Date   

Re: New Override Syntax

Darcy Watkins
 

Hi,

My apologies. I don't think I made my question clear. I am asking about the compatibility of old style override syntax moving forward (and new style syntax in old versions).

So if I continue using the old style override syntax (to ensure sure compatibility for use with older Yocto versions), at what future Yocto/OE release do you expect that old style override syntax will become erroneous (as opposed to say triggering deprecation warnings, etc)?

Is support for the new style override syntax present in any existing Yocto/OpenEmbedded releases (in other words, has it been there for a while, but we are just now actively migrating to use it)? If so, how far back does it go?


Regards,

Darcy

Darcy Watkins :: Senior Staff Engineer, Firmware

SIERRA WIRELESS
Direct +1 604 233 7989 :: Fax +1 604 231 1109 :: Main +1 604 231 1100
13811 Wireless Way :: Richmond, BC Canada V6V 3A4
[M4]
dwatkins@... :: www.sierrawireless.com <http://www.sierrawireless.com/>

On 2021-08-10, 10:17 AM, "Michael Opdenacker" <michael.opdenacker@...> wrote:

Hi again Darcy,

On 8/10/21 6:35 PM, Michael Opdenacker wrote:
> Where can we find until when the current releases are going to be
> supported? Such information doesn't appear on
> https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.yoctoproject.org%2Fwiki%2FReleases&;data=04%7C01%7Cdwatkins%40sierrawireless.com%7C672b1b0d748041f1a5e108d95c22b3d0%7C08059a4c248643dd89e33a747e0dcbe8%7C1%7C0%7C637642126398105344%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=yqtJtouZsl7JBRtIfvYrRNmNAIa40d5vyk5%2BZl0sy7g%3D&amp;reserved=0

I haven't managed to get such information yet, so I opened a bug to make
sure I get an answer by Thursday, when we have our bug triage meeting.

Here's the bug: https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.yoctoproject.org%2Fshow_bug.cgi%3Fid%3D14503&;data=04%7C01%7Cdwatkins%40sierrawireless.com%7C672b1b0d748041f1a5e108d95c22b3d0%7C08059a4c248643dd89e33a747e0dcbe8%7C1%7C0%7C637642126398105344%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=cyIznH%2F%2B%2BPzccxcue710LByZiJGI9tx7%2B4fiyLK6Ba8%3D&amp;reserved=0
Don't hesitate to subscribe to it.

Cheers
Michael.

--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbootlin.com%2F&;data=04%7C01%7Cdwatkins%40sierrawireless.com%7C672b1b0d748041f1a5e108d95c22b3d0%7C08059a4c248643dd89e33a747e0dcbe8%7C1%7C0%7C637642126398105344%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=N2uSry78vScI0moDWsDvzJCT53avVXzvIBoY9P9Vn7U%3D&amp;reserved=0


#yocto debbuging option under zeus #yocto

Monsees, Steven C (US)
 

 

I ran across the following under the Yocto Project Profiling and Tracing Manual, and after checking my ipk data files/layout, I was wondering if someone could tell me, if ipk is capable of performing a similar set of operations to install my debug data ?, and if so, what would be the correct command sequence ?

 

“ The debug packages once built can be found in build/tmp/deploy/rpm/* on the host system. Find the busybox-dbg-...rpm file and copy it to the target. For example:

 

[trz@empanada core2]$ scp /home/trz/yocto/crownbay-tracing-dbg/build/tmp/deploy/rpm/core2_32/busybox-dbg-1.20.2r2.core2_32.rpm root@....31:

     root@....31's password:

     busybox-dbg-1.20.2-r2.core2_32.rpm                     100% 1826KB   1.8MB/s   00:01

 

Now install the debug rpm on the target:

     root@crownbay:~# rpm -i busybox-dbg-1.20.2-r2.core2_32.rpm

 

Thanks,

Steve


Re: New Override Syntax

Michael Opdenacker
 

Hi again Darcy,

On 8/10/21 6:35 PM, Michael Opdenacker wrote:
Where can we find until when the current releases are going to be
supported? Such information doesn't appear on
https://wiki.yoctoproject.org/wiki/Releases
I haven't managed to get such information yet, so I opened a bug to make
sure I get an answer by Thursday, when we have our bug triage meeting.

Here's the bug: https://bugzilla.yoctoproject.org/show_bug.cgi?id=14503
Don't hesitate to subscribe to it.

Cheers
Michael.

--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com


Re: yocto 3.1.3 cant seem to remove run-postinsts

Michael Opdenacker
 

Hi Jared,

On 8/10/21 4:46 PM, jared_terry@... wrote:
https://www.yoctoproject.org/docs/3.1.3/ref-manual/ref-manual.html#migration-2.1-miscellaneous-changes
<https://www.yoctoproject.org/docs/3.1.3/ref-manual/ref-manual.html#migration-2.1-miscellaneous-changes>

IMAGE_FEATURES="debug-tweaks read-only-rootfs"

according to the manual having read-only-rootfs should remove
run-postinsts and I still have it.  How can I get rid of this?

That's not what I understand from the manual. From
https://docs.yoctoproject.org/dev-manual/common-tasks.html#post-installation-scripts-and-read-only-root-filesystem,
I understand that the build system makes sure that the post install
scripts all succeed, so there is no need to run them again on the target.

Why would you want to skip the post install scripts?

Cheers,
Michael.

--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com


Re: New Override Syntax

Michael Opdenacker
 

Hi Darcy,

On 8/10/21 6:16 PM, Darcy Watkins wrote:

Hi,

 

Does anyone know how long (or how many releases) that the old override
syntax will still be supported?  (Like a deprecation EOL cycle).

 

A corollary question: How far back in old releases is the new syntax
supported?

 

This potentially affects layers that have a single branch that support
multiple versions of Yocto/OE.
IANTM (I Am Not The Maintainers!), but I know that the old override
syntax will be supported in the maintained releases as long as they are
supported:

* Dunfell 3.1, Long Term Support
* Gatesgarth 3.2, now reaching end of life as written on
https://wiki.yoctoproject.org/wiki/Releases
* Hardknott 3.3, the latest version, still supported.

I know I haven't replied to your first question yet, so here's a
question for other people on the list...

Where can we find until when the current releases are going to be
supported? Such information doesn't appear on
https://wiki.yoctoproject.org/wiki/Releases

To reply to your second question, I believe the new syntax will be
supported in the upcoming updates to  Dunfell 3.1, Gatesgarth 3.2
(provided an update release is made), Hardknott 3.3 and of course in the
upcoming Honister 3.4 release.

I hope this helps. I'm trying to get an answer to the end-of-life question.

Cheers,
Michael.

--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com


New Override Syntax

Darcy Watkins
 

Hi,

 

Does anyone know how long (or how many releases) that the old override syntax will still be supported?  (Like a deprecation EOL cycle).

 

A corollary question: How far back in old releases is the new syntax supported?

 

This potentially affects layers that have a single branch that support multiple versions of Yocto/OE.

 

Thanks!

 

 

 

Regards,

 

Darcy

 

Darcy Watkins ::  Senior Staff Engineer, Firmware

 

SIERRA WIRELESS

Direct  +1 604 233 7989   ::  Fax  +1 604 231 1109  ::  Main  +1 604 231 1100

13811 Wireless Way  :: Richmond, BC Canada V6V 3A4

[M4]

dwatkins@... :: www.sierrawireless.com


yocto 3.1.3 cant seem to remove run-postinsts

jared_terry@...
 

https://www.yoctoproject.org/docs/3.1.3/ref-manual/ref-manual.html#migration-2.1-miscellaneous-changes

IMAGE_FEATURES="debug-tweaks read-only-rootfs"

according to the manual having read-only-rootfs should remove run-postinsts and I still have it.  How can I get rid of this?

local.conf:   PACKAGE_EXCLUDE = "run-postinsts"

This didn't do anything either.


Yocto Project Status WW32`21

Stephen Jolley
 

Current Dev Position: YP 3.4 M3

Next Deadline: 23rd Aug. 2021 YP 3.4 M3 build (Feature Freeze)

 

Next Team Meetings:

 

Key Status/Updates:

  • YP 3.3.2 was released
  • YP 3.1.10 is due to be released imminently
  • OE-Core has moved to the new override syntax and is now only compatible with the honister release series. Other layers will need to migrate to the new syntax to work with it. There is documentation about handling migration to the new syntax in the migration section of the manual:

http://docs.yoctoproject.org/migration-guides/migration-3.4.html#override-syntax-changes

  • There has been at least one important bug fix to the overrides syntax change in OE-Core but in general layers do seem to be migrating over and there has been a lot of positive feedback about making this change from a readability perspective. Some additional variables were converted for consistency too.
  • In the last week long standing bugs were fixed, such as being able to use the devupstream class with natively extended recipes, some bitbake hangs in unusual situations with cleanups to the error paths around this and improvements to LTO with regard to binary reproducibility. 
  • The prserv rewrite is making progress but still has some issues with python asyncio.
  • Intermittent issues are ongoing, particularly ptest ones. Help is very much welcome on these issues. You can see the list of failures we’re continuing to see by searching for the “AB-INT” tag in bugzilla: https://bugzilla.yoctoproject.org/buglist.cgi?quicksearch=AB-INT
  • The multiconfig changes pending in master-next for a long time were merged as the approach used is better overall. If anyone still sees multiconfig scheduling bugs, please report those.

 

Ways to contribute:

 

YP 3.4 Milestone Dates:

  • YP 3.4 M3 build date 2021/08/23 (Feature Freeze)
  • YP 3.4 M3 Release date 2021/09/03
  • YP 3.4 M4 build date 2021/10/04
  • YP 3.4 M4 Release date 2021/10/29

 

Planned upcoming dot releases:

  • YP 3.3.2 is released
  • YP 3.1.10 is out of QA.
  • YP 3.1.10 release date 2021/08/06
  • YP 3.1.11 build date 2021/09/13
  • YP 3.1.11 release date 2021/9/24

 

Tracking Metrics:

 

The Yocto Project’s technical governance is through its Technical Steering Committee, more information is available at:

https://wiki.yoctoproject.org/wiki/TSC

 

The Status reports are now stored on the wiki at: https://wiki.yoctoproject.org/wiki/Weekly_Status

 

[If anyone has suggestions for other information you’d like to see on this weekly status update, let us know!]

 

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


M+ & H bugs with Milestone Movements WW32

Stephen Jolley
 

All,

YP M+ or high bugs which moved to a new milestone in WW32 are listed below:

Priority

Bug ID

Short Description

Changer

Owner

Was

Became

Medium+

12090

bitbake resident server reconnect handling needed

richard.purdie@...

richard.purdie@...

3.4 M3

3.99

 

13768

base-files do_package fatal error in subprocess

randy.macleod@...

mingli.yu@...

3.4 M2

3.4 M3

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


Enhancements/Bugs closed WW32!

Stephen Jolley
 

All,

The below were the owners of enhancements or bugs closed during the last week!

Who

Count

richard.purdie@...

13

michael.opdenacker@...

2

Grand Total

15

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


What is the best way to get Environment variables setup in my shell script for export PATH?

JH
 

Hi,

Please correct me, but I think the system environment set up in Yocto
Linux may not be the same as other distributions. I have a shell
script to set up export PATH and LD_LIBRARY_PATH, I want to avoid
putting full path in ExecStart and all of my shell scripts

ExecStart=my_measurement.sh

I have been thinking of the following options, but I am not sure which
one works, if the syntax is correct or not, which one is the best for
common practice, appreciate your advice.

(1) Setup in all systemd service scripts

[Service]
EnvironmentFile=/usr/bin/my_export.sh
ExecStart=my_measurement.sh

Is the syntax above statements in service scripts correct? Will it work?

(2) Add my_export.sh to /etc/profile.d

That one works for Ubuntu, Debian and CentOS, will all Yocto systemd
service scripts pick up environment setup from /etc/profile.d
automatically in Yocto Linux distribution?

(3) Add my_export.sh to /etc/default

Some distributions automatically pick setup from /etc/default, does it
work for Yocto Linux for systemd service scripts to pick up
my_export.sh setup from /etc/default?

Thank you.

Kind regards,

- jupiter


Current high bug count owners for Yocto Project 3.4

Stephen Jolley
 

All,

Below is the list as of top 50 bug owners as of the end of WW32 of who have open medium or higher bugs and enhancements against YP 3.4.   There are 57 possible work days left until the final release candidates for YP 3.4 needs to be released.

Who

Count

ross@...

34

michael.opdenacker@...

27

david.reyna@...

22

richard.purdie@...

19

bruce.ashfield@...

18

trevor.gamblin@...

12

timothy.t.orling@...

12

JPEWhacker@...

10

randy.macleod@...

10

bluelightning@...

10

sakib.sajal@...

10

tony.tascioglu@...

8

kai.kang@...

7

chee.yang.lee@...

5

hongxu.jia@...

4

Qi.Chen@...

4

akuster808@...

3

mingli.yu@...

3

mostthingsweb@...

3

jaewon@...

2

alexandre.belloni@...

2

yi.zhao@...

2

raj.khem@...

2

yf3yu@...

2

alejandro@...

2

mshah@...

2

john.kaldas.enpj@...

1

shachar@...

1

diego.sueiro@...

1

ydirson@...

1

mister_rs@...

1

dl9pf@...

1

devendra.tewari@...

1

open.source@...

1

kergoth@...

1

pokylinux@...

1

stacygaikovaia@...

1

nicolas.dechesne@...

1

yoctoproject@...

1

mark.hatle@...

1

sangeeta.jain@...

1

douglas.royds@...

1

jon.mason@...

1

paul@...

1

Martin.Jansa@...

1

naveen.kumar.saini@...

1

mhalstead@...

1

tonyb@...

1

jeanmarie.lemetayer@...

1

vinay.m.engg@...

1

aehs29@...

1

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


Yocto Project Newcomer & Unassigned Bugs - Help Needed

Stephen Jolley
 

All,

 

The triage team is starting to try and collect up and classify bugs which a newcomer to the project would be able to work on in a way which means people can find them. They're being listed on the triage page under the appropriate heading:

https://wiki.yoctoproject.org/wiki/Bug_Triage#Newcomer_Bugs  Also please review: https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded and how to create a bugzilla account at: https://bugzilla.yoctoproject.org/createaccount.cgi

The idea is these bugs should be straight forward for a person to help work on who doesn't have deep experience with the project.  If anyone can help, please take ownership of the bug and send patches!  If anyone needs help/advice there are people on irc who can likely do so, or some of the more experienced contributors will likely be happy to help too.

 

Also, the triage team meets weekly and does its best to handle the bugs reported into the Bugzilla. The number of people attending that meeting has fallen, as have the number of people available to help fix bugs. One of the things we hear users report is they don't know how to help. We (the triage team) are therefore going to start reporting out the currently 374 unassigned or newcomer bugs.

 

We're hoping people may be able to spare some time now and again to help out with these.  Bugs are split into two types, "true bugs" where things don't work as they should and "enhancements" which are features we'd want to add to the system.  There are also roughly four different "priority" classes right now, “3.2”, “3.3, "3.99" and "Future", the more pressing/urgent issues being in "3.2" and then “3.3”.

 

Please review this link and if a bug is something you would be able to help with either take ownership of the bug, or send me (sjolley.yp.pm@...) an e-mail with the bug number you would like and I will assign it to you (please make sure you have a Bugzilla account).  The list is at: https://wiki.yoctoproject.org/wiki/Bug_Triage_Archive#Unassigned_or_Newcomer_Bugs

 

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


Re: How does one add do_fetch, do_unpack to an image recipe?

John Klug
 

Thanks for your great help. A native recipe is what I needed with data in it only. So my native recipe copies files into ${D}${datadir}/${PN}.

Then my image build uses DEPENDS= to bring in the native recipe.

Then my IMAGE_POSTPROCESS_COMMAND can reference ${STAGING_DATADIR_NATIVE}/[native recipe name] to find the data it needs.

Then I don't need to patch the bbclass file.


From: yocto@... <yocto@...> on behalf of Josef Holzmayr <jester@...>
Sent: Monday, August 9, 2021 12:41 AM
To: yocto@...
Subject: Re: [yocto] How does one add do_fetch, do_unpack to an image recipe?
 
Howdy!

Am 07.08.2021 um 02:25 schrieb John Klug:
I am using dunfell.

In the documentation I see:

http://mail2.multitech.com:32224/?dmVyPTEuMDAxJiYyOTU2NDk0NDY2NmQ1NDQyND02MTEwQzAxOF8yMDIxXzcwNzFfMSYmYjc2MzZjMTgxNGE4NTkzPTIzMzMmJnVybD1odHRwcyUzQSUyRiUyRnd3dyUyRXlvY3RvcHJvamVjdCUyRW9yZyUyRmRvY3MlMkZjdXJyZW50JTJGYml0YmFrZS11c2VyLW1hbnVhbCUyRmJpdGJha2UtdXNlci1tYW51YWwlMkVodG1sJTIzdW5zZXR0aW5nLXZhcmlhYmxlcw==

In case some filter removes the yocto URL, I am referring to:

      docs/current/bitbake-user-manual/bitbake-user-manual.html#unsetting-variables

Which has this example:

      unset do_fetch[noexec]

If I put this in my image recipe, the do_fetch noexec item still exists.

In order to fix this problem I had to patch openembedded-core/meta/classes/image.bbclass, and remove the line setting do_fetch[noexec]="1" and the ones following.

I need to do a fetch for my IMAGE_POSTPROCESS_COMMAND.
 From first glance, I'd guess that the approach is just not correct. If
that thing to be fetched also needs to go *into* the image: make it a
recipe on its own. If you only need it during build time, then it should
probably be a -native dependency, and therefore again a recipe on its
own. Then the image recipe can depend on it and use its contents during
the build/postprocess stage.

Greetz



Thanks.





Audio playback issue with ogg123 (vorbis-tools)

Michael Opdenacker
 

Greetings,

I'm trying to play an Ogg/Vorbis sample from an image I generated with
Poky (master) and meta-oe (master), by adding "ogg123" and "alsa-utils"
(for testing purposes) to "core-image-minimal".

I built the image for qemux86-64 and tested it ran in a chroot on my x86
build machine. I mounted proc, sysfs and devtmpfs on /proc, /sys/ and
/dev in the chroot, respectively.

I could play a WAV file through "aplay" (from alsa-utils) from the
chroot, but I didn't manage to play an Ogg/Vorbis sample on the audio card:
# ogg123 /sample.ogg
=== Could not load default driver and no driver specified in config
file. Exiting.

However, I could "play" the sample file to a WAV file:
ogg123 -d wav -f output.wav /sample.ogg

Looking at the code, it seems there's a back-end issue (libao,
alsa-lib?), so I suspect ogg123 or libao were built with missing
features. I checked that libao was configured with Alsa support.

I'll go on investigating, but if you have ideas, I'm interested!

Cheers,
Michael.

--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com


Re: Hello world recipe

Bel Hadj Salem Talel <bhstalel@...>
 

It is clear that the build system cannot find anything that is providing 'python-hello' recipe.

Which means it parsed all layers in bblayers.conf and it didn't find any python-hello_*.bb file (the _* is the version)

It is mentioned in the tutorial that you provided that the recipe should be in meta-layer/recipes-custom/python-hello

So, you need to create that layer, follow:

bitbake-layers create-layer meta-custom
bitbake-layers add-layer meta-custom

Now, in that layer create folders: recipes-custom/python-hello, in that you should have:

1. another folder: files in that you put python-hello.py
2. python-hello.bb

the content of all of that is in the tutorial .


Hello world recipe

yasminebenghozzi6@...
 

Hello everyone, 
SO i ve been following this tutorial to be able to execute hello world on the raspberry pi, but i tried so much and still not working, please any help? e 
I followed the tutorial from the Scripts et modules PYthon part: https://www.blaess.fr/christophe/yocto-lab/sequence-III-1/index.html#scripts-et-modules-python


[meta-selinux][dunfell][PATCH] libselinux: Backport class cache flushing patch from 3.1

Daniel Danner <daniel.danner@...>
 

This fixes a bug in libselinux that gets triggered by loading another
policy at runtime. Before this patch, the userspace class cache was not
flushed when a new policy was loaded. This led to SELinux-aware
processes performing invalid lookups if their lifecycle overlapped with
a policy load. Specifically, lookups performed by dbus-daemon would
yield invalid results due to using outdated class IDs in their query.
---
...t-flush_class_cache-call-it-on-polic.patch | 126 ++++++++++++++++++
recipes-security/selinux/libselinux_3.0.bb | 1 +
2 files changed, 127 insertions(+)
create mode 100644 recipes-security/selinux/libselinux/0001-libselinux-export-flush_class_cache-call-it-on-polic.patch

diff --git recipes-security/selinux/libselinux/0001-libselinux-export-flush_class_cache-call-it-on-polic.patch recipes-security/selinux/libselinux/0001-libselinux-export-flush_class_cache-call-it-on-polic.patch
new file mode 100644
index 0000000..dd79f64
--- /dev/null
+++ recipes-security/selinux/libselinux/0001-libselinux-export-flush_class_cache-call-it-on-polic.patch
@@ -0,0 +1,126 @@
+From 7bece3768b8ce63d79ef59bab83517b4e950f8fb Mon Sep 17 00:00:00 2001
+From: Stephen Smalley <sds@...>
+Date: Tue, 21 Jan 2020 11:18:22 -0500
+Subject: [PATCH] libselinux: export flush_class_cache(), call it on policyload
+
+Rename flush_class_cache() to selinux_flush_class_cache(), export it
+for direct use by userspace policy enforcers, and call it on all policy
+load notifications rather than only when using selinux_check_access().
+This ensures that policy reloads that change a userspace class or
+permission value will be reflected by subsequent string_to_security_class()
+or string_to_av_perm() calls.
+
+Signed-off-by: Stephen Smalley <sds@...>
+---
+ libselinux/include/selinux/selinux.h | 3 +++
+ libselinux/src/avc_internal.c | 2 ++
+ libselinux/src/checkAccess.c | 13 -------------
+ libselinux/src/selinux_internal.h | 3 +--
+ libselinux/src/stringrep.c | 4 +++-
+ 5 files changed, 9 insertions(+), 16 deletions(-)
+
+Upstream-Status: Backport [https://github.com/SELinuxProject/selinux/commit/7bece3768b8ce63d79ef59bab83517b4e950f8fb]
+
+diff --git libselinux/include/selinux/selinux.h libselinux/include/selinux/selinux.h
+index fe46e681..7922d96b 100644
+--- libselinux/include/selinux/selinux.h
++++ libselinux/include/selinux/selinux.h
+@@ -418,6 +418,9 @@ extern int security_av_string(security_class_t tclass,
+ /* Display an access vector in a string representation. */
+ extern void print_access_vector(security_class_t tclass, access_vector_t av);
+
++/* Flush the SELinux class cache, e.g. upon a policy reload. */
++extern void selinux_flush_class_cache(void);
++
+ /* Set the function used by matchpathcon_init when displaying
+ errors about the file_contexts configuration. If not set,
+ then this defaults to fprintf(stderr, fmt, ...). */
+diff --git libselinux/src/avc_internal.c libselinux/src/avc_internal.c
+index 49cecc96..568a3d92 100644
+--- libselinux/src/avc_internal.c
++++ libselinux/src/avc_internal.c
+@@ -23,6 +23,7 @@
+ #include "callbacks.h"
+ #include "selinux_netlink.h"
+ #include "avc_internal.h"
++#include "selinux_internal.h"
+
+ #ifndef NETLINK_SELINUX
+ #define NETLINK_SELINUX 7
+@@ -207,6 +208,7 @@ static int avc_netlink_process(void *buf)
+ avc_prefix, rc, errno);
+ return rc;
+ }
++ selinux_flush_class_cache();
+ rc = selinux_netlink_policyload(msg->seqno);
+ if (rc < 0)
+ return rc;
+diff --git libselinux/src/checkAccess.c libselinux/src/checkAccess.c
+index 16bfcfb6..7227ffe5 100644
+--- libselinux/src/checkAccess.c
++++ libselinux/src/checkAccess.c
+@@ -10,25 +10,12 @@
+ static pthread_once_t once = PTHREAD_ONCE_INIT;
+ static int selinux_enabled;
+
+-static int avc_reset_callback(uint32_t event __attribute__((unused)),
+- security_id_t ssid __attribute__((unused)),
+- security_id_t tsid __attribute__((unused)),
+- security_class_t tclass __attribute__((unused)),
+- access_vector_t perms __attribute__((unused)),
+- access_vector_t *out_retained __attribute__((unused)))
+-{
+- flush_class_cache();
+- return 0;
+-}
+-
+ static void avc_init_once(void)
+ {
+ selinux_enabled = is_selinux_enabled();
+ if (selinux_enabled == 1) {
+ if (avc_open(NULL, 0))
+ return;
+- avc_add_callback(avc_reset_callback, AVC_CALLBACK_RESET,
+- 0, 0, 0, 0);
+ }
+ }
+
+diff --git libselinux/src/selinux_internal.h libselinux/src/selinux_internal.h
+index 8b4bed2f..61b78aaa 100644
+--- libselinux/src/selinux_internal.h
++++ libselinux/src/selinux_internal.h
+@@ -107,8 +107,7 @@ hidden_proto(selinux_trans_to_raw_context);
+ hidden_proto(security_get_initial_context);
+ hidden_proto(security_get_initial_context_raw);
+ hidden_proto(selinux_reset_config);
+-
+-hidden void flush_class_cache(void);
++hidden_proto(selinux_flush_class_cache);
+
+ extern int require_seusers hidden;
+ extern int selinux_page_size hidden;
+diff --git libselinux/src/stringrep.c libselinux/src/stringrep.c
+index 4db95398..29757b75 100644
+--- libselinux/src/stringrep.c
++++ libselinux/src/stringrep.c
+@@ -158,7 +158,7 @@ err1:
+ return NULL;
+ }
+
+-hidden void flush_class_cache(void)
++void selinux_flush_class_cache(void)
+ {
+ struct discover_class_node *cur = discover_class_cache, *prev = NULL;
+ size_t i;
+@@ -180,6 +180,8 @@ hidden void flush_class_cache(void)
+ discover_class_cache = NULL;
+ }
+
++hidden_def(selinux_flush_class_cache)
++
+ security_class_t string_to_security_class(const char *s)
+ {
+ struct discover_class_node *node;
+--
+2.25.1
+
diff --git recipes-security/selinux/libselinux_3.0.bb recipes-security/selinux/libselinux_3.0.bb
index 05d2346..17a25a9 100644
--- recipes-security/selinux/libselinux_3.0.bb
+++ recipes-security/selinux/libselinux_3.0.bb
@@ -12,4 +12,5 @@ SRC_URI += "\
file://libselinux-make-SOCK_CLOEXEC-optional.patch \
file://libselinux-define-FD_CLOEXEC-as-necessary.patch \
file://0001-Fix-building-against-musl-and-uClibc-libc-libraries.patch \
+ file://0001-libselinux-export-flush_class_cache-call-it-on-polic.patch \
"
--
2.25.1


Re: How does one add do_fetch, do_unpack to an image recipe?

Josef Holzmayr
 

Howdy!

Am 07.08.2021 um 02:25 schrieb John Klug:
I am using dunfell.
In the documentation I see:
https://www.yoctoproject.org/docs/current/bitbake-user-manual/bitbake-user-manual.html#unsetting-variables
In case some filter removes the yocto URL, I am referring to:
docs/current/bitbake-user-manual/bitbake-user-manual.html#unsetting-variables
Which has this example:
unset do_fetch[noexec]
If I put this in my image recipe, the do_fetch noexec item still exists.
In order to fix this problem I had to patch openembedded-core/meta/classes/image.bbclass, and remove the line setting do_fetch[noexec]="1" and the ones following.
I need to do a fetch for my IMAGE_POSTPROCESS_COMMAND.
From first glance, I'd guess that the approach is just not correct. If that thing to be fetched also needs to go *into* the image: make it a recipe on its own. If you only need it during build time, then it should probably be a -native dependency, and therefore again a recipe on its own. Then the image recipe can depend on it and use its contents during the build/postprocess stage.

Greetz

Thanks.


Re: linux-hotplug recipe

Josef Holzmayr
 

Howdy!

Am 08.08.2021 um 16:11 schrieb chiefsleepyeye@...:
I'm new to yocto so forgive me if this has been answered before.  I searched a number of resources and wasn't able to find an answer.  I've been able to install yocto and make modifications to the bblayers.conf and local.conf files to add recipes and layers that provide recipes for the components I need.  I wanted to add hotplug and  found there is a "meta package" from yocto called "linux-hotplug".  The problem I'm having is finding out which layer provides that recipe.  Can someone point me in the right direction and/or point me at a tool that allows searching through all recipes, configured for use or not, for recipes. I've used oe-pkgutils-tool and bitbake-layers but, as far as I can tell they only search in layers configured to be used.  I also tried the layer search tool on the open embedded website but got no hits for the aforementioned recipe.  I feel like I'm missing something here but I don't know what.  Any help would be appreciated.  Thanks to all.
http://layers.openembedded.org

respectively for you http://layers.openembedded.org/layerindex/branch/master/recipes/?q=hotplug obviously... gut it doesn't seem that the information you based your question on is accurate, no "linux-hotplug" there. If I had to guess, then you found either something massively outdated, or referring to a non-openly accessible layer.

Greetz


Mike

3061 - 3080 of 57384