[PATCH v2 6/6] ci: Update base image to Ubuntu 22.04
10 views
Skip to first unread message
Jan Kiszka
Jul 27, 2022, 1:53:14 AM7/27/22
to efibootg...@googlegroups.com
From: Jan Kiszka <jan.k...@siemens.com>
Allows to drop the meanwhile broken update of cppcheck.
Signed-off-by: Jan Kiszka <jan.k...@siemens.com>
---
.github/workflows/main.yaml | 35 ++++++++++++++---------------------
1 file changed, 14 insertions(+), 21 deletions(-)
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 19fe3a5..b123c85 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -22,7 +22,7 @@ on:
jobs:
build:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
strategy:
matrix:
target:
@@ -58,12 +58,12 @@ jobs:
sudo dpkg --add-architecture arm64
sudo sed -i 's/^deb /deb [arch=amd64] /g' /etc/apt/sources.list
sudo sh -c "cat <<EOF > /etc/apt/sources.list.d/ports.list
- deb [arch=arm64] http://ports.ubuntu.com/ focal main restricted
- deb [arch=arm64] http://ports.ubuntu.com/ focal-updates main restricted
- deb [arch=arm64] http://ports.ubuntu.com/ focal universe
- deb [arch=arm64] http://ports.ubuntu.com/ focal-updates universe
- deb [arch=arm64] http://ports.ubuntu.com/ focal multiverse
- deb [arch=arm64] http://ports.ubuntu.com/ focal-updates multiverse
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy main restricted
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy-updates main restricted
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy universe
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy-updates universe
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy multiverse
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy-updates multiverse
EOF"
sudo apt-get update
sudo apt-get install --no-install-recommends \
@@ -76,12 +76,12 @@ jobs:
sudo dpkg --add-architecture armhf
sudo sed -i 's/^deb /deb [arch=amd64] /g' /etc/apt/sources.list
sudo sh -c "cat <<EOF > /etc/apt/sources.list.d/ports.list
- deb [arch=armhf] http://ports.ubuntu.com/ focal main restricted
- deb [arch=armhf] http://ports.ubuntu.com/ focal-updates main restricted
- deb [arch=armhf] http://ports.ubuntu.com/ focal universe
- deb [arch=armhf] http://ports.ubuntu.com/ focal-updates universe
- deb [arch=armhf] http://ports.ubuntu.com/ focal multiverse
- deb [arch=armhf] http://ports.ubuntu.com/ focal-updates multiverse
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy main restricted
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy-updates main restricted
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy universe
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy-updates universe
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy multiverse
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy-updates multiverse
EOF"
sudo apt-get update
sudo apt-get install --no-install-recommends \
@@ -91,15 +91,8 @@ jobs:
- name: Install cppcheck
if: ${{ matrix.target == 'cppcheck' }}
run: |
- sudo sh -c "echo 'deb http://archive.ubuntu.com/ubuntu hirsute main universe' \
- > /etc/apt/sources.list.d/hirsute.list"
- sudo sh -c "cat <<EOF > /etc/apt/preferences.d/hirsute.pref
- Package: *
- Pin: release n=hirsute
- Pin-Priority: -1
- EOF"
sudo apt-get update
- sudo apt-get install --no-install-recommends libz3-4/hirsute cppcheck/hirsute
+ sudo apt-get install --no-install-recommends cppcheck
- name: Prepare build
run: |
--
2.35.3
Allows to drop the meanwhile broken update of cppcheck.
Signed-off-by: Jan Kiszka <jan.k...@siemens.com>
---
.github/workflows/main.yaml | 35 ++++++++++++++---------------------
1 file changed, 14 insertions(+), 21 deletions(-)
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 19fe3a5..b123c85 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -22,7 +22,7 @@ on:
jobs:
build:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
strategy:
matrix:
target:
@@ -58,12 +58,12 @@ jobs:
sudo dpkg --add-architecture arm64
sudo sed -i 's/^deb /deb [arch=amd64] /g' /etc/apt/sources.list
sudo sh -c "cat <<EOF > /etc/apt/sources.list.d/ports.list
- deb [arch=arm64] http://ports.ubuntu.com/ focal main restricted
- deb [arch=arm64] http://ports.ubuntu.com/ focal-updates main restricted
- deb [arch=arm64] http://ports.ubuntu.com/ focal universe
- deb [arch=arm64] http://ports.ubuntu.com/ focal-updates universe
- deb [arch=arm64] http://ports.ubuntu.com/ focal multiverse
- deb [arch=arm64] http://ports.ubuntu.com/ focal-updates multiverse
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy main restricted
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy-updates main restricted
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy universe
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy-updates universe
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy multiverse
+ deb [arch=arm64] http://ports.ubuntu.com/ jammy-updates multiverse
EOF"
sudo apt-get update
sudo apt-get install --no-install-recommends \
@@ -76,12 +76,12 @@ jobs:
sudo dpkg --add-architecture armhf
sudo sed -i 's/^deb /deb [arch=amd64] /g' /etc/apt/sources.list
sudo sh -c "cat <<EOF > /etc/apt/sources.list.d/ports.list
- deb [arch=armhf] http://ports.ubuntu.com/ focal main restricted
- deb [arch=armhf] http://ports.ubuntu.com/ focal-updates main restricted
- deb [arch=armhf] http://ports.ubuntu.com/ focal universe
- deb [arch=armhf] http://ports.ubuntu.com/ focal-updates universe
- deb [arch=armhf] http://ports.ubuntu.com/ focal multiverse
- deb [arch=armhf] http://ports.ubuntu.com/ focal-updates multiverse
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy main restricted
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy-updates main restricted
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy universe
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy-updates universe
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy multiverse
+ deb [arch=armhf] http://ports.ubuntu.com/ jammy-updates multiverse
EOF"
sudo apt-get update
sudo apt-get install --no-install-recommends \
@@ -91,15 +91,8 @@ jobs:
- name: Install cppcheck
if: ${{ matrix.target == 'cppcheck' }}
run: |
- sudo sh -c "echo 'deb http://archive.ubuntu.com/ubuntu hirsute main universe' \
- > /etc/apt/sources.list.d/hirsute.list"
- sudo sh -c "cat <<EOF > /etc/apt/preferences.d/hirsute.pref
- Package: *
- Pin: release n=hirsute
- Pin-Priority: -1
- EOF"
sudo apt-get update
- sudo apt-get install --no-install-recommends libz3-4/hirsute cppcheck/hirsute
+ sudo apt-get install --no-install-recommends cppcheck
- name: Prepare build
run: |
--
2.35.3
Jan Kiszka
Jul 27, 2022, 1:53:14 AM7/27/22
to efibootg...@googlegroups.com
From: Jan Kiszka <jan.k...@siemens.com>
Those are now available via regular internal headers as well.
include/test-interface.h | 4 ----
1 file changed, 4 deletions(-)
diff --git a/include/test-interface.h b/include/test-interface.h
index 9d43b1f..8baacd6 100644
--- a/include/test-interface.h
+++ b/include/test-interface.h
@@ -19,8 +19,4 @@
bool read_env(CONFIG_PART *part, BG_ENVDATA *env);
bool write_env(CONFIG_PART *part, BG_ENVDATA *env);
-bool probe_config_file(CONFIG_PART *cfgpart);
-bool probe_config_partitions(CONFIG_PART *cfgparts);
-bool mount_partition(CONFIG_PART *cfgpart);
-
EBGENVKEY bgenv_str2enum(char *key);
--
2.35.3
Those are now available via regular internal headers as well.
include/test-interface.h | 4 ----
1 file changed, 4 deletions(-)
diff --git a/include/test-interface.h b/include/test-interface.h
index 9d43b1f..8baacd6 100644
--- a/include/test-interface.h
+++ b/include/test-interface.h
@@ -19,8 +19,4 @@
bool read_env(CONFIG_PART *part, BG_ENVDATA *env);
bool write_env(CONFIG_PART *part, BG_ENVDATA *env);
-bool probe_config_file(CONFIG_PART *cfgpart);
-bool probe_config_partitions(CONFIG_PART *cfgparts);
-bool mount_partition(CONFIG_PART *cfgpart);
-
EBGENVKEY bgenv_str2enum(char *key);
--
2.35.3
Jan Kiszka
Jul 27, 2022, 1:53:14 AM7/27/22
to efibootg...@googlegroups.com
Changes in v2:
- include a better fix for the execstack warnings, dropping no longer
needed changes to init_array*.S files
- include new version of warning suppression patch, dropping
--no-warn-execstack from it
This resolves or suppresses warnings of recent binutils. Furthermore, it
prepares for and performs the update of the CI build container to Ubuntu
22.04.
The update triggered some test suite failures due to a fragile
overloading of symbols. Not that I fully understand why it failed, but
now it seems sanely resolved.
Jan
Jan Kiszka (6):
Mark stack of EFI binaries non-executable
Suppress RWX segment warnings from latest binutils
tests: Only weaken symbols we actually want to override
tests: Drop no longer needed prototypes from test-interface.h
ci: Add ccpcheck exceptions for constParameter warnings
ci: Update base image to Ubuntu 22.04
.github/workflows/main.yaml | 38 +++++++++++++++++--------------------
Makefile.am | 3 +++
configure.ac | 5 +++++
env/env_api_fat.c | 5 +++--
include/test-interface.h | 4 ----
tools/tests/Makefile.am | 10 +++++++++-
6 files changed, 37 insertions(+), 28 deletions(-)
--
2.35.3
- include a better fix for the execstack warnings, dropping no longer
needed changes to init_array*.S files
- include new version of warning suppression patch, dropping
--no-warn-execstack from it
This resolves or suppresses warnings of recent binutils. Furthermore, it
prepares for and performs the update of the CI build container to Ubuntu
22.04.
The update triggered some test suite failures due to a fragile
overloading of symbols. Not that I fully understand why it failed, but
now it seems sanely resolved.
Jan
Jan Kiszka (6):
Mark stack of EFI binaries non-executable
Suppress RWX segment warnings from latest binutils
tests: Only weaken symbols we actually want to override
tests: Drop no longer needed prototypes from test-interface.h
ci: Add ccpcheck exceptions for constParameter warnings
ci: Update base image to Ubuntu 22.04
.github/workflows/main.yaml | 38 +++++++++++++++++--------------------
Makefile.am | 3 +++
configure.ac | 5 +++++
env/env_api_fat.c | 5 +++--
include/test-interface.h | 4 ----
tools/tests/Makefile.am | 10 +++++++++-
6 files changed, 37 insertions(+), 28 deletions(-)
--
2.35.3
Jan Kiszka
Jul 27, 2022, 1:53:14 AM7/27/22
to efibootg...@googlegroups.com
From: Jan Kiszka <jan.k...@siemens.com>
None of both can be changes as the API is not defined by the users where
cppcheck has its findings.
.github/workflows/main.yaml | 3 +++
1 file changed, 3 insertions(+)
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 429557b..19fe3a5 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -172,6 +172,9 @@ jobs:
suppress+=" --suppress=nullPointerRedundantCheck:kernel-stub/main.c"
# Avoid noise regarding Ignore* fields
suppress+=" --suppress=unusedStructMember:kernel-stub/main.c"
+ # Not applicable because of API requirements
+ suppress+=" --suppress=constParameter:drivers/watchdog/ipc4x7e_wdt.c"
+ suppress+=" --suppress=constParameter:kernel-stub/initrd.c"
enable="--enable=warning \
--enable=style \
--
2.35.3
None of both can be changes as the API is not defined by the users where
cppcheck has its findings.
.github/workflows/main.yaml | 3 +++
1 file changed, 3 insertions(+)
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 429557b..19fe3a5 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -172,6 +172,9 @@ jobs:
suppress+=" --suppress=nullPointerRedundantCheck:kernel-stub/main.c"
# Avoid noise regarding Ignore* fields
suppress+=" --suppress=unusedStructMember:kernel-stub/main.c"
+ # Not applicable because of API requirements
+ suppress+=" --suppress=constParameter:drivers/watchdog/ipc4x7e_wdt.c"
+ suppress+=" --suppress=constParameter:kernel-stub/initrd.c"
enable="--enable=warning \
--enable=style \
--
2.35.3
Jan Kiszka
Jul 27, 2022, 1:53:14 AM7/27/22
to efibootg...@googlegroups.com, Tobias Schmidl
From: Jan Kiszka <jan.k...@siemens.com>
Executable stacks are not needed, and this switch resolves warnings of
latest binutils, e.g. under Debian bookworm:
/usr/bin/ld: warning: ./drivers/watchdog/init_array_end.o: missing .note.GNU-stack section implies executable stack
/usr/bin/ld: NOTE: This behaviour is deprecated and will be removed in a future version of the linker
Reported-by: Tobias Schmidl <tobias...@siemens.com>
Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/Makefile.am b/Makefile.am
index 856908f..3c529cc 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -226,6 +226,7 @@ efi_ldflags = \
-shared \
-Bsymbolic \
-nostdlib \
+ -znoexecstack \
-znocombreloc \
--warn-common \
--no-undefined \
--
2.35.3
Executable stacks are not needed, and this switch resolves warnings of
latest binutils, e.g. under Debian bookworm:
/usr/bin/ld: warning: ./drivers/watchdog/init_array_end.o: missing .note.GNU-stack section implies executable stack
/usr/bin/ld: NOTE: This behaviour is deprecated and will be removed in a future version of the linker
Reported-by: Tobias Schmidl <tobias...@siemens.com>
Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/Makefile.am b/Makefile.am
index 856908f..3c529cc 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -226,6 +226,7 @@ efi_ldflags = \
-shared \
-Bsymbolic \
-nostdlib \
+ -znoexecstack \
-znocombreloc \
--warn-common \
--no-undefined \
--
2.35.3
Reply all
Reply to author
Forward
0 new messages