-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add NanoKVM support #44
Open
scpcom
wants to merge
70
commits into
sipeed:main
Choose a base branch
from
scpcom:nanokvm
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…r file based usb disk
This reverts commit 2373dd2.
…tition or file based usb disk" This reverts commit 5d0d4d0.
This reverts commit 97cd8f7.
Fixes the following CVEs: CVE-2024-24783: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect CVE-2024-24785: html/template: errors returned from MarshalJSON methods may break template escaping CVE-2024-24784: net/mail: comments in display names are incorrectly handled https://go.dev/doc/devel/release#go1.21.8 Signed-off-by: Christian Stewart <christian@aperture.us> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update to the latest 1.19.x version available. Signed-off-by: Christian Stewart <christian@aperture.us> Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Add a third bootstrap stage with Go1.21.x necessary for go1.22 bootstrap. go-bootstrap-stage1 is Go1.4.x, the final version to support bootstrap using a C compiler (later versions require the Go compiler for bootstrapping). See: https://go.dev/doc/install/source#bootstrapFromSource go-bootstrap-stage2 is Go 1.19.13, the last version to support bootstrap using the Go1.4.x compiler. go-bootstrap-stage3 is Go 1.21.8, the last version to support bootstrap using the Go1.19.13 compiler. Go 1.20 requires a minimum of go 1.17.13 to bootstrap. See: https://go.dev/doc/go1.20#bootstrap This patch is in preparation for bumping the host-go package to >go1.22.x, which requires a minimum of Go1.20.x for bootstrap. See: https://go.dev/doc/go1.22#bootstrap Signed-off-by: Christian Stewart <christian@aperture.us> [Arnout: add GOCACHE definition] Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Upgrade Go to the latest v1.22.x point release, go1.22.1. This requires go-bootstrap-stage3 at version go1.21.8: See: https://go.dev/doc/go1.22#bootstrap https://go.dev/doc/devel/release#go1.22.1 Signed-off-by: Christian Stewart <christian@aperture.us> Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
CVE-2023-45288: http2: close connections when receiving too many headers https://go.dev/doc/devel/release#go1.22.2 Signed-off-by: Christian Stewart <christian@aperture.us> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVEs: CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin CVE-2024-24788: net: malformed DNS message can cause infinite loop https://go.dev/doc/devel/release#go1.22.3 Signed-off-by: Christian Stewart <christian@aperture.us> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
…s invalid .git Since go-bootstrap-stage3 package has been added to Buildroot [1], all tests using go are failing only on Gitlab-ci jobs. The build succeed if we use docker-run script. Since the issue is only trigged by Gitlab-ci environment, the issue is related to the ownership of the (buildroot) git tree, see [2]. go seems to ignore the .gitconfig set by before_script. Anyway, go should not try to use git to retrieve some info since we are not building it from the go repository. go package was already patched for a similar issue when building host-go within docker [3]. Apply the same patch to go-bootstrap-stage3 to disable VCS support. See http://lists.busybox.net/pipermail/buildroot/2024-May/691273.html [1] f00eb37de9b4b0ddbdeb5c7ebae48c883c27e132 [2] a016b693f7830f3c8ae815851d3204b8b6e99821 [3] bc8e70a08ba083d978c828e31442a7645c9099d7 Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/6833307649 (tests.fs.test_oci.TestOci) https://gitlab.com/buildroot.org/buildroot/-/jobs/6833307823 (tests.package.test_docker_compose.TestDockerCompose) https://gitlab.com/buildroot.org/buildroot/-/jobs/6833308175 (tests.package.test_mender.TestMender) Runtime tested: https://gitlab.com/kubu93/buildroot/-/jobs/6860670292 Signed-off-by: Romain Naour <romain.naour@smile.fr> Cc: Christian Stewart <christian@aperture.us> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following CVEs: CVE-2024-24789: archive/zip: mishandling of corrupt central directory record CVE-2024-24790: net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses View the release notes for more information: https://go.dev/doc/devel/release#go1.22.4 Signed-off-by: Christian Stewart <christian@aperture.us> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE: CVE-2024-24791: net/http: denial of service due to improper 100-continue handling https://go.dev/doc/devel/release#go1.22.5 Signed-off-by: Christian Stewart <christian@aperture.us> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 5d02277884e406625c0142e7c3e68dfe30bdf6c4) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
…rty/sophgo-middleware/CMakeLists.txt too
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This will add the nanokvm app to the buildroot and some init script enhancements to build an image for NanoKVM.
The init scripts can be controlled by adding the files /boot.usb.hid and /boot/usb.disk0.
Currently I did not want to add an extra defconfig, I use this build script (not included in the pull request) to run the nanokvm build:
https://raw.githubusercontent.com/scpcom/LicheeRV-Nano-Build/develop/build-nanokvm.sh