From f9024bf768d112c158ab527b2e5d2e612d0a9aa3 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Wed, 14 Dec 2022 17:34:40 +0800 Subject: frr: upgrade 8.3.1 -> 8.4.1 Drop backport patches. ChangeLog: https://github.com/FRRouting/frr/releases/tag/frr-8.4.1 Signed-off-by: Yi Zhao Signed-off-by: Khem Raj --- ...ure-hdr-length-is-at-a-minimum-of-what-is.patch | 43 ------ ...-notify-race-between-io-and-main-pthreads.patch | 151 --------------------- ...heck-for-readline-function-instead-of-mai.patch | 32 ----- ...n.m4-check-for-python-x.y-emded.pc-not-py.patch | 9 +- ...ing-SUPPORT_OSPF_API-define-in-ospf_spf.c.patch | 48 ------- meta-networking/recipes-protocols/frr/frr_8.3.1.bb | 133 ------------------ meta-networking/recipes-protocols/frr/frr_8.4.1.bb | 129 ++++++++++++++++++ 7 files changed, 136 insertions(+), 409 deletions(-) delete mode 100644 meta-networking/recipes-protocols/frr/frr/0001-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch delete mode 100644 meta-networking/recipes-protocols/frr/frr/0001-bgpd-avoid-notify-race-between-io-and-main-pthreads.patch delete mode 100644 meta-networking/recipes-protocols/frr/frr/0001-configure-Check-for-readline-function-instead-of-mai.patch delete mode 100644 meta-networking/recipes-protocols/frr/frr/0001-ospfd-Adding-SUPPORT_OSPF_API-define-in-ospf_spf.c.patch delete mode 100644 meta-networking/recipes-protocols/frr/frr_8.3.1.bb create mode 100644 meta-networking/recipes-protocols/frr/frr_8.4.1.bb (limited to 'meta-networking/recipes-protocols/frr') diff --git a/meta-networking/recipes-protocols/frr/frr/0001-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch b/meta-networking/recipes-protocols/frr/frr/0001-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch deleted file mode 100644 index 52b39c1e86..0000000000 --- a/meta-networking/recipes-protocols/frr/frr/0001-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 066770ac1c69ee5b484bb82581b22ad0423b004d Mon Sep 17 00:00:00 2001 -From: Donald Sharp -Date: Thu, 21 Jul 2022 08:11:58 -0400 -Subject: [PATCH] bgpd: Make sure hdr length is at a minimum of what is - expected - -Ensure that if the capability length specified is enough data. - -Signed-off-by: Donald Sharp -(cherry picked from commit ff6db1027f8f36df657ff2e5ea167773752537ed) - -CVE: CVE-2022-37032 - -Upstream-Status: Backport -[https://github.com/FRRouting/frr/commit/066770ac1c69ee5b484bb82581b22ad0423b004d] - -Signed-off-by: Yi Zhao ---- - bgpd/bgp_packet.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c -index 7613ccc7d..a5f065a15 100644 ---- a/bgpd/bgp_packet.c -+++ b/bgpd/bgp_packet.c -@@ -2621,6 +2621,14 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt, - "%s CAPABILITY has action: %d, code: %u, length %u", - peer->host, action, hdr->code, hdr->length); - -+ if (hdr->length < sizeof(struct capability_mp_data)) { -+ zlog_info( -+ "%pBP Capability structure is not properly filled out, expected at least %zu bytes but header length specified is %d", -+ peer, sizeof(struct capability_mp_data), -+ hdr->length); -+ return BGP_Stop; -+ } -+ - /* Capability length check. */ - if ((pnt + hdr->length + 3) > end) { - zlog_info("%s Capability length error", peer->host); --- -2.25.1 - diff --git a/meta-networking/recipes-protocols/frr/frr/0001-bgpd-avoid-notify-race-between-io-and-main-pthreads.patch b/meta-networking/recipes-protocols/frr/frr/0001-bgpd-avoid-notify-race-between-io-and-main-pthreads.patch deleted file mode 100644 index 40284d6f4f..0000000000 --- a/meta-networking/recipes-protocols/frr/frr/0001-bgpd-avoid-notify-race-between-io-and-main-pthreads.patch +++ /dev/null @@ -1,151 +0,0 @@ -From 71ca5b09bc71e8cbe38177cf41e83fe164e52eee Mon Sep 17 00:00:00 2001 -From: Mark Stapp -Date: Thu, 8 Sep 2022 16:14:36 -0400 -Subject: [PATCH] bgpd: avoid notify race between io and main pthreads - -The "bgp_notify_" apis in bgp_packet.c generate a notification -to a peer, usually during error handling. The io pthread wants -to send notifications in a couple of cases during early -received-packet validation - but the existing api interacts -with the peer struct itself, and that's not safe. - -Add a new api for use by the io pthread, and adjust the main -notify api so that it can avoid touching the peer struct. - -Signed-off-by: Mark Stapp - -CVE: CVE-2022-37035 - -Upstream-Status: Backport -[https://github.com/FRRouting/frr/commit/71ca5b09bc71e8cbe38177cf41e83fe164e52eee] - -Signed-off-by: Yi Zhao ---- - bgpd/bgp_io.c | 17 ++++++++--------- - bgpd/bgp_packet.c | 32 ++++++++++++++++++++++++++++---- - bgpd/bgp_packet.h | 2 ++ - 3 files changed, 38 insertions(+), 13 deletions(-) - -diff --git a/bgpd/bgp_io.c b/bgpd/bgp_io.c -index 7af1fae28..f9bb8d518 100644 ---- a/bgpd/bgp_io.c -+++ b/bgpd/bgp_io.c -@@ -37,7 +37,7 @@ - #include "bgpd/bgp_debug.h" // for bgp_debug_neighbor_events, bgp_type_str - #include "bgpd/bgp_errors.h" // for expanded error reference information - #include "bgpd/bgp_fsm.h" // for BGP_EVENT_ADD, bgp_event --#include "bgpd/bgp_packet.h" // for bgp_notify_send_with_data, bgp_notify... -+#include "bgpd/bgp_packet.h" // for bgp_notify_io_invalid... - #include "bgpd/bgp_trace.h" // for frrtraces - #include "bgpd/bgpd.h" // for peer, BGP_MARKER_SIZE, bgp_master, bm - /* clang-format on */ -@@ -526,8 +526,8 @@ static bool validate_header(struct peer *peer) - return false; - - if (memcmp(m_correct, m_rx, BGP_MARKER_SIZE) != 0) { -- bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR, -- BGP_NOTIFY_HEADER_NOT_SYNC); -+ bgp_notify_io_invalid(peer, BGP_NOTIFY_HEADER_ERR, -+ BGP_NOTIFY_HEADER_NOT_SYNC, NULL, 0); - return false; - } - -@@ -547,9 +547,8 @@ static bool validate_header(struct peer *peer) - zlog_debug("%s unknown message type 0x%02x", peer->host, - type); - -- bgp_notify_send_with_data(peer, BGP_NOTIFY_HEADER_ERR, -- BGP_NOTIFY_HEADER_BAD_MESTYPE, &type, -- 1); -+ bgp_notify_io_invalid(peer, BGP_NOTIFY_HEADER_ERR, -+ BGP_NOTIFY_HEADER_BAD_MESTYPE, &type, 1); - return false; - } - -@@ -574,9 +573,9 @@ static bool validate_header(struct peer *peer) - - uint16_t nsize = htons(size); - -- bgp_notify_send_with_data(peer, BGP_NOTIFY_HEADER_ERR, -- BGP_NOTIFY_HEADER_BAD_MESLEN, -- (unsigned char *)&nsize, 2); -+ bgp_notify_io_invalid(peer, BGP_NOTIFY_HEADER_ERR, -+ BGP_NOTIFY_HEADER_BAD_MESLEN, -+ (unsigned char *)&nsize, 2); - return false; - } - -diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c -index 7daac4494..90695219a 100644 ---- a/bgpd/bgp_packet.c -+++ b/bgpd/bgp_packet.c -@@ -871,8 +871,9 @@ bool bgp_notify_received_hard_reset(struct peer *peer, uint8_t code, - * @param data Data portion - * @param datalen length of data portion - */ --void bgp_notify_send_with_data(struct peer *peer, uint8_t code, -- uint8_t sub_code, uint8_t *data, size_t datalen) -+static void bgp_notify_send_internal(struct peer *peer, uint8_t code, -+ uint8_t sub_code, uint8_t *data, -+ size_t datalen, bool use_curr) - { - struct stream *s; - bool hard_reset = bgp_notify_send_hard_reset(peer, code, sub_code); -@@ -917,8 +918,11 @@ void bgp_notify_send_with_data(struct peer *peer, uint8_t code, - * If possible, store last packet for debugging purposes. This check is - * in place because we are sometimes called with a doppelganger peer, - * who tends to have a plethora of fields nulled out. -+ * -+ * Some callers should not attempt this - the io pthread for example -+ * should not touch internals of the peer struct. - */ -- if (peer->curr) { -+ if (use_curr && peer->curr) { - size_t packetsize = stream_get_endp(peer->curr); - assert(packetsize <= peer->max_packet_size); - memcpy(peer->last_reset_cause, peer->curr->data, packetsize); -@@ -1001,7 +1005,27 @@ void bgp_notify_send_with_data(struct peer *peer, uint8_t code, - */ - void bgp_notify_send(struct peer *peer, uint8_t code, uint8_t sub_code) - { -- bgp_notify_send_with_data(peer, code, sub_code, NULL, 0); -+ bgp_notify_send_internal(peer, code, sub_code, NULL, 0, true); -+} -+ -+/* -+ * Enqueue notification; called from the main pthread, peer object access is ok. -+ */ -+void bgp_notify_send_with_data(struct peer *peer, uint8_t code, -+ uint8_t sub_code, uint8_t *data, size_t datalen) -+{ -+ bgp_notify_send_internal(peer, code, sub_code, data, datalen, true); -+} -+ -+/* -+ * For use by the io pthread, queueing a notification but avoiding access to -+ * the peer object. -+ */ -+void bgp_notify_io_invalid(struct peer *peer, uint8_t code, uint8_t sub_code, -+ uint8_t *data, size_t datalen) -+{ -+ /* Avoid touching the peer object */ -+ bgp_notify_send_internal(peer, code, sub_code, data, datalen, false); - } - - /* -diff --git a/bgpd/bgp_packet.h b/bgpd/bgp_packet.h -index a0eb579db..9f6d772bc 100644 ---- a/bgpd/bgp_packet.h -+++ b/bgpd/bgp_packet.h -@@ -62,6 +62,8 @@ extern void bgp_open_send(struct peer *); - extern void bgp_notify_send(struct peer *, uint8_t, uint8_t); - extern void bgp_notify_send_with_data(struct peer *, uint8_t, uint8_t, - uint8_t *, size_t); -+void bgp_notify_io_invalid(struct peer *peer, uint8_t code, uint8_t sub_code, -+ uint8_t *data, size_t datalen); - extern void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi, - uint8_t orf_type, uint8_t when_to_refresh, - int remove, uint8_t subtype); --- -2.25.1 - diff --git a/meta-networking/recipes-protocols/frr/frr/0001-configure-Check-for-readline-function-instead-of-mai.patch b/meta-networking/recipes-protocols/frr/frr/0001-configure-Check-for-readline-function-instead-of-mai.patch deleted file mode 100644 index 20e8472233..0000000000 --- a/meta-networking/recipes-protocols/frr/frr/0001-configure-Check-for-readline-function-instead-of-mai.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 9399d58c13257849179d3c2b3698a2b43bc1b2a0 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Thu, 1 Sep 2022 10:39:23 -0700 -Subject: [PATCH] configure: Check for readline() function instead of main - -main is not a function found in libreadline, its better to check for a -function thats provided by it. - -Upstream-Status: Backport -[https://github.com/FRRouting/frr/commit/9399d58c13257849179d3c2b3698a2b43bc1b2a0] - -Signed-off-by: Khem Raj ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index b7e17d356..8c1fab0ea 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1372,7 +1372,7 @@ case "${enable_vtysh}" in - AC_DEFINE([VTYSH], [1], [VTY shell]) - - prev_libs="$LIBS" -- AC_CHECK_LIB([readline], [main], [ -+ AC_CHECK_LIB([readline], [readline], [ - LIBREADLINE="-lreadline" - ], [ - dnl readline failed - it might be incorrectly linked and missing its --- -2.37.3 - diff --git a/meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch b/meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch index 9e5cfd8f55..872a67c784 100644 --- a/meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch +++ b/meta-networking/recipes-protocols/frr/frr/0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch @@ -1,4 +1,4 @@ -From 6a2984718d7c47612b07be46d663e7b5e5b7c57d Mon Sep 17 00:00:00 2001 +From a82d704b1ec6ece47b01d12e0e067d4b62b10894 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Wed, 9 Nov 2022 20:24:45 +0100 Subject: [PATCH] m4/ax_python.m4: check for python-x.y-emded.pc, not @@ -7,7 +7,9 @@ Subject: [PATCH] m4/ax_python.m4: check for python-x.y-emded.pc, not Only the embed version includes necessary linker flags to link with libpython. -Upstream-Status: Submitted [https://github.com/FRRouting/frr/pull/12298] +Upstream-Status: Backport +[https://github.com/FRRouting/frr/commit/a82d704b1ec6ece47b01d12e0e067d4b62b10894] + Signed-off-by: Alexander Kanavin --- m4/ax_python.m4 | 2 +- @@ -26,3 +28,6 @@ index 91d12b99b..f5e603b96 100644 pkg="${pkg%-}" _PKG_CONFIG([PYTHON_CFLAGS], [cflags], [${pkg}]) _PKG_CONFIG([PYTHON_LIBS], [libs], [${pkg}]) +-- +2.25.1 + diff --git a/meta-networking/recipes-protocols/frr/frr/0001-ospfd-Adding-SUPPORT_OSPF_API-define-in-ospf_spf.c.patch b/meta-networking/recipes-protocols/frr/frr/0001-ospfd-Adding-SUPPORT_OSPF_API-define-in-ospf_spf.c.patch deleted file mode 100644 index 09988946b6..0000000000 --- a/meta-networking/recipes-protocols/frr/frr/0001-ospfd-Adding-SUPPORT_OSPF_API-define-in-ospf_spf.c.patch +++ /dev/null @@ -1,48 +0,0 @@ -From ec3bb054c331f9d928ac21a1747e0f921b51dfbc Mon Sep 17 00:00:00 2001 -From: Michal Ruprich -Date: Tue, 6 Sep 2022 12:25:01 +0200 -Subject: [PATCH] ospfd: Adding SUPPORT_OSPF_API define in ospf_spf.c - -It is not possible to build ospf_spf.c file with --disable-ospfapi because -ospf_apiserver.c has SUPPORT_OSPF_API around all function definitions and -that results in an undefined reference to the ospf_apiserver_notify_reachable -function error while building. - -Signed-off-by: Michal Ruprich - -Upstream-Status: Backport -[https://github.com/FRRouting/frr/commit/ec3bb054c331f9d928ac21a1747e0f921b51dfbc] - -Signed-off-by: Yi Zhao ---- - ospfd/ospf_spf.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/ospfd/ospf_spf.c b/ospfd/ospf_spf.c -index 46492ff6b..4edc1de81 100644 ---- a/ospfd/ospf_spf.c -+++ b/ospfd/ospf_spf.c -@@ -48,7 +48,10 @@ - #include "ospfd/ospf_sr.h" - #include "ospfd/ospf_ti_lfa.h" - #include "ospfd/ospf_errors.h" -+ -+#ifdef SUPPORT_OSPF_API - #include "ospfd/ospf_apiserver.h" -+#endif - - /* Variables to ensure a SPF scheduled log message is printed only once */ - -@@ -1895,7 +1898,9 @@ static void ospf_spf_calculate_schedule_worker(struct thread *thread) - /* Update all routers routing table */ - ospf->oall_rtrs = ospf->all_rtrs; - ospf->all_rtrs = all_rtrs; -+#ifdef SUPPORT_OSPF_API - ospf_apiserver_notify_reachable(ospf->oall_rtrs, ospf->all_rtrs); -+#endif - - /* Free old ABR/ASBR routing table */ - if (ospf->old_rtrs) --- -2.25.1 - diff --git a/meta-networking/recipes-protocols/frr/frr_8.3.1.bb b/meta-networking/recipes-protocols/frr/frr_8.3.1.bb deleted file mode 100644 index 67d50e3edc..0000000000 --- a/meta-networking/recipes-protocols/frr/frr_8.3.1.bb +++ /dev/null @@ -1,133 +0,0 @@ -SUMMARY = "BGP/OSPF/RIP routing daemon" -DESCRIPTION = "FRRouting is a free and open source Internet routing protocol suite for Linux \ -and Unix platforms. It implements BGP, OSPF, RIP, IS-IS, PIM, LDP, BFD, Babel, PBR, OpenFabric \ -and VRRP, with alpha support for EIGRP and NHRP." -HOMEPAGE = "https://frrouting.org/" -SECTION = "net" - -LICENSE = "GPL-2.0-only & LGPL-2.1-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://COPYING-LGPLv2.1;md5=4fbd65380cdd255951079008b364516c" - -SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/8.3 \ - file://0001-configure-Check-for-readline-function-instead-of-mai.patch \ - file://0001-ospfd-Adding-SUPPORT_OSPF_API-define-in-ospf_spf.c.patch \ - file://0001-bgpd-avoid-notify-race-between-io-and-main-pthreads.patch \ - file://0001-bgpd-Make-sure-hdr-length-is-at-a-minimum-of-what-is.patch \ - file://frr.pam \ - file://0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch \ - " - -SRCREV = "a74f7a9ad9623e6f9654fe4a7177e5da0b194828" - -S = "${WORKDIR}/git" - -# Due to libyang not supported on these arches: -COMPATIBLE_HOST:riscv32 = "null" -COMPATIBLE_HOST:riscv64 = "null" -COMPATIBLE_HOST:armv5 = "null" - -# Fail to build on mips64 with error: -# Error: PC-relative reference to a different section -COMPATIBLE_HOST:mips64 = "null" - -inherit autotools-brokensep python3native pkgconfig useradd systemd - -DEPENDS:class-native = "bison-native elfutils-native" -DEPENDS:class-target = "bison-native json-c readline c-ares libyang frr-native" - -RDEPENDS:${PN}:class-target = "iproute2 python3-core bash" - -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" -PACKAGECONFIG:class-native = "" - -PACKAGECONFIG[fpm] = "--enable-fpm,--disable-fpm" -PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam" -PACKAGECONFIG[grpc] = "--enable-grpc,--disable-grpc,grpc-native grpc" -PACKAGECONFIG[snmp] = "--enable-snmp,--disable-snmp,net-snmp" -PACKAGECONFIG[zeromq] = "--enable-zeromq,--disable-zeromq,zeromq" -PACKAGECONFIG[protobuf] = "--enable-protobuf,--disable-protobuf,protobuf-c-native protobuf-c" -PACKAGECONFIG[capabilities] = "--enable-capabilities,--disable-capabilities,libcap" -PACKAGECONFIG[cumulus] = "--enable-cumulus,--disable-cumulus" -PACKAGECONFIG[datacenter] = "--enable-datacenter,--disable-datacenter" -PACKAGECONFIG[ospfclient] = "--enable-ospfapi --enable-ospfclient,--disable-ospfapi --disable-ospfclient" - -EXTRA_OECONF:class-native = "--enable-clippy-only" - -EXTRA_OECONF:class-target = "--sbindir=${libdir}/frr \ - --sysconfdir=${sysconfdir}/frr \ - --localstatedir=${localstatedir}/run/frr \ - --enable-vtysh \ - --enable-multipath=64 \ - --enable-user=frr \ - --enable-group=frr \ - --enable-vty-group=frrvty \ - --enable-configfile-mask=0640 \ - --enable-logfile-mask=0640 \ - --disable-doc \ - --with-clippy=${RECIPE_SYSROOT_NATIVE}/usr/lib/clippy \ - " - -CACHED_CONFIGUREVARS += "ac_cv_path_PERL='/usr/bin/env perl'" - -LDFLAGS:append:mips = " -latomic" -LDFLAGS:append:mipsel = " -latomic" -LDFLAGS:append:powerpc = " -latomic" - -SYSTEMD_PACKAGES = "${PN}" -SYSTEMD_SERVICE:${PN} = "frr.service" -SYSTEMD_AUTO_ENABLE = "disable" - -do_compile:prepend () { - sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' \ - -e 's#${RECIPE_SYSROOT}##g' ${S}/lib/version.h -} - -do_compile:class-native () { - oe_runmake clippy-only -} - -do_install:class-native () { - install -d ${D}${libdir} - install -m 755 ${S}/lib/clippy ${D}${libdir}/clippy -} - -do_install:append:class-target () { - install -m 0755 -d ${D}${sysconfdir}/frr - install -m 0640 ${S}/tools/etc/frr/* ${D}${sysconfdir}/frr/ - chown frr:frrvty ${D}${sysconfdir}/frr - chown frr:frr ${D}${sysconfdir}/frr/* - chown frr:frrvty ${D}${sysconfdir}/frr/vtysh.conf - chmod 640 ${D}${sysconfdir}/frr/* - - if ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'true', 'false', d)}; then - install -d ${D}/${sysconfdir}/pam.d - install -m 644 ${WORKDIR}/frr.pam ${D}/${sysconfdir}/pam.d/frr - fi - - if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${B}/tools/frrinit.sh ${D}${sysconfdir}/init.d/frr - - install -d ${D}${sysconfdir}/default/volatiles - echo "d frr frr 0755 ${localstatedir}/run/frr none" \ - > ${D}${sysconfdir}/default/volatiles/99_frr - fi - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${systemd_system_unitdir} - install -m 0644 ${B}/tools/frr*.service ${D}${systemd_system_unitdir} - - install -d ${D}${sysconfdir}/tmpfiles.d - echo "d /run/frr 0755 frr frr -" \ - > ${D}${sysconfdir}/tmpfiles.d/${BPN}.conf - fi -} - -USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM:${PN} = "--system frr ; --system frrvty" -USERADD_PARAM:${PN} = "--system --home ${localstatedir}/run/frr/ -M -g frr -G frrvty --shell /bin/false frr" - -FILES:${PN} += "${datadir}/yang" - -BBCLASSEXTEND = "native" diff --git a/meta-networking/recipes-protocols/frr/frr_8.4.1.bb b/meta-networking/recipes-protocols/frr/frr_8.4.1.bb new file mode 100644 index 0000000000..d3c86e7d75 --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr_8.4.1.bb @@ -0,0 +1,129 @@ +SUMMARY = "BGP/OSPF/RIP routing daemon" +DESCRIPTION = "FRRouting is a free and open source Internet routing protocol suite for Linux \ +and Unix platforms. It implements BGP, OSPF, RIP, IS-IS, PIM, LDP, BFD, Babel, PBR, OpenFabric \ +and VRRP, with alpha support for EIGRP and NHRP." +HOMEPAGE = "https://frrouting.org/" +SECTION = "net" + +LICENSE = "GPL-2.0-only & LGPL-2.1-only" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://COPYING-LGPLv2.1;md5=4fbd65380cdd255951079008b364516c" + +SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/8.4 \ + file://frr.pam \ + file://0001-m4-ax_python.m4-check-for-python-x.y-emded.pc-not-py.patch \ + " + +SRCREV = "70151e264bbb697a10fed711aa8c937d4f0009b1" + +S = "${WORKDIR}/git" + +# Due to libyang not supported on these arches: +COMPATIBLE_HOST:riscv32 = "null" +COMPATIBLE_HOST:riscv64 = "null" +COMPATIBLE_HOST:armv5 = "null" + +# Fail to build on mips64 with error: +# Error: PC-relative reference to a different section +COMPATIBLE_HOST:mips64 = "null" + +inherit autotools-brokensep python3native pkgconfig useradd systemd + +DEPENDS:class-native = "bison-native elfutils-native" +DEPENDS:class-target = "bison-native json-c readline c-ares libyang frr-native" + +RDEPENDS:${PN}:class-target = "iproute2 python3-core bash" + +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" +PACKAGECONFIG:class-native = "" + +PACKAGECONFIG[fpm] = "--enable-fpm,--disable-fpm" +PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam" +PACKAGECONFIG[grpc] = "--enable-grpc,--disable-grpc,grpc-native grpc" +PACKAGECONFIG[snmp] = "--enable-snmp,--disable-snmp,net-snmp" +PACKAGECONFIG[zeromq] = "--enable-zeromq,--disable-zeromq,zeromq" +PACKAGECONFIG[protobuf] = "--enable-protobuf,--disable-protobuf,protobuf-c-native protobuf-c" +PACKAGECONFIG[capabilities] = "--enable-capabilities,--disable-capabilities,libcap" +PACKAGECONFIG[cumulus] = "--enable-cumulus,--disable-cumulus" +PACKAGECONFIG[datacenter] = "--enable-datacenter,--disable-datacenter" +PACKAGECONFIG[ospfclient] = "--enable-ospfapi --enable-ospfclient,--disable-ospfapi --disable-ospfclient" + +EXTRA_OECONF:class-native = "--enable-clippy-only" + +EXTRA_OECONF:class-target = "--sbindir=${libdir}/frr \ + --sysconfdir=${sysconfdir}/frr \ + --localstatedir=${localstatedir}/run/frr \ + --enable-vtysh \ + --enable-multipath=64 \ + --enable-user=frr \ + --enable-group=frr \ + --enable-vty-group=frrvty \ + --enable-configfile-mask=0640 \ + --enable-logfile-mask=0640 \ + --disable-doc \ + --with-clippy=${RECIPE_SYSROOT_NATIVE}/usr/lib/clippy \ + " + +CACHED_CONFIGUREVARS += "ac_cv_path_PERL='/usr/bin/env perl'" + +LDFLAGS:append:mips = " -latomic" +LDFLAGS:append:mipsel = " -latomic" +LDFLAGS:append:powerpc = " -latomic" + +SYSTEMD_PACKAGES = "${PN}" +SYSTEMD_SERVICE:${PN} = "frr.service" +SYSTEMD_AUTO_ENABLE = "disable" + +do_compile:prepend () { + sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' \ + -e 's#${RECIPE_SYSROOT}##g' ${S}/lib/version.h +} + +do_compile:class-native () { + oe_runmake clippy-only +} + +do_install:class-native () { + install -d ${D}${libdir} + install -m 755 ${S}/lib/clippy ${D}${libdir}/clippy +} + +do_install:append:class-target () { + install -m 0755 -d ${D}${sysconfdir}/frr + install -m 0640 ${S}/tools/etc/frr/* ${D}${sysconfdir}/frr/ + chown frr:frrvty ${D}${sysconfdir}/frr + chown frr:frr ${D}${sysconfdir}/frr/* + chown frr:frrvty ${D}${sysconfdir}/frr/vtysh.conf + chmod 640 ${D}${sysconfdir}/frr/* + + if ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'true', 'false', d)}; then + install -d ${D}/${sysconfdir}/pam.d + install -m 644 ${WORKDIR}/frr.pam ${D}/${sysconfdir}/pam.d/frr + fi + + if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${B}/tools/frrinit.sh ${D}${sysconfdir}/init.d/frr + + install -d ${D}${sysconfdir}/default/volatiles + echo "d frr frr 0755 ${localstatedir}/run/frr none" \ + > ${D}${sysconfdir}/default/volatiles/99_frr + fi + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${B}/tools/frr*.service ${D}${systemd_system_unitdir} + + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /run/frr 0755 frr frr -" \ + > ${D}${sysconfdir}/tmpfiles.d/${BPN}.conf + fi +} + +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM:${PN} = "--system frr ; --system frrvty" +USERADD_PARAM:${PN} = "--system --home ${localstatedir}/run/frr/ -M -g frr -G frrvty --shell /bin/false frr" + +FILES:${PN} += "${datadir}/yang" + +BBCLASSEXTEND = "native" -- cgit v1.2.3-54-g00ecf