMD_FS_UUID=y --CONFIG_OF_EMBED=y -+CONFIG_OF_BOARD=y - CONFIG_ENV_FAT_DEVICE_AND_PART="0:1" - CONFIG_SYS_RELOC_GD_ENV_ADDR=y - CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y -diff --git a/configs/rpi_3_32b_defconfig b/configs/rpi_3_32b_defconfig -index f51f3de596..e6de8669d0 100644 ---- a/configs/rpi_3_32b_defconfig -+++ b/configs/rpi_3_32b_defconfig -@@ -23,7 +23,7 @@ CONFIG_CMD_GPIO=y - CONFIG_CMD_MMC=y - CONFIG_CMD_USB=y - CONFIG_CMD_FS_UUID=y --CONFIG_OF_EMBED=y -+CONFIG_OF_BOARD=y - CONFIG_ENV_FAT_DEVICE_AND_PART="0:1" - CONFIG_SYS_RELOC_GD_ENV_ADDR=y - CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y -diff --git a/configs/rpi_3_defconfig b/configs/rpi_3_defconfig -index bc1a318db4..70f4f8ed70 100644 ---- a/configs/rpi_3_defconfig -+++ b/configs/rpi_3_defconfig -@@ -22,7 +22,7 @@ CONFIG_CMD_GPIO=y - CONFIG_CMD_MMC=y - CONFIG_CMD_USB=y - CONFIG_CMD_FS_UUID=y --CONFIG_OF_EMBED=y -+CONFIG_OF_BOARD=y - CONFIG_ENV_FAT_DEVICE_AND_PART="0:1" - CONFIG_SYS_RELOC_GD_ENV_ADDR=y - CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y -diff --git a/configs/rpi_defconfig b/configs/rpi_defconfig -index 1d356b4b2e..6f345c790b 100644 ---- a/configs/rpi_defconfig -+++ b/configs/rpi_defconfig -@@ -23,7 +23,7 @@ CONFIG_CMD_GPIO=y - CONFIG_CMD_MMC=y - CONFIG_CMD_USB=y - CONFIG_CMD_FS_UUID=y --CONFIG_OF_EMBED=y -+CONFIG_OF_BOARD=y - CONFIG_ENV_FAT_DEVICE_AND_PART="0:1" - CONFIG_SYS_RELOC_GD_ENV_ADDR=y - CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y --- -2.38.1 - diff --git a/repos/aimee-os/sys-boot/u-boot/files/0002-drivers-bcm283x-allow-to-spawn-any-PL011-UART.patch b/repos/aimee-os/sys-boot/u-boot/files/0002-drivers-bcm283x-allow-to-spawn-any-PL011-UART.patch deleted file mode 100644 index 206eec0..0000000 --- a/repos/aimee-os/sys-boot/u-boot/files/0002-drivers-bcm283x-allow-to-spawn-any-PL011-UART.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 921f4b6d8cb3b997dd5c54fd436bb8223046421e Mon Sep 17 00:00:00 2001 -Message-Id: <921f4b6d8cb3b997dd5c54fd436bb8223046421e.1668448114.git.stefan@agner.ch> -In-Reply-To: <85fb54b621c1ca79f1ec8634b0597a038338e51d.1668448114.git.stefan@agner.ch> -References: <85fb54b621c1ca79f1ec8634b0597a038338e51d.1668448114.git.stefan@agner.ch> -From: Stefan Agner -Date: Thu, 14 Apr 2022 12:18:41 +0200 -Subject: [PATCH] drivers: bcm283x: allow to spawn any PL011 UART - -The current code checks pinmux for the first PL011 only. Raspberry Pi 4 -has multiple PL011 UARTs. This code prevents probing of other UARTs in -case the first PL011 UART is not active. - -Furthermore, U-Boot supports pinmuxing, hence the pins should be muxed -at this point anyway. Drop the check entirly. - -This allows to use other UARTs as stdout paths (e.g. stdout-path = -"serial5:115200n8"). - -Signed-off-by: Stefan Agner ---- - drivers/serial/serial_bcm283x_pl011.c | 27 --------------------------- - 1 file changed, 27 deletions(-) - -diff --git a/drivers/serial/serial_bcm283x_pl011.c b/drivers/serial/serial_bcm283x_pl011.c -index fcba07f1c5..98628e1ca4 100644 ---- a/drivers/serial/serial_bcm283x_pl011.c -+++ b/drivers/serial/serial_bcm283x_pl011.c -@@ -11,37 +11,10 @@ - #include - #include "serial_pl01x_internal.h" - --/* -- * Check if this serial device is muxed -- * -- * The serial device will only work properly if it has been muxed to the serial -- * pins by firmware. Check whether that happened here. -- * -- * Return: true if serial device is muxed, false if not -- */ --static bool bcm283x_is_serial_muxed(void) --{ -- int serial_gpio = 15; -- struct udevice *dev; -- -- if (uclass_first_device_err(UCLASS_PINCTRL, &dev)) -- return false; -- -- if (pinctrl_get_gpio_mux(dev, 0, serial_gpio) != BCM2835_GPIO_ALT0) -- return false; -- -- return true; --} -- - static int bcm283x_pl011_serial_probe(struct udevice *dev) - { -- struct pl01x_serial_plat *plat = dev_get_plat(dev); - int ret; - -- /* Don't spawn the device if it's not muxed */ -- if (!bcm283x_is_serial_muxed()) -- return -ENODEV; -- - /* - * Read the ofdata here rather than in an of_to_plat() method - * since we need the soc simple-bus to be probed so that the 'ranges' --- -2.38.1 - diff --git a/repos/aimee-os/sys-boot/u-boot/files/0002-rpi-add-NVMe-to-boot-order.patch b/repos/aimee-os/sys-boot/u-boot/files/0002-rpi-add-NVMe-to-boot-order.patch deleted file mode 100644 index b532405..0000000 --- a/repos/aimee-os/sys-boot/u-boot/files/0002-rpi-add-NVMe-to-boot-order.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 191b5f4e0408e40f35379fdaab6b37a7ad93e298 Mon Sep 17 00:00:00 2001 -Message-Id: <191b5f4e0408e40f35379fdaab6b37a7ad93e298.1668448794.git.stefan@agner.ch> -In-Reply-To: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -References: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -From: Stefan Agner -Date: Tue, 29 Dec 2020 23:34:52 +0100 -Subject: [PATCH] rpi: add NVMe to boot order - -The Compute Module 4 I/O Board can support a NVMe. Add NVMe to the boot -order. - -Signed-off-by: Stefan Agner ---- - include/configs/rpi.h | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/include/configs/rpi.h b/include/configs/rpi.h -index cd8fe8b518..7257659932 100644 ---- a/include/configs/rpi.h -+++ b/include/configs/rpi.h -@@ -131,6 +131,12 @@ - #define BOOT_TARGET_MMC(func) - #endif - -+#if CONFIG_IS_ENABLED(CMD_NVME) -+ #define BOOT_TARGET_NVME(func) func(NVME, nvme, 0) -+#else -+ #define BOOT_TARGET_NVME(func) -+#endif -+ - #if CONFIG_IS_ENABLED(CMD_USB) - #define BOOT_TARGET_USB(func) func(USB, usb, 0) - #else -@@ -151,6 +157,7 @@ - - #define BOOT_TARGET_DEVICES(func) \ - BOOT_TARGET_MMC(func) \ -+ BOOT_TARGET_NVME(func) \ - BOOT_TARGET_USB(func) \ - BOOT_TARGET_PXE(func) \ - BOOT_TARGET_DHCP(func) --- -2.38.1 - diff --git a/repos/aimee-os/sys-boot/u-boot/files/0003-Revert-nvme-Correct-the-prps-per-page-calculation-me.patch b/repos/aimee-os/sys-boot/u-boot/files/0003-Revert-nvme-Correct-the-prps-per-page-calculation-me.patch deleted file mode 100644 index 941d2de..0000000 --- a/repos/aimee-os/sys-boot/u-boot/files/0003-Revert-nvme-Correct-the-prps-per-page-calculation-me.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 644bd3743aa8771ef7ecb7b7239308d6da2a5b35 Mon Sep 17 00:00:00 2001 -Message-Id: <644bd3743aa8771ef7ecb7b7239308d6da2a5b35.1668448794.git.stefan@agner.ch> -In-Reply-To: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -References: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -From: Stefan Agner -Date: Thu, 23 Sep 2021 23:43:31 +0200 -Subject: [PATCH] Revert "nvme: Correct the prps per page calculation method" - -This reverts commit 859b33c948945f7904f60a2c12a3792d356d51ad. - -If there is more than one PRP List the last entry is a pointer to -the next list. From the NVM Express specification: - -"The last entry within a memory page, as indicated by the memory page -size in the CC.MPS field, shall be a PRP List pointer if there is more -than a single memory page of data to be transferred." - -For the purpose of calculating the number of pages required for PRP -lists we should always assume that the last entry is required for -the next PRP list. - -Signed-off-by: Stefan Agner -Cc: Wesley Sheng ---- - drivers/nvme/nvme.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/drivers/nvme/nvme.c b/drivers/nvme/nvme.c -index 6d0d3f3ca2..73db80a294 100644 ---- a/drivers/nvme/nvme.c -+++ b/drivers/nvme/nvme.c -@@ -52,7 +52,7 @@ static int nvme_setup_prps(struct nvme_dev *dev, u64 *prp2, - u64 *prp_pool; - int length = total_len; - int i, nprps; -- u32 prps_per_page = page_size >> 3; -+ u32 prps_per_page = (page_size >> 3) - 1; - u32 num_pages; - - length -= (page_size - offset); --- -2.38.1 - diff --git a/repos/aimee-os/sys-boot/u-boot/files/0004-usb-xhci-brcm-Make-driver-compatible-with-downstream.patch b/repos/aimee-os/sys-boot/u-boot/files/0004-usb-xhci-brcm-Make-driver-compatible-with-downstream.patch deleted file mode 100644 index 8a91721..0000000 --- a/repos/aimee-os/sys-boot/u-boot/files/0004-usb-xhci-brcm-Make-driver-compatible-with-downstream.patch +++ /dev/null @@ -1,33 +0,0 @@ -From de29ca70117fb2bfafa8b5699b34e9e94560b785 Mon Sep 17 00:00:00 2001 -Message-Id: -In-Reply-To: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -References: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -From: Stefan Agner -Date: Thu, 7 Oct 2021 12:02:39 +0200 -Subject: [PATCH] usb: xhci-brcm: Make driver compatible with downstream device - tree - -The downstream device tree uses just "generic-xhci" as compatible -string. Use this string to make U-Boot work with the downstream Kernel. - -Signed-off-by: Stefan Agner ---- - drivers/usb/host/xhci-brcm.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/drivers/usb/host/xhci-brcm.c b/drivers/usb/host/xhci-brcm.c -index fe17924028..0c6938187b 100644 ---- a/drivers/usb/host/xhci-brcm.c -+++ b/drivers/usb/host/xhci-brcm.c -@@ -82,7 +82,7 @@ static int xhci_brcm_deregister(struct udevice *dev) - } - - static const struct udevice_id xhci_brcm_ids[] = { -- { .compatible = "brcm,generic-xhci" }, -+ { .compatible = "generic-xhci" }, - { } - }; - --- -2.38.1 - diff --git a/repos/aimee-os/sys-boot/u-boot/files/0005-nvme-improve-readability-of-nvme_setup_prps.patch b/repos/aimee-os/sys-boot/u-boot/files/0005-nvme-improve-readability-of-nvme_setup_prps.patch deleted file mode 100644 index e6aca5b..0000000 --- a/repos/aimee-os/sys-boot/u-boot/files/0005-nvme-improve-readability-of-nvme_setup_prps.patch +++ /dev/null @@ -1,49 +0,0 @@ -From ab2790f8ff78790ea8a9cb0b05cafc55648ebbc4 Mon Sep 17 00:00:00 2001 -Message-Id: -In-Reply-To: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -References: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -From: Stefan Agner -Date: Thu, 23 Sep 2021 23:52:44 +0200 -Subject: [PATCH] nvme: improve readability of nvme_setup_prps() - -Improve readability by introducing consts, reuse consts where -appropriate and adding variables with discriptive name. - -Signed-off-by: Stefan Agner ---- - drivers/nvme/nvme.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/drivers/nvme/nvme.c b/drivers/nvme/nvme.c -index 73db80a294..751abc3cd5 100644 ---- a/drivers/nvme/nvme.c -+++ b/drivers/nvme/nvme.c -@@ -47,12 +47,12 @@ static int nvme_wait_csts(struct nvme_dev *dev, u32 mask, u32 val) - static int nvme_setup_prps(struct nvme_dev *dev, u64 *prp2, - int total_len, u64 dma_addr) - { -- u32 page_size = dev->page_size; -+ const u32 page_size = dev->page_size; -+ const u32 prps_per_page = (page_size >> 3) - 1; - int offset = dma_addr & (page_size - 1); - u64 *prp_pool; - int length = total_len; - int i, nprps; -- u32 prps_per_page = (page_size >> 3) - 1; - u32 num_pages; - - length -= (page_size - offset); -@@ -91,8 +91,8 @@ static int nvme_setup_prps(struct nvme_dev *dev, u64 *prp2, - i = 0; - while (nprps) { - if ((i == (prps_per_page - 1)) && nprps > 1) { -- *(prp_pool + i) = cpu_to_le64((ulong)prp_pool + -- page_size); -+ u64 next_prp_list = (u64)prp_pool + page_size; -+ *(prp_pool + i) = cpu_to_le64(next_prp_list); - i = 0; - prp_pool += page_size; - } --- -2.38.1 - diff --git a/repos/aimee-os/sys-boot/u-boot/files/0006-nvme-Use-pointer-for-CPU-addressed-buffers.patch b/repos/aimee-os/sys-boot/u-boot/files/0006-nvme-Use-pointer-for-CPU-addressed-buffers.patch deleted file mode 100644 index 513e7d6..0000000 --- a/repos/aimee-os/sys-boot/u-boot/files/0006-nvme-Use-pointer-for-CPU-addressed-buffers.patch +++ /dev/null @@ -1,264 +0,0 @@ -From 2b508d92673738d837576301866dc234d8b008c4 Mon Sep 17 00:00:00 2001 -Message-Id: <2b508d92673738d837576301866dc234d8b008c4.1668448794.git.stefan@agner.ch> -In-Reply-To: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -References: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -From: Stefan Agner -Date: Thu, 23 Sep 2021 23:58:35 +0200 -Subject: [PATCH] nvme: Use pointer for CPU addressed buffers - -Pass buffers which use CPU addressing as void pointers. This aligns with -DMA APIs which use void pointers as argument. It will avoid unnecessary -type casts when adding support bus address translations. - -Signed-off-by: Stefan Agner ---- - drivers/nvme/nvme.c | 50 ++++++++++++++++++++-------------------- - drivers/nvme/nvme_show.c | 4 ++-- - include/nvme.h | 12 +++++----- - 3 files changed, 33 insertions(+), 33 deletions(-) - -diff --git a/drivers/nvme/nvme.c b/drivers/nvme/nvme.c -index 751abc3cd5..352c94ea91 100644 ---- a/drivers/nvme/nvme.c -+++ b/drivers/nvme/nvme.c -@@ -45,11 +45,11 @@ static int nvme_wait_csts(struct nvme_dev *dev, u32 mask, u32 val) - } - - static int nvme_setup_prps(struct nvme_dev *dev, u64 *prp2, -- int total_len, u64 dma_addr) -+ int total_len, void *buffer) - { - const u32 page_size = dev->page_size; - const u32 prps_per_page = (page_size >> 3) - 1; -- int offset = dma_addr & (page_size - 1); -+ int offset = (uintptr_t)buffer & (page_size - 1); - u64 *prp_pool; - int length = total_len; - int i, nprps; -@@ -63,10 +63,10 @@ static int nvme_setup_prps(struct nvme_dev *dev, u64 *prp2, - } - - if (length) -- dma_addr += (page_size - offset); -+ buffer += (page_size - offset); - - if (length <= page_size) { -- *prp2 = dma_addr; -+ *prp2 = (u64)buffer; - return 0; - } - -@@ -96,11 +96,11 @@ static int nvme_setup_prps(struct nvme_dev *dev, u64 *prp2, - i = 0; - prp_pool += page_size; - } -- *(prp_pool + i++) = cpu_to_le64(dma_addr); -- dma_addr += page_size; -+ *(prp_pool + i++) = cpu_to_le64((u64)buffer); -+ buffer += page_size; - nprps--; - } -- *prp2 = (ulong)dev->prp_pool; -+ *prp2 = (u64)dev->prp_pool; - - flush_dcache_range((ulong)dev->prp_pool, (ulong)dev->prp_pool + - num_pages * page_size); -@@ -447,42 +447,42 @@ static int nvme_alloc_sq(struct nvme_dev *dev, u16 qid, - } - - int nvme_identify(struct nvme_dev *dev, unsigned nsid, -- unsigned cns, dma_addr_t dma_addr) -+ unsigned int cns, void *buffer) - { - struct nvme_command c; - u32 page_size = dev->page_size; -- int offset = dma_addr & (page_size - 1); -+ int offset = (uintptr_t)buffer & (page_size - 1); - int length = sizeof(struct nvme_id_ctrl); - int ret; - - memset(&c, 0, sizeof(c)); - c.identify.opcode = nvme_admin_identify; - c.identify.nsid = cpu_to_le32(nsid); -- c.identify.prp1 = cpu_to_le64(dma_addr); -+ c.identify.prp1 = cpu_to_le64((u64)buffer); - - length -= (page_size - offset); - if (length <= 0) { - c.identify.prp2 = 0; - } else { -- dma_addr += (page_size - offset); -- c.identify.prp2 = cpu_to_le64(dma_addr); -+ buffer += (page_size - offset); -+ c.identify.prp2 = cpu_to_le64((u64)buffer); - } - - c.identify.cns = cpu_to_le32(cns); - -- invalidate_dcache_range(dma_addr, -- dma_addr + sizeof(struct nvme_id_ctrl)); -+ invalidate_dcache_range((uintptr_t)buffer, -+ (uintptr_t)buffer + sizeof(struct nvme_id_ctrl)); - - ret = nvme_submit_admin_cmd(dev, &c, NULL); - if (!ret) -- invalidate_dcache_range(dma_addr, -- dma_addr + sizeof(struct nvme_id_ctrl)); -+ invalidate_dcache_range((uintptr_t)buffer, -+ (uintptr_t)buffer + sizeof(struct nvme_id_ctrl)); - - return ret; - } - - int nvme_get_features(struct nvme_dev *dev, unsigned fid, unsigned nsid, -- dma_addr_t dma_addr, u32 *result) -+ void *buffer, u32 *result) - { - struct nvme_command c; - int ret; -@@ -490,7 +490,7 @@ int nvme_get_features(struct nvme_dev *dev, unsigned fid, unsigned nsid, - memset(&c, 0, sizeof(c)); - c.features.opcode = nvme_admin_get_features; - c.features.nsid = cpu_to_le32(nsid); -- c.features.prp1 = cpu_to_le64(dma_addr); -+ c.features.prp1 = cpu_to_le64((u64)buffer); - c.features.fid = cpu_to_le32(fid); - - ret = nvme_submit_admin_cmd(dev, &c, result); -@@ -510,13 +510,13 @@ int nvme_get_features(struct nvme_dev *dev, unsigned fid, unsigned nsid, - } - - int nvme_set_features(struct nvme_dev *dev, unsigned fid, unsigned dword11, -- dma_addr_t dma_addr, u32 *result) -+ void *buffer, u32 *result) - { - struct nvme_command c; - - memset(&c, 0, sizeof(c)); - c.features.opcode = nvme_admin_set_features; -- c.features.prp1 = cpu_to_le64(dma_addr); -+ c.features.prp1 = cpu_to_le64((u64)buffer); - c.features.fid = cpu_to_le32(fid); - c.features.dword11 = cpu_to_le32(dword11); - -@@ -567,7 +567,7 @@ static int nvme_set_queue_count(struct nvme_dev *dev, int count) - u32 q_count = (count - 1) | ((count - 1) << 16); - - status = nvme_set_features(dev, NVME_FEAT_NUM_QUEUES, -- q_count, 0, &result); -+ q_count, NULL, &result); - - if (status < 0) - return status; -@@ -619,7 +619,7 @@ static int nvme_get_info_from_identify(struct nvme_dev *dev) - if (!ctrl) - return -ENOMEM; - -- ret = nvme_identify(dev, 0, 1, (dma_addr_t)(long)ctrl); -+ ret = nvme_identify(dev, 0, 1, ctrl); - if (ret) { - free(ctrl); - return -EIO; -@@ -704,7 +704,7 @@ static int nvme_blk_probe(struct udevice *udev) - ns->dev = ndev; - /* extract the namespace id from the block device name */ - ns->ns_id = trailing_strtol(udev->name); -- if (nvme_identify(ndev, ns->ns_id, 0, (dma_addr_t)(long)id)) { -+ if (nvme_identify(ndev, ns->ns_id, 0, id)) { - free(id); - return -EIO; - } -@@ -738,7 +738,7 @@ static ulong nvme_blk_rw(struct udevice *udev, lbaint_t blknr, - u64 prp2; - u64 total_len = blkcnt << desc->log2blksz; - u64 temp_len = total_len; -- uintptr_t temp_buffer = (uintptr_t)buffer; -+ void *temp_buffer = buffer; - - u64 slba = blknr; - u16 lbas = 1 << (dev->max_transfer_shift - ns->lba_shift); -@@ -872,7 +872,7 @@ int nvme_init(struct udevice *udev) - char name[20]; - - memset(id, 0, sizeof(*id)); -- if (nvme_identify(ndev, i, 0, (dma_addr_t)(long)id)) { -+ if (nvme_identify(ndev, i, 0, id)) { - ret = -EIO; - goto free_id; - } -diff --git a/drivers/nvme/nvme_show.c b/drivers/nvme/nvme_show.c -index 72cbac82bc..ac9b5cc9bd 100644 ---- a/drivers/nvme/nvme_show.c -+++ b/drivers/nvme/nvme_show.c -@@ -114,7 +114,7 @@ int nvme_print_info(struct udevice *udev) - if (!ctrl) - return -ENOMEM; - -- if (nvme_identify(dev, 0, 1, (dma_addr_t)(long)ctrl)) { -+ if (nvme_identify(dev, 0, 1, ctrl)) { - ret = -EIO; - goto free_ctrl; - } -@@ -129,7 +129,7 @@ int nvme_print_info(struct udevice *udev) - goto free_ctrl; - } - -- if (nvme_identify(dev, ns->ns_id, 0, (dma_addr_t)(long)id)) { -+ if (nvme_identify(dev, ns->ns_id, 0, id)) { - ret = -EIO; - goto free_id; - } -diff --git a/include/nvme.h b/include/nvme.h -index 2cdf8ce320..8ff823cd81 100644 ---- a/include/nvme.h -+++ b/include/nvme.h -@@ -18,12 +18,12 @@ struct nvme_dev; - * @dev: NVMe controller device - * @nsid: 0 for controller, namespace id for namespace to identify - * @cns: 1 for controller, 0 for namespace -- * @dma_addr: dma buffer address to store the identify result -+ * @buffer: dma buffer address to store the identify result - * @return: 0 on success, -ETIMEDOUT on command execution timeout, - * -EIO on command execution fails - */ - int nvme_identify(struct nvme_dev *dev, unsigned nsid, -- unsigned cns, dma_addr_t dma_addr); -+ unsigned int cns, void *buffer); - - /** - * nvme_get_features - retrieve the attributes of the feature specified -@@ -33,13 +33,13 @@ int nvme_identify(struct nvme_dev *dev, unsigned nsid, - * @dev: NVMe controller device - * @fid: feature id to provide data - * @nsid: namespace id the command applies to -- * @dma_addr: data structure used as part of the specified feature -+ * @buffer: data structure used as part of the specified feature - * @result: command-specific result in the completion queue entry - * @return: 0 on success, -ETIMEDOUT on command execution timeout, - * -EIO on command execution fails - */ - int nvme_get_features(struct nvme_dev *dev, unsigned fid, unsigned nsid, -- dma_addr_t dma_addr, u32 *result); -+ void *buffer, u32 *result); - - /** - * nvme_set_features - specify the attributes of the feature indicated -@@ -49,13 +49,13 @@ int nvme_get_features(struct nvme_dev *dev, unsigned fid, unsigned nsid, - * @dev: NVMe controller device - * @fid: feature id to provide data - * @dword11: command-specific input parameter -- * @dma_addr: data structure used as part of the specified feature -+ * @buffer: data structure used as part of the specified feature - * @result: command-specific result in the completion queue entry - * @return: 0 on success, -ETIMEDOUT on command execution timeout, - * -EIO on command execution fails - */ - int nvme_set_features(struct nvme_dev *dev, unsigned fid, unsigned dword11, -- dma_addr_t dma_addr, u32 *result); -+ void *buffer, u32 *result); - - /** - * nvme_scan_namespace - scan all namespaces attached to NVMe controllers --- -2.38.1 - diff --git a/repos/aimee-os/sys-boot/u-boot/files/0007-nvme-translate-virtual-addresses-into-the-bus-s-addr.patch b/repos/aimee-os/sys-boot/u-boot/files/0007-nvme-translate-virtual-addresses-into-the-bus-s-addr.patch deleted file mode 100644 index 126988e..0000000 --- a/repos/aimee-os/sys-boot/u-boot/files/0007-nvme-translate-virtual-addresses-into-the-bus-s-addr.patch +++ /dev/null @@ -1,176 +0,0 @@ -From c70926d8b8ad11b8e489e92a8ca9ca93fb201595 Mon Sep 17 00:00:00 2001 -Message-Id: -In-Reply-To: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -References: <135d886b4e5077c8fa96a5449a70d81ae9c1c3d0.1668448794.git.stefan@agner.ch> -From: Stefan Agner -Date: Fri, 24 Sep 2021 00:27:39 +0200 -Subject: [PATCH] nvme: translate virtual addresses into the bus's address - space - -So far we've been content with passing physical/CPU addresses when -configuring memory addresses into NVMe controllers, but not all -platforms have buses with transparent mappings. Specifically the -Raspberry Pi 4 might introduce an offset to memory accesses incoming -from its PCIe port. - -Introduce nvme_virt_to_bus() and nvme_bus_to_virt() to cater with these -limitations, and make sure we don't break non DM users. -For devices where PCIe's view of host memory doesn't match the memory -as seen by the CPU. - -A similar change has been introduced for XHCI controller with -commit 1a474559d90a ("xhci: translate virtual addresses into the bus's -address space"). - -Signed-off-by: Stefan Agner ---- - drivers/nvme/nvme.c | 31 +++++++++++++++++-------------- - drivers/nvme/nvme.h | 8 ++++++++ - 2 files changed, 25 insertions(+), 14 deletions(-) - -diff --git a/drivers/nvme/nvme.c b/drivers/nvme/nvme.c -index 352c94ea91..fdfc49677b 100644 ---- a/drivers/nvme/nvme.c -+++ b/drivers/nvme/nvme.c -@@ -66,7 +66,7 @@ static int nvme_setup_prps(struct nvme_dev *dev, u64 *prp2, - buffer += (page_size - offset); - - if (length <= page_size) { -- *prp2 = (u64)buffer; -+ *prp2 = nvme_virt_to_bus(dev, buffer); - return 0; - } - -@@ -91,16 +91,16 @@ static int nvme_setup_prps(struct nvme_dev *dev, u64 *prp2, - i = 0; - while (nprps) { - if ((i == (prps_per_page - 1)) && nprps > 1) { -- u64 next_prp_list = (u64)prp_pool + page_size; -- *(prp_pool + i) = cpu_to_le64(next_prp_list); -+ u64 next = nvme_virt_to_bus(dev, prp_pool + page_size); -+ *(prp_pool + i) = cpu_to_le64(next); - i = 0; - prp_pool += page_size; - } -- *(prp_pool + i++) = cpu_to_le64((u64)buffer); -+ *(prp_pool + i++) = cpu_to_le64(nvme_virt_to_bus(dev, buffer)); - buffer += page_size; - nprps--; - } -- *prp2 = (u64)dev->prp_pool; -+ *prp2 = nvme_virt_to_bus(dev, dev->prp_pool); - - flush_dcache_range((ulong)dev->prp_pool, (ulong)dev->prp_pool + - num_pages * page_size); -@@ -353,6 +353,7 @@ static int nvme_configure_admin_queue(struct nvme_dev *dev) - int result; - u32 aqa; - u64 cap = dev->cap; -+ u64 dma_addr; - struct nvme_queue *nvmeq; - /* most architectures use 4KB as the page size */ - unsigned page_shift = 12; -@@ -393,8 +394,10 @@ static int nvme_configure_admin_queue(struct nvme_dev *dev) - dev->ctrl_config |= NVME_CC_IOSQES | NVME_CC_IOCQES; - - writel(aqa, &dev->bar->aqa); -- nvme_writeq((ulong)nvmeq->sq_cmds, &dev->bar->asq); -- nvme_writeq((ulong)nvmeq->cqes, &dev->bar->acq); -+ dma_addr = nvme_virt_to_bus(dev, nvmeq->sq_cmds); -+ nvme_writeq(dma_addr, &dev->bar->asq); -+ dma_addr = nvme_virt_to_bus(dev, nvmeq->cqes); -+ nvme_writeq(dma_addr, &dev->bar->acq); - - result = nvme_enable_ctrl(dev); - if (result) -@@ -420,7 +423,7 @@ static int nvme_alloc_cq(struct nvme_dev *dev, u16 qid, - - memset(&c, 0, sizeof(c)); - c.create_cq.opcode = nvme_admin_create_cq; -- c.create_cq.prp1 = cpu_to_le64((ulong)nvmeq->cqes); -+ c.create_cq.prp1 = cpu_to_le64(nvme_virt_to_bus(dev, nvmeq->cqes)); - c.create_cq.cqid = cpu_to_le16(qid); - c.create_cq.qsize = cpu_to_le16(nvmeq->q_depth - 1); - c.create_cq.cq_flags = cpu_to_le16(flags); -@@ -437,7 +440,7 @@ static int nvme_alloc_sq(struct nvme_dev *dev, u16 qid, - - memset(&c, 0, sizeof(c)); - c.create_sq.opcode = nvme_admin_create_sq; -- c.create_sq.prp1 = cpu_to_le64((ulong)nvmeq->sq_cmds); -+ c.create_sq.prp1 = cpu_to_le64(nvme_virt_to_bus(dev, nvmeq->sq_cmds)); - c.create_sq.sqid = cpu_to_le16(qid); - c.create_sq.qsize = cpu_to_le16(nvmeq->q_depth - 1); - c.create_sq.sq_flags = cpu_to_le16(flags); -@@ -458,14 +461,14 @@ int nvme_identify(struct nvme_dev *dev, unsigned nsid, - memset(&c, 0, sizeof(c)); - c.identify.opcode = nvme_admin_identify; - c.identify.nsid = cpu_to_le32(nsid); -- c.identify.prp1 = cpu_to_le64((u64)buffer); -+ c.identify.prp1 = cpu_to_le64(nvme_virt_to_bus(dev, buffer)); - - length -= (page_size - offset); - if (length <= 0) { - c.identify.prp2 = 0; - } else { - buffer += (page_size - offset); -- c.identify.prp2 = cpu_to_le64((u64)buffer); -+ c.identify.prp2 = cpu_to_le64(nvme_virt_to_bus(dev, buffer)); - } - - c.identify.cns = cpu_to_le32(cns); -@@ -490,7 +493,7 @@ int nvme_get_features(struct nvme_dev *dev, unsigned fid, unsigned nsid, - memset(&c, 0, sizeof(c)); - c.features.opcode = nvme_admin_get_features; - c.features.nsid = cpu_to_le32(nsid); -- c.features.prp1 = cpu_to_le64((u64)buffer); -+ c.features.prp1 = cpu_to_le64(nvme_virt_to_bus(dev, buffer)); - c.features.fid = cpu_to_le32(fid); - - ret = nvme_submit_admin_cmd(dev, &c, result); -@@ -516,7 +519,7 @@ int nvme_set_features(struct nvme_dev *dev, unsigned fid, unsigned dword11, - - memset(&c, 0, sizeof(c)); - c.features.opcode = nvme_admin_set_features; -- c.features.prp1 = cpu_to_le64((u64)buffer); -+ c.features.prp1 = cpu_to_le64(nvme_virt_to_bus(dev, buffer)); - c.features.fid = cpu_to_le32(fid); - c.features.dword11 = cpu_to_le32(dword11); - -@@ -771,7 +774,7 @@ static ulong nvme_blk_rw(struct udevice *udev, lbaint_t blknr, - c.rw.slba = cpu_to_le64(slba); - slba += lbas; - c.rw.length = cpu_to_le16(lbas - 1); -- c.rw.prp1 = cpu_to_le64(temp_buffer); -+ c.rw.prp1 = cpu_to_le64(nvme_virt_to_bus(dev, temp_buffer)); - c.rw.prp2 = cpu_to_le64(prp2); - status = nvme_submit_sync_cmd(dev->queues[NVME_IO_Q], - &c, NULL, IO_TIMEOUT); -diff --git a/drivers/nvme/nvme.h b/drivers/nvme/nvme.h -index bc1d612dde..f52103c009 100644 ---- a/drivers/nvme/nvme.h -+++ b/drivers/nvme/nvme.h -@@ -7,8 +7,11 @@ - #ifndef __DRIVER_NVME_H__ - #define __DRIVER_NVME_H__ - -+#include - #include - -+#define nvme_to_dev(_dev) _dev->udev -+ - struct nvme_id_power_state { - __le16 max_power; /* centiwatts */ - __u8 rsvd2; -@@ -705,4 +708,9 @@ int nvme_init(struct udevice *udev); - */ - int nvme_shutdown(struct udevice *udev); - -+static inline dma_addr_t nvme_virt_to_bus(struct nvme_dev *dev, void *addr) -+{ -+ return dev_phys_to_bus(nvme_to_dev(dev)->parent, virt_to_phys(addr)); -+} -+ - #endif /* __DRIVER_NVME_H__ */ --- -2.38.1 - diff --git a/repos/aimee-os/sys-boot/u-boot/u-boot-2023.01.ebuild b/repos/aimee-os/sys-boot/u-boot/u-boot-2023.01.ebuild deleted file mode 100644 index a6c84b8..0000000 --- a/repos/aimee-os/sys-boot/u-boot/u-boot-2023.01.ebuild +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit savedconfig toolchain-funcs - -MY_P="u-boot-${PV/_/-}" -DESCRIPTION="Das U-Boot firmware" -HOMEPAGE="http://www.denx.de/wiki/U-Boot" -SRC_URI="https://ftp.denx.de/pub/u-boot/${MY_P}.tar.bz2" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~arm64" - -PATCHES=( - "${FILESDIR}"/0001-drivers-bcm283x-don-t-explicitly-disable-init.patch - "${FILESDIR}"/0001-rpi-Use-CONFIG_OF_BOARD-instead-of-CONFIG_EMBED.patch - "${FILESDIR}"/0002-drivers-bcm283x-allow-to-spawn-any-PL011-UART.patch - "${FILESDIR}"/0002-rpi-add-NVMe-to-boot-order.patch - "${FILESDIR}"/0003-Revert-nvme-Correct-the-prps-per-page-calculation-me.patch - "${FILESDIR}"/0004-usb-xhci-brcm-Make-driver-compatible-with-downstream.patch - "${FILESDIR}"/0005-nvme-improve-readability-of-nvme_setup_prps.patch - "${FILESDIR}"/0006-nvme-Use-pointer-for-CPU-addressed-buffers.patch - "${FILESDIR}"/0007-nvme-translate-virtual-addresses-into-the-bus-s-addr.patch -) - -src_configure() { - restore_config .config - if [ -f .config ]; then - emake -j1 olddefconfig - else - # TODO Build images for other boards based on USE flags - emake -j1 rpi_4_defconfig - fi - - tc-export AR BUILD_CC CC LD OBJCOPY PKG_CONFIG - tc-export_build_env -} - -src_compile() { - unset KBUILD_OUTPUT KBUILD_SRC - - local myemakeargs=( - V=1 - AR="${AR}" - CC="${CC}" - HOSTCC="${BUILD_CC}" - HOSTCFLAGS="${BUILD_CFLAGS} ${BUILD_CPPFLAGS}"' $(HOSTCPPFLAGS)' - HOSTLDFLAGS="${BUILD_LDFLAGS}" - LD="${LD}" - OBJCOPY="${OBJCOPY}" - ) - - emake "${myemakeargs[@]}" \ - NO_SDL=1 \ - HOSTSTRIP=: \ - STRIP=: \ - CONFIG_ENV_OVERWRITE=y -} - -src_test() { :; } - -src_install() { - save_config .config - - insinto /usr/share/${PN} - doins u-boot.bin -} diff --git a/repos/x-portage/metadata/layout.conf b/repos/x-portage/metadata/layout.conf deleted file mode 100644 index d43e61c..0000000 --- a/repos/x-portage/metadata/layout.conf +++ /dev/null @@ -1 +0,0 @@ -masters = gentoo diff --git a/repos/x-portage/profiles/repo_name b/repos/x-portage/profiles/repo_name deleted file mode 100644 index de08db2..0000000 --- a/repos/x-portage/profiles/repo_name +++ /dev/null @@ -1 +0,0 @@ -x-portage diff --git a/semanage.mods b/semanage.mods index 839f87f..900c0d1 100644 --- a/semanage.mods +++ b/semanage.mods @@ -1,15 +1 @@ -boolean -D -login -D -interface -D -user -D -port -D -node -D -fcontext -D -module -D -ibendport -D -ibpkey -D -permissive -D -boolean -m -1 ssh_sysadm_login -boolean -m -1 systemd_tmpfiles_manage_all -login -m -s root -r 's0-s0:c0.c1023' root -user -m -L s0 -r s0-s0:c0.c1023 -R 'sysadm_r' root +boolean -m -1 container_mounton_non_security diff --git a/semanage.sh b/semanage.sh deleted file mode 100755 index a12026c..0000000 --- a/semanage.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -if [ -z ${UNSHARED} ]; then - export UNSHARED=1 - exec unshare -m "$0" "$@" -fi -unset UNSHARED -mount -o bind /mnt/gentoo/etc/selinux /etc/selinux -mount -o bind /mnt/gentoo/var/lib/selinux /var/lib/selinux -exec bash diff --git a/setup-local-repo.sh b/setup-local-repo.sh deleted file mode 100755 index f465c63..0000000 --- a/setup-local-repo.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/sh -# vim: set sw=4 ts=4 sts=4 et : - -set -e - -. "${CONFIGDIR:=${PWD}}"/config - -mkdir -p "${CONFIGDIR}"/portage/target/etc/portage/repos.conf - -cat > "${CONFIGDIR}"/portage/target/etc/portage/repos.conf/aimee-os.conf < "${CONFIGDIR}"/portage/target/etc/portage/repos.conf/x-portage.conf <