[OE-core] [PATCH][zeus] virglrenderer : fix CVE-2019-18388
From: Chee Yang Lee Signed-off-by: Chee Yang Lee --- .../virglrenderer/CVE-2019-18388.patch | 141 + .../virglrenderer/virglrenderer_0.8.0.bb | 3 +- 2 files changed, 143 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18388.patch diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18388.patch b/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18388.patch new file mode 100644 index 000..43563e4 --- /dev/null +++ b/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18388.patch @@ -0,0 +1,141 @@ +From 0d9a2c88dc3a70023541b3260b9f00c982abda16 Mon Sep 17 00:00:00 2001 +From: Gert Wollny +Date: Thu, 10 Oct 2019 09:42:25 +0200 +Subject: [PATCH] vrend: Check resource creation more thoroughly + +While we are at it: + - free memory if texture allocation fails + +Closes #144 +Closes #145 +Closes #146 + +v2: Move the error string creation to extra patch (Emil) +v3: Fix whitespace errors (Emil) and one logic error + +Signed-off-by: Gert Wollny +Reviewed-by: Emil Velikov + +Upstream-Status: Backport [https://gitlab.freedesktop.org/virgl/virglrenderer/commit/0d9a2c88dc3a70023541b3260b9f00c982abda16] +CVE: CVE-2019-18388 +Signed-off-by: Lee Chee Yang + + +--- + src/vrend_renderer.c | 58 ++-- + 1 file changed, 56 insertions(+), 2 deletions(-) + +diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c +index 0c6b5efd..1fb657b7 100644 +--- a/src/vrend_renderer.c b/src/vrend_renderer.c +@@ -6044,6 +6044,8 @@ static int check_resource_valid(struct vrend_renderer_resource_create_args *args + +if (args->format >= VIRGL_FORMAT_MAX) + return -1; ++ bool format_can_texture_storage = has_feature(feat_texture_storage) && ++ (tex_conv_table[args->format].flags & VIRGL_TEXTURE_CAN_TEXTURE_STORAGE); + +/* only texture 2d and 2d array can have multiple samples */ +if (args->nr_samples > 0) { +@@ -6061,15 +6063,18 @@ static int check_resource_valid(struct vrend_renderer_resource_create_args *args + /* buffer and rect textures can't have mipmaps */ + if (args->target == PIPE_BUFFER || args->target == PIPE_TEXTURE_RECT) + return -1; ++ + if (args->last_level > (floor(log2(MAX2(args->width, args->height))) + 1)) + return -1; +} ++ +if (args->flags != 0 && args->flags != VIRGL_RESOURCE_Y_0_TOP) + return -1; + +- if (args->flags & VIRGL_RESOURCE_Y_0_TOP) ++ if (args->flags & VIRGL_RESOURCE_Y_0_TOP) { + if (args->target != PIPE_TEXTURE_2D && args->target != PIPE_TEXTURE_RECT) + return -1; ++ } + +/* array size for array textures only */ +if (args->target == PIPE_TEXTURE_CUBE) { +@@ -6088,6 +6093,9 @@ static int check_resource_valid(struct vrend_renderer_resource_create_args *args + if (!has_feature(feat_texture_array)) + return -1; +} ++ if (format_can_texture_storage && !args->width) { ++ return -1; ++ } + +if (args->bind == 0 || +args->bind == VIRGL_BIND_CUSTOM || +@@ -6124,11 +6132,55 @@ static int check_resource_valid(struct vrend_renderer_resource_create_args *args + args->target == PIPE_TEXTURE_CUBE_ARRAY) { + if (args->depth != 1) + return -1; ++ if (format_can_texture_storage && !args->height) { ++return -1; ++ } + } + if (args->target == PIPE_TEXTURE_1D || + args->target == PIPE_TEXTURE_1D_ARRAY) { + if (args->height != 1 || args->depth != 1) + return -1; ++ if (args->width > vrend_state.max_texture_2d_size) { ++return -1; ++ } ++ } ++ ++ if (args->target == PIPE_TEXTURE_2D || ++ args->target == PIPE_TEXTURE_RECT || ++ args->target == PIPE_TEXTURE_2D_ARRAY) { ++ if (args->width > vrend_state.max_texture_2d_size || ++ args->height > vrend_state.max_texture_2d_size) { ++return -1; ++ } ++ } ++ ++ if (args->target == PIPE_TEXTURE_3D) { ++ if (format_can_texture_storage && ++ (!args->height || !args->depth)) { ++return -1; ++ } ++ if (args->width > vrend_state.max_texture_3d_size || ++ args->height > vrend_state.max_texture_3d_size || ++ args->depth > vrend_state.max_texture_3d_size) { ++return -1; ++ } ++ } ++ if (args->target == PIPE_TEXTURE_2D_ARRAY || ++ args->target == PIPE_TEXTURE_CUBE_ARRAY || ++ args->target == PIPE_TEXTURE_1D_ARRAY) { ++ if (format_can_texture_storage && ++ !args->array_size) { ++
[OE-core] [PATCH][zeus 1/2] qemu: fix CVE-2019-20382
From: Lee Chee Yang Signed-off-by: Lee Chee Yang --- meta/recipes-devtools/qemu/qemu.inc|1 + .../qemu/qemu/CVE-2019-20382.patch | 1018 2 files changed, 1019 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-20382.patch diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index d394db8..f451017 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -30,6 +30,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://CVE-2019-15890.patch \ file://CVE-2019-12068.patch \ file://CVE-2020-1711.patch \ + file://CVE-2019-20382.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2019-20382.patch b/meta/recipes-devtools/qemu/qemu/CVE-2019-20382.patch new file mode 100644 index 000..183d100 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2019-20382.patch @@ -0,0 +1,1018 @@ +From 6bf21f3d83e95bcc4ba35a7a07cc6655e8b010b0 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Sat, 31 Aug 2019 08:39:22 -0700 +Subject: [PATCH] vnc: fix memory leak when vnc disconnect + +Currently when qemu receives a vnc connect, it creates a 'VncState' to +represent this connection. In 'vnc_worker_thread_loop' it creates a +local 'VncState'. The connection 'VcnState' and local 'VncState' exchange +data in 'vnc_async_encoding_start' and 'vnc_async_encoding_end'. +In 'zrle_compress_data' it calls 'deflateInit2' to allocate the libz library +opaque data. The 'VncState' used in 'zrle_compress_data' is the local +'VncState'. In 'vnc_zrle_clear' it calls 'deflateEnd' to free the libz +library opaque data. The 'VncState' used in 'vnc_zrle_clear' is the connection +'VncState'. In currently implementation there will be a memory leak when the +vnc disconnect. Following is the asan output backtrack: + +Direct leak of 29760 byte(s) in 5 object(s) allocated from: +0 0xa67ef3c3 in __interceptor_calloc (/lib64/libasan.so.4+0xd33c3) +1 0xa65071cb in g_malloc0 (/lib64/libglib-2.0.so.0+0x571cb) +2 0xa5e968f7 in deflateInit2_ (/lib64/libz.so.1+0x78f7) +3 0xcec58613 in zrle_compress_data ui/vnc-enc-zrle.c:87 +4 0xcec58613 in zrle_send_framebuffer_update ui/vnc-enc-zrle.c:344 +5 0xcec34e77 in vnc_send_framebuffer_update ui/vnc.c:919 +6 0xcec5e023 in vnc_worker_thread_loop ui/vnc-jobs.c:271 +7 0xcec5e5e7 in vnc_worker_thread ui/vnc-jobs.c:340 +8 0xcee4d3c3 in qemu_thread_start util/qemu-thread-posix.c:502 +9 0xa544e8bb in start_thread (/lib64/libpthread.so.0+0x78bb) +10 0xa53965cb in thread_start (/lib64/libc.so.6+0xd55cb) + +This is because the opaque allocated in 'deflateInit2' is not freed in +'deflateEnd'. The reason is that the 'deflateEnd' calls 'deflateStateCheck' +and in the latter will check whether 's->strm != strm'(libz's data structure). +This check will be true so in 'deflateEnd' it just return 'Z_STREAM_ERROR' and +not free the data allocated in 'deflateInit2'. + +The reason this happens is that the 'VncState' contains the whole 'VncZrle', +so when calling 'deflateInit2', the 's->strm' will be the local address. +So 's->strm != strm' will be true. + +To fix this issue, we need to make 'zrle' of 'VncState' to be a pointer. +Then the connection 'VncState' and local 'VncState' exchange mechanism will +work as expection. The 'tight' of 'VncState' has the same issue, let's also turn +it to a pointer. + +Reported-by: Ying Fang +Signed-off-by: Li Qiang +Message-id: 20190831153922.121308-1-liq...@163.com +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=6bf21f3d83e95bcc4ba35a7a07cc6655e8b010b0] +CVE: CVE-2019-20382 +Signed-off-by: Lee Chee Yang + +--- + ui/vnc-enc-tight.c| 219 +- + ui/vnc-enc-zlib.c | 11 +-- + ui/vnc-enc-zrle.c | 68 + ui/vnc-enc-zrle.inc.c | 2 +- + ui/vnc.c | 28 --- + ui/vnc.h | 4 +- + 6 files changed, 170 insertions(+), 162 deletions(-) + +diff --git a/ui/vnc-enc-tight.c b/ui/vnc-enc-tight.c +index 9084c22..1e08518 100644 +--- a/ui/vnc-enc-tight.c b/ui/vnc-enc-tight.c +@@ -116,7 +116,7 @@ static int send_png_rect(VncState *vs, int x, int y, int w, int h, + + static bool tight_can_send_png_rect(VncState *vs, int w, int h) + { +-if (vs->tight.type != VNC_ENCODING_TIGHT_PNG) { ++if (vs->tight->type != VNC_ENCODING_TIGHT_PNG) { + return false; + } + +@@ -144,7 +144,7 @@ tight_detect_smooth_image24(VncState *vs, int w, int h) + int pixels = 0; + int pix, left[3]; + unsigned int errors; +-unsigned char *buf = vs->tight.tight.buffer; ++unsigned char *buf = vs->tight->tight.buffer; + + /* + * If client is big-endian, color samples
[OE-core] [PATCH][zeus 2/2] libpcre2: fix CVE-2019-20454
From: Lee Chee Yang Signed-off-by: Lee Chee Yang --- .../libpcre/libpcre2/CVE-2019-20454.patch | 19 +++ meta/recipes-support/libpcre/libpcre2_10.33.bb| 1 + 2 files changed, 20 insertions(+) create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch new file mode 100644 index 000..51f95a7 --- /dev/null +++ b/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch @@ -0,0 +1,19 @@ +Upstream-Status: Backport [https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_jit_compile.c?r1=1092=1091=1092] +CVE: CVE-2020-8002 +Signed-off-by: Lee Chee Yang + +--- pcre2-10.30/src/pcre2_jit_compile.c2019/05/13 16:26:17 1091 pcre2-10.30/src/pcre2_jit_compile.c2019/05/13 16:38:18 1092 +@@ -8571,7 +8571,10 @@ + PCRE2_SPTR bptr; + uint32_t c; + +-GETCHARINC(c, cc); ++/* Patch by PH */ ++/* GETCHARINC(c, cc); */ ++ ++c = *cc++; + #if PCRE2_CODE_UNIT_WIDTH == 32 + if (c >= 0x11) + return NULL; + diff --git a/meta/recipes-support/libpcre/libpcre2_10.33.bb b/meta/recipes-support/libpcre/libpcre2_10.33.bb index 50b2675..1020df9 100644 --- a/meta/recipes-support/libpcre/libpcre2_10.33.bb +++ b/meta/recipes-support/libpcre/libpcre2_10.33.bb @@ -12,6 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENCE;md5=b1588d3bb4cb0e1f5a597d908f8c5b37" SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre2-${PV}.tar.bz2 \ file://pcre-cross.patch \ + file://CVE-2019-20454.patch \ " SRC_URI[md5sum] = "80b355f2dce909a2e2424f5c79eddb44" -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH] cve-check: fix ValueError
From: Chee Yang Lee fix below error for whitelisted recipe and recipe skip cve check. Error: The stack trace of python calls that resulted in this exception/failure was: File: 'exec_python_func() autogenerated', lineno: 2, function: 0001: *** 0002:do_cve_check(d) 0003: File: '/poky-master/meta/classes/cve-check.bbclass', lineno: 59, function: do_cve_check 0055:try: 0056:patched_cves = get_patches_cves(d) 0057:except FileNotFoundError: 0058:bb.fatal("Failure in searching patches") *** 0059:whitelisted, patched, unpatched = check_cves(d, patched_cves) 0060:if patched or unpatched: 0061:cve_data = get_cve_info(d, patched + unpatched) 0062:cve_write_data(d, patched, unpatched, whitelisted, cve_data) 0063:else: Exception: ValueError: not enough values to unpack (expected 3, got 2) Signed-off-by: Chee Yang Lee --- meta/classes/cve-check.bbclass | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 7f98da6..5d84b93 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -179,13 +179,13 @@ def check_cves(d, patched_cves): products = d.getVar("CVE_PRODUCT").split() # If this has been unset then we're not scanning for CVEs here (for example, image recipes) if not products: -return ([], []) +return ([], [], []) pv = d.getVar("CVE_VERSION").split("+git")[0] # If the recipe has been whitlisted we return empty lists if d.getVar("PN") in d.getVar("CVE_CHECK_PN_WHITELIST").split(): bb.note("Recipe has been whitelisted, skipping check") -return ([], []) +return ([], [], []) old_cve_whitelist = d.getVar("CVE_CHECK_CVE_WHITELIST") if old_cve_whitelist: -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH] cve-check: show whitelisted status
From: Chee Yang Lee change whitelisted CVE status from "Patched" to "Whitelisted". [Yocto #13687] Signed-off-by: Chee Yang Lee --- meta/classes/cve-check.bbclass | 12 +++- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 7412436..7f98da6 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -56,10 +56,10 @@ python do_cve_check () { patched_cves = get_patches_cves(d) except FileNotFoundError: bb.fatal("Failure in searching patches") -patched, unpatched = check_cves(d, patched_cves) +whitelisted, patched, unpatched = check_cves(d, patched_cves) if patched or unpatched: cve_data = get_cve_info(d, patched + unpatched) -cve_write_data(d, patched, unpatched, cve_data) +cve_write_data(d, patched, unpatched, whitelisted, cve_data) else: bb.note("No CVE database found, skipping CVE check") @@ -263,7 +263,7 @@ def check_cves(d, patched_cves): conn.close() -return (list(patched_cves), cves_unpatched) +return (list(cve_whitelist), list(patched_cves), cves_unpatched) def get_cve_info(d, cves): """ @@ -287,7 +287,7 @@ def get_cve_info(d, cves): conn.close() return cve_data -def cve_write_data(d, patched, unpatched, cve_data): +def cve_write_data(d, patched, unpatched, whitelisted, cve_data): """ Write CVE information in WORKDIR; and to CVE_CHECK_DIR, and CVE manifest if enabled. @@ -303,7 +303,9 @@ def cve_write_data(d, patched, unpatched, cve_data): write_string += "PACKAGE NAME: %s\n" % d.getVar("PN") write_string += "PACKAGE VERSION: %s\n" % d.getVar("PV") write_string += "CVE: %s\n" % cve -if cve in patched: +if cve in whitelisted: +write_string += "CVE STATUS: Whitelisted\n" +elif cve in patched: write_string += "CVE STATUS: Patched\n" else: unpatched_cves.append(cve) -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH][zeus] virglrenderer: fix multiple CVEs
From: Lee Chee Yang fix these CVE: CVE-2019-18390 CVE-2019-18391 CVE-2020-8002 Signed-off-by: Lee Chee Yang --- .../virglrenderer/CVE-2019-18390.patch | 66 ++ .../virglrenderer/CVE-2019-18391.patch | 51 + .../virglrenderer/CVE-2020-8002.patch | 39 + .../virglrenderer/virglrenderer_0.8.0.bb | 3 + 4 files changed, 159 insertions(+) create mode 100644 meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18390.patch create mode 100644 meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18391.patch create mode 100644 meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2020-8002.patch diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18390.patch b/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18390.patch new file mode 100644 index 000..ad61c95 --- /dev/null +++ b/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18390.patch @@ -0,0 +1,66 @@ +From 24f67de7a9088a873844a39be03cee6882260ac9 Mon Sep 17 00:00:00 2001 +From: Gert Wollny +Date: Mon, 7 Oct 2019 10:59:56 +0200 +Subject: [PATCH] vrend: check info formats in blits + +Closes #141 +Closes #142 + +v2 : drop colon in error description (Emil) + +Signed-off-by: Gert Wollny +Reviewed-by: Emil Velikov + +Upstream-Status: Backport +[https://gitlab.freedesktop.org/virgl/virglrenderer/commit/24f67de7a9088a873844a39be03cee6882260ac9] +CVE: CVE-2019-18390 +Signed-off-by: Lee Chee Yang +--- + src/virgl_hw.h | 1 + + src/vrend_renderer.c | 11 +++ + 2 files changed, 12 insertions(+) + +diff --git a/src/virgl_hw.h b/src/virgl_hw.h +index 145780bf..5ccf3073 100644 +--- a/src/virgl_hw.h b/src/virgl_hw.h +@@ -426,6 +426,7 @@ enum virgl_ctx_errors { + VIRGL_ERROR_CTX_ILLEGAL_CMD_BUFFER, + VIRGL_ERROR_CTX_GLES_HAVE_TES_BUT_MISS_TCS, + VIRGL_ERROR_GL_ANY_SAMPLES_PASSED, ++VIRGL_ERROR_CTX_ILLEGAL_FORMAT, + }; + + #define VIRGL_RESOURCE_Y_0_TOP (1 << 0) +diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c +index 14fefb38..aa6a89c1 100644 +--- a/src/vrend_renderer.c b/src/vrend_renderer.c +@@ -758,6 +758,7 @@ static const char *vrend_ctx_error_strings[] = { +[VIRGL_ERROR_CTX_ILLEGAL_CMD_BUFFER]= "Illegal command buffer", +[VIRGL_ERROR_CTX_GLES_HAVE_TES_BUT_MISS_TCS] = "On GLES context and shader program has tesselation evaluation shader but no tesselation control shader", +[VIRGL_ERROR_GL_ANY_SAMPLES_PASSED] = "Query for ANY_SAMPLES_PASSED not supported", ++ [VIRGL_ERROR_CTX_ILLEGAL_FORMAT]= "Illegal format ID", + }; + + static void __report_context_error(const char *fname, struct vrend_context *ctx, +@@ -8492,6 +8493,16 @@ void vrend_renderer_blit(struct vrend_context *ctx, +if (ctx->in_error) + return; + ++ if (!info->src.format || (enum virgl_formats)info->src.format >= VIRGL_FORMAT_MAX) { ++ report_context_error(ctx, VIRGL_ERROR_CTX_ILLEGAL_FORMAT, info->src.format); ++ return; ++ } ++ ++ if (!info->dst.format || (enum virgl_formats)info->dst.format >= VIRGL_FORMAT_MAX) { ++ report_context_error(ctx, VIRGL_ERROR_CTX_ILLEGAL_FORMAT, info->dst.format); ++ return; ++ } ++ +if (info->render_condition_enable == false) + vrend_pause_render_condition(ctx, true); + +-- +2.24.1 + diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18391.patch b/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18391.patch new file mode 100644 index 000..cc641d8 --- /dev/null +++ b/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2019-18391.patch @@ -0,0 +1,51 @@ +From 2abeb1802e3c005b17a7123e382171b3fb665971 Mon Sep 17 00:00:00 2001 +From: Gert Wollny +Date: Tue, 8 Oct 2019 17:27:01 +0200 +Subject: [PATCH] vrend: check that the transfer iov holds enough data for the + data upload + +Closes #140 + +Signed-off-by: Gert Wollny +Reviewed-by: Emil Velikov + +Upstream-Status: Backport +[https://gitlab.freedesktop.org/virgl/virglrenderer/commit/2abeb1802e3c005b17a7123e382171b3fb665971] +CVE: CVE-2019-18391 +Signed-off-by: Lee Chee Yang +--- + src/vrend_renderer.c | 11 +-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c +index 694e1d0e..fe23846b 100644 +--- a/src/vrend_renderer.c b/src/vrend_renderer.c +@@ -7005,15 +7005,22 @@ static int vrend_renderer_transfer_write_iov(struct vrend_context *ctx, + invert = true; + } + ++ send_size = util_format_get_nblocks(res->base.format, info->box->width, ++ info->box->height) * elsize; ++ if (res->target == GL_TEXTURE_3D || ++ res->target == GL_TEXTURE_2D_ARRAY || ++ res->target == GL_TEXTURE_CUBE_MAP_ARRAY) ++ send_size *= info->box->depth; ++ + if (need_temp) { +- send_size = util_format_get_nblocks(res->base.format,
[OE-core] [PATCH][zeus] qemu: Fix CVE-2020-1711
From: Lee Chee Yang see https://git.qemu.org/?p=qemu.git;a=commit;h=693fd2acdf14dd86c0bf852610f1c2cca80a74dc Signed-off-by: Lee Chee Yang --- meta/recipes-devtools/qemu/qemu.inc| 3 +- .../recipes-devtools/qemu/qemu/CVE-2020-1711.patch | 64 ++ 2 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index bb444b6..d394db8 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -29,7 +29,8 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://0010-configure-Add-pkg-config-handling-for-libgcrypt.patch \ file://CVE-2019-15890.patch \ file://CVE-2019-12068.patch \ - " + file://CVE-2020-1711.patch \ + " UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" SRC_URI[md5sum] = "cdf2b5ca52b9abac9bacb5842fa420f8" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch new file mode 100644 index 000..aa7bc82 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch @@ -0,0 +1,64 @@ +From 693fd2acdf14dd86c0bf852610f1c2cca80a74dc Mon Sep 17 00:00:00 2001 +From: Felipe Franciosi +Date: Thu, 23 Jan 2020 12:44:59 + +Subject: [PATCH] iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711) + +When querying an iSCSI server for the provisioning status of blocks (via +GET LBA STATUS), Qemu only validates that the response descriptor zero's +LBA matches the one requested. Given the SCSI spec allows servers to +respond with the status of blocks beyond the end of the LUN, Qemu may +have its heap corrupted by clearing/setting too many bits at the end of +its allocmap for the LUN. + +A malicious guest in control of the iSCSI server could carefully program +Qemu's heap (by selectively setting the bitmap) and then smash it. + +This limits the number of bits that iscsi_co_block_status() will try to +update in the allocmap so it can't overflow the bitmap. + +Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=patch;h=693fd2acdf14dd86c0bf852610f1c2cca80a74dc] +CVE: CVE-2020-1711 + +Fixes: CVE-2020-1711 +Cc: qemu-sta...@nongnu.org +Signed-off-by: Felipe Franciosi +Signed-off-by: Peter Turschmid +Signed-off-by: Raphael Norwitz +Signed-off-by: Kevin Wolf +Signed-off-by: Lee Chee Yang +--- + block/iscsi.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/block/iscsi.c b/block/iscsi.c +index 2aea7e3..cbd5729 100644 +--- a/block/iscsi.c b/block/iscsi.c +@@ -701,7 +701,7 @@ static int coroutine_fn iscsi_co_block_status(BlockDriverState *bs, + struct scsi_get_lba_status *lbas = NULL; + struct scsi_lba_status_descriptor *lbasd = NULL; + struct IscsiTask iTask; +-uint64_t lba; ++uint64_t lba, max_bytes; + int ret; + + iscsi_co_init_iscsitask(iscsilun, ); +@@ -721,6 +721,7 @@ static int coroutine_fn iscsi_co_block_status(BlockDriverState *bs, + } + + lba = offset / iscsilun->block_size; ++max_bytes = (iscsilun->num_blocks - lba) * iscsilun->block_size; + + qemu_mutex_lock(>mutex); + retry: +@@ -764,7 +765,7 @@ retry: + goto out_unlock; + } + +-*pnum = (int64_t) lbasd->num_blocks * iscsilun->block_size; ++*pnum = MIN((int64_t) lbasd->num_blocks * iscsilun->block_size, max_bytes); + + if (lbasd->provisioning == SCSI_PROVISIONING_TYPE_DEALLOCATED || + lbasd->provisioning == SCSI_PROVISIONING_TYPE_ANCHORED) { +-- +1.8.3.1 -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH] qemu: Fix CVE-2020-1711
From: Lee Chee Yang see https://git.qemu.org/?p=qemu.git;a=commit;h=693fd2acdf14dd86c0bf852610f1c2cca80a74dc Signed-off-by: Lee Chee Yang --- meta/recipes-devtools/qemu/qemu.inc| 3 +- .../recipes-devtools/qemu/qemu/CVE-2020-1711.patch | 64 ++ 2 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index a557e74..f26e722 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -29,7 +29,8 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://0010-configure-Add-pkg-config-handling-for-libgcrypt.patch \ file://0011-hw-i386-pc-fix-regression-in-parsing-vga-cmdline-par.patch \ file://CVE-2019-15890.patch \ - " + file://CVE-2020-1711.patch \ + " UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" SRC_URI[md5sum] = "278eeb294e4b497e79af7a57e660cb9a" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch new file mode 100644 index 000..aa7bc82 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch @@ -0,0 +1,64 @@ +From 693fd2acdf14dd86c0bf852610f1c2cca80a74dc Mon Sep 17 00:00:00 2001 +From: Felipe Franciosi +Date: Thu, 23 Jan 2020 12:44:59 + +Subject: [PATCH] iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711) + +When querying an iSCSI server for the provisioning status of blocks (via +GET LBA STATUS), Qemu only validates that the response descriptor zero's +LBA matches the one requested. Given the SCSI spec allows servers to +respond with the status of blocks beyond the end of the LUN, Qemu may +have its heap corrupted by clearing/setting too many bits at the end of +its allocmap for the LUN. + +A malicious guest in control of the iSCSI server could carefully program +Qemu's heap (by selectively setting the bitmap) and then smash it. + +This limits the number of bits that iscsi_co_block_status() will try to +update in the allocmap so it can't overflow the bitmap. + +Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=patch;h=693fd2acdf14dd86c0bf852610f1c2cca80a74dc] +CVE: CVE-2020-1711 + +Fixes: CVE-2020-1711 +Cc: qemu-sta...@nongnu.org +Signed-off-by: Felipe Franciosi +Signed-off-by: Peter Turschmid +Signed-off-by: Raphael Norwitz +Signed-off-by: Kevin Wolf +Signed-off-by: Lee Chee Yang +--- + block/iscsi.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/block/iscsi.c b/block/iscsi.c +index 2aea7e3..cbd5729 100644 +--- a/block/iscsi.c b/block/iscsi.c +@@ -701,7 +701,7 @@ static int coroutine_fn iscsi_co_block_status(BlockDriverState *bs, + struct scsi_get_lba_status *lbas = NULL; + struct scsi_lba_status_descriptor *lbasd = NULL; + struct IscsiTask iTask; +-uint64_t lba; ++uint64_t lba, max_bytes; + int ret; + + iscsi_co_init_iscsitask(iscsilun, ); +@@ -721,6 +721,7 @@ static int coroutine_fn iscsi_co_block_status(BlockDriverState *bs, + } + + lba = offset / iscsilun->block_size; ++max_bytes = (iscsilun->num_blocks - lba) * iscsilun->block_size; + + qemu_mutex_lock(>mutex); + retry: +@@ -764,7 +765,7 @@ retry: + goto out_unlock; + } + +-*pnum = (int64_t) lbasd->num_blocks * iscsilun->block_size; ++*pnum = MIN((int64_t) lbasd->num_blocks * iscsilun->block_size, max_bytes); + + if (lbasd->provisioning == SCSI_PROVISIONING_TYPE_DEALLOCATED || + lbasd->provisioning == SCSI_PROVISIONING_TYPE_ANCHORED) { +-- +1.8.3.1 -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH v3] libxml2: Fix CVE-2019-20388
From: Lee Chee Yang see: https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68 Signed-off-by: Lee Chee Yang --- .../libxml/libxml2/CVE-2019-20388.patch| 37 ++ meta/recipes-core/libxml/libxml2_2.9.10.bb | 1 + 2 files changed, 38 insertions(+) create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch diff --git a/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch b/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch new file mode 100644 index 000..88eb65a --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch @@ -0,0 +1,37 @@ +From 7ffcd44d7e6c46704f8af0321d9314cd26e0e18a Mon Sep 17 00:00:00 2001 +From: Zhipeng Xie +Date: Tue, 20 Aug 2019 16:33:06 +0800 +Subject: [PATCH] Fix memory leak in xmlSchemaValidateStream + +When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun +alloc a new schema for ctxt->schema and set vctxt->xsiAssemble +to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize +vctxt->xsiAssemble to 0 again which cause the alloced schema +can not be freed anymore. + +Found with libFuzzer. + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/commit/7ffcd44d7e6c46704f8af0321d9314cd26e0e18a] +CVE: CVE-2019-20388 + +Signed-off-by: Zhipeng Xie +Signed-off-by: Lee Chee Yang +--- + xmlschemas.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/xmlschemas.c b/xmlschemas.c +index 301c8449..39d92182 100644 +--- a/xmlschemas.c b/xmlschemas.c +@@ -28090,7 +28090,6 @@ xmlSchemaPreRun(xmlSchemaValidCtxtPtr vctxt) { + vctxt->nberrors = 0; + vctxt->depth = -1; + vctxt->skipDepth = -1; +-vctxt->xsiAssemble = 0; + vctxt->hasKeyrefs = 0; + #ifdef ENABLE_IDC_NODE_TABLES_TEST + vctxt->createIDCNodeTables = 1; +-- +2.24.1 + diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb index 6a4097c..097aceb 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb @@ -21,6 +21,7 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \ file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \ file://fix-execution-of-ptests.patch \ file://CVE-2020-7595.patch \ + file://CVE-2019-20388.patch \ " SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5" -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH v2 2/2] libxml2: Fix CVE-2019-20388
From: Lee Chee Yang see: https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68 Signed-off-by: Lee Chee Yang --- .../libxml/libxml2/CVE-2019-20388.patch| 37 ++ meta/recipes-core/libxml/libxml2_2.9.10.bb | 1 + 2 files changed, 38 insertions(+) create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch diff --git a/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch b/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch new file mode 100644 index 000..4ee2d4f --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch @@ -0,0 +1,37 @@ +From 7ffcd44d7e6c46704f8af0321d9314cd26e0e18a Mon Sep 17 00:00:00 2001 +From: Zhipeng Xie +Date: Tue, 20 Aug 2019 16:33:06 +0800 +Subject: [PATCH] Fix memory leak in xmlSchemaValidateStream + +When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun +alloc a new schema for ctxt->schema and set vctxt->xsiAssemble +to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize +vctxt->xsiAssemble to 0 again which cause the alloced schema +can not be freed anymore. + +Found with libFuzzer. + +Upstream-Status: Accepted [https://gitlab.gnome.org/GNOME/libxml2/commit/7ffcd44d7e6c46704f8af0321d9314cd26e0e18a] +CVE: CVE-2019-20388 + +Signed-off-by: Zhipeng Xie +Signed-off-by: Lee Chee Yang +--- + xmlschemas.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/xmlschemas.c b/xmlschemas.c +index 301c8449..39d92182 100644 +--- a/xmlschemas.c b/xmlschemas.c +@@ -28090,7 +28090,6 @@ xmlSchemaPreRun(xmlSchemaValidCtxtPtr vctxt) { + vctxt->nberrors = 0; + vctxt->depth = -1; + vctxt->skipDepth = -1; +-vctxt->xsiAssemble = 0; + vctxt->hasKeyrefs = 0; + #ifdef ENABLE_IDC_NODE_TABLES_TEST + vctxt->createIDCNodeTables = 1; +-- +2.24.1 + diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb index 6a4097c..097aceb 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb @@ -21,6 +21,7 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \ file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \ file://fix-execution-of-ptests.patch \ file://CVE-2020-7595.patch \ + file://CVE-2019-20388.patch \ " SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5" -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH v2 1/2] bash: include patch 12-16
From: Lee Chee Yang Signed-off-by: Lee Chee Yang --- meta/recipes-extended/bash/bash_5.0.bb | 15 +++ 1 file changed, 15 insertions(+) diff --git a/meta/recipes-extended/bash/bash_5.0.bb b/meta/recipes-extended/bash/bash_5.0.bb index 0c7b234..8ff9e6e 100644 --- a/meta/recipes-extended/bash/bash_5.0.bb +++ b/meta/recipes-extended/bash/bash_5.0.bb @@ -16,6 +16,11 @@ SRC_URI = "${GNU_MIRROR}/bash/${BP}.tar.gz;name=tarball \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-009;apply=yes;striplevel=0;name=patch009 \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-010;apply=yes;striplevel=0;name=patch010 \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-011;apply=yes;striplevel=0;name=patch011 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-012;apply=yes;striplevel=0;name=patch012 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-013;apply=yes;striplevel=0;name=patch013 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-014;apply=yes;striplevel=0;name=patch014 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-015;apply=yes;striplevel=0;name=patch015 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-016;apply=yes;striplevel=0;name=patch016 \ file://execute_cmd.patch \ file://mkbuiltins_have_stringize.patch \ file://build-tests.patch \ @@ -50,6 +55,16 @@ SRC_URI[patch010.md5sum] = "19b41e73b03602d0e261c471b53e670c" SRC_URI[patch010.sha256sum] = "d6fbc325f0b5dc54ddbe8ee43020bced8bd589ddffea59d128db14b2e52a8a11" SRC_URI[patch011.md5sum] = "414339330a3634137081a97f2c8615a8" SRC_URI[patch011.sha256sum] = "2c4de332b91eaf797abbbd6c79709690b5cbd48b12e8dfe748096dbd7bf474ea" +SRC_URI[patch012.md5sum] = "1870268f62b907221b078ad109e1fa94" +SRC_URI[patch012.sha256sum] = "2943ee19688018296f2a04dbfe30b7138b889700efa8ff1c0524af271e0ee233" +SRC_URI[patch013.md5sum] = "40d923af4b952b01983ed4c889ae2653" +SRC_URI[patch013.sha256sum] = "f5d7178d8da30799e01b83a0802018d913d6aa972dd2ddad3b927f3f3eb7099a" +SRC_URI[patch014.md5sum] = "57857b22053c8167677e5e5ac5c6669b" +SRC_URI[patch014.sha256sum] = "5d6eee6514ee6e22a87bba8d22be0a8621a0ae119246f1c5a9a35db1f72af589" +SRC_URI[patch015.md5sum] = "c4c6ea23d09a74eaa9385438e48fdf02" +SRC_URI[patch015.sha256sum] = "a517df2dda93b26d5cbf00effefea93e3a4ccd6652f152f4109170544ebfa05e" +SRC_URI[patch016.md5sum] = "a682ed6fa2c2e7a7c3ba6bdeada07fb5" +SRC_URI[patch016.sha256sum] = "ffd1d7a54a99fa7f5b1825e4f7e95d8c8876bc2ca151f150e751d429c650b06d" DEBUG_OPTIMIZATION_append_armv4 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" DEBUG_OPTIMIZATION_append_armv5 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 2/2] libxml2: Fix CVE-2019-20388
From: Lee Chee Yang see: https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68 Signed-off-by: Lee Chee Yang --- .../libxml/libxml2/CVE-2019-20388.patch| 33 ++ meta/recipes-core/libxml/libxml2_2.9.10.bb | 1 + 2 files changed, 34 insertions(+) create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch diff --git a/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch b/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch new file mode 100644 index 000..49ff6fb --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch @@ -0,0 +1,33 @@ +From 7ffcd44d7e6c46704f8af0321d9314cd26e0e18a Mon Sep 17 00:00:00 2001 +From: Zhipeng Xie +Date: Tue, 20 Aug 2019 16:33:06 +0800 +Subject: [PATCH] Fix memory leak in xmlSchemaValidateStream + +When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun +alloc a new schema for ctxt->schema and set vctxt->xsiAssemble +to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize +vctxt->xsiAssemble to 0 again which cause the alloced schema +can not be freed anymore. + +Found with libFuzzer. + +Signed-off-by: Zhipeng Xie +--- + xmlschemas.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/xmlschemas.c b/xmlschemas.c +index 301c8449..39d92182 100644 +--- a/xmlschemas.c b/xmlschemas.c +@@ -28090,7 +28090,6 @@ xmlSchemaPreRun(xmlSchemaValidCtxtPtr vctxt) { + vctxt->nberrors = 0; + vctxt->depth = -1; + vctxt->skipDepth = -1; +-vctxt->xsiAssemble = 0; + vctxt->hasKeyrefs = 0; + #ifdef ENABLE_IDC_NODE_TABLES_TEST + vctxt->createIDCNodeTables = 1; +-- +2.24.1 + diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb index 6a4097c..097aceb 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb @@ -21,6 +21,7 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \ file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \ file://fix-execution-of-ptests.patch \ file://CVE-2020-7595.patch \ + file://CVE-2019-20388.patch \ " SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5" -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 1/2] bash: include patch 12-16
From: Lee Chee Yang Signed-off-by: Lee Chee Yang --- meta/recipes-extended/bash/bash_5.0.bb | 15 +++ 1 file changed, 15 insertions(+) diff --git a/meta/recipes-extended/bash/bash_5.0.bb b/meta/recipes-extended/bash/bash_5.0.bb index 0c7b234..8ff9e6e 100644 --- a/meta/recipes-extended/bash/bash_5.0.bb +++ b/meta/recipes-extended/bash/bash_5.0.bb @@ -16,6 +16,11 @@ SRC_URI = "${GNU_MIRROR}/bash/${BP}.tar.gz;name=tarball \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-009;apply=yes;striplevel=0;name=patch009 \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-010;apply=yes;striplevel=0;name=patch010 \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-011;apply=yes;striplevel=0;name=patch011 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-012;apply=yes;striplevel=0;name=patch012 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-013;apply=yes;striplevel=0;name=patch013 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-014;apply=yes;striplevel=0;name=patch014 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-015;apply=yes;striplevel=0;name=patch015 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-016;apply=yes;striplevel=0;name=patch016 \ file://execute_cmd.patch \ file://mkbuiltins_have_stringize.patch \ file://build-tests.patch \ @@ -50,6 +55,16 @@ SRC_URI[patch010.md5sum] = "19b41e73b03602d0e261c471b53e670c" SRC_URI[patch010.sha256sum] = "d6fbc325f0b5dc54ddbe8ee43020bced8bd589ddffea59d128db14b2e52a8a11" SRC_URI[patch011.md5sum] = "414339330a3634137081a97f2c8615a8" SRC_URI[patch011.sha256sum] = "2c4de332b91eaf797abbbd6c79709690b5cbd48b12e8dfe748096dbd7bf474ea" +SRC_URI[patch012.md5sum] = "1870268f62b907221b078ad109e1fa94" +SRC_URI[patch012.sha256sum] = "2943ee19688018296f2a04dbfe30b7138b889700efa8ff1c0524af271e0ee233" +SRC_URI[patch013.md5sum] = "40d923af4b952b01983ed4c889ae2653" +SRC_URI[patch013.sha256sum] = "f5d7178d8da30799e01b83a0802018d913d6aa972dd2ddad3b927f3f3eb7099a" +SRC_URI[patch014.md5sum] = "57857b22053c8167677e5e5ac5c6669b" +SRC_URI[patch014.sha256sum] = "5d6eee6514ee6e22a87bba8d22be0a8621a0ae119246f1c5a9a35db1f72af589" +SRC_URI[patch015.md5sum] = "c4c6ea23d09a74eaa9385438e48fdf02" +SRC_URI[patch015.sha256sum] = "a517df2dda93b26d5cbf00effefea93e3a4ccd6652f152f4109170544ebfa05e" +SRC_URI[patch016.md5sum] = "a682ed6fa2c2e7a7c3ba6bdeada07fb5" +SRC_URI[patch016.sha256sum] = "ffd1d7a54a99fa7f5b1825e4f7e95d8c8876bc2ca151f150e751d429c650b06d" DEBUG_OPTIMIZATION_append_armv4 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" DEBUG_OPTIMIZATION_append_armv5 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH][zeus] libxml2: Fix CVE-2019-19956
From: Lee Chee Yang see: https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549 Signed-off-by: Lee Chee Yang --- .../libxml/libxml2/Fix-CVE-2019-19956.patch| 40 ++ meta/recipes-core/libxml/libxml2_2.9.9.bb | 1 + 2 files changed, 41 insertions(+) create mode 100644 meta/recipes-core/libxml/libxml2/Fix-CVE-2019-19956.patch diff --git a/meta/recipes-core/libxml/libxml2/Fix-CVE-2019-19956.patch b/meta/recipes-core/libxml/libxml2/Fix-CVE-2019-19956.patch new file mode 100644 index 000..1c2dff9 --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/Fix-CVE-2019-19956.patch @@ -0,0 +1,40 @@ +From 5a02583c7e683896d84878bd90641d8d9b0d0549 Mon Sep 17 00:00:00 2001 +From: Zhipeng Xie +Date: Wed, 7 Aug 2019 17:39:17 +0800 +Subject: [PATCH] Fix memory leak in xmlParseBalancedChunkMemoryRecover + +When doc is NULL, namespace created in xmlTreeEnsureXMLDecl +is bind to newDoc->oldNs, in this case, set newDoc->oldNs to +NULL and free newDoc will cause a memory leak. + +Found with libFuzzer. + +Closes #82. + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549] +CVE: CVE-2019-19956 + +Signed-off-by: Chee Yang Lee + +--- + parser.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/parser.c b/parser.c +index 1ce1ccf1..26d9f4e3 100644 +--- a/parser.c b/parser.c +@@ -13894,7 +13894,8 @@ xmlParseBalancedChunkMemoryRecover(xmlDocPtr doc, xmlSAXHandlerPtr sax, + xmlFreeParserCtxt(ctxt); + newDoc->intSubset = NULL; + newDoc->extSubset = NULL; +-newDoc->oldNs = NULL; ++if(doc != NULL) ++ newDoc->oldNs = NULL; + xmlFreeDoc(newDoc); + + return(ret); +-- +2.24.1 + + diff --git a/meta/recipes-core/libxml/libxml2_2.9.9.bb b/meta/recipes-core/libxml/libxml2_2.9.9.bb index c38f883..c44a90b 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.9.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.9.bb @@ -20,6 +20,7 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \ file://libxml-m4-use-pkgconfig.patch \ file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \ file://fix-execution-of-ptests.patch \ + file://Fix-CVE-2019-19956.patch \ " SRC_URI[libtar.md5sum] = "c04a5a0a042eaa157e8e8c9eabe76bd6" -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 2/2] rsync: whitelist CVE-2017-16548
From: Lee Chee Yang patch for this CVE applies to v3.1.3pre1 not for v3.1.3. patch already in v3.1.3. see https://git.samba.org/rsync.git/?p=rsync.git;a=commitdiff;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1;hp=bc112b0e7feece62ce98708092306639a8a53cce Signed-off-by: Lee Chee Yang --- meta/recipes-devtools/rsync/rsync_3.1.3.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-devtools/rsync/rsync_3.1.3.bb b/meta/recipes-devtools/rsync/rsync_3.1.3.bb index ffb1d06..152ff02 100644 --- a/meta/recipes-devtools/rsync/rsync_3.1.3.bb +++ b/meta/recipes-devtools/rsync/rsync_3.1.3.bb @@ -20,6 +20,9 @@ SRC_URI = "https://download.samba.org/pub/${BPN}/src/${BP}.tar.gz \ SRC_URI[md5sum] = "1581a588fde9d89f6bc6201e8129afaf" SRC_URI[sha256sum] = "55cc554efec5fdaad70de921cd5a5eeb6c29a95524c715f3bbf849235b0800c0" +# -16548 required for v3.1.3pre1. Already in v3.1.3. +CVE_CHECK_WHITELIST += " CVE-2017-16548 " + inherit autotools PACKAGECONFIG ??= "acl attr \ -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 1/2] bash: include patch 8-11
From: Lee Chee Yang Signed-off-by: Lee Chee Yang --- meta/recipes-extended/bash/bash_5.0.bb | 12 1 file changed, 12 insertions(+) diff --git a/meta/recipes-extended/bash/bash_5.0.bb b/meta/recipes-extended/bash/bash_5.0.bb index eadc822..0c7b234 100644 --- a/meta/recipes-extended/bash/bash_5.0.bb +++ b/meta/recipes-extended/bash/bash_5.0.bb @@ -12,6 +12,10 @@ SRC_URI = "${GNU_MIRROR}/bash/${BP}.tar.gz;name=tarball \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-005;apply=yes;striplevel=0;name=patch005 \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-006;apply=yes;striplevel=0;name=patch006 \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-007;apply=yes;striplevel=0;name=patch007 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-008;apply=yes;striplevel=0;name=patch008 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-009;apply=yes;striplevel=0;name=patch009 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-010;apply=yes;striplevel=0;name=patch010 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-011;apply=yes;striplevel=0;name=patch011 \ file://execute_cmd.patch \ file://mkbuiltins_have_stringize.patch \ file://build-tests.patch \ @@ -38,6 +42,14 @@ SRC_URI[patch006.md5sum] = "4a8ee95adb72c3aba03d9e8c9f96ece6" SRC_URI[patch006.sha256sum] = "d68529a6ff201b6ff5915318ab12fc16b8a0ebb77fda3308303fcc1e13398420" SRC_URI[patch007.md5sum] = "411560d81fde2dc5b17b83c3f3b58c6f" SRC_URI[patch007.sha256sum] = "17b41e7ee3673d8887dd25992417a398677533ab8827938aa41fad70df19af9b" +SRC_URI[patch008.md5sum] = "dd7cf7a784d1838822cad8d419315991" +SRC_URI[patch008.sha256sum] = "eec64588622a82a5029b2776e218a75a3640bef4953f09d6ee1f4199670ad7e3" +SRC_URI[patch009.md5sum] = "c1b3e937cd6dccbb7fd772f32812a0da" +SRC_URI[patch009.sha256sum] = "ed3ca21767303fc3de93934aa524c2e920787c506b601cc40a4897d4b094d903" +SRC_URI[patch010.md5sum] = "19b41e73b03602d0e261c471b53e670c" +SRC_URI[patch010.sha256sum] = "d6fbc325f0b5dc54ddbe8ee43020bced8bd589ddffea59d128db14b2e52a8a11" +SRC_URI[patch011.md5sum] = "414339330a3634137081a97f2c8615a8" +SRC_URI[patch011.sha256sum] = "2c4de332b91eaf797abbbd6c79709690b5cbd48b12e8dfe748096dbd7bf474ea" DEBUG_OPTIMIZATION_append_armv4 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" DEBUG_OPTIMIZATION_append_armv5 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH v2] wic: 'wic cp' to copy from image
From: Chee Yang Lee currently 'wic cp' only works for copy file from local storage to wic image. enhance 'wic cp' to copy file/directory from wic image to local storage. include selftest and 'wic help' updates. [YOCTO#12169] Signed-off-by: Chee Yang Lee --- meta/lib/oeqa/selftest/cases/wic.py | 17 + scripts/lib/wic/engine.py | 35 +++ scripts/lib/wic/help.py | 29 +++-- scripts/wic | 16 +--- 4 files changed, 76 insertions(+), 21 deletions(-) diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py index ea75300..3ed4cab 100644 --- a/meta/lib/oeqa/selftest/cases/wic.py +++ b/meta/lib/oeqa/selftest/cases/wic.py @@ -866,6 +866,13 @@ class Wic2(WicTestCase): self.assertEqual(8, len(result.output.split('\n'))) self.assertTrue(os.path.basename(testdir) in result.output) +# copy the file from the partition and check if it success +dest = '%s-cp' % testfile.name +runCmd("wic cp %s:1/%s %s -n %s" % (images[0], +os.path.basename(testfile.name), dest, sysroot)) +self.assertTrue(os.path.exists(dest)) + + def test_wic_rm(self): """Test removing files and directories from the the wic image.""" runCmd("wic create mkefidisk " @@ -1005,6 +1012,16 @@ class Wic2(WicTestCase): newdirs = set(line.split()[-1] for line in result.output.split('\n') if line) self.assertEqual(newdirs.difference(dirs), set([os.path.basename(testfile.name)])) +# check if the file to copy is in the partition +result = runCmd("wic ls %s:2/etc/ -n %s" % (images[0], sysroot)) +self.assertTrue('fstab' in [line.split()[-1] for line in result.output.split('\n') if line]) + +# copy file from the partition, replace the temporary file content with it and +# check for the file size to validate the copy +runCmd("wic cp %s:2/etc/fstab %s -n %s" % (images[0], testfile.name, sysroot)) +self.assertTrue(os.stat(testfile.name).st_size > 0) + + def test_wic_rm_ext(self): """Test removing files from the ext partition.""" runCmd("wic create mkefidisk " diff --git a/scripts/lib/wic/engine.py b/scripts/lib/wic/engine.py index 18776fa..713219b 100644 --- a/scripts/lib/wic/engine.py +++ b/scripts/lib/wic/engine.py @@ -322,16 +322,31 @@ class Disk: self._get_part_image(pnum), path)) -def copy(self, src, pnum, path): +def copy(self, src, dest): """Copy partition image into wic image.""" +pnum = dest.part if isinstance(src, str) else src.part + if self.partitions[pnum].fstype.startswith('ext'): -cmd = "printf 'cd {}\nwrite {} {}\n' | {} -w {}".\ - format(path, src, os.path.basename(src), +if isinstance(src, str): +cmd = "printf 'cd {}\nwrite {} {}\n' | {} -w {}".\ + format(os.path.dirname(dest.path), src, os.path.basename(src), self.debugfs, self._get_part_image(pnum)) +else: # copy from wic +# run both dump and rdump to support both files and directory +cmd = "printf 'cd {}\ndump /{} {}\nrdump /{} {}\n' | {} {}".\ + format(os.path.dirname(src.path), src.path, + dest, src.path, dest, self.debugfs, + self._get_part_image(pnum)) else: # fat -cmd = "{} -i {} -snop {} ::{}".format(self.mcopy, +if isinstance(src, str): +cmd = "{} -i {} -snop {} ::{}".format(self.mcopy, + self._get_part_image(pnum), + src, dest.path) +else: +cmd = "{} -i {} -snop ::{} {}".format(self.mcopy, self._get_part_image(pnum), - src, path) + src.path, dest) + exec_cmd(cmd, as_shell=True) self._put_part_image(pnum) @@ -523,11 +538,15 @@ def wic_ls(args, native_sysroot): def wic_cp(args, native_sysroot): """ -Copy local file or directory to the vfat partition of +Copy file or directory to/from the vfat/ext partition of partitioned image. """ -disk = Disk(args.dest.image, native_sysroot) -disk.copy(args.src, args.dest
[OE-core] [PATCH] wic: 'wic cp' to copy from image
From: Chee Yang Lee currently 'wic cp' only works for copy file from local storage to wic image. enhance 'wic cp' to copy file/directory from wic image to local storage. include selftest and 'wic help' updates. Signed-off-by: Chee Yang Lee --- meta/lib/oeqa/selftest/cases/wic.py | 17 + scripts/lib/wic/engine.py | 35 +++ scripts/lib/wic/help.py | 29 +++-- scripts/wic | 16 +--- 4 files changed, 76 insertions(+), 21 deletions(-) diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py index ea75300..3ed4cab 100644 --- a/meta/lib/oeqa/selftest/cases/wic.py +++ b/meta/lib/oeqa/selftest/cases/wic.py @@ -866,6 +866,13 @@ class Wic2(WicTestCase): self.assertEqual(8, len(result.output.split('\n'))) self.assertTrue(os.path.basename(testdir) in result.output) +# copy the file from the partition and check if it success +dest = '%s-cp' % testfile.name +runCmd("wic cp %s:1/%s %s -n %s" % (images[0], +os.path.basename(testfile.name), dest, sysroot)) +self.assertTrue(os.path.exists(dest)) + + def test_wic_rm(self): """Test removing files and directories from the the wic image.""" runCmd("wic create mkefidisk " @@ -1005,6 +1012,16 @@ class Wic2(WicTestCase): newdirs = set(line.split()[-1] for line in result.output.split('\n') if line) self.assertEqual(newdirs.difference(dirs), set([os.path.basename(testfile.name)])) +# check if the file to copy is in the partition +result = runCmd("wic ls %s:2/etc/ -n %s" % (images[0], sysroot)) +self.assertTrue('fstab' in [line.split()[-1] for line in result.output.split('\n') if line]) + +# copy file from the partition, replace the temporary file content with it and +# check for the file size to validate the copy +runCmd("wic cp %s:2/etc/fstab %s -n %s" % (images[0], testfile.name, sysroot)) +self.assertTrue(os.stat(testfile.name).st_size > 0) + + def test_wic_rm_ext(self): """Test removing files from the ext partition.""" runCmd("wic create mkefidisk " diff --git a/scripts/lib/wic/engine.py b/scripts/lib/wic/engine.py index 18776fa..713219b 100644 --- a/scripts/lib/wic/engine.py +++ b/scripts/lib/wic/engine.py @@ -322,16 +322,31 @@ class Disk: self._get_part_image(pnum), path)) -def copy(self, src, pnum, path): +def copy(self, src, dest): """Copy partition image into wic image.""" +pnum = dest.part if isinstance(src, str) else src.part + if self.partitions[pnum].fstype.startswith('ext'): -cmd = "printf 'cd {}\nwrite {} {}\n' | {} -w {}".\ - format(path, src, os.path.basename(src), +if isinstance(src, str): +cmd = "printf 'cd {}\nwrite {} {}\n' | {} -w {}".\ + format(os.path.dirname(dest.path), src, os.path.basename(src), self.debugfs, self._get_part_image(pnum)) +else: # copy from wic +# run both dump and rdump to support both files and directory +cmd = "printf 'cd {}\ndump /{} {}\nrdump /{} {}\n' | {} {}".\ + format(os.path.dirname(src.path), src.path, + dest, src.path, dest, self.debugfs, + self._get_part_image(pnum)) else: # fat -cmd = "{} -i {} -snop {} ::{}".format(self.mcopy, +if isinstance(src, str): +cmd = "{} -i {} -snop {} ::{}".format(self.mcopy, + self._get_part_image(pnum), + src, dest.path) +else: +cmd = "{} -i {} -snop ::{} {}".format(self.mcopy, self._get_part_image(pnum), - src, path) + src.path, dest) + exec_cmd(cmd, as_shell=True) self._put_part_image(pnum) @@ -523,11 +538,15 @@ def wic_ls(args, native_sysroot): def wic_cp(args, native_sysroot): """ -Copy local file or directory to the vfat partition of +Copy file or directory to/from the vfat/ext partition of partitioned image. """ -disk = Disk(args.dest.image, native_sysroot) -disk.copy(args.src, args.dest.part, args.dest
[OE-core] [PATCH 2/2] wic: rm with -r flag support
From: Chee Yang Lee wic currently unable to remove non-empty directory in ext* partition. enable wic rm to remove non-empty directory and all the sub-content with -r flag. update help documents for 'wic rm'. [YOCTO #12404] Signed-off-by: Chee Yang Lee --- scripts/lib/wic/engine.py | 62 ++- scripts/lib/wic/help.py | 4 +++ scripts/wic | 3 +++ 3 files changed, 52 insertions(+), 17 deletions(-) diff --git a/scripts/lib/wic/engine.py b/scripts/lib/wic/engine.py index 18776fa..7e66207 100644 --- a/scripts/lib/wic/engine.py +++ b/scripts/lib/wic/engine.py @@ -19,6 +19,7 @@ import os import tempfile import json import subprocess +import re from collections import namedtuple, OrderedDict from distutils.spawn import find_executable @@ -335,25 +336,52 @@ class Disk: exec_cmd(cmd, as_shell=True) self._put_part_image(pnum) -def remove(self, pnum, path): +def remove_ext(self, pnum, path, recursive): +""" +Remove files/dirs and their contents from the partition. +This only applies to ext* partition. +""" +abs_path = re.sub('\/\/+', '/', path) +cmd = "{} {} -wR 'rm \"{}\"'".format(self.debugfs, +self._get_part_image(pnum), +abs_path) +out = exec_cmd(cmd , as_shell=True) +for line in out.splitlines(): +if line.startswith("rm:"): +if "file is a directory" in line: +if recursive: +# loop through content and delete them one by one if +# flaged with -r +subdirs = iter(self.dir(pnum, abs_path).splitlines()) +next(subdirs) +for subdir in subdirs: +dir = subdir.split(':')[1].split(" ", 1)[1] +if not dir == "." and not dir == "..": +self.remove_ext(pnum, "%s/%s" % (abs_path, dir), recursive) + +rmdir_out = exec_cmd("{} {} -wR 'rmdir \"{}\"'".format(self.debugfs, +self._get_part_image(pnum), +abs_path.rstrip('/')) +, as_shell=True) + +for rmdir_line in rmdir_out.splitlines(): +if "directory not empty" in rmdir_line: +raise WicError("Could not complete operation: \n%s \n" +"use -r to remove non-empty directory" % rmdir_line) +if rmdir_line.startswith("rmdir:"): +raise WicError("Could not complete operation: \n%s " +"\n%s" % (str(line), rmdir_line)) + +else: +raise WicError("Could not complete operation: \n%s " +"\nUnable to remove %s" % (str(line), abs_path)) + +def remove(self, pnum, path, recursive): """Remove files/dirs from the partition.""" partimg = self._get_part_image(pnum) if self.partitions[pnum].fstype.startswith('ext'): -cmd = "{} {} -wR 'rm {}'".format(self.debugfs, -self._get_part_image(pnum), -path) -out = exec_cmd(cmd , as_shell=True) -for line in out.splitlines(): -if line.startswith("rm:"): -if "file is a directory" in line: -# Try rmdir to see if this is an empty directory. This won't delete -# any non empty directory so let user know about any error that this might -# generate. -print(exec_cmd("{} {} -wR 'rmdir {}'".format(self.debugfs, -self._get_part_image(pnum), -path), as_shell=True)) -else: -raise WicError("Could not complete operation: wic %s" % str(line)) +self.remove_ext(pnum, path, recursive) + else: # fat cmd = "{} -i {} ::{}".format(self.mdel, partimg, path) try: @@ -535,7 +563,7 @@ def wic_rm(args, native_sysroot): partitioned image. """ disk = Disk(args.path.image, native_sysroot) -disk.remove(args.path.part, args.path
[OE-core] [PATCH 1/2] selftest/wic: test wic rm with -r flag
From: Chee Yang Lee selftest to make sure wic rm with -r flag for ext partition could remove directory and all its content. Signed-off-by: Chee Yang Lee --- meta/lib/oeqa/selftest/cases/wic.py | 7 +++ 1 file changed, 7 insertions(+) diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py index ea75300..0c03b4b 100644 --- a/meta/lib/oeqa/selftest/cases/wic.py +++ b/meta/lib/oeqa/selftest/cases/wic.py @@ -1025,3 +1025,10 @@ class Wic2(WicTestCase): # check if it's removed result = runCmd("wic ls %s:2/etc/ -n %s" % (images[0], sysroot)) self.assertTrue('fstab' not in [line.split()[-1] for line in result.output.split('\n') if line]) + +# remove non-empty directory +runCmd("wic rm -r %s:2/etc/ -n %s" % (images[0], sysroot)) + +# check if it's removed +result = runCmd("wic ls %s:2/ -n %s" % (images[0], sysroot)) +self.assertTrue('etc' not in [line.split()[-1] for line in result.output.split('\n') if line]) -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH] wic: beautify 'wic help'
From: Chee Yang Lee The Wic help returned to the user is unreadable. Use a custom ArgumentParser to override argparse help message. change help message as suggest in https://bugzilla.yoctoproject.org/show_bug.cgi?id=12205 [YOCTO #12205] changes applies to 'wic help', 'wic -h', 'wic --h' and 'wic --help' Signed-off-by: Chee Yang Lee --- scripts/lib/wic/help.py | 56 + scripts/wic | 8 +++--- 2 files changed, 61 insertions(+), 3 deletions(-) diff --git a/scripts/lib/wic/help.py b/scripts/lib/wic/help.py index af7d0576e2..968cc0ed6f 100644 --- a/scripts/lib/wic/help.py +++ b/scripts/lib/wic/help.py @@ -1046,3 +1046,59 @@ NAME DESCRIPTION Specify a help topic to display it. Topics are shown above. """ + + +wic_help = """ +Creates a customized OpenEmbedded image. + +Usage: wic [--version] +wic help [COMMAND or TOPIC] +wic COMMAND [ARGS] + +usage 1: Returns the current version of Wic +usage 2: Returns detailed help for a COMMAND or TOPIC +usage 3: Executes COMMAND + + +COMMAND: + +list - List available canned images and source plugins +ls - List contents of partitioned image or partition +rm - Remove files or directories from the vfat or ext* partitions +help - Show help for a wic COMMAND or TOPIC +write - Write an image to a device +cp - Copy files and directories to the vfat or ext* partitions +create - Create a new OpenEmbedded image + + +TOPIC: +overview - Presents an overall overview of Wic +plugins - Presents an overview and API for Wic plugins +kickstart - Presents a Wic kicstart file reference + + +Examples: + +$ wic --version + +Returns the current version of Wic + + +$ wic help cp + +Returns the SYNOPSIS and DESCRIPTION for the Wic "cp" command. + + +$ wic list images + +Returns the list of canned images (i.e. *.wks files located in +the /scripts/lib/wic/canned-wks directory. + + +$ wic create mkefidisk -e core-image-minimal + +Creates an EFI disk image from artifacts used in a previous +core-image-minimal build in standard BitBake locations +(e.g. Cooked Mode). + +""" diff --git a/scripts/wic b/scripts/wic index 1d89fb2eda..1a717300f5 100755 --- a/scripts/wic +++ b/scripts/wic @@ -495,14 +495,18 @@ def init_parser(parser): subparser = subparsers.add_parser(subcmd, help=subcommands[subcmd][2]) subcommands[subcmd][3](subparser) +class WicArgumentParser(argparse.ArgumentParser): + def format_help(self): + return hlp.wic_help def main(argv): -parser = argparse.ArgumentParser( +parser = WicArgumentParser( description="wic version %s" % __version__) init_parser(parser) args = parser.parse_args(argv) + if args.debug: logger.setLevel(logging.DEBUG) @@ -510,8 +514,6 @@ def main(argv): if args.command == "help": if args.help_topic is None: parser.print_help() -print() -print("Please specify a help topic") elif args.help_topic in helptopics: hlpt = helptopics[args.help_topic] hlpt[0](hlpt[1], hlpt[2]) -- 2.22.0 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 2/2] wic/engine: use 'linux-swap' for swap file system
From: Chee Yang Lee [YOCTO #13312] see https://bugzilla.yoctoproject.org/show_bug.cgi?id=13312 wic/engine.Disk._get_part_image was looking at variable fstypes for supported fstype which is 'swap' but image build with 'linux-swap'. supported fstype should be 'linux-swap'. Signed-off-by: Chee Yang Lee --- scripts/lib/wic/engine.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/lib/wic/engine.py b/scripts/lib/wic/engine.py index 61939ad1..18776fa 100644 --- a/scripts/lib/wic/engine.py +++ b/scripts/lib/wic/engine.py @@ -541,7 +541,7 @@ def wic_write(args, native_sysroot): """ Write image to a target device. """ -disk = Disk(args.image, native_sysroot, ('fat', 'ext', 'swap')) +disk = Disk(args.image, native_sysroot, ('fat', 'ext', 'linux-swap')) disk.write(args.target, args.expand) def find_canned(scripts_path, file_name): -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 1/2] wic/help: change 'wic write' help description
From: Chee Yang Lee update the help desciption for 'wic write' command to match behaviour. see commit: https://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/scripts/wic?id=74b44e59be89c738f702948f9e16e367c0ba43ba Signed-off-by: Chee Yang Lee --- scripts/lib/wic/help.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/lib/wic/help.py b/scripts/lib/wic/help.py index 3a40fc0..af7d057 100644 --- a/scripts/lib/wic/help.py +++ b/scripts/lib/wic/help.py @@ -478,7 +478,7 @@ NAME SYNOPSIS wic write wic write --expand auto -wic write --expand 1:100M-2:300M +wic write --expand 1:100M,2:300M wic write --native-sysroot DESCRIPTION @@ -489,7 +489,7 @@ DESCRIPTION The --expand option is used to resize image partitions. --expand auto expands partitions to occupy all free space available on the target device. It's also possible to specify expansion rules in a format -:[-:...] for one or more partitions. +:[,:...] for one or more partitions. Specifying size 0 will keep partition unmodified. Note: Resizing boot partition can result in non-bootable image for non-EFI images. It is recommended to use size 0 for boot partition to keep image bootable. -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH v2] systemd-boot:grub-efi:wic: add variable APPENDS for multiple boot configuration
From: Chee Yang Lee introduce new variable APPENDS to define multiple boot configuration for systemd-boot and grub-efi. APPENDS set the different in kernel option for each .conf file(for systemd-boot) or menuentry(for grub-efi). Include the differences in the title. Separate each configuration with ";". e.g.: APPEND = "console=tty0 rootwait" APPENDS = " i915.enable_guc=0; i915.enable_guc=2" for systemd-boot, above setting will produce 2 .conf, boot-1.conf and boot-2.conf which set with below title and option: boot-1.conf - title boot-1 i915.enable_guc=0 option console=tty0 rootwait i915.enable_guc=0 boot-2.conf - title boot-2 i915.enable_guc=2 option console=tty0 rootwait i915.enable_guc=2 also update oeqa/selftest/wic testcase to fit the new variable. Signed-off-by: Chee Yang Lee --- meta/classes/grub-efi-cfg.bbclass | 46 +++--- meta/classes/image_types_wic.bbclass | 2 +- meta/classes/systemd-boot-cfg.bbclass | 75 +-- meta/lib/oeqa/selftest/cases/wic.py | 2 +- scripts/lib/wic/plugins/source/bootimg-efi.py | 86 +++ 5 files changed, 118 insertions(+), 93 deletions(-) diff --git a/meta/classes/grub-efi-cfg.bbclass b/meta/classes/grub-efi-cfg.bbclass index f661a69..811c78f 100644 --- a/meta/classes/grub-efi-cfg.bbclass +++ b/meta/classes/grub-efi-cfg.bbclass @@ -89,29 +89,31 @@ python build_efi_cfg() { for label in labels.split(): localdata = d.createCopy() +initrd = localdata.getVar('INITRD') +append = localdata.getVar('APPEND') +appends = localdata.getVar('APPENDS') if localdata.getVar('APPENDS') else "" for btype in btypes: -cfgfile.write('\nmenuentry \'%s%s\'{\n' % (label, btype[0])) -lb = label -if label == "install": -lb = "install-efi" -kernel = localdata.getVar('KERNEL_IMAGETYPE') -cfgfile.write('linux /%s LABEL=%s' % (kernel, lb)) - -cfgfile.write(' %s' % replace_rootfs_uuid(d, root)) - -append = localdata.getVar('APPEND') -initrd = localdata.getVar('INITRD') - -if append: -append = replace_rootfs_uuid(d, append) -cfgfile.write(' %s' % (append)) - -cfgfile.write(' %s' % btype[1]) -cfgfile.write('\n') - -if initrd: -cfgfile.write('initrd /initrd') -cfgfile.write('\n}\n') +for apd in appends.split(';'): +cfgfile.write('\nmenuentry \'%s%s %s\'{\n' % (label, btype[0],apd)) +lb = label +if label == "install": +lb = "install-efi" +kernel = localdata.getVar('KERNEL_IMAGETYPE') +cfgfile.write('linux /%s LABEL=%s' % (kernel, lb)) + +cfgfile.write(' %s' % replace_rootfs_uuid(d, root)) + +ap = append + apd +if ap: +append = replace_rootfs_uuid(d, ap) +cfgfile.write(' %s' % (ap)) + +cfgfile.write(' %s' % btype[1]) +cfgfile.write('\n') + +if initrd: +cfgfile.write('initrd /initrd') +cfgfile.write('\n}\n') cfgfile.close() } diff --git a/meta/classes/image_types_wic.bbclass b/meta/classes/image_types_wic.bbclass index 519aeb1..4f2bdcc 100644 --- a/meta/classes/image_types_wic.bbclass +++ b/meta/classes/image_types_wic.bbclass @@ -3,7 +3,7 @@ WICVARS ?= "\ BBLAYERS IMGDEPLOYDIR DEPLOY_DIR_IMAGE FAKEROOTCMD IMAGE_BASENAME IMAGE_BOOT_FILES \ IMAGE_LINK_NAME IMAGE_ROOTFS INITRAMFS_FSTYPES INITRD INITRD_LIVE ISODIR RECIPE_SYSROOT_NATIVE \ - ROOTFS_SIZE STAGING_DATADIR STAGING_DIR STAGING_LIBDIR TARGET_SYS \ + ROOTFS_SIZE STAGING_DATADIR STAGING_DIR STAGING_LIBDIR TARGET_SYS APPENDS \ KERNEL_IMAGETYPE MACHINE INITRAMFS_IMAGE INITRAMFS_IMAGE_BUNDLE INITRAMFS_LINK_NAME" inherit ${@bb.utils.contains('INITRAMFS_IMAGE_BUNDLE', '1', 'kernel-artifact-names', '', d)} diff --git a/meta/classes/systemd-boot-cfg.bbclass b/meta/classes/systemd-boot-cfg.bbclass index b3e0e6a..fddbfad 100644 --- a/meta/classes/systemd-boot-cfg.bbclass +++ b/meta/classes/systemd-boot-cfg.bbclass @@ -19,6 +19,12 @@ python build_efi_cfg() { bb.debug(1, "No labels, nothing to do") return +#remove conf file from previous build +files = os.listdir(s) +for file in files: +if file.endswith(".conf"): +os.unlink(file) + cfile = d.getVar('SYSTEMD_BOOT_CFG') cdir = os.path.dirname(cfile) if not os.path.exists(cdir): @@ -37,35 +43,44 @@ python build_efi_cfg() { cfgfile.write('timeout 10\n') cfgfil
[OE-core] [PATCH] add variable APPENDS for multiple boot configuration
From: Chee Yang Lee This patch introduce new variable APPENDS to define multiple boot configuration for systemd-boot and grub-efi. APPENDS set the different in kernel option for each .conf file(for systemd-boot) or menuentry(for grub-efi). Include the differences in the title. Separate each configuration with ";". e.g.: APPEND = "console=tty0 rootwait" APPENDS = " i915.enable_guc=0; i915.enable_guc=2" for systemd-boot, above setting will produce 2 .conf, boot-1.conf and boot-2.conf which set with below title and option: boot-1.conf - title boot-1 i915.enable_guc=0 option console=tty0 rootwait i915.enable_guc=0 boot-2.conf - title boot-2 i915.enable_guc=2 option console=tty0 rootwait i915.enable_guc=2 This patch also update oeqa/selftest/wic testcase. --- meta/classes/grub-efi-cfg.bbclass | 46 +++--- meta/classes/image_types_wic.bbclass | 2 +- meta/classes/systemd-boot-cfg.bbclass | 75 +-- meta/lib/oeqa/selftest/cases/wic.py | 2 +- scripts/lib/wic/plugins/source/bootimg-efi.py | 86 +++ 5 files changed, 118 insertions(+), 93 deletions(-) diff --git a/meta/classes/grub-efi-cfg.bbclass b/meta/classes/grub-efi-cfg.bbclass index f661a69..811c78f 100644 --- a/meta/classes/grub-efi-cfg.bbclass +++ b/meta/classes/grub-efi-cfg.bbclass @@ -89,29 +89,31 @@ python build_efi_cfg() { for label in labels.split(): localdata = d.createCopy() +initrd = localdata.getVar('INITRD') +append = localdata.getVar('APPEND') +appends = localdata.getVar('APPENDS') if localdata.getVar('APPENDS') else "" for btype in btypes: -cfgfile.write('\nmenuentry \'%s%s\'{\n' % (label, btype[0])) -lb = label -if label == "install": -lb = "install-efi" -kernel = localdata.getVar('KERNEL_IMAGETYPE') -cfgfile.write('linux /%s LABEL=%s' % (kernel, lb)) - -cfgfile.write(' %s' % replace_rootfs_uuid(d, root)) - -append = localdata.getVar('APPEND') -initrd = localdata.getVar('INITRD') - -if append: -append = replace_rootfs_uuid(d, append) -cfgfile.write(' %s' % (append)) - -cfgfile.write(' %s' % btype[1]) -cfgfile.write('\n') - -if initrd: -cfgfile.write('initrd /initrd') -cfgfile.write('\n}\n') +for apd in appends.split(';'): +cfgfile.write('\nmenuentry \'%s%s %s\'{\n' % (label, btype[0],apd)) +lb = label +if label == "install": +lb = "install-efi" +kernel = localdata.getVar('KERNEL_IMAGETYPE') +cfgfile.write('linux /%s LABEL=%s' % (kernel, lb)) + +cfgfile.write(' %s' % replace_rootfs_uuid(d, root)) + +ap = append + apd +if ap: +append = replace_rootfs_uuid(d, ap) +cfgfile.write(' %s' % (ap)) + +cfgfile.write(' %s' % btype[1]) +cfgfile.write('\n') + +if initrd: +cfgfile.write('initrd /initrd') +cfgfile.write('\n}\n') cfgfile.close() } diff --git a/meta/classes/image_types_wic.bbclass b/meta/classes/image_types_wic.bbclass index 519aeb1..4f2bdcc 100644 --- a/meta/classes/image_types_wic.bbclass +++ b/meta/classes/image_types_wic.bbclass @@ -3,7 +3,7 @@ WICVARS ?= "\ BBLAYERS IMGDEPLOYDIR DEPLOY_DIR_IMAGE FAKEROOTCMD IMAGE_BASENAME IMAGE_BOOT_FILES \ IMAGE_LINK_NAME IMAGE_ROOTFS INITRAMFS_FSTYPES INITRD INITRD_LIVE ISODIR RECIPE_SYSROOT_NATIVE \ - ROOTFS_SIZE STAGING_DATADIR STAGING_DIR STAGING_LIBDIR TARGET_SYS \ + ROOTFS_SIZE STAGING_DATADIR STAGING_DIR STAGING_LIBDIR TARGET_SYS APPENDS \ KERNEL_IMAGETYPE MACHINE INITRAMFS_IMAGE INITRAMFS_IMAGE_BUNDLE INITRAMFS_LINK_NAME" inherit ${@bb.utils.contains('INITRAMFS_IMAGE_BUNDLE', '1', 'kernel-artifact-names', '', d)} diff --git a/meta/classes/systemd-boot-cfg.bbclass b/meta/classes/systemd-boot-cfg.bbclass index b3e0e6a..fddbfad 100644 --- a/meta/classes/systemd-boot-cfg.bbclass +++ b/meta/classes/systemd-boot-cfg.bbclass @@ -19,6 +19,12 @@ python build_efi_cfg() { bb.debug(1, "No labels, nothing to do") return +#remove conf file from previous build +files = os.listdir(s) +for file in files: +if file.endswith(".conf"): +os.unlink(file) + cfile = d.getVar('SYSTEMD_BOOT_CFG') cdir = os.path.dirname(cfile) if not os.path.exists(cdir): @@ -37,35 +43,44 @@ python build_efi_cfg() { cfgfile.write('timeout 10\n') cfgfile.close() +appends = d.getVar('
[OE-core] [PATCH] wic: add support for kernel with initramfs bundled
From: Chee Yang Lee when INITRAMFS_IMAGE_BUNDLE and INITRAMFS_IMAGE are set, wic should look for kernel with initramfs image bundled. Include required variable MACHINE, INITRAMFS_IMAGE_BUNDLE, INITRAMFS_IMAGE, INITRAMFS_LINK_NAME and KERNEL_IMAGETYPE in WICVARS. No longer require default value for variable kernel as KERNEL_IMAGETYPE is not optional variable and included in WICVARS. image_types_wic to inherit kernel-artifact-names to obtain default INITRAMFS_LINK_NAME when INITRAMFS_IMAGE_BUNDLE are set. update wic.Wic2.test_image_env test case to filter optional variable INITRAMFS_LINK_NAME, INITRAMFS_IMAGE and INITRAMFS_IMAGE_BUNDLE. Signed-off-by: Chee Yang Lee --- meta/classes/image_types_wic.bbclass | 5 - meta/lib/oeqa/selftest/cases/wic.py | 3 ++- scripts/lib/wic/plugins/source/bootimg-efi.py| 18 -- scripts/lib/wic/plugins/source/bootimg-pcbios.py | 6 -- scripts/lib/wic/plugins/source/isoimage-isohybrid.py | 19 +-- 5 files changed, 35 insertions(+), 16 deletions(-) diff --git a/meta/classes/image_types_wic.bbclass b/meta/classes/image_types_wic.bbclass index 5b40a9e..97d681b 100644 --- a/meta/classes/image_types_wic.bbclass +++ b/meta/classes/image_types_wic.bbclass @@ -3,7 +3,10 @@ WICVARS ?= "\ BBLAYERS IMGDEPLOYDIR DEPLOY_DIR_IMAGE FAKEROOTCMD IMAGE_BASENAME IMAGE_BOOT_FILES \ IMAGE_LINK_NAME IMAGE_ROOTFS INITRAMFS_FSTYPES INITRD INITRD_LIVE ISODIR RECIPE_SYSROOT_NATIVE \ - ROOTFS_SIZE STAGING_DATADIR STAGING_DIR STAGING_LIBDIR TARGET_SYS" + ROOTFS_SIZE STAGING_DATADIR STAGING_DIR STAGING_LIBDIR TARGET_SYS \ + KERNEL_IMAGETYPE MACHINE INITRAMFS_IMAGE INITRAMFS_IMAGE_BUNDLE INITRAMFS_LINK_NAME" + +inherit ${@bb.utils.contains('INITRAMFS_IMAGE_BUNDLE', '1', 'kernel-artifact-names', '', d)} WKS_FILE ??= "${IMAGE_BASENAME}.${MACHINE}.wks" WKS_FILES ?= "${WKS_FILE} ${IMAGE_BASENAME}.wks" diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py index f1c6f39..c390749 100644 --- a/meta/lib/oeqa/selftest/cases/wic.py +++ b/meta/lib/oeqa/selftest/cases/wic.py @@ -499,7 +499,8 @@ class Wic2(WicTestCase): wicvars = set(bb_vars['WICVARS'].split()) # filter out optional variables wicvars = wicvars.difference(('DEPLOY_DIR_IMAGE', 'IMAGE_BOOT_FILES', - 'INITRD', 'INITRD_LIVE', 'ISODIR')) + 'INITRD', 'INITRD_LIVE', 'ISODIR','INITRAMFS_IMAGE', + 'INITRAMFS_IMAGE_BUNDLE', 'INITRAMFS_LINK_NAME')) with open(path) as envfile: content = dict(line.split("=", 1) for line in envfile) # test if variables used by wic present in the .env file diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index 5cc5c8a..2cfdc10 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -74,8 +74,10 @@ class BootimgEFIPlugin(SourcePlugin): grubefi_conf += "menuentry '%s'{\n" % (title if title else "boot") kernel = get_bitbake_var("KERNEL_IMAGETYPE") -if not kernel: -kernel = "bzImage" +if get_bitbake_var("INITRAMFS_IMAGE_BUNDLE") == "1": +if get_bitbake_var("INITRAMFS_IMAGE"): +kernel = "%s-%s.bin" % \ +(get_bitbake_var("KERNEL_IMAGETYPE"), get_bitbake_var("INITRAMFS_LINK_NAME")) label = source_params.get('label') label_conf = "root=%s" % creator.rootdev @@ -154,8 +156,10 @@ class BootimgEFIPlugin(SourcePlugin): if not custom_cfg: # Create systemd-boot configuration using parameters from wks file kernel = get_bitbake_var("KERNEL_IMAGETYPE") -if not kernel: -kernel = "bzImage" +if get_bitbake_var("INITRAMFS_IMAGE_BUNDLE") == "1": +if get_bitbake_var("INITRAMFS_IMAGE"): +kernel = "%s-%s.bin" % \ +(get_bitbake_var("KERNEL_IMAGETYPE"), get_bitbake_var("INITRAMFS_LINK_NAME")) title = source_params.get('title') @@ -225,8 +229,10 @@ class BootimgEFIPlugin(SourcePlugin): hdddir = "%s/hdd/boot" % cr_workdir kernel = get_bitbake_var("KERNEL_IMAGETYPE") -if not kernel: -kernel = "bzImage" +if get_bitbake_var("INITRAMFS_IMAGE_BUNDLE") == "1": +if get_bitbake_var("INITRAMFS_IMAGE"): +kernel = "%s-%s.bi
[OE-core] [PATCH v2] wic/bootimg-efi: allow multiple initrd
From: Chee Yang Lee Allow plugin bootimg-efi to configure with multiple initrd through source parameter. Uses ; to separate each initrd. e.g: --sourceparams="loader=${EFI_PROVIDER},initrd=initrd1;initrd2" Signed-off-by: Chee Yang Lee --- scripts/lib/wic/plugins/source/bootimg-efi.py | 22 -- 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index d87db1f..5cc5c8a 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -55,8 +55,10 @@ class BootimgEFIPlugin(SourcePlugin): if not bootimg_dir: raise WicError("Couldn't find DEPLOY_DIR_IMAGE, exiting") -cp_cmd = "cp %s/%s %s" % (bootimg_dir, initrd, hdddir) -exec_cmd(cp_cmd, True) +initrds = initrd.split(';') +for rd in initrds: +cp_cmd = "cp %s/%s %s" % (bootimg_dir, rd, hdddir) +exec_cmd(cp_cmd, True) else: logger.debug("Ignoring missing initrd") @@ -84,7 +86,11 @@ class BootimgEFIPlugin(SourcePlugin): % (kernel, label_conf, bootloader.append) if initrd: - grubefi_conf += "initrd /%s\n" % initrd +initrds = initrd.split(';') +grubefi_conf += "initrd" +for rd in initrds: +grubefi_conf += " /%s" % rd +grubefi_conf += "\n" grubefi_conf += "}\n" @@ -119,8 +125,10 @@ class BootimgEFIPlugin(SourcePlugin): if not bootimg_dir: raise WicError("Couldn't find DEPLOY_DIR_IMAGE, exiting") -cp_cmd = "cp %s/%s %s" % (bootimg_dir, initrd, hdddir) -exec_cmd(cp_cmd, True) +initrds = initrd.split(';') +for rd in initrds: +cp_cmd = "cp %s/%s %s" % (bootimg_dir, rd, hdddir) +exec_cmd(cp_cmd, True) else: logger.debug("Ignoring missing initrd") @@ -164,7 +172,9 @@ class BootimgEFIPlugin(SourcePlugin): (label_conf, bootloader.append) if initrd: -boot_conf += "initrd /%s\n" % initrd +initrds = initrd.split(';') +for rd in initrds: +boot_conf += "initrd /%s\n" % rd logger.debug("Writing systemd-boot config " "%s/hdd/boot/loader/entries/boot.conf", cr_workdir) -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH] wic/bootimg-efi: allow multiple initrd
From: Chee Yang Lee Allow plugin bootimg-efi to configure with multiple initrd through source parameter. Uses ; to separate each initrd. e.g: --sourceparams="loader=${EFI_PROVIDER},initrd=initrd1;initrd2" Signed-off-by: Chee Yang Lee --- scripts/lib/wic/plugins/source/bootimg-efi.py | 24 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index d87db1f..f3440fb 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -55,8 +55,10 @@ class BootimgEFIPlugin(SourcePlugin): if not bootimg_dir: raise WicError("Couldn't find DEPLOY_DIR_IMAGE, exiting") -cp_cmd = "cp %s/%s %s" % (bootimg_dir, initrd, hdddir) -exec_cmd(cp_cmd, True) +initrds = initrd.split(';') +for rd in initrds: +cp_cmd = "cp %s/%s %s" % (bootimg_dir, rd, hdddir) +exec_cmd(cp_cmd, True) else: logger.debug("Ignoring missing initrd") @@ -83,8 +85,11 @@ class BootimgEFIPlugin(SourcePlugin): grubefi_conf += "linux /%s %s rootwait %s\n" \ % (kernel, label_conf, bootloader.append) -if initrd: - grubefi_conf += "initrd /%s\n" % initrd +if initrds: +grubefi_conf += "initrd" +for rd in initrds: +grubefi_conf += " /%s" % rd +grubefi_conf += "\n" grubefi_conf += "}\n" @@ -119,8 +124,10 @@ class BootimgEFIPlugin(SourcePlugin): if not bootimg_dir: raise WicError("Couldn't find DEPLOY_DIR_IMAGE, exiting") -cp_cmd = "cp %s/%s %s" % (bootimg_dir, initrd, hdddir) -exec_cmd(cp_cmd, True) +initrds = initrd.split(';') +for rd in initrds: +cp_cmd = "cp %s/%s %s" % (bootimg_dir, rd, hdddir) +exec_cmd(cp_cmd, True) else: logger.debug("Ignoring missing initrd") @@ -163,8 +170,9 @@ class BootimgEFIPlugin(SourcePlugin): boot_conf += "options %s %s\n" % \ (label_conf, bootloader.append) -if initrd: -boot_conf += "initrd /%s\n" % initrd +if initrds: +for rd in initrds: +boot_conf += "initrd /%s\n" % rd logger.debug("Writing systemd-boot config " "%s/hdd/boot/loader/entries/boot.conf", cr_workdir) -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH] wic/plugins: kernel image refer to KERNEL_IMAGETYPE
From: Chee Yang Lee replaced hardcoded kernel image with KERNEL_IMAGETYPE. set kernel image to "bzImage" incase KERNEL_IMAGETYPE not set. Signed-off-by: Chee Yang Lee --- scripts/lib/wic/plugins/source/bootimg-efi.py | 21 +++-- scripts/lib/wic/plugins/source/bootimg-pcbios.py| 8 ++-- .../lib/wic/plugins/source/isoimage-isohybrid.py| 21 ++--- 3 files changed, 35 insertions(+), 15 deletions(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index 70cc1b0..d87db1f 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -71,14 +71,16 @@ class BootimgEFIPlugin(SourcePlugin): grubefi_conf += "timeout=%s\n" % bootloader.timeout grubefi_conf += "menuentry '%s'{\n" % (title if title else "boot") -kernel = "/bzImage" +kernel = get_bitbake_var("KERNEL_IMAGETYPE") +if not kernel: +kernel = "bzImage" label = source_params.get('label') label_conf = "root=%s" % creator.rootdev if label: label_conf = "LABEL=%s" % label -grubefi_conf += "linux %s %s rootwait %s\n" \ +grubefi_conf += "linux /%s %s rootwait %s\n" \ % (kernel, label_conf, bootloader.append) if initrd: @@ -143,12 +145,15 @@ class BootimgEFIPlugin(SourcePlugin): if not custom_cfg: # Create systemd-boot configuration using parameters from wks file -kernel = "/bzImage" +kernel = get_bitbake_var("KERNEL_IMAGETYPE") +if not kernel: +kernel = "bzImage" + title = source_params.get('title') boot_conf = "" boot_conf += "title %s\n" % (title if title else "boot") -boot_conf += "linux %s\n" % kernel +boot_conf += "linux /%s\n" % kernel label = source_params.get('label') label_conf = "LABEL=Boot root=%s" % creator.rootdev @@ -209,8 +214,12 @@ class BootimgEFIPlugin(SourcePlugin): hdddir = "%s/hdd/boot" % cr_workdir -install_cmd = "install -m 0644 %s/bzImage %s/bzImage" % \ -(staging_kernel_dir, hdddir) +kernel = get_bitbake_var("KERNEL_IMAGETYPE") +if not kernel: +kernel = "bzImage" + +install_cmd = "install -m 0644 %s/%s %s/%s" % \ +(staging_kernel_dir, kernel, hdddir, kernel) exec_cmd(install_cmd) diff --git a/scripts/lib/wic/plugins/source/bootimg-pcbios.py b/scripts/lib/wic/plugins/source/bootimg-pcbios.py index 6c9f54a..670d347 100644 --- a/scripts/lib/wic/plugins/source/bootimg-pcbios.py +++ b/scripts/lib/wic/plugins/source/bootimg-pcbios.py @@ -149,8 +149,12 @@ class BootimgPcbiosPlugin(SourcePlugin): hdddir = "%s/hdd/boot" % cr_workdir -cmds = ("install -m 0644 %s/bzImage %s/vmlinuz" % -(staging_kernel_dir, hdddir), +kernel = get_bitbake_var("KERNEL_IMAGETYPE") +if not kernel: +kernel = "bzImage" + +cmds = ("install -m 0644 %s/%s %s/vmlinuz" % +(staging_kernel_dir, kernel, hdddir), "install -m 444 %s/syslinux/ldlinux.sys %s/ldlinux.sys" % (bootimg_dir, hdddir), "install -m 0644 %s/syslinux/vesamenu.c32 %s/vesamenu.c32" % diff --git a/scripts/lib/wic/plugins/source/isoimage-isohybrid.py b/scripts/lib/wic/plugins/source/isoimage-isohybrid.py index 96d07ff..74d6f14 100644 --- a/scripts/lib/wic/plugins/source/isoimage-isohybrid.py +++ b/scripts/lib/wic/plugins/source/isoimage-isohybrid.py @@ -70,8 +70,10 @@ class IsoImagePlugin(SourcePlugin): syslinux_conf += "DEFAULT boot\n" syslinux_conf += "LABEL boot\n" -kernel = "/bzImage" -syslinux_conf += "KERNEL " + kernel + "\n" +kernel = get_bitbake_var("KERNEL_IMAGETYPE") +if not kernel: +kernel = "bzImage" +syslinux_conf += "KERNEL /" + kernel + "\n" syslinux_conf += "APPEND initrd=/initrd LABEL=boot %s\n" \ % bootloader.append @@ -114,9 +116,11 @@ class IsoImagePlugin(SourcePlugin): grubefi_conf += "\n" grubefi_conf += "menuentry 'boot'{\n" -kernel = "/bzImage" +kernel = get_bitbake_var("KERNEL_IMAGETYPE") +if not kernel: +
[OE-core] [PATCH] wic/engine: include .wks.in in wic search and list
From: Chee Yang Lee allow wic to list and search for kickstart file in .wks.in extension. basename show by wic list images to fully exclude extension. Signed-off-by: Chee Yang Lee --- scripts/lib/wic/engine.py | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/scripts/lib/wic/engine.py b/scripts/lib/wic/engine.py index 42e93c3..61939ad1 100644 --- a/scripts/lib/wic/engine.py +++ b/scripts/lib/wic/engine.py @@ -75,7 +75,8 @@ def find_canned_image(scripts_path, wks_file): for fname in files: if fname.endswith("~") or fname.endswith("#"): continue -if fname.endswith(".wks") and wks_file + ".wks" == fname: +if ((fname.endswith(".wks") and wks_file + ".wks" == fname) or \ + (fname.endswith(".wks.in") and wks_file + ".wks.in" == fname)): fullpath = os.path.join(canned_wks_dir, fname) return fullpath return None @@ -92,7 +93,7 @@ def list_canned_images(scripts_path): for fname in files: if fname.endswith("~") or fname.endswith("#"): continue -if fname.endswith(".wks"): +if fname.endswith(".wks") or fname.endswith(".wks.in"): fullpath = os.path.join(canned_wks_dir, fname) with open(fullpath) as wks: for line in wks: @@ -101,7 +102,7 @@ def list_canned_images(scripts_path): if idx != -1: desc = line[idx + len("short-description:"):].strip() break -basename = os.path.splitext(fname)[0] +basename = fname.split('.')[0] print(" %s\t\t%s" % (basename.ljust(30), desc)) -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [meta-intel][PATCH v2] wic: add image-installer.wks.in
From: Chee Yang Lee This wks.in create image that perform installation similar to hddimg. Partition in ext4 format allow rootfs size to be greater than hddimg limit which is 4GB. To build simple installer image, add below configuration to local.conf: WKS_FILE = "image-installer.wks.in" IMAGE_FSTYPES_append = " ext4" IMAGE_TYPEDEP_wic = "ext4" INITRD_IMAGE_LIVE="core-image-minimal-initramfs" do_image_wic[depends] += "${INITRD_IMAGE_LIVE}:do_image_complete" do_rootfs[depends] += "virtual/kernel:do_deploy" IMAGE_BOOT_FILES_append = "\ ${KERNEL_IMAGETYPE} \ microcode.cpio \ systemd-bootx64.efi;EFI/BOOT/bootx64.efi \ ${IMAGE_ROOTFS}/boot/loader/loader.conf;loader/loader.conf \ ${IMAGE_ROOTFS}/boot/loader/entries/boot.conf;loader/entries/boot.conf \ ${IMGDEPLOYDIR}/${IMAGE_BASENAME}-${MACHINE}.ext4;rootfs.img \ " Signed-off-by: Chee Yang Lee --- wic/image-installer.wks.in | 8 1 file changed, 8 insertions(+) create mode 100644 wic/image-installer.wks.in diff --git a/wic/image-installer.wks.in b/wic/image-installer.wks.in new file mode 100644 index 000..58bcfd5 --- /dev/null +++ b/wic/image-installer.wks.in @@ -0,0 +1,8 @@ +# create an installer disk image +# populate content to install using IMAGE_BOOT_FILES + +part /boot --source bootimg-efi --sourceparams="loader=${EFI_PROVIDER},title=install,label=install-efi,initrd=${INITRD_IMAGE_LIVE}-${MACHINE}.${INITRAMFS_FSTYPES}" --ondisk sda --label install --active --align 1024 --use-uuid + +part / --source bootimg-partition --ondisk sda --fstype=ext4 --label image --use-uuid --align 1024 + +bootloader --ptable gpt --timeout=5 --append="rootwait ${APPEND}" -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH v2] wic: bootimg-efi: add label source parameter
From: Chee Yang Lee Add new source parameter label to allow custom boot.conf/grub.cfg label, so far it's hardcoded to "Boot". Default label to "Boot" for systemd-boot and blank for grub-efi when source parameter label are not set. Signed-off-by: Chee Yang Lee --- scripts/lib/wic/plugins/source/bootimg-efi.py | 19 +++ 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index 652323f..70cc1b0 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -73,8 +73,13 @@ class BootimgEFIPlugin(SourcePlugin): kernel = "/bzImage" -grubefi_conf += "linux %s root=%s rootwait %s\n" \ -% (kernel, creator.rootdev, bootloader.append) +label = source_params.get('label') +label_conf = "root=%s" % creator.rootdev +if label: +label_conf = "LABEL=%s" % label + +grubefi_conf += "linux %s %s rootwait %s\n" \ +% (kernel, label_conf, bootloader.append) if initrd: grubefi_conf += "initrd /%s\n" % initrd @@ -144,8 +149,14 @@ class BootimgEFIPlugin(SourcePlugin): boot_conf = "" boot_conf += "title %s\n" % (title if title else "boot") boot_conf += "linux %s\n" % kernel -boot_conf += "options LABEL=Boot root=%s %s\n" % \ - (creator.rootdev, bootloader.append) + +label = source_params.get('label') +label_conf = "LABEL=Boot root=%s" % creator.rootdev +if label: +label_conf = "LABEL=%s" % label + +boot_conf += "options %s %s\n" % \ + (label_conf, bootloader.append) if initrd: boot_conf += "initrd /%s\n" % initrd -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH] wic: bootimg-efi: add label source parameter
From: Chee Yang Lee Add new source parameter label to allow boot.conf/grub.cfg label option to set as "install-efi", so far it's hardcoded to "Boot". The label remain to "Boot" for systemd-boot or blank for grub-efi whenever label are not "install-efi". when label set to "install-efi" the image can boot into image installation. Signed-off-by: Chee Yang Lee --- scripts/lib/wic/plugins/source/bootimg-efi.py | 20 +++- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index 652323f..9b324d3 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -72,9 +72,14 @@ class BootimgEFIPlugin(SourcePlugin): grubefi_conf += "menuentry '%s'{\n" % (title if title else "boot") kernel = "/bzImage" +label = source_params.get('label') -grubefi_conf += "linux %s root=%s rootwait %s\n" \ -% (kernel, creator.rootdev, bootloader.append) +if label == "install-efi": +grubefi_conf += "linux %s LABEL=%s rootwait %s\n" \ +% (kernel, label, bootloader.append) +else: +grubefi_conf += "linux %s root=%s rootwait %s\n" \ +% (kernel, creator.rootdev, bootloader.append) if initrd: grubefi_conf += "initrd /%s\n" % initrd @@ -140,12 +145,17 @@ class BootimgEFIPlugin(SourcePlugin): # Create systemd-boot configuration using parameters from wks file kernel = "/bzImage" title = source_params.get('title') - +label = source_params.get('label') boot_conf = "" boot_conf += "title %s\n" % (title if title else "boot") boot_conf += "linux %s\n" % kernel -boot_conf += "options LABEL=Boot root=%s %s\n" % \ - (creator.rootdev, bootloader.append) + +if label == "install-efi": +boot_conf += "options LABEL=%s %s\n" % \ +(label, bootloader.append) +else: +boot_conf += "options LABEL=Boot root=%s %s\n" % \ + (creator.rootdev, bootloader.append) if initrd: boot_conf += "initrd /%s\n" % initrd -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH v2] wic/bootimg-efi: replace hardcoded volume name with label
From: Chee Yang Lee volume name should refer to --label in .wks. Replace the hardcoded volume name with label. set "ESP" as default name when no lable specified. Signed-off-by: Chee Yang Lee --- scripts/lib/wic/plugins/source/bootimg-efi.py | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index a7d513c..9b324d3 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -254,8 +254,10 @@ class BootimgEFIPlugin(SourcePlugin): # dosfs image, created by mkdosfs bootimg = "%s/boot.img" % cr_workdir -dosfs_cmd = "mkdosfs -n efi -i %s -C %s %d" % \ -(part.fsuuid, bootimg, blocks) +label = part.label if part.label else "ESP" + +dosfs_cmd = "mkdosfs -n %s -i %s -C %s %d" % \ +(label, part.fsuuid, bootimg, blocks) exec_native_cmd(dosfs_cmd, native_sysroot) mcopy_cmd = "mcopy -i %s -s %s/* ::/" % (bootimg, hdddir) -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH] wic/bootimg-efi: replace hardcoded volume name with label
From: Chee Yang Lee volume name should refer to --label in .wks. Replace the hardcoded volume name with label. Keep "efi" as default name when no lable specified. Signed-off-by: Chee Yang Lee --- scripts/lib/wic/plugins/source/bootimg-efi.py | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index 0a0c5bd..55202a8 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -268,8 +268,10 @@ class BootimgEFIPlugin(SourcePlugin): # dosfs image, created by mkdosfs bootimg = "%s/boot.img" % cr_workdir -dosfs_cmd = "mkdosfs -n efi -i %s -C %s %d" % \ -(part.fsuuid, bootimg, blocks) +label = part.label if part.label else "efi" + +dosfs_cmd = "mkdosfs -n %s -i %s -C %s %d" % \ +(label, part.fsuuid, bootimg, blocks) exec_native_cmd(dosfs_cmd, native_sysroot) mcopy_cmd = "mcopy -i %s -s %s/* ::/" % (bootimg, hdddir) -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 4/4] image_types_wic: add dependency for wic based image installer
From: Chee Yang Lee initramfs and rootfs image are required to build wic based image installer, add both as dependency for do_image_wic. initiate default value for LIVE_ROOTFS_TYPE, INITRD_IMAGE_LIVE and INITRD_LIVE Signed-off-by: Chee Yang Lee --- meta/classes/image_types_wic.bbclass | 6 ++ 1 file changed, 6 insertions(+) diff --git a/meta/classes/image_types_wic.bbclass b/meta/classes/image_types_wic.bbclass index 5b40a9e..e4f2b8f 100644 --- a/meta/classes/image_types_wic.bbclass +++ b/meta/classes/image_types_wic.bbclass @@ -102,9 +102,15 @@ python () { # a variable and let the metadata deal with the deps. d.setVar('_WKS_TEMPLATE', body) bb.build.addtask('do_write_wks_template', 'do_image_wic', None, d) +d.appendVarFlag('do_image_wic', 'depends', ' %s:do_image_complete' % d.getVar('INITRD_IMAGE_LIVE')) bb.build.addtask('do_image_wic', 'do_image_complete', None, d) } +LIVE_ROOTFS_TYPE ?= "ext4" +INITRD_IMAGE_LIVE ?= "${MLPREFIX}core-image-minimal-initramfs" +INITRD_LIVE ?= "${DEPLOY_DIR_IMAGE}/${INITRD_IMAGE_LIVE}-${MACHINE}.${INITRAMFS_FSTYPES}" +IMAGE_TYPEDEP_wic = "${LIVE_ROOTFS_TYPE}" + # # Write environment variables used by wic # to tmp/sysroots//imgdata/.env -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 3/4] wic: add new wic-installer.wks for wic based image installer
From: Chee Yang Lee Signed-off-by: Chee Yang Lee --- scripts/lib/wic/canned-wks/wic-installer.wks.in | 7 +++ 1 file changed, 7 insertions(+) create mode 100644 scripts/lib/wic/canned-wks/wic-installer.wks.in diff --git a/scripts/lib/wic/canned-wks/wic-installer.wks.in b/scripts/lib/wic/canned-wks/wic-installer.wks.in new file mode 100644 index 000..a7b018d --- /dev/null +++ b/scripts/lib/wic/canned-wks/wic-installer.wks.in @@ -0,0 +1,7 @@ +# description: Create wic installable image + +part /boot --source bootimg-efi --sourceparams="loader=systemd-boot,title=install,label=install-efi,initrd=${INITRD_IMAGE_LIVE}-${MACHINE}.${INITRAMFS_FSTYPES}" --ondisk sda --label install --active --align 1024 --use-uuid + +part / --source installer-partition --ondisk sda --fstype=ext4 --label image --use-uuid + +bootloader --ptable gpt --timeout=5 --append="rootwait console=ttyS0,115200 console=tty0" -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 2/4] wic: bootimg-efi: add label source parameter
From: Chee Yang Lee Add new source parameter label to allow boot.conf/grub.cfg label option to set as "install-efi", so far it's hardcoded to "Boot". The label remain to "Boot" for systemd-boot or blank for grub-efi whenever label are not "install-efi". when label set to "install-efi" the image can boot into image installation. Signed-off-by: Chee Yang Lee --- scripts/lib/wic/plugins/source/bootimg-efi.py | 20 +++- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index 83a7e18..0a0c5bd 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -86,9 +86,14 @@ class BootimgEFIPlugin(SourcePlugin): grubefi_conf += "menuentry '%s'{\n" % (title if title else "boot") kernel = "/bzImage" +label = source_params.get('label') -grubefi_conf += "linux %s root=%s rootwait %s\n" \ -% (kernel, creator.rootdev, bootloader.append) +if label == "install-efi": +grubefi_conf += "linux %s LABEL=%s rootwait %s\n" \ +% (kernel, label, bootloader.append) +else: +grubefi_conf += "linux %s root=%s rootwait %s\n" \ +% (kernel, creator.rootdev, bootloader.append) if initrd: grubefi_conf += "initrd /%s\n" % initrd @@ -154,12 +159,17 @@ class BootimgEFIPlugin(SourcePlugin): # Create systemd-boot configuration using parameters from wks file kernel = "/bzImage" title = source_params.get('title') - +label = source_params.get('label') boot_conf = "" boot_conf += "title %s\n" % (title if title else "boot") boot_conf += "linux %s\n" % kernel -boot_conf += "options LABEL=Boot root=%s %s\n" % \ - (creator.rootdev, bootloader.append) + +if label == "install-efi": +boot_conf += "options LABEL=%s %s\n" % \ +(label, bootloader.append) +else: +boot_conf += "options LABEL=Boot root=%s %s\n" % \ + (creator.rootdev, bootloader.append) if initrd: boot_conf += "initrd /%s\n" % initrd -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 0/4] add wic based image installer
From: Chee Yang Lee Existing installable image (hddimg/ISO) has limit of 4GB size, so to build larger installable image, we can build it in wic based image. 2 partition needed for installable image - first partition build using source plugin bootimg-efi and configure to run install - second partition build with root.img, systemd-boot and kernel to be install on target machine (this partition build using new source plugin installer-partition) These patches: - add new source plugin for second partition - add new .wks - add new wic dependency and set default value for required variable - allow source plugin bootimg-efi to configure to install To build the image, set WKS_FILE="wic-installer.wks.in" in local.conf. Chee Yang Lee (4): wic: add new installer-partition plugin wic: bootimg-efi: add label source parameter wic: add new wic-installer.wks for wic based image installer image_types_wic: add dependency for wic based image installer meta/classes/image_types_wic.bbclass | 6 + scripts/lib/wic/canned-wks/wic-installer.wks.in| 7 + scripts/lib/wic/plugins/source/bootimg-efi.py | 20 ++- .../lib/wic/plugins/source/installer-partition.py | 192 + 4 files changed, 220 insertions(+), 5 deletions(-) create mode 100644 scripts/lib/wic/canned-wks/wic-installer.wks.in create mode 100644 scripts/lib/wic/plugins/source/installer-partition.py -- 2.7.4 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH 1/4] wic: add new installer-partition plugin
From: Chee Yang Lee This patch implement 'installer-partition.py' source plugin for wic. The plugin create an image with systemd-boot and rootfs. The generated image can be use to create wic based image installer. Signed-off-by: Chee Yang Lee --- .../lib/wic/plugins/source/installer-partition.py | 192 + 1 file changed, 192 insertions(+) create mode 100644 scripts/lib/wic/plugins/source/installer-partition.py diff --git a/scripts/lib/wic/plugins/source/installer-partition.py b/scripts/lib/wic/plugins/source/installer-partition.py new file mode 100644 index 000..4d8343f --- /dev/null +++ b/scripts/lib/wic/plugins/source/installer-partition.py @@ -0,0 +1,192 @@ +# Copyright (c) 2019, Intel Corporation. +# All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# DESCRIPTION +# This implements the 'installer-partition' source plugin class for 'wic' +# This plugin prepare partition with content to be install on target machine. +# +# AUTHORS +# Lee Chee Yang +# + +import logging +import os + +from wic import WicError +from wic.engine import get_custom_config +from wic.pluginbase import SourcePlugin +from wic.misc import (exec_cmd, exec_native_cmd, get_bitbake_var) + +logger = logging.getLogger('wic') + +class InstallerImagePlugin(SourcePlugin): +""" +Populate content for wic image based installer +""" + +name = 'installer-partition' + +@classmethod +def do_configure_partition(cls, part, source_params, creator, cr_workdir, + oe_builddir, bootimg_dir, kernel_dir, + native_sysroot): +""" +Called before do_prepare_partition(), creates loader-specific config +""" +if not kernel_dir: +kernel_dir = get_bitbake_var("DEPLOY_DIR_IMAGE") +if not kernel_dir: +raise WicError("Couldn't find DEPLOY_DIR_IMAGE, exiting") +staging_kernel_dir = kernel_dir + +partition_dir = "%s/%s-%s" % (cr_workdir, part.label, part.lineno) + +install_cmd = "install -d %s/EFI/BOOT" % partition_dir +exec_cmd(install_cmd) + +install_cmd = "install -d %s/loader/entries" % partition_dir +exec_cmd(install_cmd) + +bootloader = creator.ks.bootloader + +loader_conf = "" +loader_conf += "default boot\n" +loader_conf += "timeout %d\n" % bootloader.timeout + +initrd = source_params.get('initrd') + +if initrd: +cp_cmd = "cp %s/%s %s" % (kernel_dir, initrd, partition_dir) +exec_cmd(cp_cmd, True) +else: +logger.debug("Ignoring missing initrd") + +logger.debug("Writing systemd-boot config " + "%s/loader/loader.conf", partition_dir) +cfg = open("%s/loader/loader.conf" % partition_dir, "w") +cfg.write(loader_conf) +cfg.close() + +kernel = get_bitbake_var("KERNEL_IMAGETYPE") +if not kernel: +kernel = "bzImage" + +install_cmd = "install -m 0644 %s/%s %s/%s" % \ +(staging_kernel_dir, kernel, partition_dir, kernel) +exec_cmd(install_cmd) + +configfile = creator.ks.bootloader.configfile +custom_cfg = None +if configfile: +custom_cfg = get_custom_config(configfile) +if custom_cfg: +# Use a custom configuration for systemd-boot +boot_conf = custom_cfg +logger.debug("Using custom configuration file " + "%s for systemd-boots's boot.conf", configfile) +else: +raise WicError("configfile is specified but failed to " + "get it from %s.", configfile) + +if not custom_cfg: +# Create systemd-boot configuration using parameters from wks file +title = source_params.get('title') + +boot_conf = "" +boot_conf += "title %s\n" % (title if title else "boot") +boot_conf += "linux /%s\n" % kerne