[yocto] [honister][PATCH] dm-verity-img.bbclass: Fix wrong override syntax for CONVERSION_DEPENDS
CONVERSION_DEPENDS hasn't been converted to the new syntax.
Fixes: a23ceef ("dm-verity-img.bbclass: more overided fixups")
Signed-off-by: Kristian Klausen
Signed-off-by: Armin Kuster
---
classes/dm-verity-img.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/classes/dm-verity-img.bbclass b/classes/dm-verity-img.bbclass
index 0b6d053..93f667d 100644
--- a/classes/dm-verity-img.bbclass
+++ b/classes/dm-verity-img.bbclass
@@ -67,7 +67,7 @@ VERITY_TYPES = "ext2.verity ext3.verity ext4.verity
btrfs.verity"
IMAGE_TYPES += "${VERITY_TYPES}"
CONVERSIONTYPES += "verity"
CONVERSION_CMD:verity = "verity_setup ${type}"
-CONVERSION_DEPENDS:verity = "cryptsetup-native"
+CONVERSION_DEPENDS_verity = "cryptsetup-native"
python __anonymous() {
verity_image = d.getVar('DM_VERITY_IMAGE')
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#55952): https://lists.yoctoproject.org/g/yocto/message/55952
Mute This Topic: https://lists.yoctoproject.org/mt/88643459/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [meta-security][PATCH] dm-verity-img.bbclass: Fix wrong override syntax for CONVERSION_DEPENDS
On Fri, Dec 17, 2021 at 10:06:06 +, Jose Quaresma wrote:
> Kristian Klausen via lists.yoctoproject.org klausen...@lists.yoctoproject.org> escreveu no dia sexta, 17/12/2021 à(s)
> 09:55:
>
> > CONVERSION_DEPENDS hasn't been converted to the new syntax.
> >
> > Fixes: a23ceef ("dm-verity-img.bbclass: more overided fixups")
> >
> > Signed-off-by: Kristian Klausen
> > ---
> > This should also be backported to honister.
> >
> > classes/dm-verity-img.bbclass | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/classes/dm-verity-img.bbclass b/classes/dm-verity-img.bbclass
> > index 0b6d053..93f667d 100644
> > --- a/classes/dm-verity-img.bbclass
> > +++ b/classes/dm-verity-img.bbclass
> > @@ -67,7 +67,7 @@ VERITY_TYPES = "ext2.verity ext3.verity ext4.verity
> > btrfs.verity"
> > IMAGE_TYPES += "${VERITY_TYPES}"
> > CONVERSIONTYPES += "verity"
> > CONVERSION_CMD:verity = "verity_setup ${type}"
> > -CONVERSION_DEPENDS:verity = "cryptsetup-native"
> > +CONVERSION_DEPENDS_verity = "cryptsetup-native"
> >
>
> This syntax don't work anymore with oe-core master branch
(resend as I forgot to CC the list)
Are you sure? This was tested with the honister branch, but the code is
the same[1].
[1]
https://git.openembedded.org/openembedded-core/tree/meta/classes/image_types.bbclass#n40
>
>
> > python __anonymous() {
> > verity_image = d.getVar('DM_VERITY_IMAGE')
> > --
> > 2.34.1
> >
> >
> >
> >
> >
>
> --
> Best regards,
>
> José Quaresma
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#55607): https://lists.yoctoproject.org/g/yocto/message/55607
Mute This Topic: https://lists.yoctoproject.org/mt/87786381/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[yocto] [meta-security][PATCH] dm-verity-img.bbclass: Fix wrong override syntax for CONVERSION_DEPENDS
CONVERSION_DEPENDS hasn't been converted to the new syntax.
Fixes: a23ceef ("dm-verity-img.bbclass: more overided fixups")
Signed-off-by: Kristian Klausen
---
This should also be backported to honister.
classes/dm-verity-img.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/classes/dm-verity-img.bbclass b/classes/dm-verity-img.bbclass
index 0b6d053..93f667d 100644
--- a/classes/dm-verity-img.bbclass
+++ b/classes/dm-verity-img.bbclass
@@ -67,7 +67,7 @@ VERITY_TYPES = "ext2.verity ext3.verity ext4.verity
btrfs.verity"
IMAGE_TYPES += "${VERITY_TYPES}"
CONVERSIONTYPES += "verity"
CONVERSION_CMD:verity = "verity_setup ${type}"
-CONVERSION_DEPENDS:verity = "cryptsetup-native"
+CONVERSION_DEPENDS_verity = "cryptsetup-native"
python __anonymous() {
verity_image = d.getVar('DM_VERITY_IMAGE')
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#55605): https://lists.yoctoproject.org/g/yocto/message/55605
Mute This Topic: https://lists.yoctoproject.org/mt/87786381/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[yocto] [meta-security][PATCH v2] swtpm: update to 0.6.1
swtpm no longer depends on Python[1] so the dependencies have been
removed.
"inherit perlnative" has been added due to (in oe-core):
deda455b3c ("bitbake.conf: drop pod2man from hosttools")
Some leftover dependencies have also been removed, ex: tpm-tools
required in the past by swtpm_setup.sh (<0.4.0)[2].
[1] https://github.com/stefanberger/swtpm/issues/437
[2]
https://github.com/stefanberger/swtpm/commit/eee8cb5dfb13f87140a38f65bf61aff19508
Signed-off-by: Kristian Klausen
---
V2:
Squashed chnanges from https://lists.yoctoproject.org/g/yocto/topic/86012566
(decided to still use RRECOMMENDS for swtpm-create-tpmca deps)
Fix build error due to missing expect (expect -> expect-native)
Changed socat to socat-native
Building tested with:
bitbake swtpm && bitbake swtpm-native (with and without gnutls)
.../swtpm/swtpm-wrappers-native.bb| 12 --
.../swtpm/{swtpm_0.5.2.bb => swtpm_0.6.1.bb} | 23 ---
2 files changed, 14 insertions(+), 21 deletions(-)
rename meta-tpm/recipes-tpm/swtpm/{swtpm_0.5.2.bb => swtpm_0.6.1.bb} (69%)
diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb
b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb
index 644f3ac..bb93374 100644
--- a/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb
+++ b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb
@@ -1,6 +1,6 @@
SUMMARY = "SWTPM - OpenEmbedded wrapper scripts for native swtpm tools"
LICENSE = "MIT"
-DEPENDS = "swtpm-native tpm-tools-native net-tools-native"
+DEPENDS = "swtpm-native"
inherit native
@@ -14,23 +14,19 @@ do_create_wrapper () {
for i in `find ${bindir} ${base_bindir} ${sbindir} ${base_sbindir} -name
'swtpm*' -perm /+x -type f`; do
exe=`basename $i`
case $exe in
-swtpm_setup.sh)
+swtpm_setup)
cat >${WORKDIR}/swtpm_setup_oe.sh <${WORKDIR}/${exe}_oe.sh <
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54932): https://lists.yoctoproject.org/g/yocto/message/54932
Mute This Topic: https://lists.yoctoproject.org/mt/86028863/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [meta-tpm][v2][PATCH] swtpm: fix build issues of missing expect
Den Fri, Oct 01, 2021 at 15:25:17 -0700 skrev Armin Kuster: > Signed-off-by: Armin Kuster > > -- > V2] > Only need expect-native > Clean up PACKAGECONFGI[gnutils] to conform to spec > --- > meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > b/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > index 807c02b..0087367 100644 > --- a/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > +++ b/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = > "file://LICENSE;md5=fe8092c832b71ef20dfe4c6d3decb3a8" > SECTION = "apps" > > # coreutils-native and net-tools-native are reportedly only required for the > tests > -DEPENDS = "libtasn1 coreutils-native expect socat glib-2.0 net-tools-native > libtpm json-glib" > +DEPENDS = "libtasn1 coreutils-native expect-native socat glib-2.0 > net-tools-native libtpm json-glib" > > SRCREV = "98187d24fe14851653a7c46eb16e9c5f0b9beaa1" > SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=stable-0.6 \ > @@ -28,7 +28,7 @@ PACKAGECONFIG[openssl] = "--with-openssl, > --without-openssl, openssl" > # expect, bash, tpm2-pkcs11-tools (tpm2_ptool), tpmtool and certtool is > # used by swtpm-create-tpmca (the last two is provided by gnutls) > # gnutls is required by: swtpm-create-tpmca, swtpm-localca and swtpm_cert > -PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls, gnutls, > expect bash tpm2-pkcs11-tools" > +PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls, gnutls > expect bash tpm2-pkcs11-tools" Hi Armin Support for RRECOMMENDS in the PACKAGECONFIG was added some years ago[1][2]. Whatever they should be RRECOMMENDS or RDEPENDS I'm not sure about (I don't think swtpm-create-tpmca is a hard requirement for most people). If you like I can squash the changes into my own patch and resend it. [1] https://git.openembedded.org/openembedded-core/commit/?id=ec96c985ce1c888c3ce3c4d964d7a106c3c88a5c [2] https://www.yoctoproject.org/docs/latest/ref-manual/ref-manual.html#var-PACKAGECONFIG Cheers, Kristian > PACKAGECONFIG[selinux] = "--with-selinux, --without-selinux, libselinux" > PACKAGECONFIG[cuse] = "--with-cuse, --without-cuse, fuse" > PACKAGECONFIG[seccomp] = "--with-seccomp, --without-seccomp, libseccomp" > -- > 2.25.1 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#54929): https://lists.yoctoproject.org/g/yocto/message/54929 Mute This Topic: https://lists.yoctoproject.org/mt/86012566/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [meta-security][PATCH 2/2] swtpm: fix build issues of missing expect
Den Tue, Sep 28, 2021 at 16:39:09 -0700 skrev Armin Kuster: > Signed-off-by: Armin Kuster > --- > meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > b/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > index 807c02b..d602ee0 100644 > --- a/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > +++ b/meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb > @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = > "file://LICENSE;md5=fe8092c832b71ef20dfe4c6d3decb3a8" > SECTION = "apps" > > # coreutils-native and net-tools-native are reportedly only required for the > tests > -DEPENDS = "libtasn1 coreutils-native expect socat glib-2.0 net-tools-native > libtpm json-glib" > +DEPENDS = "libtasn1 coreutils-native expect socat glib-2.0 net-tools-native > libtpm json-glib expect expect-native" expect is there twice now (+ native). Would expect-native be enough or do we also need expect? > > SRCREV = "98187d24fe14851653a7c46eb16e9c5f0b9beaa1" > SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=stable-0.6 \ > @@ -28,7 +28,7 @@ PACKAGECONFIG[openssl] = "--with-openssl, > --without-openssl, openssl" > # expect, bash, tpm2-pkcs11-tools (tpm2_ptool), tpmtool and certtool is > # used by swtpm-create-tpmca (the last two is provided by gnutls) > # gnutls is required by: swtpm-create-tpmca, swtpm-localca and swtpm_cert > -PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls, gnutls, > expect bash tpm2-pkcs11-tools" > +PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls, gnutls, > bash tpm2-pkcs11-tools" expect is needed as a runtime dependency for swtpm-create-tpmca, but I added it as a recommended dependency as I don't think all people are interesting in swtpm-create-tpmca working out-of-the-box. expect should still be here, no? > PACKAGECONFIG[selinux] = "--with-selinux, --without-selinux, libselinux" > PACKAGECONFIG[cuse] = "--with-cuse, --without-cuse, fuse" > PACKAGECONFIG[seccomp] = "--with-seccomp, --without-seccomp, libseccomp" > -- > 2.25.1 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#54904): https://lists.yoctoproject.org/g/yocto/message/54904 Mute This Topic: https://lists.yoctoproject.org/mt/85937662/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[yocto] [meta-security][PATCH] swtpm: update to 0.6.1
swtpm no longer depends on Python[1] so the dependencies have been
removed.
"inherit perlnative" has been added due to (in oe-core):
deda455b3c ("bitbake.conf: drop pod2man from hosttools")
Some leftover dependencies have also been removed, ex: tpm-tools
required in the past by swtpm_setup.sh (<0.4.0)[2].
[1] https://github.com/stefanberger/swtpm/issues/437
[2]
https://github.com/stefanberger/swtpm/commit/eee8cb5dfb13f87140a38f65bf61aff19508
Signed-off-by: Kristian Klausen
---
.../swtpm/swtpm-wrappers-native.bb| 12 --
.../swtpm/{swtpm_0.5.2.bb => swtpm_0.6.1.bb} | 23 ---
2 files changed, 14 insertions(+), 21 deletions(-)
rename meta-tpm/recipes-tpm/swtpm/{swtpm_0.5.2.bb => swtpm_0.6.1.bb} (72%)
diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb
b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb
index 644f3ac..bb93374 100644
--- a/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb
+++ b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb
@@ -1,6 +1,6 @@
SUMMARY = "SWTPM - OpenEmbedded wrapper scripts for native swtpm tools"
LICENSE = "MIT"
-DEPENDS = "swtpm-native tpm-tools-native net-tools-native"
+DEPENDS = "swtpm-native"
inherit native
@@ -14,23 +14,19 @@ do_create_wrapper () {
for i in `find ${bindir} ${base_bindir} ${sbindir} ${base_sbindir} -name
'swtpm*' -perm /+x -type f`; do
exe=`basename $i`
case $exe in
-swtpm_setup.sh)
+swtpm_setup)
cat >${WORKDIR}/swtpm_setup_oe.sh <${WORKDIR}/${exe}_oe.sh <
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54876): https://lists.yoctoproject.org/g/yocto/message/54876
Mute This Topic: https://lists.yoctoproject.org/mt/85898116/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[yocto] [meta-security][PATCH] libtpm: update to 0.8.7
Signed-off-by: Kristian Klausen
---
.../recipes-tpm/libtpm/{libtpm_0.8.2.bb => libtpm_0.8.7.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta-tpm/recipes-tpm/libtpm/{libtpm_0.8.2.bb => libtpm_0.8.7.bb} (88%)
diff --git a/meta-tpm/recipes-tpm/libtpm/libtpm_0.8.2.bb
b/meta-tpm/recipes-tpm/libtpm/libtpm_0.8.7.bb
similarity index 88%
rename from meta-tpm/recipes-tpm/libtpm/libtpm_0.8.2.bb
rename to meta-tpm/recipes-tpm/libtpm/libtpm_0.8.7.bb
index 9784aa1..95ba5c5 100644
--- a/meta-tpm/recipes-tpm/libtpm/libtpm_0.8.2.bb
+++ b/meta-tpm/recipes-tpm/libtpm/libtpm_0.8.7.bb
@@ -2,7 +2,7 @@ SUMMARY = "LIBPM - Software TPM Library"
LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=e73f0786a936da3814896df06ad225a9"
-SRCREV = "f66a719eda0b492ea3ec7852421a9d98db0a0621"
+SRCREV = "f6dd8f55eab4910131ec6a6a570dcd7951bd10e4"
SRC_URI = "git://github.com/stefanberger/libtpms.git;branch=stable-0.8"
PE = "1"
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54875): https://lists.yoctoproject.org/g/yocto/message/54875
Mute This Topic: https://lists.yoctoproject.org/mt/85897588/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
