Re: [ptxdist] [PATCH v3] vulkan-tools: new package
On Mon, Jun 22, 2020 at 09:24:21AM +0200, Philipp Zabel wrote: > This package contains the vulkaninfo tool and the vkcube(pp) examples. > > Signed-off-by: Philipp Zabel > [mol: fix PTXCONF_VULKAN_CUBE -> PTXCONF_VULKAN_TOOLS_CUBE] > Signed-off-by: Michael Olbrich > --- > Changed since v2: > - added missing glslang dependency Same error as before: CMake Error at cube/CMakeLists.txt:208 (install): install TARGETS given target "vkcube" which does not exist. CMake Error at cube/CMakeLists.txt:253 (install): install TARGETS given target "vkcubepp" which does not exist. With: PTXCONF_VULKAN_TOOLS=y PTXCONF_VULKAN_TOOLS_CUBE=y PTXCONF_VULKAN_TOOLS_XCB=y PTXCONF_VULKAN_TOOLS_WAYLAND=y Michael > --- > rules/vulkan-tools.in | 31 ++ > rules/vulkan-tools.make | 72 + > 2 files changed, 103 insertions(+) > create mode 100644 rules/vulkan-tools.in > create mode 100644 rules/vulkan-tools.make > > diff --git a/rules/vulkan-tools.in b/rules/vulkan-tools.in > new file mode 100644 > index ..13ad1bcd39e1 > --- /dev/null > +++ b/rules/vulkan-tools.in > @@ -0,0 +1,31 @@ > +## SECTION=multimedia_libs > + > +config VULKAN_TOOLS > + tristate > + prompt "vulkan-tools" > + select HOST_CMAKE > + select VULKAN_LOADER > + select GLSLANG if BUILDTIME > + select LIBXCB if VULKAN_TOOLS_XCB > + select XORG_LIB_X11 if VULKAN_TOOLS_XCB > + select WAYLAND if VULKAN_TOOLS_WAYLAND > + help > + Vulkan Utilities and Tools > + > +if VULKAN_TOOLS > + > +config VULKAN_TOOLS_CUBE > + bool > + prompt "install vkcube" > + help > + Install vkcube and vkcubepp examples. > + > +config VULKAN_TOOLS_XCB > +bool > +default y if VULKAN_LOADER_XCB > + > +config VULKAN_TOOLS_WAYLAND > +bool > +default y if VULKAN_LOADER_WAYLAND > + > +endif > diff --git a/rules/vulkan-tools.make b/rules/vulkan-tools.make > new file mode 100644 > index ..0d04775e7aa4 > --- /dev/null > +++ b/rules/vulkan-tools.make > @@ -0,0 +1,72 @@ > +# -*-makefile-*- > +# > +# Copyright (C) 2020 by Philipp Zabel > +# > +# For further information about the PTXdist project and license conditions > +# see the README file. > +# > + > +# > +# We provide this package > +# > +PACKAGES-$(PTXCONF_VULKAN_TOOLS) += vulkan-tools > + > +# > +# Paths and names > +# > +VULKAN_TOOLS_VERSION := 1.2.141.0 > +VULKAN_TOOLS_MD5 := d74d6536dfa19a972149a5e41830249c > +VULKAN_TOOLS := vulkan-tools-$(VULKAN_TOOLS_VERSION) > +VULKAN_TOOLS_SUFFIX := tar.gz > +VULKAN_TOOLS_URL := > https://github.com/KhronosGroup/Vulkan-Tools/archive/sdk-$(VULKAN_TOOLS_VERSION).$(VULKAN_TOOLS_SUFFIX) > +VULKAN_TOOLS_SOURCE := $(SRCDIR)/$(VULKAN_TOOLS).$(VULKAN_TOOLS_SUFFIX) > +VULKAN_TOOLS_DIR := $(BUILDDIR)/$(VULKAN_TOOLS) > +VULKAN_TOOLS_LICENSE := Apache-2.0 > +VULKAN_TOOLS_LICENSE_FILES := > file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57 > + > +# > > +# Prepare > +# > > + > +VULKAN_TOOLS_CONF_TOOL := cmake > +VULKAN_TOOLS_CONF_OPT:= \ > + $(CROSS_CMAKE_USR) \ > + -DCMAKE_INSTALL_LIBDIR=/usr/lib \ > + -DBUILD_CUBE=$(call ptx/onoff, PTXCONF_VULKAN_TOOLS_CUBE) \ > + -DCUBE_WSI_SELECTION=$(call ptx/ifdef, PTXCONF_VULKAN_TOOLS_WAYLAND, > WAYLAND, \ > + $(call ptx/ifdef, PTXCONF_VULKAN_TOOLS_XCB, XCB, > DISPLAY)) \ > + -DBUILD_VULKANINFO=ON \ > + -DBUILD_ICD=OFF \ > + -DINSTALL_ICD=OFF \ > + -DUSE_CCACHE=OFF \ > + -DBUILD_WSI_XCB_SUPPORT=$(call ptx/onoff, PTXCONF_VULKAN_TOOLS_XCB) \ > + -DBUILD_WSI_XLIB_SUPPORT=OFF \ > + -DBUILD_WSI_WAYLAND_SUPPORT=$(call ptx/onoff, > PTXCONF_VULKAN_TOOLS_WAYLAND) \ > + -DVulkanRegistry_DIR=$(SYSROOT)/usr/share/vulkan \ > + -DGLSLANG_INSTALL_DIR=$(PTXDIST_SYSROOT_HOST)/bin > + > +# > > +# Target-Install > +# > > + > +$(STATEDIR)/vulkan-tools.targetinstall: > + @$(call targetinfo) > + > + @$(call install_init, vulkan-tools) > + @$(call install_fixup, vulkan-tools, PRIORITY, optional) > + @$(call install_fixup, vulkan-tools, SECTION, base) > + @$(call install_fixup, vulkan-tools, AUTHOR, "Philipp Zabel > ") > + @$(call install_fixup, vulkan-tools, DESCRIPTION, Vulkan Utilities and > Tools) > + > +ifdef VULKAN_TOOLS_CUBE > + @$(call install_copy, vulkan-tools, 0, 0, 0755, -, /usr/bin/vkcube) > + @$(call install_copy, vulkan-tools, 0, 0, 0755, -, /usr/bin/vkcubepp) > +endif > + > + @$(call install_copy, vulkan-tools, 0, 0, 0755, -, /usr/bin/vulkaninfo) > + > + @$(call install_finish, vulkan-tools) > + > + @$(call to
Re: [ptxdist] [PATCH 4/5] sepolgen: remove after one year in staging
On Mon, Jun 22, 2020 at 02:26:44PM +0200, Michael Olbrich wrote: > On Mon, Jun 22, 2020 at 12:29:52AM +0200, Roland Hieber wrote: > > Signed-off-by: Roland Hieber > > --- > > rules/policycoreutils.in | 34 - > > rules/sepolgen.in| 29 - > > rules/sepolgen.make | 54 > > 3 files changed, 117 deletions(-) > > delete mode 100644 rules/sepolgen.in > > delete mode 100644 rules/sepolgen.make > > > > diff --git a/rules/policycoreutils.in b/rules/policycoreutils.in > > index 856b50046d5b..27347b9f0188 100644 > > --- a/rules/policycoreutils.in > > +++ b/rules/policycoreutils.in > > @@ -11,7 +11,6 @@ menuconfig POLICYCOREUTILS > > select LIBSEMANAGE > > select LIBSEPOL > > select DBUS_GLIBif POLICYCOREUTILS_RESTORECOND > > - select SEPOLGEN if POLICYCOREUTILS_PYTHON > > select BUSYBOX_FEATURE_FIND_DEPTH if BUSYBOX_FIND > > select BUSYBOX_FEATURE_FIND_DELETE if BUSYBOX_FIND > > select BUSYBOX_SELINUX if BUSYBOX_FIND > > @@ -28,39 +27,6 @@ menuconfig POLICYCOREUTILS > > > > if POLICYCOREUTILS > > > > -menuconfig POLICYCOREUTILS_PYTHON > > - depends on STAGING > > Keep the options and replace STAGING with BROKEN and add a comment what's > missing. The options are still referenced in the policycoreutils.make. ...and I have some selinux resurrection patches in progress, but unfortunately customer stepped away from that requirement. I'll try to find time to polish them and relase in case anybody is in the mood of finishng that job ;-) ladis ___ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-requ...@pengutronix.de
Re: [ptxdist] Root filesystem creation regression
On Mon, Jun 22, 2020 at 11:14:30AM +0200, Juergen Borleis wrote: > Michael Olbrich wrote: > > […] > > 'install_tree' is a bit of a special case here. The problem ist, that it > > cannot know, which directories are implicit. So it will always create all > > subdirectories (except the root directory of the tree). So you need to fix > > the permission in the install stage. > > I do not want and I do not need to know how "systemd" likes its directories. > I > just want to *add* a file to this directory. And this is how it works if you > run "make install" in your package for a regular root filesystem: The > "install" > tool just copies a file to this dedicated directory and uses the already > existing directory (and its permissions) as-is - and everything is fine. > The conflict only happens in PTXdist due to all install stages always install > into an "empty" filesystem. No, the conflict happens because you don't tell ptxdist what you want. Your directory has special permissions and ptxdist should not ignore that. If you don't care about the directory permissions, then don't use install_tree. Install the individual files with install_copy. In general, 'just add a file to a directory' is not possible. There is no way to tell opkg if the permissions of a directory are important or not. The only way to _always_ get the correct permissions is to use 0755 when we don't care and explicitly handle anything else in _all_ packages that touch the relevant paths. Michael -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0| Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- | ___ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-requ...@pengutronix.de
Re: [ptxdist] [PATCH 4/5] sepolgen: remove after one year in staging
On Mon, Jun 22, 2020 at 12:29:52AM +0200, Roland Hieber wrote: > Signed-off-by: Roland Hieber > --- > rules/policycoreutils.in | 34 - > rules/sepolgen.in| 29 - > rules/sepolgen.make | 54 > 3 files changed, 117 deletions(-) > delete mode 100644 rules/sepolgen.in > delete mode 100644 rules/sepolgen.make > > diff --git a/rules/policycoreutils.in b/rules/policycoreutils.in > index 856b50046d5b..27347b9f0188 100644 > --- a/rules/policycoreutils.in > +++ b/rules/policycoreutils.in > @@ -11,7 +11,6 @@ menuconfig POLICYCOREUTILS > select LIBSEMANAGE > select LIBSEPOL > select DBUS_GLIBif POLICYCOREUTILS_RESTORECOND > - select SEPOLGEN if POLICYCOREUTILS_PYTHON > select BUSYBOX_FEATURE_FIND_DEPTH if BUSYBOX_FIND > select BUSYBOX_FEATURE_FIND_DELETE if BUSYBOX_FIND > select BUSYBOX_SELINUX if BUSYBOX_FIND > @@ -28,39 +27,6 @@ menuconfig POLICYCOREUTILS > > if POLICYCOREUTILS > > -menuconfig POLICYCOREUTILS_PYTHON > - depends on STAGING Keep the options and replace STAGING with BROKEN and add a comment what's missing. The options are still referenced in the policycoreutils.make. Michael > - bool "python based tools" > - > -if POLICYCOREUTILS_PYTHON > - > -config POLICYCOREUTILS_AUDIT2ALLOW > - bool "audit2allow" > - > -config POLICYCOREUTILS_SEPOLGEN_IFGEN > - select POLICYCOREUTILS_AUDIT2ALLOW > - bool "sepolgen-ifgen" > - > -config POLICYCOREUTILS_AUDIT2WHY > - select POLICYCOREUTILS_AUDIT2ALLOW > - bool "audit2why" > - > -config POLICYCOREUTILS_SANDBOX > - bool "sandbox" > - depends on BROKEN > - > -config POLICYCOREUTILS_CHCAT > - select LIBSEMANAGE_PYTHON > - depends on BROKEN > - bool "chcat" > - > -config POLICYCOREUTILS_SEMANAGE > - select LIBSEMANAGE_PYTHON > - depends on BROKEN > - bool "semanage" > - > -endif > - > config POLICYCOREUTILS_LOAD_POLICY > bool "load_policy" > > diff --git a/rules/sepolgen.in b/rules/sepolgen.in > deleted file mode 100644 > index 94f2ce071ab8.. > --- a/rules/sepolgen.in > +++ /dev/null > @@ -1,29 +0,0 @@ > -## SECTION=staging > -## old section: > -### SECTION=selinux > - > -config SEPOLGEN > - tristate > - prompt "sepolgen" > - select PYTHON > - select LIBSELINUX > - select LIBSELINUX_PYTHON > - help > - A Python module used in SELinux policy generation > - > - This package contains a Python module that forms the core of > - the modern audit2allow (which is a part of the package > - policycoreutils). The sepolgen library is structured to give > - flexibility to the application using it. The library > - contains: Reference Policy Representation, which are Objects > - for representing policies and the reference policy > - interfaces. Secondly, it has objects and algorithms for > - representing access and sets of access in an abstract way > - and searching that access. It also has a parser for > - reference policy "headers". It contains infrastructure for > - parsing SELinux related messages as produced by the audit > - system. It has facilities for generating policy based on > - required access. > - > - STAGING: remove in ptxdist-2020.06.0 > - Old version that needs to be updated. > diff --git a/rules/sepolgen.make b/rules/sepolgen.make > deleted file mode 100644 > index 7084e1d1d348.. > --- a/rules/sepolgen.make > +++ /dev/null > @@ -1,54 +0,0 @@ > -# -*-makefile-*- > -# > -# Copyright (C) 2013 by Marc Kleine-Budde > -# > -# For further information about the PTXdist project and license conditions > -# see the README file. > -# > - > -# > -# We provide this package > -# > -PACKAGES-$(PTXCONF_SEPOLGEN) += sepolgen > - > -# > -# Paths and names > -# > -SEPOLGEN_VERSION := 1.1.8 > -SEPOLGEN_MD5 := d734ff236639cc1bd3a33901774fa98d > -SEPOLGEN := sepolgen-$(SEPOLGEN_VERSION) > -SEPOLGEN_SUFFIX := tar.gz > -SEPOLGEN_URL := > https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20120924/$(SEPOLGEN).$(SEPOLGEN_SUFFIX) > -SEPOLGEN_SOURCE := $(SRCDIR)/$(SEPOLGEN).$(SEPOLGEN_SUFFIX) > -SEPOLGEN_DIR := $(BUILDDIR)/$(SEPOLGEN) > -SEPOLGEN_LICENSE := GPL-2.0-only > - > -# > > -# Prepare > -# > > - > -SEPOLGEN_CONF_TOOL := NO > -# no ':=' because of $(PYTHON_SITEPACKAGES) > -SEPOLGEN_MAKE_ENV = PYTHONLIBDIR=$(PYTHON_SITEPACKAGES) > - > -# > > -# Target-Install > -# > > - > -$(STATEDIR)/sepol
Re: [ptxdist] [PATCH 3/7] ptxd_make_world_get: make 'ptxdist urlcheck' idempotent
On Fri, Jun 19, 2020 at 01:07:22PM +0200, Michael Olbrich wrote: > On Fri, Jun 19, 2020 at 10:22:55AM +0200, Roland Hieber wrote: > > On Fri, Jun 19, 2020 at 07:34:01AM +0200, Michael Olbrich wrote: > > > On Sat, Jun 13, 2020 at 03:32:45AM +0200, Roland Hieber wrote: > > > > There is no guarantee that URLs will still work the next time we want to > > > > check them, so try to fetch the URL every time instead of caching the > > > > result. This also makes iterations of editing the URL in the rule file > > > > and testing if it works quicker. > > > > > > > > Unfortunately, GNU make skips implicit rules for .PHONY targets, but it > > > > is unlikely that $(STATEDIR)/%.urlcheck is created by something other > > > > than PTXdist, so removing the $(call touch) is a good approximation for > > > > phony behaviour. > > > > > > No. This is deliberately like this. I want to run 'ptxdist urlcheck', fix > > > errors and then continue with the rest. > > > > Can you not use -k to do this? > > I do that. But without the successful cache, I need to track all failures > manually because I cannot call 'urlcheck' again. To check the rest. Ah, I now understand what you mean. Of course, successfully checked URLs should be cached, but my change breaks that. My intention with this patch was that the failed urlchecks are not cached if they are unsuccessful. But somehow I can no longer reproduce that problem, an unsuccessful urlcheck now fails without creating the state file... so I guess everything should be fine without this patch. > > Caching an error state is at least unusual, and it is not done anywhere > > else in PTXdist, so this breaks the principle of least surprise. > > On the contrary. In general, if something was successful, then we don't do > it again unless there is a clear indication that the input has changed. > In all other cases an explicit 'drop' or 'clean' is needed. > > For example, we don't skip the 'touch' for local_src/ links either. Even > though the code can change any time. I meant, if a package fails to compile or install, we don't cache that state, so the next ptxdist go will try to build it again. Of course, not all error states result in a compilation failure, but we can do the best and fail for those that do. - Roland -- Roland Hieber, Pengutronix e.K. | r.hie...@pengutronix.de | Steuerwalder Str. 21 | https://www.pengutronix.de/ | 31137 Hildesheim, Germany| Phone: +49-5121-206917-0| Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- | ___ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-requ...@pengutronix.de
Re: [ptxdist] [PATCH v3 1/2] nss: make installed libraries configurable
On Fri, Jun 19, 2020 at 05:04:47PM +0200, Michael Olbrich wrote: > On Fri, Jun 19, 2020 at 03:44:24PM +0200, Roland Hieber wrote: > > Most NSS modules are only needed if any software links to them, or loads > > them at runtime (e.g. as a PKCS#11 module). In extreme cases, we can > > slim down the installation by more than 1 MiB, and also get rid of the > > SQLite dependency. > > > > Qt5WebEngine and ecryptfs-utils are currently the only users of NSS, pin > > down their respective sub-dependencies. > > > > Signed-off-by: Roland Hieber > > --- > > v2 -> v3: no changes > > > > v1 -> v2: > > - rebase onto current master > > - fix ecryptfs depedency, only libsoftokn is needed > > - format libsoftokn help text a bit nicer > > > > rules/ecryptfs-utils.in | 1 + > > rules/nss.in| 58 ++--- > > rules/nss.make | 22 +--- > > rules/qt5.in| 2 ++ > > 4 files changed, 71 insertions(+), 12 deletions(-) > > > > diff --git a/rules/ecryptfs-utils.in b/rules/ecryptfs-utils.in > > index 5087f79d3ca2..8a62443bdddb 100644 > > --- a/rules/ecryptfs-utils.in > > +++ b/rules/ecryptfs-utils.in > > @@ -5,6 +5,7 @@ menuconfig ECRYPTFS_UTILS > > prompt "ecryptfs-utils" > > select KEYUTILS > > select NSS > > + select NSS_INSTALL_LIBSOFTOKN > > This is loaded dynamically, right? There should be a comment here, > otherwise someone will try to remove it because it seems unused. > > > select HOST_INTLTOOL > > select BASH if ECRYPTFS_UTILS_TESTS > > select COREUTILSif ECRYPTFS_UTILS_TESTS > > diff --git a/rules/nss.in b/rules/nss.in > > index 3e4a07a75404..799bd5a73ae0 100644 > > --- a/rules/nss.in > > +++ b/rules/nss.in > > @@ -1,13 +1,65 @@ > > ## SECTION=networking > > > > -config NSS > > +menuconfig NSS > > tristate > > - prompt "nss" > > + prompt "nss " > > select NSPR > > - select SQLITE > > + select SQLITE if NSS_INSTALL_LIBSOFTOKN > > help > > Network Security Services (NSS) is a set of libraries designed to > > support cross-platform development of security-enabled client and > > server applications. Applications built with NSS can support > > SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, > > X.509 v3 certificates, and other security standards. > > + > > +if NSS > > + > > +config NSS_INSTALL_LIBSMIME > > + bool > > + prompt "install libsmime" > > + default y > > Remove the default. This is something libs/programs link to, so building > will fail if its needed and missing. > > > + help > > + Install libsmime3.so, which adds about ~90 kiB to the footprint. > > + > > + libsmime provides functionality related to S/MIME (Cryptographic > > + Message Syntax, PKCS#7) used by secure email and some instant > > + messaging implementations. > > + > > +config NSS_INSTALL_LIBSSL > > + bool > > + prompt "install libssl" > > + default y > > Same here. > > > + help > > + Install libssl3.so, which adds about ~200 kiB to the footprint. > > + > > + libssl implements the Secure Sockets Layer/Transport Layer Security > > + network protocols. > > + > > +config NSS_INSTALL_LIBNSSCKBI > > + bool > > + prompt "install libnssckbi" > > + default y > > + help > > + Install libnssckbi.so, which adds about ~350 kiB to the footprint. > > + > > + CKBI is a PKCS#11 module which provides a set of trust anchors (Root > > + CAs) and their trust assignments. > > This is loaded dynamically. So how should a package creator know, when this > is needed? > > > +config NSS_INSTALL_LIBSOFTOKN > > + bool > > + prompt "install libsoftokn" > > + default y > > + help > > + Install libfreebl3.so, libfreeblpriv3.so, libsoftokn3.so, and > > + libnssdbm3.so, which add about ~530 kB to the footprint, as well as an > > + additional dependency on SQLite. > > + > > + FreeBL is a base library providing hash functions, big number > > + calculations, and cryptographic algorithms. > > + > > + DBM is a legacy library providing database storage. > > Is this loaded dynamically? I'm not seeing any users and if this is legacy > then maybe we shouldn't install it at all? > > > + Softoken is an NSS module that exposes most FreeBL functionality as a > > Softokn (without the 'e'), right? > > > + PKCS#11 module, and can make use of DBM or SQLite at runtime. > > So softokn is loaded dynamically by libnss3, right? Same question as above. > And what exactly is the relationship with libfreebl3.so? Is that loaded > dynamically by softokn? Same with libnssdbm3.so. > > > +endif > > diff --git a/rules/nss.make b/rules/nss.make > > index 44febc416711..6a003dd1743f 100644 > > --- a/rules/nss.make > > +++ b/rules/nss.make > > @@ -48,13 +48,18 @@ NSS_MAKE_ENV := \ > > BUILD_OPT=1 \ > > MOZILLA_CLIENT=1 \ > > NS_US
Re: [ptxdist] Root filesystem creation regression
Hi Michael, Michael Olbrich wrote: > […] > 'install_tree' is a bit of a special case here. The problem ist, that it > cannot know, which directories are implicit. So it will always create all > subdirectories (except the root directory of the tree). So you need to fix > the permission in the install stage. I do not want and I do not need to know how "systemd" likes its directories. I just want to *add* a file to this directory. And this is how it works if you run "make install" in your package for a regular root filesystem: The "install" tool just copies a file to this dedicated directory and uses the already existing directory (and its permissions) as-is - and everything is fine. The conflict only happens in PTXdist due to all install stages always install into an "empty" filesystem. jb -- Pengutronix e.K. | Juergen Borleis | Steuerwalder Str. 21 | https://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-128 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-9| ___ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-requ...@pengutronix.de
Re: [ptxdist] Root filesystem creation regression
On Mon, Jun 22, 2020 at 09:55:51AM +0200, Juergen Borleis wrote: > since commit 9c0ec1da583f32706372d2a6cefa9a05f77ee8d2 > "ptxd_lib_check_dir_permissions: also check parents for directories" > > the "install_tree" macro may create directories which makes this test fail > and > I'm unable to create root filesystems anymore. > > The problem pops up if "install_tree" tries to install a file to a directory > which has different permissions than the usual ones (0775, root:root). > > For example: "systemd" sets up the "/usr/share/dbus-1/system-services" with > permissions 0755. If my own package tries to add another file to this > directory > the corresponding "install" tool in the install stage creates the whole path > with standard 0755 permissions - because the "filesystem" in the package > directory (e.g. platform-/packages/) is always empty. In a > regular root filesystem it works, because the directory structure already > exists (with the intended permissions), and the "install" tool has to copy > the > file only. > > Using "install_tree" in my package in this case creates a conflict for > the "system-services" directory (0755 versus 0775). I guess it will fail at > more locations than only "install_tree", if someone adds more and more > accurate > permissions due to security reasons. So the error you got was that systemd tries to create system-services with 0755 and your package tries to create it with 0775, right? This is no longer supported. All packages must create the same directories with the same permissions. The problem is that, in general, when two ipkgs contain the same directory with different permissions then the result was non-deterministic. Either permission could end up in the rootfs. For rootfs images we 'fixed' this by applying all permissions again. However, that is only deterministic if only on package provides explicit permissions for the directory. And that was not checked. And even that case is not without problems: This only works, wenn ptxdist created rootfs images. It does not work when ipkgs are used in any other way. And if the package that provides the permissions is disabled, then the permissions change for the remaining system. That is not something that should happen. So if a directory has non standard permissions, then all packages that install into this directory must created the directory first, with the correct permissions. FYI, this was broken in the last ptxdist release, but it should be fixed in master. 'install_tree' is a bit of a special case here. The problem ist, that it cannot know, which directories are implicit. So it will always create all subdirectories (except the root directory of the tree). So you need to fix the permission in the install stage. Michael -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0| Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- | ___ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-requ...@pengutronix.de
[ptxdist] Root filesystem creation regression
Hi, since commit 9c0ec1da583f32706372d2a6cefa9a05f77ee8d2 "ptxd_lib_check_dir_permissions: also check parents for directories" the "install_tree" macro may create directories which makes this test fail and I'm unable to create root filesystems anymore. The problem pops up if "install_tree" tries to install a file to a directory which has different permissions than the usual ones (0775, root:root). For example: "systemd" sets up the "/usr/share/dbus-1/system-services" with permissions 0755. If my own package tries to add another file to this directory the corresponding "install" tool in the install stage creates the whole path with standard 0755 permissions - because the "filesystem" in the package directory (e.g. platform-/packages/) is always empty. In a regular root filesystem it works, because the directory structure already exists (with the intended permissions), and the "install" tool has to copy the file only. Using "install_tree" in my package in this case creates a conflict for the "system-services" directory (0755 versus 0775). I guess it will fail at more locations than only "install_tree", if someone adds more and more accurate permissions due to security reasons. jb -- Pengutronix e.K. | Juergen Borleis | Steuerwalder Str. 21 | https://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-128 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-9| ___ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-requ...@pengutronix.de
[ptxdist] [PATCH v3] vulkan-tools: new package
This package contains the vulkaninfo tool and the vkcube(pp) examples. Signed-off-by: Philipp Zabel [mol: fix PTXCONF_VULKAN_CUBE -> PTXCONF_VULKAN_TOOLS_CUBE] Signed-off-by: Michael Olbrich --- Changed since v2: - added missing glslang dependency --- rules/vulkan-tools.in | 31 ++ rules/vulkan-tools.make | 72 + 2 files changed, 103 insertions(+) create mode 100644 rules/vulkan-tools.in create mode 100644 rules/vulkan-tools.make diff --git a/rules/vulkan-tools.in b/rules/vulkan-tools.in new file mode 100644 index ..13ad1bcd39e1 --- /dev/null +++ b/rules/vulkan-tools.in @@ -0,0 +1,31 @@ +## SECTION=multimedia_libs + +config VULKAN_TOOLS + tristate + prompt "vulkan-tools" + select HOST_CMAKE + select VULKAN_LOADER + select GLSLANG if BUILDTIME + select LIBXCB if VULKAN_TOOLS_XCB + select XORG_LIB_X11 if VULKAN_TOOLS_XCB + select WAYLAND if VULKAN_TOOLS_WAYLAND + help + Vulkan Utilities and Tools + +if VULKAN_TOOLS + +config VULKAN_TOOLS_CUBE + bool + prompt "install vkcube" + help + Install vkcube and vkcubepp examples. + +config VULKAN_TOOLS_XCB +bool +default y if VULKAN_LOADER_XCB + +config VULKAN_TOOLS_WAYLAND +bool +default y if VULKAN_LOADER_WAYLAND + +endif diff --git a/rules/vulkan-tools.make b/rules/vulkan-tools.make new file mode 100644 index ..0d04775e7aa4 --- /dev/null +++ b/rules/vulkan-tools.make @@ -0,0 +1,72 @@ +# -*-makefile-*- +# +# Copyright (C) 2020 by Philipp Zabel +# +# For further information about the PTXdist project and license conditions +# see the README file. +# + +# +# We provide this package +# +PACKAGES-$(PTXCONF_VULKAN_TOOLS) += vulkan-tools + +# +# Paths and names +# +VULKAN_TOOLS_VERSION := 1.2.141.0 +VULKAN_TOOLS_MD5 := d74d6536dfa19a972149a5e41830249c +VULKAN_TOOLS := vulkan-tools-$(VULKAN_TOOLS_VERSION) +VULKAN_TOOLS_SUFFIX:= tar.gz +VULKAN_TOOLS_URL := https://github.com/KhronosGroup/Vulkan-Tools/archive/sdk-$(VULKAN_TOOLS_VERSION).$(VULKAN_TOOLS_SUFFIX) +VULKAN_TOOLS_SOURCE:= $(SRCDIR)/$(VULKAN_TOOLS).$(VULKAN_TOOLS_SUFFIX) +VULKAN_TOOLS_DIR := $(BUILDDIR)/$(VULKAN_TOOLS) +VULKAN_TOOLS_LICENSE := Apache-2.0 +VULKAN_TOOLS_LICENSE_FILES := file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57 + +# +# Prepare +# + +VULKAN_TOOLS_CONF_TOOL := cmake +VULKAN_TOOLS_CONF_OPT := \ + $(CROSS_CMAKE_USR) \ + -DCMAKE_INSTALL_LIBDIR=/usr/lib \ + -DBUILD_CUBE=$(call ptx/onoff, PTXCONF_VULKAN_TOOLS_CUBE) \ + -DCUBE_WSI_SELECTION=$(call ptx/ifdef, PTXCONF_VULKAN_TOOLS_WAYLAND, WAYLAND, \ + $(call ptx/ifdef, PTXCONF_VULKAN_TOOLS_XCB, XCB, DISPLAY)) \ + -DBUILD_VULKANINFO=ON \ + -DBUILD_ICD=OFF \ + -DINSTALL_ICD=OFF \ + -DUSE_CCACHE=OFF \ + -DBUILD_WSI_XCB_SUPPORT=$(call ptx/onoff, PTXCONF_VULKAN_TOOLS_XCB) \ + -DBUILD_WSI_XLIB_SUPPORT=OFF \ + -DBUILD_WSI_WAYLAND_SUPPORT=$(call ptx/onoff, PTXCONF_VULKAN_TOOLS_WAYLAND) \ + -DVulkanRegistry_DIR=$(SYSROOT)/usr/share/vulkan \ + -DGLSLANG_INSTALL_DIR=$(PTXDIST_SYSROOT_HOST)/bin + +# +# Target-Install +# + +$(STATEDIR)/vulkan-tools.targetinstall: + @$(call targetinfo) + + @$(call install_init, vulkan-tools) + @$(call install_fixup, vulkan-tools, PRIORITY, optional) + @$(call install_fixup, vulkan-tools, SECTION, base) + @$(call install_fixup, vulkan-tools, AUTHOR, "Philipp Zabel ") + @$(call install_fixup, vulkan-tools, DESCRIPTION, Vulkan Utilities and Tools) + +ifdef VULKAN_TOOLS_CUBE + @$(call install_copy, vulkan-tools, 0, 0, 0755, -, /usr/bin/vkcube) + @$(call install_copy, vulkan-tools, 0, 0, 0755, -, /usr/bin/vkcubepp) +endif + + @$(call install_copy, vulkan-tools, 0, 0, 0755, -, /usr/bin/vulkaninfo) + + @$(call install_finish, vulkan-tools) + + @$(call touch) + +# vim: syntax=make -- 2.20.1 ___ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-requ...@pengutronix.de
