Without this, one of my boards fails to reboot from USB drive due to
slow USB enumeration. Rootwait is not needed during the Fiwix -> Linux
jump, because we use an initramfs there, and the init scripts already
wait for USB drives to show up. Linux->Linux kexec, used with a custom
early kernel, might need it, so add it there as well to be safe.
This is the last LTS version buildable using GCC 4.0.x. The next one,
version 4.19, requires at least GCC 4.6.
Fortunately, this is also the first version of the Linux kernel
without firmware blobs being included in /firmware, so the FSFLA
deblob scripts aren't needed anymore to ensure a fully auditable
kernel - the 3 remaining drivers that do include blobs masquerading
as source code are removed via a patch, avoiding all the other side
effects of the deblob scripts.
This doesn't compromise the trustworthiness of the bootstrapped
environment, since all the other drivers deblob would remove use
the firmware loader mechanism, which does nothing when the actual
firmware blobs aren't installed on the system separately. Features
dependent on firmware still won't work, but many drivers that load
firmware do so only optionally. This includes r8169, the driver for
the Realtek gigabit NICs found on many x86 motherboards.
This kernel is considerably larger than 4.9.10, and we build more
of it (including drivers that would previously get stripped away by
the deblob script, such as r8169), so to accommodate that, Fiwix
initrd size is increased by 64MiB, while lowering kexec space by
the same amount to ensure enough userspace memory available in Fiwix.
Fiwix's maximum open file count is also bumped from 1.5K to 2.5K.
The Documentation folder is deleted before build, to further save
space in the ramdisk.
Parts built before bash and the repo system are available aren't
stored in a clean repository tarball, so if any early file is
overwritten, it's lost. Fix this by creating a base.tar.bz2 right
after the repo is set up, to hold reference copies of early files.
This tarball isn't checksummed, since it varies considerably with
bootstrap options, but the binaries inside are protected by their
own checksums.
By wrapping $(cat) in an eval, redirections and other advanced
syntax can now work in the early prompts.
Also, since "set -E" is broken is the early bash, fall back to
using "set -e" and an EXIT trap, until we can upgrade to a bash
version that already has working "set -E", or perhaps backport
it to 2.05b.
We spawn a shell:
- When Bash is first built, on tty2. This shell uses the old Bash,
so interactive mode needs to be emulated using redirection. Thus,
entering commands needs to be done using Enter followed by Ctrl+D,
and certain redirection features are unavailable.
- After moving the system to disk, on tty2. Old Bash, same limitations.
- After 2nd Bash is built, on tty3. This is a fully functional shell.
This is disabled in chroot-like bootstrap modes, or when -i is not set.
The Linux kernel won't autocreate /dev/shm inside devtmpfs.
Without it, semaphores won't work properly in Python.
Previously, /dev/shm was set up in populate_device_nodes, but we
no longer run that after booting into Linux.
The sysrq shutdown trigger takes some time to fully shut down the system,
during which init is expected to continue running. Since after.sh is the
last step in our init, if it quits before shutdown is complete, Linux will
panic with "Attempted to kill init".
Add an infinite loop after shutdown is issued via sysrq to prevent this.
This was removed as part of the simplify refactor, severely slowing
down qemu and bare-metal builds. Restoring it brings us back to the
same build times that we saw before the refactor.
Perform variable substitution at runtime, rather than at generation
time. This way, if bootstrap.cfg changes after update_env, the new
values there take effect immediately.
With this, finalize_fhs.sh can be rerun as needed, e.g. when rebooting.
Also, the preferred nameserver will persist after DHCP.
Thanks to devtmpfs, we no longer need to manage /dev once Linux is up.
Linux's KBUILD doesn't follow SOURCE_DATE_EPOCH, but rather it
uses its own variable, KBUILD_BUILD_TIMESTAMP.
While we are at it, also update kexec-linux's checksum, which
didn't match either. (This one was reproducible, it was just
out of date.)
- This idea originates from very early in the project and was, at the
time, a very easy way to categorise things.
- Now, it doesn't really make much sense - it is fairly arbitary, often
occuring when there is a change in kernel, but not from builder-hex0
to fiwix, and sysb is in reality completely unnecessary.
- In short, the sys* stuff is a bit of a mess that makes the project
more difficult to understand.
- This puts everything down into one folder and has a manifest file that
is used to generate the build scripts on the fly rather than using
coded scripts.
- This is created in the "seed" stage.
stage0-posix -- (calls) --> seed -- (generates) --> main steps
Alongside this change there are a variety of other smaller fixups to the
general structure of the live-bootstrap rootfs.
- Creating a rootfs has become much simpler and is defined as code in
go.sh. The new structure, for an about-to-be booted system, is
/
-- /steps (direct copy of steps/)
-- /distfiles (direct copy of distfiles/)
-- all files from seed/*
-- all files from seed/stage0-posix/*
- There is no longer such a thing as /usr/include/musl, this didn't
really make any sense, as musl is the final libc used. Rather, to
separate musl and mes, we have /usr/include/mes, which is much easier
to work with.
- This also makes mes easier to blow away later.
- A few things that weren't properly in packages have been changed;
checksum-transcriber, simple-patch, kexec-fiwix have all been given
fully qualified package names.
- Highly breaking change, scripts now exist in their package directory
but NOT WITH THE packagename.sh. Rather, they use pass1.sh, pass2.sh,
etc. This avoids manual definition of passes.
- Ditto with patches; default directory is patches, but then any patch
series specific to a pass are named patches-passX.
Gábor Stefanik
fosslinux
Andrius Štikonas
Eduardo Sánchez Muñoz