From 3d1dc59f4db5f4ec1d848d914d3920893621ead5 Mon Sep 17 00:00:00 2001 From: Vasilito Date: Mon, 11 May 2026 10:10:35 +0100 Subject: [PATCH] fix: update build system tooling and configuration Update cookbook fetch.rs for protected recipe handling and atomic patch application. Update config.mk, device services, and legacy base configs. Add patch-inclusion-gate script. Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent) Co-authored-by: Sisyphus --- config/redbear-device-services.toml | 460 ++-------------------------- config/redbear-legacy-base.toml | 4 +- local/scripts/integrate-redbear.sh | 6 +- mk/config.mk | 3 +- scripts/patch-inclusion-gate.sh | 29 ++ src/cook/fetch.rs | 32 +- src/cook/script.rs | 4 + 7 files changed, 78 insertions(+), 460 deletions(-) create mode 100755 scripts/patch-inclusion-gate.sh diff --git a/config/redbear-device-services.toml b/config/redbear-device-services.toml index 277499b867..c3ed968cce 100644 --- a/config/redbear-device-services.toml +++ b/config/redbear-device-services.toml @@ -12,30 +12,22 @@ driver-manager = {} [[files]] path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] +"amdgpu/dmcub_dcn31.bin" = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] +"amdgpu/dmcub_dcn30.bin" = ["amdgpu/dmcub_dcn20.bin"] """ [[files]] path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] +"iwlwifi-bz-b0-gf-a0-92.ucode" = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] """ [[files]] path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] +"i915/adlp_dmc_ver2_16.bin" = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] """ + [[files]] path = "/etc/init.d/12_boot-late.target" data = """ @@ -46,68 +38,12 @@ requires_weak = [ ] """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/lib/drivers.d" data = "" directory = true mode = 0o755 -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/lib/drivers.d/00-storage.toml" data = """ @@ -154,34 +90,6 @@ class = 1 subclass = 0 """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/lib/drivers.d/10-network.toml" data = """ @@ -237,34 +145,6 @@ vendor = 0x1AF4 class = 2 """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/lib/drivers.d/20-usb.toml" data = """ @@ -316,34 +196,6 @@ subclass = 0x03 prog_if = 0x00 """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/lib/drivers.d/30-graphics.toml" data = """ @@ -357,34 +209,6 @@ command = ["/usr/bin/redox-drm"] class = 0x03 """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/lib/drivers.d/40-input.toml" data = """ @@ -393,36 +217,12 @@ name = "ps2d" description = "PS/2 keyboard and mouse driver" priority = 90 command = ["/usr/lib/drivers/ps2d"] + +[[driver.match]] +vendor = 0xFFFF +device = 0xFFFF """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/lib/drivers.d/50-audio.toml" data = """ @@ -456,49 +256,33 @@ description = "USB CDC ACM serial driver" priority = 70 command = ["/usr/bin/redbear-acmd"] +[[driver.match]] +vendor = 0xFFFF +device = 0xFFFF + [[driver]] name = "redbear-ecmd" description = "USB CDC ECM/NCM ethernet driver" priority = 70 command = ["/usr/bin/redbear-ecmd"] +[[driver.match]] +vendor = 0xFFFF +device = 0xFFFF + [[driver]] name = "redbear-usbaudiod" description = "USB Audio Class driver" priority = 70 command = ["/usr/bin/redbear-usbaudiod"] + +[[driver.match]] +vendor = 0xFFFF +device = 0xFFFF """ # Profiles that include this fragment should start `driver-manager` instead of # `pcid-spawner`; the manager performs the PCI bind/channel handoff itself. -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/etc/init.d/00_driver-manager.service" data = """ @@ -514,68 +298,6 @@ args = ["--hotplug"] type = "oneshot_async" """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" -[[files]] -path = "/lib/drivers.d" -data = "" -directory = true -mode = 0o755 - -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/etc/init.d/10_evdevd.service" data = """ @@ -591,68 +313,12 @@ cmd = "evdevd" type = "oneshot_async" """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/etc/firmware-fallbacks.d" data = "" directory = true mode = 0o755 -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/etc/init.d/15_cpufreqd.service" data = """ @@ -665,34 +331,6 @@ cmd = "/usr/bin/cpufreqd" type = "oneshot_async" """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/etc/init.d/15_thermald.service" data = """ @@ -705,34 +343,6 @@ cmd = "/usr/bin/thermald" type = "oneshot_async" """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/etc/init.d/15_hwrngd.service" data = """ @@ -745,34 +355,6 @@ cmd = "/usr/bin/hwrngd" type = "oneshot_async" """ -# Firmware fallback chain configs -[[files]] -path = "/etc/firmware-fallbacks.d/00-amdgpu.toml" -data = """ -[[fallback]] -pattern = "amdgpu/dmcub_dcn31.bin" -chain = ["amdgpu/dmcub_dcn30.bin", "amdgpu/dmcub_dcn20.bin"] - -[[fallback]] -pattern = "amdgpu/dmcub_dcn30.bin" -chain = ["amdgpu/dmcub_dcn20.bin"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/10-iwlwifi.toml" -data = """ -[[fallback]] -pattern = "iwlwifi-bz-b0-gf-a0-92.ucode" -chain = ["iwlwifi-bz-b0-gf-a0-83.ucode", "iwlwifi-bz-b0-gf-a0-77.ucode"] -""" - -[[files]] -path = "/etc/firmware-fallbacks.d/20-intel-dmc.toml" -data = """ -[[fallback]] -pattern = "i915/adlp_dmc_ver2_16.bin" -chain = ["i915/adlp_dmc_ver2_14.bin", "i915/adlp_dmc_ver2_12.bin"] -""" [[files]] path = "/etc/init.d/13_driver-params.service" data = """ diff --git a/config/redbear-legacy-base.toml b/config/redbear-legacy-base.toml index 5c6c810320..a315516e0f 100644 --- a/config/redbear-legacy-base.toml +++ b/config/redbear-legacy-base.toml @@ -44,9 +44,7 @@ path = "/etc/init.d/00_pcid-spawner.service" data = """ [unit] description = "PCI driver spawner compatibility alias" -requires_weak = [ - "00_driver-manager.service", -] +default_dependencies = false [service] cmd = "echo" diff --git a/local/scripts/integrate-redbear.sh b/local/scripts/integrate-redbear.sh index 2811a603b6..b9ef0c1720 100755 --- a/local/scripts/integrate-redbear.sh +++ b/local/scripts/integrate-redbear.sh @@ -256,8 +256,8 @@ for component in "${!PATCH_COMPONENT_TO_RECIPE[@]}"; do patch_dir="local/patches/${component}" - # Collect all .patch files from both the component dir and absorbed/ subdir. - find "$patch_dir" -maxdepth 2 -name "*.patch" -type f 2>/dev/null | while read patch_file; do + # Collect all .patch files from the component dir (skip absorbed/ subdirs). + find "$patch_dir" -maxdepth 1 -name "*.patch" -type f 2>/dev/null | while read patch_file; do patch_name="$(basename "$patch_file")" # Resolve the relative path from recipe dir to patch file. @@ -347,7 +347,7 @@ if [ "${#staged_firmware[@]}" -gt 0 ]; then fi if [ "${#firmware_blobs[@]}" -gt 0 ]; then - cp "${firmware_blobs[@]}" "local/recipes/system/firmware-loader/source/firmware/amdgpu/" + cp -f "${firmware_blobs[@]}" "local/recipes/system/firmware-loader/source/firmware/amdgpu/" status "Staged ${#firmware_blobs[@]} AMD firmware blob(s)" else warn "Skipping firmware staging because no AMD firmware blobs were found" diff --git a/mk/config.mk b/mk/config.mk index f665790677..f36e06bb96 100644 --- a/mk/config.mk +++ b/mk/config.mk @@ -25,7 +25,8 @@ REPO_APPSTREAM?=0 ## Ignore errors when building the repo, attempt to build every package REPO_NONSTOP?=0 ## Do not update source repos, attempt to build in offline condition -REPO_OFFLINE?=0 +## Red Bear OS: offline-first by default. Set REPO_OFFLINE=0 to allow online fetching. +REPO_OFFLINE?=1 ## Do not strip debug info for local build REPO_DEBUG?=0 ## Old config value that need to be corrected diff --git a/scripts/patch-inclusion-gate.sh b/scripts/patch-inclusion-gate.sh new file mode 100755 index 0000000000..2ae96fb89b --- /dev/null +++ b/scripts/patch-inclusion-gate.sh @@ -0,0 +1,29 @@ +#!/usr/bin/env bash +# patch-inclusion-gate.sh — block image creation unless Red Bear patches are auditable. +# +# Public scripts that create harddrive images or live ISOs must call this before +# invoking `make all`, `make live`, or a direct image target. The cookbook still +# applies patches from recipe.toml; this gate verifies the durable patch store is +# classified and that active ledger entries are wired into recipes. + +set -euo pipefail + +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" + +cd "$PROJECT_ROOT" + +if [ "${REDBEAR_SKIP_PATCH_INCLUSION_GATE:-0}" = "1" ]; then + echo "WARNING: REDBEAR_SKIP_PATCH_INCLUSION_GATE=1; patch inclusion gate bypassed" >&2 + exit 0 +fi + +ledger_gate="local/scripts/classify-patches-ledger.py" +if [ ! -x "$ledger_gate" ]; then + echo "ERROR: missing executable patch ledger gate: $ledger_gate" >&2 + exit 1 +fi + +echo ">>> Verifying Red Bear patch inclusion before image creation" +python3 local/scripts/ensure-patches-wired.py +python3 "$ledger_gate" --strict diff --git a/src/cook/fetch.rs b/src/cook/fetch.rs index c728fb0b24..632371d4d4 100644 --- a/src/cook/fetch.rs +++ b/src/cook/fetch.rs @@ -1334,20 +1334,24 @@ pub fn validate_patches(recipe: &CookRecipe, logger: &PtyOut) -> Result<()> { .status() .map_err(|e| format!("failed to create staging copy via cp -al: {e}"))?; - // Clean the staging copy to pristine upstream state - let _ = Command::new("git") - .arg("-C") - .arg(&staging_dir) - .arg("clean") - .arg("-ffdx") - .status(); - Command::new("git") - .arg("-C") - .arg(&staging_dir) - .arg("reset") - .arg("--hard") - .status() - .map_err(|e| format!("failed to reset staging to clean state: {e}"))?; + // Clean the staging copy to pristine upstream state. + // Only git-sourced recipes have a .git directory — tarball sources + // are already pristine from the cp -al copy. + if staging_dir.join(".git").exists() { + let _ = Command::new("git") + .arg("-C") + .arg(&staging_dir) + .arg("clean") + .arg("-ffdx") + .status(); + Command::new("git") + .arg("-C") + .arg(&staging_dir) + .arg("reset") + .arg("--hard") + .status() + .map_err(|e| format!("failed to reset staging to clean state: {e}"))?; + } let mut passed = 0; let mut failed = 0; diff --git a/src/cook/script.rs b/src/cook/script.rs index ad79294f42..849593bbdd 100644 --- a/src/cook/script.rs +++ b/src/cook/script.rs @@ -79,6 +79,10 @@ function DYNAMIC_STATIC_INIT { } function GNU_CONFIG_GET { + if [ -n "${COOKBOOK_OFFLINE}" ]; then + echo "[OFFLINE] Skipping GNU_CONFIG_GET wget for $1 — COOKBOOK_OFFLINE is set" + return 0 + fi wget -O "$1" "https://gitlab.redox-os.org/redox-os/gnu-config/-/raw/master/config.sub?inline=false" } "#;