Gitiles
Code Review Sign In
gerrit.openbmc.org / premsjha / op-build / 034ff11c71f3ea49186781543dd3b6e88b191996
commit034ff11c71f3ea49186781543dd3b6e88b191996[log] [tgz]
authorStewart Smith <stewart@linux.vnet.ibm.com>Fri Mar 10 11:56:22 2017 +1100
committerStewart Smith <stewart@linux.vnet.ibm.com>Fri Mar 10 11:57:10 2017 +1100
tree9d89b8b2c079d002a0ade12012061f64e31c8227
parent333c9b668edc0dc01ded8de88709a1c0c634a538 [diff]
Use and enforce kernel module signing

We use a build time generated key, as we never care about building
additional kernel modules to load.

For added security, as part of your build process, you should erase
this build artifact.

Fixes: https://github.com/open-power/op-build/issues/525
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
1 file changed
tree: 9d89b8b2c079d002a0ade12012061f64e31c8227
  1. ci/
  2. dl/
  3. openpower/
  4. output/
  5. buildroot
  6. .gitignore
  7. .gitmodules
  8. CONTRIBUTING.md
  9. LICENSE
  10. NOTICE
  11. op-build-env
  12. README.md
README.md

OpenPOWER Firmware Build Environment

The OpenPOWER firmware build process uses Buildroot to create a toolchain and build the various components of the PNOR firmware, including Hostboot, Skiboot, OCC, Petitboot etc.

Development

Issues, Milestones, pull requests and code hosting is on GitHub: https://github.com/open-power/op-build

Mailing list: openpower-firmware@lists.ozlabs.org
Info/Subscribe: https://lists.ozlabs.org/listinfo/openpower-firmware
Archives: https://lists.ozlabs.org/pipermail/openpower-firmware/

Building an image

To build an image for a Palmetto system:

git clone --recursive git@github.com:open-power/op-build.git
cd op-build
. op-build-env
op-build palmetto_defconfig && op-build

There are also default configurations for other platforms in openpower/configs/ such as Habanero and Firestone.

Buildroot/op-build supports both native and cross-compilation - it will automatically download and build an appropriate toolchain as part of the build process, so you don't need to worry about setting up a cross-compiler. Cross-compiling from a x86-64 host is officially supported.

Dependencies for 64-bit Ubuntu/Debian systems

  1. Install Ubuntu (>= 14.04) or Debian (>= 7.5) 64-bit.

  2. Enable Universe (Ubuntu only):

     sudo apt-get install software-properties-common
 sudo add-apt-repository universe

  3. Install the packages necessary for the build:

     sudo apt-get install cscope ctags libz-dev libexpat-dev \
   python language-pack-en texinfo \
   build-essential g++ git bison flex unzip \
   libxml-simple-perl libxml-sax-perl libxml2-dev libxml2-utils xsltproc \
   wget bc

Dependencies for 64-bit Fedora systems

  1. Install Fedora 25 64-bit (older Fedora should also work).

  2. Install the packages necessary for the build:

     sudo dnf install gcc-c++ flex bison git ctags cscope expat-devel patch \
   zlib-devel zlib-static texinfo perl-bignum "perl(XML::Simple)" \
   "perl(YAML)" "perl(XML::SAX)" "perl(Fatal)" "perl(Thread::Queue)" \
   "perl(Env)" "perl(XML::LibXML)" "perl(Digest::SHA1)" libxml2-devel \
   which wget unzip tar cpio python bzip2 bc findutils ncurses-devel