The package contains u-boot and the RPi firmware blobs. It expects
a tar ball of the root filesystem (including kernel and dtbs) on stdin
and produces a compressed tar ball on stdout with the files to copy to
a FAT32 formatted SD card.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
- Enable ARCH_BCM2835
- Enable USB_NET_SMSC95XX.
- Compile in MII and USB_USBNET. These are needed
by the onboard network driver
- Enable the DWC2 USB controller.
- Enabled MMC, MMC_SDHCI, MMC_BCM2835 for SD card access
- Enable various BCM2835 platform devices: HW_RANDOM_BCM2835,
I2C_BCM2835, PINCTRL_BCM2835, DMA_BCM2835,BCM2835_MBOX,
WM_BCM2835, ...
- Enable SERIAL_8250 and friends.
- Enable FB_SIMPLE to get console output
The above configuration gives a minimal working system
with serial console access (via the GPIO pins), networking
and SD storage. The smsc95xx network driver does not
seem to get autoloaded. This is likely a mdev issue.
We specifically do not configure any WLAN,
sound or graphics drivers as they would pull in
too many other cruft into the kernel. To enable
these we consider adding a -rpi3 config similar
to the -dbg config to provide additional kernel
config options.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Simple version bump. Changes:
* noise: handshake constants can be read-only after init
* noise: no need to take the RCU lock if we're not dereferencing
* send: improve dead packet control flow
* receive: improve control flow
* socket: eliminate dead code
* device: our use of queues means this check is worthless
* device: no need to take lock for integer comparison
* blake2s: modernize API and have faster _final
* compat: support READ_ONCE
* compat: just make ro_after_init read_mostly
Assorted cleanups to the module, including nice things like marking our
precomputations as const.
* Makefile: even prettier output
* Makefile: do not clean before cloc
* selftest: better test index for rate limiter
* netns: disable accept_dad for all interfaces
Fixes in our testing and build infrastructure. Now works on the 4.14 rc
series.
* qemu: add build-only target
* qemu: work on ubuntu toolchain
* qemu: add more debugging options to main makefile
* qemu: simplify shutdown
* qemu: open /dev/console if we're started early
* qemu: phase out bitbanging
* qemu: always create directory before untarring
* qemu: newer packages
* qemu: put hvc directive into configuration
This is the beginning of working out a cross building test suite, so we do
several tricks to be less platform independent.
* tools: encoding: be more paranoid
* tools: retry resolution except when fatal
* tools: don't insist on having a private key
* tools: add pass example to wg-quick man page
* tools: style
* tools: newline after warning
* tools: account for padding being in zero attribute
Several important tools fixes, one of which suppresses a needless warning.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Looks like a6b89f1137 ("Update linuxkit/mkimage-*") updated to a
non-existing tag.
linuxkit pkg show-tag tools/mkimage-iso-bios
linuxkit/mkimage-iso-bios:165b051322578cb0c2a4f16253b20f7d2797a502
and docker pull of that image works.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Could be e.g.:
```
pkg:
content-trust-passphrase-command: "lpass show <key> --password"
```
or
```
pkg:
content-trust-passphrase-command: "gpg -d ~/.notary/passphrase.gpg"
```
Signed-off-by: Ian Campbell <ijc@docker.com>
These versions were created by https://github.com/linuxkit/linuxkit/pull/2607
which enables content trust, so drop the sha256 from all of them and ensure
DOCKER_CONTENT_TRUST is unconditionally set when running, since these
references are hardcoded we know they must be signed.
Signed-off-by: Ian Campbell <ijc@docker.com>
AFAICT none of the callers (which all involve one of `linuxkit/mkimage-*`) have
any reason to hit the network.
Signed-off-by: Ian Campbell <ijc@docker.com>
