|
Open Source Maintainers - An open letter/request
Richard Purdie
TLDR: The project is seen as mature, employers don't prioritise maintaining
things and we're struggling for maintainers and help with day to day work Open source projects survive, not just through development work and contributions of new features but through a whole load of "unglamorous" day to day "admin" work. This may be tracking down a regression, triaging failing builds, making a release of a component, reviewing a patch, documenting something or many other activities. I love the fact we have active contributions, particularly for new features but we are continuing to struggle in many of the other areas above. I am extrememly grateful for the help we do receive with these tasks! As a project we have automated an absolute ton of things, we can test changes in ways we could only dream of a few years ago but maintaining this automation, tracking down regressions and ensuring it all stays working does have a cost. I am worried, not just about the core of the project, but the wider layer ecosystem since "layer maintainer" isn't seen as a particularly interesting career enabling focus by employers and it seems a lot of this work isn't being recognised. Internal business pressures are often continually being prioritised over this. The YP+OE ecosystem is becoming more mature and this means we have our experienced developers being pulled away to new things and few people are replacing them so it feels like we're seeing a gradual skills drain/fade. There are a few things companies can do to help: a) Publicly acknowledge you use the project. I'm often asked where the project is being used but I find it hard to point at companies using it, or products developed with it. It does help to be able to point at real users rather than theoretical scenarios. We *know* it is used in some interesting places but many won't let us say that publicly. https://wiki.yoctoproject.org/wiki/Project_Users b) Embrace employee's Open Source contributions, code and otherwise If companies can find ways to recognise the value of having open source experts/leaders working for them from a career development and reward perspective, that would encourage people to do the important work needed c) Consider Yocto Project membership https://www.yoctoproject.org/ecosystem/members/ https://www.yoctoproject.org/join/ We're finding that some infrastructure and roles need to be centrally funded as the work is important but no one company is willing to commit people to it. We're only able to to this through project membership which supports things like the autobuilder, LTS, our build triage process and my own role. d) Support employees in spending some time on open source projects I hear quite often that employees get XX% time to spend on open source projects. I also hear they get pulled onto mission critical product deliverables and can't prioritise that other project work. Finding ways to ensure employees can spend time on open source projects including management support would help a lot. e) Transition roles If someone has a key role in a project but is moving to new things, help them find a replacement and allow them time to train/transition to that new person. Some companies do this really well, I'd call out NI and opkg maintainership as a particularly good exmaple. I appreciate these are difficult times, both for individuals and for businesses. I'd like to conclude by thanking everyone who does participate and contribute. Whilst I do want/need to highlight the above (and have been asked to do so that people have something they can point people at), the project is proving to be successful, going to interesting places and making things possible we can all be proud of! Cheers, Richard
|
|
|
|
Alexandre GAMBIER <alexandre@...>
Hi,
I would like to remove hwclock from the rootfs cause we don't have an RTC. Maybe later I'll replace it with fake-hwclock. I'm using dunfell with IPK packages and I tried to add the following settings in my image settings file (not all at the same time) but none of them removed hwclock.
Is there a way to remove the package util-linux-hwclock ? I could use IMAGE_POSTPROCESS_COMMAND and write my own script to remove it but I think it's better and safer to remove the package during the rootfs build. Thanks
|
|
|
|
[PATCH yocto-autobuilder-helper 4/4] config.json: add a target to test standalone X11 image
Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex.kanavin@...>
--- config.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/config.json b/config.json index 72b7af2..8a98c30 100644 --- a/config.json +++ b/config.json @@ -752,6 +752,20 @@ ] } }, + "only-x11" : { + "MACHINE" : "qemux86-64", + "BBTARGETS" : "core-image-sato core-image-sato:do_populate_sdk core-image-sato:do_populate_sdk_ext core-image-sato-sdk", + "SANITYTARGETS" : "core-image-sato:do_testimage core-image-sato:do_testsdk core-image-sato:do_testsdkext core-image-sato-sdk:do_testimage" + "step1" : { + "shortname" : "Keep both wayland and opengl" + }, + "step2" : { + "shortname" : "Remove wayland and opengl", + "extravars" : [ + "DISTRO_FEATURES_remove = 'opengl wayland'" + ] + } + }, "musl-qemux86" : { "MACHINE" : "qemux86", "SDKMACHINE" : "x86_64", -- 2.31.1
|
|
|
|
[PATCH yocto-autobuilder-helper 3/4] config.json: pam is required when weston starts under systemd
Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex.kanavin@...>
--- config.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config.json b/config.json index ef1637e..72b7af2 100644 --- a/config.json +++ b/config.json @@ -998,7 +998,7 @@ "BBTARGETS" : "core-image-weston", "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ - "DISTRO_FEATURES_append = ' systemd'", + "DISTRO_FEATURES_append = ' pam systemd'", "VIRTUAL-RUNTIME_init_manager = 'systemd'", "TEST_SUITES_append = ' systemd'" ] @@ -1018,7 +1018,7 @@ "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "TEST_SUITES_append = ' systemd'", - "DISTRO_FEATURES_append = ' systemd'", + "DISTRO_FEATURES_append = ' pam systemd'", "VIRTUAL-RUNTIME_init_manager = 'systemd'", "DISTRO_FEATURES_BACKFILL_CONSIDERED = 'sysvinit'" ] -- 2.31.1
|
|
|
|
[PATCH yocto-autobuilder-helper 2/4] config.json: replace core-image-sato with core-image-weston
Alexander Kanavin
I believe the time has come for YP to be defaulting to Wayland
and not X11. X11 is effectively deprecated technology at this point with only minimal maintenance; standalone X server will not be developed any further, and all attention currently is towards making X apps work well under Wayland. Weston is built with x11 support enabled via xwayland, so x11 bits continue do be built and exercised in tests and SDKs; for testing core-image-sato as a whole a separate target will be added next. Signed-off-by: Alexander Kanavin <alex.kanavin@...> --- config.json | 176 ++++++++++++++++++++++++++-------------------------- 1 file changed, 88 insertions(+), 88 deletions(-) diff --git a/config.json b/config.json index c122412..ef1637e 100644 --- a/config.json +++ b/config.json @@ -67,13 +67,13 @@ "BUILDINFO" : true, "BUILDHISTORY" : true, "step1" : { - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-sato:do_populate_sdk", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-sato:do_testimage core-image-sato-sdk:do_testimage core-image-sato:do_testsdk" + "BBTARGETS" : "core-image-weston core-image-weston-sdk core-image-minimal core-image-minimal-dev core-image-weston:do_populate_sdk", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-weston:do_testimage core-image-weston-sdk:do_testimage core-image-weston:do_testsdk" }, "step2" : { "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-sato:do_populate_sdk core-image-minimal:do_populate_sdk_ext core-image-sato:do_populate_sdk_ext", - "SANITYTARGETS" : "core-image-sato:do_testsdk core-image-minimal:do_testsdkext core-image-sato:do_testsdkext" + "BBTARGETS" : "core-image-weston:do_populate_sdk core-image-minimal:do_populate_sdk_ext core-image-weston:do_populate_sdk_ext", + "SANITYTARGETS" : "core-image-weston:do_testsdk core-image-minimal:do_testsdkext core-image-weston:do_testsdkext" }, "step3" : { "shortname" : "Machine oe-selftest", @@ -87,8 +87,8 @@ "BUILDINFO" : true, "BUILDHISTORY" : true, "step1" : { - "BBTARGETS" : "core-image-full-cmdline core-image-sato core-image-sato-sdk", - "SANITYTARGETS" : "core-image-full-cmdline:do_testimage core-image-sato:do_testimage core-image-sato-sdk:do_testimage" + "BBTARGETS" : "core-image-full-cmdline core-image-weston core-image-weston-sdk", + "SANITYTARGETS" : "core-image-full-cmdline:do_testimage core-image-weston:do_testimage core-image-weston-sdk:do_testimage" } }, "ptest-qemu" : { @@ -109,8 +109,8 @@ }, "ltp-qemu" : { "BUILDINFO" : true, - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage", + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "IMAGE_INSTALL_append = ' ltp'", "TEST_SUITES = 'ping ssh ltp ltp_compliance'", @@ -122,16 +122,16 @@ "arch-hw" : { "BUILDINFO" : true, "step1" : { - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-weston-ptest-all core-image-sato:do_populate_sdk", - "SANITYTARGETS" : "core-image-sato:do_testsdk" + "BBTARGETS" : "core-image-weston core-image-weston-sdk core-image-minimal core-image-minimal-dev core-image-weston-ptest-all core-image-weston:do_populate_sdk", + "SANITYTARGETS" : "core-image-weston:do_testsdk" } }, "arch-hw-qemu" : { "BUILDINFO" : true, "step1" : { "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-minimal core-image-sato core-image-sato-sdk core-image-sato:do_populate_sdk core-image-sato:do_populate_sdk_ext", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-sato:do_testimage core-image-sato-sdk:do_testimage core-image-sato:do_testsdk core-image-sato:do_testsdkext" + "BBTARGETS" : "core-image-minimal core-image-weston core-image-weston-sdk core-image-weston:do_populate_sdk core-image-weston:do_populate_sdk_ext", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-weston:do_testimage core-image-weston-sdk:do_testimage core-image-weston:do_testsdk core-image-weston:do_testsdkext" }, "step2" : { "shortname" : "Machine oe-selftest", @@ -143,7 +143,7 @@ "DISTRO" : "poky-altcfg", "BUILDINFO" : true, "step1" : { - "BBTARGETS" : "core-image-full-cmdline core-image-sato core-image-sato-sdk" + "BBTARGETS" : "core-image-full-cmdline core-image-weston core-image-weston-sdk" } }, "buildperf" : { @@ -230,17 +230,17 @@ "BB_SIGNATURE_HANDLER = 'OEEquivHash'" ], "step1" : { - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage" + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage" }, "step2" : { - "BBTARGETS" : "core-image-sato:do_populate_sdk", - "SANITYTARGETS" : "core-image-sato:do_testsdk" + "BBTARGETS" : "core-image-weston:do_populate_sdk", + "SANITYTARGETS" : "core-image-weston:do_testsdk" }, "step3" : { "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-sato:do_populate_sdk core-image-minimal:do_populate_sdk_ext", - "SANITYTARGETS" : "core-image-sato:do_testsdk" + "BBTARGETS" : "core-image-weston:do_populate_sdk core-image-minimal:do_populate_sdk_ext", + "SANITYTARGETS" : "core-image-weston:do_testsdk" } }, "qemuarm" : { @@ -252,8 +252,8 @@ "BUILDINFO" : true, "step1" : { "SDKMACHINE" : "aarch64", - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-sato:do_populate_sdk core-image-minimal:do_populate_sdk_ext core-image-sato:do_populate_sdk_ext", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-sato:do_testimage core-image-sato-sdk:do_testimage core-image-sato:do_testsdk core-image-minimal:do_testsdkext core-image-sato:do_testsdkext" + "BBTARGETS" : "core-image-weston core-image-weston-sdk core-image-minimal core-image-minimal-dev core-image-weston:do_populate_sdk core-image-minimal:do_populate_sdk_ext core-image-weston:do_populate_sdk_ext", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-weston:do_testimage core-image-weston-sdk:do_testimage core-image-weston:do_testsdk core-image-minimal:do_testsdkext core-image-weston:do_testsdkext" } }, "qemuarm-alt" : { @@ -265,7 +265,7 @@ "TEMPLATE" : "arch-hw", "step2" : { "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-minimal:do_populate_sdk_ext core-image-sato:do_populate_sdk" + "BBTARGETS" : "core-image-minimal:do_populate_sdk_ext core-image-weston:do_populate_sdk" } }, "beaglebone-alt" : { @@ -281,8 +281,8 @@ "BUILDINFO" : true, "step1" : { "SDKMACHINE" : "aarch64", - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-sato:do_populate_sdk core-image-minimal:do_populate_sdk_ext core-image-sato:do_populate_sdk_ext", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-sato:do_testimage core-image-sato-sdk:do_testimage core-image-sato:do_testsdk core-image-minimal:do_testsdkext core-image-sato:do_testsdkext" + "BBTARGETS" : "core-image-weston core-image-weston-sdk core-image-minimal core-image-minimal-dev core-image-weston:do_populate_sdk core-image-minimal:do_populate_sdk_ext core-image-weston:do_populate_sdk_ext", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-weston:do_testimage core-image-weston-sdk:do_testimage core-image-weston:do_testsdk core-image-minimal:do_testsdkext core-image-weston:do_testsdkext" } }, "qemuarm64-ptest" : { @@ -306,13 +306,13 @@ ], "step1": { "MACHINE": "n1sdp", - "BBTARGETS": "core-image-minimal core-image-sato core-image-sato:do_populate_sdk", - "SANITYTARGETS" : "core-image-sato:do_testsdk" + "BBTARGETS": "core-image-minimal core-image-weston core-image-weston:do_populate_sdk", + "SANITYTARGETS" : "core-image-weston:do_testsdk" }, "step2": { "MACHINE": "juno", - "BBTARGETS": "core-image-minimal core-image-sato core-image-sato:do_populate_sdk", - "SANITYTARGETS" : "core-image-sato:do_testsdk" + "BBTARGETS": "core-image-minimal core-image-weston core-image-weston:do_populate_sdk", + "SANITYTARGETS" : "core-image-weston:do_testsdk" } }, "meta-agl-core" : { @@ -337,24 +337,24 @@ "SSTATEDIR" : ["SSTATE_DIR ?= '${HELPERBUILDDIR}/sstate'"], "MACHINE" : "qemuarm64", "step1" : { - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-sato:do_populate_sdk", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-sato:do_testimage core-image-sato-sdk:do_testimage core-image-sato:do_testsdk" + "BBTARGETS" : "core-image-weston core-image-weston-sdk core-image-minimal core-image-minimal-dev core-image-weston:do_populate_sdk", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-weston:do_testimage core-image-weston-sdk:do_testimage core-image-weston:do_testsdk" }, "step2" : { "MACHINE" : "qemux86-64", - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-weston-ptest-all core-image-sato:do_populate_sdk", - "SANITYTARGETS" : "core-image-sato:do_testsdk" + "BBTARGETS" : "core-image-weston core-image-weston-sdk core-image-minimal core-image-minimal-dev core-image-weston-ptest-all core-image-weston:do_populate_sdk", + "SANITYTARGETS" : "core-image-weston:do_testsdk" }, "step3" : { "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-sato:do_populate_sdk core-image-minimal:do_populate_sdk_ext core-image-sato:do_populate_sdk_ext", - "SANITYTARGETS" : "core-image-sato:do_testsdk core-image-minimal:do_testsdkext core-image-sato:do_testsdkext" + "BBTARGETS" : "core-image-weston:do_populate_sdk core-image-minimal:do_populate_sdk_ext core-image-weston:do_populate_sdk_ext", + "SANITYTARGETS" : "core-image-weston:do_testsdk core-image-minimal:do_testsdkext core-image-weston:do_testsdkext" }, "step4" : { "MACHINE" : "qemux86-64", "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-minimal:do_populate_sdk_ext core-image-sato:do_populate_sdk" + "BBTARGETS" : "core-image-minimal:do_populate_sdk_ext core-image-weston:do_populate_sdk" }, "step5" : { "BUILDINFO" : false, @@ -498,11 +498,11 @@ "baselib = \"${@d.getVar('BASE_LIB_tune-' + (d.getVar('DEFAULTTUNE', True) or 'INVALID'), True) or 'lib'}\"" ], "step1" : { - "BBTARGETS" : "core-image-minimal core-image-sato", + "BBTARGETS" : "core-image-minimal core-image-weston", "SANITYTARGETS" : "core-image-minimal:do_testimage" }, "step2" : { - "SANITYTARGETS" : "core-image-sato:do_testimage", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "TEST_SUITES_append = ' x32lib'" ] @@ -551,8 +551,8 @@ "step3" : { "shortname" : "x86-64 lib32 rpm", "description" : "qemux86-64 64bit image and 32 bit multilibs with rpm", - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage", + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "TEST_SUITES_append = ' multilib'", "require conf/multilib.conf", @@ -566,8 +566,8 @@ "shortname" : "x86-64 lib32 ipk", "description" : "qemux86-64 64bit image and 32 bit multilibs with ipk", "PACKAGE_CLASSES" : "package_ipk", - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage", + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "TEST_SUITES_append = ' multilib'", "require conf/multilib.conf", @@ -582,7 +582,7 @@ "description" : "x86 building 64bit multilib image", "MACHINE" : "qemux86", "SDKMACHINE" : "i686", - "BBTARGETS" : "lib64-core-image-sato lib64-core-image-sato-sdk", + "BBTARGETS" : "lib64-core-image-weston lib64-core-image-weston-sdk", "extravars" : [ "require conf/multilib.conf", "MULTILIBS = 'multilib:lib64'", @@ -607,26 +607,26 @@ "pkgman-rpm-non-rpm" : { "MACHINE" : "qemux86", "PACKAGE_CLASSES" : "package_rpm", - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-sato:do_testimage core-image-sato-sdk:do_testimage" + "BBTARGETS" : "core-image-weston core-image-weston-sdk core-image-minimal core-image-minimal-dev", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-weston:do_testimage core-image-weston-sdk:do_testimage" }, "pkgman-deb-non-deb" : { "MACHINE" : "qemux86", "PACKAGE_CLASSES" : "package_deb", - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-sato:do_populate_sdk", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-sato:do_testimage core-image-sato-sdk:do_testimage core-image-sato:do_testsdk" + "BBTARGETS" : "core-image-weston core-image-weston-sdk core-image-minimal core-image-minimal-dev core-image-weston:do_populate_sdk", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-weston:do_testimage core-image-weston-sdk:do_testimage core-image-weston:do_testsdk" }, "pkgman-non-rpm" : { "MACHINE" : "qemux86", "step1" : { "PACKAGE_CLASSES" : "package_ipk", - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-sato:do_testimage core-image-sato-sdk:do_testimage" + "BBTARGETS" : "core-image-weston core-image-weston-sdk core-image-minimal core-image-minimal-dev", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-weston:do_testimage core-image-weston-sdk:do_testimage" }, "step2" : { "PACKAGE_CLASSES" : "package_deb", - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-sato:do_testimage core-image-sato-sdk:do_testimage" + "BBTARGETS" : "core-image-weston core-image-weston-sdk core-image-minimal core-image-minimal-dev", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-weston:do_testimage core-image-weston-sdk:do_testimage" } }, "poky-tiny" : { @@ -643,41 +643,41 @@ "step1" : { "MACHINE" : "qemux86", "shortname" : "qemux86 wic", - "BBTARGETS" : "wic-tools core-image-sato", + "BBTARGETS" : "wic-tools core-image-weston", "EXTRACMDS" : [ - "wic create directdisk -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86/directdisk/core-image-sato/", - "wic create directdisk-gpt -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86/directdisk/core-image-sato/", - "wic create mkefidisk -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86/directdisk/core-image-sato/" + "wic create directdisk -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86/directdisk/core-image-weston/", + "wic create directdisk-gpt -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86/directdisk/core-image-weston/", + "wic create mkefidisk -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86/directdisk/core-image-weston/" ] }, "step2" : { "MACHINE" : "genericx86", "shortname" : "genericx86 wic", - "BBTARGETS" : "wic-tools core-image-sato", + "BBTARGETS" : "wic-tools core-image-weston", "EXTRACMDS" : [ - "wic create directdisk -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86/directdisk/core-image-sato/", - "wic create directdisk-gpt -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86/directdisk/core-image-sato/", - "wic create mkefidisk -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86/directdisk/core-image-sato/" + "wic create directdisk -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86/directdisk/core-image-weston/", + "wic create directdisk-gpt -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86/directdisk/core-image-weston/", + "wic create mkefidisk -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86/directdisk/core-image-weston/" ] }, "step3" : { "MACHINE" : "qemux86-64", "shortname" : "qemux86-64 wic", - "BBTARGETS" : "wic-tools core-image-sato", + "BBTARGETS" : "wic-tools core-image-weston", "EXTRACMDS" : [ - "wic create directdisk -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86-64/directdisk/core-image-sato/", - "wic create directdisk-gpt -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86-64/directdisk/core-image-sato/", - "wic create mkefidisk -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86-64/directdisk/core-image-sato/" + "wic create directdisk -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86-64/directdisk/core-image-weston/", + "wic create directdisk-gpt -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86-64/directdisk/core-image-weston/", + "wic create mkefidisk -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/qemux86-64/directdisk/core-image-weston/" ] }, "step4" : { "MACHINE" : "genericx86-64", "shortname" : "genericx86-64 wic", - "BBTARGETS" : "wic-tools core-image-sato", + "BBTARGETS" : "wic-tools core-image-weston", "EXTRACMDS" : [ - "wic create directdisk -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86-64/directdisk/core-image-sato/", - "wic create directdisk-gpt -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86-64/directdisk/core-image-sato/", - "wic create mkefidisk -e core-image-sato -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86-64/directdisk/core-image-sato/" + "wic create directdisk -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86-64/directdisk/core-image-weston/", + "wic create directdisk-gpt -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86-64/directdisk/core-image-weston/", + "wic create mkefidisk -e core-image-weston -o ${BUILDDIR}/tmp/deploy/wic_images/genericx86-64/directdisk/core-image-weston/" ] } }, @@ -755,8 +755,8 @@ "musl-qemux86" : { "MACHINE" : "qemux86", "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-minimal core-image-full-cmdline core-image-sato-sdk world", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-full-cmdline:do_testimage core-image-sato-sdk:do_testimage", + "BBTARGETS" : "core-image-minimal core-image-full-cmdline core-image-weston-sdk world", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-full-cmdline:do_testimage core-image-weston-sdk:do_testimage", "extravars" : [ "TCLIBC = 'musl'" ] @@ -765,8 +765,8 @@ "MACHINE" : "qemux86-64", "SDKMACHINE" : "x86_64", "BUILDINFO" : true, - "BBTARGETS" : "core-image-minimal core-image-full-cmdline core-image-sato-sdk world", - "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-full-cmdline:do_testimage core-image-sato-sdk:do_testimage", + "BBTARGETS" : "core-image-minimal core-image-full-cmdline core-image-weston-sdk world", + "SANITYTARGETS" : "core-image-minimal:do_testimage core-image-full-cmdline:do_testimage core-image-weston-sdk:do_testimage", "extravars" : [ "TCLIBC = 'musl'" ] @@ -938,18 +938,18 @@ "step4" : { "shortname" : "Prep locked-sigs test", "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-sato core-image-sato:do_populate_sdk_ext" + "BBTARGETS" : "core-image-weston core-image-weston:do_populate_sdk_ext" }, "step5" : { "shortname" : "Prep #2 locked-sigs test", "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-sato -S none", + "BBTARGETS" : "core-image-weston -S none", "EXTRACMDS" : ["${SCRIPTSDIR}/../janitor/clobberdir ${BUILDDIR}/../build/tmp"] }, "step6" : { "shortname" : "Test locked-sigs image", "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-sato", + "BBTARGETS" : "core-image-weston", "extravars" : [ "TMPDIR = '${TOPDIR}/newtmp'", "require ../locked-sigs.inc" @@ -958,7 +958,7 @@ "step7" : { "shortname" : "Test locked-sigs eSDK", "SDKMACHINE" : "x86_64", - "BBTARGETS" : "core-image-sato:do_populate_sdk_ext", + "BBTARGETS" : "core-image-weston:do_populate_sdk_ext", "extravars" : [ "TMPDIR = '${TOPDIR}/sdktmp'" ] @@ -968,16 +968,16 @@ "MACHINE" : "qemux86-64", "step1" : { "shortname" : "Test logrotate", - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage", + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "IMAGE_INSTALL_append = ' logrotate'", "TEST_SUITES_append = ' logrotate'" ] }, "step2" : { - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage", + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "DISTRO_FEATURES_append = ' pam'", "TEST_SUITES_append = ' pam'" @@ -985,8 +985,8 @@ }, "step3" : { "shortname" : "Test skeletoninit", - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage", + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "IMAGE_INSTALL_append = ' service hello-mod'", "TEST_SUITES_append = ' skeletoninit'" @@ -995,8 +995,8 @@ }, "step4" : { "shortname" : "Systemd with sysvinit compat", - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage", + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "DISTRO_FEATURES_append = ' systemd'", "VIRTUAL-RUNTIME_init_manager = 'systemd'", @@ -1005,8 +1005,8 @@ }, "step5" : { "shortname" : "Sysvinit with systemd", - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage", + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "DISTRO_FEATURES_append = ' systemd'", "VIRTUAL-RUNTIME_init_manager = 'sysvinit'" @@ -1014,8 +1014,8 @@ }, "step6" : { "shortname" : "Systemd", - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage", + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "TEST_SUITES_append = ' systemd'", "DISTRO_FEATURES_append = ' systemd'", @@ -1025,8 +1025,8 @@ }, "step7" : { "shortname" : "Mesa gallium-llvm", - "BBTARGETS" : "core-image-sato", - "SANITYTARGETS" : "core-image-sato:do_testimage", + "BBTARGETS" : "core-image-weston", + "SANITYTARGETS" : "core-image-weston:do_testimage", "extravars" : [ "PACKAGECONFIG_append_x86-64_pn-mesa = ' gallium-llvm gallium r600'" ] -- 2.31.1
|
|
|
|
[PATCH yocto-autobuilder-helper 1/4] config.json: transition ptests to weston-based images
Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex.kanavin@...>
--- config.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/config.json b/config.json index 6533dab..c122412 100644 --- a/config.json +++ b/config.json @@ -93,16 +93,16 @@ }, "ptest-qemu" : { "BUILDINFO" : true, - "BBTARGETS" : "core-image-sato-ptest", - "SANITYTARGETS" : "core-image-sato-ptest:do_testimage", + "BBTARGETS" : "core-image-weston-ptest-all", + "SANITYTARGETS" : "core-image-weston-ptest-all:do_testimage", "extravars" : [ "TEST_SUITES = 'ping ssh ptest'" ] }, "ptest-qemu-fast" : { "BUILDINFO" : true, - "BBTARGETS" : "core-image-sato-ptest-fast", - "SANITYTARGETS" : "core-image-sato-ptest-fast:do_testimage", + "BBTARGETS" : "core-image-weston-ptest-fast", + "SANITYTARGETS" : "core-image-weston-ptest-fast:do_testimage", "extravars" : [ "TEST_SUITES = 'ping ssh ptest'" ] @@ -122,7 +122,7 @@ "arch-hw" : { "BUILDINFO" : true, "step1" : { - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-sato-ptest core-image-sato:do_populate_sdk", + "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-weston-ptest-all core-image-sato:do_populate_sdk", "SANITYTARGETS" : "core-image-sato:do_testsdk" } }, @@ -342,7 +342,7 @@ }, "step2" : { "MACHINE" : "qemux86-64", - "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-sato-sdk-ptest core-image-sato:do_populate_sdk", + "BBTARGETS" : "core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-weston-ptest-all core-image-sato:do_populate_sdk", "SANITYTARGETS" : "core-image-sato:do_testsdk" }, -- 2.31.1
|
|
|
|
Re: KeyError: 'getpwuid(): uid not found: 1000' in do_package phase
Martin Jansa
On Mon, May 10, 2021 at 12:08:22PM +0300, Thomas Hill via lists.yoctoproject.org wrote:
Hi Richard!0002_libcryptopp_8.2.0_use-install-instead-of-cp.patch from your recipe might be interesting as well to guess what went wrong in your case.
|
|
|
|
Re: Improving NPM recipe build speed
Nicolas Jeker
On Mon, 2021-04-26 at 16:29 -0700, Alessandro Tagliapietra wrote:
Hi everyone,Hi Alessandro, I'm making an image that includes the node-red recipe from meta-iot-I never worked with node-red in yocto, so I can't speak specifically for that, but I encountered similar situations before. Here is what I usually do when I need to change a file in a recipe that takes a really long time to compile or triggers a rebuild of a ton of other recipes. This only works for files that don't need to be compiled, like configuration files, systemd service files, udev rules etc. I usually replace the file in the rootfs directly on the device (or boot from NFS and edit the file in the NFS export). For example if I need to change a systemd service file, I change the file on my host, copy it with scp to the device and check if everything is working as expected. When I'm finished, I reintegrate my edits with a bbappend file and check again if it works. Thanks in advance
|
|
|
|
Re: KeyError: 'getpwuid(): uid not found: 1000' in do_package phase
Thomas Hill
Hi Richard!
On Fri, 7 May 2021, 15:28, Richard Purdie <richard.purdie@...> On Fri, 2021-05-07 at 10:10 +0300, Thomas Hill via lists.yoctoproject.org wrote:On Thu, 6 May 2021, 13:44 Martin Jansa <Martin.Jansa@...> wrote:On Thu, May 6, 2021 at 10:57 AM Thomas Hill via lists.yoctoproject.org <tom.hill=inbox.lv@...> wrote:> I have here a similar problem with one of my own packages. It happens that my bitbake user uses UID 1001. Do you have more information why this is a problem? Should it be enough to change the UID to 1002 to get everything running?On Mon, Nov 16, 2020 at 02:28 PM, Martin Jansa wrote: When you install files during do_install, you need to be clear about whoSee my other mail for more details - subject: "Path ./package/usr/lib/libcryptopp.so.8 is owned by uid 1111, gid 1111, which doesn't match any ..." If you do something like "touch ${D}/x", the it will be owned by the defaultI do not touch any files myself. The do_install function uses only "oe_runmake install-lib". No "touch", no "cp", nothing. The GNUmakefile uses "mkdir", "cp", "chmod" but I patched it so it uses "install" instead of "cp" in my recipe. We don't know what your code is doing in do_install but its almost certainlyMy other mail has more details. I did not append the GNUmakefile. It is quite large. I think it ist easier to get it directly from the original git-repository. <https://github.com/weidai11/cryptopp/blob/9dcc26c58213abb8351fbb1b2a7a1d2c667366e4/GNUmakefile> Tom
|
|
|
|
Re: [meta-security][PATCH 4/6] suricata: 4.1.x add UPSTREAM_CHECK_REGEX
Quentin Schulz
Hi Armin,
On May 9, 2021 3:47:38 PM UTC, Armin Kuster <akuster808@...> wrote: Signed-off-by: Armin Kuster <akuster808@...>There is a mismatch between what you're doing and what the title of this commit is, I guess the commit title is to be updated? Cheers, Quentin
|
|
|
|
[meta-security][PATCH 6/6] ibmtpm2tss: update to tip
Signed-off-by: Armin Kuster <akuster808@...>
--- meta-tpm/recipes-tpm2/ibmtpm2tss/ibmtpm2tss_1.6.0.bb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/meta-tpm/recipes-tpm2/ibmtpm2tss/ibmtpm2tss_1.6.0.bb b/meta-tpm/recipes-tpm2/ibmtpm2tss/ibmtpm2tss_1.6.0.bb index 4d9b554..ae8974b 100644 --- a/meta-tpm/recipes-tpm2/ibmtpm2tss/ibmtpm2tss_1.6.0.bb +++ b/meta-tpm/recipes-tpm2/ibmtpm2tss/ibmtpm2tss_1.6.0.bb @@ -17,11 +17,13 @@ DEPENDS = "openssl ibmswtpm2" inherit autotools pkgconfig -SRCREV = "3e736f712ba53c8f06e66751f60fae428fd2e20f" +SRCREV = "c4e131e34ec0ed09411aa3bc76f76129ef881573" SRC_URI = " git://git.code.sf.net/p/ibmtpm20tss/tss;nobranch=1 \ file://0001-utils-12-Makefile.am-expand-wildcards-in-prereqs.patch \ " +UPSTREAM_CHECK_COMMITS = "1" + EXTRA_OECONF = "--disable-tpm-1.2" S = "${WORKDIR}/git" -- 2.25.1
|
|
|
|
[meta-security][PATCH 5/6] ibmswtpm2: update to 1661
Drop patch now included in updated
Signed-off-by: Armin Kuster <akuster808@...> --- .../ibmswtpm2/files/fix-wrong-cast.patch | 27 ------------------- .../{ibmswtpm2_1637.bb => ibmswtpm2_1661.bb} | 10 +++---- 2 files changed, 4 insertions(+), 33 deletions(-) delete mode 100644 meta-tpm/recipes-tpm2/ibmswtpm2/files/fix-wrong-cast.patch rename meta-tpm/recipes-tpm2/ibmswtpm2/{ibmswtpm2_1637.bb => ibmswtpm2_1661.bb} (69%) diff --git a/meta-tpm/recipes-tpm2/ibmswtpm2/files/fix-wrong-cast.patch b/meta-tpm/recipes-tpm2/ibmswtpm2/files/fix-wrong-cast.patch deleted file mode 100644 index f2938e0..0000000 --- a/meta-tpm/recipes-tpm2/ibmswtpm2/files/fix-wrong-cast.patch +++ /dev/null @@ -1,27 +0,0 @@ -Fix strict aliasing issue of gcc10 - -fixes: - -TpmFail.c: In function 'TpmLogFailure': -TpmFail.c:217:23: error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing] - 217 | s_failFunction = *(UINT32 *)&function; /* kgold */ - | ^~~~~~~~~~~~~~~~~~~ -cc1: all warnings being treated as errors - -Upstream-Status: Submitted - -Signed-off-by: Jens Rehsack <sno@...> - -Index: src/TpmFail.c -=================================================================== ---- src.orig/TpmFail.c 2020-09-10 15:43:57.085063875 +0200 -+++ src/TpmFail.c 2020-09-10 15:48:35.563302634 +0200 -@@ -214,7 +214,7 @@ - // On a 64-bit machine, this may truncate the address of the string - // of the function name where the error occurred. - #if FAIL_TRACE -- s_failFunction = *(UINT32 *)&function; /* kgold */ -+ memcpy(&s_failFunction, function, sizeof(uint32_t)); /* kgold */ - s_failLine = line; - #else - s_failFunction = 0; diff --git a/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1637.bb b/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1661.bb similarity index 69% rename from meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1637.bb rename to meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1661.bb index 301980d..7ea40a8 100644 --- a/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1637.bb +++ b/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1661.bb @@ -17,13 +17,11 @@ DEPENDS = "openssl" SRC_URI = "https://sourceforge.net/projects/ibmswtpm2/files/ibmtpm${PV}.tar.gz \ file://tune-makefile.patch \ - file://fix-wrong-cast.patch \ " -SRC_URI[md5sum] = "43b217d87056e9155633925eb6ef749c" -SRC_URI[sha256sum] = "dd3a4c3f7724243bc9ebcd5c39bbf87b82c696d1c1241cb8e5883534f6e2e327" -SRC_URI[sha1sum] = "ab4b94079e57a86996991e8a2b749ce063e4ad3e" -SRC_URI[sha384sum] = "bbef16a934853ce78cba7ddc766aa9d7ef3cde3430a322b1be772bf3ad4bd6d413ae9c4de21bc1a4879d17dfe2aadc1d" -SRC_URI[sha512sum] = "007aa415cccf19a2bcf789c426727dc4032dcb04cc9d11eedc231d2add708c1134d3d5ee5cfbe7de68307c95fff7a30bd306fbd8d53c198a5ef348440440a6ed" + +SRC_URI[sha256sum] = "55145928ad2b24f34be6a0eacf9fb492e10e0ea919b8428c721fa970e85d6147" + +UPSTREAM_CHECK_REGEX = "libtpm(?P<pver>).tar.gz" S = "${WORKDIR}/src" -- 2.25.1
|
|
|
|
[meta-security][PATCH 4/6] suricata: 4.1.x add UPSTREAM_CHECK_REGEX
Signed-off-by: Armin Kuster <akuster808@...>
--- recipes-ids/suricata/suricata_4.1.10.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/recipes-ids/suricata/suricata_4.1.10.bb b/recipes-ids/suricata/suricata_4.1.10.bb index 3f7beaa..bf08843 100644 --- a/recipes-ids/suricata/suricata_4.1.10.bb +++ b/recipes-ids/suricata/suricata_4.1.10.bb @@ -12,6 +12,8 @@ SRC_URI += " \ file://run-ptest \ " +UPSTREAM_CHECK_URI = "www.openinfosecfoundation.org/download" + inherit autotools-brokensep pkgconfig python3-dir systemd ptest CFLAGS += "-D_DEFAULT_SOURCE -fcommon" -- 2.25.1
|
|
|
|
[meta-security][PATCH 3/6] python3-scapy: add UPSTREAM_CHECK_COMMITS
Signed-off-by: Armin Kuster <akuster808@...>
--- recipes-security/scapy/python3-scapy_2.4.4.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/recipes-security/scapy/python3-scapy_2.4.4.bb b/recipes-security/scapy/python3-scapy_2.4.4.bb index 8d81ed1..23ddfce 100644 --- a/recipes-security/scapy/python3-scapy_2.4.4.bb +++ b/recipes-security/scapy/python3-scapy_2.4.4.bb @@ -13,6 +13,8 @@ SRC_URI = "git://github.com/secdev/scapy.git \ S = "${WORKDIR}/git" +UPSTREAM_CHECK_COMMITS = "1" + inherit setuptools3 ptest do_install_append() { -- 2.25.1
|
|
|
|
[meta-security][PATCH 2/6] ossec-hids: add UPSTREAM_CHECK_COMMITS
Signed-off-by: Armin Kuster <akuster808@...>
--- recipes-ids/ossec/ossec-hids_3.6.0.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/recipes-ids/ossec/ossec-hids_3.6.0.bb b/recipes-ids/ossec/ossec-hids_3.6.0.bb index 10354a7..242bbdb 100644 --- a/recipes-ids/ossec/ossec-hids_3.6.0.bb +++ b/recipes-ids/ossec/ossec-hids_3.6.0.bb @@ -11,6 +11,8 @@ SRC_URI = "git://github.com/ossec/ossec-hids;branch=master \ SRCREV = "1303c78e2c67d7acee0508cb00c3bc63baaa27c2" +UPSTREAM_CHECK_COMMITS = "1" + inherit autotools-brokensep useradd S = "${WORKDIR}/git" -- 2.25.1
|
|
|
|
[meta-security][PATCH 1/6] clamav: update to tip.
Add UPSTEAM_CHECK
Signed-off-by: Armin Kuster <akuster808@...> --- recipes-scanners/clamav/clamav_0.104.0.bb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/recipes-scanners/clamav/clamav_0.104.0.bb b/recipes-scanners/clamav/clamav_0.104.0.bb index 36e498d..6892bb0 100644 --- a/recipes-scanners/clamav/clamav_0.104.0.bb +++ b/recipes-scanners/clamav/clamav_0.104.0.bb @@ -8,7 +8,8 @@ DEPENDS = "glibc llvm libtool db openssl zlib curl libxml2 bison pcre2 json-c li LIC_FILES_CHKSUM = "file://COPYING.txt;beginline=2;endline=3;md5=f7029fbbc5898b273d5902896f7bbe17" -SRCREV = "5553a5e206ceae5d920368baee7d403f823bcb6f" +# May 2nd +SRCREV = "de0086aa918b79cd22570d0c05977a288b197e23" SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=dev/0.104 \ file://clamd.conf \ @@ -28,6 +29,8 @@ BINCONFIG = "${bindir}/clamav-config" inherit cmake chrpath pkgconfig useradd systemd multilib_header multilib_script +UPSTREAM_CHECK_COMMITS = "1" + CLAMAV_UID ?= "clamav" CLAMAV_GID ?= "clamav" -- 2.25.1
|
|
|
|
Re: Recipe Grep'ing
Robert Joslyn
On Wed, 2021-05-05 at 17:50 -0700, Khem Raj wrote:
There is the oe-stylize.py script that attempts to format recipes according to the style guide: https://git.openembedded.org/meta-openembedded/tree/contrib/oe-stylize.py Last time I played with it, I was a bit disappointed with some of the changes it makes, some of which are different than what devtool does. When I need to introduce new developers to bitbake, I'd love to be able to hand them oe-stylize or something similar and just tell them to run it before committing to make sure everything is formatted consistently. I've had updating oe-stylize.py on my TODO list for a while, but more important things always come up. Robert
|
|
|
|
[meta-security][PATCH 2/2] tpm2-pkcs11: Update to 1.6.0
Includes gcc11 fix.
Added p11-kit Minor cleanup Signed-off-by: Armin Kuster <akuster808@...> --- .../recipes-tpm2/tpm2-pkcs11/files/677.patch | 295 ++++++++++++++++++ ...2-pkcs11_1.5.0.bb => tpm2-pkcs11_1.6.0.bb} | 27 +- 2 files changed, 314 insertions(+), 8 deletions(-) create mode 100644 meta-tpm/recipes-tpm2/tpm2-pkcs11/files/677.patch rename meta-tpm/recipes-tpm2/tpm2-pkcs11/{tpm2-pkcs11_1.5.0.bb => tpm2-pkcs11_1.6.0.bb} (76%) diff --git a/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/677.patch b/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/677.patch new file mode 100644 index 0000000..5c91a5e --- /dev/null +++ b/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/677.patch @@ -0,0 +1,295 @@ +From 2b74d3df9b3b6932052ace627b21ff1352aa2932 Mon Sep 17 00:00:00 2001 +From: William Roberts <william.c.roberts@...> +Date: Wed, 5 May 2021 13:32:05 -0500 +Subject: [PATCH 1/4] test: fix build for gcc11 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fixes 0 size regions by ignoring them. The test code intentionally does +bad things. + +test/unit/test_twist.c: In function ‘test_twistbin_aappend_twist_null’: +test/unit/test_twist.c:327:18: error: ‘twistbin_aappend’ accessing 16 bytes in a region of size 0 [-Werror=stringop-overflow=] + 327 | actual = twistbin_aappend(expected, (binarybuffer *) 0xDEADBEEF, 0); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Signed-off-by: William Roberts <william.c.roberts@...> + +Upstream-Status: Pending +Fix out for merge to offical repo + +Signed-off-by: Armin Kuster <akuster808@...> + +--- + test/unit/test_twist.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/test/unit/test_twist.c b/test/unit/test_twist.c +index ec66f69f..58d4530a 100644 +--- a/test/unit/test_twist.c ++++ b/test/unit/test_twist.c +@@ -244,15 +244,23 @@ void test_twistbin_create(void **state) { + void test_twistbin_new_overflow_1(void **state) { + (void) state; + ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wpragmas" ++#pragma GCC diagnostic ignored "-Wstringop-overflow" + twist actual = twistbin_new((void *) 0xDEADBEEF, ~0); + assert_null(actual); ++#pragma GCC diagnostic pop + } + + void test_twistbin_new_overflow_2(void **state) { + (void) state; + ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wpragmas" ++#pragma GCC diagnostic ignored "-Wstringop-overflow" + twist actual = twistbin_new((void *) 0xDEADBEEF, ~0 - sizeof(void *)); + assert_null(actual); ++#pragma GCC diagnostic pop + } + + void test_twistbin_new_overflow_3(void **state) { +@@ -318,8 +326,12 @@ void test_twistbin_aappend_twist_null(void **state) { + twist actual = twistbin_aappend(expected, NULL, 42); + assert_ptr_equal((void * )actual, (void * )expected); + ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wpragmas" ++#pragma GCC diagnostic ignored "-Wstringop-overflow" + actual = twistbin_aappend(expected, (binarybuffer *) 0xDEADBEEF, 0); + assert_ptr_equal((void * )actual, (void * )expected); ++#pragma GCC diagnostic pop + + twist_free(actual); + } + +From 5bea05613e638375b73e29e5d56a9dabcfd2269d Mon Sep 17 00:00:00 2001 +From: William Roberts <william.c.roberts@...> +Date: Wed, 5 May 2021 11:52:23 -0500 +Subject: [PATCH 2/4] utils: fix stringop-overread in str_padded_copy + +cc1: all warnings being treated as errors +| make: *** [Makefile:1953: src/lib/slot.lo] Error 1 +| make: *** Waiting for unfinished jobs.... +| In file included from src/lib/mutex.h:10, +| from src/lib/session_ctx.h:6, +| from src/lib/digest.h:13, +| from src/lib/tpm.c:28: +| In function 'str_padded_copy', +| inlined from 'tpm_get_token_info' at src/lib/tpm.c:742:5: +| src/lib/utils.h:42:5: error: 'strnlen' specified bound 32 exceeds source size 5 [-Werror=stringop-overread] +| 42 | memcpy(dst, src, strnlen((char *)(src), dst_len)); +| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +| src/lib/utils.h: In function 'tpm_get_token_info': +| src/lib/tpm.c:739:19: note: source object declared here +| 739 | unsigned char manufacturerID[sizeof(UINT32)+1] = {0}; // 4 bytes + '\0' as temp storage +| | ^~~~~~~~~~~~~~ +| cc1: all warnings being treated as errors +| make: *** [Makefile:1953: src/lib/tpm.lo] Error 1 +| WARNING: exit code 1 from a shell command. + +Fixes #676 + +Signed-off-by: William Roberts <william.c.roberts@...> +--- + src/lib/general.c | 8 ++++---- + src/lib/general.h | 2 +- + src/lib/slot.c | 4 ++-- + src/lib/token.c | 4 ++-- + src/lib/tpm.c | 7 +++---- + src/lib/utils.h | 6 ++++-- + 6 files changed, 16 insertions(+), 15 deletions(-) + +diff --git a/src/lib/general.c b/src/lib/general.c +index 9b7327c1..eaddaf82 100644 +--- a/src/lib/general.c ++++ b/src/lib/general.c +@@ -19,8 +19,8 @@ + #define VERSION "UNKNOWN" + #endif + +-#define LIBRARY_DESCRIPTION (CK_UTF8CHAR_PTR)"TPM2.0 Cryptoki" +-#define LIBRARY_MANUFACTURER (CK_UTF8CHAR_PTR)"tpm2-software.github.io" ++static const CK_UTF8CHAR LIBRARY_DESCRIPTION[] = "TPM2.0 Cryptoki"; ++static const CK_UTF8CHAR LIBRARY_MANUFACTURER[] = "tpm2-software.github.io"; + + #define CRYPTOKI_VERSION { \ + .major = CRYPTOKI_VERSION_MAJOR, \ +@@ -78,8 +78,8 @@ CK_RV general_get_info(CK_INFO *info) { + + static CK_INFO *_info = NULL; + if (!_info) { +- str_padded_copy(_info_.manufacturerID, LIBRARY_MANUFACTURER, sizeof(_info_.manufacturerID)); +- str_padded_copy(_info_.libraryDescription, LIBRARY_DESCRIPTION, sizeof(_info_.libraryDescription)); ++ str_padded_copy(_info_.manufacturerID, LIBRARY_MANUFACTURER); ++ str_padded_copy(_info_.libraryDescription, LIBRARY_DESCRIPTION); + + parse_lib_version(&_info_.libraryVersion.major, + &_info_.libraryVersion.minor); +diff --git a/src/lib/general.h b/src/lib/general.h +index 14a18e46..356c142d 100644 +--- a/src/lib/general.h ++++ b/src/lib/general.h +@@ -10,7 +10,7 @@ + #define TPM2_TOKEN_LABEL "TPM2 PKCS#11 Token" + #define TPM2_TOKEN_MANUFACTURER "Intel" + #define TPM2_TOKEN_MODEL "TPM2 PKCS#11" +-#define TPM2_TOKEN_SERIAL_NUMBER "0000000000000000" ++static const CK_UTF8CHAR TPM2_TOKEN_SERIAL_NUMBER[] = "0000000000000000"; + #define TPM2_TOKEN_HW_VERSION { 0, 0 } + #define TPM2_TOKEN_FW_VERSION { 0, 0 } + +diff --git a/src/lib/slot.c b/src/lib/slot.c +index 548d22b5..6db5bb93 100644 +--- a/src/lib/slot.c ++++ b/src/lib/slot.c +@@ -119,8 +119,8 @@ CK_RV slot_get_info (CK_SLOT_ID slot_id, CK_SLOT_INFO *info) { + return CKR_GENERAL_ERROR; + } + +- str_padded_copy(info->manufacturerID, token_info.manufacturerID, sizeof(info->manufacturerID)); +- str_padded_copy(info->slotDescription, token_info.label, sizeof(info->slotDescription)); ++ str_padded_copy(info->manufacturerID, token_info.manufacturerID); ++ str_padded_copy(info->slotDescription, token_info.label); + + info->hardwareVersion = token_info.hardwareVersion; + info->firmwareVersion = token_info.firmwareVersion; +diff --git a/src/lib/token.c b/src/lib/token.c +index 6d7ebd27..c7211296 100644 +--- a/src/lib/token.c ++++ b/src/lib/token.c +@@ -317,8 +317,8 @@ CK_RV token_get_info (token *t, CK_TOKEN_INFO *info) { + } + + // Identification +- str_padded_copy(info->label, t->label, sizeof(info->label)); +- str_padded_copy(info->serialNumber, (unsigned char*) TPM2_TOKEN_SERIAL_NUMBER, sizeof(info->serialNumber)); ++ str_padded_copy(info->label, t->label); ++ str_padded_copy(info->serialNumber, TPM2_TOKEN_SERIAL_NUMBER); + + + // Memory: TODO not sure what memory values should go here, the platform? +diff --git a/src/lib/tpm.c b/src/lib/tpm.c +index 1639df48..7f9f052a 100644 +--- a/src/lib/tpm.c ++++ b/src/lib/tpm.c +@@ -740,15 +740,14 @@ CK_RV tpm_get_token_info (tpm_ctx *ctx, CK_TOKEN_INFO *info) { + unsigned char manufacturerID[sizeof(UINT32)+1] = {0}; // 4 bytes + '\0' as temp storage + UINT32 manufacturer = ntohl(tpmProperties[TPM2_PT_MANUFACTURER - TPM2_PT_FIXED].value); + memcpy(manufacturerID, (unsigned char*) &manufacturer, sizeof(uint32_t)); +- str_padded_copy(info->manufacturerID, manufacturerID, sizeof(info->manufacturerID)); ++ str_padded_copy(info->manufacturerID, manufacturerID); + + // Map human readable Manufacturer String, if available, + // otherwise 4 byte ID was already padded and will be used. + for (unsigned int i=0; i < ARRAY_LEN(TPM2_MANUFACTURER_MAP); i++){ + if (!strncasecmp((char *)info->manufacturerID, TPM2_MANUFACTURER_MAP[i][0], 4)) { + str_padded_copy(info->manufacturerID, +- (unsigned char *)TPM2_MANUFACTURER_MAP[i][1], +- sizeof(info->manufacturerID)); ++ (unsigned char *)TPM2_MANUFACTURER_MAP[i][1]); + } + } + +@@ -758,7 +757,7 @@ CK_RV tpm_get_token_info (tpm_ctx *ctx, CK_TOKEN_INFO *info) { + vendor[1] = ntohl(tpmProperties[TPM2_PT_VENDOR_STRING_2 - TPM2_PT_FIXED].value); + vendor[2] = ntohl(tpmProperties[TPM2_PT_VENDOR_STRING_3 - TPM2_PT_FIXED].value); + vendor[3] = ntohl(tpmProperties[TPM2_PT_VENDOR_STRING_4 - TPM2_PT_FIXED].value); +- str_padded_copy(info->model, (unsigned char*) &vendor, sizeof(info->model)); ++ str_padded_copy(info->model, (unsigned char*) &vendor); + + return CKR_OK; + } +diff --git a/src/lib/utils.h b/src/lib/utils.h +index 81c61fae..cf357464 100644 +--- a/src/lib/utils.h ++++ b/src/lib/utils.h +@@ -39,9 +39,11 @@ + + int str_to_ul(const char *val, size_t *res); + +-static inline void str_padded_copy(CK_UTF8CHAR_PTR dst, const CK_UTF8CHAR_PTR src, size_t dst_len) { ++#define str_padded_copy(dst, src) _str_padded_copy(dst, sizeof(dst), src, strnlen((const char *)src, sizeof(src))) ++static inline void _str_padded_copy(CK_UTF8CHAR_PTR dst, size_t dst_len, const CK_UTF8CHAR *src, size_t src_len) { + memset(dst, ' ', dst_len); +- memcpy(dst, src, strnlen((char *)(src), dst_len)); ++ memcpy(dst, src, src_len); ++ LOGE("BILL(%zu): %.*s\n", dst_len, dst_len, dst); + } + + twist utils_hash_pass(const twist pin, const twist salt); + +From afeae8a3846e06152fafb180077fbad4381a124d Mon Sep 17 00:00:00 2001 +From: William Roberts <william.c.roberts@...> +Date: Wed, 5 May 2021 14:09:27 -0500 +Subject: [PATCH 3/4] general: drop unused macros + +Signed-off-by: William Roberts <william.c.roberts@...> +--- + src/lib/general.h | 10 ---------- + 1 file changed, 10 deletions(-) + +diff --git a/src/lib/general.h b/src/lib/general.h +index 356c142d..b3089554 100644 +--- a/src/lib/general.h ++++ b/src/lib/general.h +@@ -7,17 +7,7 @@ + + #include "pkcs11.h" + +-#define TPM2_TOKEN_LABEL "TPM2 PKCS#11 Token" +-#define TPM2_TOKEN_MANUFACTURER "Intel" +-#define TPM2_TOKEN_MODEL "TPM2 PKCS#11" + static const CK_UTF8CHAR TPM2_TOKEN_SERIAL_NUMBER[] = "0000000000000000"; +-#define TPM2_TOKEN_HW_VERSION { 0, 0 } +-#define TPM2_TOKEN_FW_VERSION { 0, 0 } +- +-#define TPM2_SLOT_DESCRIPTION "Intel TPM2.0 Cryptoki" +-#define TPM2_SLOT_MANUFACTURER TPM2_TOKEN_MANUFACTURER +-#define TPM2_SLOT_HW_VERSION TPM2_TOKEN_HW_VERSION +-#define TPM2_SLOT_FW_VERSION TPM2_TOKEN_FW_VERSION + + CK_RV general_init(void *init_args); + CK_RV general_get_func_list(CK_FUNCTION_LIST **function_list); + +From 8b43a99c5ff604d890bdc23fd2fa5f98aa087d83 Mon Sep 17 00:00:00 2001 +From: William Roberts <william.c.roberts@...> +Date: Wed, 5 May 2021 14:11:04 -0500 +Subject: [PATCH 4/4] token: move TPM2_TOKEN_SERIAL_NUMBER local to use + +Signed-off-by: William Roberts <william.c.roberts@...> +--- + src/lib/general.h | 2 -- + src/lib/token.c | 2 ++ + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/lib/general.h b/src/lib/general.h +index b3089554..9afd61ec 100644 +--- a/src/lib/general.h ++++ b/src/lib/general.h +@@ -7,8 +7,6 @@ + + #include "pkcs11.h" + +-static const CK_UTF8CHAR TPM2_TOKEN_SERIAL_NUMBER[] = "0000000000000000"; +- + CK_RV general_init(void *init_args); + CK_RV general_get_func_list(CK_FUNCTION_LIST **function_list); + CK_RV general_get_info(CK_INFO *info); +diff --git a/src/lib/token.c b/src/lib/token.c +index c7211296..63a9a71b 100644 +--- a/src/lib/token.c ++++ b/src/lib/token.c +@@ -20,6 +20,8 @@ + #include "token.h" + #include "utils.h" + ++static const CK_UTF8CHAR TPM2_TOKEN_SERIAL_NUMBER[] = "0000000000000000"; ++ + void pobject_config_free(pobject_config *c) { + + if (c->is_transient) { diff --git a/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.5.0.bb b/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.6.0.bb similarity index 76% rename from meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.5.0.bb rename to meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.6.0.bb index d53d4fa..63ec18d 100644 --- a/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.5.0.bb +++ b/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.6.0.bb @@ -4,13 +4,15 @@ SECTION = "security/tpm" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=0fc19f620a102768d6dbd1e7166e78ab" -DEPENDS = "autoconf-archive pkgconfig dstat sqlite3 openssl libtss2-dev tpm2-tools libyaml python3-setuptools-native" +DEPENDS = "autoconf-archive pkgconfig dstat sqlite3 openssl libtss2-dev tpm2-tools libyaml p11-kit python3-setuptools-native" -SRC_URI = "git://github.com/tpm2-software/tpm2-pkcs11.git;branch=1.X \ +SRC_URI = "git://github.com/tpm2-software/tpm2-pkcs11.git;branch=master \ file://bootstrap_fixup.patch \ - file://0001-remove-local-binary-checkes.patch" + file://0001-remove-local-binary-checkes.patch \ + file://677.patch \ + " -SRCREV = "5d583351028eebd470f50ec35db5dcf00533df31" +SRCREV = "c2d53cc1af6b9df13c832715442853b21048c273" S = "${WORKDIR}/git" @@ -26,6 +28,10 @@ do_compile_append() { } do_install_append() { + install -d ${D}${libdir}/pkcs11 + install -d ${D}${datadir}/p11-kit + rm -f ${D}${libdir}/pkcs11/libtpm2_pkcs11.so + cd ${S}/tools export PYTHONPATH="${D}${PYTHON_SITEPACKAGES_DIR}" ${PYTHON_PN} setup.py install --root="${D}" --prefix="${prefix}" --install-lib="${PYTHON_SITEPACKAGES_DIR}" --optimize=1 --skip-build @@ -33,12 +39,17 @@ do_install_append() { sed -i -e "s:${PYTHON}:${USRBINPATH}/env ${PYTHON_PN}:g" "${D}${bindir}"/tpm2_ptool } -RDEPNDS_${PN} = "tpm2-tools" - PACKAGES =+ "${PN}-tools" -RDEPENDS_${PN}-tools += "${PYTHON_PN}-setuptools ${PYTHON_PN}-pyyaml ${PYTHON_PN}-cryptography ${PYTHON_PN}-pyasn1-modules" FILES_${PN}-tools = "\ ${bindir}/tpm2_ptool \ ${libdir}/${PYTHON_DIR}/* \ -" + " + +FILES_${PN} += "\ + ${libdir}/pkcs11/* \ + ${datadir}/p11-kit/* \ + " + +RDEPNDS_${PN} = "tpm2-tools" +RDEPENDS_${PN}-tools += "${PYTHON_PN}-setuptools ${PYTHON_PN}-pyyaml ${PYTHON_PN}-cryptography ${PYTHON_PN}-pyasn1-modules" -- 2.25.1
|
|
|
|
[meta-security][PATCH 1/2] tripwire: Blacklist pkg, upstream seems abandond
Last update was 2018. Does not build with gcc11.
There are other actively maintained IDS options. Signed-off-by: Armin Kuster <akuster808@...> --- recipes-core/packagegroup/packagegroup-core-security.bb | 2 -- recipes-ids/tripwire/tripwire_2.4.3.7.bb | 2 ++ 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/recipes-core/packagegroup/packagegroup-core-security.bb b/recipes-core/packagegroup/packagegroup-core-security.bb index a6142a8..6d2dd7c 100644 --- a/recipes-core/packagegroup/packagegroup-core-security.bb +++ b/recipes-core/packagegroup/packagegroup-core-security.bb @@ -68,7 +68,6 @@ RDEPENDS_packagegroup-security-hardening = " \ SUMMARY_packagegroup-security-ids = "Security Intrusion Detection systems" RDEPENDS_packagegroup-security-ids = " \ - tripwire \ samhain-standalone \ ${@bb.utils.contains_any("TUNE_FEATURES", "ppc7400 riscv32 riscv64", "", " suricata",d)} \ " @@ -89,7 +88,6 @@ RDEPENDS_packagegroup-meta-security-ptest-packages = "\ libseccomp-ptest \ python3-scapy-ptest \ suricata-ptest \ - tripwire-ptest \ python3-fail2ban-ptest \ ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", "",d)} \ " diff --git a/recipes-ids/tripwire/tripwire_2.4.3.7.bb b/recipes-ids/tripwire/tripwire_2.4.3.7.bb index 4f50bff..36e5d00 100644 --- a/recipes-ids/tripwire/tripwire_2.4.3.7.bb +++ b/recipes-ids/tripwire/tripwire_2.4.3.7.bb @@ -73,3 +73,5 @@ FILES_${PN}-ptest += "${PTEST_PATH}/tests " RDEPENDS_${PN} += " perl nano msmtp cronie" RDEPENDS_${PN}-ptest = " perl lib-perl perl-modules " + +PNBLACKLIST[tripwire] ?= "Upsteram project appears to be abondoned, fails to build with gcc11" -- 2.25.1
|
|
|
|
Re: Improving NPM recipe build speed
Alessandro Tagliapietra
Anyone?
|
|
|