kat/hakurei
1
0
Fork 0
forked from rosa/hakurei
Code Pull Requests Activity

Compare commits

merge into: kat:pkgserver-testing
Branches Tags
kat:master kat:pkgserver-testing kat:staging kat:develop rosa:staging rosa:develop rosa:master
kat:v0.3.6 kat:v0.3.5 kat:v0.3.4 kat:v0.3.3 kat:v0.3.2 kat:v0.3.1 kat:v0.3.0 kat:v0.2.2 kat:v0.2.1 kat:v0.2.0 kat:v0.1.3 kat:v0.1.2 kat:v0.1.1 kat:v0.1.0 rosa:v0.3.7 rosa:v0.3.6 rosa:v0.3.5 rosa:v0.3.4 rosa:v0.3.3 rosa:v0.3.2 rosa:v0.3.1 rosa:v0.3.0 rosa:v0.2.2 rosa:v0.2.1 rosa:v0.2.0 rosa:v0.1.3 rosa:v0.1.2 rosa:v0.1.1 rosa:v0.1.0
...
pull from: rosa:master
Branches Tags
rosa:staging rosa:develop rosa:master kat:master kat:pkgserver-testing kat:staging kat:develop
rosa:v0.3.7 rosa:v0.3.6 rosa:v0.3.5 rosa:v0.3.4 rosa:v0.3.3 rosa:v0.3.2 rosa:v0.3.1 rosa:v0.3.0 rosa:v0.2.2 rosa:v0.2.1 rosa:v0.2.0 rosa:v0.1.3 rosa:v0.1.2 rosa:v0.1.1 rosa:v0.1.0 kat:v0.3.6 kat:v0.3.5 kat:v0.3.4 kat:v0.3.3 kat:v0.3.2 kat:v0.3.1 kat:v0.3.0 kat:v0.2.2 kat:v0.2.1 kat:v0.2.0 kat:v0.1.3 kat:v0.1.2 kat:v0.1.1 kat:v0.1.0

11 Commits
pkgserver- ... master

Author SHA1 Message Date
Ophestra
b208af8b85 release: 0.3.7 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-15 21:04:55 +09:00
Ophestra
8d650c0c8f all: migrate to rosa/hakurei 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-15 20:12:51 +09:00
Ophestra
a720efc32d internal/rosa/llvm: arch-specific versions 
This enables temporarily avoiding a broken release on specific targets.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-15 15:06:36 +09:00
Ophestra
400540cd41 internal/rosa/llvm: arch-specific patches 
Broken aarch64 tests in LLVM seem unlikely to be fixed soon.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-15 11:37:24 +09:00
Ophestra
1113efa5c2 internal/rosa/kernel: enable arm64 block drivers 
These are added separately to the amd64 patch due to the arm64 toolchain not being available at that time.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-15 00:22:05 +09:00
Ophestra
8b875f865c cmd/earlyinit: remount root and set firmware path 
The default search paths cannot be configured, configuring them here is most sound for now.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-14 19:50:04 +09:00
Ophestra
8905d653ba cmd/earlyinit: mount pseudo-filesystems 
The proposal for merging both init programs was unanimously accepted, so this is set up here alongside devtmpfs.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-14 19:43:42 +09:00
Ophestra
9c2fb6246f internal/rosa/kernel: enable FW_LOADER 
This wants to be loaded early, so having it as a dlkm is not helpful as it will always be loaded anyway.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-14 19:32:14 +09:00
Ophestra
9c116acec6 internal/rosa/kernel: enable amd64 block drivers 
These have to be built into initramfs, anyway, so build them into the kernel instead. The arm64 toolchain is not yet ready, so will be updated in a later patch.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-14 19:22:56 +09:00
Ophestra
988239a2bc internal/rosa: basic system image 
This is a simple image for debugging and is not yet set up for dm-verity.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-14 15:54:13 +09:00
Ophestra
bc03118142 cmd/earlyinit: handle args from cmdline 
These are set by the bootloader.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-14 15:13:52 +09:00
12 changed files with 236 additions and 119 deletions
Expand all files Collapse all files

8
README.md
View File

@@ -1,5 +1,5 @@
<p align="center"> <p align="center">
<a href="https://git.gensokyo.uk/security/hakurei"> <a href="https://git.gensokyo.uk/rosa/hakurei">
<picture> <picture>
<img src="https://basement.gensokyo.uk/images/yukari1.png" width="200px" alt="Yukari"> <img src="https://basement.gensokyo.uk/images/yukari1.png" width="200px" alt="Yukari">
</picture> </picture>
@@ -8,16 +8,16 @@
<p align="center"> <p align="center">
<a href="https://pkg.go.dev/hakurei.app"><img src="https://pkg.go.dev/badge/hakurei.app.svg" alt="Go Reference" /></a> <a href="https://pkg.go.dev/hakurei.app"><img src="https://pkg.go.dev/badge/hakurei.app.svg" alt="Go Reference" /></a>
<a href="https://git.gensokyo.uk/security/hakurei/actions"><img src="https://git.gensokyo.uk/security/hakurei/actions/workflows/test.yml/badge.svg?branch=staging&style=flat-square" alt="Gitea Workflow Status" /></a> <a href="https://git.gensokyo.uk/rosa/hakurei/actions"><img src="https://git.gensokyo.uk/rosa/hakurei/actions/workflows/test.yml/badge.svg?branch=staging&style=flat-square" alt="Gitea Workflow Status" /></a>
<br/> <br/>
<a href="https://git.gensokyo.uk/security/hakurei/releases"><img src="https://img.shields.io/gitea/v/release/security/hakurei?gitea_url=https%3A%2F%2Fgit.gensokyo.uk&color=purple" alt="Release" /></a> <a href="https://git.gensokyo.uk/rosa/hakurei/releases"><img src="https://img.shields.io/gitea/v/release/rosa/hakurei?gitea_url=https%3A%2F%2Fgit.gensokyo.uk&color=purple" alt="Release" /></a>
<a href="https://goreportcard.com/report/hakurei.app"><img src="https://goreportcard.com/badge/hakurei.app" alt="Go Report Card" /></a> <a href="https://goreportcard.com/report/hakurei.app"><img src="https://goreportcard.com/badge/hakurei.app" alt="Go Report Card" /></a>
<a href="https://hakurei.app"><img src="https://img.shields.io/website?url=https%3A%2F%2Fhakurei.app" alt="Website" /></a> <a href="https://hakurei.app"><img src="https://img.shields.io/website?url=https%3A%2F%2Fhakurei.app" alt="Website" /></a>
</p> </p>
Hakurei is a tool for running sandboxed desktop applications as dedicated Hakurei is a tool for running sandboxed desktop applications as dedicated
subordinate users on the Linux kernel. It implements the application container subordinate users on the Linux kernel. It implements the application container
of [planterette (WIP)](https://git.gensokyo.uk/security/planterette), a of [planterette (WIP)](https://git.gensokyo.uk/rosa/planterette), a
self-contained Android-like package manager with modern security features. self-contained Android-like package manager with modern security features.
Interaction with hakurei happens entirely through structures described by Interaction with hakurei happens entirely through structures described by

69
cmd/earlyinit/main.go
View File

@@ -4,6 +4,7 @@ import (
"log" "log"
"os" "os"
"runtime" "runtime"
"strings"
. "syscall" . "syscall"
) )
@@ -12,6 +13,22 @@ func main() {
log.SetFlags(0) log.SetFlags(0)
log.SetPrefix("earlyinit: ") log.SetPrefix("earlyinit: ")
var (
option map[string]string
flags []string
)
if len(os.Args) > 1 {
option = make(map[string]string)
for _, s := range os.Args[1:] {
key, value, ok := strings.Cut(s, "=")
if !ok {
flags = append(flags, s)
continue
}
option[key] = value
}
}
if err := Mount( if err := Mount(
"devtmpfs", "devtmpfs",
"/dev/", "/dev/",
@@ -55,4 +72,56 @@ func main() {
} }
} }
// staying in rootfs, these are no longer used
must(os.Remove("/root"))
must(os.Remove("/init"))
must(os.Mkdir("/proc", 0))
mustSyscall("mount proc", Mount(
"proc",
"/proc",
"proc",
MS_NOSUID|MS_NOEXEC|MS_NODEV,
"hidepid=1",
))
must(os.Mkdir("/sys", 0))
mustSyscall("mount sysfs", Mount(
"sysfs",
"/sys",
"sysfs",
0,
"",
))
// after top level has been set up
mustSyscall("remount root", Mount(
"",
"/",
"",
MS_REMOUNT|MS_BIND|
MS_RDONLY|MS_NODEV|MS_NOSUID|MS_NOEXEC,
"",
))
must(os.WriteFile(
"/sys/module/firmware_class/parameters/path",
[]byte("/system/lib/firmware"),
0,
))
}
// mustSyscall calls [log.Fatalln] if err is non-nil.
func mustSyscall(action string, err error) {
if err != nil {
log.Fatalln("cannot "+action+":", err)
}
}
// must calls [log.Fatal] with err if it is non-nil.
func must(err error) {
if err != nil {
log.Fatal(err)
}
} }

2
hst/config.go
View File

@@ -82,7 +82,7 @@ type Config struct {
// //
// Do not set this to true, it is insecure under any configuration. // Do not set this to true, it is insecure under any configuration.
// //
// [the /.flatpak-info hack]: https://git.gensokyo.uk/security/hakurei/issues/21 // [the /.flatpak-info hack]: https://git.gensokyo.uk/rosa/hakurei/issues/21
DirectPipeWire bool `json:"direct_pipewire,omitempty"` DirectPipeWire bool `json:"direct_pipewire,omitempty"`
// Direct access to PulseAudio socket, no attempt is made to establish // Direct access to PulseAudio socket, no attempt is made to establish

4
internal/rosa/all.go
View File

@@ -20,8 +20,10 @@ const (
LLVMRuntimes LLVMRuntimes
LLVMClang LLVMClang
// EarlyInit is the Rosa OS initramfs init program. // EarlyInit is the Rosa OS init program.
EarlyInit EarlyInit
// ImageSystem is the Rosa OS /system image.
ImageSystem
// ImageInitramfs is the Rosa OS initramfs archive. // ImageInitramfs is the Rosa OS initramfs archive.
ImageInitramfs ImageInitramfs

39
internal/rosa/images.go
View File

@@ -1,6 +1,9 @@
package rosa package rosa
import "hakurei.app/internal/pkg" import (
"hakurei.app/container/fhs"
"hakurei.app/internal/pkg"
)
func init() { func init() {
artifactsM[EarlyInit] = Metadata{ artifactsM[EarlyInit] = Metadata{
@@ -24,12 +27,36 @@ echo
} }
} }
func (t Toolchain) newImageSystem() (pkg.Artifact, string) {
return t.New("system.img", TNoToolchain, t.AppendPresets(nil,
SquashfsTools,
), nil, nil, `
mksquashfs /mnt/system /work/system.img
`, pkg.Path(fhs.AbsRoot.Append("mnt"), false, t.AppendPresets(nil,
Musl,
Mksh,
Toybox,
Kmod,
Kernel,
Firmware,
)...)), Unversioned
}
func init() {
artifactsM[ImageSystem] = Metadata{
Name: "system-image",
Description: "Rosa OS system image",
f: Toolchain.newImageSystem,
}
}
func (t Toolchain) newImageInitramfs() (pkg.Artifact, string) { func (t Toolchain) newImageInitramfs() (pkg.Artifact, string) {
return t.New("initramfs", TNoToolchain, []pkg.Artifact{ return t.New("initramfs", TNoToolchain, t.AppendPresets(nil,
t.Load(Zstd), Zstd,
t.Load(EarlyInit), EarlyInit,
t.Load(GenInitCPIO), GenInitCPIO,
}, nil, nil, ` ), nil, nil, `
gen_init_cpio -t 4294967295 -c /usr/src/initramfs | zstd > /work/initramfs.zst gen_init_cpio -t 4294967295 -c /usr/src/initramfs | zstd > /work/initramfs.zst
`, pkg.Path(AbsUsrSrc.Append("initramfs"), false, pkg.NewFile("initramfs", []byte(` `, pkg.Path(AbsUsrSrc.Append("initramfs"), false, pkg.NewFile("initramfs", []byte(`
dir /dev 0755 0 0 dir /dev 0755 0 0

91
internal/rosa/kernel_amd64.config
View File

@@ -2,15 +2,15 @@
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 6.12.76 Kernel Configuration # Linux/x86 6.12.76 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="clang version 22.1.0" CONFIG_CC_VERSION_TEXT="clang version 22.1.1"
CONFIG_GCC_VERSION=0 CONFIG_GCC_VERSION=0
CONFIG_CC_IS_CLANG=y CONFIG_CC_IS_CLANG=y
CONFIG_CLANG_VERSION=220100 CONFIG_CLANG_VERSION=220101
CONFIG_AS_IS_LLVM=y CONFIG_AS_IS_LLVM=y
CONFIG_AS_VERSION=220100 CONFIG_AS_VERSION=220101
CONFIG_LD_VERSION=0 CONFIG_LD_VERSION=0
CONFIG_LD_IS_LLD=y CONFIG_LD_IS_LLD=y
CONFIG_LLD_VERSION=220100 CONFIG_LLD_VERSION=220101
CONFIG_RUSTC_VERSION=0 CONFIG_RUSTC_VERSION=0
CONFIG_RUSTC_LLVM_VERSION=0 CONFIG_RUSTC_LLVM_VERSION=0
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
@@ -2402,7 +2402,7 @@ CONFIG_PREVENT_FIRMWARE_BUILD=y
# #
# Firmware loader # Firmware loader
# #
CONFIG_FW_LOADER=m CONFIG_FW_LOADER=y
CONFIG_FW_LOADER_DEBUG=y CONFIG_FW_LOADER_DEBUG=y
CONFIG_FW_LOADER_PAGED_BUF=y CONFIG_FW_LOADER_PAGED_BUF=y
CONFIG_FW_LOADER_SYSFS=y CONFIG_FW_LOADER_SYSFS=y
@@ -2749,7 +2749,7 @@ CONFIG_BLK_DEV_NULL_BLK=m
CONFIG_BLK_DEV_FD=m CONFIG_BLK_DEV_FD=m
# CONFIG_BLK_DEV_FD_RAWCMD is not set # CONFIG_BLK_DEV_FD_RAWCMD is not set
CONFIG_CDROM=m CONFIG_CDROM=m
CONFIG_BLK_DEV_PCIESSD_MTIP32XX=m CONFIG_BLK_DEV_PCIESSD_MTIP32XX=y
CONFIG_ZRAM=m CONFIG_ZRAM=m
# CONFIG_ZRAM_BACKEND_LZ4 is not set # CONFIG_ZRAM_BACKEND_LZ4 is not set
# CONFIG_ZRAM_BACKEND_LZ4HC is not set # CONFIG_ZRAM_BACKEND_LZ4HC is not set
@@ -2775,9 +2775,9 @@ CONFIG_CDROM_PKTCDVD=m
CONFIG_CDROM_PKTCDVD_BUFFERS=8 CONFIG_CDROM_PKTCDVD_BUFFERS=8
# CONFIG_CDROM_PKTCDVD_WCACHE is not set # CONFIG_CDROM_PKTCDVD_WCACHE is not set
CONFIG_ATA_OVER_ETH=m CONFIG_ATA_OVER_ETH=m
CONFIG_XEN_BLKDEV_FRONTEND=m CONFIG_XEN_BLKDEV_FRONTEND=y
CONFIG_XEN_BLKDEV_BACKEND=m # CONFIG_XEN_BLKDEV_BACKEND is not set
CONFIG_VIRTIO_BLK=m CONFIG_VIRTIO_BLK=y
CONFIG_BLK_DEV_RBD=m CONFIG_BLK_DEV_RBD=m
CONFIG_BLK_DEV_UBLK=m CONFIG_BLK_DEV_UBLK=m
CONFIG_BLKDEV_UBLK_LEGACY_OPCODES=y CONFIG_BLKDEV_UBLK_LEGACY_OPCODES=y
@@ -2788,13 +2788,12 @@ CONFIG_BLK_DEV_RNBD_SERVER=m
# #
# NVME Support # NVME Support
# #
CONFIG_NVME_KEYRING=m CONFIG_NVME_KEYRING=y
CONFIG_NVME_AUTH=m CONFIG_NVME_AUTH=y
CONFIG_NVME_CORE=m CONFIG_NVME_CORE=y
CONFIG_BLK_DEV_NVME=m CONFIG_BLK_DEV_NVME=y
CONFIG_NVME_MULTIPATH=y CONFIG_NVME_MULTIPATH=y
# CONFIG_NVME_VERBOSE_ERRORS is not set # CONFIG_NVME_VERBOSE_ERRORS is not set
CONFIG_NVME_HWMON=y
CONFIG_NVME_FABRICS=m CONFIG_NVME_FABRICS=m
CONFIG_NVME_RDMA=m CONFIG_NVME_RDMA=m
CONFIG_NVME_FC=m CONFIG_NVME_FC=m
@@ -2911,10 +2910,10 @@ CONFIG_KEBA_CP500=m
# #
# SCSI device support # SCSI device support
# #
CONFIG_SCSI_MOD=m CONFIG_SCSI_MOD=y
CONFIG_RAID_ATTRS=m CONFIG_RAID_ATTRS=m
CONFIG_SCSI_COMMON=m CONFIG_SCSI_COMMON=y
CONFIG_SCSI=m CONFIG_SCSI=y
CONFIG_SCSI_DMA=y CONFIG_SCSI_DMA=y
CONFIG_SCSI_NETLINK=y CONFIG_SCSI_NETLINK=y
CONFIG_SCSI_PROC_FS=y CONFIG_SCSI_PROC_FS=y
@@ -2922,7 +2921,7 @@ CONFIG_SCSI_PROC_FS=y
# #
# SCSI support type (disk, tape, CD-ROM) # SCSI support type (disk, tape, CD-ROM)
# #
CONFIG_BLK_DEV_SD=m CONFIG_BLK_DEV_SD=y
CONFIG_CHR_DEV_ST=m CONFIG_CHR_DEV_ST=m
CONFIG_BLK_DEV_SR=m CONFIG_BLK_DEV_SR=m
CONFIG_CHR_DEV_SG=m CONFIG_CHR_DEV_SG=m
@@ -3042,7 +3041,7 @@ CONFIG_SCSI_DEBUG=m
CONFIG_SCSI_PMCRAID=m CONFIG_SCSI_PMCRAID=m
CONFIG_SCSI_PM8001=m CONFIG_SCSI_PM8001=m
CONFIG_SCSI_BFA_FC=m CONFIG_SCSI_BFA_FC=m
CONFIG_SCSI_VIRTIO=m CONFIG_SCSI_VIRTIO=y
CONFIG_SCSI_CHELSIO_FCOE=m CONFIG_SCSI_CHELSIO_FCOE=m
CONFIG_SCSI_LOWLEVEL_PCMCIA=y CONFIG_SCSI_LOWLEVEL_PCMCIA=y
CONFIG_PCMCIA_AHA152X=m CONFIG_PCMCIA_AHA152X=m
@@ -3052,7 +3051,7 @@ CONFIG_PCMCIA_SYM53C500=m
# CONFIG_SCSI_DH is not set # CONFIG_SCSI_DH is not set
# end of SCSI device support # end of SCSI device support
CONFIG_ATA=m CONFIG_ATA=y
CONFIG_SATA_HOST=y CONFIG_SATA_HOST=y
CONFIG_PATA_TIMINGS=y CONFIG_PATA_TIMINGS=y
CONFIG_ATA_VERBOSE_ERROR=y CONFIG_ATA_VERBOSE_ERROR=y
@@ -3064,39 +3063,39 @@ CONFIG_SATA_PMP=y
# #
# Controllers with non-SFF native interface # Controllers with non-SFF native interface
# #
CONFIG_SATA_AHCI=m CONFIG_SATA_AHCI=y
CONFIG_SATA_MOBILE_LPM_POLICY=3 CONFIG_SATA_MOBILE_LPM_POLICY=3
CONFIG_SATA_AHCI_PLATFORM=m CONFIG_SATA_AHCI_PLATFORM=y
CONFIG_AHCI_DWC=m CONFIG_AHCI_DWC=y
CONFIG_AHCI_CEVA=m CONFIG_AHCI_CEVA=y
CONFIG_SATA_INIC162X=m CONFIG_SATA_INIC162X=m
CONFIG_SATA_ACARD_AHCI=m CONFIG_SATA_ACARD_AHCI=y
CONFIG_SATA_SIL24=m CONFIG_SATA_SIL24=y
CONFIG_ATA_SFF=y CONFIG_ATA_SFF=y
# #
# SFF controllers with custom DMA interface # SFF controllers with custom DMA interface
# #
CONFIG_PDC_ADMA=m CONFIG_PDC_ADMA=y
CONFIG_SATA_QSTOR=m CONFIG_SATA_QSTOR=y
CONFIG_SATA_SX4=m CONFIG_SATA_SX4=m
CONFIG_ATA_BMDMA=y CONFIG_ATA_BMDMA=y
# #
# SATA SFF controllers with BMDMA # SATA SFF controllers with BMDMA
# #
CONFIG_ATA_PIIX=m CONFIG_ATA_PIIX=y
CONFIG_SATA_DWC=m CONFIG_SATA_DWC=y
# CONFIG_SATA_DWC_OLD_DMA is not set # CONFIG_SATA_DWC_OLD_DMA is not set
CONFIG_SATA_MV=m CONFIG_SATA_MV=y
CONFIG_SATA_NV=m CONFIG_SATA_NV=y
CONFIG_SATA_PROMISE=m CONFIG_SATA_PROMISE=y
CONFIG_SATA_SIL=m CONFIG_SATA_SIL=y
CONFIG_SATA_SIS=m CONFIG_SATA_SIS=y
CONFIG_SATA_SVW=m CONFIG_SATA_SVW=y
CONFIG_SATA_ULI=m CONFIG_SATA_ULI=y
CONFIG_SATA_VIA=m CONFIG_SATA_VIA=y
CONFIG_SATA_VITESSE=m CONFIG_SATA_VITESSE=y
# #
# PATA SFF controllers with BMDMA # PATA SFF controllers with BMDMA
@@ -3130,7 +3129,7 @@ CONFIG_PATA_RDC=m
CONFIG_PATA_SCH=m CONFIG_PATA_SCH=m
CONFIG_PATA_SERVERWORKS=m CONFIG_PATA_SERVERWORKS=m
CONFIG_PATA_SIL680=m CONFIG_PATA_SIL680=m
CONFIG_PATA_SIS=m CONFIG_PATA_SIS=y
CONFIG_PATA_TOSHIBA=m CONFIG_PATA_TOSHIBA=m
CONFIG_PATA_TRIFLEX=m CONFIG_PATA_TRIFLEX=m
CONFIG_PATA_VIA=m CONFIG_PATA_VIA=m
@@ -3172,8 +3171,8 @@ CONFIG_PATA_PARPORT_ON26=m
# #
# Generic fallback / legacy drivers # Generic fallback / legacy drivers
# #
CONFIG_PATA_ACPI=m CONFIG_PATA_ACPI=y
CONFIG_ATA_GENERIC=m CONFIG_ATA_GENERIC=y
CONFIG_PATA_LEGACY=m CONFIG_PATA_LEGACY=m
CONFIG_MD=y CONFIG_MD=y
CONFIG_BLK_DEV_MD=m CONFIG_BLK_DEV_MD=m
@@ -9621,11 +9620,11 @@ CONFIG_EFI_SECRET=m
CONFIG_SEV_GUEST=m CONFIG_SEV_GUEST=m
CONFIG_TDX_GUEST_DRIVER=m CONFIG_TDX_GUEST_DRIVER=m
CONFIG_VIRTIO_ANCHOR=y CONFIG_VIRTIO_ANCHOR=y
CONFIG_VIRTIO=m CONFIG_VIRTIO=y
CONFIG_VIRTIO_PCI_LIB=m CONFIG_VIRTIO_PCI_LIB=y
CONFIG_VIRTIO_PCI_LIB_LEGACY=m CONFIG_VIRTIO_PCI_LIB_LEGACY=y
CONFIG_VIRTIO_MENU=y CONFIG_VIRTIO_MENU=y
CONFIG_VIRTIO_PCI=m CONFIG_VIRTIO_PCI=y
CONFIG_VIRTIO_PCI_ADMIN_LEGACY=y CONFIG_VIRTIO_PCI_ADMIN_LEGACY=y
CONFIG_VIRTIO_PCI_LEGACY=y CONFIG_VIRTIO_PCI_LEGACY=y
CONFIG_VIRTIO_VDPA=m CONFIG_VIRTIO_VDPA=m

99
internal/rosa/kernel_arm64.config
View File

@@ -2,15 +2,15 @@
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/arm64 6.12.76 Kernel Configuration # Linux/arm64 6.12.76 Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="clang version 22.1.0" CONFIG_CC_VERSION_TEXT="clang version 22.1.1"
CONFIG_GCC_VERSION=0 CONFIG_GCC_VERSION=0
CONFIG_CC_IS_CLANG=y CONFIG_CC_IS_CLANG=y
CONFIG_CLANG_VERSION=220100 CONFIG_CLANG_VERSION=220101
CONFIG_AS_IS_LLVM=y CONFIG_AS_IS_LLVM=y
CONFIG_AS_VERSION=220100 CONFIG_AS_VERSION=220101
CONFIG_LD_VERSION=0 CONFIG_LD_VERSION=0
CONFIG_LD_IS_LLD=y CONFIG_LD_IS_LLD=y
CONFIG_LLD_VERSION=220100 CONFIG_LLD_VERSION=220101
CONFIG_RUSTC_VERSION=0 CONFIG_RUSTC_VERSION=0
CONFIG_RUSTC_LLVM_VERSION=0 CONFIG_RUSTC_LLVM_VERSION=0
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
@@ -2384,7 +2384,7 @@ CONFIG_PREVENT_FIRMWARE_BUILD=y
# #
# Firmware loader # Firmware loader
# #
CONFIG_FW_LOADER=m CONFIG_FW_LOADER=y
CONFIG_FW_LOADER_DEBUG=y CONFIG_FW_LOADER_DEBUG=y
CONFIG_FW_LOADER_PAGED_BUF=y CONFIG_FW_LOADER_PAGED_BUF=y
CONFIG_FW_LOADER_SYSFS=y CONFIG_FW_LOADER_SYSFS=y
@@ -2849,8 +2849,8 @@ CONFIG_CDROM_PKTCDVD=m
CONFIG_CDROM_PKTCDVD_BUFFERS=8 CONFIG_CDROM_PKTCDVD_BUFFERS=8
# CONFIG_CDROM_PKTCDVD_WCACHE is not set # CONFIG_CDROM_PKTCDVD_WCACHE is not set
CONFIG_ATA_OVER_ETH=m CONFIG_ATA_OVER_ETH=m
CONFIG_XEN_BLKDEV_FRONTEND=m CONFIG_XEN_BLKDEV_FRONTEND=y
CONFIG_XEN_BLKDEV_BACKEND=m # CONFIG_XEN_BLKDEV_BACKEND is not set
CONFIG_VIRTIO_BLK=m CONFIG_VIRTIO_BLK=m
CONFIG_BLK_DEV_RBD=m CONFIG_BLK_DEV_RBD=m
CONFIG_BLK_DEV_UBLK=m CONFIG_BLK_DEV_UBLK=m
@@ -2862,13 +2862,12 @@ CONFIG_BLK_DEV_RNBD_SERVER=m
# #
# NVME Support # NVME Support
# #
CONFIG_NVME_KEYRING=m CONFIG_NVME_KEYRING=y
CONFIG_NVME_AUTH=m CONFIG_NVME_AUTH=y
CONFIG_NVME_CORE=m CONFIG_NVME_CORE=y
CONFIG_BLK_DEV_NVME=m CONFIG_BLK_DEV_NVME=y
CONFIG_NVME_MULTIPATH=y CONFIG_NVME_MULTIPATH=y
# CONFIG_NVME_VERBOSE_ERRORS is not set # CONFIG_NVME_VERBOSE_ERRORS is not set
CONFIG_NVME_HWMON=y
CONFIG_NVME_FABRICS=m CONFIG_NVME_FABRICS=m
CONFIG_NVME_RDMA=m CONFIG_NVME_RDMA=m
CONFIG_NVME_FC=m CONFIG_NVME_FC=m
@@ -2977,10 +2976,10 @@ CONFIG_KEBA_CP500=m
# #
# SCSI device support # SCSI device support
# #
CONFIG_SCSI_MOD=m CONFIG_SCSI_MOD=y
CONFIG_RAID_ATTRS=m CONFIG_RAID_ATTRS=m
CONFIG_SCSI_COMMON=m CONFIG_SCSI_COMMON=y
CONFIG_SCSI=m CONFIG_SCSI=y
CONFIG_SCSI_DMA=y CONFIG_SCSI_DMA=y
CONFIG_SCSI_NETLINK=y CONFIG_SCSI_NETLINK=y
CONFIG_SCSI_PROC_FS=y CONFIG_SCSI_PROC_FS=y
@@ -2988,7 +2987,7 @@ CONFIG_SCSI_PROC_FS=y
# #
# SCSI support type (disk, tape, CD-ROM) # SCSI support type (disk, tape, CD-ROM)
# #
CONFIG_BLK_DEV_SD=m CONFIG_BLK_DEV_SD=y
CONFIG_CHR_DEV_ST=m CONFIG_CHR_DEV_ST=m
CONFIG_BLK_DEV_SR=m CONFIG_BLK_DEV_SR=m
CONFIG_CHR_DEV_SG=m CONFIG_CHR_DEV_SG=m
@@ -3108,7 +3107,7 @@ CONFIG_SCSI_DEBUG=m
CONFIG_SCSI_PMCRAID=m CONFIG_SCSI_PMCRAID=m
CONFIG_SCSI_PM8001=m CONFIG_SCSI_PM8001=m
CONFIG_SCSI_BFA_FC=m CONFIG_SCSI_BFA_FC=m
CONFIG_SCSI_VIRTIO=m CONFIG_SCSI_VIRTIO=y
CONFIG_SCSI_CHELSIO_FCOE=m CONFIG_SCSI_CHELSIO_FCOE=m
CONFIG_SCSI_LOWLEVEL_PCMCIA=y CONFIG_SCSI_LOWLEVEL_PCMCIA=y
CONFIG_PCMCIA_AHA152X=m CONFIG_PCMCIA_AHA152X=m
@@ -3118,7 +3117,7 @@ CONFIG_PCMCIA_SYM53C500=m
# CONFIG_SCSI_DH is not set # CONFIG_SCSI_DH is not set
# end of SCSI device support # end of SCSI device support
CONFIG_ATA=m CONFIG_ATA=y
CONFIG_SATA_HOST=y CONFIG_SATA_HOST=y
CONFIG_PATA_TIMINGS=y CONFIG_PATA_TIMINGS=y
CONFIG_ATA_VERBOSE_ERROR=y CONFIG_ATA_VERBOSE_ERROR=y
@@ -3130,23 +3129,23 @@ CONFIG_SATA_PMP=y
# #
# Controllers with non-SFF native interface # Controllers with non-SFF native interface
# #
CONFIG_SATA_AHCI=m CONFIG_SATA_AHCI=y
CONFIG_SATA_MOBILE_LPM_POLICY=3 CONFIG_SATA_MOBILE_LPM_POLICY=3
CONFIG_SATA_AHCI_PLATFORM=m CONFIG_SATA_AHCI_PLATFORM=y
CONFIG_AHCI_BRCM=m CONFIG_AHCI_BRCM=y
CONFIG_AHCI_DWC=m CONFIG_AHCI_DWC=y
CONFIG_AHCI_IMX=m CONFIG_AHCI_IMX=m
CONFIG_AHCI_CEVA=m CONFIG_AHCI_CEVA=y
CONFIG_AHCI_MTK=m CONFIG_AHCI_MTK=y
CONFIG_AHCI_MVEBU=m CONFIG_AHCI_MVEBU=y
CONFIG_AHCI_SUNXI=m CONFIG_AHCI_SUNXI=y
CONFIG_AHCI_TEGRA=m CONFIG_AHCI_TEGRA=y
CONFIG_AHCI_XGENE=m CONFIG_AHCI_XGENE=m
CONFIG_AHCI_QORIQ=m CONFIG_AHCI_QORIQ=y
CONFIG_SATA_AHCI_SEATTLE=m CONFIG_SATA_AHCI_SEATTLE=y
CONFIG_SATA_INIC162X=m CONFIG_SATA_INIC162X=m
CONFIG_SATA_ACARD_AHCI=m CONFIG_SATA_ACARD_AHCI=y
CONFIG_SATA_SIL24=m CONFIG_SATA_SIL24=y
CONFIG_ATA_SFF=y CONFIG_ATA_SFF=y
# #
@@ -3160,19 +3159,19 @@ CONFIG_ATA_BMDMA=y
# #
# SATA SFF controllers with BMDMA # SATA SFF controllers with BMDMA
# #
CONFIG_ATA_PIIX=m CONFIG_ATA_PIIX=y
CONFIG_SATA_DWC=m CONFIG_SATA_DWC=y
# CONFIG_SATA_DWC_OLD_DMA is not set # CONFIG_SATA_DWC_OLD_DMA is not set
CONFIG_SATA_MV=m CONFIG_SATA_MV=y
CONFIG_SATA_NV=m CONFIG_SATA_NV=y
CONFIG_SATA_PROMISE=m CONFIG_SATA_PROMISE=y
CONFIG_SATA_RCAR=m CONFIG_SATA_RCAR=y
CONFIG_SATA_SIL=m CONFIG_SATA_SIL=y
CONFIG_SATA_SIS=m CONFIG_SATA_SIS=y
CONFIG_SATA_SVW=m CONFIG_SATA_SVW=y
CONFIG_SATA_ULI=m CONFIG_SATA_ULI=y
CONFIG_SATA_VIA=m CONFIG_SATA_VIA=y
CONFIG_SATA_VITESSE=m CONFIG_SATA_VITESSE=y
# #
# PATA SFF controllers with BMDMA # PATA SFF controllers with BMDMA
@@ -3207,7 +3206,7 @@ CONFIG_PATA_RDC=m
CONFIG_PATA_SCH=m CONFIG_PATA_SCH=m
CONFIG_PATA_SERVERWORKS=m CONFIG_PATA_SERVERWORKS=m
CONFIG_PATA_SIL680=m CONFIG_PATA_SIL680=m
CONFIG_PATA_SIS=m CONFIG_PATA_SIS=y
CONFIG_PATA_TOSHIBA=m CONFIG_PATA_TOSHIBA=m
CONFIG_PATA_TRIFLEX=m CONFIG_PATA_TRIFLEX=m
CONFIG_PATA_VIA=m CONFIG_PATA_VIA=m
@@ -3249,8 +3248,8 @@ CONFIG_PATA_PARPORT_ON26=m
# #
# Generic fallback / legacy drivers # Generic fallback / legacy drivers
# #
CONFIG_PATA_ACPI=m CONFIG_PATA_ACPI=y
CONFIG_ATA_GENERIC=m CONFIG_ATA_GENERIC=y
CONFIG_PATA_LEGACY=m CONFIG_PATA_LEGACY=m
CONFIG_MD=y CONFIG_MD=y
CONFIG_BLK_DEV_MD=m CONFIG_BLK_DEV_MD=m
@@ -10436,11 +10435,11 @@ CONFIG_VMGENID=m
CONFIG_NITRO_ENCLAVES=m CONFIG_NITRO_ENCLAVES=m
CONFIG_ARM_PKVM_GUEST=y CONFIG_ARM_PKVM_GUEST=y
CONFIG_VIRTIO_ANCHOR=y CONFIG_VIRTIO_ANCHOR=y
CONFIG_VIRTIO=m CONFIG_VIRTIO=y
CONFIG_VIRTIO_PCI_LIB=m CONFIG_VIRTIO_PCI_LIB=y
CONFIG_VIRTIO_PCI_LIB_LEGACY=m CONFIG_VIRTIO_PCI_LIB_LEGACY=y
CONFIG_VIRTIO_MENU=y CONFIG_VIRTIO_MENU=y
CONFIG_VIRTIO_PCI=m CONFIG_VIRTIO_PCI=y
CONFIG_VIRTIO_PCI_LEGACY=y CONFIG_VIRTIO_PCI_LEGACY=y
CONFIG_VIRTIO_VDPA=m CONFIG_VIRTIO_VDPA=m
CONFIG_VIRTIO_PMEM=m CONFIG_VIRTIO_PMEM=m

12
internal/rosa/llvm.go
View File

@@ -73,14 +73,8 @@ func llvmFlagName(flag int) string {
} }
} }
const (
llvmVersionMajor = "22"
llvmVersion = llvmVersionMajor + ".1.1"
)
// newLLVMVariant returns a [pkg.Artifact] containing a LLVM variant. // newLLVMVariant returns a [pkg.Artifact] containing a LLVM variant.
func (t Toolchain) newLLVMVariant(variant string, attr *llvmAttr) pkg.Artifact { func (t Toolchain) newLLVMVariant(variant string, attr *llvmAttr) pkg.Artifact {
const checksum = "bQvV6D8AZvQykg7-uQb_saTbVavnSo1ykNJ3g57F5iE-evU3HuOYtcRnVIXTK76e"
if attr == nil { if attr == nil {
panic("LLVM attr must be non-nil") panic("LLVM attr must be non-nil")
@@ -169,7 +163,7 @@ ln -s ld.lld /work/system/bin/ld
return t.NewPackage("llvm", llvmVersion, pkg.NewHTTPGetTar( return t.NewPackage("llvm", llvmVersion, pkg.NewHTTPGetTar(
nil, "https://github.com/llvm/llvm-project/archive/refs/tags/"+ nil, "https://github.com/llvm/llvm-project/archive/refs/tags/"+
"llvmorg-"+llvmVersion+".tar.gz", "llvmorg-"+llvmVersion+".tar.gz",
mustDecode(checksum), mustDecode(llvmChecksum),
pkg.TarGzip, pkg.TarGzip,
), &PackageAttr{ ), &PackageAttr{
Patches: attr.patches, Patches: attr.patches,
@@ -316,7 +310,7 @@ ln -s clang++ /work/system/bin/c++
ninja check-all ninja check-all
`, `,
patches: [][2]string{ patches: slices.Concat([][2]string{
{"add-rosa-vendor", `diff --git a/llvm/include/llvm/TargetParser/Triple.h b/llvm/include/llvm/TargetParser/Triple.h {"add-rosa-vendor", `diff --git a/llvm/include/llvm/TargetParser/Triple.h b/llvm/include/llvm/TargetParser/Triple.h
index 9c83abeeb3b1..5acfe5836a23 100644 index 9c83abeeb3b1..5acfe5836a23 100644
--- a/llvm/include/llvm/TargetParser/Triple.h --- a/llvm/include/llvm/TargetParser/Triple.h
@@ -488,7 +482,7 @@ index 64324a3f8b01..15ce70b68217 100644
"/System/Library/Frameworks"}; "/System/Library/Frameworks"};
`}, `},
}, }, clangPatches),
}) })
return return

4
internal/rosa/llvm_amd64.go Normal file
View File

@@ -0,0 +1,4 @@
package rosa
// clangPatches are patches applied to the LLVM source tree for building clang.
var clangPatches [][2]string

12
internal/rosa/llvm_arm64.go Normal file
View File

@@ -0,0 +1,12 @@
package rosa
// clangPatches are patches applied to the LLVM source tree for building clang.
var clangPatches [][2]string
// one version behind, latest fails 5 tests with 2 flaky on arm64
const (
llvmVersionMajor = "21"
llvmVersion = llvmVersionMajor + ".1.8"
llvmChecksum = "8SUpqDkcgwOPsqHVtmf9kXfFeVmjVxl4LMn-qSE1AI_Xoeju-9HaoPNGtidyxyka"
)

11
internal/rosa/llvm_latest.go Normal file
View File

@@ -0,0 +1,11 @@
//go:build !arm64
package rosa
// latest version of LLVM, conditional to temporarily avoid broken new releases
const (
llvmVersionMajor = "22"
llvmVersion = llvmVersionMajor + ".1.1"
llvmChecksum = "bQvV6D8AZvQykg7-uQb_saTbVavnSo1ykNJ3g57F5iE-evU3HuOYtcRnVIXTK76e"
)

2
package.nix
View File

@@ -30,7 +30,7 @@
buildGo126Module rec { buildGo126Module rec {
pname = "hakurei"; pname = "hakurei";
version = "0.3.6"; version = "0.3.7";
srcFiltered = builtins.path { srcFiltered = builtins.path {
name = "${pname}-src"; name = "${pname}-src";