| Age | Commit message (Collapse) | Author | Files |
|---|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signing package feeds will default to ascii armored signatures (ASC) the
other option being binary (BIN). This is for both rpm and ipk backends.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Implement ipk signing inside the sign_ipk bbclass using the gpg_sign
module and configure signing similar to how rpm does it. sign_ipk uses
gpg_sign's detach_sign because its functionality is identical to package
feed signing.
IPK signing process is a bit different from rpm:
- Signatures are stored outside ipk files; opkg connects to a feed
server and downloads them to verify a package.
- Signatures are of two types (both supported by opkg): binary or
ascii armoured. By default we sign using ascii armoured.
- Public keys are stored on targets to verify ipks using the
opkg-keyrings recipe.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We were previously ignoring pkgs that came in from a setscene like from
an sstate mirror). With this patch we can use pkgs than come from sstate
for image customisation as well.
Also remove unused variable.
[YOCTO #9137]
Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Michael Wood <michael.g.wood@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Executables built with -fpie have the ELF type DYN rather than EXEC
which makes them difficult to distinguish from shared libraries.
Currently when building the list of executables we omit these binaries
so they might fail to run on the resultant rootfs due to missing
symbols. One of these is systemd which builds -fpie unconditionally, so
mklibs breaks images containing systemd.
Modify the search to catch all executable files that are ELF and have an
interpreter set. Omit libc and libpthread as special cases because they
have an interpreter and are directly executable but treating them as
such is antithetical to the pupose of mklibs.
Signed-off-by: Tyler Hall <tylerwhall@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Commit 8b81bb56c69aabdea984352f8e267a9783c0bdbc was accidentally merged.
The DL_DIR piece was simply incorrect and should be removed.
The patch commit message should have mentioned that the changes were
to update populate_sdk_ext after the changes to uninative now the
download is placed into a specific directory in DL_DIR. We also
need to specify the uninative tarball checksum.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Rather than rolling all of an npm module's dependencies into the same
package, split them into one module per package, setting the SUMMARY and
PKGV values from the package.json file for each package. Additionally,
mark each package with the appropriate license using the license
scanning we already do, falling back to the license stated in the
package.json file for the module if unknown. All of this is mostly in
aid of ensuring all modules and their licenses now show up in the
manifests for the image.
Additionally we set the main LICENSE value more concretely once we've
calculated the per-package licenses, since we have more information at
that point.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The class had qemu_run_binary() which was not suitable for gobject-introspection,
as it required the name of the binary to run.
qemu_wrapper_cmdline() returns just the command line string needed to run
binaries, and does not require the binary name.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Clean up the code which gathers buildstats for Toaster,
and modify the field names so that the correct parts of the
buildstats files are used to derive the CPU usage values.
Also derive elapsed time for the build here, rather than in
Toaster, as we have ready access to the data in the correct
format.
[YOCTO #8842]
Signed-off-by: Elliot Smith <elliot.smith@intel.com>
Signed-off-by: Michael Wood <michael.g.wood@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since the metadata for multiple layers will be put into the sdk, anytime
those layers change the sdk needs to be rebuilt. Ideally, this would use
checksums to only rebuild when necessary.
However, since this feature needs to be in the release, opt for a less
intrusive change by setting the task to nostamp. Unnecessary rebuilds
may occur, but it's better than a user wondering why their changes
didn't get added.
Signed-off-by: Randy Witt <randy.e.witt@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We get below host contamination warnings of license files for
each recipe, when we try to create a separate ${PN}-lic package (which
contains license files), by setting LICENSE_CREATE_PACKAGE equal to "1"
in local.conf.
-- snip --
WARNING: QA Issue: libcgroup: /libcgroup-lic/usr/share/licenses/libcgroup/generic_LGPLv2.1 is owned by uid 5001, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
WARNING: QA Issue: attr: /attr-lic/usr/share/licenses/attr/libattr.c is owned by uid 5001, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
WARNING: QA Issue: bash: /bash-lic/usr/share/licenses/bash/COPYING is owned by uid 5001, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
-- CUT --
Since the license files from source and OE-core, are populated in a normal
shell environment rather in pseudo environment (fakeroot); the ownership of
these files will be same as host user running bitbake. During the do_package
task (which runs in pseudo environment (fakeroot)), os.link preserves the
ownership of these license files as host user instead of root user.
This causes license files to have UID same as host user id and resulting in
above warnings during do_package_qa task.
Changing ownership of license files to root user (which has UID and GID as 0)
under pseudo environment will solve above warnings, and on exiting pseudo
environment the license files will continue to be owned by host user. Perform
this manipulation within try/except statements, as tasks which are not exected
under pseudo (such as do_populate_lic) result in OSError when trying to
change ownership of license files.
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It makes sense to use the compression mechanism also for conversion,
for example of a whole-disk image into .vdi (VirtualBox). That part
already works, like this:
COMPRESSIONTYPES_append = " vdi"
COMPRESS_CMD_vdi = "qemu-img convert -O vdi ${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${type} ${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${type}.vdi"
IMAGE_DEPENDS_vdi = "qemu-native"
But then it also makes sense to allow compressing the resulting image,
which only works after enhancing the image.bbclass.
For example, suppose a custom image command produces "dsk" images. Then
it becomes possible to set
IMAGE_FSTYPES = " dsk.xz dsk.vdi.xz"
and do_image_dsk will automatically produce the intermediate images,
convert to dsk.xz resp. dsk.vdi -> dsk.vdi.xz and delete all
intermediate images. Symlinks are also set correctly.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The patch for making the .rootfs configurable was incomplete: in the
python create_symlinks() method the new variable must be expanded
explicitly.
Not doing so broke the symlink creation and that led to hard build
failures in image types depending on the boot-directdisk.bbclass (like
qcow2) because the build_boot_dd() method relied on the symlink.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
By default, the image file name contains ".rootfs" to distinguish the
image file from other files created during image building. However,
for certain image types (for example, .hddimg) the ".rootfs" suffix is
redundant because the type suffix alone already uniquely identifies
the main image file (core-image-minimal-intel-corei7-64.hddimg instead
of core-image-minimal-intel-corei7-64.rootfs.hddimg).
With this change, distros that prefer the shorter image name can
override the .rootfs suffix unconditionally with
IMAGE_NAME_SUFFIX ?= '' in their distro configuration
or with some condition check like this:
python () {
if <whole-disk image format active>:
d.setVar('IMAGE_NAME_SUFFIX', '')
}
The exact logic when to remove the extra suffix depends on the distro
and how it enables its own image type.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This class was only used by Hob, and since Hob has now been removed we
can drop it as well.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
uninative hand codes the list of files which need relocation, add the libc
to that list to ensure GCONF_PATH is updated.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We need to be able to update uninative if the version changes. To do this,
stash a checksum of the installed uninative tarball into a file. If this
changes, we update uninative.
For cleaner download messages, we place the tarballs into directories
based on the checksum.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Move duplicate code into a common function
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We may see binaries built with gcc5 run or linked into gcc4 environment
so use the older libstdc++ standard for now until we don't support gcc4
on the host system. https://wiki.debian.org/GCC5 has more details about this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The previous attempt at soft-failing when uninative was enabled didn't actually
work, because the workers didn't evaluate the function that actually enabled
uninative.
In a BuildStarted handler we can check if we need to download or extract the
uninative tarball.
In a ConfigParsed handler on the workers we can check if the uninative loader is
present, and if so enable it.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
uninative needs to adjust NATIVELSBSTRING fairly late in the
configuration parsing process but the sstate code encodes it into
variables. Since this string doesn't vary on a per recipe basis, we
defer its expansion until usage time.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Prelinking on x86-64 wasn't working out the box as it uses /lib and
not /lib64 for libs. Prelink was refusing to link as the dynamic loader
didn't match its idea of the right path. Passing in the --dyanmic-linker
option avoids this.
We can share code from image-mklibs so abstract that into a new class,
linuxloader.bbclass.
This does break prelinking of multilib images, I've opened a bug so we
can loop back and fix that problem, the code would need to iterate the
dynamic loaders (and setup ld.so.conf files for it).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Prelink contains some hardcoded assumptions about the path layout of
the target system. Unfortunately if the system doesn't match, prelink
doesn't work. This breaks:
a) prelink of those images
b) the unsafe-references-in-binaries QA test (which uses prelink-rtld)
One way to work around this is to construct an ld.so.conf file which
lists the library paths in question. We do this in sanity QA check and
in the rootfs prelink code, being careful not to trample any existing
target ld.so.conf.
There is an additional problem that $LIB references in RPATHs won't be
handled correctly, I've not see any system use these in reality though
so this change at least improves things.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add a build-sdk command which is only available within the extensible
SDK that builds a derivative extensible SDK. The idea is recipes in the
workspace become a part of the new SDK - for example, this allows taking
a vendor provided SDK, adding a few libs and then producing a new SDK
with those included.
When normally building the extensible SDK, the workspace is excluded;
here we need to copy into the new SDK (renaming it in the process); the
recipes' task signatures become locked and thus the sources are no
longer needed, so they are removed along with the workspace bbappends
which would interfere with the locked signatures. Additionally we need
to just copy the configuration files (i.e. local.conf and auto.conf)
rather than filtering and appending to them since that work has already
been done when constructing the original SDK. The extra sstate artifacts
from workspace recipes are also determined and copied into the new SDK
in minimal mode (on the assumption that you won't set up a new sstate
mirror).
This reuses some code from build-image, so that needed to be
generalised to allow that.
Implements [YOCTO #8892].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Previously, the checking for unsafe references is not strict enough. It
only checks whether '/usr/' is in the script. As a result, any script
containing statements like below will match this check.
PATH="/bin:/sbin:/usr/bin:/usr/sbin"
However, as we can see, this is actually not an unsafe reference. What
we really want to check is something like '/usr/bin/tail', so we should
make the checking stricter.
This patch solves the QA warning in gzip and nfs-utils.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
With empty LABELS variable build_efi_cfg skips most of its
functionality producing warning message:
'LABELS not defined, nothing to do'
This causes build failure for efi images.
Setting default value for LABELS to 'boot install' should fix
this issue.
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The code in oecore_update_bblayers() handling the transition from
meta-yocto to meta-poky was not very resilient. It would, e.g.,
mistake meta-yocto-bsp for meta-yocto if the former occurred before
the latter in BBLAYERS.
The code also failed to update multiple existences of meta-yocto in
the bblayers.conf file, e.g., if it was present in
BBLAYERS_NON_REMOVABLE in addition to BBLAYERS (which it is by
default).
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
[YOCTO #9161]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* The vm image(hdddirect, vmdk, qcow2, vdi) and live image (hddimg, iso)
couldn't be built together because the following vars settings are
conflicted:
- SYSLINUX_ROOT (/dev/sda2 vs /dev/ram0)
- LABELS (boot vs boot install)
- INITRD (None vs live install)
- SYSLINUX_CFG (see above)
Introduce new vars (SYSLINUX_ROOT_VM/_LIVE, the samilar to others) to
make them can work together, now we can build all of them together:
IMAGE_FSTYPES += "live iso hddimg hdddirect vmdk qcow2 vdi"
* Use SYSLINUX_CFG rather than SYSLINUXCFG to keep align with others
SYSLINUX vars.
* The SYSLINUX_TIMEOUT had been set, but it didn't work since
AUTO_SYSLINUXMENU wasn't set, this would cause confusions, so also set
AUTO_SYSLINUXMENU.
* Move SYSLINUX_PROMPT and SYSLINUX_TIMEOUT to syslinux.bbclass rather
than in separate classes since they are the same.
* Set SYSLINUX_TIMEOUT to 50 to have a unique timeout for syslinux.
[YOCTO #9161]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If the oe-workdir / oe-logs symlink exists and points to a different
path then the symlink needs to be removed before calling os.symlink() or
it'll fail.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It is possible that LCONF_VERSION won't be set, such as if meta-poky is
used. Without this change, bblayers.conf would have LCONF_VERSION =
"None" if LCONF_VERSION wasn't set, which would cause a sanity check
failure.
Signed-off-by: Randy Witt <randy.e.witt@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently, the pre/post process command variables are parsed as shell, even
though they're not shell anymore. As a result, an empty SDK_PACKAGING_FUNC
results in a parsing error. Rather than manually adding their vardeps, only
append its ; when the var is set.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When installing the ext sdk, buildtools is extracted and installed as
well. The tar file containing buildtools isn't used after installation
so was wasted space and clutter.
[YOCTO #9172]
Signed-off-by: Randy Witt <randy.e.witt@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The rest of the environment setup script prepends to PATH, so when we
add the path to run devtool we should be prepending as well. This
also ensures that when you run the environment setup script from
extensible SDK installation A and then in the same shell session run the
environment setup script from installation B, and then run devtool, that
you're running B's devtool and not A's.
Fixes [YOCTO #9046].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Quite a few external kernel modules I've found floating around don't
have a modules_install target, but they do have an install target that
basically differs only in name. To make it easier to build these just
make this a MODULES_INSTALL_TARGET variable that you can set from the
recipe - the alternative would be copy-and-paste the do_install
definition from this class which is potentially fragile.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The sanity update code needs to be passed an int, not string.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The ssh_allow_empty_password function doesn't check if
sshd_config_readonly exists before running sed which can result in an
error if sshd_config exists but sshd_config_readonly doesn't.
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
tcname is needed for eSDK update testcase will be used for
publish it and then try to update
Signed-off-by: Aníbal Limón <limon.anibal@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The removal of bitbake and scripts PATH is only needed by eSDK tests
so move to eSDK context only.
This also it's a support for eSDK update test because it needs to
execute oe-publish-sdk from scripts.
Signed-off-by: Aníbal Limón <limon.anibal@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Due to the neeed to use in other modules.
Signed-off-by: Aníbal Limón <limon.anibal@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When running ext-sdk-prepare.py during sdk installation a check is done to
make sure no tasks would run that aren't provided by the "leaf" recipes
specified in SDK_INSTALL_TARGETS.
However sometimes an image recipe can cause other images to be created
such as an initramfs. So make sure those additional images are
recognized by ext-sdk-prepare.py and don't flag an error.
Signed-off-by: Randy Witt <randy.e.witt@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The IS_VM was used for making menus for vmdk, vdi and qcow2, except
hddimg, there is no reason to not make menus for hddimg, so drop it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
No one uses it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Modify existing default test suites to reuse the new
generic test suites.
Related to [YOCTO #8410]
Signed-off-by: Alex Franco <alejandro.franco@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add generic test suites MINTESTSUITE, NETTESTSUITE, DEVTESTSUITE to
group common test suites.
Add DEFAULT_TEST_SUITES_pn- variables for:
* core-image-minimal-dev
* core-image-full-cmdline
* core-image-x11
* core-image-lsb
* core-image-lsb-dev
New default test suites use generic test suites.
Existing default test suites not modified.
[YOCTO #8410]
Signed-off-by: Alex Franco <alejandro.franco@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
