Current Dev Position: YP 4.2 M3
Next Deadline: 20th February 2023 YP 4.2 M3 Build
Next Team Meetings:
- Bug Triage meeting Thursday February 16th 7:30 am PDT (https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y0bFd5aVpHVVZ6dz09)
- Weekly Project Engineering Sync Tuesday February 14th at 8 am PDT (https://zoom.us/j/990892712?pwd=cHU1MjhoM2x6ck81bkcrYjRrcmJsUT09)
- Twitch - See https://www.twitch.tv/theyoctojester
Key Status/Updates:
- YP 3.1.23 was built and is in QA. There was an intermittent failure during the release build but this was a known issue recurring.
- Next week is when M3 is due to build and this marks feature freeze for YP 4.2.
- We saw a number of version upgrades this week (thanks Alex Kanavin).
- There were also improvements to our runtime testing reliability (thanks Mikko Rapeli).
- Of the issues discussed in https://lists.openembedded.org/g/openembedded-core/message/176476, the bitbake command timeout and PR serv async io issues still need to be addressed.
- CVE levels in master are reducing but help in resolving the remaining issues would be appreciated.
- We have a growing number of bugs in bugzilla, any help with them is appreciated.
Ways to contribute:
- As people are likely aware, the project has a number of components which are either unmaintained, or have people with little to no time trying to keep them alive. These components include: patchtest, layerindex, devtool, toaster, wic, oeqa, autobuilder, CROPs containers, pseudo and more. Many have open bugs. Help is welcome in trying to better look after these components!
- There are bugs identified as possible for newcomers to the project: https://wiki.yoctoproject.org/wiki/Newcomers
- There are bugs that are currently unassigned for YP 4.2. See: https://wiki.yoctoproject.org/wiki/Bug_Triage#Medium.2B_4.2_Unassigned_Enhancements.2FBugs
- We’d welcome new maintainers for recipes in OE-Core. Please see the list at: http://git.yoctoproject.org/cgit.cgi/poky/tree/meta/conf/distro/include/maintainers.inc and discuss with the existing maintainer, or ask on the OE-Core mailing list. We will likely move a chunk of these to “Unassigned” soon to help facilitate this.
- Help is very much welcome in trying to resolve our autobuilder intermittent issues. You can see the list of failures we’re continuing to see by searching for the “AB-INT” tag in bugzilla: https://bugzilla.yoctoproject.org/buglist.cgi?quicksearch=AB-INT.
- Help us resolve CVE issues: CVE metrics
YP 4.2 Milestone Dates:
- YP 4.2 M3 build date 2023/02/20
- YP 4.2 M3 Release date 2023/03/03
- YP 4.2 M4 build date 2023/04/03
- YP 4.2 M4 Release date 2023/04/28
Upcoming dot releases:
- YP 3.1.23 is built and in QA
- YP 3.1.23 Release date 2023/02/24
- YP 4.0.8 build date 2023/02/27
- YP 4.0.8 Release date 2023/03/10
- YP 4.1.3 build date 2023/03/06
- YP 4.1.3 Release date 2023/03/17
- YP 3.1.24 build date 2023/03/20
- YP 3.1.24 Release date 2023/03/31
- YP 4.0.9 build date 2023/04/10
- YP 4.0.9 Release date 2023/04/21
- YP 4.1.4 build date 2023/05/01
- YP 4.1.4 Release date 2023/05/13
- YP 3.1.25 build date 2023/05/08
- YP 3.1.25 Release date 2023/05/19
- YP 4.0.10 build date 2023/05/15
- YP 4.0.10 Release date 2023/05/26
Tracking Metrics:
- WDD 2407 (last week 2437) (https://wiki.yoctoproject.org/charts/combo.html)
- OE-Core/Poky Patch Metrics
- Total patches found: 1187 (last week 1200)
- Patches in the Pending State: 277 (23%) [last week 280 (23%)]
- https://autobuilder.yocto.io/pub/non-release/patchmetrics/
The Yocto Project’s technical governance is through its Technical Steering Committee, more information is available at:
https://wiki.yoctoproject.org/wiki/TSC
The Status reports are now stored on the wiki at: https://wiki.yoctoproject.org/wiki/Weekly_Status
[If anyone has suggestions for other information you’d like to see on this weekly status update, let us know!]
Thanks,
Stephen K. Jolley
Yocto Project Program Manager
( Cell: (208) 244-4460
* Email: sjolley.yp.pm@...
On Tue, Feb 14, 2023 at 09:08:29AM +0100, Maciej Borzęcki wrote:
A cherry pick of patches adding support for EROFS and squashfs in dm-verity-img.Depending on stable branch policies for meta-security, backporting new
features may not be acceptable.
As an alternative, master branch may just work with kirkstone. At least it
does for me as long as I set kirkstone to compatible with the layer
in my private layer config:
# meta-security master removed kirkstone support but it still works for us
LAYERSERIES_COMPAT_security-layer += 'kirkstone'
LAYERSERIES_COMPAT_parsec-layer += 'kirkstone'
LAYERSERIES_COMPAT_tpm-layer += 'kirkstone'
Cheers,
-Mikko
Add squashfs to images supported by verity.
Signed-off-by: Maciek Borzecki <maciek@...>
Signed-off-by: Armin Kuster <akuster808@...>
(cherry picked from commit ab8651c139a05c476d7e8a6a987106b2f7e9a354)
Signed-off-by: Maciek Borzecki <maciek@...>
---
classes/dm-verity-img.bbclass | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/classes/dm-verity-img.bbclass b/classes/dm-verity-img.bbclass
index dd447e661f6c0002fe3390ed598cddff6bc0ce8f..e5946bc3279c4a200ea3404f7475860a24abd650 100644
--- a/classes/dm-verity-img.bbclass
+++ b/classes/dm-verity-img.bbclass
@@ -63,7 +63,12 @@ verity_setup() {
veritysetup --data-block-size=${DM_VERITY_IMAGE_DATA_BLOCK_SIZE} --hash-offset=$SIZE format $OUTPUT $OUTPUT | tail -n +2 | process_verity
}
-VERITY_TYPES = "ext2.verity ext3.verity ext4.verity btrfs.verity erofs.verity erofs-lz4.verity erofs-lz4hc.verity"
+VERITY_TYPES = " \
+ ext2.verity ext3.verity ext4.verity \
+ btrfs.verity \
+ erofs.verity erofs-lz4.verity erofs-lz4hc.verity \
+ squashfs.verity squashfs-xz.verity squashfs-lzo.verity squashfs-lz4.verity squashfs-zst.verity \
+"
IMAGE_TYPES += "${VERITY_TYPES}"
CONVERSIONTYPES += "verity"
CONVERSION_CMD:verity = "verity_setup ${type}"
--
2.39.1
[PATCH] Add support for the EROFS image, and it's compressed options,
to the dm-verity-img.bbclass setup, theoretically this is a simple addition
to the list of types however there is a quirk in how Poky handles the
filesystems in poky/meta/classes/image_types.bbclass.
Specifically the 'IMAGE_CMD' and 'IMAGE_FSTYPES' use a hyphen, e.g.
erofs-lz4, however in the image_type bbclass the task for that would be
"do_image_erofs_lz4", replacing the hyphen with an underscore.
As the dm-verity-img.bbclass adds a dependency to the wic image creation
on the do_image_* task then it fails as there is no
"do_image_erofs-lz4", so simply replace the hypen with an underscore.
Signed-off-by: Armin Kuster <akuster808@...>
(cherry picked from commit 8ca6bb86e653a332f7cb5b30babc0cd6c58769d0)
Signed-off-by: Maciek Borzecki <maciek@...>
---
classes/dm-verity-img.bbclass | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/classes/dm-verity-img.bbclass b/classes/dm-verity-img.bbclass
index 93f667d6cdc11257ae8f2ba6300db9f62384a46c..dd447e661f6c0002fe3390ed598cddff6bc0ce8f 100644
--- a/classes/dm-verity-img.bbclass
+++ b/classes/dm-verity-img.bbclass
@@ -63,7 +63,7 @@ verity_setup() {
veritysetup --data-block-size=${DM_VERITY_IMAGE_DATA_BLOCK_SIZE} --hash-offset=$SIZE format $OUTPUT $OUTPUT | tail -n +2 | process_verity
}
-VERITY_TYPES = "ext2.verity ext3.verity ext4.verity btrfs.verity"
+VERITY_TYPES = "ext2.verity ext3.verity ext4.verity btrfs.verity erofs.verity erofs-lz4.verity erofs-lz4hc.verity"
IMAGE_TYPES += "${VERITY_TYPES}"
CONVERSIONTYPES += "verity"
CONVERSION_CMD:verity = "verity_setup ${type}"
@@ -90,6 +90,6 @@ python __anonymous() {
# If we're using wic: we'll have to use partition images and not the rootfs
# source plugin so add the appropriate dependency.
if 'wic' in image_fstypes:
- dep = ' %s:do_image_%s' % (pn, verity_type)
+ dep = ' %s:do_image_%s' % (pn, verity_type.replace("-", "_"))
d.appendVarFlag('do_image_wic', 'depends', dep)
}
--
2.39.1
Josh Harley (1):
Add EROFS support to dm-verity-img class
Maciej Borzęcki (1):
dm-verity-img.bbclass: add squashfs images
classes/dm-verity-img.bbclass | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
--
2.39.1
Intel and WR YP QA is planning for QA execution for YP build yocto-3.1.23.rc1. We are planning to execute following tests for this cycle:
OEQA-manual tests for following module:
1. OE-Core
2. BSP-hw
Runtime auto test for following platforms:
1. MinnowTurbot 32-bit
2. NUC 7
3. ADL
4. TGL NUC 11
5. Edgerouter
6. Beaglebone
ETA for completion Friday, 17 February 2023.
Best regards,
Jing Hui
-----Original Message-----
From: qa-build-notification@... <qa-build-
notification@...> On Behalf Of Pokybuild User
Sent: Monday, 13 February, 2023 9:22 PM
To: yocto@...
Cc: qa-build-notification@...
Subject: [qa-build-notification] QA notification for completed autobuilder
build (yocto-3.1.23.rc1)
A build flagged for QA (yocto-3.1.23.rc1) was completed on the autobuilder
and is available at:
https://autobuilder.yocto.io/pub/releases/yocto-3.1.23.rc1
Build hash information:
bitbake: c16d364dbf68d2a500fecaf8d6e6d62b11475d9f
meta-agl: ae982d798a979ee5690bee00ca90a2855bab4802
meta-arm: b1fe8443a7a72c65fa0fc3371f607c6671b3a882
meta-aws: 99e30a393f980694bf46284521b137eddd6a753a
meta-gplv2: 60b251c25ba87e946a0ca4cdc8d17b1cb09292ac
meta-intel: 6c202291925bb179d2d08b5bde80192f9b032b88
meta-mingw: 524de686205b5d6736661d4532f5f98fee8589b7
meta-openembedded: e707e9b7cf5c62bff4fee029965a87b22dd4ccba
meta-virtualization: beea119eb529b4a11f266004aee8b548427aea39
oecore: daaee6fcb0d201f041678af433d8e1cd6f924d09
poky: aec83663aadc871354b441eef0a3a41eb3780b13
This is an automated message from the Yocto Project Autobuilder
Git: git://git.yoctoproject.org/yocto-autobuilder2
Email: richard.purdie@...
All,
YP M+ or high bugs which moved to a new milestone in WW06 are listed below:
Priority | Bug ID | Short Description | Changer | Owner | Was | Became |
Medium+ | Ctrl+C during BB_HASHCHECK_FUNCTION execution does not interrupt processing nicely | randy.macleod@... | unassigned@... | 4.2 M2 | 4.2 M3 | |
| bitbake --observe-only doesn't work with memres | randy.macleod@... | pavel@... | 4.2 M2 | 4.2 M3 | |
| Add other resource monitoring options to conf/local.conf STOPTASKS/ABORT | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M4 | |
| bitbake --observe-only may get KeyError | richard.purdie@... | richard.purdie@... | 4.2 M2 | 4.2 M3 | |
| broken 'bitbake --status-only' and 'bitbake -m' for multiple connections | richard.purdie@... | richard.purdie@... | 4.2 M2 | 4.2 M3 | |
| enhance manifest not found warning | randy.macleod@... | newcomer@... | 4.2 M2 | 4.2 M3 | |
| Devtool finish on _git package with SRCPV in PV points to wrong WORKDIR | randy.macleod@... | saul.wold@... | 4.2 M2 | 4.2 M3 | |
| do_task[noexec] = "" marks task noexec, which is inconsistent with docs | richard.purdie@... | richard.purdie@... | 4.2 M2 | 4.2 M3 | |
| Investigate replacements for PhantomJS for buildperf output | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M4 | |
| bitbake core-image-base -c populate_sdk fails when image contains bash, core-utils and package_deb is used | randy.macleod@... | pavel@... | 4.2 M2 | 4.2 M3 | |
| busybox wget ssl is exposed to MitM attack due to CVE-2018-1000500 | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M3 | |
| devtool modify fails with submodules | randy.macleod@... | sgw@... | 4.2 M2 | 4.2 M3 | |
| AB-INT PTEST: strace ptest intermittent failure in qual_fault-syscall.test | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M3 | |
| valgrind drd/tests ptest intermittent failure | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M3 | |
| valgrind memcheck/tests/linux/stack_changes failure | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M3 | |
| valgrind none/tests/amd64/fb_test_amd64 ptest intermittent failure | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M4 | |
| python: Should we add this optimization: -fno-semantic-interposition for 1.3x speed improvment? | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M3 | |
| AB-INT: udev worker vda timeout | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M3 | |
| mozjs doesn't build for armv5 | randy.macleod@... | jon.mason@... | 4.2 M2 | 4.2 M3 | |
| systemd.SystemdServiceTests.test_systemd_disable_enable intermittent failure: no filesystem space on target | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M3 | |
| cmake-native do_configure fails when rebuilding without sstate on NIS hosts | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M3 | |
| Need to show activity when talking to hash equivalence servers | randy.macleod@... | unassigned@... | 4.2 M2 | 4.2 M3 | |
| Improve cargo fetcher test cases | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M4 | |
| OEToolchainConfig.cmake sets wrong and unsuitable compiler flags | richard.purdie@... | richard.purdie@... | 4.2 M2 | 4.2 M3 | |
| cve-checker update to support NVD json 5.0 format | randy.macleod@... | rybczynska@... | 4.2 M2 | 4.2 M3 | |
| reproducibility failures in rust | randy.macleod@... | sundeep.kokkonda@... | 4.2 M2 | 4.2 M3 | |
| Error in compiling rustfmt does not cause do_compile to fail | randy.macleod@... | Naveen.Gowda@... | 4.2 M2 | 4.2 M3 | |
| Devtool fails if SRCREV is set to ${AUTOREV} | richard.purdie@... | richard.purdie@... | 4.2 M2 | 4.2 M3 | |
| devtool failure: No such file or directory: '/tmp/devtoolqambdi_6eh/singletask.lock' | richard.purdie@... | richard.purdie@... | 4.2 M2 | 4.2 M3 | |
| gitsm fetcher failure when LFS content is present and git smudge fails | randy.macleod@... | Martin.Jansa@... | 4.2 M2 | 4.2 M3 | |
| Installing cargo on target fails | randy.macleod@... | randy.macleod@... | 4.2 M2 | 4.2 M3 | |
| Some layers in the layerindex data have breaking subdirectory changes in "master" branch | randy.macleod@... | unassigned@... | 4.2 M2 | 4.2 M3 | |
| Check libraries linked with qemu | randy.macleod@... | newcomer@... | 4.2 M2 | 4.2 M3 | |
| layerindex cannot add layers with "main" (not "master") branch | randy.macleod@... | unassigned@... | 4.2 M2 | 4.2 M3 | |
| When forcing WARN_QA as ERROR_QA patch-fuzz QA checks are not fatal | randy.macleod@... | mathew.prokos@... | 4.2 M2 | 4.2 M3 | |
| Poky missing update to SANITY_LOCALCONF_SAMPLE | randy.macleod@... | michael.opdenacker@... | 4.2 M2 | 4.2 M3 |
Thanks,
Stephen K. Jolley
Yocto Project Program Manager
( Cell: (208) 244-4460
* Email: sjolley.yp.pm@...
All,
The below were the owners of enhancements or bugs closed during the last week!
Who | Count |
randy.macleod@... | 4 |
alexandre.belloni@... | 1 |
richard.purdie@... | 1 |
Grand Total | 6 |
Thanks,
Stephen K. Jolley
Yocto Project Program Manager
( Cell: (208) 244-4460
* Email: sjolley.yp.pm@...
All,
Below is the list as of top 30 bug owners as of the end of WW06 of who have open medium or higher bugs and enhancements against YP 4.2. There are 52 possible work days left until the final release candidates for YP 4.2 needs to be released.
Who | Count |
michael.opdenacker@... | 34 |
randy.macleod@... | 27 |
richard.purdie@... | 25 |
ross.burton@... | 23 |
david.reyna@... | 23 |
bruce.ashfield@... | 20 |
JPEWhacker@... | 10 |
pavel@... | 7 |
sakib.sajal@... | 7 |
saul.wold@... | 6 |
pidge@... | 4 |
tim.orling@... | 4 |
sundeep.kokkonda@... | 3 |
alexandre.belloni@... | 2 |
Naveen.Gowda@... | 2 |
rybczynska@... | 2 |
sgw@... | 2 |
jon.mason@... | 2 |
alexis.lothore@... | 2 |
jens.georg@... | 1 |
mathew.prokos@... | 1 |
sundeep.kokkonda@... | 1 |
mhalstead@... | 1 |
yashinde145@... | 1 |
Zheng.Qiu@... | 1 |
hongxu.jia@... | 1 |
louis.rannou@... | 1 |
tvgamblin@... | 1 |
Martin.Jansa@... | 1 |
thomas.perrot@... | 1 |
Grand Total | 216 |
Thanks,
Stephen K. Jolley
Yocto Project Program Manager
( Cell: (208) 244-4460
* Email: sjolley.yp.pm@...
All,
The triage team is starting to try and collect up and classify bugs which a newcomer to the project would be able to work on in a way which means people can find them. They're being listed on the triage page under the appropriate heading:
https://wiki.yoctoproject.org/wiki/Bug_Triage#Newcomer_Bugs Also please review: https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded and how to create a bugzilla account at: https://bugzilla.yoctoproject.org/createaccount.cgi
The idea is these bugs should be straight forward for a person to help work on who doesn't have deep experience with the project. If anyone can help, please take ownership of the bug and send patches! If anyone needs help/advice there are people on irc who can likely do so, or some of the more experienced contributors will likely be happy to help too.
Also, the triage team meets weekly and does its best to handle the bugs reported into the Bugzilla. The number of people attending that meeting has fallen, as have the number of people available to help fix bugs. One of the things we hear users report is they don't know how to help. We (the triage team) are therefore going to start reporting out the currently 411 unassigned or newcomer bugs.
We're hoping people may be able to spare some time now and again to help out with these. Bugs are split into two types, "true bugs" where things don't work as they should and "enhancements" which are features we'd want to add to the system. There are also roughly four different "priority" classes right now, “4.2”, “4.3”, "4.99" and "Future", the more pressing/urgent issues being in "4.2" and then “4.3”.
Please review this link and if a bug is something you would be able to help with either take ownership of the bug, or send me (sjolley.yp.pm@...) an e-mail with the bug number you would like and I will assign it to you (please make sure you have a Bugzilla account). The list is at: https://wiki.yoctoproject.org/wiki/Bug_Triage_Archive#Unassigned_or_Newcomer_Bugs
Thanks,
Stephen K. Jolley
Yocto Project Program Manager
( Cell: (208) 244-4460
* Email: sjolley.yp.pm@...
Probably you have two packages that provides that Kernel module. Kernel's default one via kernel-module-split BBClass, and yours with your recipe.
Try telling Yocto you have your own runtime provider for that driver. Into the recipe add this as well:
RPROVIDES:${PN} = " kernel-module-cfg80211-${KERNEL_VERSION}"
For some reason the kas 3.2.1 container fails:
No such file or directory: '/builds/engineering/yocto/meta-zephyr/ci/ci/b=
ase.yml'
Note the repeated /ci/, which is wrong.
Pin the kas container to 3.2 for now until this is resolved.
Signed-off-by: Ross Burton <ross.burton@...>
Signed-off-by: Jon Mason <jon.mason@...>
---
.gitlab-ci.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7ec0bd0..c7a9191 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +1,4 @@
-image: ghcr.io/siemens/kas/kas:latest-release
+image: ghcr.io/siemens/kas/kas:3.2
=20
variables:
CPU_REQUEST: ""
--=20
2.25.1
---
.gitlab-ci.yml | 3 +++
ci/v2m-beetle.yml | 6 ++++++
meta-zephyr-bsp/conf/machine/v2m-beetle.conf | 12 ++++++++++++
3 files changed, 21 insertions(+)
create mode 100644 ci/v2m-beetle.yml
create mode 100644 meta-zephyr-bsp/conf/machine/v2m-beetle.conf
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index c7a9191..d5462a4 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -161,6 +161,9 @@ qemu-x86:
stm32mp157c-dk2:
extends: .build
=20
+v2m-beetle:
+ extends: .build
+
v2m-musca-b1:
extends: .build
=20
diff --git a/ci/v2m-beetle.yml b/ci/v2m-beetle.yml
new file mode 100644
index 0000000..df62469
--- /dev/null
+++ b/ci/v2m-beetle.yml
@@ -0,0 +1,6 @@
+header:
+ version: 11
+ includes:
+ - ci/base.yml
+
+machine: v2m-beetle
diff --git a/meta-zephyr-bsp/conf/machine/v2m-beetle.conf b/meta-zephyr-b=
sp/conf/machine/v2m-beetle.conf
new file mode 100644
index 0000000..37895c6
--- /dev/null
+++ b/meta-zephyr-bsp/conf/machine/v2m-beetle.conf
@@ -0,0 +1,12 @@
+# Configuration for Beetle development board
+
+#@TYPE: Machine
+#@NAME: Beetle machine
+#@DESCRIPTION: Machine configuration for Beetle
+
+require conf/machine/include/arm/armv7m/tune-cortexm3.inc
+
+# GLIBC will not work with Cortex-M.
+TCLIBC =3D "newlib"
+
+ARCH:beetle =3D "arm"
--=20
2.25.1
cfg80211: Unknown symbol wireless_send_event (err -22)
https://autobuilder.yocto.io/pub/releases/yocto-3.1.23.rc1
Build hash information:
bitbake: c16d364dbf68d2a500fecaf8d6e6d62b11475d9f
meta-agl: ae982d798a979ee5690bee00ca90a2855bab4802
meta-arm: b1fe8443a7a72c65fa0fc3371f607c6671b3a882
meta-aws: 99e30a393f980694bf46284521b137eddd6a753a
meta-gplv2: 60b251c25ba87e946a0ca4cdc8d17b1cb09292ac
meta-intel: 6c202291925bb179d2d08b5bde80192f9b032b88
meta-mingw: 524de686205b5d6736661d4532f5f98fee8589b7
meta-openembedded: e707e9b7cf5c62bff4fee029965a87b22dd4ccba
meta-virtualization: beea119eb529b4a11f266004aee8b548427aea39
oecore: daaee6fcb0d201f041678af433d8e1cd6f924d09
poky: aec83663aadc871354b441eef0a3a41eb3780b13
This is an automated message from the Yocto Project Autobuilder
Git: git://git.yoctoproject.org/yocto-autobuilder2
Email: richard.purdie@...
On Wed, Feb 1, 2023 at 3:17 PM Maciek Borzecki <maciek@...> wrote:
Add squashfs to images supported by verity.
Signed-off-by: Maciek Borzecki <maciek@...>
---
classes/dm-verity-img.bbclass | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/classes/dm-verity-img.bbclass
b/classes/dm-verity-img.bbclass
index dd447e6..e5946bc 100644
--- a/classes/dm-verity-img.bbclass
+++ b/classes/dm-verity-img.bbclass
@@ -63,7 +63,12 @@ verity_setup() {
veritysetup
--data-block-size=${DM_VERITY_IMAGE_DATA_BLOCK_SIZE}
--hash-offset=$SIZE format $OUTPUT $OUTPUT | tail -n +2 |
process_verity
}
-VERITY_TYPES = "ext2.verity ext3.verity ext4.verity btrfs.verity
erofs.verity erofs-lz4.verity erofs-lz4hc.verity"
+VERITY_TYPES = " \
+ ext2.verity ext3.verity ext4.verity \
+ btrfs.verity \
+ erofs.verity erofs-lz4.verity erofs-lz4hc.verity \
+ squashfs.verity squashfs-xz.verity squashfs-lzo.verity
squashfs-lz4.verity squashfs-zst.verity \
+"
IMAGE_TYPES += "${VERITY_TYPES}"
CONVERSIONTYPES += "verity"
CONVERSION_CMD:verity = "verity_setup ${type}"
--
2.39.1
Gentle ping about the patch. Wanted to resubmit this to kirkstone along with a cherry-pick of https://git.yoctoproject.org/meta-security/commit/classes/dm-verity-img.bbclass?id=8ca6bb86e653a332f7cb5b30babc0cd6c58769d0, so I'd be thankful for any feedback.
Cheers,
Maciek
swtpm: Could not open TCP socket: Address already in use
Signed-off-by: Armin Kuster <akuster808@...>
(cherry picked from commit 0768ad76b16a04654488fe2e0e837a97bd7817d9)
[Fixup for kirkstone context]
Signed-off-by: Armin Kuster <akuster808@...>
---
meta-tpm/lib/oeqa/runtime/cases/tpm2.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta-tpm/lib/oeqa/runtime/cases/tpm2.py b/meta-tpm/lib/oeqa/runtime/cases/tpm2.py
index e64d19d..8e90dc9 100644
--- a/meta-tpm/lib/oeqa/runtime/cases/tpm2.py
+++ b/meta-tpm/lib/oeqa/runtime/cases/tpm2.py
@@ -8,10 +8,12 @@ from oeqa.core.decorator.data import skipIfNotFeature
class Tpm2Test(OERuntimeTestCase):
@classmethod
def setUpClass(cls):
+ cls.tc.target.run('swtpm_ioctl -s --tcp :2322')
cls.tc.target.run('mkdir /tmp/myvtpm2')
@classmethod
def tearDownClass(cls):
+ cls.tc.target.run('swtpm_ioctl -s --tcp :2322')
cls.tc.target.run('rm -fr /tmp/myvtpm2')
def check_endlines(self, results, expected_endlines):
--
2.37.3
(cherry picked from commit 5f2ba567ca691192e875ff94d0d746440311e7af)
Signed-off-by: Armin Kuster <akuster808@...>
---
meta-tpm/lib/oeqa/runtime/cases/tpm2.py | 25 ++++++++++++++++---------
1 file changed, 16 insertions(+), 9 deletions(-)
diff --git a/meta-tpm/lib/oeqa/runtime/cases/tpm2.py b/meta-tpm/lib/oeqa/runtime/cases/tpm2.py
index c2c95e7..e64d19d 100644
--- a/meta-tpm/lib/oeqa/runtime/cases/tpm2.py
+++ b/meta-tpm/lib/oeqa/runtime/cases/tpm2.py
@@ -1,11 +1,19 @@
-# Copyright (C) 2019 Armin Kuster <akuster808@...>
+# Copyright (C) 2019 - 2022 Armin Kuster <akuster808@...>
#
from oeqa.runtime.case import OERuntimeTestCase
from oeqa.core.decorator.depends import OETestDepends
from oeqa.runtime.decorator.package import OEHasPackage
-
+from oeqa.core.decorator.data import skipIfNotFeature
class Tpm2Test(OERuntimeTestCase):
+ @classmethod
+ def setUpClass(cls):
+ cls.tc.target.run('mkdir /tmp/myvtpm2')
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.tc.target.run('rm -fr /tmp/myvtpm2')
+
def check_endlines(self, results, expected_endlines):
for line in results.splitlines():
for el in expected_endlines:
@@ -19,20 +27,19 @@ class Tpm2Test(OERuntimeTestCase):
@OEHasPackage(['tpm2-tools'])
@OEHasPackage(['tpm2-abrmd'])
@OEHasPackage(['swtpm'])
+ @skipIfNotFeature('tpm2','Test tpm2_startup requires tpm2 to be in DISTRO_FEATURES')
@OETestDepends(['ssh.SSHTest.test_ssh'])
- def test_tpm2_swtpm_socket(self):
+ def test_tpm2_startup(self):
cmds = [
- 'mkdir /tmp/myvtpm',
- 'swtpm socket --tpmstate dir=/tmp/myvtpm --tpm2 --ctrl type=tcp,port=2322 --server type=tcp,port=2321 --flags not-need-init &',
- 'export TPM2TOOLS_TCTI="swtpm:port=2321"',
- 'tpm2_startup -c'
+ 'swtpm socket -d --tpmstate dir=/tmp/myvtpm2 --tpm2 --ctrl type=tcp,port=2322 --server type=tcp,port=2321 --flags not-need-init',
+ 'tpm2_startup -c -T "swtpm:port=2321"',
]
for cmd in cmds:
status, output = self.target.run(cmd)
self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
- @OETestDepends(['tpm2.Tpm2Test.test_tpm2_swtpm_socket'])
+ @OETestDepends(['tpm2.Tpm2Test.test_tpm2_startup'])
def test_tpm2_pcrread(self):
(status, output) = self.target.run('tpm2_pcrread')
expected_endlines = []
@@ -49,7 +56,7 @@ class Tpm2Test(OERuntimeTestCase):
@OEHasPackage(['p11-kit'])
@OEHasPackage(['tpm2-pkcs11'])
- @OETestDepends(['tpm2.Tpm2Test.test_tpm2_swtpm_socket'])
+ @OETestDepends(['tpm2.Tpm2Test.test_tpm2_pcrread'])
def test_tpm2_pkcs11(self):
(status, output) = self.target.run('p11-kit list-modules -v')
self.assertEqual(status, 0, msg="Modules missing: %s" % output)
--
2.37.3
Thank you for your help. I did not see the tar file created for the specific container under delploy. Do I have to add anything in the .bblayers or local.conf in addition to the default recipe under meta-virtualization?
Regards
Simon
I integrated the changes of the commit you posted, however i stillNo, it should have changed PATH in the recipe and used these intercept
have the same error message coming up. Do i need to make changes in
the recipe to make the intercept work?
scripts. The intercept scripts should have changed the user/group to
"root", which would work under pseudo in the SDK context.
You'll probably have to debug it a little bit, I'd check to see if the
intercept scripts are being called, if so, then check the
substitutions. If not, work out what PATH looks like and why they're
not being called.
That patch is how we fixed the issue on master though so it should be
close, I'm surprised it doesn't work.
Cheers,
Richard