Just a status update.

I'm still hung up on how python 3.10 is breaking with c compiled extensions (i.e. libfdt), so this will take a bit longer. For now, it isn't something I'm willing to overlook.

I'm also going to wait to hear from Christopher on the upgrades.

 Bruce

On Tue, Oct 26, 2021 at 9:32 AM Edward Pickup <edward.pickup@...> wrote:

Update the SHA in recipes for xen and xen-tools to use the latest releases;
update xen 4.14 to xen 4.14.3 release, update xen 4.15 to 4.15.1 release, and
xen 4.16 to the current master version.

Add a comment to each recipe indicating which version of Xen is used in recipe.

Do not apply patches that have been merged/solved in Xen and remove patch files
not needed anymore.

Create a test package to pack new tests introduced in 4.16.

Add a depencency to util-linux-prlimit, as the xen 4.16 x86 requires prlimit,
without this boot of dom0 fails.

Signed-off-by: Edward Pickup <Edward.Pickup@...>
---
 ...ry-Fix-osdep_xenforeignmemory_map-pr.patch |  33 ------
 ...x86-make-hypervisor-build-with-gcc11.patch | 111 ------------------
 ...-around-build-issue-with-GNU-ld-2.37.patch |  36 ------
 recipes-extended/xen/xen-tools.inc            |  29 +++++
 recipes-extended/xen/xen-tools_4.14.bb        |   5 +-
 recipes-extended/xen/xen-tools_4.15.bb        |   5 +-
 recipes-extended/xen/xen-tools_git.bb         |   5 +-
 recipes-extended/xen/xen_4.14.bb              |   4 +-
 recipes-extended/xen/xen_4.15.bb              |   5 +-
 recipes-extended/xen/xen_git.bb               |   5 +-
 10 files changed, 41 insertions(+), 197 deletions(-)
 delete mode 100644 recipes-extended/xen/files/0001-libs-foreignmemory-Fix-osdep_xenforeignmemory_map-pr.patch
 delete mode 100644 recipes-extended/xen/files/0001-x86-make-hypervisor-build-with-gcc11.patch
 delete mode 100644 recipes-extended/xen/files/0001-x86-work-around-build-issue-with-GNU-ld-2.37.patch

diff --git a/recipes-extended/xen/files/0001-libs-foreignmemory-Fix-osdep_xenforeignmemory_map-pr.patch b/recipes-extended/xen/files/0001-libs-foreignmemory-Fix-osdep_xenforeignmemory_map-pr.patch
deleted file mode 100644
index 2e3b1a6..0000000
--- a/recipes-extended/xen/files/0001-libs-foreignmemory-Fix-osdep_xenforeignmemory_map-pr.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 5d3e4ebb5c71477d74a0c503438545a0126d3863 Mon Sep 17 00:00:00 2001
-From: Anthony PERARD <anthony.perard@...>
-Date: Tue, 1 Jun 2021 16:41:47 +0100
-Subject: [PATCH] libs/foreignmemory: Fix osdep_xenforeignmemory_map prototype
-
-Commit cf8c4d3d13b8 made some preparation to have one day
-variable-length-array argument, but didn't declare the array in the
-function prototype the same way as in the function definition. And now
-GCC 11 complains about it.
-
-Fixes: cf8c4d3d13b8 ("tools/libs/foreignmemory: pull array length argument to map forward")
-Signed-off-by: Anthony PERARD <anthony.perard@...>
-Reviewed-by: Jan Beulich <jbeulich@...>
----
- tools/libs/foreignmemory/private.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/tools/libs/foreignmemory/private.h b/tools/libs/foreignmemory/private.h
-index 1ee3626dd2..5bb0cefb09 100644
---- a/tools/libs/foreignmemory/private.h
-+++ b/tools/libs/foreignmemory/private.h
-@@ -32,7 +32,7 @@ int osdep_xenforeignmemory_close(xenforeignmemory_handle *fmem);
- void *osdep_xenforeignmemory_map(xenforeignmemory_handle *fmem,
-                                  uint32_t dom, void *addr,
-                                  int prot, int flags, size_t num,
--                                 const xen_pfn_t arr[num], int err[num]);
-+                                 const xen_pfn_t arr[/*num*/], int err[/*num*/]);
- int osdep_xenforeignmemory_unmap(xenforeignmemory_handle *fmem,
-                                  void *addr, size_t num);
-
---
-2.25.1
-
diff --git a/recipes-extended/xen/files/0001-x86-make-hypervisor-build-with-gcc11.patch b/recipes-extended/xen/files/0001-x86-make-hypervisor-build-with-gcc11.patch
deleted file mode 100644
index 72592c4..0000000
--- a/recipes-extended/xen/files/0001-x86-make-hypervisor-build-with-gcc11.patch
+++ /dev/null
@@ -1,111 +0,0 @@
-From 722f59d38c710a940ab05e542a83020eb5546dea Mon Sep 17 00:00:00 2001
-From: Jan Beulich <jbeulich@...>
-Date: Thu, 27 May 2021 14:40:29 +0200
-Subject: [PATCH] x86: make hypervisor build with gcc11
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Gcc 11 looks to make incorrect assumptions about valid ranges that
-pointers may be used for addressing when they are derived from e.g. a
-plain constant. See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100680.
-
-Utilize RELOC_HIDE() to work around the issue, which for x86 manifests
-in at least
-- mpparse.c:efi_check_config(),
-- tboot.c:tboot_probe(),
-- tboot.c:tboot_gen_frametable_integrity(),
-- x86_emulate.c:x86_emulate() (at -O2 only).
-The last case is particularly odd not just because it only triggers at
-higher optimization levels, but also because it only affects one of at
-least three similar constructs. Various "note" diagnostics claim the
-valid index range to be [0, 2⁶³-1].
-
-Signed-off-by: Jan Beulich <jbeulich@...>
-Tested-by: Jason Andryuk <jandryuk@...>
-Acked-by: Roger Pau Monné <roger.pau@...>
----
- tools/tests/x86_emulator/x86-emulate.c | 7 +++++++
- xen/arch/x86/x86_emulate/x86_emulate.c | 2 +-
- xen/include/asm-x86/fixmap.h           | 2 +-
- xen/include/xen/compiler.h             | 6 ++++++
- xen/include/xen/pdx.h                  | 2 +-
- 5 files changed, 16 insertions(+), 3 deletions(-)
-
-diff --git a/tools/tests/x86_emulator/x86-emulate.c b/tools/tests/x86_emulator/x86-emulate.c
-index 07f892dbbb..ea286d6ad8 100644
---- a/tools/tests/x86_emulator/x86-emulate.c
-+++ b/tools/tests/x86_emulator/x86-emulate.c
-@@ -8,6 +8,13 @@
-
- #define ERR_PTR(val) NULL
-
-+/* See gcc bug 100680, but here don't bother making this version dependent. */
-+#define gcc11_wrap(x) ({                  \
-+    unsigned long x_;                     \
-+    __asm__ ( "" : "=g" (x_) : "0" (x) ); \
-+    (typeof(x))x_;                        \
-+})
-+
- #define cpu_has_amd_erratum(nr) 0
- #define cpu_has_mpx false
- #define read_bndcfgu() 0
-diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
-index c25d88d0d8..31fdec030c 100644
---- a/xen/arch/x86/x86_emulate/x86_emulate.c
-+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
-@@ -726,7 +726,7 @@ union vex {
- #define copy_VEX(ptr, vex) ({ \
-     if ( !mode_64bit() ) \
-         (vex).reg |= 8; \
--    (ptr)[0 - PFX_BYTES] = ext < ext_8f08 ? 0xc4 : 0x8f; \
-+    gcc11_wrap(ptr)[0 - PFX_BYTES] = ext < ext_8f08 ? 0xc4 : 0x8f; \
-     (ptr)[1 - PFX_BYTES] = (vex).raw[0]; \
-     (ptr)[2 - PFX_BYTES] = (vex).raw[1]; \
-     container_of((ptr) + 1 - PFX_BYTES, typeof(vex), raw[0]); \
-diff --git a/xen/include/asm-x86/fixmap.h b/xen/include/asm-x86/fixmap.h
-index 0db314baeb..20746afd0a 100644
---- a/xen/include/asm-x86/fixmap.h
-+++ b/xen/include/asm-x86/fixmap.h
-@@ -78,7 +78,7 @@ extern void __set_fixmap(
-
- #define clear_fixmap(idx) __set_fixmap(idx, 0, 0)
-
--#define __fix_to_virt(x) (FIXADDR_TOP - ((x) << PAGE_SHIFT))
-+#define __fix_to_virt(x) gcc11_wrap(FIXADDR_TOP - ((x) << PAGE_SHIFT))
- #define __virt_to_fix(x) ((FIXADDR_TOP - ((x)&PAGE_MASK)) >> PAGE_SHIFT)
-
- #define fix_to_virt(x)   ((void *)__fix_to_virt(x))
-diff --git a/xen/include/xen/compiler.h b/xen/include/xen/compiler.h
-index 17cf00e1ec..696c7eb89e 100644
---- a/xen/include/xen/compiler.h
-+++ b/xen/include/xen/compiler.h
-@@ -140,6 +140,12 @@
-     __asm__ ("" : "=r"(__ptr) : "0"(ptr));      \
-     (typeof(ptr)) (__ptr + (off)); })
-
-+#if CONFIG_GCC_VERSION >= 110000 /* See gcc bug 100680. */
-+# define gcc11_wrap(x) RELOC_HIDE(x, 0)
-+#else
-+# define gcc11_wrap(x) (x)
-+#endif
-+
- #ifdef __GCC_ASM_FLAG_OUTPUTS__
- # define ASM_FLAG_OUT(yes, no) yes
- #else
-diff --git a/xen/include/xen/pdx.h b/xen/include/xen/pdx.h
-index 770fadc06c..9fcfb0ce52 100644
---- a/xen/include/xen/pdx.h
-+++ b/xen/include/xen/pdx.h
-@@ -19,7 +19,7 @@ extern u64 pdx_region_mask(u64 base, u64 len);
- extern void set_pdx_range(unsigned long smfn, unsigned long emfn);
-
- #define page_to_pdx(pg)  ((pg) - frame_table)
--#define pdx_to_page(pdx) (frame_table + (pdx))
-+#define pdx_to_page(pdx) gcc11_wrap(frame_table + (pdx))
-
- bool __mfn_valid(unsigned long mfn);
-
---
-2.25.1
-
diff --git a/recipes-extended/xen/files/0001-x86-work-around-build-issue-with-GNU-ld-2.37.patch b/recipes-extended/xen/files/0001-x86-work-around-build-issue-with-GNU-ld-2.37.patch
deleted file mode 100644
index f5108be..0000000
--- a/recipes-extended/xen/files/0001-x86-work-around-build-issue-with-GNU-ld-2.37.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From 58ad654ebce7ccb272a3f4f3482c03aaad850d31 Mon Sep 17 00:00:00 2001
-From: Jan Beulich <jbeulich@...>
-Date: Thu, 22 Jul 2021 11:20:38 +0200
-Subject: [PATCH] x86: work around build issue with GNU ld 2.37
-
-I suspect it is commit 40726f16a8d7 ("ld script expression parsing")
-which broke the hypervisor build, by no longer accepting section names
-with a dash in them inside ADDR() (and perhaps other script directives
-expecting just a section name, not an expression): .note.gnu.build-id
-is such a section.
-
-Quoting all section names passed to ADDR() via DECL_SECTION() works
-around the regression.
-
-Signed-off-by: Jan Beulich <jbeulich@...>
-Acked-by: Andrew Cooper <andrew.cooper3@...>
----
- xen/arch/x86/xen.lds.S | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/xen/arch/x86/xen.lds.S b/xen/arch/x86/xen.lds.S
-index 9c6c1c8005..955d5cf4a0 100644
---- a/xen/arch/x86/xen.lds.S
-+++ b/xen/arch/x86/xen.lds.S
-@@ -18,7 +18,7 @@ ENTRY(efi_start)
- #else /* !EFI */
-
- #define FORMAT "elf64-x86-64"
--#define DECL_SECTION(x) x : AT(ADDR(x) - __XEN_VIRT_START)
-+#define DECL_SECTION(x) x : AT(ADDR(#x) - __XEN_VIRT_START)
-
- ENTRY(start_pa)
-
---
-2.25.1
-
diff --git a/recipes-extended/xen/xen-tools.inc b/recipes-extended/xen/xen-tools.inc
index 614f557..d831941 100644
--- a/recipes-extended/xen/xen-tools.inc
+++ b/recipes-extended/xen/xen-tools.inc
@@ -102,6 +102,7 @@ RSUGGESTS:${PN}-xencov = "${PN}-xencov-split"

 RDEPENDS:${PN}-xencommons = "\
     bash \
+    util-linux-prlimit \
     ${PN}-console \
     ${PN}-xenstore \
     virtual/xenstored \
@@ -213,6 +214,9 @@ PACKAGES = " \
     ${PN}-xm-examples \
     ${PN}-xen-access \
     ${PN}-xen-memshare \
+    ${PN}-test \
+    ${PN}-xen-vmtrace \
+    ${PN}-xen-mceinj \
     "

 PROVIDES =+ " \
@@ -684,6 +688,31 @@ FILES:${PN}-xen-memshare += "\
 # memshare is only built for x86, so allow empty package for other archs
 ALLOW_EMPTY:${PN}-xen-memshare = "1"

+FILES:${PN}-test += "\
+    ${libdir}/xen/bin/test-xenstore \
+    ${libdir}/xen/bin/test-resource \
+    ${libdir}/xen/bin/test-cpu-policy \
+    ${libdir}/xen/bin/test-tsx \
+    "
+
+# test-xenstore and test-resource currently only exist in 4.16
+# test-cpu-policy and test-tsx only exist in 4.16 for x86
+ALLOW_EMPTY:${PN}-test = "1"
+
+FILES:${PN}-xen-mceinj +="\
+    ${sbindir}/xen-mceinj \
+    "
+
+# xen-mceinj is only built for x86 4.16, so allow empty package
+ALLOW_EMPTY:${PN}-xen-mceinj = "1"
+
+FILES:${PN}-xen-vmtrace +="\
+    ${sbindir}/xen-vmtrace \
+    "
+
+# xen-vmtrace is only built for x86 4.16, so allow empty package
+ALLOW_EMPTY:${PN}-xen-vmtrace = "1"
+
 INSANE_SKIP:${PN} = "already-stripped"

 # configure init.d scripts
diff --git a/recipes-extended/xen/xen-tools_4.14.bb b/recipes-extended/xen/xen-tools_4.14.bb
index ce5dc2e..9d78e44 100644
--- a/recipes-extended/xen/xen-tools_4.14.bb
+++ b/recipes-extended/xen/xen-tools_4.14.bb
@@ -1,4 +1,5 @@
-SRCREV ?= "b6a8c4f72def4d1135ff42660a86276ce2565c8c"
+# 4.14.3 release SHA
+SRCREV ?= "9f2b6c5ec2ded4c1caf149743e862c5f15d6d083"

 XEN_REL ?= "4.14"
 XEN_BRANCH ?= "stable-${XEN_REL}"
@@ -8,8 +9,6 @@ SRC_URI = " \
     file://0001-python-pygrub-pass-DISTUTILS-xen-4.14.patch \
     file://0001-firmware-provide-a-stand-alone-set-of-headers-Xen-4.14.patch \
     file://0001-tools-firmware-Build-firmware-as-ffreestanding-Xen-4.14.patch \
-    file://0001-libs-foreignmemory-Fix-osdep_xenforeignmemory_map-pr.patch \
-    file://0001-x86-work-around-build-issue-with-GNU-ld-2.37.patch \
     "

 LIC_FILES_CHKSUM ?= "file://COPYING;md5=419739e325a50f3d7b4501338e44a4e5"
diff --git a/recipes-extended/xen/xen-tools_4.15.bb b/recipes-extended/xen/xen-tools_4.15.bb
index e9c3bd6..840f162 100644
--- a/recipes-extended/xen/xen-tools_4.15.bb
+++ b/recipes-extended/xen/xen-tools_4.15.bb
@@ -1,4 +1,5 @@
-SRCREV ?= "e25aa9939ae0cd8317605be3d5c5611b76bc4ab4"
+# xen 4.15.1 release sha
+SRCREV ?= "84fa99099b920f7bcde8899e1a9b756078719d7d"

 XEN_REL ?= "4.15"
 XEN_BRANCH ?= "stable-${XEN_REL}"
@@ -6,8 +7,6 @@ XEN_BRANCH ?= "stable-${XEN_REL}"
 SRC_URI = " \
     git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH} \
     file://0001-python-pygrub-pass-DISTUTILS-xen-4.15.patch \
-    file://0001-libs-foreignmemory-Fix-osdep_xenforeignmemory_map-pr.patch \
-    file://0001-x86-work-around-build-issue-with-GNU-ld-2.37.patch \
     "

 LIC_FILES_CHKSUM ?= "file://COPYING;md5=419739e325a50f3d7b4501338e44a4e5"
diff --git a/recipes-extended/xen/xen-tools_git.bb b/recipes-extended/xen/xen-tools_git.bb
index 6926bd9..8ff9c4c 100644
--- a/recipes-extended/xen/xen-tools_git.bb
+++ b/recipes-extended/xen/xen-tools_git.bb
@@ -1,4 +1,5 @@
-SRCREV ?= "e680cc48b7184d3489873d6776f84ba1fc238ced"
+# master status on 2020-10-21
+SRCREV ?= "23ec1ebc8acbfd2bf06f6085a776f0db923f9fa9"

 XEN_REL ?= "4.16"
 XEN_BRANCH ?= "master"
@@ -6,8 +7,6 @@ XEN_BRANCH ?= "master"
 SRC_URI = " \
     git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH} \
     file://0001-python-pygrub-pass-DISTUTILS-xen-4.15.patch \
-    file://0001-libs-foreignmemory-Fix-osdep_xenforeignmemory_map-pr.patch \
-    file://0001-x86-work-around-build-issue-with-GNU-ld-2.37.patch \
     "

 LIC_FILES_CHKSUM ?= "file://COPYING;md5=419739e325a50f3d7b4501338e44a4e5"
diff --git a/recipes-extended/xen/xen_4.14.bb b/recipes-extended/xen/xen_4.14.bb
index 291ba16..0d7d20b 100644
--- a/recipes-extended/xen/xen_4.14.bb
+++ b/recipes-extended/xen/xen_4.14.bb
@@ -1,4 +1,5 @@
-SRCREV ?= "b6a8c4f72def4d1135ff42660a86276ce2565c8c"
+# 4.14.3 release SHA
+SRCREV ?= "9f2b6c5ec2ded4c1caf149743e862c5f15d6d083"

 XEN_REL ?= "4.14"
 XEN_BRANCH ?= "stable-${XEN_REL}"
@@ -7,7 +8,6 @@ SRC_URI = " \
     git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH} \
     file://xen-arm64-implement-atomic-fetch-add.patch \
     file://0001-menuconfig-mconf-cfg-Allow-specification-of-ncurses-location.patch \
-    file://0001-x86-work-around-build-issue-with-GNU-ld-2.37.patch \
     "

 LIC_FILES_CHKSUM ?= "file://COPYING;md5=419739e325a50f3d7b4501338e44a4e5"
diff --git a/recipes-extended/xen/xen_4.15.bb b/recipes-extended/xen/xen_4.15.bb
index 0605441..0cfaf0c 100644
--- a/recipes-extended/xen/xen_4.15.bb
+++ b/recipes-extended/xen/xen_4.15.bb
@@ -1,4 +1,5 @@
-SRCREV ?= "e25aa9939ae0cd8317605be3d5c5611b76bc4ab4"
+# xen 4.15.1 release sha
+SRCREV ?= "84fa99099b920f7bcde8899e1a9b756078719d7d"

 XEN_REL ?= "4.15"
 XEN_BRANCH ?= "stable-${XEN_REL}"
@@ -7,8 +8,6 @@ SRC_URI = " \
     git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH} \
     file://xen-arm64-implement-atomic-fetch-add.patch \
     file://0001-menuconfig-mconf-cfg-Allow-specification-of-ncurses-location.patch \
-    file://0001-x86-make-hypervisor-build-with-gcc11.patch \
-    file://0001-x86-work-around-build-issue-with-GNU-ld-2.37.patch \
     "

 LIC_FILES_CHKSUM ?= "file://COPYING;md5=419739e325a50f3d7b4501338e44a4e5"
diff --git a/recipes-extended/xen/xen_git.bb b/recipes-extended/xen/xen_git.bb
index 12c9403..20227e0 100644
--- a/recipes-extended/xen/xen_git.bb
+++ b/recipes-extended/xen/xen_git.bb
@@ -1,4 +1,5 @@
-SRCREV ?= "e680cc48b7184d3489873d6776f84ba1fc238ced"
+# master status on 2020-10-21
+SRCREV ?= "23ec1ebc8acbfd2bf06f6085a776f0db923f9fa9"

 XEN_REL ?= "4.16"
 XEN_BRANCH ?= "master"
@@ -7,8 +8,6 @@ SRC_URI = " \
     git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH} \
     file://xen-arm64-implement-atomic-fetch-add.patch \
     file://0001-menuconfig-mconf-cfg-Allow-specification-of-ncurses-location.patch \
-    file://0001-x86-make-hypervisor-build-with-gcc11.patch \
-    file://0001-x86-work-around-build-issue-with-GNU-ld-2.37.patch \
     "

 LIC_FILES_CHKSUM ?= "file://COPYING;md5=419739e325a50f3d7b4501338e44a4e5"
--
2.25.1

--

- Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end
- "Use the force Harry" - Gandalf, Star Trek II

Hi Bruce,

> On 26 Oct 2021, at 22:27, Bruce Ashfield <bruce.ashfield@...> wrote:
>
>
>
>
> On Tue, Oct 26, 2021 at 9:27 AM Edward Pickup <Edward.Pickup@...> wrote:
> Hi Bruce,
> Sorry for the formatting issues, email client config issues
>
> 
>
> From: Bruce Ashfield <bruce.ashfield@...>
> Sent: 26 October 2021 14:22
> To: Edward Pickup <Edward.Pickup@...>
> Cc: meta-virtualization@...; Bertrand Marquis <Bertrand.Marquis@...>; christopher.w.clark@...; nd <nd@...>
> Subject: Re: [meta-virtualization] Error building Xen device tree for qemuarm64
>
> 
>
> 
>
> 
>
> On Tue, Oct 26, 2021 at 8:58 AM Edward Pickup <edward.pickup@...> wrote:
>
> Hi all,
>
> I have encountered an error while building the arm64 version of the xen 4.16 recipe in meta-virtualisation, using the master version of poky and meta-virtuaisation.
> I was wondering if anyone was familiar with the issue or knew how to fix it. The error is as follows:
>
> ERROR: xen-image-minimal-1.0-r0 do_write_xen_qemuboot_dtb: ExecutionError('/home/edwpic01/work/master-update-xen/build/metavirt-host-arm64-4.16-release.prj/tmp/work/qemuarm64-poky-linux/xen-image-minimal/1.0-r0/temp/run.do_write_xen_qemuboot_dtb.3679135', 2, None, None)
> ERROR: Logfile of failure stored in: /home/edwpic01/work/master-update-xen/build/metavirt-host-arm64-4.16-release.prj/tmp/work/qemuarm64-poky-linux/xen-image-minimal/1.0-r0/temp/log.do_write_xen_qemuboot_dtb.3679135 .
>
> I believe the relevant part of the log is as follows:
>
> | [NOTE]: '3' lopper operation files will be processed
> | [INFO]: dtb output format detected, writing /home/edwpic01/work/master-update-xen/build/metavirt-host-arm64-4.16-release.prj/tmp/work/qemuarm64-poky-linux/xen-image-minimal/1.0-r0/deploy-xen-image-minimal-image-complete/xen-image-minimal-qemuarm64-20211026121502.qemuboot.dtb
> | [INFO]: writing output dtb: /home/edwpic01/work/master-update-xen/build/metavirt-host-arm64-4.16-release.prj/tmp/work/qemuarm64-poky-linux/xen-image-minimal/1.0-r0/deploy-xen-image-minimal-image-complete/xen-image-minimal-qemuarm64-20211026121502.qemuboot.dtb
> | /home/edwpic01/work/master-update-xen/build/metavirt-host-arm64-4.16-release.prj/tmp/work/qemuarm64-poky-linux/xen-image-minimal/1.0-r0/xen-image-minimal-1.0/output.dts: ERROR (explicit_phandles): /apb-pclk:phandle: bad length (1) phandle property
> | /home/edwpic01/work/master-update-xen/build/metavirt-host-arm64-4.16-release.prj/tmp/work/qemuarm64-poky-linux/xen-image-minimal/1.0-r0/xen-image-minimal-1.0/output.dts: ERROR (explicit_phandles): /intc@8000000:phandle: bad length (1) phandle property
> | /home/edwpic01/work/master-update-xen/build/metavirt-host-arm64-4.16-release.prj/tmp/work/qemuarm64-poky-linux/xen-image-minimal/1.0-r0/xen-image-minimal-1.0/output.dts: ERROR (explicit_phandles): /pl061@9030000:phandle: bad length (1) phandle property
> | ERROR: Input tree has errors, aborting (use -f to force output)
> | WARNING: exit code 2 from a shell command.
>
> The above error was the result from building on x86_64-linux, target system was aarch64-poky-linux, running on a qemuarch64 machine, itself running on x86_64 linux.
> As mentioned this was done on the master version of meta-virtualisation.
> The bitbake command to generate this was bitbake xen-image-mininal.
> The error is also present when building the xen 4.14 and xen 4.15 arm64 versions, and is not present on the arm32 or x86 builds for xen.
> If anyone knows the cause of the error, the information would be appreciated.
>
> 
>
> There's something wrong with the input DTS to Lopper .. luckily, I maintain Lopper, so if there's an actual bug in the processing of the input DTS .. I can fix that.
>
> 
>
> I can fire up a build and see if it happens here.


Could this be also considered for honister branch ?

Regards
Bertrand

>
> 
>
> So this is just qemuarm64, with xen + virtualization in the distro features ? Any other layers ? Anything else ?
>
> 
>
> Bruce
>
> Yes, this is just as you say, no other layers or anything else. Thank you for the speedy reply!
>
>
> There's a really bad interaction between libfdt and python 3.10.
>
> I've traced the error down to libfdt not being able to read anything from the dtbs and hence the chained errors.
>
> I'm building some older branches to confirm behaviours .. it will take me a few days to sort through this, but I don't want to mask the issue, as I need to understand exactly what is going on here.
>
> Bruce
>
> 
> 
>
> Edward
>
> 
>
>
> Cheers!
>
>
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
>
>
>
>
>
> 
>
> --
>
> - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end
> - "Use the force Harry" - Gandalf, Star Trek II
>
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
>
>
> --
> - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end
> - "Use the force Harry" - Gandalf, Star Trek II

Hi,

If possible, could this patch also be added to the honister branch?

Thanks,

Richard

---

From: meta-virtualization@... <meta-virtualization@...> on behalf of Richard Neill via lists.yoctoproject.org <richard.neill=arm.com@...>
Sent: Wednesday, November 3, 2021 1:01 PM
To: meta-virtualization@... <meta-virtualization@...>
Cc: nd <nd@...>
Subject: [meta-virtualization] [PATCH] k3s: Add additional required kernel modules

 

Adds the following kernel modules for k3s:

* xt-physdev
* xt-nflog
* xt-limit
* nfnetlink-log

Without them, the k3s network-policy-controller reports failures in the log
related to iptables-restore.

Signed-off-by: Richard Neill <richard.neill@...>
---
 recipes-containers/k3s/k3s_git.bb               | 4 ++++
 recipes-kernel/linux/linux-yocto/kubernetes.cfg | 8 ++++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/recipes-containers/k3s/k3s_git.bb b/recipes-containers/k3s/k3s_git.bb
index e341ad7..4e1cf64 100644
--- a/recipes-containers/k3s/k3s_git.bb
+++ b/recipes-containers/k3s/k3s_git.bb
@@ -96,6 +96,10 @@ RRECOMMENDS:${PN} = "\
                      kernel-module-vxlan \
                      kernel-module-xt-masquerade \
                      kernel-module-xt-statistic \
+                     kernel-module-xt-physdev \
+                     kernel-module-xt-nflog \
+                     kernel-module-xt-limit \
+                     kernel-module-nfnetlink-log \
                      "

 RCONFLICTS:${PN} = "kubectl"
diff --git a/recipes-kernel/linux/linux-yocto/kubernetes.cfg b/recipes-kernel/linux/linux-yocto/kubernetes.cfg
index 2d4e1f5..84fa8c5 100644
--- a/recipes-kernel/linux/linux-yocto/kubernetes.cfg
+++ b/recipes-kernel/linux/linux-yocto/kubernetes.cfg
@@ -13,9 +13,14 @@ CONFIG_IP_VS_NFCT=y
 CONFIG_IP_VS_PROTO_TCP=y
 CONFIG_IP_VS_PROTO_UDP=y
 CONFIG_IP_VS_RR=m
+CONFIG_NETFILTER_NETLINK_LOG=m
+CONFIG_NETFILTER_XT_CONNMARK=m
 CONFIG_NETFILTER_XT_MATCH_COMMENT=m
+CONFIG_NETFILTER_XT_MATCH_LIMIT=m
 CONFIG_NETFILTER_XT_MATCH_MARK=m
-CONFIG_NETFILTER_XT_CONNMARK=m
+CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m
+CONFIG_NETFILTER_XT_TARGET_NFLOG=m
+CONFIG_NETFILTER_XT_TARGET_REDIRECT=m
 CONFIG_NAMESPACES=y
 CONFIG_NET_NS=y
 CONFIG_PID_NS=y
@@ -32,4 +37,3 @@ CONFIG_MEMCG=y
 CONFIG_INET=y
 CONFIG_EXT4_FS=y
 CONFIG_PROC_FS=y
-CONFIG_NETFILTER_XT_TARGET_REDIRECT=m
--
2.25.1

* apply the same also for recipes using PKG_NAME starting
  with github.com which the conversion script doesn't update
  automatically

Signed-off-by: Martin Jansa <Martin.Jansa@...>
---
 recipes-containers/go-digest/go-digest_git.bb               | 2 +-
 recipes-containers/go-errors/go-errors_git.bb               | 2 +-
 recipes-containers/go-spf13-cobra/spf13-cobra_git.bb        | 2 +-
 recipes-containers/go-spf13-pflag/spf13-pflag_git.bb        | 2 +-
 recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb | 2 +-
 recipes-devtools/go/compose-file_git.bb                     | 2 +-
 recipes-devtools/go/go-capability_git.bb                    | 2 +-
 recipes-devtools/go/go-cli_git.bb                           | 2 +-
 recipes-devtools/go/go-connections_git.bb                   | 2 +-
 recipes-devtools/go/go-context_git.bb                       | 2 +-
 recipes-devtools/go/go-dbus_git.bb                          | 2 +-
 recipes-devtools/go/go-fsnotify_git.bb                      | 2 +-
 recipes-devtools/go/go-libtrust_git.bb                      | 2 +-
 recipes-devtools/go/go-logrus_git.bb                        | 2 +-
 recipes-devtools/go/go-metalinter_git.bb                    | 2 +-
 recipes-devtools/go/go-mux_git.bb                           | 2 +-
 recipes-devtools/go/go-patricia_git.bb                      | 2 +-
 recipes-devtools/go/go-pty_git.bb                           | 2 +-
 recipes-devtools/go/notary_git.bb                           | 2 +-
 19 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/recipes-containers/go-digest/go-digest_git.bb b/recipes-containers/go-digest/go-digest_git.bb
index 3966fac..c06a142 100644
--- a/recipes-containers/go-digest/go-digest_git.bb
+++ b/recipes-containers/go-digest/go-digest_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://src/${PKG_NAME}/LICENSE.code;md5=9cd86830b557232ce55e
 SRCNAME = "go-digest"

 PKG_NAME = "github.com/opencontainers/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master"
+SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master;protocol=https"

 SRCREV = "b6234c321f263c503268e3b205f3d9755f9d14ed"
 PV = "v1.0.0-rc0+git${SRCPV}"
diff --git a/recipes-containers/go-errors/go-errors_git.bb b/recipes-containers/go-errors/go-errors_git.bb
index d7b3287..f1d7ef3 100644
--- a/recipes-containers/go-errors/go-errors_git.bb
+++ b/recipes-containers/go-errors/go-errors_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://src/${PKG_NAME}/LICENSE;md5=6fe682a02df52c6653f33bd0f
 SRCNAME = "errors"

 PKG_NAME = "github.com/pkg/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master"
+SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master;protocol=https"

 SRCREV = "5dd12d0cfe7f152f80558d591504ce685299311e"
 PV = "v0.8.1+git${SRCPV}"
diff --git a/recipes-containers/go-spf13-cobra/spf13-cobra_git.bb b/recipes-containers/go-spf13-cobra/spf13-cobra_git.bb
index 697ba4e..b272f16 100644
--- a/recipes-containers/go-spf13-cobra/spf13-cobra_git.bb
+++ b/recipes-containers/go-spf13-cobra/spf13-cobra_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://src/${PKG_NAME}/LICENSE.txt;md5=920d76114a32b0fb75b3f
 SRCNAME = "cobra"

 PKG_NAME = "github.com/spf13/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master"
+SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master;protocol=https"

 SRCREV = "b5d8e8f46a2f829f755b6e33b454e25c61c935e1"
 PV = "v0.0.1+git${SRCPV}"
diff --git a/recipes-containers/go-spf13-pflag/spf13-pflag_git.bb b/recipes-containers/go-spf13-pflag/spf13-pflag_git.bb
index c4c374e..ea63029 100644
--- a/recipes-containers/go-spf13-pflag/spf13-pflag_git.bb
+++ b/recipes-containers/go-spf13-pflag/spf13-pflag_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://src/${PKG_NAME}/LICENSE;md5=1e8b7dc8b906737639131047a
 SRCNAME = "pflag"

 PKG_NAME = "github.com/spf13/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master"
+SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master;protocol=https"

 SRCREV = "d5e0c0615acee7028e1e2740a11102313be88de1"
 PV = "v1.0.5+git${SRCPV}"
diff --git a/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb b/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb
index d30868c..64354f9 100644
--- a/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb
+++ b/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://src/${PKG_NAME}/LICENSE;md5=b355a61a394a504dacde901c9
 SRCNAME = "runtime-spec"

 PKG_NAME = "github.com/opencontainers/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master"
+SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master;protocol=https"

 SRCREV = "ab23082b188344f6fbb63a441ea00ffc2852d06d"
 PV = "v1.0.2+git${SRCPV}"
diff --git a/recipes-devtools/go/compose-file_git.bb b/recipes-devtools/go/compose-file_git.bb
index 1571265..c33a7ac 100644
--- a/recipes-devtools/go/compose-file_git.bb
+++ b/recipes-devtools/go/compose-file_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://src/${PKG_NAME}/LICENSE;md5=9cd86830b557232ce55e2a6b4
 SRCNAME = "compose-file"

 PKG_NAME = "github.com/aanand/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master"
+SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master;protocol=https"

 SRCREV = "a3e58764f50597b6217fec07e9bff7225c4a1719"
 PV = "3.0+git${SRCPV}"
diff --git a/recipes-devtools/go/go-capability_git.bb b/recipes-devtools/go/go-capability_git.bb
index 5c180e7..7e5ab11 100644
--- a/recipes-devtools/go/go-capability_git.bb
+++ b/recipes-devtools/go/go-capability_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a7304f5073e7be4ba7bffabbf9f2bbca"
 SRCNAME = "gocapability"

 PKG_NAME = "github.com/syndtr/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "2c00daeb6c3b45114c80ac44119e7b8801fdd852"
 PV = "0.0+git${SRCPV}"
diff --git a/recipes-devtools/go/go-cli_git.bb b/recipes-devtools/go/go-cli_git.bb
index 7db5fc5..ae67f8e 100644
--- a/recipes-devtools/go/go-cli_git.bb
+++ b/recipes-devtools/go/go-cli_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=ed9b539ed65d73926f30ff1f1587dc44"
 SRCNAME = "cli"

 PKG_NAME = "github.com/codegangsta/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "27ecc97192df1bf053a22b04463f2b51b8b8373e"
 PV = "1.1.0+git${SRCPV}"
diff --git a/recipes-devtools/go/go-connections_git.bb b/recipes-devtools/go/go-connections_git.bb
index 1bf6e94..ebfdb9f 100644
--- a/recipes-devtools/go/go-connections_git.bb
+++ b/recipes-devtools/go/go-connections_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://src/${PKG_NAME}/LICENSE;md5=04424bc6f5a5be60691b9824d
 SRCNAME = "go-connections"

 PKG_NAME = "github.com/docker/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master"
+SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master;protocol=https"

 SRCREV = "4ccf312bf1d35e5dbda654e57a9be4c3f3cd0366"
 PV = "0.2.1+git${SRCPV}"
diff --git a/recipes-devtools/go/go-context_git.bb b/recipes-devtools/go/go-context_git.bb
index ba0368b..37f39b3 100644
--- a/recipes-devtools/go/go-context_git.bb
+++ b/recipes-devtools/go/go-context_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=c50f6bd9c1e15ed0bad3bea18e3c1b7f"
 SRCNAME = "context"

 PKG_NAME = "github.com/gorilla/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "14f550f51af52180c2eefed15e5fd18d63c0a64a"

diff --git a/recipes-devtools/go/go-dbus_git.bb b/recipes-devtools/go/go-dbus_git.bb
index 39b14a5..4bf44d6 100644
--- a/recipes-devtools/go/go-dbus_git.bb
+++ b/recipes-devtools/go/go-dbus_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=09042bd5c6c96a2b9e45ddf1bc517eed"
 SRCNAME = "dbus"

 PKG_NAME = "github.com/godbus/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "5f6efc7ef2759c81b7ba876593971bfce311eab3"
 PV = "4.0.0+git${SRCPV}"
diff --git a/recipes-devtools/go/go-fsnotify_git.bb b/recipes-devtools/go/go-fsnotify_git.bb
index 2ae27b1..8aa1c76 100644
--- a/recipes-devtools/go/go-fsnotify_git.bb
+++ b/recipes-devtools/go/go-fsnotify_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=c38914c9a7ab03bb2b96d4baaee10769"
 SRCNAME = "fsnotify"

 PKG_NAME = "github.com/fsnotify/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "836bfd95fecc0f1511dd66bdbf2b5b61ab8b00b6"
 PV = "1.2.11+git${SRCPV}"
diff --git a/recipes-devtools/go/go-libtrust_git.bb b/recipes-devtools/go/go-libtrust_git.bb
index 404baf5..e2a28ec 100644
--- a/recipes-devtools/go/go-libtrust_git.bb
+++ b/recipes-devtools/go/go-libtrust_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=435b266b3899aa8a959f17d41c56def8"
 SRCNAME = "libtrust"

 PKG_NAME = "github.com/docker/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "9cbd2a1374f46905c68a4eb3694a130610adc62a"
 PV = "0.0+git${SRCPV}"
diff --git a/recipes-devtools/go/go-logrus_git.bb b/recipes-devtools/go/go-logrus_git.bb
index b54b32b..2c59d34 100644
--- a/recipes-devtools/go/go-logrus_git.bb
+++ b/recipes-devtools/go/go-logrus_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=8dadfef729c08ec4e631c4f6fc5d43a0"
 SRCNAME = "logrus"

 PKG_NAME = "github.com/Sirupsen/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "d26492970760ca5d33129d2d799e34be5c4782eb"
 PV = "0.11.0+git${SRCPV}"
diff --git a/recipes-devtools/go/go-metalinter_git.bb b/recipes-devtools/go/go-metalinter_git.bb
index 3bef3b5..3dda45c 100644
--- a/recipes-devtools/go/go-metalinter_git.bb
+++ b/recipes-devtools/go/go-metalinter_git.bb
@@ -9,7 +9,7 @@ BBCLASSEXTEND = "native"
 SRCNAME = "gometalinter"

 PKG_NAME = "github.com/alecthomas/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "e8d801238da6f0dfd14078d68f9b53fa50a7eeb5"
 PV = "0.0+git${SRCPV}"
diff --git a/recipes-devtools/go/go-mux_git.bb b/recipes-devtools/go/go-mux_git.bb
index c0db050..3f939f4 100644
--- a/recipes-devtools/go/go-mux_git.bb
+++ b/recipes-devtools/go/go-mux_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=c50f6bd9c1e15ed0bad3bea18e3c1b7f"
 SRCNAME = "mux"

 PKG_NAME = "github.com/gorilla/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "136d54f81f00414c45c3c68dd47e98cc97519c5e"

diff --git a/recipes-devtools/go/go-patricia_git.bb b/recipes-devtools/go/go-patricia_git.bb
index 1098560..4c29b57 100644
--- a/recipes-devtools/go/go-patricia_git.bb
+++ b/recipes-devtools/go/go-patricia_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=9949b99212edd6b1e24ce702376c3baf"
 SRCNAME = "go-patricia"

 PKG_NAME = "github.com/tchap/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "666120de432aea38ab06bd5c818f04f4129882c9"
 PV = "2.2.6+git${SRCPV}"
diff --git a/recipes-devtools/go/go-pty_git.bb b/recipes-devtools/go/go-pty_git.bb
index 0baa70d..132e82d 100644
--- a/recipes-devtools/go/go-pty_git.bb
+++ b/recipes-devtools/go/go-pty_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://License;md5=93958070863d769117fa33b129020050"
 SRCNAME = "pty"

 PKG_NAME = "github.com/creack/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;branch=master"
+SRC_URI = "git://${PKG_NAME}.git;branch=master;protocol=https"

 SRCREV = "05017fcccf23c823bfdea560dcc958a136e54fb7"

diff --git a/recipes-devtools/go/notary_git.bb b/recipes-devtools/go/notary_git.bb
index 3e908a0..972da5e 100644
--- a/recipes-devtools/go/notary_git.bb
+++ b/recipes-devtools/go/notary_git.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://src/${PKG_NAME}/LICENSE;md5=3596b980bb036e0875174ed15
 SRCNAME = "notary"

 PKG_NAME = "github.com/docker/${SRCNAME}"
-SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master"
+SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME};branch=master;protocol=https"

 SRCREV = "d6e1431feb32348e0650bf7551ac5cffd01d857b"
 PV = "0.6.1+git${SRCPV}"
--
2.32.0

update to 4.0.11

1.drop two patches that have been integrated to upstream repo.
2.drop tests-add-no-validate-when-using-download-template.patch
  because it is no longer appropriate as the "download" has been
  replaced with "busybox"
3.fix the apply failure of templates-use-curl-instead-of-wget.patch
4.update lxc from 4.0.10 to 4.0.11

Signed-off-by: Yanfei Xu <yanfei.xu@...>
---
 ...omp_profile_when_compiled_libseccomp.patch | 46 ----------
 .../lxc/files/fix_c_command.patch             | 36 --------
 .../templates-use-curl-instead-of-wget.patch  | 23 ++---
 ...alidate-when-using-download-template.patch | 85 -------------------
 recipes-containers/lxc/lxc_git.bb             |  7 +-
 5 files changed, 15 insertions(+), 182 deletions(-)
 delete mode 100644 recipes-containers/lxc/files/enable_seccomp_profile_when_compiled_libseccomp.patch
 delete mode 100644 recipes-containers/lxc/files/fix_c_command.patch
 delete mode 100644 recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch

diff --git a/recipes-containers/lxc/files/enable_seccomp_profile_when_compiled_libseccomp.patch b/recipes-containers/lxc/files/enable_seccomp_profile_when_compiled_libseccomp.patch
deleted file mode 100644
index f0a58139..00000000
--- a/recipes-containers/lxc/files/enable_seccomp_profile_when_compiled_libseccomp.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 3d46e1d1f8e904fddd4fab3e8d0c6cf57d2ddd4e Mon Sep 17 00:00:00 2001
-From: Maximilian Blenk <Maximilian.Blenk@...>
-Date: Mon, 23 Aug 2021 22:04:40 +0200
-Subject: [PATCH] config: enable seccomp profile only when compiled with
- libseccomp
-
-Make lxc fail if seccomp.profile is specified but lxc is compiled
-without seccomp support. Currently, seccomp.profile is silently ignored
-if is specified in such a scenario. This could lead to the false
-impression that the seccomp filter is applied while it actually isn't.
-
-Signed-off-by: Maximilian Blenk <Maximilian.Blenk@...>
----
- src/lxc/confile.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-Upstream-Status: Submitted [https://github.com/lxc/lxc/pull/3947/commits/3d46e1d1f8e904fddd4fab3e8d0c6cf57d2ddd4e]
-
-diff --git a/src/lxc/confile.c b/src/lxc/confile.c
-index d8b96c6921..1cc8da15f1 100644
---- a/src/lxc/confile.c
-+++ b/src/lxc/confile.c
-@@ -1211,7 +1211,11 @@ static int set_config_seccomp_notify_proxy(const char *key, const char *value,
- static int set_config_seccomp_profile(const char *key, const char *value,
-                                     struct lxc_conf *lxc_conf, void *data)
- {
-+#ifdef HAVE_SECCOMP
-       return set_config_path_item(&lxc_conf->seccomp.seccomp, value);
-+#else
-+      return ret_set_errno(-1, ENOSYS);
-+#endif
- }
-
- static int set_config_execute_cmd(const char *key, const char *value,
-@@ -4383,7 +4387,11 @@ static int get_config_seccomp_notify_proxy(const char *key, char *retv, int inle
- static int get_config_seccomp_profile(const char *key, char *retv, int inlen,
-                                     struct lxc_conf *c, void *data)
- {
-+#ifdef HAVE_SECCOMP
-       return lxc_get_conf_str(retv, inlen, c->seccomp.seccomp);
-+#else
-+      return ret_errno(ENOSYS);
-+#endif
- }
-
- static int get_config_autodev(const char *key, char *retv, int inlen,
diff --git a/recipes-containers/lxc/files/fix_c_command.patch b/recipes-containers/lxc/files/fix_c_command.patch
deleted file mode 100644
index 1ed8dafd..00000000
--- a/recipes-containers/lxc/files/fix_c_command.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From 9becf309a81806ef08acf9ca99ab95c1bcfa1f65 Mon Sep 17 00:00:00 2001
-From: Maximilian Blenk <Maximilian.Blenk@...>
-Date: Mon, 23 Aug 2021 15:39:28 +0200
-Subject: [PATCH] attach: Fix -c command
-
-Currently, the -c command (to set the selinux context) seems to be
-broken because the passed context is ignored and always overwritten by
-the context specified in the config file. The intention behind the -c
-imho was to be able to manually overwrite this behavior. This patch
-ensures that the selinux context will be set if passed via the command
-line.
-
-Signed-off-by: Maximilian Blenk <Maximilian.Blenk@...>
----
- src/lxc/tools/lxc_attach.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-Upstream-Status: Backport [https://github.com/lxc/lxc/commit/9becf309a81806ef08acf9ca99ab95c1bcfa1f65.patch]
-Comment: No change in any hunk
-
-diff --git a/src/lxc/tools/lxc_attach.c b/src/lxc/tools/lxc_attach.c
-index 0374d980b4..e6b388b20c 100644
---- a/src/lxc/tools/lxc_attach.c
-+++ b/src/lxc/tools/lxc_attach.c
-@@ -379,7 +379,10 @@ int main(int argc, char *argv[])
-               attach_options.gid = my_args.gid;
-
-       // selinux_context will be NULL if not set
--      attach_options.lsm_label = selinux_context;
-+      if (selinux_context) {
-+              attach_options.attach_flags |= LXC_ATTACH_LSM_LABEL;
-+              attach_options.lsm_label = selinux_context;
-+      }
-
-       if (command.program) {
-               ret = c->attach_run_wait(c, &attach_options, command.program,
diff --git a/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch b/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch
index 156df82f..4556293a 100644
--- a/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch
+++ b/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch
@@ -1,4 +1,4 @@
-From 07890dd8ffdcd08b7be1ddbd9f56ac55482c76bb Mon Sep 17 00:00:00 2001
+From 1db2db7783bd7ec2aa1da86e640019891634c659 Mon Sep 17 00:00:00 2001
 From: Joakim Roubert <joakimr@...>
 Date: Fri, 16 Aug 2019 07:52:48 +0200
 Subject: [PATCH] Use curl instead of wget
@@ -7,16 +7,16 @@ When curl's MIT license is preferable to wget's GPLv3.

 Change-Id: I4684ae7569704514fdcc63e0655c556efcaf44f8
 Signed-off-by: Joakim Roubert <joakimr@...>
-
+Signed-off-by: Yanfei Xu <yanfei.xu@...>
 ---
  templates/lxc-download.in | 10 +++++-----
  1 file changed, 5 insertions(+), 5 deletions(-)

 diff --git a/templates/lxc-download.in b/templates/lxc-download.in
-index d7e6128..8a4b567 100644
+index e8570692a..f7291b0cc 100755
 --- a/templates/lxc-download.in
 +++ b/templates/lxc-download.in
-@@ -74,9 +74,9 @@ cleanup() {
+@@ -75,9 +75,9 @@ cleanup() {
    fi
  }

@@ -28,18 +28,18 @@ index d7e6128..8a4b567 100644
        return 0
      fi
    done
-@@ -85,8 +85,8 @@ wget_wrapper() {
+@@ -86,8 +86,8 @@ wget_wrapper() {
  }

  download_file() {
--  if ! wget_wrapper -T 30 -q "https://${DOWNLOAD_SERVER}/$1" -O "$2" >/dev/null 2>&1; then
--    if ! wget_wrapper -T 30 -q "http://${DOWNLOAD_SERVER}/$1" -O "$2" >/dev/null 2>&1; then
-+  if ! curl_wrapper -m 30 -s "https://${DOWNLOAD_SERVER}/$1" -o "$2" >/dev/null 2>&1; then
-+    if ! curl_wrapper -m 30 -s "http://${DOWNLOAD_SERVER}/$1" -o "$2" >/dev/null 2>&1; then
+-  if ! wget_wrapper --user-agent="lxc/@PACKAGE_VERSION@ compat:${DOWNLOAD_COMPAT_LEVEL}" -T 30 -q "https://${DOWNLOAD_SERVER}/$1" -O "$2" >/dev/null 2>&1; then
+-    if ! wget_wrapper --user-agent="lxc/@PACKAGE_VERSION@ compat:${DOWNLOAD_COMPAT_LEVEL}" -T 30 -q "http://${DOWNLOAD_SERVER}/$1" -O "$2" >/dev/null 2>&1; then
++  if ! curl_wrapper --user-agent="lxc/@PACKAGE_VERSION@ compat:${DOWNLOAD_COMPAT_LEVEL}" -m 30 -s "https://${DOWNLOAD_SERVER}/$1" -o "$2" >/dev/null 2>&1; then
++    if ! curl_wrapper --user-agent="lxc/@PACKAGE_VERSION@ compat:${DOWNLOAD_COMPAT_LEVEL}" -m 30 -s "http://${DOWNLOAD_SERVER}/$1" -o "$2" >/dev/null 2>&1; then
        if [ "$3" = "noexit" ]; then
          return 1
        else
-@@ -271,7 +271,7 @@ while :; do
+@@ -277,7 +277,7 @@ while :; do
  done

  # Check for required binaries
@@ -48,3 +48,6 @@ index d7e6128..8a4b567 100644
    if ! command -V "${bin}" >/dev/null 2>&1; then
      echo "ERROR: Missing required tool: ${bin}" 1>&2
      exit 1
+--
+2.27.0
+
diff --git a/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch b/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch
deleted file mode 100644
index f335e796..00000000
--- a/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From 1c2506434e744d8c6a86e42c9d8bae4cde7553f6 Mon Sep 17 00:00:00 2001
-From: Mark Asselstine <mark.asselstine@...>
-Date: Thu, 31 May 2018 15:14:26 -0400
-Subject: [PATCH] tests: add '--no-validate' when using download template
-
-We are usually running the ptests with core-image-minimal which has no
-mechanism to validate the downloads. Validation isn't really of
-interest to this test at any rate so simply add '--no-validate' to
-avoid failing due to no GPG validation.
-
-Signed-off-by: Mark Asselstine <mark.asselstine@...>
-
----
- src/tests/lxc-test-apparmor-mount | 2 +-
- src/tests/lxc-test-autostart      | 2 +-
- src/tests/lxc-test-no-new-privs   | 2 +-
- src/tests/lxc-test-unpriv         | 2 +-
- src/tests/lxc-test-usernic.in     | 2 +-
- 5 files changed, 5 insertions(+), 5 deletions(-)
-
-Index: lxc-4.0.9/src/tests/lxc-test-apparmor-mount
-===================================================================
---- lxc-4.0.9.orig/src/tests/lxc-test-apparmor-mount
-+++ lxc-4.0.9/src/tests/lxc-test-apparmor-mount
-@@ -170,7 +170,7 @@
-     done
- fi
-
--run_cmd lxc-create -t download -n $cname -- -d ubuntu -r $release -a $ARCH
-+run_cmd lxc-create -t download -n $cname -- --no-validate -d ubuntu -r $release -a $ARCH
-
- echo "test default confined container"
- run_cmd lxc-start -n $cname -d -lDEBUG -o "$logfile"
-Index: lxc-4.0.9/src/tests/lxc-test-autostart
-===================================================================
---- lxc-4.0.9.orig/src/tests/lxc-test-autostart
-+++ lxc-4.0.9/src/tests/lxc-test-autostart
-@@ -55,7 +55,7 @@
-     done
- fi
-
--lxc-create -t download -n $CONTAINER_NAME -B dir -- -d ubuntu -r $release -a $ARCH
-+lxc-create -t download -n $CONTAINER_NAME -B dir -- --no-validate -d ubuntu -r $release -a $ARCH
- CONTAINER_PATH=$(dirname $(lxc-info -n $CONTAINER_NAME -c lxc.rootfs.path -H) | sed -e 's/dir://')
- cp $CONTAINER_PATH/config $CONTAINER_PATH/config.bak
-
-Index: lxc-4.0.9/src/tests/lxc-test-no-new-privs
-===================================================================
---- lxc-4.0.9.orig/src/tests/lxc-test-no-new-privs
-+++ lxc-4.0.9/src/tests/lxc-test-no-new-privs
-@@ -49,7 +49,7 @@
-       ARCH=$(dpkg --print-architecture)
- fi
-
--lxc-create -t download -n c1 -- -d ubuntu -r xenial -a $ARCH
-+lxc-create -t download -n c1 -- --no-validate -d ubuntu -r xenial -a $ARCH
- echo "lxc.no_new_privs = 1" >> /var/lib/lxc/c1/config
-
- lxc-start -n c1
-Index: lxc-4.0.9/src/tests/lxc-test-unpriv
-===================================================================
---- lxc-4.0.9.orig/src/tests/lxc-test-unpriv
-+++ lxc-4.0.9/src/tests/lxc-test-unpriv
-@@ -178,7 +178,7 @@
-     cp -R /var/cache/lxc/download $HDIR/.cache/lxc && \
-     chown -R $TUSER: $HDIR/.cache/lxc
-
--run_cmd lxc-create -t download -n c1 -l trace -o "${UNPRIV_LOG}" -- -d ubuntu -r $release -a $ARCH
-+run_cmd lxc-create -t download -n c1 -l trace -o "${UNPRIV_LOG}" -- --no-validate -d ubuntu -r $release -a $ARCH
-
- # Make sure we can start it - twice
-
-Index: lxc-4.0.9/src/tests/lxc-test-usernic.in
-===================================================================
---- lxc-4.0.9.orig/src/tests/lxc-test-usernic.in
-+++ lxc-4.0.9/src/tests/lxc-test-usernic.in
-@@ -147,7 +147,7 @@
- fi
-
- # Create three containers
--run_cmd "lxc-create -t download -n b1 -- -d ubuntu -r $release -a $ARCH"
-+run_cmd "lxc-create -t download -n b1 -- --no-validate -d ubuntu -r $release -a $ARCH"
- run_cmd "lxc-start -n b1 -d"
- p1=$(run_cmd "lxc-info -n b1 -p -H")
-
diff --git a/recipes-containers/lxc/lxc_git.bb b/recipes-containers/lxc/lxc_git.bb
index f5b5128b..ba1cef5a 100644
--- a/recipes-containers/lxc/lxc_git.bb
+++ b/recipes-containers/lxc/lxc_git.bb
@@ -46,15 +46,12 @@ SRC_URI = "git://github.com/lxc/lxc.git;branch=stable-4.0 \
        file://template-make-busybox-template-compatible-with-core-.patch \
        file://templates-use-curl-instead-of-wget.patch \
        file://tests-our-init-is-not-busybox.patch \
-       file://tests-add-no-validate-when-using-download-template.patch \
        file://dnsmasq.conf \
        file://lxc-net \
-        file://enable_seccomp_profile_when_compiled_libseccomp.patch \
-        file://fix_c_command.patch \
        "

-SRCREV = "cec7cb14b2a4367d4cb21a90e1b90d0f98a9d874"
-PV = "4.0.10+git${SRCPV}"
+SRCREV = "48e079bf318982ae7d5684feeb7358870fa71c10"
+PV = "4.0.11+git${SRCPV}"

 S = "${WORKDIR}/git"

--
2.27.0

On Thu, Oct 28, 2021 at 4:36 AM Diego Sueiro <Diego.Sueiro@...> wrote:
>
>
> Hi Bruce,
>
> Any expectations to have this patch chain backported to honister?
>

I've tagged them for backport, I was just busy trying to figure out
why python 3.10 is breaking master.

I expect to get to them shortly.

Bruce


> If it helps, we can send the patches targeting honister to the mailing list.
>
> Regards,
> Diego Sueiro
>
> ________________________________
> From: meta-virtualization@... <meta-virtualization@...> on behalf of Kamil Dziezyk via lists.yoctoproject.org <kamil.dziezyk=arm.com@...>
> Sent: 22 October 2021 08:37
> To: meta-virtualization@... <meta-virtualization@...>
> Subject: Re: [meta-virtualization] [PATCH 1/2] k3s: Update k3s service configuration
>
>
> Hello Bruce,
>
> Can you backport these two k3s patches to honister branch?
>
> Thanks,
>
> Kamil



--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II