2021-12-12 20:27:04 +01:00
#!/usr/bin/env bash
2021-10-01 12:10:22 +02:00
# SPDX-License-Identifier: LGPL-2.1-or-later
2020-06-10 13:41:28 +02:00
2020-06-11 13:18:07 +02:00
set -ex
2020-06-10 13:41:28 +02:00
info( ) { echo -e " \033[33;1m $1 \033[0m " ; }
2020-06-11 13:18:07 +02:00
fatal( ) { echo >& 2 -e " \033[31;1m $1 \033[0m " ; exit 1; }
2020-06-10 13:41:28 +02:00
success( ) { echo >& 2 -e " \033[32;1m $1 \033[0m " ; }
ARGS = (
2023-10-27 11:47:43 +01:00
"--optimization=0 -Dopenssl=disabled -Dcryptolib=gcrypt -Ddns-over-tls=gnutls -Dtpm=true -Dtpm2=enabled"
2023-11-08 18:41:09 +00:00
"--optimization=s -Dutmp=false"
2024-01-04 17:51:40 +01:00
"--optimization=2 -Dc_args=-Wmaybe-uninitialized -Ddns-over-tls=openssl"
2021-12-24 11:50:37 +01:00
"--optimization=3 -Db_lto=true -Ddns-over-tls=false"
2023-08-10 15:44:11 +02:00
"--optimization=3 -Db_lto=false -Dtpm2=disabled -Dlibfido2=disabled -Dp11kit=disabled"
2021-05-05 21:07:36 +02:00
"--optimization=3 -Dfexecve=true -Dstandalone-binaries=true -Dstatic-libsystemd=true -Dstatic-libudev=true"
2020-06-10 13:41:28 +02:00
"-Db_ndebug=true"
)
PACKAGES = (
cryptsetup-bin
2020-06-10 20:51:15 +02:00
expect
fdisk
2020-06-10 13:41:28 +02:00
gettext
iputils-ping
isc-dhcp-client
itstool
kbd
libblkid-dev
2021-12-03 16:30:56 +01:00
libbpf-dev
2020-06-10 13:41:28 +02:00
libcap-dev
libcurl4-gnutls-dev
2020-06-10 20:51:15 +02:00
libfdisk-dev
2020-10-21 16:28:22 +02:00
libfido2-dev
2020-06-10 13:41:28 +02:00
libgpg-error-dev
liblz4-dev
liblzma-dev
libmicrohttpd-dev
libmount-dev
2020-06-10 20:51:15 +02:00
libp11-kit-dev
libpwquality-dev
2020-06-10 13:41:28 +02:00
libqrencode-dev
2020-06-10 20:51:15 +02:00
libssl-dev
2020-12-20 22:27:36 +01:00
libtss2-dev
2022-11-01 16:53:02 +01:00
libxen-dev
2020-06-10 13:41:28 +02:00
libxkbcommon-dev
2020-10-21 16:17:29 +02:00
libxtables-dev
2020-10-21 16:28:22 +02:00
libzstd-dev
2023-09-25 17:24:26 +02:00
# mold
2020-06-10 13:41:28 +02:00
mount
net-tools
python3-evdev
2021-05-17 10:36:30 +02:00
python3-jinja2
2021-12-03 16:30:56 +01:00
python3-lxml
2022-11-25 19:14:42 +01:00
python3-pefile
2020-06-10 13:41:28 +02:00
python3-pip
2023-03-02 15:41:17 +01:00
python3-pyelftools
2020-06-10 13:41:28 +02:00
python3-pyparsing
python3-setuptools
quota
strace
unifont
util-linux
2020-06-10 20:51:15 +02:00
zstd
2020-06-10 13:41:28 +02:00
)
2020-06-11 13:18:07 +02:00
COMPILER = " ${ COMPILER : ? } "
COMPILER_VERSION = " ${ COMPILER_VERSION : ? } "
2021-12-10 18:28:33 +01:00
LINKER = " ${ LINKER : ? } "
2021-12-24 11:50:37 +01:00
CRYPTOLIB = " ${ CRYPTOLIB : ? } "
2020-06-10 13:41:28 +02:00
RELEASE = " $( lsb_release -cs) "
2023-09-25 17:24:26 +02:00
# mold-2.2.0+ fixes some bugs breaking bootloader builds.
# TODO: Switch to distro mold with ubuntu-24.04
if [ [ " $LINKER " = = mold ] ] ; then
wget https://github.com/rui314/mold/releases/download/v2.2.0/mold-2.2.0-x86_64-linux.tar.gz
echo "d66e0230c562c2ba0e0b789cc5034e0fa2369cc843d0154920de4269cd94afeb mold-2.2.0-x86_64-linux.tar.gz" | sha256sum -c
sudo tar -xz -C /usr --strip-components= 1 -f mold-2.2.0-x86_64-linux.tar.gz
fi
2020-06-11 13:18:07 +02:00
# Note: As we use postfixed clang/gcc binaries, we need to override $AR
# as well, otherwise meson falls back to ar from binutils which
# doesn't work with LTO
if [ [ " $COMPILER " = = clang ] ] ; then
CC = " clang- $COMPILER_VERSION "
CXX = " clang++- $COMPILER_VERSION "
AR = " llvm-ar- $COMPILER_VERSION "
2021-10-11 21:12:42 +02:00
2024-06-07 10:55:53 +02:00
if systemd-analyze compare-versions " $COMPILER_VERSION " ge 17; then
CFLAGS = "-fno-sanitize=function"
CXXFLAGS = "-fno-sanitize=function"
else
CFLAGS = ""
CXXFLAGS = ""
fi
2022-05-21 16:35:55 +02:00
# Prefer the distro version if available
2023-09-05 12:02:05 +02:00
if ! apt-get -y install --dry-run " llvm- $COMPILER_VERSION " >/dev/null; then
2021-10-11 21:12:42 +02:00
# Latest LLVM stack deb packages provided by https://apt.llvm.org/
2021-12-26 01:11:00 +00:00
# Following snippet was partly borrowed from https://apt.llvm.org/llvm.sh
2023-09-05 12:07:01 +02:00
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | \
sudo gpg --yes --dearmor --output /usr/share/keyrings/apt-llvm-org.gpg
echo " deb [signed-by=/usr/share/keyrings/apt-llvm-org.gpg] http://apt.llvm.org/ $RELEASE / llvm-toolchain- $RELEASE - $COMPILER_VERSION main " | \
sudo tee /etc/apt/sources.list.d/llvm-toolchain.list
2021-10-11 21:12:42 +02:00
fi
2022-05-21 16:35:55 +02:00
2023-07-27 13:20:17 +02:00
PACKAGES += ( " clang- $COMPILER_VERSION " " lldb- $COMPILER_VERSION " " python3-lldb- $COMPILER_VERSION " " lld- $COMPILER_VERSION " " clangd- $COMPILER_VERSION " )
2020-06-11 13:18:07 +02:00
elif [ [ " $COMPILER " = = gcc ] ] ; then
CC = " gcc- $COMPILER_VERSION "
CXX = " g++- $COMPILER_VERSION "
AR = " gcc-ar- $COMPILER_VERSION "
2024-06-07 10:55:53 +02:00
CFLAGS = ""
CXXFLAGS = ""
2022-05-07 12:40:56 +00:00
2023-09-05 12:02:05 +02:00
if ! apt-get -y install --dry-run " gcc- $COMPILER_VERSION " >/dev/null; then
2022-05-07 12:40:56 +00:00
# Latest gcc stack deb packages provided by
# https://launchpad.net/~ubuntu-toolchain-r/+archive/ubuntu/test
2023-09-05 12:07:01 +02:00
sudo add-apt-repository -y --no-update ppa:ubuntu-toolchain-r/test
2022-05-07 12:40:56 +00:00
fi
2022-03-23 14:40:06 +01:00
PACKAGES += ( " gcc- $COMPILER_VERSION " " gcc- $COMPILER_VERSION -multilib " )
2020-06-11 13:18:07 +02:00
else
fatal " Unknown compiler: $COMPILER "
fi
2024-04-24 15:33:31 +01:00
# This is added by default, and it is often broken, but we don't need anything from it
2024-06-07 10:55:53 +02:00
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.{ list,sources}
# add-apt-repository --enable-source does not work on deb822 style sources.
for f in /etc/apt/sources.list.d/*.sources; do
sudo sed -i "s/Types: deb/Types: deb deb-src/g" " $f "
done
2023-09-05 12:07:01 +02:00
sudo apt-get -y update
sudo apt-get -y build-dep systemd
sudo apt-get -y install " ${ PACKAGES [@] } "
2021-11-19 16:23:03 +00:00
# Install more or less recent meson and ninja with pip, since the distro versions don't
# always support all the features we need (like --optimization=). Since the build-dep
2020-06-11 15:00:15 +02:00
# command above installs the distro versions, let's install the pip ones just
# locally and add the local bin directory to the $PATH.
2024-06-07 10:55:53 +02:00
pip3 install --user -r .github/workflows/requirements.txt --require-hashes --break-system-packages
2020-06-11 15:00:15 +02:00
export PATH = " $HOME /.local/bin: $PATH "
2020-06-10 13:41:28 +02:00
$CC --version
2021-01-25 16:01:56 +01:00
meson --version
ninja --version
2020-06-10 13:41:28 +02:00
for args in " ${ ARGS [@] } " ; do
SECONDS = 0
2024-01-04 17:51:40 +01:00
if [ [ " $COMPILER " = = clang && " $args " = ~ Wmaybe-uninitialized ] ] ; then
# -Wmaybe-uninitialized is not implemented in clang
continue
fi
2020-06-10 13:41:28 +02:00
info " Checking build with $args "
2021-09-29 19:55:24 +02:00
# shellcheck disable=SC2086
2021-12-10 18:28:33 +01:00
if ! AR = " $AR " \
2024-06-07 10:55:53 +02:00
CC = " $CC " CC_LD = " $LINKER " CFLAGS = " $CFLAGS " \
CXX = " $CXX " CXX_LD = " $LINKER " CXXFLAGS = " $CXXFLAGS " \
2023-01-11 15:04:11 +01:00
meson setup \
-Dtests= unsafe -Dslow-tests= true -Dfuzz-tests= true --werror \
2023-09-05 12:03:13 +02:00
-Dnobody-group= nogroup -Dcryptolib= " ${ CRYPTOLIB : ? } " -Ddebug= false \
2022-08-10 09:47:42 +02:00
$args build; then
2021-12-10 18:28:33 +01:00
2022-01-13 07:01:17 +00:00
cat build/meson-logs/meson-log.txt
2020-06-11 13:18:07 +02:00
fatal " meson failed with $args "
2020-06-10 13:41:28 +02:00
fi
2022-01-13 07:01:17 +00:00
if ! meson compile -C build -v; then
2023-01-11 15:04:11 +01:00
fatal " 'meson compile' failed with ' $args ' "
2020-06-10 13:41:28 +02:00
fi
2023-03-02 15:41:17 +01:00
for loader in build/src/boot/efi/*{ .efi,.efi.stub} ; do
if [ [ " $( sbverify --list " $loader " 2>& 1) " != "No signature table present" ] ] ; then
2022-01-02 20:05:58 +01:00
fatal " $loader : Gaps found in section table "
fi
done
2020-06-10 13:41:28 +02:00
git clean -dxf
2023-01-11 15:04:11 +01:00
success " Build with ' $args ' passed in $SECONDS seconds "
2020-06-10 13:41:28 +02:00
done