util/: Replace GPLv2 boiler plate with SPDX header
Used commands:
perl -i -p0e 's|\/\*[\s*]*.*is free software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and\/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-2.0-only */|' $(cat filelist)
perl -i -p0e 's|This[\s*]*program[\s*]*is[\s*]*free[\s*]*software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*either[\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License,[\s*]*or[\s*]*.at[\s*]*your[\s*]*option.*[\s*]*any[\s*]*later[\s*]*version.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-2.0-or-later */|' $(cat filelist)
perl -i -p0e 's|\/\*[\s*]*.*This[\s*#]*program[\s*#]*is[\s*#]*free[\s*#]*software[;:,][\s*#]*you[\s*#]*can[\s*#]*redistribute[\s*#]*it[\s*#]*and/or[\s*#]*modify[\s*#]*it[\s*#]*under[\s*#]*the[\s*#]*terms[\s*#]*of[\s*#]*the[\s*#]*GNU[\s*#]*General[\s*#]*Public[\s*#]*License[\s*#]*as[\s*#]*published[\s*#]*by[\s*#]*the[\s*#]*Free[\s*#]*Software[\s*#]*Foundation[;:,][\s*#]*either[\s*#]*version[\s*#]*3[\s*#]*of[\s*#]*the[\s*#]*License[;:,][\s*#]*or[\s*#]*.at[\s*#]*your[\s*#]*option.*[\s*#]*any[\s*#]*later[\s*#]*version.[\s*#]*This[\s*#]*program[\s*#]*is[\s*#]*distributed[\s*#]*in[\s*#]*the[\s*#]*hope[\s*#]*that[\s*#]*it[\s*#]*will[\s*#]*be[\s*#]*useful[;:,][\s*#]*but[\s*#]*WITHOUT[\s*#]*ANY[\s*#]*WARRANTY[;:,][\s*#]*without[\s*#]*even[\s*#]*the[\s*#]*implied[\s*#]*warranty[\s*#]*of[\s*#]*MERCHANTABILITY[\s*#]*or[\s*#]*FITNESS[\s*#]*FOR[\s*#]*A[\s*#]*PARTICULAR[\s*#]*PURPOSE.[\s*#]*See[\s*#]*the[\s*#]*GNU[\s*#]*General[\s*#]*Public[\s*#]*License[\s*#]*for[\s*#]*more[\s*#]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-3.0-or-later */|' $(cat filelist)
perl -i -p0e 's|(\#\#*)[\w]*.*is free software[:;][\#\s]*you[\#\s]*can[\#\s]*redistribute[\#\s]*it[\#\s]*and\/or[\#\s]*modify[\#\s]*it[\s\#]*under[\s \#]*the[\s\#]*terms[\s\#]*of[\s\#]*the[\s\#]*GNU[\s\#]*General[\s\#]*Public[\s\#]*License[\s\#]*as[\s\#]*published[\s\#]*by[\s\#]*the[\s\#]*Free[\s\#]*Software[\s\#]*Foundation[;,][\s\#]*version[\s\#]*2[\s\#]*of[\s\#]*the[\s\#]*License.*[\s\#]*This[\s\#]*program[\s\#]*is[\s\#]*distributed[\s\#]*in[\s\#]*the[\s\#]*hope[\s\#]*that[\s\#]*it[\s\#]*will[\#\s]*be[\#\s]*useful,[\#\s]*but[\#\s]*WITHOUT[\#\s]*ANY[\#\s]*WARRANTY;[\#\s]*without[\#\s]*even[\#\s]*the[\#\s]*implied[\#\s]*warranty[\#\s]*of[\#\s]*MERCHANTABILITY[\#\s]*or[\#\s]*FITNESS[\#\s]*FOR[\#\s]*A[\#\s]*PARTICULAR[\#\s]*PURPOSE.[\#\s]*See[\#\s]*the[\#\s]*GNU[\#\s]*General[\#\s]*Public[\#\s]*License[\#\s]*for[\#\s]*more[\#\s]*details.\s(#* *\n)*|\1 SPDX-License-Identifier: GPL-2.0-only\n\n|' $(cat filelist)
perl -i -p0e 's|(\#\#*)[\w*]*.*is free software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and\/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.\s(#* *\n)*|\1 SPDX-License-Identifier: GPL-2.0-only\n\n|' $(cat filelist)
Change-Id: I1008a63b804f355a916221ac994701d7584f60ff
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41177
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-08 20:48:04 +02:00
|
|
|
## SPDX-License-Identifier: GPL-2.0-only
|
2017-07-31 19:52:58 +02:00
|
|
|
|
2017-08-03 17:25:43 +02:00
|
|
|
test-help help::
|
|
|
|
|
@echo '*** coreboot test targets ***'
|
|
|
|
|
@echo ' what-jenkins-does - Run platform build tests with junit output'
|
|
|
|
|
@echo ' lint / lint-stable - run coreboot lint tools (all / minimal)'
|
|
|
|
|
@echo ' test-basic - Run stardard build tests. All expected to pass.'
|
|
|
|
|
@echo ' test-lint - basic: Run stable and extended lint tests.'
|
|
|
|
|
@echo ' test-tools - basic: Tests a basic list of tools.'
|
|
|
|
|
@echo ' test-abuild - basic: Builds all platforms'
|
|
|
|
|
@echo ' test-payloads - basic: Builds internal payloads'
|
|
|
|
|
@echo ' test-cleanup - basic: Cleans coreboot directories'
|
2021-05-17 12:22:48 +02:00
|
|
|
@echo
|
2017-08-03 17:25:43 +02:00
|
|
|
|
|
|
|
|
# junit.xml is a helper target to wrap builds that don't create junit.xml output
|
2018-05-20 01:51:20 +02:00
|
|
|
# BLD = The name of the build
|
2017-08-03 17:25:43 +02:00
|
|
|
# BLD_DIR = Top path from coreboot to the build subdirectory
|
|
|
|
|
# MAKETARGET = target to build
|
2017-07-31 19:52:58 +02:00
|
|
|
junit.xml:
|
|
|
|
|
echo "Building $(BLD)"
|
|
|
|
|
echo '<?xml version="1.0" encoding="utf-8"?><testsuite>' > $@.tmp
|
|
|
|
|
echo "<testcase classname='$(BLD)' name='$(BLD)'>" >> $@.tmp
|
2018-05-20 01:51:20 +02:00
|
|
|
-if [ -z "$(BLD_DIR)" ]; then \
|
|
|
|
|
projdir=""; \
|
|
|
|
|
xmlfile=junit_$(BLD).xml; \
|
|
|
|
|
else \
|
|
|
|
|
projdir="-C $(BLD_DIR)"; \
|
|
|
|
|
xmlfile="$(BLD_DIR)/$@"; \
|
|
|
|
|
fi; \
|
|
|
|
|
if [ -z "$(SKIP_DISTCLEAN)" ]; then \
|
|
|
|
|
$(MAKE) -j $(CPUS) $$projdir clean distclean > $@.tmp.2 2>&1 ; \
|
|
|
|
|
fi; \
|
|
|
|
|
if $(MAKE) -j $(CPUS) $$projdir $(MAKETARGET) >> $@.tmp.2 2>&1; then \
|
|
|
|
|
type="system-out"; \
|
|
|
|
|
echo "<$$type>" >> $@.tmp; \
|
|
|
|
|
echo "Building $(BLD) Succeeded"; \
|
|
|
|
|
else \
|
|
|
|
|
type="failure"; \
|
|
|
|
|
echo "<failure type='buildFailed'>" >> $@.tmp; \
|
|
|
|
|
echo "Building $(BLD) Failed"; \
|
|
|
|
|
fi; \
|
|
|
|
|
cat $@.tmp.2; \
|
|
|
|
|
echo '<![CDATA[' >> $@.tmp; \
|
|
|
|
|
cat $@.tmp.2 >> $@.tmp; \
|
|
|
|
|
echo "]]></$$type>" >>$@.tmp; \
|
|
|
|
|
rm -f $@.tmp.2; \
|
|
|
|
|
echo "</testcase>" >> $@.tmp; \
|
|
|
|
|
echo "</testsuite>" >> $@.tmp; \
|
|
|
|
|
mv $@.tmp "$$xmlfile"
|
2017-07-31 19:52:58 +02:00
|
|
|
echo
|
|
|
|
|
|
|
|
|
|
TOOLLIST= \
|
2020-11-11 10:50:49 +01:00
|
|
|
amdfwtool \
|
2022-02-26 02:12:02 +01:00
|
|
|
cbfstool \
|
2017-08-03 17:25:43 +02:00
|
|
|
cbmem \
|
|
|
|
|
ectool \
|
|
|
|
|
futility \
|
2021-11-25 10:31:10 +01:00
|
|
|
ifdtool \
|
2020-11-11 10:50:49 +01:00
|
|
|
intelmetool \
|
2017-08-03 17:25:43 +02:00
|
|
|
inteltool \
|
|
|
|
|
intelvbttool \
|
|
|
|
|
nvramtool \
|
2020-11-11 10:50:49 +01:00
|
|
|
post \
|
2020-02-12 22:59:40 +01:00
|
|
|
superiotool
|
2017-08-03 17:25:43 +02:00
|
|
|
|
|
|
|
|
TEST_PAYLOADLIST_INTERNAL= \
|
|
|
|
|
coreinfo \
|
|
|
|
|
nvramcui
|
|
|
|
|
|
2017-07-31 19:52:58 +02:00
|
|
|
JENKINS_PAYLOAD?=none
|
2017-08-03 17:25:43 +02:00
|
|
|
TEST_PAYLOAD?=$(JENKINS_PAYLOAD)
|
2017-07-31 19:52:58 +02:00
|
|
|
CPUS?=4
|
2017-08-03 17:25:43 +02:00
|
|
|
|
2016-08-30 17:39:48 +02:00
|
|
|
lint lint-stable lint-extended:
|
2017-08-03 17:25:43 +02:00
|
|
|
util/lint/lint $@
|
|
|
|
|
|
2019-08-27 09:19:05 +02:00
|
|
|
ABUILD_OPTIONS=-B -J -c $(CPUS) -Z -p $(JENKINS_PAYLOAD)
|
2019-07-25 12:24:32 +02:00
|
|
|
ABUILD_OPTIONS+=$(if $(V),-v,)
|
|
|
|
|
ABUILD_OPTIONS+=$(if $(JENKINS_NOCCACHE),,-y)
|
2019-07-25 12:34:43 +02:00
|
|
|
ABUILD_OPTIONS+=$(JENKINS_ABUILD_OPT)
|
2019-07-25 12:24:32 +02:00
|
|
|
|
2019-08-26 17:45:52 +02:00
|
|
|
COREBOOT_BUILD_DIR?=coreboot-builds
|
|
|
|
|
|
2017-07-31 19:52:58 +02:00
|
|
|
what-jenkins-does:
|
2019-08-26 17:45:52 +02:00
|
|
|
rm -rf $(COREBOOT_BUILD_DIR)/chromeos $(COREBOOT_BUILD_DIR)/default
|
2020-10-26 02:02:15 +01:00
|
|
|
ifneq ($(JENKINS_SKIP_LINT_TESTS),y)
|
2017-07-31 19:52:58 +02:00
|
|
|
util/lint/lint lint-stable --junit
|
2016-08-30 17:39:48 +02:00
|
|
|
util/lint/lint lint-extended --junit
|
2020-10-26 02:02:15 +01:00
|
|
|
endif
|
2021-09-09 13:42:29 +02:00
|
|
|
if [ ! -f 3rdparty/intel-sec-tools/go.mod ]; then \
|
|
|
|
|
echo "Please download 3rdparty/intel-sec-tools/:"; \
|
|
|
|
|
echo "git submodule update --init 3rdparty/intel-sec-tools"; \
|
|
|
|
|
exit 1; \
|
|
|
|
|
fi
|
2021-06-17 13:01:58 +02:00
|
|
|
cd 3rdparty/intel-sec-tools/ ; go mod vendor
|
Add SBOM (Software Bill of Materials) Generation
Firmware is typically delivered as one large binary image that gets
flashed. Since this final image consists of binaries and data from
a vast number of different people and companies, it's hard to
determine what all the small parts included in it are. The goal of
the software bill of materials (SBOM) is to take a firmware image
and make it easy to find out what it consists of and where those
pieces came from. Basically, this answers the question, who supplied
the code that's running on my system right now? For example, buyers
of a system can use an SBOM to perform an automated vulnerability
check or license analysis, both of which can be used to evaluate
risk in a product. Furthermore, one can quickly check to see if the
firmware is subject to a new vulnerability included in one of the
software parts (with the specified version) of the firmware.
Further reference:
https://web.archive.org/web/20220310104905/https://blogs.gnome.org/hughsie/2022/03/10/firmware-software-bill-of-materials/
- Add Makefile.inc to generate and build coswid tags
- Add templates for most payloads, coreboot, intel-microcode,
amd-microcode. intel FSP-S/M/T, EC, BIOS_ACM, SINIT_ACM,
intel ME and compiler (gcc,clang,other)
- Add Kconfig entries to optionally supply a path to CoSWID tags
instead of using the default CoSWID tags
- Add CBFS entry called SBOM to each build via Makefile.inc
- Add goswid utility tool to generate SBOM data
Signed-off-by: Maximilian Brune <maximilian.brune@9elements.com>
Change-Id: Icb7481d4903f95d200eddbfed7728fbec51819d0
Reviewed-on: https://review.coreboot.org/c/coreboot/+/63639
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
2022-04-14 14:54:16 +02:00
|
|
|
cd util/goswid ; go mod vendor
|
2019-08-26 17:45:52 +02:00
|
|
|
util/abuild/abuild -o $(COREBOOT_BUILD_DIR)/chromeos $(ABUILD_OPTIONS) -x -X $(top)/abuild-chromeos.xml
|
|
|
|
|
util/abuild/abuild -o $(COREBOOT_BUILD_DIR)/default $(ABUILD_OPTIONS)
|
2018-05-20 01:51:20 +02:00
|
|
|
$(foreach tool, $(TOOLLIST), $(MAKE) CPUS=$(CPUS) V=$(V) Q=$(Q) BLD_DIR="util/$(tool)" BLD="$(tool)" MFLAGS= MAKEFLAGS= MAKETARGET= junit.xml; )
|
|
|
|
|
unset COREBOOT_BUILD_DIR;$(MAKE) CPUS=$(CPUS) V=$(V) Q=$(Q) BLD_DIR=payloads/nvramcui BLD=nvramcui MFLAGS= MAKEFLAGS= MAKETARGET=all junit.xml
|
|
|
|
|
unset COREBOOT_BUILD_DIR;$(MAKE) CPUS=$(CPUS) V=$(V) Q=$(Q) BLD_DIR=payloads/coreinfo BLD=coreinfo MFLAGS= MAKEFLAGS= MAKETARGET=defaultbuild junit.xml
|
2019-07-12 01:54:57 +02:00
|
|
|
(cd payloads/libpayload; unset COREBOOT_BUILD_DIR; $(MAKE) $(if $(JENKINS_NOCCACHE),,CONFIG_LP_CCACHE=y) V=$(V) Q=$(Q) junit.xml)
|
2019-07-11 18:44:21 +02:00
|
|
|
# These targets don't use the standard build system, so we need to provide an xcompile to them.
|
|
|
|
|
$(MAKE) xcompile=$(COREBOOT_BUILD_DIR)/xcompile $(COREBOOT_BUILD_DIR)/xcompile
|
|
|
|
|
$(MAKE) CPUS=$(CPUS) V=$(V) Q=$(Q) BLD_DIR=src/soc/nvidia/tegra124/lp0 BLD=tegra124_lp0 MFLAGS= MAKEFLAGS=xcompile=$(COREBOOT_BUILD_DIR)/xcompile MAKETARGET=all junit.xml
|
|
|
|
|
$(MAKE) CPUS=$(CPUS) V=$(V) Q=$(Q) BLD_DIR=src/soc/nvidia/tegra210/lp0 BLD=tegra120_lp0 MFLAGS= MAKEFLAGS=xcompile=$(COREBOOT_BUILD_DIR)/xcompile MAKETARGET=all junit.xml
|
2021-10-26 21:21:37 +02:00
|
|
|
$(MAKE) unit-tests JUNIT_OUTPUT=y COV=1
|
|
|
|
|
(cd payloads/libpayload; unset COREBOOT_BUILD_DIR; $(MAKE) unit-tests coverage-report JUNIT_OUTPUT=y COV=1)
|
|
|
|
|
$(MAKE) coverage-report JUNIT_OUTPUT=y COV=1
|
2021-12-07 17:52:41 +01:00
|
|
|
find . -name 'tests.info' -exec cat {} + >$(COREBOOT_BUILD_DIR)/coverage.info
|
2017-08-03 17:25:43 +02:00
|
|
|
|
|
|
|
|
test-basic: test-lint test-tools test-abuild test-payloads test-cleanup
|
|
|
|
|
|
|
|
|
|
test-lint:
|
|
|
|
|
util/lint/lint lint-stable
|
2016-08-30 17:39:48 +02:00
|
|
|
util/lint/lint lint-extended
|
2017-08-03 17:25:43 +02:00
|
|
|
|
|
|
|
|
test-abuild:
|
|
|
|
|
rm -rf coreboot-builds-chromeos coreboot-builds
|
2020-10-26 01:57:03 +01:00
|
|
|
util/abuild/abuild -o $(COREBOOT_BUILD_DIR)/chromeos -B -e $(if $(TEST_NOCCACHE),,-y) -c $(CPUS) -p $(TEST_PAYLOAD) -x
|
|
|
|
|
util/abuild/abuild -o $(COREBOOT_BUILD_DIR)/default -B -e $(if $(TEST_NOCCACHE),,-y) -c $(CPUS) -p $(TEST_PAYLOAD)
|
2017-08-03 17:25:43 +02:00
|
|
|
|
|
|
|
|
test-payloads:
|
|
|
|
|
$(MAKE) -C payloads/libpayload test-configs -j $(CPUS) V=$(V) Q=$(Q) MFLAGS= MAKEFLAGS= $(if $(TEST_NOCCACHE),,CONFIG_LP_CCACHE=y)
|
|
|
|
|
export MFLAGS=;export MAKEFLAGS=; \
|
|
|
|
|
$(foreach payload, $(TEST_PAYLOADLIST_INTERNAL), \
|
|
|
|
|
echo "*** Making payload $(payload) ***"; \
|
|
|
|
|
$(MAKE) -C payloads/$(payload) distclean ;\
|
|
|
|
|
$(MAKE) $(payload) -j $(CPUS) V=$(V) Q=$(Q)\
|
|
|
|
|
|| exit 1; )
|
|
|
|
|
|
|
|
|
|
test-tools:
|
|
|
|
|
@echo "Build testing $(TOOLLIST)"
|
|
|
|
|
$(foreach tool, $(TOOLLIST), $(MAKE) -C util/$(tool) clean ; )
|
|
|
|
|
$(foreach tool, $(TOOLLIST), echo "Building $(tool)";export MFLAGS= ;export MAKEFLAGS= ;$(MAKE) -C util/$(tool) all V=$(V) Q=$(Q) || exit 1; )
|
2018-01-02 18:40:55 +01:00
|
|
|
@echo "Running gitconfig tests"
|
|
|
|
|
@for test in $$(find util/gitconfig/test -maxdepth 1 \
|
|
|
|
|
-type f -executable); do \
|
|
|
|
|
echo "$${test}"; \
|
|
|
|
|
"$${test}" || exit $${?}; \
|
|
|
|
|
done
|
2017-08-03 17:25:43 +02:00
|
|
|
|
|
|
|
|
test-cleanup:
|
|
|
|
|
rm -rf coreboot-builds coreboot-builds-chromeos
|
|
|
|
|
$(MAKE) clean
|
|
|
|
|
$(MAKE) distclean
|
|
|
|
|
$(foreach tool, $(TOOLLIST), $(MAKE) -C util/$(tool) clean ; )
|
|
|
|
|
|
|
|
|
|
.PHONY: test-basic test-lint test-abuild test-payloads
|
|
|
|
|
.PHONY: test-tools test-cleanup test-help
|
|
|
|
|
.PHONY: lint lint-stable what-jenkins-does
|