Buildroot:DeveloperDaysFOSDEM2018

= Buildroot Developers Meeting, 5-6 February 2018, Brussels =

The Buildroot Developers meeting is a 2-day event for Buildroot developers and contributors. It allows Buildroot developers and contributors to discuss the hot topics in the Buildroot development, work on patches, and generally meet each other, facilitating further online discussions. Attending the event is free, after registration.

Location and date
The next Buildroot Developers meeting will take place on February 5th and 6th 2018 in Brussels, right after the FOSDEM conference. The meeting will take place in Google offices, located Chaussée d'Etterbeek 180, 1040 Brussels, very close to the Schuman metro station.

Sponsors
We would like to thank our sponsors:
 * Google, providing the meeting location, with Internet connection, but also free lunch and refreshments for the meeting participants.
 * Mind is the Embedded Software division of Essensium, which provides consultancy and services specifically in the field of Linux and Open Source SW for Embedded Systems. Mind offers the Monday dinner to the participants of the meeting.

We are looking for sponsors to sponsor travel expenses.

Participants
Note: As of 2018-01-31, registration is now closed.


 * 1) Thomas Petazzoni
 * 2) Peter Korsgaard
 * 3) Matt Weber
 * 4) Sam Voss
 * 5) Bryce Ferguson
 * 6) Romain Naour
 * 7) Samuel Martin
 * 8) Valentin Korenblit
 * 9) Luca Ceresoli (Monday only)
 * 10) Thomas De Schampheleire
 * 11) Joris Lijssens
 * 12) Angelo Compagnucci
 * 13) Arnout Vandecappelle
 * 14) Roberto Muzzì

Note: As of 2018-01-31, registration is now closed.

Most likely not attending:
 * 1) Yann E. MORIN

Report from the meeting
Notes are being taken at https://annuel2.framapad.org/p/BuildrootFosdem2018

Meeting agenda
''Yann wrote: There is no real ordering here, except I tried to put important things that require an urgent fix first, whith other non-ciritical things later...''


 * Local archive generation [Yann]
 * archives locally generated (from git/cvs/svn) depend on the tar version
 * http://lists.busybox.net/pipermail/buildroot/2018-January/211222.html
 * options:
 * investigating more those tar issues, and perhaps with the upstream tar folks, find a way of solving them
 * use a different archiving solution, that is more stable (cpio)
 * stop archiving, but then not clear how to support primary_site/backup_mirror
 * build our own tar


 * Namespace collision in package infra [Yann]
 * for example foo and foo-base will collide with variables $(1)_NAME and $(1)_BASE_NAME
 * already hit by:
 * alljoyn <-> alljoyn-base
 * alljoyn-tcl <-> alljoyn-tcl-base
 * perl-xml-sax <-> perl-xml-sax-base
 * so, we need to better separate the package part from the infra part, for example:
 * two underscores as a separator: FOO__NAME and FOO__BASE_NAME
 * a dot: FOO.NAME and FOO.BASE_NAME


 * Top-Level Parallel Build (TLPB) [Thomas]
 * How to trigger it?
 * option in menuconfig
 * automatic via top-level 'make -jN' ?
 * How to handle non-make tools (e.g. meson/ninja or mksquashfs...) that have their own parallel build that does not talk to a job-server?
 * either over-use of CPU (worst case N^2 jobs instead of N)
 * or under-use of CPU (1 job instead of N)
 * See e.g. https://github.com/ninja-build/ninja/issues/1139


 * GObject introspection [Adam]
 * what to do about this?
 * without it, we can't bump some packages, or lose functionality when bumping
 * RFC-patch from Adam: https://patchwork.ozlabs.org/patch/828791/


 * Download script overhaul [Maxime/Yann]
 * git caching
 * Patches from Maxime, reworked by Peter: https://patchwork.ozlabs.org/project/buildroot/list/?series=10225
 * (Yann's working on this)


 * Security Hardening [Matt] : https://docs.google.com/presentation/d/1IyrflpslZ6Gnsl-deR5G3sODfuICe-UkBeD44Edudhk/edit?usp=sharing


 * CPE / CVE management [Matt] : https://docs.google.com/presentation/d/1r0-BgKB54t7TdIE_F4qCKTfU8u7fxJCGri_y20s-IFs/edit?usp=sharing


 * SELinux - [Adam/Matt]
 * Functional Tests
 * Target test of basic x86 QEMU
 * Checks busybox and/or full tools can correctly interact with an SELinux enabled kernel
 * Verifies audit debug tools function correctly
 * Host tool check that the APOL testing tools are functional against an example policy (APOL is used for doing proofs of levels of policy requiring compromise before an application is reached.
 * Modular Policy with packages including policy for their configuration (Other option is document how to use refpolicy and use the SDK to do your building of a custom policy outside of the Buildroot build vs trying to integrate a solution for each buildroot package as part of the build. Maybe the SDK option is a test case?)


 * LLVM/Clang [Romain/Valentin]
 * A short presentation about LLVM/Clang for Buildroot : https://drive.google.com/open?id=131hHp9YYR6yk-vf4qYVuaV7iOZxAutUt


 * Merge of staging/ and target/ [Yann]
 * only ever install packages once, in staging/
 * a bit faster
 * generate target/ from staging/
 * target-finalize copies staging/ to target/
 * then resumes with the current cleanups
 * staging contains everything and is not stripped
 * keeps debug symbols and the likes untouched

= Photos =