diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..4d9b1a2 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,2 @@ +** +!Dockerfile diff --git a/.gitignore b/.gitignore index d43a944..b60ce8f 100644 --- a/.gitignore +++ b/.gitignore @@ -3,5 +3,85 @@ brainux cache/* !cache/.gitkeep nk.bin -image/sd.img +image/sd*.img +*.exe image/work + +# Created by https://www.toptal.com/developers/gitignore/api/macos,linux,windows +# Edit at https://www.toptal.com/developers/gitignore?templates=macos,linux,windows + +### Linux ### +*~ + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +### macOS ### +# General +.DS_Store +.AppleDouble +.LSOverride + +# Icon must end with two \r +Icon + + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +### macOS Patch ### +# iCloud generated files +*.icloud + +### Windows ### +# Windows thumbnail cache files +Thumbs.db +Thumbs.db:encryptable +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msix +*.msm +*.msp + +# Windows shortcuts +*.lnk + +# End of https://www.toptal.com/developers/gitignore/api/macos,linux,windows diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..74322a2 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,58 @@ +# TOOLCHAIN_PLATFORM is pinned to linux/amd64 so the ARM cross-compilers and +# qemu-user-static are always x86_64 binaries, matching the tested path. +# Passing `--platform` through an ARG silences the Docker linter warning about +# constant --platform values while keeping the behaviour identical. +ARG TOOLCHAIN_PLATFORM=linux/amd64 +FROM --platform=${TOOLCHAIN_PLATFORM} debian:trixie + +ENV DEBIAN_FRONTEND=noninteractive + +# Toolchain and utilities needed by build targets in this repository. +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + bc \ + bison \ + build-essential \ + ca-certificates \ + cpio \ + debootstrap \ + dosfstools \ + e2fsprogs \ + fdisk \ + file \ + flex \ + gcc-arm-linux-gnueabi \ + gcc-arm-linux-gnueabihf \ + git \ + kmod \ + kpartx \ + libncurses-dev \ + libssl-dev \ + libyaml-dev \ + lzop \ + make \ + parted \ + python3 \ + python3-pyelftools \ + python3-venv \ + qemu-user-static \ + rsync \ + sudo \ + unzip \ + util-linux \ + u-boot-tools \ + wget \ + xz-utils \ + && rm -rf /var/lib/apt/lists/* + +# brainlilo requires arm-mingw32ce toolchain from cegcc-build releases. +RUN wget -q -O /tmp/cegcc.zip https://github.com/brain-hackers/cegcc-build/releases/download/2022-04-11-133546/cegcc-2022-04-11-133546.zip \ + && unzip -q /tmp/cegcc.zip -d /tmp \ + && mkdir -p /opt \ + && mv /tmp/cegcc /opt/cegcc \ + && rm -rf /tmp/cegcc.zip + +WORKDIR /work + +# Keep entrypoint simple so callers can pass arbitrary make targets. +CMD ["bash"] diff --git a/Makefile b/Makefile index d159a98..dfced8e 100644 --- a/Makefile +++ b/Makefile @@ -5,6 +5,9 @@ LINUX_CROSS=$(shell ./tools/getcross linux) ROOTFS_CROSS=$(shell ./tools/getcross rootfs) export ARCH=arm +DOCKER_IMAGE := buildbrain-builder:local +ROOTFS_VOLUME := buildbrain-brainux-rootfs + .PHONY: setup: @echo "Updating submodules" @@ -135,25 +138,37 @@ lilobuild: liloclean: make -C ./brainlilo clean -brainux: +.PHONY: brainux brainux-umount-special brainux-clean +brainux: @if [ "$(shell uname)" != "Linux" ]; then \ echo "Debootstrap is only available in Linux!"; \ exit 1; \ fi mkdir -p brainux - sudo mkdir -p brainux/proc brainux/sys - sudo mount -t proc none $(shell pwd)/brainux/proc - sudo mount --rbind /sys $(shell pwd)/brainux/sys - @if [ "$(CI)" = "true" ]; then \ echo "I'm in CI and debootstrap without cache."; \ sudo debootstrap --arch=$(ROOTFS_CROSS) --foreign trixie brainux/; \ else \ sudo debootstrap --arch=$(ROOTFS_CROSS) --foreign trixie brainux/ http://localhost:65432/debian/; \ fi + + # Keep the mounting commands AFTER the first stage of debootstrap, because + # debootstrap's cleanup code/trap tries to clean up the target directory + # (`rm -rf /work/brainux/proc`) and fails because proc virtual files can't be removed. + sudo mkdir -p brainux/proc brainux/sys + sudo mount -t proc none $(shell pwd)/brainux/proc + sudo mount --rbind /sys $(shell pwd)/brainux/sys + sudo cp /usr/bin/qemu-arm-static brainux/usr/bin/ sudo cp ./os-brainux/setup_brainux.sh brainux/ sudo ./os-brainux/override-pre.sh ./os-brainux/override ./brainux + # Register qemu-arm-static binfmt handler if not already present. + sudo bash -c 'mount binfmt_misc -t binfmt_misc /proc/sys/fs/binfmt_misc 2>/dev/null; test -e /proc/sys/fs/binfmt_misc/qemu-arm || echo ":qemu-arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm-static:F" > /proc/sys/fs/binfmt_misc/register' + # Allow qemu-arm-static to reserve the guest address space at low virtual + # addresses (0x1000). On Linux hosts vm.mmap_min_addr defaults to 65536 + # which blocks the reservation, causing armel binaries like sqv (apt's + # OpenPGP verifier) to fail. This requires --privileged in Docker. + sudo sh -c 'echo 0 > /proc/sys/vm/mmap_min_addr' sudo -E chroot brainux /setup_brainux.sh sudo rm brainux/setup_brainux.sh sudo ./os-brainux/override.sh ./os-brainux/override ./brainux @@ -195,3 +210,42 @@ aptcache: .PHONY: datetag: git tag $(shell ./tools/version) + +.PHONY: +docker-build: + docker build --platform linux/amd64 -t $(DOCKER_IMAGE) -f Dockerfile . + +.PHONY: +docker-uboot: + docker run --rm --platform linux/amd64 -v "$$PWD":/work -w /work $(DOCKER_IMAGE) \ + bash -lc "make udefconfig-sh1 && make ubuild" + +.PHONY: +docker-kernel: + docker run --rm --platform linux/amd64 -v "$$PWD":/work -w /work $(DOCKER_IMAGE) \ + bash -lc "make lclean; make ldefconfig && make lbuild" + +.PHONY: +docker-rootfs: docker-volume-rm docker-volume-create + docker run --rm --platform linux/amd64 --privileged -e CI=true \ + -v $(ROOTFS_VOLUME):/work/brainux \ + -v "$$PWD":/work -w /work $(DOCKER_IMAGE) \ + bash -lc "make brainux" + +.PHONY: +docker-sd-image: + docker run --rm --platform linux/amd64 --privileged \ + -v $(ROOTFS_VOLUME):/work/brainux \ + -v "$$PWD":/work -w /work $(DOCKER_IMAGE) \ + bash -lc "make -C nkbin_maker clean all && make IMG_BUILD_JOBS=1 image/sd.img" + +.PHONY: +docker-sd-image-full: docker-kernel docker-rootfs docker-sd-image + +.PHONY: +docker-volume-create: + docker volume create $(ROOTFS_VOLUME) + +.PHONY: +docker-volume-rm: + docker volume rm $(ROOTFS_VOLUME) 2>/dev/null || true diff --git a/README.md b/README.md index 1ed3fb3..8f4805f 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,7 @@ Confirmed environments - Debian 10 (buster) amd64 - Debian 11 (bullseye) amd64 +- macOS 26.5 (Tahoe) arm64-apple-darwin25.5.0 via Docker Getting Started @@ -121,6 +122,91 @@ If you want to customize the build of Buildroot, `cd` into `buildroot` and use t `image/sd_buildroot.img` target expects presence of the tarball at `buildroot/output/images/rootfs.tar`. You'll have to `clean` and rebuild every time you change the Buildroot's config before making the SD image. +Docker build +------------ + +You can build everything in Docker instead of preparing native Linux cross toolchains on your host. + +### Prerequisites + +- Docker Desktop (or Docker Engine) with Linux containers enabled +- A clone with submodules initialized + +### Steps + +1. Build the builder image. + + ```sh + make docker-build + ``` + +2. Build complete SD image in stages (recommended for macOS to avoid daemon crashes). + + ```sh + make docker-sd-image-full + ``` + + This runs three separate containers in sequence, which distributes resource load and prevents Docker Desktop daemon from running out of memory. Alternatively, run each stage independently: + + ```sh + make docker-kernel + make docker-rootfs + make docker-sd-image + ``` + + **Note:** On macOS Docker Desktop, the combined memory footprint of kernel compilation, rootfs staging, and loop device operations can exceed the default VM allocation (~2-4 GB). Breaking into stages allows the daemon to garbage collect between steps. + + **Note:** `make docker-rootfs` (and thus `make docker-sd-image-full`) always deletes and recreates the named volume `buildbrain-brainux-rootfs` before building, so each rootfs build starts from a clean slate. To delete the volume manually between runs use `make docker-volume-rm`. + +### Direct Docker commands (advanced) + +For macOS, run in **stages** and use a **named volume** for the rootfs. + +> [!NOTE] Why a named volume for the rootfs? +> macOS APFS (the host filesystem behind Docker bind mounts) cannot create device +> files (`mknod`), may strip `setuid` bits, and does not faithfully preserve all +> Linux filesystem attributes. If the Debian rootfs is stored on APFS the result +> looks complete but will fail to boot — systemd cannot exec as PID 1 because the +> rootfs is subtly broken. The `make docker-*` targets below store `brainux/` in a +> Docker **named volume** (`buildbrain-brainux-rootfs`), which lives inside the +> Docker Desktop Linux VM on an ext4 filesystem and supports full Linux semantics. + +```sh +# Create a named volume for the rootfs (Linux ext4 inside the Docker Desktop VM) +$ docker volume create buildbrain-brainux-rootfs + +# Stage 1: kernel (bind mount is fine for source + outputs) +$ docker run --rm --platform linux/amd64 -v "$PWD":/work -w /work buildbrain-builder:local \ + bash -lc "make ldefconfig && make lbuild" + +# Stage 2: rootfs (must use named volume, NOT a bind mount for brainux/) +$ docker run --rm --platform linux/amd64 --privileged -e CI=true \ + -v buildbrain-brainux-rootfs:/work/brainux \ + -v "$PWD":/work -w /work buildbrain-builder:local \ + bash -lc "make brainux" + +# Stage 3: image assembly (mount the same named volume so cp -a reads from Linux ext4) +$ docker run --rm --platform linux/amd64 --privileged \ + -v buildbrain-brainux-rootfs:/work/brainux \ + -v "$PWD":/work -w /work buildbrain-builder:local \ + bash -lc "make -C nkbin_maker clean all && make IMG_BUILD_JOBS=1 image/sd.img" +``` + +On Linux with sufficient resources, you can run all steps in one container (no named volume needed on a native Linux host): + +```sh +$ docker run --rm --platform linux/amd64 --privileged -e CI=true -v "$PWD":/work -w /work buildbrain-builder:local \ + bash -lc "make ldefconfig lbuild && make nkbin-maker && make brainux && make image/sd.img" +``` + +Other useful Docker recipes: + +- `make docker-uboot` to build U-Boot +- `make docker-kernel` to build Linux kernel +- `make docker-volume-create` to (re-)create the rootfs named volume +- `make docker-volume-rm` to delete the rootfs named volume and reclaim its disk space + + Known issues ---------------------------------------- If you use GCC 10 for the host compiler, `make ubuild` may fail. diff --git a/image/build_image.sh b/image/build_image.sh index 71aff81..66eb18b 100755 --- a/image/build_image.sh +++ b/image/build_image.sh @@ -1,14 +1,33 @@ #!/bin/bash set -uex -o pipefail -JOBS=$(nproc) +show_help() { + cat << 'EOF' +Usage: ./build_image.sh ROOTFS IMG_NAME SIZE_M + +Build a bootable image for Brainux. + +Arguments: + ROOTFS Path to the root filesystem directory to include in the image (default: "rootfs"). + IMG_NAME Name of the output image file (default: sd.img). + SIZE_M Size of the output image in megabytes (default: 3072). +EOF +} + +# Trigger help if requested or if no arguments are passed +if [[ "$1" == "-h" || "$1" == "--help" || -z "$1" ]]; then + show_help + exit 0 +fi + +JOBS=${IMG_BUILD_JOBS:-$(nproc)} REPO=$(git rev-parse --show-toplevel) WORK=${REPO}/image/work LINUX=${REPO}/linux-brain -ROOTFS=$1 -IMG_NAME=$2 +ROOTFS=${1:-rootfs} +IMG_NAME=${2:-sd.img} IMG=${REPO}/image/${IMG_NAME} -SIZE_M=$3 +SIZE_M=${3:-3072} export CROSS_COMPILE=arm-linux-gnueabi- mkdir -p ${WORK} @@ -16,23 +35,26 @@ mkdir -p ${WORK}/lilobin for i in "a7200" "a7400" "sh1" "sh2" "sh3" "sh4" "sh5" "sh6" "sh7"; do NUM=$(echo $i | sed -E 's/sh//g') + BUILD_DIR=${WORK}/uboot-build-${i} - make -C ${REPO}/u-boot-brain distclean pw${i}_defconfig - make -j${JOBS} -C ${REPO}/u-boot-brain u-boot.bin - ${REPO}/nkbin_maker/bsd-ce ${REPO}/u-boot-brain/u-boot.bin + rm -rf ${BUILD_DIR} + rsync -a --exclude '.git' ${REPO}/u-boot-brain/ ${BUILD_DIR}/ + make -C ${BUILD_DIR} pw${i}_defconfig + make -j${JOBS} -C ${BUILD_DIR} u-boot.bin + ${REPO}/nkbin_maker/bsd-ce ${BUILD_DIR}/u-boot.bin case $i in "a7200") mv ${REPO}/nk.bin ${WORK}/edna3exe.bin - mv ${REPO}/u-boot-brain/u-boot.bin ${WORK}/lilobin/gen2.bin;; + mv ${BUILD_DIR}/u-boot.bin ${WORK}/lilobin/gen2.bin;; "a7400") - mv ${REPO}/u-boot-brain/u-boot.bin ${WORK}/lilobin/gen2_7400.bin;; + mv ${BUILD_DIR}/u-boot.bin ${WORK}/lilobin/gen2_7400.bin;; "sh1" | "sh2" | "sh3") mv ${REPO}/nk.bin ${WORK}/edsa${NUM}exe.bin - mv ${REPO}/u-boot-brain/u-boot.bin ${WORK}/lilobin/gen3_${NUM}.bin;; + mv ${BUILD_DIR}/u-boot.bin ${WORK}/lilobin/gen3_${NUM}.bin;; "sh4" | "sh5" | "sh6" | "sh7") mv ${REPO}/nk.bin ${WORK}/edsh${NUM}exe.bin - mv ${REPO}/u-boot-brain/u-boot.bin ${WORK}/lilobin/gen3_${NUM}.bin;; + mv ${BUILD_DIR}/u-boot.bin ${WORK}/lilobin/gen3_${NUM}.bin;; *) echo "WTF: $i" exit 1;; @@ -52,9 +74,8 @@ EOF sfdisk ${IMG} < ${WORK}/part.sfdisk -sudo kpartx -av ${IMG} - -LOOPDEV=$(losetup -l | grep ${IMG_NAME} | grep -o 'loop.' | tail -n 1) +KPARTX_OUTPUT=$(sudo kpartx -av ${IMG}) +LOOPDEV=$(echo "${KPARTX_OUTPUT}" | sed -n 's/^add map \(loop[0-9]\+\)p1.*/\1/p' | head -n 1) sudo mkfs.fat -n boot -F32 -v -I /dev/mapper/${LOOPDEV}p1 sudo mkfs.ext4 -L rootfs /dev/mapper/${LOOPDEV}p2 @@ -63,7 +84,7 @@ mkdir -p ${WORK}/p1 ${WORK}/p2 sudo mount -o utf8=true /dev/mapper/${LOOPDEV}p1 ${WORK}/p1 sudo mount /dev/mapper/${LOOPDEV}p2 ${WORK}/p2 -echo ${BRAINUX_VERSION} > ${WORK}/brainux_version +echo ${BRAINUX_VERSION:-unknown} > ${WORK}/brainux_version sudo cp ${WORK}/brainux_version ${WORK}/p1/ sudo cp ${LINUX}/arch/arm/boot/zImage ${WORK}/p1/ sudo cp ${LINUX}/arch/arm/boot/dts/imx28-pw*.dtb ${WORK}/p1/ diff --git a/os-brainux/override.sh b/os-brainux/override.sh index e28c617..9efb4d2 100755 --- a/os-brainux/override.sh +++ b/os-brainux/override.sh @@ -14,8 +14,8 @@ install -g root -o root -m 0644 $SRC/etc/X11/Xsession.d/96calibrate $DST/etc/X11 install -g root -o root -m 0644 -D $SRC/etc/xdg/weston/weston.ini $DST/etc/xdg/weston/weston.ini install -g 1000 -o 1000 -m 0644 $SRC/home/user/.xprofile $DST/home/user/.xprofile -sudo -u#1000 -g#1000 mkdir -p $DST/home/user/.config/fcitx +install -d -o 1000 -g 1000 -m 0755 $DST/home/user/.config/fcitx install -g 1000 -o 1000 -m 0644 $SRC/home/user/.config/fcitx/profile $DST/home/user/.config/fcitx/profile -sudo -u#1000 -g#1000 mkdir -p $DST/home/user/lxterminal +install -d -o 1000 -g 1000 -m 0755 $DST/home/user/lxterminal install -g 1000 -o 1000 -m 0644 $SRC/home/user/lxterminal/lxterminal.conf $DST/home/user/lxterminal/lxterminal.conf install -g root -o root -m 0644 -D $SRC/etc/jwm/system.jwmrc $DST/etc/jwm/system.jwmrc diff --git a/os-brainux/setup_brainux.sh b/os-brainux/setup_brainux.sh index 22c90c2..af74618 100755 --- a/os-brainux/setup_brainux.sh +++ b/os-brainux/setup_brainux.sh @@ -57,12 +57,9 @@ echo "brain" > /etc/hostname # curl, ca-certificates: downloads the GPG key from packagecloud # gnupg, debian-archive-keyring: packagecloud verification dependency +# apt-transport-https: needed before we can add the HTTPS packagecloud source DEBIAN_FRONTEND=noninteractive \ - apt install -y curl ca-certificates gnupg debian-archive-keyring - -# apt-transport-https can be installed after debian-archive-keyring being installed -DEBIAN_FRONTEND=noninteractive \ - apt install -y apt-transport-https + apt install -y curl ca-certificates gnupg debian-archive-keyring apt-transport-https # Install GPG key and packagecloud repository config mkdir -p /etc/apt/keyrings @@ -102,7 +99,7 @@ DEBIAN_FRONTEND=noninteractive \ cd / git clone --recurse-submodules -b master-24f017e https://github.com/brain-hackers/ly.git cd ly -make +make -j$(nproc) make install make installsystemd cd /