From 1423a3c5c594fb5b4f6131a42c8d3e243d4958b8 Mon Sep 17 00:00:00 2001
From: Jia Zhang <zhang.jia@linux.alibaba.com>
Date: Thu, 20 Sep 2018 10:08:23 -0400
Subject: Maintain the stable branch rocko

The modifications based on the following commits are made by the way:

- seloader: Fix building for rocko (bc6bbe2)
- meta-integrity: rpm: Add back in required patches for rocko (5fa9c85)

Because the sanity check for rocko now becomes unnecessary.

In addition, the meta-intel-sgx is removed because it is still
experimental.

- meta-intel-sgx: Initial support of linux-sgx-driver (7d4f711)

Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
---
 MAINTAINERS                                        |  2 +-
 README                                             |  6 ++--
 meta-efi-secure-boot/conf/layer.conf               |  2 +-
 .../recipes-bsp/seloader/seloader_git.bb           |  3 +-
 meta-encrypted-storage/conf/layer.conf             |  2 +-
 meta-ids/conf/layer.conf                           |  2 +-
 meta-integrity/conf/layer.conf                     |  2 +-
 .../recipes-devtools/rpm/rpm-integrity.inc         |  3 +-
 meta-intel-sgx/README.md                           | 23 ---------------
 meta-intel-sgx/conf/layer.conf                     | 18 ------------
 .../intel-sgx-driver/intel-sgx-driver_2.1.bb       | 34 ----------------------
 meta-signing-key/conf/layer.conf                   |  2 +-
 meta-tpm/conf/layer.conf                           |  2 +-
 meta-tpm2/conf/layer.conf                          |  2 +-
 meta/conf/layer.conf                               |  2 +-
 15 files changed, 14 insertions(+), 91 deletions(-)
 delete mode 100644 meta-intel-sgx/README.md
 delete mode 100644 meta-intel-sgx/conf/layer.conf
 delete mode 100644 meta-intel-sgx/recipes-kernel/intel-sgx-driver/intel-sgx-driver_2.1.bb

diff --git a/MAINTAINERS b/MAINTAINERS
index 60f11fa..34d0fc4 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1 +1 @@
-Jia Zhang <zhang.jia@linux.alibaba.com>
+Tom Rini <trini@konsulko.com>
diff --git a/README b/README
index 8c0ebff..651f75b 100644
--- a/README
+++ b/README
@@ -10,11 +10,11 @@ Dependencies
 This layer depends on:
 
   URI: git://git.openembedded.org/bitbake
-  branch: master
+  branch: rocko
 
   URI: git://git.openembedded.org/openembedded-core
   layers: meta
-  branch: master
+  branch: rocko
 
 
 Patches
@@ -23,7 +23,7 @@ Patches
 Please submit any patches against the meta-secure-core layer to the
 maintainer:
 
-Maintainer: Jia Zhang <lans.zhang2008@gmail.com>
+Maintainer: Tom Rini <trini@konsulko.com>
 
 
 Table of Contents
diff --git a/meta-efi-secure-boot/conf/layer.conf b/meta-efi-secure-boot/conf/layer.conf
index 7d69fea..458eb52 100644
--- a/meta-efi-secure-boot/conf/layer.conf
+++ b/meta-efi-secure-boot/conf/layer.conf
@@ -19,4 +19,4 @@ LAYERDEPENDS_efi-secure-boot = "\
     perl-layer \
 "
 
-LAYERSERIES_COMPAT_efi-secure-boot = "rocko sumo"
+LAYERSERIES_COMPAT_efi-secure-boot = "rocko"
diff --git a/meta-efi-secure-boot/recipes-bsp/seloader/seloader_git.bb b/meta-efi-secure-boot/recipes-bsp/seloader/seloader_git.bb
index 5d5fe2d..3275cc5 100644
--- a/meta-efi-secure-boot/recipes-bsp/seloader/seloader_git.bb
+++ b/meta-efi-secure-boot/recipes-bsp/seloader/seloader_git.bb
@@ -43,10 +43,9 @@ EXTRA_OEMAKE = "\
     SBSIGN=${STAGING_BINDIR_NATIVE}/sbsign \
     gnuefi_libdir=${STAGING_LIBDIR} \
     LIB_GCC="`${CC} -print-libgcc-file-name`" \
+    GNU_EFI_VERSION=306 \
 "
 
-EXTRA_OEMAKE += "${@bb.utils.contains('LAYERSERIES_CORENAMES', 'rocko', 'GNU_EFI_VERSION=306', '', d)}"
-
 EFI_ARCH_x86 = "ia32"
 EFI_ARCH_x86-64 = "x64"
 
diff --git a/meta-encrypted-storage/conf/layer.conf b/meta-encrypted-storage/conf/layer.conf
index 18fa131..dd85e7a 100644
--- a/meta-encrypted-storage/conf/layer.conf
+++ b/meta-encrypted-storage/conf/layer.conf
@@ -17,4 +17,4 @@ LAYERDEPENDS_encrypted-storage = "\
     openembedded-layer \
 "
 
-LAYERSERIES_COMPAT_encrypted-storage = "rocko sumo"
+LAYERSERIES_COMPAT_encrypted-storage = "rocko"
diff --git a/meta-ids/conf/layer.conf b/meta-ids/conf/layer.conf
index 50cc3cc..677772e 100644
--- a/meta-ids/conf/layer.conf
+++ b/meta-ids/conf/layer.conf
@@ -16,4 +16,4 @@ LAYERDEPENDS_ids = "\
     networking-layer \
 "
 
-LAYERSERIES_COMPAT_ids = "rocko sumo"
+LAYERSERIES_COMPAT_ids = "rocko"
diff --git a/meta-integrity/conf/layer.conf b/meta-integrity/conf/layer.conf
index 74961cc..7734e5c 100644
--- a/meta-integrity/conf/layer.conf
+++ b/meta-integrity/conf/layer.conf
@@ -27,4 +27,4 @@ BB_HASHBASE_WHITELIST_append += "\
     RPM_FSK_PATH \
 "
 
-LAYERSERIES_COMPAT_integrity = "rocko sumo"
+LAYERSERIES_COMPAT_integrity = "rocko"
diff --git a/meta-integrity/recipes-devtools/rpm/rpm-integrity.inc b/meta-integrity/recipes-devtools/rpm/rpm-integrity.inc
index 172d5a2..aeb7c07 100644
--- a/meta-integrity/recipes-devtools/rpm/rpm-integrity.inc
+++ b/meta-integrity/recipes-devtools/rpm/rpm-integrity.inc
@@ -1,6 +1,6 @@
 FILESEXTRAPATHS_prepend := "${THISDIR}/rpm:"
 
-ROCKO_SRC_URI = "\
+SRC_URI += "\
     file://0001-Pass-sign-arguments-to-signature-deletion-too.patch \
     file://0002-Beat-some-sense-into-rpmsign-cli-parsing.patch \
     file://0003-Fix-thinko-typo-in-file-signing-error-message.patch \
@@ -13,7 +13,6 @@ ROCKO_SRC_URI = "\
     file://0010-Fix-a-number-of-problems-in-get_fskpass.patch \
     file://0011-Bump-file-digests-to-SHA256-by-default-finally.patch \
 "
-SRC_URI += "${@bb.utils.contains('LAYERSERIES_CORENAMES', 'rocko', '${ROCKO_SRC_URI}', '', d)}"
 
 PACKAGECONFIG = "${@bb.utils.contains('DISTRO_FEATURES', 'ima', 'imaevm', '', d)}"
 
diff --git a/meta-intel-sgx/README.md b/meta-intel-sgx/README.md
deleted file mode 100644
index d1b8444..0000000
--- a/meta-intel-sgx/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-### Overview
-This layer provides the support of Intel Software Guard Extensions
-(Intel SGX), which is an Intel technology for application developers
-seeking to protect select code and data from disclosure or modification.
-
-The Linux SGX software stack is comprised of the Intel SGX driver, the
-Intel SGX SDK, and the Intel SGX Platform Software.
-
-### Intel SGX Driver
-The recipe sgx-driver provides a out-of-tree driver for the Linux Intel
-SGX software stack, which will be used until the driver upstreaming process
-is complete.
-
-### Intel SGX SDK and PSW
-The recipes are still in development.
-
-### Hardware Support
-Please check [this site](https://github.com/ayeks/SGX-hardware) for the
-latest information.
-
-### Reference
-- [SGX driver](https://github.com/intel/linux-sgx-driver)
-- [SGX SDK and PSW](https://github.com/intel/linux-sgx)
diff --git a/meta-intel-sgx/conf/layer.conf b/meta-intel-sgx/conf/layer.conf
deleted file mode 100644
index 8dca356..0000000
--- a/meta-intel-sgx/conf/layer.conf
+++ /dev/null
@@ -1,18 +0,0 @@
-# We have a conf and classes directory, add to BBPATH
-BBPATH .= ":${LAYERDIR}"
-
-# We have recipes-* directories, add to BBFILES
-BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \
-	${LAYERDIR}/recipes-*/*/*.bbappend"
-
-BBFILE_COLLECTIONS += "intel-sgx"
-BBFILE_PATTERN_intel-sgx = "^${LAYERDIR}/"
-BBFILE_PRIORITY_intel-sgx = "10"
-
-BBLAYERS_LAYERINDEX_NAME_intel-sgx = "meta-intel-sgx"
-
-LAYERDEPENDS_intel-sgx = "\
-    core \
-"
-
-LAYERSERIES_COMPAT_intel-sgx = "rocko sumo"
diff --git a/meta-intel-sgx/recipes-kernel/intel-sgx-driver/intel-sgx-driver_2.1.bb b/meta-intel-sgx/recipes-kernel/intel-sgx-driver/intel-sgx-driver_2.1.bb
deleted file mode 100644
index b1abcd5..0000000
--- a/meta-intel-sgx/recipes-kernel/intel-sgx-driver/intel-sgx-driver_2.1.bb
+++ /dev/null
@@ -1,34 +0,0 @@
-SUMMARY = "Intel SGX Linux DDDriver"
-DESCRIPTION = "Intel(R) Software Guard Extensions (Intel(R) SGX) \
-is an Intel technology for application developers seeking to \
-protect select code and data from disclosure or modification."
-HOMEPAGE = "https://github.com/intel/linux-sgx-driver"
-
-LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://License.txt;md5=b54f8941f6087efb6be3deb0f1e617f7"
-
-DEPENDS = "virtual/kernel"
-
-PV = "2.1+git${SRCPV}"
-
-SRC_URI = "\
-    git://github.com/intel/linux-sgx-driver.git \
-"
-SRCREV = "2a509c203533f9950fa3459fe91864051bc021a2"
-
-S = "${WORKDIR}/git"
-
-inherit module
-
-EXTRA_OEMAKE += "KDIR='${STAGING_KERNEL_DIR}'"
-
-MODULE_NAME = "isgx"
-
-do_install () {
-    dir="${D}/lib/modules/${KERNEL_VERSION}/kernel/${MODULE_NAME}"
-
-    install -d "$dir"
-    install -m 0644 "${MODULE_NAME}.ko" "$dir"
-}
-
-RPROVIDES_${PN} += "kernel-module-${MODULE_NAME}"
diff --git a/meta-signing-key/conf/layer.conf b/meta-signing-key/conf/layer.conf
index 67fc8d3..97694d5 100644
--- a/meta-signing-key/conf/layer.conf
+++ b/meta-signing-key/conf/layer.conf
@@ -13,7 +13,7 @@ BBLAYERS_LAYERINDEX_NAME_signing-key = "meta-signing-key"
 
 LAYERDEPENDS_signing-key = "core"
 
-LAYERSERIES_COMPAT_signing-key = "rocko sumo"
+LAYERSERIES_COMPAT_signing-key = "rocko"
 
 SIGNING_MODEL ??= "sample"
 SAMPLE_MOK_SB_KEYS_DIR = "${LAYERDIR}/files/mok_sb_keys"
diff --git a/meta-tpm/conf/layer.conf b/meta-tpm/conf/layer.conf
index 2b2dd3e..6f150b8 100644
--- a/meta-tpm/conf/layer.conf
+++ b/meta-tpm/conf/layer.conf
@@ -13,4 +13,4 @@ BBLAYERS_LAYERINDEX_NAME_tpm = "meta-tpm"
 
 LAYERDEPENDS_tpm = "core"
 
-LAYERSERIES_COMPAT_tpm = "rocko sumo"
+LAYERSERIES_COMPAT_tpm = "rocko"
diff --git a/meta-tpm2/conf/layer.conf b/meta-tpm2/conf/layer.conf
index 9957c6e..71063d4 100644
--- a/meta-tpm2/conf/layer.conf
+++ b/meta-tpm2/conf/layer.conf
@@ -13,4 +13,4 @@ BBLAYERS_LAYERINDEX_NAME_tpm2 = "meta-tpm2"
 
 LAYERDEPENDS_tpm2 = "core"
 
-LAYERSERIES_COMPAT_tpm2 = "rocko sumo"
+LAYERSERIES_COMPAT_tpm2 = "rocko"
diff --git a/meta/conf/layer.conf b/meta/conf/layer.conf
index 301b017..b343571 100644
--- a/meta/conf/layer.conf
+++ b/meta/conf/layer.conf
@@ -15,4 +15,4 @@ LAYERDEPENDS_secure-core = "\
     core \
 "
 
-LAYERSERIES_COMPAT_secure-core = "rocko sumo"
+LAYERSERIES_COMPAT_secure-core = "rocko"
-- 
cgit v1.2.3-54-g00ecf