diff --git a/.containerversion b/.containerversion index 87523dd7a..d81cc0710 100644 --- a/.containerversion +++ b/.containerversion @@ -1 +1 @@ -41 +42 diff --git a/CMakeLists.txt b/CMakeLists.txt index 21f9435b5..6332b0665 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -328,6 +328,12 @@ string(APPEND CMAKE_C_FLAGS " -Wno-cast-function-type") # Hardening string(APPEND CMAKE_C_FLAGS " -fstack-protector-all") +if(CMAKE_CROSSCOMPILING) + # Path to empty dummy libssp and libssp_shared. '-llibssp -llibssp_shared' is automatically added + # with '-fstack-protector-all', but we don't need them as we have our own custom + # `__stack_chk_fail`. See https://wiki.osdev.org/Stack_Smashing_Protector. + set(CMAKE_C_LINK_FLAGS "${CMAKE_C_LINK_FLAGS} -L${CMAKE_CURRENT_SOURCE_DIR}/external/lib/ssp") +endif() # Disallow duplicate definitions, which is the default since GCC # 10. It was not default in gcc-arm-none-eabi-8-2018-q4. diff --git a/Dockerfile b/Dockerfile index 83c41a8ac..7a69124fd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,11 +13,19 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Latest Ubuntu LTS +# If you are building for a foreign target and you get segfaults, try the latest version of qemu +# $ docker pull tonistiigi/binfmt:latest +# $ docker run --privileged --rm tonistiigi/binfmt --uninstall qemu-* +# $ docker run --privileged --rm tonistiigi/binfmt --install arm64 + FROM ubuntu:22.04 ENV DEBIAN_FRONTEND noninteractive -RUN apt-get update && apt-get upgrade -y && apt-get install -y wget nano rsync curl gnupg2 jq unzip bzip2 +# These are automatically provided by docker (no need for --build-arg) +ARG TARGETPLATFORM +ARG TARGETARCH + +RUN apt-get update && apt-get upgrade -y && apt-get install -y wget nano rsync curl gnupg2 jq unzip bzip2 xz-utils # for clang-*-15, see https://apt.llvm.org/ RUN echo "deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-18 main" >> /etc/apt/sources.list && \ @@ -25,18 +33,23 @@ RUN echo "deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-18 main" >> /etc/a wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - # Install gcc8-arm-none-eabi -RUN mkdir ~/Downloads &&\ - cd ~/Downloads &&\ - wget -O gcc.tar.bz2 https://developer.arm.com/-/media/Files/downloads/gnu-rm/8-2018q4/gcc-arm-none-eabi-8-2018-q4-major-linux.tar.bz2?revision=d830f9dd-cd4f-406d-8672-cca9210dd220?product=GNU%20Arm%20Embedded%20Toolchain,64-bit,,Linux,8-2018-q4-major &&\ - echo "fb31fbdfe08406ece43eef5df623c0b2deb8b53e405e2c878300f7a1f303ee52 gcc.tar.bz2" | sha256sum -c &&\ - cd ~/Downloads &&\ - tar -xjvf gcc.tar.bz2 &&\ - rm -f gcc.tar.bz2 &&\ - cd ~/Downloads && rsync -a gcc-arm-none-eabi-8-2018-q4-major/ /usr/local/ +RUN if [ "${TARGETPLATFORM}" = "linux/arm64" ]; then \ + GNU_TOOLCHAIN=https://developer.arm.com/-/media/Files/downloads/gnu/13.3.rel1/binrel/arm-gnu-toolchain-13.3.rel1-aarch64-arm-none-eabi.tar.xz \ + GNU_TOOLCHAIN_HASH=c8824bffd057afce2259f7618254e840715f33523a3d4e4294f471208f976764 \ + GNU_TOOLCHAIN_FORMAT=xz; \ + else \ + GNU_TOOLCHAIN=https://developer.arm.com/-/media/Files/downloads/gnu-rm/8-2018q4/gcc-arm-none-eabi-8-2018-q4-major-linux.tar.bz2 \ + GNU_TOOLCHAIN_HASH=fb31fbdfe08406ece43eef5df623c0b2deb8b53e405e2c878300f7a1f303ee52 \ + GNU_TOOLCHAIN_FORMAT=bz2; \ + fi; \ + wget -O gcc.tar.${GNU_TOOLCHAIN_FORMAT} ${GNU_TOOLCHAIN} &&\ + echo "$GNU_TOOLCHAIN_HASH gcc.tar.${GNU_TOOLCHAIN_FORMAT}" | sha256sum -c &&\ + tar -xvf gcc.tar.${GNU_TOOLCHAIN_FORMAT} -C /usr/local --strip-components=1 &&\ + rm -f gcc.tar.${GNU_TOOLCHAIN_FORMAT} # Tools for building RUN apt-get update && apt-get install -y \ - build-essential \ + make \ llvm-18 \ gcc-10 \ binutils \ @@ -49,9 +62,6 @@ RUN apt-get update && apt-get install -y \ libtool \ pkg-config \ libcmocka-dev \ - libc6-i386 \ - lib32stdc++6 \ - lib32z1 \ libusb-1.0-0-dev \ libudev-dev \ libhidapi-dev @@ -96,9 +106,15 @@ RUN python3 -m pip install --upgrade \ twine==1.15.0 #Install protoc from release, because the version available on the repo is too old -RUN mkdir -p /opt/protoc && \ - curl -L0 https://github.com/protocolbuffers/protobuf/releases/download/v21.2/protoc-21.2-linux-x86_64.zip -o /tmp/protoc-21.2-linux-x86_64.zip && \ - unzip /tmp/protoc-21.2-linux-x86_64.zip -d /opt/protoc +RUN if [ "${TARGETPLATFORM}" = "linux/arm64" ]; then \ + PROTOC_URL=https://github.com/protocolbuffers/protobuf/releases/download/v21.2/protoc-21.2-linux-aarch_64.zip; \ + else \ + PROTOC_URL=https://github.com/protocolbuffers/protobuf/releases/download/v21.2/protoc-21.2-linux-x86_64.zip; \ + fi; \ + mkdir -p /opt/protoc && \ + curl -L0 ${PROTOC_URL} -o /tmp/protoc-21.2.zip && \ + unzip /tmp/protoc-21.2.zip -d /opt/protoc && \ + rm /tmp/protoc-21.2.zip ENV PATH /opt/protoc/bin:$PATH # Make Python3 the default @@ -115,7 +131,7 @@ ENV GOPATH /opt/go ENV GOROOT /opt/go_dist/go ENV PATH $GOROOT/bin:$GOPATH/bin:$PATH RUN mkdir -p /opt/go_dist && \ - curl https://dl.google.com/go/go1.19.3.linux-amd64.tar.gz | tar -xz -C /opt/go_dist + curl https://dl.google.com/go/go1.19.3.linux-${TARGETARCH}.tar.gz | tar -xz -C /opt/go_dist # Install lcov from release (the one from the repos is too old). RUN cd /opt && wget https://github.com/linux-test-project/lcov/releases/download/v1.14/lcov-1.14.tar.gz && tar -xf lcov-1.14.tar.gz diff --git a/Makefile b/Makefile index 772f57903..2d6c9cb51 100644 --- a/Makefile +++ b/Makefile @@ -129,7 +129,7 @@ jlink-flash-factory-setup: | build jlink-flash-firmware-semihosting: | build-semihosting JLinkExe -if SWD -device ATSAMD51J20 -speed 4000 -autoconnect 1 -CommanderScript ./build-semihosting/scripts/firmware.jlink dockerinit: - ./scripts/container.sh build --pull --platform linux/amd64 --force-rm --no-cache -t shiftcrypto/firmware_v2:$(shell cat .containerversion) . + ./scripts/container.sh build --pull --force-rm --no-cache -t shiftcrypto/firmware_v2:$(shell cat .containerversion) . dockerpull: ./scripts/container.sh pull shiftcrypto/firmware_v2:$(shell cat .containerversion) dockerdev: diff --git a/external/asf4-drivers/hal/utils/include/utils_assert.h b/external/asf4-drivers/hal/utils/include/utils_assert.h index 2d4bfc1ef..348b06583 100644 --- a/external/asf4-drivers/hal/utils/include/utils_assert.h +++ b/external/asf4-drivers/hal/utils/include/utils_assert.h @@ -44,6 +44,8 @@ #ifndef _ASSERT_H_INCLUDED #define _ASSERT_H_INCLUDED +#undef assert + #ifdef __cplusplus extern "C" { #endif diff --git a/releases/build.sh b/releases/build.sh index 4481937ca..5858bb0fe 100755 --- a/releases/build.sh +++ b/releases/build.sh @@ -35,7 +35,8 @@ fi # Build the Docker image (this can take a while): -docker build --pull --force-rm --no-cache -t bitbox02-firmware . +# - The firmware is only reproducible with the same host compiler. For now we force linux/amd64. +docker build --pull --platform linux/amd64 --force-rm --no-cache -t bitbox02-firmware . # Revert the above local patch to the Dockerfile again to have a clean state. git checkout -- Dockerfile