Date   

Current high bug count owners for Yocto Project 3.4

Stephen Jolley
 

All,

Below is the list as of top 50 bug owners as of the end of WW23 of who have open medium or higher bugs and enhancements against YP 3.4.   There are 101 possible work days left until the final release candidates for YP 3.4 needs to be released.

Who

Count

ross@...

31

richard.purdie@...

31

michael.opdenacker@...

22

david.reyna@...

22

bruce.ashfield@...

21

bluelightning@...

12

JPEWhacker@...

12

akuster808@...

12

trevor.gamblin@...

11

timothy.t.orling@...

11

sakib.sajal@...

10

randy.macleod@...

9

kai.kang@...

8

hongxu.jia@...

6

Qi.Chen@...

6

tony.tascioglu@...

6

mingli.yu@...

6

raj.khem@...

5

chee.yang.lee@...

5

yi.zhao@...

4

alexandre.belloni@...

3

mostthingsweb@...

3

mshah@...

2

yf3yu@...

2

ydirson@...

2

pokylinux@...

2

jaewon@...

2

alejandro@...

2

yoctoproject@...

1

thomas.perrot@...

1

kergoth@...

1

naveen.kumar.saini@...

1

stacygaikovaia@...

1

liezhi.yang@...

1

douglas.royds@...

1

open.source@...

1

mark.hatle@...

1

nicolas.dechesne@...

1

shachar@...

1

Martin.Jansa@...

1

mister_rs@...

1

jon.mason@...

1

john.kaldas.enpj@...

1

jeanmarie.lemetayer@...

1

devendra.tewari@...

1

aehs29@...

1

diego.sueiro@...

1

matthewzmd@...

1

Nathan.Dunne@...

1

saul.wold@...

1

kexin.hao@...

1

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


Yocto Project Newcomer & Unassigned Bugs - Help Needed

Stephen Jolley
 

All,

 

The triage team is starting to try and collect up and classify bugs which a newcomer to the project would be able to work on in a way which means people can find them. They're being listed on the triage page under the appropriate heading:

https://wiki.yoctoproject.org/wiki/Bug_Triage#Newcomer_Bugs  Also please review: https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded and how to create a bugzilla account at: https://bugzilla.yoctoproject.org/createaccount.cgi

The idea is these bugs should be straight forward for a person to help work on who doesn't have deep experience with the project.  If anyone can help, please take ownership of the bug and send patches!  If anyone needs help/advice there are people on irc who can likely do so, or some of the more experienced contributors will likely be happy to help too.

 

Also, the triage team meets weekly and does its best to handle the bugs reported into the Bugzilla. The number of people attending that meeting has fallen, as have the number of people available to help fix bugs. One of the things we hear users report is they don't know how to help. We (the triage team) are therefore going to start reporting out the currently 348 unassigned or newcomer bugs.

 

We're hoping people may be able to spare some time now and again to help out with these.  Bugs are split into two types, "true bugs" where things don't work as they should and "enhancements" which are features we'd want to add to the system.  There are also roughly four different "priority" classes right now, “3.2”, “3.3, "3.99" and "Future", the more pressing/urgent issues being in "3.2" and then “3.3”.

 

Please review this link and if a bug is something you would be able to help with either take ownership of the bug, or send me (sjolley.yp.pm@...) an e-mail with the bug number you would like and I will assign it to you (please make sure you have a Bugzilla account).  The list is at: https://wiki.yoctoproject.org/wiki/Bug_Triage_Archive#Unassigned_or_Newcomer_Bugs

 

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


Re: bitbake controlling memory use

Gmane Admin
 

Op 05-06-2021 om 15:35 schreef Gmane Admin:
Op 14-04-2021 om 06:59 schreef Richard Purdie:
On Tue, 2021-04-13 at 21:14 -0400, Randy MacLeod wrote:
On 2021-04-11 12:19 p.m., Alexander Kanavin wrote:
make already has -l option for limiting new instances if load average is
too high, so it's only natural to add a RAM limiter too.

    -l [N], --load-average[=N], --max-load[=N]
                                Don't start multiple jobs unless load is
below N.

In any case, patches welcome :)
During today's Yocto technical call (1),
we talked about approaches to limiting the system load and avoiding
swap and/or OOM events. Here's what (little!) i recall from the
discussion, 9 busy hours later.

In the short run, instead of independently maintaining changes to
configurations to limit parallelism or xz memory usage, etc, we
could develop an optional common include file where such limits
are shared across the community.

In the longer run, changes to how bitbake schedules work may be needed.

Richard says that there was a make/build server idea and maybe even a
patch from a while ago. It may be in one of his poky-contrib branches.
I took a few minutes to look but nothing popped up. A set of keywords to
search for might help me find it.
http://git.yoctoproject.org/cgit.cgi/poky-contrib/commit/?h=rpurdie/wipqueue4&id=d66a327fb6189db5de8bc489859235dcba306237
This patch resolves a starvation of a particular resource (execution cores), which is good.
However, the problem I am facing is starvation of another resource (memory).

Cheers,

Richard

I like the idea. Unfortunately the patch doesn't apply to Gatesgarth, so I couldn't test it. Any chance you would be doing a refresh?
Ok so I refreshed this patch my self and it seems to be working nicely (3000 out of 4000 tasks complete), except for one thing: do_configure for cmake-native fails and I don't see why. From the log:

loading initial cache file xxxxxx/out/linux64/build/tmp/work/x86_64-linux/cmake-native/3.18.2-r0/build/Bootstrap.cmk/InitialCacheFlags.cmake
-- The C compiler identification is GNU 10.3.0
-- The CXX compiler identification is GNU 10.3.0
-- Detecting C compiler ABI info
CMake Error: Generator: execution of make failed. Make command was: xxxxxx/out/linux64/poky/scripts/make-intercept/make cmTC_68352/fast &&
-- Detecting C compiler ABI info - failed
-- Check for working C compiler: xxxxxx/out/linux64/build/tmp/hosttools/gcc
CMake Error: Generator: execution of make failed. Make command was: xxxxxx/out/linux64/poky/scripts/make-intercept/make cmTC_f23a0/fast &&
-- Check for working C compiler: xxxxxx/out/linux64/build/tmp/hosttools/gcc - broken
CMake Error at Modules/CMakeTestCCompiler.cmake:66 (message):
The C compiler

"xxxxxx/out/linux64/build/tmp/hosttools/gcc"

is not able to compile a simple test program.

It fails with the following output:

Change Dir: xxxxxx/tmp/work/x86_64-linux/cmake-native/3.18.2-r0/build/CMakeFiles/CMakeTmp

Run Build Command(s):xxxxxx/out/linux64/poky/scripts/make-intercept/make cmTC_f23a0/fast && Permission denied
Generator: execution of make failed. Make command was: xxxxxx/out/linux64/poky/scripts/make-intercept/make cmTC_f23a0/fast &&

CMake will not be able to correctly generate this project.
Call Stack (most recent call first):
CMakeLists.txt:7 (project)

Crazy. I don't see why making a complete recipe works fine, while making a test program during configure fails. Ideas?


How to use debug symbols from recipe-dbg package?

Mauro Ziliani
 

Hi all.
I have the recipe myapp.bb, and I get from it the debian packages myapp_1.0-r0_armhf.deb and myapp-dbg_1.0-r0_armhf.deb

How can I use the debug symbols in myapp-dbg_1.0-r0_armhf.deb with gdb and the application in myapp_1.0-r0_armhf.deb package?


Best regards,
  MZ

Sent from Mailspring, the best free email app for work


Yocto AI Engine #yocto

Abdelrahman El-Gammal <a.elgammal2019@...>
 

Hi, I am building an AI engine on a gaming motherboard. I chose it for I need a powerful GPU. And I am using Yocto to build a custom OS for this engine. So, at first, what do you think the most appropriate motherboard to use? I already checked some ASUS and Gigabyte gaming boards but I did not find a good supporting community regarding their BSPs? So, are there any other supported boards to serve this functionality or I just start building on the already available Intel / AMD BSPs?


[meta-zephyr][PATCHv2 5/5] zephyr-mqtt-publisher: Add recipe for mqtt publisher

Amit Kucheria
 

From: Amit Kucheria <amit.kucheria.ext@...>

This sample application provides an example of using the the MBEDTLS library.

Signed-off-by: Amit Kucheria <amit.kucheria.ext@...>
---
recipes-kernel/zephyr-kernel/zephyr-mqtt-publisher.bb | 5 +++++
1 file changed, 5 insertions(+)
create mode 100644 recipes-kernel/zephyr-kernel/zephyr-mqtt-publisher.bb

diff --git a/recipes-kernel/zephyr-kernel/zephyr-mqtt-publisher.bb b/recipes-kernel/zephyr-kernel/zephyr-mqtt-publisher.bb
new file mode 100644
index 000000000000..b4e306742e44
--- /dev/null
+++ b/recipes-kernel/zephyr-kernel/zephyr-mqtt-publisher.bb
@@ -0,0 +1,5 @@
+include zephyr-sample.inc
+
+ZEPHYR_SRC_DIR = "${S}/samples/net/mqtt_publisher"
+
+ZEPHYR_MODULES_append = "\;${S}/modules/lib/mbedtls"
--
2.25.1


[meta-zephyr][PATCHv2 4/5] zephyr-websocket-client: Add recipe for websocket client

Amit Kucheria
 

From: Amit Kucheria <amit.kucheria.ext@...>

This sample application provides an example of using the the MBEDTLS library.

Signed-off-by: Amit Kucheria <amit.kucheria.ext@...>
---
recipes-kernel/zephyr-kernel/zephyr-websocket-client.bb | 5 +++++
1 file changed, 5 insertions(+)
create mode 100644 recipes-kernel/zephyr-kernel/zephyr-websocket-client.bb

diff --git a/recipes-kernel/zephyr-kernel/zephyr-websocket-client.bb b/recipes-kernel/zephyr-kernel/zephyr-websocket-client.bb
new file mode 100644
index 000000000000..428f75e18adb
--- /dev/null
+++ b/recipes-kernel/zephyr-kernel/zephyr-websocket-client.bb
@@ -0,0 +1,5 @@
+include zephyr-sample.inc
+
+ZEPHYR_SRC_DIR = "${S}/samples/net/sockets/websocket_client"
+
+ZEPHYR_MODULES_append = "\;${S}/modules/lib/mbedtls"
--
2.25.1


[meta-zephyr][PATCHv2 3/5] zephyr-http-client: Add recipe for http client

Amit Kucheria
 

From: Amit Kucheria <amit.kucheria.ext@...>

This sample application provides an example of using the the MBEDTLS library.

Signed-off-by: Amit Kucheria <amit.kucheria.ext@...>
---
recipes-kernel/zephyr-kernel/zephyr-http-client.bb | 5 +++++
1 file changed, 5 insertions(+)
create mode 100644 recipes-kernel/zephyr-kernel/zephyr-http-client.bb

diff --git a/recipes-kernel/zephyr-kernel/zephyr-http-client.bb b/recipes-kernel/zephyr-kernel/zephyr-http-client.bb
new file mode 100644
index 000000000000..cf3c322c20ce
--- /dev/null
+++ b/recipes-kernel/zephyr-kernel/zephyr-http-client.bb
@@ -0,0 +1,5 @@
+include zephyr-sample.inc
+
+ZEPHYR_SRC_DIR = "${S}/samples/net/sockets/http_client"
+
+ZEPHYR_MODULES_append = "\;${S}/modules/lib/mbedtls"
--
2.25.1


[meta-zephyr][PATCHv2 2/5] zephyr-echo-client: Add recipe for echo client

Amit Kucheria
 

From: Amit Kucheria <amit.kucheria.ext@...>

This sample application provides an example of using the the MBEDTLS library.

Signed-off-by: Amit Kucheria <amit.kucheria.ext@...>
---
recipes-kernel/zephyr-kernel/zephyr-echo-client.bb | 5 +++++
1 file changed, 5 insertions(+)
create mode 100644 recipes-kernel/zephyr-kernel/zephyr-echo-client.bb

diff --git a/recipes-kernel/zephyr-kernel/zephyr-echo-client.bb b/recipes-kernel/zephyr-kernel/zephyr-echo-client.bb
new file mode 100644
index 000000000000..c17e1e78f6b5
--- /dev/null
+++ b/recipes-kernel/zephyr-kernel/zephyr-echo-client.bb
@@ -0,0 +1,5 @@
+include zephyr-sample.inc
+
+ZEPHYR_SRC_DIR = "${S}/samples/net/sockets/echo_client"
+
+ZEPHYR_MODULES_append = "\;${S}/modules/lib/mbedtls"
--
2.25.1


[meta-zephyr][PATCHv2 1/5] zephyr-kernel: Clone mbedtls

Amit Kucheria
 

From: Amit Kucheria <amit.kucheria.ext@...>

MBed TLS is a library that implements cryptographic primitives and
SSL/TLS and DTLS protocols that are needed in secure network
communications.

Add it to the kernel include files to build and link against
applications that need mbedtls.

Signed-off-by: Amit Kucheria <amit.kucheria.ext@...>
---
recipes-kernel/zephyr-kernel/zephyr-kernel-common.inc | 1 +
recipes-kernel/zephyr-kernel/zephyr-kernel-src-2.5.0.inc | 1 +
recipes-kernel/zephyr-kernel/zephyr-kernel-src.inc | 1 +
3 files changed, 3 insertions(+)

diff --git a/recipes-kernel/zephyr-kernel/zephyr-kernel-common.inc b/recipes-kernel/zephyr-kernel/zephyr-kernel-common.inc
index 330fe59aebe5..c9acbbbc3645 100644
--- a/recipes-kernel/zephyr-kernel/zephyr-kernel-common.inc
+++ b/recipes-kernel/zephyr-kernel/zephyr-kernel-common.inc
@@ -28,6 +28,7 @@ ZEPHYR_MODULES = ""
ZEPHYR_MODULES_append_arm = "\;${S}/modules/cmsis"
ZEPHYR_MODULES_append_nordic = "\;${S}/modules/hal/nordic"
ZEPHYR_MODULES_append_stm32 = "\;${S}/modules/hal/stm32"
+ZEPHYR_MODULES_append_mbedtls = "\;${S}/modules/lib/mbedtls"
ZEPHYR_MODULES_append_openamp = "\;${S}/modules/lib/open-amp\;${S}/modules/hal/libmetal"

EXTRA_OECMAKE_append = " -DZEPHYR_MODULES=${ZEPHYR_MODULES}"
diff --git a/recipes-kernel/zephyr-kernel/zephyr-kernel-src-2.5.0.inc b/recipes-kernel/zephyr-kernel/zephyr-kernel-src-2.5.0.inc
index 5d66f0f3cb5b..3aeb3bf6fc3f 100644
--- a/recipes-kernel/zephyr-kernel/zephyr-kernel-src-2.5.0.inc
+++ b/recipes-kernel/zephyr-kernel/zephyr-kernel-src-2.5.0.inc
@@ -6,6 +6,7 @@ SRCREV_stm32 = "cc8731dba4fd9c57d7fe8ea6149828b89c2bd635"
SRCREV_open-amp = "de1b85a13032a2de1d8b6695ae5f800b613e739d"
SRCREV_libmetal = "9d4ee2c3cfd5f49861939447990f3b7d7bf9bf94"
SRCREV_tinycrypt = "3e9a49d2672ec01435ffbf0d788db6d95ef28de0"
+SRCREV_mbedtls = "5765cb7f75a9973ae9232d438e361a9d7bbc49e7"

PV = "2.5.0+git${SRCPV}"

diff --git a/recipes-kernel/zephyr-kernel/zephyr-kernel-src.inc b/recipes-kernel/zephyr-kernel/zephyr-kernel-src.inc
index 1d06d916a1e0..069fa561667c 100644
--- a/recipes-kernel/zephyr-kernel/zephyr-kernel-src.inc
+++ b/recipes-kernel/zephyr-kernel/zephyr-kernel-src.inc
@@ -13,6 +13,7 @@ SRC_URI = "\
git://github.com/zephyrproject-rtos/cmsis.git;protocol=https;destsuffix=git/modules/cmsis;name=cmsis \
git://github.com/zephyrproject-rtos/hal_nordic.git;protocol=https;destsuffix=git/modules/hal/nordic;name=nordic \
git://github.com/zephyrproject-rtos/hal_stm32.git;protocol=https;destsuffix=git/modules/hal/stm32;name=stm32 \
+ git://github.com/zephyrproject-rtos/mbedtls.git;protocol=https;destsuffix=git/modules/lib/mbedtls;name=mbedtls \
git://github.com/zephyrproject-rtos/open-amp.git;protocol=https;destsuffix=git/modules/lib/open-amp;name=open-amp \
git://github.com/zephyrproject-rtos/libmetal.git;protocol=https;destsuffix=git/modules/hal/libmetal;name=libmetal \
git://github.com/zephyrproject-rtos/tinycrypt.git;protocol=https;destsuffix=git/modules/crypto/tinycrypt;name=tinycrypt \
--
2.25.1


[meta-zephyr][PATCHv2 0/5] zephyr-kernel: Clone mbedtls

Amit Kucheria
 

From: Amit Kucheria <amit.kucheria.ext@...>


MBed TLS is a library that implements cryptographic primitives and SSL/TLS
and DTLS protocols that are needed in secure network communications.

Add it to the kernel include files to build and link against applications
that need mbedtls. Add a few sample applications that utilize mbedtls
library too.


Amit Kucheria (5):
zephyr-kernel: Clone mbedtls
zephyr-echo-client: Add recipe for echo client
zephyr-http-client: Add recipe for http client
zephyr-websocket-client: Add recipe for websocket client
zephyr-mqtt-publisher: Add recipe for mqtt publisher

recipes-kernel/zephyr-kernel/zephyr-echo-client.bb | 5 +++++
recipes-kernel/zephyr-kernel/zephyr-http-client.bb | 5 +++++
recipes-kernel/zephyr-kernel/zephyr-kernel-common.inc | 1 +
recipes-kernel/zephyr-kernel/zephyr-kernel-src-2.5.0.inc | 1 +
recipes-kernel/zephyr-kernel/zephyr-kernel-src.inc | 1 +
recipes-kernel/zephyr-kernel/zephyr-mqtt-publisher.bb | 5 +++++
recipes-kernel/zephyr-kernel/zephyr-websocket-client.bb | 5 +++++
7 files changed, 23 insertions(+)
create mode 100644 recipes-kernel/zephyr-kernel/zephyr-echo-client.bb
create mode 100644 recipes-kernel/zephyr-kernel/zephyr-http-client.bb
create mode 100644 recipes-kernel/zephyr-kernel/zephyr-mqtt-publisher.bb
create mode 100644 recipes-kernel/zephyr-kernel/zephyr-websocket-client.bb

--
2.25.1


Re: [linux-yocto] [linux-yocto v5.10/standard/nxp-sdk-5.4/nxp-s32g2xx]: drivers: dspi: fsl: fix dspi transfer hang issue

Bruce Ashfield
 

In message: [linux-yocto] [linux-yocto v5.10/standard/nxp-sdk-5.4/nxp-s32g2xx]: drivers: dspi: fsl: fix dspi transfer hang issue
on 04/06/2021 Zhantao Tang wrote:


Hi Bruce,


There is an patch to fix dspi hang issue.

Would you please help to merge this patch into linux-ycoto kernel, v5.10, branch is v5.10/standard/nxp-sdk-5.4/nxp-s32g2xx?
This went to the wrong mailing list, but I did pick it up!

merged.

Bruce



Thanks,
Zhantao


[meta-intel] meta-intel with Intel Z390 chipset on ASUS ROG STRIX Z390-I GAMING

Abdelrahman El-Gammal <a.elgammal2019@...>
 

I am using the meta-intel layer with a machine configured to intel-core-i7 and core-image-Sato. A very basic build and using bmaptool to generate an image from .wic to a usb stick.The problem is that the kernel hangs on the last line in the following picture, I think it does not see the filesystem. So, what do you think is the solution?


Re: Is it a bug or it does not support device tree /delete-node/?

JH
 

Thanks Quentin, that did the trick.


On 6/5/21, Quentin Schulz <foss@...> wrote:
Hi,

On June 5, 2021 12:43:19 AM UTC, JH <jupiter.hce@...> wrote:
Hi,

I am building following imx6ulz-kobs.dts file to a dtb in zeus:

$ cat imx6ulz-kobs.dts

#include "imx6ulz.dts"

/{
model = "customized imx6ull";
compatible = "fsl,imx6ull";
};

&gpmi {
/delete-node/ fsl,use-minimum-ecc;
};

The building process was fine, but that fsl,use-minimum-ecc in dtb was
not deleted, is it a bug or it does not support /delete-node/?
fsl,use-minimum-ecc is a property not a node, you need to use
/delete-property/ instead, c.f.
https://devicetree-specification.readthedocs.io/en/latest/chapter6-source-language.html?highlight=delete-property#node-and-property-definitions.

Cheers,
Quentin

--
"A man can fail many times, but he isn't a failure until he begins to
blame somebody else."
-- John Burroughs


[meta-security][PATCH 7/7] meta-integrity/recipe-kernel: use sanity check

Armin Kuster
 

Signed-off-by: Armin Kuster <akuster808@...>
---
meta-integrity/recipes-kernel/linux/linux-%.bbappend | 6 +-----
meta-integrity/recipes-kernel/linux/linux_ima.inc | 5 +++++
2 files changed, 6 insertions(+), 5 deletions(-)
create mode 100644 meta-integrity/recipes-kernel/linux/linux_ima.inc

diff --git a/meta-integrity/recipes-kernel/linux/linux-%.bbappend b/meta-integrity/recipes-kernel/linux/linux-%.bbappend
index f9a48cd..be60bfe 100644
--- a/meta-integrity/recipes-kernel/linux/linux-%.bbappend
+++ b/meta-integrity/recipes-kernel/linux/linux-%.bbappend
@@ -1,5 +1 @@
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ima", " features/ima/ima.scc", "" ,d)}"
-
-KERNEL_FEATURES_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', ' features/ima/modsign.scc', '', d)}"
-
-inherit ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', 'kernel-modsign', '', d)}
+require ${@bb.utils.contains_any('DISTRO_FEATURES', 'integrity ', 'linux_ima.inc', '', d)}
diff --git a/meta-integrity/recipes-kernel/linux/linux_ima.inc b/meta-integrity/recipes-kernel/linux/linux_ima.inc
new file mode 100644
index 0000000..f9a48cd
--- /dev/null
+++ b/meta-integrity/recipes-kernel/linux/linux_ima.inc
@@ -0,0 +1,5 @@
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ima", " features/ima/ima.scc", "" ,d)}"
+
+KERNEL_FEATURES_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', ' features/ima/modsign.scc', '', d)}"
+
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', 'kernel-modsign', '', d)}
--
2.25.1


[meta-security][PATCH 6/7] meta-integrity: add sanity check

Armin Kuster
 

Signed-off-by: Armin Kuster <akuster808@...>
---
meta-integrity/README.md | 18 +++++++++++++++++-
.../classes/sanity-meta-integrity.bbclass | 10 ++++++++++
meta-integrity/conf/layer.conf | 4 ++++
3 files changed, 31 insertions(+), 1 deletion(-)
create mode 100644 meta-integrity/classes/sanity-meta-integrity.bbclass

diff --git a/meta-integrity/README.md b/meta-integrity/README.md
index 5048fba..8254b0d 100644
--- a/meta-integrity/README.md
+++ b/meta-integrity/README.md
@@ -1,8 +1,24 @@
This README file contains information on the contents of the
integrity layer.

-Please see the corresponding sections below for details.

+The bbappend files for some recipes (e.g. linux-yocto) in this layer need
+to have 'integrity' in DISTRO_FEATURES to have effect.
+To enable them, add in configuration file the following line.
+
+ DISTRO_FEATURES_append = " integrity"
+
+If meta-integrity is included, but integrity is not enabled as a
+distro feature a warning is printed at parse time:
+
+ You have included the meta-integritry layer, but
+ 'integrity' has not been enabled in your DISTRO_FEATURES. Some bbappend files
+ and preferred version setting may not take effect.
+
+If you know what you are doing, this warning can be disabled by setting the following
+variable in your configuration:
+
+ SKIP_META_INTEGRITY_SANITY_CHECK = 1

Dependencies
============
diff --git a/meta-integrity/classes/sanity-meta-integrity.bbclass b/meta-integrity/classes/sanity-meta-integrity.bbclass
new file mode 100644
index 0000000..6ba7e3f
--- /dev/null
+++ b/meta-integrity/classes/sanity-meta-integrity.bbclass
@@ -0,0 +1,10 @@
+addhandler integrity_bbappend_distrocheck
+integrity_bbappend_distrocheck[eventmask] = "bb.event.SanityCheck"
+python integrity_bbappend_distrocheck() {
+ skip_check = e.data.getVar('SKIP_META_INTEGRITY_SANITY_CHECK') == "1"
+ if 'integrity' not in e.data.getVar('DISTRO_FEATURES').split() and not skip_check:
+ bb.warn("You have included the meta-integrity layer, but \
+'integrity' has not been enabled in your DISTRO_FEATURES. Some bbappend files \
+and preferred version setting may not take effect. See the meta-integrity README \
+for details on enabling integrity support.")
+}
diff --git a/meta-integrity/conf/layer.conf b/meta-integrity/conf/layer.conf
index ba028da..37776f8 100644
--- a/meta-integrity/conf/layer.conf
+++ b/meta-integrity/conf/layer.conf
@@ -26,6 +26,10 @@ LAYERDEPENDS_integrity = "core openembedded-layer"

BBLAYERS_LAYERINDEX_NAME_integrity = "meta-integrity"

+# Sanity check for meta-integrity layer.
+# Setting SKIP_META_INTEGRITY_SANITY_CHECK to "1" would skip the bbappend files check.
+INHERIT += "sanity-meta-integrity"
+
BBFILES_DYNAMIC += " \
networking-layer:${LAYERDIR}/dynamic-layers/meta-networking/recipes-*/*/*.bbappend \
"
--
2.25.1


[meta-security][PATCH 5/7] meta-tpm/linux-yocto: use sanity support

Armin Kuster
 

Signed-off-by: Armin Kuster <akuster808@...>
---
.../linux/linux-yocto_5.%.bbappend | 18 +-----------------
.../recipes-kernel/linux/linux-yocto_tpm.inc | 17 +++++++++++++++++
2 files changed, 18 insertions(+), 17 deletions(-)
create mode 100644 meta-tpm/recipes-kernel/linux/linux-yocto_tpm.inc

diff --git a/meta-tpm/recipes-kernel/linux/linux-yocto_5.%.bbappend b/meta-tpm/recipes-kernel/linux/linux-yocto_5.%.bbappend
index cea8b1b..2cf1453 100644
--- a/meta-tpm/recipes-kernel/linux/linux-yocto_5.%.bbappend
+++ b/meta-tpm/recipes-kernel/linux/linux-yocto_5.%.bbappend
@@ -1,17 +1 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/linux-yocto:"
-
-# Enable tpm in kernel
-SRC_URI_append_x86 = " \
- ${@bb.utils.contains('MACHINE_FEATURES', 'tpm', 'file://tpm.scc', '', d)} \
- ${@bb.utils.contains('MACHINE_FEATURES', 'tpm2', 'file://tpm2.scc', '', d)} \
- "
-
-SRC_URI_append_x86-64 = " \
- ${@bb.utils.contains('MACHINE_FEATURES', 'tpm', 'file://tpm.scc', '', d)} \
- ${@bb.utils.contains('MACHINE_FEATURES', 'tpm2', 'file://tpm2.scc', '', d)} \
- "
-
-SRC_URI += " \
- ${@bb.utils.contains('MACHINE_FEATURES', 'tpm_i2c', 'file://tpm_i2c.scc', '', d)} \
- ${@bb.utils.contains('MACHINE_FEATURES', 'vtpm', 'file://vtpm.scc', '', d)} \
- "
+require ${@bb.utils.contains_any('DISTRO_FEATURES', 'tpm', 'linux-yocto_tpm.inc', '', d)}
diff --git a/meta-tpm/recipes-kernel/linux/linux-yocto_tpm.inc b/meta-tpm/recipes-kernel/linux/linux-yocto_tpm.inc
new file mode 100644
index 0000000..cea8b1b
--- /dev/null
+++ b/meta-tpm/recipes-kernel/linux/linux-yocto_tpm.inc
@@ -0,0 +1,17 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/linux-yocto:"
+
+# Enable tpm in kernel
+SRC_URI_append_x86 = " \
+ ${@bb.utils.contains('MACHINE_FEATURES', 'tpm', 'file://tpm.scc', '', d)} \
+ ${@bb.utils.contains('MACHINE_FEATURES', 'tpm2', 'file://tpm2.scc', '', d)} \
+ "
+
+SRC_URI_append_x86-64 = " \
+ ${@bb.utils.contains('MACHINE_FEATURES', 'tpm', 'file://tpm.scc', '', d)} \
+ ${@bb.utils.contains('MACHINE_FEATURES', 'tpm2', 'file://tpm2.scc', '', d)} \
+ "
+
+SRC_URI += " \
+ ${@bb.utils.contains('MACHINE_FEATURES', 'tpm_i2c', 'file://tpm_i2c.scc', '', d)} \
+ ${@bb.utils.contains('MACHINE_FEATURES', 'vtpm', 'file://vtpm.scc', '', d)} \
+ "
--
2.25.1


[meta-security][PATCH 4/7] meta-tpm: add layer sanity check

Armin Kuster
 

Signed-off-by: Armin Kuster <akuster808@...>
---
meta-tpm/README | 19 +++++++++++++++++++
meta-tpm/classes/sanity-meta-tpm.bbclass | 10 ++++++++++
meta-tpm/conf/layer.conf | 4 ++++
3 files changed, 33 insertions(+)
create mode 100644 meta-tpm/classes/sanity-meta-tpm.bbclass

diff --git a/meta-tpm/README b/meta-tpm/README
index dd662b3..59d2ee3 100644
--- a/meta-tpm/README
+++ b/meta-tpm/README
@@ -1,6 +1,25 @@
meta-tpm layer
==============

+The bbappend files for some recipes (e.g. linux-yocto) in this layer need
+to have 'tpm' in DISTRO_FEATURES to have effect.
+To enable them, add in configuration file the following line.
+
+ DISTRO_FEATURES_append = " tmp"
+
+If meta-tpm is included, but tpm is not enabled as a
+distro feature a warning is printed at parse time:
+
+ You have included the meta-tpm layer, but
+ 'tpm' has not been enabled in your DISTRO_FEATURES. Some bbappend files
+ and preferred version setting may not take effect.
+
+If you know what you are doing, this warning can be disabled by setting the following
+variable in your configuration:
+
+ SKIP_META_TPM_SANITY_CHECK = 1
+
+
This layer contains base TPM recipes.

Dependencies
diff --git a/meta-tpm/classes/sanity-meta-tpm.bbclass b/meta-tpm/classes/sanity-meta-tpm.bbclass
new file mode 100644
index 0000000..2f8b52d
--- /dev/null
+++ b/meta-tpm/classes/sanity-meta-tpm.bbclass
@@ -0,0 +1,10 @@
+addhandler tpm_machinecheck
+tpm_machinecheck[eventmask] = "bb.event.SanityCheck"
+python tpm_machinecheck() {
+ skip_check = e.data.getVar('SKIP_META_TPM_SANITY_CHECK') == "1"
+ if 'tpm' not in e.data.getVar('DISTRO_FEATURES').split() and not skip_check:
+ bb.warn("You have included the meta-tpm layer, but \
+'tpm or tpm2' has not been enabled in your DISTRO_FEATURES. Some bbappend files \
+and preferred version setting may not take effect. See the meta-tpm README \
+for details on enabling tpm support.")
+}
diff --git a/meta-tpm/conf/layer.conf b/meta-tpm/conf/layer.conf
index 1b766cb..0b102c5 100644
--- a/meta-tpm/conf/layer.conf
+++ b/meta-tpm/conf/layer.conf
@@ -17,6 +17,10 @@ LAYERDEPENDS_tpm-layer = " \
"
BBLAYERS_LAYERINDEX_NAME_tpm-layer = "meta-tpm"

+# Sanity check for meta-integrity layer.
+# Setting SKIP_META_TPM_SANITY_CHECK to "1" would skip the bbappend files check.
+INHERIT += "sanity-meta-tpm"
+
BBFILES_DYNAMIC += " \
networking-layer:${LAYERDIR}/dynamic-layers/meta-networking/recipes-*/*/*.bbappend \
"
--
2.25.1


[meta-security][PATCH 3/7] linux-yocto-dev: drop bbappend

Armin Kuster
 

Signed-off-by: Armin Kuster <akuster808@...>
---
recipes-kernel/linux/linux-yocto-dev.bbappend | 1 -
1 file changed, 1 deletion(-)
delete mode 100644 recipes-kernel/linux/linux-yocto-dev.bbappend

diff --git a/recipes-kernel/linux/linux-yocto-dev.bbappend b/recipes-kernel/linux/linux-yocto-dev.bbappend
deleted file mode 100644
index 1d9054f..0000000
--- a/recipes-kernel/linux/linux-yocto-dev.bbappend
+++ /dev/null
@@ -1 +0,0 @@
-require ${@bb.utils.contains('DISTRO_FEATURES', 'security', '${BPN}_security.inc', '', d)}
--
2.25.1


[meta-security][PATCH 2/7] meta-security/recipe-kernel: use sanity check

Armin Kuster
 

Signed-off-by: Armin Kuster <akuster808@...>
---
recipes-kernel/linux/linux-yocto-dev.bbappend | 4 +---
recipes-kernel/linux/linux-yocto_5.%.bbappend | 4 +---
recipes-kernel/linux/linux-yocto_security.inc | 3 +++
3 files changed, 5 insertions(+), 6 deletions(-)
create mode 100644 recipes-kernel/linux/linux-yocto_security.inc

diff --git a/recipes-kernel/linux/linux-yocto-dev.bbappend b/recipes-kernel/linux/linux-yocto-dev.bbappend
index fa536d0..1d9054f 100644
--- a/recipes-kernel/linux/linux-yocto-dev.bbappend
+++ b/recipes-kernel/linux/linux-yocto-dev.bbappend
@@ -1,3 +1 @@
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
-KERNEL_FEATURES_append = " ${@bb.utils.contains("IMAGE_CLASSES", "dm-verity-img", " features/device-mapper/dm-verity.scc", "" ,d)}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'security', '${BPN}_security.inc', '', d)}
diff --git a/recipes-kernel/linux/linux-yocto_5.%.bbappend b/recipes-kernel/linux/linux-yocto_5.%.bbappend
index fa536d0..1d9054f 100644
--- a/recipes-kernel/linux/linux-yocto_5.%.bbappend
+++ b/recipes-kernel/linux/linux-yocto_5.%.bbappend
@@ -1,3 +1 @@
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
-KERNEL_FEATURES_append = " ${@bb.utils.contains("IMAGE_CLASSES", "dm-verity-img", " features/device-mapper/dm-verity.scc", "" ,d)}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'security', '${BPN}_security.inc', '', d)}
diff --git a/recipes-kernel/linux/linux-yocto_security.inc b/recipes-kernel/linux/linux-yocto_security.inc
new file mode 100644
index 0000000..fa536d0
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto_security.inc
@@ -0,0 +1,3 @@
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
+KERNEL_FEATURES_append = " ${@bb.utils.contains("IMAGE_CLASSES", "dm-verity-img", " features/device-mapper/dm-verity.scc", "" ,d)}"
--
2.25.1

3641 - 3660 of 57385