[yocto] [honister][PATCH] dm-verity-img.bbclass: Fix wrong override syntax for CONVERSION_DEPENDS
CONVERSION_DEPENDS hasn't been converted to the new syntax. Fixes: a23ceef ("dm-verity-img.bbclass: more overided fixups") Signed-off-by: Kristian Klausen Signed-off-by: Armin Kuster --- classes/dm-verity-img.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/dm-verity-img.bbclass b/classes/dm-verity-img.bbclass index 0b6d053..93f667d 100644 --- a/classes/dm-verity-img.bbclass +++ b/classes/dm-verity-img.bbclass @@ -67,7 +67,7 @@ VERITY_TYPES = "ext2.verity ext3.verity ext4.verity btrfs.verity" IMAGE_TYPES += "${VERITY_TYPES}" CONVERSIONTYPES += "verity" CONVERSION_CMD:verity = "verity_setup ${type}" -CONVERSION_DEPENDS:verity = "cryptsetup-native" +CONVERSION_DEPENDS_verity = "cryptsetup-native" python __anonymous() { verity_image = d.getVar('DM_VERITY_IMAGE') -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#55952): https://lists.yoctoproject.org/g/yocto/message/55952 Mute This Topic: https://lists.yoctoproject.org/mt/88643459/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [meta-security][PATCH] dm-verity-img.bbclass: Fix wrong override syntax for CONVERSION_DEPENDS
On Fri, Dec 17, 2021 at 10:06:06 +, Jose Quaresma wrote: > Kristian Klausen via lists.yoctoproject.org klausen...@lists.yoctoproject.org> escreveu no dia sexta, 17/12/2021 à(s) > 09:55: > > > CONVERSION_DEPENDS hasn't been converted to the new syntax. > > > > Fixes: a23ceef ("dm-verity-img.bbclass: more overided fixups") > > > > Signed-off-by: Kristian Klausen > > --- > > This should also be backported to honister. > > > > classes/dm-verity-img.bbclass | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/classes/dm-verity-img.bbclass b/classes/dm-verity-img.bbclass > > index 0b6d053..93f667d 100644 > > --- a/classes/dm-verity-img.bbclass > > +++ b/classes/dm-verity-img.bbclass > > @@ -67,7 +67,7 @@ VERITY_TYPES = "ext2.verity ext3.verity ext4.verity > > btrfs.verity" > > IMAGE_TYPES += "${VERITY_TYPES}" > > CONVERSIONTYPES += "verity" > > CONVERSION_CMD:verity = "verity_setup ${type}" > > -CONVERSION_DEPENDS:verity = "cryptsetup-native" > > +CONVERSION_DEPENDS_verity = "cryptsetup-native" > > > > This syntax don't work anymore with oe-core master branch (resend as I forgot to CC the list) Are you sure? This was tested with the honister branch, but the code is the same[1]. [1] https://git.openembedded.org/openembedded-core/tree/meta/classes/image_types.bbclass#n40 > > > > python __anonymous() { > > verity_image = d.getVar('DM_VERITY_IMAGE') > > -- > > 2.34.1 > > > > > > > > > > > > -- > Best regards, > > José Quaresma > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#55607): https://lists.yoctoproject.org/g/yocto/message/55607 Mute This Topic: https://lists.yoctoproject.org/mt/87786381/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[yocto] [meta-security][PATCH] dm-verity-img.bbclass: Fix wrong override syntax for CONVERSION_DEPENDS
CONVERSION_DEPENDS hasn't been converted to the new syntax. Fixes: a23ceef ("dm-verity-img.bbclass: more overided fixups") Signed-off-by: Kristian Klausen --- This should also be backported to honister. classes/dm-verity-img.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/dm-verity-img.bbclass b/classes/dm-verity-img.bbclass index 0b6d053..93f667d 100644 --- a/classes/dm-verity-img.bbclass +++ b/classes/dm-verity-img.bbclass @@ -67,7 +67,7 @@ VERITY_TYPES = "ext2.verity ext3.verity ext4.verity btrfs.verity" IMAGE_TYPES += "${VERITY_TYPES}" CONVERSIONTYPES += "verity" CONVERSION_CMD:verity = "verity_setup ${type}" -CONVERSION_DEPENDS:verity = "cryptsetup-native" +CONVERSION_DEPENDS_verity = "cryptsetup-native" python __anonymous() { verity_image = d.getVar('DM_VERITY_IMAGE') -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#55605): https://lists.yoctoproject.org/g/yocto/message/55605 Mute This Topic: https://lists.yoctoproject.org/mt/87786381/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[yocto] [meta-security][PATCH v2] swtpm: update to 0.6.1
swtpm no longer depends on Python[1] so the dependencies have been removed. "inherit perlnative" has been added due to (in oe-core): deda455b3c ("bitbake.conf: drop pod2man from hosttools") Some leftover dependencies have also been removed, ex: tpm-tools required in the past by swtpm_setup.sh (<0.4.0)[2]. [1] https://github.com/stefanberger/swtpm/issues/437 [2] https://github.com/stefanberger/swtpm/commit/eee8cb5dfb13f87140a38f65bf61aff19508 Signed-off-by: Kristian Klausen --- V2: Squashed chnanges from https://lists.yoctoproject.org/g/yocto/topic/86012566 (decided to still use RRECOMMENDS for swtpm-create-tpmca deps) Fix build error due to missing expect (expect -> expect-native) Changed socat to socat-native Building tested with: bitbake swtpm && bitbake swtpm-native (with and without gnutls) .../swtpm/swtpm-wrappers-native.bb| 12 -- .../swtpm/{swtpm_0.5.2.bb => swtpm_0.6.1.bb} | 23 --- 2 files changed, 14 insertions(+), 21 deletions(-) rename meta-tpm/recipes-tpm/swtpm/{swtpm_0.5.2.bb => swtpm_0.6.1.bb} (69%) diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb index 644f3ac..bb93374 100644 --- a/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb +++ b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb @@ -1,6 +1,6 @@ SUMMARY = "SWTPM - OpenEmbedded wrapper scripts for native swtpm tools" LICENSE = "MIT" -DEPENDS = "swtpm-native tpm-tools-native net-tools-native" +DEPENDS = "swtpm-native" inherit native @@ -14,23 +14,19 @@ do_create_wrapper () { for i in `find ${bindir} ${base_bindir} ${sbindir} ${base_sbindir} -name 'swtpm*' -perm /+x -type f`; do exe=`basename $i` case $exe in -swtpm_setup.sh) +swtpm_setup) cat >${WORKDIR}/swtpm_setup_oe.sh <${WORKDIR}/${exe}_oe.sh < -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#54932): https://lists.yoctoproject.org/g/yocto/message/54932 Mute This Topic: https://lists.yoctoproject.org/mt/86028863/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [meta-tpm][v2][PATCH] swtpm: fix build issues of missing expect
Den Fri, Oct 01, 2021 at 15:25:17 -0700 skrev Armin Kuster: > Signed-off-by: Armin Kuster > > -- > V2] > Only need expect-native > Clean up PACKAGECONFGI[gnutils] to conform to spec > --- > meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > b/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > index 807c02b..0087367 100644 > --- a/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > +++ b/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = > "file://LICENSE;md5=fe8092c832b71ef20dfe4c6d3decb3a8" > SECTION = "apps" > > # coreutils-native and net-tools-native are reportedly only required for the > tests > -DEPENDS = "libtasn1 coreutils-native expect socat glib-2.0 net-tools-native > libtpm json-glib" > +DEPENDS = "libtasn1 coreutils-native expect-native socat glib-2.0 > net-tools-native libtpm json-glib" > > SRCREV = "98187d24fe14851653a7c46eb16e9c5f0b9beaa1" > SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=stable-0.6 \ > @@ -28,7 +28,7 @@ PACKAGECONFIG[openssl] = "--with-openssl, > --without-openssl, openssl" > # expect, bash, tpm2-pkcs11-tools (tpm2_ptool), tpmtool and certtool is > # used by swtpm-create-tpmca (the last two is provided by gnutls) > # gnutls is required by: swtpm-create-tpmca, swtpm-localca and swtpm_cert > -PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls, gnutls, > expect bash tpm2-pkcs11-tools" > +PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls, gnutls > expect bash tpm2-pkcs11-tools" Hi Armin Support for RRECOMMENDS in the PACKAGECONFIG was added some years ago[1][2]. Whatever they should be RRECOMMENDS or RDEPENDS I'm not sure about (I don't think swtpm-create-tpmca is a hard requirement for most people). If you like I can squash the changes into my own patch and resend it. [1] https://git.openembedded.org/openembedded-core/commit/?id=ec96c985ce1c888c3ce3c4d964d7a106c3c88a5c [2] https://www.yoctoproject.org/docs/latest/ref-manual/ref-manual.html#var-PACKAGECONFIG Cheers, Kristian > PACKAGECONFIG[selinux] = "--with-selinux, --without-selinux, libselinux" > PACKAGECONFIG[cuse] = "--with-cuse, --without-cuse, fuse" > PACKAGECONFIG[seccomp] = "--with-seccomp, --without-seccomp, libseccomp" > -- > 2.25.1 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#54929): https://lists.yoctoproject.org/g/yocto/message/54929 Mute This Topic: https://lists.yoctoproject.org/mt/86012566/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [meta-security][PATCH 2/2] swtpm: fix build issues of missing expect
Den Tue, Sep 28, 2021 at 16:39:09 -0700 skrev Armin Kuster: > Signed-off-by: Armin Kuster > --- > meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > b/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > index 807c02b..d602ee0 100644 > --- a/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > +++ b/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = > "file://LICENSE;md5=fe8092c832b71ef20dfe4c6d3decb3a8" > SECTION = "apps" > > # coreutils-native and net-tools-native are reportedly only required for the > tests > -DEPENDS = "libtasn1 coreutils-native expect socat glib-2.0 net-tools-native > libtpm json-glib" > +DEPENDS = "libtasn1 coreutils-native expect socat glib-2.0 net-tools-native > libtpm json-glib expect expect-native" expect is there twice now (+ native). Would expect-native be enough or do we also need expect? > > SRCREV = "98187d24fe14851653a7c46eb16e9c5f0b9beaa1" > SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=stable-0.6 \ > @@ -28,7 +28,7 @@ PACKAGECONFIG[openssl] = "--with-openssl, > --without-openssl, openssl" > # expect, bash, tpm2-pkcs11-tools (tpm2_ptool), tpmtool and certtool is > # used by swtpm-create-tpmca (the last two is provided by gnutls) > # gnutls is required by: swtpm-create-tpmca, swtpm-localca and swtpm_cert > -PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls, gnutls, > expect bash tpm2-pkcs11-tools" > +PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls, gnutls, > bash tpm2-pkcs11-tools" expect is needed as a runtime dependency for swtpm-create-tpmca, but I added it as a recommended dependency as I don't think all people are interesting in swtpm-create-tpmca working out-of-the-box. expect should still be here, no? > PACKAGECONFIG[selinux] = "--with-selinux, --without-selinux, libselinux" > PACKAGECONFIG[cuse] = "--with-cuse, --without-cuse, fuse" > PACKAGECONFIG[seccomp] = "--with-seccomp, --without-seccomp, libseccomp" > -- > 2.25.1 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#54904): https://lists.yoctoproject.org/g/yocto/message/54904 Mute This Topic: https://lists.yoctoproject.org/mt/85937662/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[yocto] [meta-security][PATCH] swtpm: update to 0.6.1
swtpm no longer depends on Python[1] so the dependencies have been removed. "inherit perlnative" has been added due to (in oe-core): deda455b3c ("bitbake.conf: drop pod2man from hosttools") Some leftover dependencies have also been removed, ex: tpm-tools required in the past by swtpm_setup.sh (<0.4.0)[2]. [1] https://github.com/stefanberger/swtpm/issues/437 [2] https://github.com/stefanberger/swtpm/commit/eee8cb5dfb13f87140a38f65bf61aff19508 Signed-off-by: Kristian Klausen --- .../swtpm/swtpm-wrappers-native.bb| 12 -- .../swtpm/{swtpm_0.5.2.bb => swtpm_0.6.1.bb} | 23 --- 2 files changed, 14 insertions(+), 21 deletions(-) rename meta-tpm/recipes-tpm/swtpm/{swtpm_0.5.2.bb => swtpm_0.6.1.bb} (72%) diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb index 644f3ac..bb93374 100644 --- a/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb +++ b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb @@ -1,6 +1,6 @@ SUMMARY = "SWTPM - OpenEmbedded wrapper scripts for native swtpm tools" LICENSE = "MIT" -DEPENDS = "swtpm-native tpm-tools-native net-tools-native" +DEPENDS = "swtpm-native" inherit native @@ -14,23 +14,19 @@ do_create_wrapper () { for i in `find ${bindir} ${base_bindir} ${sbindir} ${base_sbindir} -name 'swtpm*' -perm /+x -type f`; do exe=`basename $i` case $exe in -swtpm_setup.sh) +swtpm_setup) cat >${WORKDIR}/swtpm_setup_oe.sh <${WORKDIR}/${exe}_oe.sh < -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#54876): https://lists.yoctoproject.org/g/yocto/message/54876 Mute This Topic: https://lists.yoctoproject.org/mt/85898116/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[yocto] [meta-security][PATCH] libtpm: update to 0.8.7
Signed-off-by: Kristian Klausen --- .../recipes-tpm/libtpm/{libtpm_0.8.2.bb => libtpm_0.8.7.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-tpm/recipes-tpm/libtpm/{libtpm_0.8.2.bb => libtpm_0.8.7.bb} (88%) diff --git a/meta-tpm/recipes-tpm/libtpm/libtpm_0.8.2.bb b/meta-tpm/recipes-tpm/libtpm/libtpm_0.8.7.bb similarity index 88% rename from meta-tpm/recipes-tpm/libtpm/libtpm_0.8.2.bb rename to meta-tpm/recipes-tpm/libtpm/libtpm_0.8.7.bb index 9784aa1..95ba5c5 100644 --- a/meta-tpm/recipes-tpm/libtpm/libtpm_0.8.2.bb +++ b/meta-tpm/recipes-tpm/libtpm/libtpm_0.8.7.bb @@ -2,7 +2,7 @@ SUMMARY = "LIBPM - Software TPM Library" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=e73f0786a936da3814896df06ad225a9" -SRCREV = "f66a719eda0b492ea3ec7852421a9d98db0a0621" +SRCREV = "f6dd8f55eab4910131ec6a6a570dcd7951bd10e4" SRC_URI = "git://github.com/stefanberger/libtpms.git;branch=stable-0.8" PE = "1" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#54875): https://lists.yoctoproject.org/g/yocto/message/54875 Mute This Topic: https://lists.yoctoproject.org/mt/85897588/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-