Felix Fietkaus staging tree https://git.openwrt.org/openwrt/staging/nbd/atom?h=master 2025-04-06T11:21:07Z 2025-04-06T11:21:07Z Stijn Tintel 2025-03-24T22:20:32Z urn:sha1:06c4e8a262e4618e61866ed92e296e46a1b6b671 TF-A LTS releases have an lts- prefix in their version tag. Introduce a PKG_LTS variable to support these. As the non-LTS tarbals do not contain the version prefix in the directory, we need different PKG_BUILD_DIR for each variant: ➜ tar --list --file dl/trusted-firmware-a-v2.12.tar.gz | head -n1 trusted-firmware-a-2.12/ ➜ tar --list --file dl/trusted-firmware-a-lts-v2.12.1.tar.gz | head -n1 trusted-firmware-a-lts-v2.12.1/ Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> 2025-01-04T17:11:40Z Thomas Richard 2025-01-03T09:19:05Z urn:sha1:4baa20ec661725550a830e7c86f9f75cbb1fbc4b If CC is explicitly set to a non default value, TF-A keeps this value. Otherwise it assigns generic default value. As the build bot set CC=/usr/bin/gcc-10, TF-A uses it which causes a compile issue. So unset CC before compiling. It's a new behavior since v2.12. A part of the explanation is available in this commit [1]. [1] https://github.com/ARM-software/arm-trusted-firmware/commit/e01c71266f9df46ac46dc72669449490d1c94419 Signed-off-by: Thomas Richard <thomas.richard@bootlin.com> Link: https://github.com/openwrt/openwrt/pull/17465 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 2024-12-28T10:20:20Z Chukun Pan 2024-12-20T14:30:01Z urn:sha1:4b6eb631e18b3ccccada91d5bccbb684e6ccc5a4 The URL of trusted-firmware-a is no longer available for downloading release: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/ curl: (22) The requested URL returned error: 401 Unauthorized So we switch to the GitHub mirror repository to download. Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn> Link: https://github.com/openwrt/openwrt/pull/17360 Signed-off-by: Robert Marko <robimarko@gmail.com> 2024-12-22T22:48:53Z Thomas Richard 2024-11-29T10:36:46Z urn:sha1:c117d7a37a74f8b4c06828a4549d500288a124a7 Since v2.12, TF-A automatically selects the no-warn-rwx-segments option if needed. So move this hack to the package Makefiles. Signed-off-by: Thomas Richard <thomas.richard@bootlin.com> Link: https://github.com/openwrt/openwrt/pull/17243 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 2024-05-07T20:01:42Z Felix Fietkau 2024-05-07T17:38:25Z urn:sha1:3cb8dc3786039d7d2a143fdbf5c3b9249f5bbbf3 Useful for special targets (e.g. RAM-only images) Signed-off-by: Felix Fietkau <nbd@nbd.name> 2023-01-21T10:55:23Z Linhui Liu 2023-01-17T01:27:38Z urn:sha1:c783c50d65966e7c3caa156e4df67e2fcc3aa168 Starting from version 2.39 binutils now warns about sections with rwx permissions. While this is generally desirable it breaks building ARM TrustedFirmware-A bl2 which treats warnings as errors. Disable the warning/error for now to fix build. Reference: 0579d9f5bc4b3a3d1b32526c71a6b77c4888bfcb Signed-off-by: Linhui Liu <liulinhui36@gmail.com> 2022-12-20T18:36:26Z Stijn Tintel 2022-12-20T18:04:53Z urn:sha1:c8c6508c22c59a09b7acce63bed28947788a46d4 There are 2 different CPE IDs on the NVD website: cpe:/a:arm:trusted_firmware-a cpe:/o:arm:arm_trusted_firmware The ID as currently used in trusted-firmware-a.mk does not exist. The CPE ID using the arm_trusted_firmware product name only lists a few records for versions 2.2 and 2.3 on the NVD site. The CPE ID using the trusted_firmware-a product name lists many more records, and actually has a CVE linked to it. Therefore, use the CPE ID using the trusted_firmware-a product name. Fixes: 104d60fe94ce ("trusted-firmware-a.mk: add PKG_CPE_ID") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> 2022-12-05T01:28:28Z Daniel Golle 2022-12-02T12:54:52Z urn:sha1:0579d9f5bc4b3a3d1b32526c71a6b77c4888bfcb Starting from version 2.39 binutils now warns about sections with rwx permissions. While this is generally desirable it breaks building ARM TrustedFirmware-A bl2 which treats warnings as errors. Disable the warning/error for now to fix build. Signed-off-by: Daniel Golle <daniel@makrotopia.org> 2022-08-28T18:01:55Z Daniel Golle 2022-08-11T21:29:52Z urn:sha1:14ce999924012b99c61b336527d1bc224823b78a Instead of relying on dtc being provided by the build host use the dtc from $(LINUX_DIR) similar to how it's done also in u-boot.mk. For this to work kernel.mk now needs to be included before trusted-firmware-a.mk, add this include to all affected packages. Signed-off-by: Daniel Golle <daniel@makrotopia.org> 2022-04-09T21:24:36Z Daniel Golle 2022-04-09T21:00:50Z urn:sha1:738d44f5ea6f6450c2c8a29cf5836e22b479340b ARM Trusted Firmware builds do not depend on any target libraries as they are bare-metal builds. However, the compiler aborts due to -Werror=missing-include-dirs if the include dir doesn't exists and this can happen when building with parallelisation as that makes it likely for arm-trusted-firmware-* to be build very early before any of the libraries which would implicitely create the directory. Fix this by making sure the include dir exists before building. Signed-off-by: Daniel Golle <daniel@makrotopia.org>