The soname of libtspi.so is "libtspi.so.1" and therefore apps
linked against that library depend on the libtspi.so.1 symlink
to find the library.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/trousers/trousers_git.bb | 2 +-
1 file changed, 1 insertio
Installing tpm-tools for tools like tpm_takeown pull in the libtspi
package, but the resulting system is not functional unless the tcsd
(from the main "trousers" package) also gets installed. A RRECOMMENDS
entry for that takes care of that automatically.
Signed-off-by: Patrick Ohly
rdev,
cap));
| ^
| cc1: all warnings being treated as errors
Casting to "long long unsigned" matches the format specifier in all
cases, including those where "long long" is larger than 64 bits.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/files/f
The CUSE support in swtpm does not depend on selinux. It is needed
for simulating a virtual TPM, one of the use cases for swtpm-native, so
enable it by default.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/swtpm_1.0.bb | 4 ++--
1 file changed, 2 insertions
=tpm0,path=/dev/vtpm0 -device
tpm-tis,tpmdev=tpm0'
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/swtpm-wrappers.bb | 41 ++-
1 file changed, 41 insertions(+)
create mode 100644 recipes-tpm/swtpm/swtpm-wrappers.bb
diff --git a/recipes
Brings in instructions for setting the log level. Setting the log level
with --log file=...,level=1 is necessary at the moment before anything
gets written to the log. Even errors are suppressed by default.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/swtpm_
. Here's a
version that applies cleanly again.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/files/fix_lib_search_path.patch | 64 -
recipes-tpm/swtpm/swtpm_1.0.bb| 3 +-
2 files changed, 67 insertions(+)
create mode 100644 recip
to be merged first to avoid merge conflicts.
Patrick Ohly (8):
trousers: missing libtspi.so.1 in libtspi package
trousers: recommend tcsd
trousers: tcsd.conf must be owned tss:tss
swtpm: enable native and nativesdk flavors
swtpm: depends on tpm-tools
swtpm: fix compiler format warning
The upstream dist/Makefile.am ensures that /etc/tcsd.conf
is owned by tss:tss, and that must not be changed because
otherwise tcsd refuses to start.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/trousers/trousers_git.bb | 1 -
1 file changed, 1 deletion(-)
diff
The soname of libtspi.so is "libtspi.so.1" and therefore apps
linked against that library depend on the libtspi.so.1 symlink
to find the library.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/trousers/trousers_git.bb | 2 +-
1 file changed, 1 insertio
Installing tpm-tools for tools like tpm_takeown pull in the libtspi
package, but the resulting system is not functional unless the tcsd
(from the main "trousers" package) also gets installed. A RRECOMMENDS
entry for that takes care of that automatically.
Signed-off-by: Patrick Ohly
ntly in OE-core, have to be applied manually):
$ sudo env TPM_DIR=my-machine/myvtpm0
tmp-glibc/work/x86_64-linux/swtpm-wrappers/1.0-r0/swtpm_cuse_oe.sh -n vtpm0
$ sudo chmod a+rw /dev/vtpm0
$ runqemu ... 'qemuparams=-tpmdev cuse-tpm,id=tpm0,path=/dev/vtpm0 -device
tpm-tis,tpmdev=tpm0'
Signed-off-b
rdev,
cap));
| ^
| cc1: all warnings being treated as errors
Casting to "long long unsigned" matches the format specifier in all
cases, including those where "long long" is larger than 64 bits.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/files/f
The configure script checks for tpm_nvdefine from tpm-tools and fails
when it is not present.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/swtpm_1.0.bb | 5 +
1 file changed, 5 insertions(+)
diff --git a/recipes-tpm/swtpm/swtpm_1.0.bb b/recipes-tpm
t;libfoo"
... RDEPENDS is for runtime dependencies specific packages and thus has
_ as suffix ($PN = bar in this case).
libfoo gets compiled because of this entry, but because it is a runtime
dependency, compilation of bar doesn't wait for libfoo's completion.
--
Best Regards, Patrick Ohly
to be merged first to avoid merge conflicts.
Changes in V2:
- add --system to tss user and group creation
- revised commit message for wrapper scripts (swtpm_cuse needs
absolute path to tpm state dir, can be passed via parameter)
- another swtpm SRCREV bump
Patrick Ohly (9):
trousers: missing
-user-contaminated QA warning because the "tss" user will
typically not get assigned a UID from the same range as the host user
that is used for building.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/trousers/trousers_git.bb | 5 ++---
1 file changed, 2
. Here's a
version that applies cleanly again.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/files/fix_lib_search_path.patch | 64 -
recipes-tpm/swtpm/swtpm_1.0.bb| 3 +-
2 files changed, 67 insertions(+)
create mode 100644 recip
The configure script checks for tpm_nvdefine from tpm-tools and fails
when it is not present.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/swtpm_1.0.bb | 5 +
1 file changed, 5 insertions(+)
diff --git a/recipes-tpm/swtpm/swtpm_1.0.bb b/recipes-tpm
and
do not enable sysvinit.
rm_systemd_unitdir does the opposite when systemd is disabled and only
sysvinit is enabled.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represen
SWUPD_TIMING_CMD = "time" in local.conf or
site.conf.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
classes/swupd-image.bbclass | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/classes/swupd-image.bbclass b/classes/swupd-image.bbclass
index 78a26ac
On Tue, 2017-01-17 at 16:49 +, André Draszik wrote:
> I have no preference either way.
Let's remove the hard dependency. I've posted a "swupd-image.bbclass:
avoid depending on time command" patch which does that. Are you okay
with that?
--
Best Regards, Patrick Ohly
Some hardware has a TPM chip and in addition, qemu can emulate it
using swtpm.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
features/tpm/tpm.cfg | 18 ++
features/tpm/tpm.scc | 4
2 files changed, 22 insertions(+)
create mode 100644 features/tpm/tpm.cfg
This was tested with the yocto-4.8 branch and linux-yocto 4.8.17 under
qemu with TPM provided by swtpm, but can and should also get merged
into the yocto-4.9 and master branches.
The feature intentionally enables all current TPM drivers. A real
production kernel should be more selective.
Patrick
first
having to build all swupd images, which might speed up a build (less
work on the critical path).
Fixes: [YOCTO #10799]
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
classes/swupd-image.bbclass | 32 --
classes/swupdimage.bbclass | 7 ++--
lib/swupd/bund
On Mon, 2017-01-23 at 14:51 -0500, Bruce Ashfield wrote:
> On 01/23/2017 09:11 AM, Patrick Ohly wrote:
> > This was tested with the yocto-4.8 branch and linux-yocto 4.8.17 under
> > qemu with TPM provided by swtpm, but can and should also get merged
> > into the yocto-4.
ix patches are all fine, so please consider them
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
However, when I started using these recipes already before the latest
changes, I had to fix quite a few things before the recipes were usable
(will send patches shortly):
- tcsd from trou
| printf("ptm capability is 0x%llx\n", (uint64_t)devtoh64(is_chardev,
cap));
| ^
| cc1: all warnings being treated as errors
If you want, I can fix it as part of my upcoming patches with:
printf("ptm capability is 0x%llx\n", (long long unsigned)devtoh64(is_char
s?
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on
On Tue, 2017-02-14 at 16:58 +, André Draszik wrote:
> It is useful to be able to integrate swupd-client into an image that
> is not itself subject to swupd based processing.
Makes sense, merged to master-next.
--
Best Regards, Patrick Ohly
The content of this message is my personal o
On Fri, 2017-02-03 at 10:35 -0800, akuster808 wrote:
> On 2/3/17 12:46 AM, Patrick Ohly wrote:
> > I recently started using swtpm-native in combination with the qemu-tpm
> > patches to simulate a virtual TPM chip in qemu. The qemu-tpm patches
> > should go into OE-core
On Thu, 2017-02-16 at 16:41 +0100, Patrick Ohly wrote:
> On Thu, 2017-02-16 at 14:58 +, André Draszik wrote:
> > When SWUPD_BUNDLES is not set, exceptions are thrown, stopping the
> > build - there are two issues in here:
> > - the debug statement references a non-exist
36 "bundles.py: fix "no bundles" special case". Can you rebase
onto current master and retest.
The other patches look fine, I'm just wondering why I hadn't run into
that. Perhaps I was working with an empty SWUPD_BUNDLES instead of an
unset one.
--
Best Regards, Patrick O
n-Embedded without
> patching (or creating a bbappend) for each imported package ?
There's useradd-staticids.bbclass in OE-core, see
https://github.com/ostroproject/ostro-os/blob/master/meta-ostro/conf/distro/ostro.conf#L179
for an example how that was used.
--
Best Regards, Patrick Ohly
ASSUME_PROVIDED += "libsdl-native"
> Advice on this would be great as I need to test the "native" X
> setup, not VNC connections.
For the guest OS it shouldn't make a difference whether qemu uses its
own window or VNC.
--
Best Regards, Patrick Ohly
The content of this mess
tive has to be compiled
first.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on b
_samesigs in
sstatetests.py, has the same limitation of its scope, i.e. doesn't
actually test with real machine definitions.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent In
On Tue, 2017-02-28 at 14:33 -0600, Aníbal Limón wrote:
>
> On 02/28/2017 02:09 PM, Patrick Ohly wrote:
> > On Mon, 2017-02-20 at 15:12 -0600, Aníbal Limón wrote:
> >> common.test_signatures: Test executed in BSP and DISTRO layers to review
> >> doesn't c
On Wed, 2017-03-01 at 16:01 +, Richard Purdie wrote:
> On Wed, 2017-03-01 at 16:51 +0100, Patrick Ohly wrote:
> > On Wed, 2017-03-01 at 15:12 +, Richard Purdie wrote:
> > >
> > > On Wed, 2017-03-01 at 08:10 +0100, Patrick Ohly wrote:
> > > &g
Hello Joshua!
Please also apply to the pre-sstate branch. There's a slight merge
conflict (previous line differs), but that's easy to resolve, so I am
not sending that as a separate patch.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am
-by: Patrick Ohly <patrick.o...@intel.com>
---
classes/swupdimage.bbclass | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/classes/swupdimage.bbclass b/classes/swupdimage.bbclass
index 20bd4c8..56aa60a 100644
--- a/classes/swupdimage.bbclass
+++ b/classes/swupdimage.bbclass
@@
ig is
a start, but for a fully functional Smack-enabled image, the rootfs also
needs to be set up a bit differently.
I can imagine that it would be worthwhile to take more of the things
done in meta-intel-iot-security and then deprecate that layer.
--
Best Regards, Patrick Ohly
The content of th
Lunit format. Here's an example how Jenkins displays
that:
https://ostroproject.org/jenkins/view/Code-Analysis/job/code_isafw_reports/checker=cve,label=coordinator,machine=beaglebone/lastCompletedBuild/testReport/
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and
rent machine (sorry, I'm lazy^Wbusy right now and haven't
checked)?
I suspect that this won't work when moving the resulting lib through
sstate from one Linux distro to another if the location of the bundle
file is different on those two distros.
--
Best Regards, Patrick Ohly
The content of
On Thu, 2016-10-27 at 19:32 -0700, Khem Raj wrote:
> > On Oct 27, 2016, at 12:22 AM, Patrick Ohly <patrick.o...@intel.com> wrote:
> > Can you say a bit more about your plans regarding Smack support in
> > meta-security? A recipe for the userspace tool and the kern
as prepared on distro foo. The result is a curl-native that
doesn't have SSL certificates and thus https will not work.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the stateme
k in the function itself,
because the tasks will only show up in build logs when it actually does
something.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's
sically a forth level of sharing.
I just wish that the naming of the resulting directories was a bit more
intuitive. I'm constantly wondering what's in
"corei7-64-intel-common-ostro-linux" and what's in
"intel_corei7_64-ostro-linux" :-/
--
Best Regards, Patrick Ohly
The
restriction allows you to
implement things like automatic rollback, but it's worth mentioning that
this comes with that limitation.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no
On Tue, 2016-12-13 at 09:51 +0100, Mike Looijmans wrote:
> On 09-12-16 16:13, Patrick Ohly wrote:
> > Hello everyone!
> >
> > Thanks for contributing directly to the page. It's great to see this
> > done collaboratively.
>
> Nice informative page.
>
>
the easier to
> implement.
Which "getting started" document or presentation were you using? The
documentation for mender (https://docs.mender.io/) is very
straight-forward (partly of course because it doesn't need to cover many
variations), while for swupdate
(http://sbabic.github.
On Mon, 2016-12-12 at 15:13 +, André Draszik wrote:
> Hi,
>
> On Tue, 2016-12-06 at 10:45 +0100, Patrick Ohly wrote:
> > I'll do the same for swupd. Editing the sections should be possible
> > without conflicts, we just have to be more careful about editing the
&
On Mon, 2016-12-12 at 09:49 -0600, Mariano Lopez wrote:
>
> On 12/12/16 09:41, Patrick Ohly wrote:
> > On Mon, 2016-12-12 at 08:59 -0600, Mariano Lopez wrote:
> >>>> In particular the "complexity" column is a bit subjective. Stefano, I
> >>>> ho
On Mon, 2016-11-21 at 16:29 +, André Draszik wrote:
> These scripts don't do much and there's no reason for
> them to require bash as interpreter.
Makes sense, I'll submit soon.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and althoug
roduce
> a bash dependency, it should just state that dependency
> itself.
>
> As the shell now be provided by bash or busybox, also add
> an appropriate entry to SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS.
Makes sense, I'll submit soon.
--
Best Regards, Patrick Ohly
The content of this
g to stage your patches in that branch and after one round of
testing, will also push them to meta-swupd master.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's positi
-client to the latest version soon and merging this
change would just lead to conflicts with my development branch. Is it
okay to wait for this version update?
Thanks for fixing this problem also upstream!
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and alth
reates
that directory, and onfiguring the image so that the swupd-client is
usable is part of image creation, not of compiling the client.
For example, different images may need different settings, and that
can't be done with settings compiled into swupd-client because it gets
built only once.
On Tue, 2016-12-06 at 10:01 +0100, Stefano Babic wrote:
> Hi Patrick,
>
> On 30/11/2016 15:59, Patrick Ohly wrote:
> > I've started a Wiki page
> > https://wiki.yoctoproject.org/wiki/System_Update - rudimentary at the
> > moment, but might as well be mentioned al
quot; % (name[:30], c-1)
> +
> # update series.last_revision
> series.last_revision = series.latest_revision()
> series.save()
Looks reasonable to me, but I don't really know the code. Were you
testing this and noticed cases with c == 0, i.e. cases where the last
serie
On Wed, 2016-11-30 at 14:31 +, André Draszik wrote:
> On Wed, 2016-11-30 at 12:04 +0100, Patrick Ohly wrote:
> > On Mon, 2016-11-21 at 12:03 +, André Draszik wrote:
> > > This allows us to completely remove the build time
> > > depenency on libcheck when not nee
On Thu, 2016-12-01 at 10:26 +, André Draszik wrote:
> On Thu, 2016-12-01 at 08:42 +0100, Patrick Ohly wrote:
> > On Wed, 2016-11-30 at 17:19 +, André Draszik wrote:
> > > I liked swupd for its ability to be used both for initial provisioning
> >
> > You m
specified in the form 'packagename:task'
>
> Any ideas what changed and how I get it working again?
I enhanced the error checking, and the rdepends varflag in your example
indeed isn't valid. ":do_populate_sysroot" got appended twice to the
recipe name. That error got ignored silent
s plus
the [PATCH] tag. For example:
patch_prefix = re.match('(\s*\[[^]]*\]\s*)*\[\s*PATCH', mail.get('Subject'))
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's
Soon it might be possible to let qemu start swtpm directly, without
requiring root privileges as for swtpm_cuse. For that to work
we also need to wrap the swtpm binary. Just in case we now also
do it for everything.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm
log --oneline origin/master..origin/master-next | wc -l
179
$ git log --oneline origin/master | wc -l
211
Looking at the content, it seems that only the last two commits in
master-next are actually new ;-}
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only
ch" format? Don't forget the
signed-off-by and add short prefix to the summary line, perhaps like
this:
bundles.py: allow username/password encoded into HTTP server URLs
An example how username/password need to be encoded in the URL would
also be useful.
--
Best Regards, Patrick Ohly
The c
=${sbindir}/resourcemgr;'
${S}/contrib/resourcemgr.service
}
Just my 2 cents.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor
cts exactly the modified files and
only needs to replace those.
Just a thought, in case that auto-packaging turns out to be too hard.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in
hen
considering that the recipe might have to be used in different ways, and
layers which do that tend to be hard to reuse.
> Or I could add a
> ROOTFS_POSTPROCESS_COMMAND and patch in my changes
Yep.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only a
On Tue, 2017-04-11 at 11:45 +0100, Mark T wrote:
> If I add an include path to CFLAGS in a .bbappend is it only applied
> for that recipe or is it present in CFLAGS for all recipes built after
> that ?
Just for that recipe. You can check that with "bitbake -e ".
--
Best Re
has hanged in bb.data but I could not find
> anything obvious.
bb.data.getVar() has been deprecated for a while and was finally
removed. Use d.getVar('PV') instead on master (no additional parameters
needed, expansion is on by default).
--
Best Regards, Patrick Ohly
The content of this message
t; into DEPLOYDIR, and the class will take care of copying them into
> DEPLOY_DIR_IMAGE afterwards."
>
> So I should just replace ${DEPLOY_DIR_IMAGE} with ${DEPLOYDIR} and I
> get the same behaviour as before + the benefit of sstate cache ?
Yes.
--
Best Regards, Patrick Ohly
The
bypass the mechanism which adds files to the sstate cache and then you
get exactly the problem you describe.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on t
On Fri, 2017-03-10 at 14:35 +0100, Kristian Amlie wrote:
> On 10/03/17 14:02, Patrick Ohly wrote:
> > On Wed, 2017-03-01 at 16:35 -0800, Eystein Måløy Stenberg wrote:
> >> On Tue, 2016-12-06 at 10:45 +0100, Patrick Ohly wrote:
> >>> On Tue, 2016-12-06 at 10:01 +0100,
On Wed, 2017-03-01 at 16:35 -0800, Eystein Måløy Stenberg wrote:
> On Tue, 2016-12-06 at 10:45 +0100, Patrick Ohly wrote:
> > On Tue, 2016-12-06 at 10:01 +0100, Stefano Babic wrote:
> > > Hi Patrick,
> > >
> > > On 30/11/2016 15:59, Patrick Ohly wro
On Wed, 2017-03-01 at 04:00 +, Richard Purdie wrote:
> On Tue, 2017-02-28 at 21:09 +0100, Patrick Ohly wrote:
> > On Mon, 2017-02-20 at 15:12 -0600, Aníbal Limón wrote:
> > >
> > > common.test_signatures: Test executed in BSP and DISTRO layers to
> >
On Wed, 2017-03-01 at 15:12 +, Richard Purdie wrote:
> On Wed, 2017-03-01 at 08:10 +0100, Patrick Ohly wrote:
> > Is the "build single distro for different machines" scenario that I
> > described part of the Yocto Compliance 2.0? Should there be tests for
> > i
.contains("MACHINE_FEATURES",
> "vtpm", "tpm-layer meta-filesystems", "",d)}"
> +LAYERDEPENDS_security = "core openembedded-layer perl-layer meta-
> python"
How does this affect recipes which depend on some of things in those
layers?
I s
depend on (even when the additional
content doesn't end up being used), or it just depends on the essential
parts and then enables additional recipes only when the optional layers
they depend on are present. BBFILES_DYNAMIC can be used for that, or the
recipes themselves check BBCOLLECTIONS in anonymous py
d here's how it is used:
https://github.com/intel/intel-iot-refkit/blob/master/meta-refkit-core/recipes-images/images/initramfs-framework-refkit-dm-verity.bb#L22
python () {
if not oe.types.boolean(d.getVar('HAVE_CRYPTSETUP') or '0'):
raise bb.parse.SkipRecipe
rnel? Is that normally done with "wic" and a
> minimal .wks script?
I don't know that much about how boot loader menus get generated (we
don't use a boot loader in refkit). But yes, wic is the mechanism of
choice for creating images these days.
--
Best Regards, Patrick Ohly
The cont
netstat from net-tools-native is needed for swtpm_setup.sh, which uses
it to check whether the swtpm daemon has started. The scripts hangs in
a loop during startup when netstat is missing.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/swtpm-wrappers-native.
for native recipes was skipped and thus swtpm-wrappers
ended up using different paths than the other native recipes.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
recipes-tpm/swtpm/{swtpm-wrappers.bb => swtpm-wrappers-native.bb} | 0
1 file changed, 0 insertions(+), 0 deletions(-)
e, my guess would be that the
BSP still copies directly to DEPLOY_DIR_IMAGE (thus bypassing the sstate
machinery) instead of to IMGDEPLOYDIR, and you are using a recent
OE-core. See "image: Deploy images to IMGDEPLOYDIR" (rev 6d969bacc718e2
in OE-core).
But for a separate recipe, it must be
thub.com/intel/intel-iot-refkit/blob/0ec24f348453/meta-refkit-core/classes/refkit-image.bbclass#L219
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's posi
check out a version of bitbake that works with that distro
revision, and only then can bitbake download the additional layers.
Perhaps we can make it so that bitbake has a separate tool that works
outside of a build environment and then sets up that environment.
--
Best Regards, Patrick Ohly
The co
en added already.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on beh
rs must be ${CFLAGS) $(LDFLAGS).
I've tried with meta-security master and it doesn't happen there, so
perhaps it was already fixed.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no
On Fri, 2017-05-05 at 08:45 -0400, Khem Raj wrote:
> Set
>
> SECURITY_CFLAGS = "${SECURITY_NO_PIE_CFLAGS}"
But that's just a workaround, right? Ideally the build rules of
tpm2.0-tools should be fixed to not need that.
--
Best Regards, Patrick Ohly
The content of this mes
to come from? It doesn't get imported, leading to:
File
"/fast/work/intel-iot-refkit/openembedded-core/scripts/lib/compatlayer/__init__.py",
line 45, in _get_layer_collections
raise LayerError(exc)
NameError: name 'LayerError' is not defined
--
Best Regards, Patrick Ohly
The content
a package of that name:
ERROR: tpm2.0-tss-git-r0 do_package: tpm2.0-tss does not appear in package
list, please add it
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff
object suddenly and
> systematically fail with logs like this:
...
> DEBUG: checkstatus() urlopen failed: file descriptor>
More recent bitbake should not fail like that anymore. It's still
better to use an HTTP server that performs better, though.
commit 6fa07752bbd3ac345cd8617da49a7
e.readthedocs.io/en/latest/ma
nual/repository-management/#derived-data-static-deltas-and-the-summary-
file for instructions on generating deltas.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I m
s://github.
com/pohly/meta-swupd/commits/master and https://github.com/intel/intel-
iot-refkit/pull/318, but that's just a temporary activity.
I understand that this isn't a tenable situation for those of you using
meta-swupd; hopefully by the end of the year at the latest it'll be
resolved.
--
Be
This allows dropping some patches for issues that were addressed
upstream. It also brings in support for connecting swtpm to qemu
without relying on CUSE.
Signed-off-by: Patrick Ohly <patrick.o...@intel.com>
---
meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb | 4 +-
meta-tpm/recip
est.install_opener(opener)
Cut-and-paste... this should be in a helper function.
I tried to come up with a cleaner patch that implements the same
behavior. But I don't have a way to test it. Can you perhaps try out
the patch that I will post as a followup?
Note that it applies cleanly only on top
ion.
The right place to add your "file://uio-test.cfg" is in a .bbappend for
the kernel that you are building. But as Bruce said, that kernel must
be derived from linux-yocto.
--
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee
test it, and it if works send
the final version to the list? Obviously I am not doing a good job with
posting code that I can't test :-/
Am 20.12.2017 um 16:50 schrieb Patrick Ohly:
> > Downloading content and version information via HTTP may need a
> > username/password for basic authe
parsed_url.password)
I assume this works on top of my proposal. To avoid such ambiguity and
the risk that something gets merged that is still incomplete, please
post the entire patch as tested by you. The right way would be "git
send-email", but I can also take "git diff" atta
1 - 100 of 109 matches
Mail list logo