| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
drop debian patch as the file was dropped upstream.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
fixup another python file to use py3
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
refresh patch
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
This recipe is not maintained and will be dropped by the next LTS if nothing changes.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
remove DEFAULT_PREFERENCE -1
The git version is unmaintained
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using the kernel module parameter "dm-mod.create=" [1] to create
the device-mapper device, the hash offset address we passed to kernel
module is the hash block number. That means the hash offset address
would have to be aligned to the max(data_block_size, hash_block_size),
otherwise there would be no way to set the correct hash offset address
via "dm-mo.create=".
[1] https://www.kernel.org/doc/Documentation/admin-guide/device-mapper/dm-init.rst
Signed-off-by: Kevin Hao <kexin.hao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
This is meant to augment the generic dm-verity instructions with
the board specifics for this platform.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As things stand currently, the only way to learn about the Yocto
specific settings for implementing dm-verity is by reading the source.
Here we try and capture some of the basic information that exists
out there in mailing list posts and get that in-tree.
Board specific settings/tips will be stored in board specific files.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes warning
```
SyntaxWarning: "is not" with a literal. Did you mean "!="?
```
Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This file was forked from the generic (non verity) version in
meta-yocto, but it would seem that due to limited use, an update
in the parent never made it here, even after two years:
[commit 0c679ac53b52e631a7c961872ce58f5cf74b8629 in meta-yocto]
From: Kevin Hao <kexin.hao@windriver.com>
Date: Tue, 23 Mar 2021 17:35:29 +0800
Subject: [PATCH] meta-yocto-bsp: beaglebone: Set a fixed size for boot
partition in WIC image
After the dosfstools has been updated to v4.2 by commit b522f24723e1
("dosfstools: update 4.1 -> 4.2"), the commit b29eb5be67e9 ("mkfs.fat:
Align total number of sectors to be multiple of sectors per track") in
v4.2 has caused a regression in beagebone black board. The reason is
that the real total sectors of the fat filesystem created by the mkdosfs
may not be the same size as what we requested due to align with the
sectors per track, this change seem no side effect to linux kernel,
but it breaks the beaglebone black boot ROM and make it can't load the
MLO. In order to fix this issue, we choose to set a fixed size for the
boot partition to make sure that the total sectors always are aligned
with the sectors per track.
[Yocto #14306]
Bring the same change across, so dm-verity doesn't face the same
frustrating silent boot failure with zero console output.
With this change in place, and allowing for read-only rootfs, we see:
device-mapper: verity: sha256 using implementation "sha256-generic"
EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null). Quota mode: disabled.
INIT: version 3.01 booting
Note that the above is from booting on real hardware on Kirkstone.
Cc: Kevin Hao <kexin.hao@windriver.com>
Cc: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The priority change on sumo version without any description.
Since then is very hard to add in other layers a new version
of any recipe on this layer with such priority so these patch
reverts the priority back to 6.
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The priority change on sumo version without any description.
Since then is very hard to add in other layers a new version
of any recipe on this layer with such priority so these patch
reverts the priority back to 6.
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The priority change on sumo version without any description.
Since then is very hard to add in other layers a new version
of any recipe on this layer with such priority so these patch
reverts the priority back to 6.
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://github.com/tpm2-software/tpm2-abrmd/blob/3.0.0/CHANGELOG.md
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://github.com/tpm2-software/tpm2-pkcs11/blob/1.9.0/CHANGELOG.md
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://github.com/tpm2-software/tpm2-tools/blob/5.5/docs/CHANGELOG.md
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Changelog:
https://github.com/tpm2-software/tpm2-tss/blob/4.0.1/CHANGELOG.md
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Add squashfs to images supported by verity.
Signed-off-by: Maciek Borzecki <maciek@thing.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These bbappends apply to multiple kernel versions so no
need to make them version dependent. Fixes recipe parsing when
using meta-security master branch on kirkstone. In our custom layer we
set layer compatibility for kirkstone and I understand why meta-security
upstream would not want to do that:
LAYERSERIES_COMPAT_security-layer += 'kirkstone'
LAYERSERIES_COMPAT_parsec-layer += 'kirkstone'
LAYERSERIES_COMPAT_tpm-layer += 'kirkstone'
While I work towards supporting also yocto master branch and newer
releases than kirkstone, I would appreciate if I would not have to
branch off layers over minor details like this.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OE-Core changed the cache handling which made the use of ${BPN} no fail.
| Parsing recipes...WARNING: .../samhain-standalone.bb: Exception during build_dependencies for do_configure
| WARNING: .../samhain-standalone.bb: Error during finalise of .../samhain-standalone.bb
| ERROR: ExpansionError during parsing .../samhain-standalone.bb
| Traceback (most recent call last):
| File "Var <MODE_NAME>", line 1, in <module>
| bb.data_smart.ExpansionError: Failure expanding variable MODE_NAME, expression was ${@d.getVar('BPN').split('-')[1]} which triggered exception IndexError: list index out of range
| The variable dependency chain for the failure is: MODE_NAME -> SAMHAIN_MODE -> do_configure
Simplify the setting of MODE_NAME and SAMHAIN_MODE by setting them
in the recipe files where we know their values.
bitbake:
ee89ade5 cache/codeparser: Switch to a new BB_CACHEDIR variable for cache location
oe-core:
7c15e03dd3 bitbake.conf: Add BB_HASH_CODEPARSER_VALS
Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
swig has switched to use libpcre2, we need to add libpcre to
DEPENDS to avoid do_configure failure.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
It was moved to meta-oe.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
* oe-core switched to mickedore in:
https://git.openembedded.org/openembedded-core/commit/?id=57239d66b933c4313cf331d35d13ec2d0661c38f
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Inherit github-releases so that `devtool upgrade` can identify new
versions correctly.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This commit updates the parsec-service to v1.1.0 and the parsec-tool
to v0.5.4.
The buildpaths QA check has been disabled and relevant
issue links have been added to address this.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
|
| |
|
|
|
| |
Signed-off-by: Michael Haener <michael.haener@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
LIC_FILES_CHKSUM changed do to yr change
Drop patch remove_linux_fs.patch
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
LIC_FILE_CHKSUM changes to to indentations changes.
use bootstrap to setup config properly.
Drop libgssglue-fix-CVE-2011-2709.patch, libgssglue-g-initialize.patch now included in update.
and ibgssglue-mglueP.patch now included in update.
Drop libgssglue-gss-inq-cred.patch still pending after 5 yrs.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Fix typo in HOMEPAGE
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| | |
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Default is to install the service in /usr/lib
Signed-off-by: Armin Kuster <akuster808@gmail.com>
--
[V2]
Fix typo in subject
|
| |
|
|
|
|
| |
make[2]: *** No rule to make target '../rust/target/arm-poky-linux-gnueabi/release/libsuricata.a', needed by 'suricata'
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
|
