diff options
author | Laurent Bonnans <laurent.bonnans@here.com> | 2018-05-22 10:19:33 +0200 |
---|---|---|
committer | Laurent Bonnans <laurent.bonnans@here.com> | 2018-05-22 10:19:33 +0200 |
commit | 21b3d7ceedd53f9b5eb00b777bdb1cf22183e289 (patch) | |
tree | 7b4ef4b2e4d1ec02a61a87cbd040e1eebb5112a8 /meta-sota | |
parent | 52e20c85e8a39f3d9bfc27448f235c34b31491e6 (diff) | |
download | meta-updater-21b3d7ceedd53f9b5eb00b777bdb1cf22183e289.tar.gz |
Start moving everything for new directory structure
Diffstat (limited to 'meta-sota')
85 files changed, 3569 insertions, 0 deletions
diff --git a/meta-sota/classes/image_repo_manifest.bbclass b/meta-sota/classes/image_repo_manifest.bbclass new file mode 100644 index 0000000..467fd9a --- /dev/null +++ b/meta-sota/classes/image_repo_manifest.bbclass | |||
@@ -0,0 +1,23 @@ | |||
1 | # Writes the repo manifest to the target filesystem in /etc/manifest.xml | ||
2 | # | ||
3 | # Author: Phil Wise <phil@advancedtelematic.com> | ||
4 | # Usage: add "inherit image_repo_manifest" to your image file | ||
5 | # To reproduce a build, copy the /etc/manifest.xml to .repo/manifests/yourname.xml | ||
6 | # then run: | ||
7 | # repo init -m yourname.xml | ||
8 | # repo sync | ||
9 | # For more information, see: | ||
10 | # https://web.archive.org/web/20161224194009/https://wiki.cyanogenmod.org/w/Doc:_Using_manifests | ||
11 | |||
12 | HOSTTOOLS_NONFATAL += " repo " | ||
13 | |||
14 | # Write build information to target filesystem | ||
15 | buildinfo () { | ||
16 | if [ $(which repo) ]; then | ||
17 | repo manifest --revision-as-HEAD -o ${IMAGE_ROOTFS}${sysconfdir}/manifest.xml || bbwarn "Android repo tool failed to run; manifest not copied" | ||
18 | else | ||
19 | bbwarn "Android repo tool not found; manifest not copied." | ||
20 | fi | ||
21 | } | ||
22 | |||
23 | IMAGE_PREPROCESS_COMMAND += "buildinfo;" | ||
diff --git a/meta-sota/classes/image_types_ostree.bbclass b/meta-sota/classes/image_types_ostree.bbclass new file mode 100644 index 0000000..bc44e33 --- /dev/null +++ b/meta-sota/classes/image_types_ostree.bbclass | |||
@@ -0,0 +1,259 @@ | |||
1 | # OSTree deployment | ||
2 | |||
3 | do_image_ostree[depends] += "ostree-native:do_populate_sysroot \ | ||
4 | openssl-native:do_populate_sysroot \ | ||
5 | coreutils-native:do_populate_sysroot \ | ||
6 | unzip-native:do_populate_sysroot \ | ||
7 | virtual/kernel:do_deploy \ | ||
8 | ${OSTREE_INITRAMFS_IMAGE}:do_image_complete" | ||
9 | |||
10 | export OSTREE_REPO | ||
11 | export OSTREE_BRANCHNAME | ||
12 | export GARAGE_TARGET_NAME | ||
13 | |||
14 | RAMDISK_EXT ?= ".${OSTREE_INITRAMFS_FSTYPES}" | ||
15 | |||
16 | OSTREE_KERNEL ??= "${KERNEL_IMAGETYPE}" | ||
17 | |||
18 | export SYSTEMD_USED = "${@oe.utils.ifelse(d.getVar('VIRTUAL-RUNTIME_init_manager', True) == 'systemd', 'true', '')}" | ||
19 | |||
20 | IMAGE_CMD_ostree () { | ||
21 | if [ -z "$OSTREE_REPO" ]; then | ||
22 | bbfatal "OSTREE_REPO should be set in your local.conf" | ||
23 | fi | ||
24 | |||
25 | if [ -z "$OSTREE_BRANCHNAME" ]; then | ||
26 | bbfatal "OSTREE_BRANCHNAME should be set in your local.conf" | ||
27 | fi | ||
28 | |||
29 | OSTREE_ROOTFS=`mktemp -du ${WORKDIR}/ostree-root-XXXXX` | ||
30 | cp -a ${IMAGE_ROOTFS} ${OSTREE_ROOTFS} | ||
31 | chmod a+rx ${OSTREE_ROOTFS} | ||
32 | sync | ||
33 | |||
34 | cd ${OSTREE_ROOTFS} | ||
35 | |||
36 | # Create sysroot directory to which physical sysroot will be mounted | ||
37 | mkdir sysroot | ||
38 | ln -sf sysroot/ostree ostree | ||
39 | |||
40 | rm -rf tmp/* | ||
41 | ln -sf sysroot/tmp tmp | ||
42 | |||
43 | mkdir -p usr/rootdirs | ||
44 | |||
45 | mv etc usr/ | ||
46 | # Implement UsrMove | ||
47 | dirs="bin sbin lib" | ||
48 | |||
49 | for dir in ${dirs} ; do | ||
50 | if [ -d ${dir} ] && [ ! -L ${dir} ] ; then | ||
51 | mv ${dir} usr/rootdirs/ | ||
52 | rm -rf ${dir} | ||
53 | ln -sf usr/rootdirs/${dir} ${dir} | ||
54 | fi | ||
55 | done | ||
56 | |||
57 | if [ -n "$SYSTEMD_USED" ]; then | ||
58 | mkdir -p usr/etc/tmpfiles.d | ||
59 | tmpfiles_conf=usr/etc/tmpfiles.d/00ostree-tmpfiles.conf | ||
60 | echo "d /var/rootdirs 0755 root root -" >>${tmpfiles_conf} | ||
61 | echo "L /var/rootdirs/home - - - - /sysroot/home" >>${tmpfiles_conf} | ||
62 | else | ||
63 | mkdir -p usr/etc/init.d | ||
64 | tmpfiles_conf=usr/etc/init.d/tmpfiles.sh | ||
65 | echo '#!/bin/sh' > ${tmpfiles_conf} | ||
66 | echo "mkdir -p /var/rootdirs; chmod 755 /var/rootdirs" >> ${tmpfiles_conf} | ||
67 | echo "ln -sf /sysroot/home /var/rootdirs/home" >> ${tmpfiles_conf} | ||
68 | |||
69 | ln -s ../init.d/tmpfiles.sh usr/etc/rcS.d/S20tmpfiles.sh | ||
70 | fi | ||
71 | |||
72 | # Preserve OSTREE_BRANCHNAME for future information | ||
73 | mkdir -p usr/share/sota/ | ||
74 | echo -n "${OSTREE_BRANCHNAME}" > usr/share/sota/branchname | ||
75 | |||
76 | # Preserve data in /home to be later copied to /sysroot/home by sysroot | ||
77 | # generating procedure | ||
78 | mkdir -p usr/homedirs | ||
79 | if [ -d "home" ] && [ ! -L "home" ]; then | ||
80 | mv home usr/homedirs/home | ||
81 | ln -sf var/rootdirs/home home | ||
82 | fi | ||
83 | |||
84 | # Move persistent directories to /var | ||
85 | dirs="opt mnt media srv" | ||
86 | |||
87 | for dir in ${dirs}; do | ||
88 | if [ -d ${dir} ] && [ ! -L ${dir} ]; then | ||
89 | if [ "$(ls -A $dir)" ]; then | ||
90 | bbwarn "Data in /$dir directory is not preserved by OSTree. Consider moving it under /usr" | ||
91 | fi | ||
92 | |||
93 | if [ -n "$SYSTEMD_USED" ]; then | ||
94 | echo "d /var/rootdirs/${dir} 0755 root root -" >>${tmpfiles_conf} | ||
95 | else | ||
96 | echo "mkdir -p /var/rootdirs/${dir}; chown 755 /var/rootdirs/${dir}" >>${tmpfiles_conf} | ||
97 | fi | ||
98 | rm -rf ${dir} | ||
99 | ln -sf var/rootdirs/${dir} ${dir} | ||
100 | fi | ||
101 | done | ||
102 | |||
103 | if [ -d root ] && [ ! -L root ]; then | ||
104 | if [ "$(ls -A root)" ]; then | ||
105 | bberror "Data in /root directory is not preserved by OSTree." | ||
106 | exit 1 | ||
107 | fi | ||
108 | |||
109 | if [ -n "$SYSTEMD_USED" ]; then | ||
110 | echo "d /var/roothome 0755 root root -" >>${tmpfiles_conf} | ||
111 | else | ||
112 | echo "mkdir -p /var/roothome; chown 755 /var/roothome" >>${tmpfiles_conf} | ||
113 | fi | ||
114 | |||
115 | rm -rf root | ||
116 | ln -sf var/roothome root | ||
117 | fi | ||
118 | |||
119 | if [ -n "${SOTA_SECONDARY_ECUS}" ]; then | ||
120 | mkdir -p var/sota/ecus | ||
121 | cp ${SOTA_SECONDARY_ECUS} var/sota/ecus | ||
122 | fi | ||
123 | |||
124 | # Creating boot directories is required for "ostree admin deploy" | ||
125 | |||
126 | mkdir -p boot/loader.0 | ||
127 | mkdir -p boot/loader.1 | ||
128 | ln -sf boot/loader.0 boot/loader | ||
129 | |||
130 | checksum=`sha256sum ${DEPLOY_DIR_IMAGE}/${OSTREE_KERNEL} | cut -f 1 -d " "` | ||
131 | |||
132 | cp ${DEPLOY_DIR_IMAGE}/${OSTREE_KERNEL} boot/vmlinuz-${checksum} | ||
133 | cp ${DEPLOY_DIR_IMAGE}/${OSTREE_INITRAMFS_IMAGE}-${MACHINE}${RAMDISK_EXT} boot/initramfs-${checksum} | ||
134 | |||
135 | # Copy image manifest | ||
136 | cat ${IMAGE_MANIFEST} | cut -d " " -f1,3 > usr/package.manifest | ||
137 | |||
138 | cd ${WORKDIR} | ||
139 | |||
140 | # Create a tarball that can be then commited to OSTree repo | ||
141 | OSTREE_TAR=${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.rootfs.ostree.tar.bz2 | ||
142 | tar -C ${OSTREE_ROOTFS} --xattrs --xattrs-include='*' -cjf ${OSTREE_TAR} . | ||
143 | sync | ||
144 | |||
145 | rm -f ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2 | ||
146 | ln -s ${IMAGE_NAME}.rootfs.ostree.tar.bz2 ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2 | ||
147 | |||
148 | if [ ! -d ${OSTREE_REPO} ]; then | ||
149 | ostree --repo=${OSTREE_REPO} init --mode=archive-z2 | ||
150 | fi | ||
151 | |||
152 | # Commit the result | ||
153 | ostree --repo=${OSTREE_REPO} commit \ | ||
154 | --tree=dir=${OSTREE_ROOTFS} \ | ||
155 | --skip-if-unchanged \ | ||
156 | --branch=${OSTREE_BRANCHNAME} \ | ||
157 | --subject="Commit-id: ${IMAGE_NAME}" | ||
158 | |||
159 | rm -rf ${OSTREE_ROOTFS} | ||
160 | } | ||
161 | |||
162 | IMAGE_TYPEDEP_ostreepush = "ostree" | ||
163 | do_image_ostreepush[depends] += "aktualizr-native:do_populate_sysroot ca-certificates-native:do_populate_sysroot" | ||
164 | IMAGE_CMD_ostreepush () { | ||
165 | # Print warnings if credetials are not set or if the file has not been found. | ||
166 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
167 | if [ -e ${SOTA_PACKED_CREDENTIALS} ]; then | ||
168 | garage-push --repo=${OSTREE_REPO} \ | ||
169 | --ref=${OSTREE_BRANCHNAME} \ | ||
170 | --credentials=${SOTA_PACKED_CREDENTIALS} \ | ||
171 | --cacert=${STAGING_ETCDIR_NATIVE}/ssl/certs/ca-certificates.crt | ||
172 | else | ||
173 | bbwarn "SOTA_PACKED_CREDENTIALS file does not exist." | ||
174 | fi | ||
175 | else | ||
176 | bbwarn "SOTA_PACKED_CREDENTIALS not set. Please add SOTA_PACKED_CREDENTIALS." | ||
177 | fi | ||
178 | } | ||
179 | |||
180 | IMAGE_TYPEDEP_garagesign = "ostreepush" | ||
181 | do_image_garage_sign[depends] += "aktualizr-native:do_populate_sysroot" | ||
182 | IMAGE_CMD_garagesign () { | ||
183 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
184 | # if credentials are issued by a server that doesn't support offline signing, exit silently | ||
185 | unzip -p ${SOTA_PACKED_CREDENTIALS} root.json targets.pub targets.sec tufrepo.url 2>&1 >/dev/null || exit 0 | ||
186 | |||
187 | java_version=$( java -version 2>&1 | awk -F '"' '/version/ {print $2}' ) | ||
188 | if [ "${java_version}" = "" ]; then | ||
189 | bberror "Java is required for synchronization with update backend, but is not installed on the host machine" | ||
190 | exit 1 | ||
191 | elif [ "${java_version}" \< "1.8" ]; then | ||
192 | bberror "Java version >= 8 is required for synchronization with update backend" | ||
193 | exit 1 | ||
194 | fi | ||
195 | |||
196 | rm -rf ${GARAGE_SIGN_REPO} | ||
197 | garage-sign init --repo tufrepo \ | ||
198 | --home-dir ${GARAGE_SIGN_REPO} \ | ||
199 | --credentials ${SOTA_PACKED_CREDENTIALS} | ||
200 | |||
201 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) | ||
202 | |||
203 | # Use OSTree target hash as version if none was provided by the user | ||
204 | target_version=${ostree_target_hash} | ||
205 | if [ -n "${GARAGE_TARGET_VERSION}" ]; then | ||
206 | target_version=${GARAGE_TARGET_VERSION} | ||
207 | fi | ||
208 | |||
209 | # Push may fail due to race condition when multiple build machines try to push simultaneously | ||
210 | # in which case targets.json should be pulled again and the whole procedure repeated | ||
211 | push_success=0 | ||
212 | for push_retries in $( seq 3 ); do | ||
213 | garage-sign targets pull --repo tufrepo \ | ||
214 | --home-dir ${GARAGE_SIGN_REPO} | ||
215 | garage-sign targets add --repo tufrepo \ | ||
216 | --home-dir ${GARAGE_SIGN_REPO} \ | ||
217 | --name ${GARAGE_TARGET_NAME} \ | ||
218 | --format OSTREE \ | ||
219 | --version ${target_version} \ | ||
220 | --length 0 \ | ||
221 | --url "${GARAGE_TARGET_URL}" \ | ||
222 | --sha256 ${ostree_target_hash} \ | ||
223 | --hardwareids ${MACHINE} | ||
224 | garage-sign targets sign --repo tufrepo \ | ||
225 | --home-dir ${GARAGE_SIGN_REPO} \ | ||
226 | --key-name=targets | ||
227 | errcode=0 | ||
228 | garage-sign targets push --repo tufrepo \ | ||
229 | --home-dir ${GARAGE_SIGN_REPO} || errcode=$? | ||
230 | if [ "$errcode" -eq "0" ]; then | ||
231 | push_success=1 | ||
232 | break | ||
233 | else | ||
234 | bbwarn "Push to garage repository has failed, retrying" | ||
235 | fi | ||
236 | done | ||
237 | rm -rf ${GARAGE_SIGN_REPO} | ||
238 | |||
239 | if [ "$push_success" -ne "1" ]; then | ||
240 | bberror "Couldn't push to garage repository" | ||
241 | exit 1 | ||
242 | fi | ||
243 | fi | ||
244 | } | ||
245 | |||
246 | IMAGE_TYPEDEP_garagecheck = "ostreepush garagesign" | ||
247 | do_image_garagecheck[depends] += "aktualizr-native:do_populate_sysroot" | ||
248 | IMAGE_CMD_garagecheck () { | ||
249 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
250 | # if credentials are issued by a server that doesn't support offline signing, exit silently | ||
251 | unzip -p ${SOTA_PACKED_CREDENTIALS} root.json targets.pub targets.sec tufrepo.url 2>&1 >/dev/null || exit 0 | ||
252 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) | ||
253 | |||
254 | garage-check --ref=${ostree_target_hash} \ | ||
255 | --credentials=${SOTA_PACKED_CREDENTIALS} \ | ||
256 | --cacert=${STAGING_ETCDIR_NATIVE}/ssl/certs/ca-certificates.crt | ||
257 | fi | ||
258 | } | ||
259 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/classes/image_types_ota.bbclass b/meta-sota/classes/image_types_ota.bbclass new file mode 100644 index 0000000..9581971 --- /dev/null +++ b/meta-sota/classes/image_types_ota.bbclass | |||
@@ -0,0 +1,142 @@ | |||
1 | # Image to use with u-boot as BIOS and OSTree deployment system | ||
2 | |||
3 | #inherit image_types | ||
4 | |||
5 | # Boot filesystem size in MiB | ||
6 | # OSTree updates may require some space on boot file system for | ||
7 | # boot scripts, kernel and initramfs images | ||
8 | # | ||
9 | |||
10 | do_image_otaimg[depends] += "e2fsprogs-native:do_populate_sysroot \ | ||
11 | ${@'grub:do_populate_sysroot' if d.getVar('OSTREE_BOOTLOADER', True) == 'grub' else ''} \ | ||
12 | ${@'virtual/bootloader:do_deploy' if d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot' else ''}" | ||
13 | |||
14 | calculate_size () { | ||
15 | BASE=$1 | ||
16 | SCALE=$2 | ||
17 | MIN=$3 | ||
18 | MAX=$4 | ||
19 | EXTRA=$5 | ||
20 | ALIGN=$6 | ||
21 | |||
22 | SIZE=`echo "$BASE * $SCALE" | bc -l` | ||
23 | REM=`echo $SIZE | cut -d "." -f 2` | ||
24 | SIZE=`echo $SIZE | cut -d "." -f 1` | ||
25 | |||
26 | if [ -n "$REM" -o ! "$REM" -eq 0 ]; then | ||
27 | SIZE=`expr $SIZE \+ 1` | ||
28 | fi | ||
29 | |||
30 | if [ "$SIZE" -lt "$MIN" ]; then | ||
31 | SIZE=$MIN | ||
32 | fi | ||
33 | |||
34 | SIZE=`expr $SIZE \+ $EXTRA` | ||
35 | SIZE=`expr $SIZE \+ $ALIGN \- 1` | ||
36 | SIZE=`expr $SIZE \- $SIZE \% $ALIGN` | ||
37 | |||
38 | if [ -n "$MAX" ]; then | ||
39 | if [ "$SIZE" -gt "$MAX" ]; then | ||
40 | return -1 | ||
41 | fi | ||
42 | fi | ||
43 | |||
44 | echo "${SIZE}" | ||
45 | } | ||
46 | |||
47 | export OSTREE_OSNAME | ||
48 | export OSTREE_BRANCHNAME | ||
49 | export OSTREE_REPO | ||
50 | export OSTREE_BOOTLOADER | ||
51 | |||
52 | export GARAGE_TARGET_NAME | ||
53 | |||
54 | IMAGE_CMD_otaimg () { | ||
55 | if ${@bb.utils.contains('IMAGE_FSTYPES', 'otaimg', 'true', 'false', d)}; then | ||
56 | if [ -z "$OSTREE_REPO" ]; then | ||
57 | bbfatal "OSTREE_REPO should be set in your local.conf" | ||
58 | fi | ||
59 | |||
60 | if [ -z "$OSTREE_OSNAME" ]; then | ||
61 | bbfatal "OSTREE_OSNAME should be set in your local.conf" | ||
62 | fi | ||
63 | |||
64 | if [ -z "$OSTREE_BRANCHNAME" ]; then | ||
65 | bbfatal "OSTREE_BRANCHNAME should be set in your local.conf" | ||
66 | fi | ||
67 | |||
68 | |||
69 | PHYS_SYSROOT=`mktemp -d ${WORKDIR}/ota-sysroot-XXXXX` | ||
70 | |||
71 | ostree admin --sysroot=${PHYS_SYSROOT} init-fs ${PHYS_SYSROOT} | ||
72 | ostree admin --sysroot=${PHYS_SYSROOT} os-init ${OSTREE_OSNAME} | ||
73 | |||
74 | mkdir -p ${PHYS_SYSROOT}/boot/loader.0 | ||
75 | ln -s loader.0 ${PHYS_SYSROOT}/boot/loader | ||
76 | |||
77 | if [ "${OSTREE_BOOTLOADER}" = "grub" ]; then | ||
78 | mkdir -p ${PHYS_SYSROOT}/boot/grub2 | ||
79 | ln -s ../loader/grub.cfg ${PHYS_SYSROOT}/boot/grub2/grub.cfg | ||
80 | elif [ "${OSTREE_BOOTLOADER}" = "u-boot" ]; then | ||
81 | touch ${PHYS_SYSROOT}/boot/loader/uEnv.txt | ||
82 | else | ||
83 | bberror "Invalid bootloader: ${OSTREE_BOOTLOADER}" | ||
84 | fi; | ||
85 | |||
86 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) | ||
87 | |||
88 | ostree --repo=${PHYS_SYSROOT}/ostree/repo pull-local --remote=${OSTREE_OSNAME} ${OSTREE_REPO} ${ostree_target_hash} | ||
89 | export OSTREE_BOOT_PARTITION="/boot" | ||
90 | kargs_list="" | ||
91 | for arg in ${OSTREE_KERNEL_ARGS}; do | ||
92 | kargs_list="${kargs_list} --karg-append=$arg" | ||
93 | done | ||
94 | |||
95 | ostree admin --sysroot=${PHYS_SYSROOT} deploy ${kargs_list} --os=${OSTREE_OSNAME} ${ostree_target_hash} | ||
96 | |||
97 | # Copy deployment /home and /var/sota to sysroot | ||
98 | HOME_TMP=`mktemp -d ${WORKDIR}/home-tmp-XXXXX` | ||
99 | tar --xattrs --xattrs-include='*' -C ${HOME_TMP} -xf ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2 ./usr/homedirs ./var/sota ./var/local || true | ||
100 | mv ${HOME_TMP}/var/sota ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true | ||
101 | mv ${HOME_TMP}/var/local ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true | ||
102 | # Create /var/sota if it doesn't exist yet | ||
103 | mkdir -p ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota || true | ||
104 | # Ensure the permissions are correctly set | ||
105 | chmod 700 ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota | ||
106 | mv ${HOME_TMP}/usr/homedirs/home ${PHYS_SYSROOT}/ || true | ||
107 | # Ensure that /var/local exists (AGL symlinks /usr/local to /var/local) | ||
108 | install -d ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/local | ||
109 | # Set package version for the first deployment | ||
110 | target_version=${ostree_target_hash} | ||
111 | if [ -n "${GARAGE_TARGET_VERSION}" ]; then | ||
112 | target_version=${GARAGE_TARGET_VERSION} | ||
113 | fi | ||
114 | echo "{\"${ostree_target_hash}\":\"${GARAGE_TARGET_NAME}-${target_version}\"}" > ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/installed_versions | ||
115 | |||
116 | rm -rf ${HOME_TMP} | ||
117 | |||
118 | # Calculate image type | ||
119 | OTA_ROOTFS_SIZE=$(calculate_size `du -ks $PHYS_SYSROOT | cut -f 1` "${IMAGE_OVERHEAD_FACTOR}" "${IMAGE_ROOTFS_SIZE}" "${IMAGE_ROOTFS_MAXSIZE}" `expr ${IMAGE_ROOTFS_EXTRA_SPACE}` "${IMAGE_ROOTFS_ALIGNMENT}") | ||
120 | |||
121 | if [ $OTA_ROOTFS_SIZE -lt 0 ]; then | ||
122 | exit -1 | ||
123 | fi | ||
124 | eval local COUNT=\"0\" | ||
125 | eval local MIN_COUNT=\"60\" | ||
126 | if [ $OTA_ROOTFS_SIZE -lt $MIN_COUNT ]; then | ||
127 | eval COUNT=\"$MIN_COUNT\" | ||
128 | fi | ||
129 | |||
130 | # create image | ||
131 | rm -rf ${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.otaimg | ||
132 | sync | ||
133 | dd if=/dev/zero of=${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.otaimg seek=$OTA_ROOTFS_SIZE count=$COUNT bs=1024 | ||
134 | mkfs.ext4 -O ^64bit ${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.otaimg -L otaroot -d ${PHYS_SYSROOT} | ||
135 | rm -rf ${PHYS_SYSROOT} | ||
136 | |||
137 | rm -f ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.otaimg | ||
138 | ln -s ${IMAGE_NAME}.otaimg ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.otaimg | ||
139 | fi | ||
140 | } | ||
141 | |||
142 | IMAGE_TYPEDEP_otaimg = "ostree" | ||
diff --git a/meta-sota/classes/sota.bbclass b/meta-sota/classes/sota.bbclass new file mode 100644 index 0000000..38d4ce5 --- /dev/null +++ b/meta-sota/classes/sota.bbclass | |||
@@ -0,0 +1,49 @@ | |||
1 | python __anonymous() { | ||
2 | if bb.utils.contains('DISTRO_FEATURES', 'sota', True, False, d): | ||
3 | d.appendVarFlag("do_image_wic", "depends", " %s:do_image_otaimg" % d.getVar("IMAGE_BASENAME", True)) | ||
4 | } | ||
5 | |||
6 | OVERRIDES .= "${@bb.utils.contains('DISTRO_FEATURES', 'sota', ':sota', '', d)}" | ||
7 | |||
8 | HOSTTOOLS_NONFATAL += "java" | ||
9 | |||
10 | SOTA_CLIENT ??= "aktualizr" | ||
11 | SOTA_CLIENT_PROV ??= "aktualizr-auto-prov" | ||
12 | IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PROV}" | ||
13 | IMAGE_CLASSES += " image_types_ostree image_types_ota" | ||
14 | IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck otaimg wic', ' ', d)}" | ||
15 | |||
16 | PACKAGECONFIG_append_pn-curl = " ssl" | ||
17 | PACKAGECONFIG_remove_pn-curl = "gnutls" | ||
18 | |||
19 | WKS_FILE_sota ?= "sdimage-sota.wks" | ||
20 | |||
21 | EXTRA_IMAGEDEPENDS_append_sota = " parted-native mtools-native dosfstools-native" | ||
22 | |||
23 | OSTREE_INITRAMFS_FSTYPES ??= "${@oe.utils.ifelse(d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot', 'ext4.gz.u-boot', 'ext4.gz')}" | ||
24 | |||
25 | # Please redefine OSTREE_REPO in order to have a persistent OSTree repo | ||
26 | OSTREE_REPO ?= "${DEPLOY_DIR_IMAGE}/ostree_repo" | ||
27 | # For UPTANE operation, OSTREE_BRANCHNAME must start with "${MACHINE}-" | ||
28 | OSTREE_BRANCHNAME ?= "${MACHINE}" | ||
29 | OSTREE_OSNAME ?= "poky" | ||
30 | OSTREE_INITRAMFS_IMAGE ?= "initramfs-ostree-image" | ||
31 | OSTREE_BOOTLOADER ??= 'u-boot' | ||
32 | |||
33 | GARAGE_SIGN_REPO ?= "${DEPLOY_DIR_IMAGE}/garage_sign_repo" | ||
34 | GARAGE_SIGN_KEYNAME ?= "garage-key" | ||
35 | GARAGE_TARGET_NAME ?= "${OSTREE_BRANCHNAME}" | ||
36 | GARAGE_TARGET_VERSION ?= "" | ||
37 | GARAGE_TARGET_URL ?= "https://example.com/" | ||
38 | |||
39 | SOTA_MACHINE ??="none" | ||
40 | SOTA_MACHINE_rpi ?= "raspberrypi" | ||
41 | SOTA_MACHINE_porter ?= "porter" | ||
42 | SOTA_MACHINE_m3ulcb = "m3ulcb" | ||
43 | SOTA_MACHINE_intel-corei7-64 ?= "minnowboard" | ||
44 | SOTA_MACHINE_qemux86-64 ?= "qemux86-64" | ||
45 | SOTA_MACHINE_am335x-evm ?= "am335x-evm-wifi" | ||
46 | |||
47 | inherit sota_${SOTA_MACHINE} | ||
48 | |||
49 | inherit image_repo_manifest | ||
diff --git a/meta-sota/classes/sota_am335x-evm-wifi.bbclass b/meta-sota/classes/sota_am335x-evm-wifi.bbclass new file mode 100644 index 0000000..adefb47 --- /dev/null +++ b/meta-sota/classes/sota_am335x-evm-wifi.bbclass | |||
@@ -0,0 +1,16 @@ | |||
1 | KERNEL_IMAGETYPE_sota = "uImage" | ||
2 | |||
3 | OSTREE_BOOTLOADER ?= "u-boot" | ||
4 | |||
5 | EXTRA_IMAGEDEPENDS_append_sota = " acer-bootfiles" | ||
6 | IMAGE_BOOT_FILES_sota = "bootfiles/*" | ||
7 | OSTREE_KERNEL_ARGS ?= "ramdisk_size=16384 root=/dev/ram0 rw rootfstype=ext4 rootwait rootdelay=2 ostree_root=/dev/mmcblk0p2 console=ttyO0,115200n8l" | ||
8 | |||
9 | IMAGE_INSTALL_append_sota = " uim iw wl18xx-calibrator wlconf wl18xx-fw hostapd wpa-supplicant" | ||
10 | IMAGE_INSTALL_remove_sota = " connman connman-client" | ||
11 | |||
12 | PREFERRED_VERSION_linux-ti-staging_sota = "4.4.54+gitAUTOINC+ecd4eada6f" | ||
13 | |||
14 | KERNEL_EXTRA_ARGS_append_sota = " LOADADDR=${UBOOT_ENTRYPOINT}" | ||
15 | |||
16 | VIRTUAL-RUNTIME_net_manager_sota = "systemd" | ||
diff --git a/meta-sota/classes/sota_bleeding.inc b/meta-sota/classes/sota_bleeding.inc new file mode 100644 index 0000000..fc5947d --- /dev/null +++ b/meta-sota/classes/sota_bleeding.inc | |||
@@ -0,0 +1 @@ | |||
SRCREV_pn-aktualizr ?= "${AUTOREV}" | |||
diff --git a/meta-sota/classes/sota_m3ulcb.bbclass b/meta-sota/classes/sota_m3ulcb.bbclass new file mode 100644 index 0000000..6b63af4 --- /dev/null +++ b/meta-sota/classes/sota_m3ulcb.bbclass | |||
@@ -0,0 +1,8 @@ | |||
1 | # Commit united image to OSTree, not just uImage | ||
2 | OSTREE_KERNEL = "Image" | ||
3 | |||
4 | EXTRA_IMAGEDEPENDS_append_sota = " m3ulcb-ota-bootfiles" | ||
5 | IMAGE_BOOT_FILES_sota += "m3ulcb-ota-bootfiles/*" | ||
6 | |||
7 | OSTREE_BOOTLOADER ?= "u-boot" | ||
8 | UBOOT_MACHINE_sota = "m3ulcb_defconfig" | ||
diff --git a/meta-sota/classes/sota_minnowboard.bbclass b/meta-sota/classes/sota_minnowboard.bbclass new file mode 100644 index 0000000..63510e3 --- /dev/null +++ b/meta-sota/classes/sota_minnowboard.bbclass | |||
@@ -0,0 +1,10 @@ | |||
1 | OSTREE_BOOTLOADER ?= "grub" | ||
2 | EFI_PROVIDER_sota = "grub-efi" | ||
3 | |||
4 | WKS_FILE_sota = "efiimage-sota.wks" | ||
5 | IMAGE_BOOT_FILES_sota = "" | ||
6 | |||
7 | IMAGE_FSTYPES_remove_sota = "live hddimg" | ||
8 | OSTREE_KERNEL_ARGS ?= "ramdisk_size=16384 rw rootfstype=ext4 rootwait rootdelay=2 console=ttyS0,115200 console=tty0" | ||
9 | |||
10 | IMAGE_INSTALL_append = " minnowboard-efi-startup" | ||
diff --git a/meta-sota/classes/sota_none.bbclass b/meta-sota/classes/sota_none.bbclass new file mode 100644 index 0000000..c11b070 --- /dev/null +++ b/meta-sota/classes/sota_none.bbclass | |||
@@ -0,0 +1,4 @@ | |||
1 | # null machine it's here to make bitbake happy when SOTA_MACHINE is undefined | ||
2 | #python __anonymous() { | ||
3 | # bb.warn("SOTA functionality is not yet supported for your machine") | ||
4 | #} | ||
diff --git a/meta-sota/classes/sota_porter.bbclass b/meta-sota/classes/sota_porter.bbclass new file mode 100644 index 0000000..75ae579 --- /dev/null +++ b/meta-sota/classes/sota_porter.bbclass | |||
@@ -0,0 +1,9 @@ | |||
1 | # Commit united image to OSTree, not just uImage | ||
2 | OSTREE_KERNEL = "uImage+dtb" | ||
3 | |||
4 | EXTRA_IMAGEDEPENDS_append_sota = " porter-bootfiles" | ||
5 | IMAGE_BOOT_FILES_sota += "porter-bootfiles/*" | ||
6 | |||
7 | OSTREE_BOOTLOADER ?= "u-boot" | ||
8 | UBOOT_MACHINE_sota = "porter_config" | ||
9 | |||
diff --git a/meta-sota/classes/sota_qemux86-64.bbclass b/meta-sota/classes/sota_qemux86-64.bbclass new file mode 100644 index 0000000..15b2043 --- /dev/null +++ b/meta-sota/classes/sota_qemux86-64.bbclass | |||
@@ -0,0 +1,11 @@ | |||
1 | IMAGE_FSTYPES_remove = "wic" | ||
2 | |||
3 | # U-Boot support for SOTA | ||
4 | PREFERRED_PROVIDER_virtual/bootloader_sota = "u-boot" | ||
5 | UBOOT_MACHINE_sota = "qemu-x86_defconfig" | ||
6 | OSTREE_BOOTLOADER ?= "u-boot" | ||
7 | OSTREE_INITRAMFS_FSTYPES ?= "ext4.gz" | ||
8 | |||
9 | OSTREE_KERNEL_ARGS ?= "ramdisk_size=16384 rw rootfstype=ext4 rootwait rootdelay=2 ostree_root=/dev/hda" | ||
10 | |||
11 | IMAGE_ROOTFS_EXTRA_SPACE = "${@bb.utils.contains('DISTRO_FEATURES', 'sota', '65536', '', d)}" | ||
diff --git a/meta-sota/classes/sota_raspberrypi.bbclass b/meta-sota/classes/sota_raspberrypi.bbclass new file mode 100644 index 0000000..a5558b4 --- /dev/null +++ b/meta-sota/classes/sota_raspberrypi.bbclass | |||
@@ -0,0 +1,20 @@ | |||
1 | RPI_USE_U_BOOT_sota = "1" | ||
2 | |||
3 | KERNEL_CLASSES_append_sota = " kernel-fitimage" | ||
4 | KERNEL_IMAGETYPE_sota = "fitImage" | ||
5 | |||
6 | PREFERRED_PROVIDER_virtual/bootloader_sota ?= "u-boot" | ||
7 | UBOOT_ENTRYPOINT_sota ?= "0x00008000" | ||
8 | |||
9 | IMAGE_FSTYPES_remove_sota = "rpi-sdimg" | ||
10 | OSTREE_BOOTLOADER ?= "u-boot" | ||
11 | |||
12 | # OSTree puts its own boot.scr to bcm2835-bootfiles | ||
13 | IMAGE_BOOT_FILES_sota = "bcm2835-bootfiles/* u-boot.bin;${SDIMG_KERNELIMAGE}" | ||
14 | |||
15 | # Just the overlays that will be used should be listed | ||
16 | KERNEL_DEVICETREE_raspberrypi2_sota ?= " bcm2709-rpi-2-b.dtb " | ||
17 | KERNEL_DEVICETREE_raspberrypi3_sota ?= " bcm2710-rpi-3-b.dtb overlays/vc4-kms-v3d.dtbo overlays/rpi-ft5406.dtbo" | ||
18 | |||
19 | # Kernel args normally provided by RPi's internal bootloader. Non-updateable | ||
20 | OSTREE_KERNEL_ARGS_sota ?= " 8250.nr_uarts=1 bcm2708_fb.fbwidth=720 bcm2708_fb.fbheight=480 bcm2708_fb.fbswap=1 vc_mem.mem_base=0x3ec00000 vc_mem.mem_size=0x40000000 dwc_otg.lpm_enable=0 console=ttyS0,115200 usbhid.mousepoll=0 " | ||
diff --git a/meta-sota/conf/distro/poky-sota-systemd.conf b/meta-sota/conf/distro/poky-sota-systemd.conf new file mode 100644 index 0000000..7d008a9 --- /dev/null +++ b/meta-sota/conf/distro/poky-sota-systemd.conf | |||
@@ -0,0 +1,13 @@ | |||
1 | require conf/distro/poky.conf | ||
2 | |||
3 | require conf/distro/sota.conf.inc | ||
4 | |||
5 | DISTRO = "poky-sota" | ||
6 | DISTRO_NAME = "OTA-enabled Linux" | ||
7 | DISTRO_VERSION = "1.0" | ||
8 | DISTRO_CODENAME = "sota" | ||
9 | |||
10 | DISTRO_FEATURES_append = " systemd" | ||
11 | VIRTUAL-RUNTIME_init_manager = "systemd" | ||
12 | |||
13 | IMAGE_INSTALL_append = " connman connman-client" | ||
diff --git a/meta-sota/conf/distro/poky-sota.conf b/meta-sota/conf/distro/poky-sota.conf new file mode 100644 index 0000000..2bbc62b --- /dev/null +++ b/meta-sota/conf/distro/poky-sota.conf | |||
@@ -0,0 +1,9 @@ | |||
1 | require conf/distro/poky.conf | ||
2 | require conf/distro/sota.conf.inc | ||
3 | |||
4 | DISTRO = "poky-sota" | ||
5 | DISTRO_NAME = "OTA-enabled Linux" | ||
6 | DISTRO_VERSION = "1.0" | ||
7 | DISTRO_CODENAME = "sota" | ||
8 | |||
9 | IMAGE_INSTALL_append = " connman connman-client" | ||
diff --git a/meta-sota/conf/distro/sota.conf.inc b/meta-sota/conf/distro/sota.conf.inc new file mode 100644 index 0000000..ea1ca95 --- /dev/null +++ b/meta-sota/conf/distro/sota.conf.inc | |||
@@ -0,0 +1,13 @@ | |||
1 | # Common settings to enable SOTA | ||
2 | # This can be pulled into a custom distribution, or included in | ||
3 | # local.conf directly with: | ||
4 | # | ||
5 | # require conf/distro/sota.conf.inc | ||
6 | |||
7 | DISTRO_FEATURES_append = " sota" | ||
8 | DISTRO_FEATURES_NATIVE_append = " sota" | ||
9 | INHERIT += " sota" | ||
10 | # Prelinking increases the size of downloads and causes build errors | ||
11 | USER_CLASSES_remove = "image-prelink" | ||
12 | |||
13 | HOSTTOOLS_append = " sync sha256sum" | ||
diff --git a/meta-sota/conf/include/bblayers/sota.inc b/meta-sota/conf/include/bblayers/sota.inc new file mode 100644 index 0000000..0e5842a --- /dev/null +++ b/meta-sota/conf/include/bblayers/sota.inc | |||
@@ -0,0 +1,3 @@ | |||
1 | BBLAYERS += "${METADIR}/meta-updater/meta-sota" | ||
2 | BBLAYERS += "${METADIR}/meta-openembedded/meta-filesystems" | ||
3 | BBLAYERS += "${METADIR}/meta-openembedded/meta-oe" | ||
diff --git a/meta-sota/conf/include/bblayers/sota_am335x-evm.inc b/meta-sota/conf/include/bblayers/sota_am335x-evm.inc new file mode 100644 index 0000000..f2d485d --- /dev/null +++ b/meta-sota/conf/include/bblayers/sota_am335x-evm.inc | |||
@@ -0,0 +1,2 @@ | |||
1 | |||
2 | BBLAYERS += " ${METADIR}/meta-ti " | ||
diff --git a/meta-sota/conf/include/bblayers/sota_intel-corei7-64.inc b/meta-sota/conf/include/bblayers/sota_intel-corei7-64.inc new file mode 100644 index 0000000..32bd644 --- /dev/null +++ b/meta-sota/conf/include/bblayers/sota_intel-corei7-64.inc | |||
@@ -0,0 +1,2 @@ | |||
1 | |||
2 | BBLAYERS += " ${METADIR}/meta-updater/meta-sota-minnowboard ${METADIR}/meta-intel " | ||
diff --git a/meta-sota/conf/include/bblayers/sota_m3ulcb.inc b/meta-sota/conf/include/bblayers/sota_m3ulcb.inc new file mode 100644 index 0000000..04f78e4 --- /dev/null +++ b/meta-sota/conf/include/bblayers/sota_m3ulcb.inc | |||
@@ -0,0 +1,2 @@ | |||
1 | |||
2 | BBLAYERS += " ${METADIR}/meta-renesas ${METADIR}/meta-renesas-rcar-gen3 ${METADIR}/meta-openembedded/meta-multimedia" | ||
diff --git a/meta-sota/conf/include/bblayers/sota_porter.inc b/meta-sota/conf/include/bblayers/sota_porter.inc new file mode 100644 index 0000000..8fcb12e --- /dev/null +++ b/meta-sota/conf/include/bblayers/sota_porter.inc | |||
@@ -0,0 +1,2 @@ | |||
1 | |||
2 | BBLAYERS += " ${METADIR}/meta-renesas ${METADIR}/meta-renesas/meta-rcar-gen2 ${METADIR}/meta-openembedded/meta-multimedia ${METADIR}/meta-sota-porter" | ||
diff --git a/meta-sota/conf/include/bblayers/sota_qemux86-64.inc b/meta-sota/conf/include/bblayers/sota_qemux86-64.inc new file mode 100644 index 0000000..2b79257 --- /dev/null +++ b/meta-sota/conf/include/bblayers/sota_qemux86-64.inc | |||
@@ -0,0 +1 @@ | |||
BBLAYERS += " ${METADIR}/meta-updater/meta-sota-qemux86-64 " | |||
diff --git a/meta-sota/conf/include/bblayers/sota_raspberrypi2.inc b/meta-sota/conf/include/bblayers/sota_raspberrypi2.inc new file mode 100644 index 0000000..726c862 --- /dev/null +++ b/meta-sota/conf/include/bblayers/sota_raspberrypi2.inc | |||
@@ -0,0 +1,3 @@ | |||
1 | BBLAYERS += " ${METADIR}/meta-openembedded/meta-python " | ||
2 | |||
3 | BBLAYERS += " ${METADIR}/meta-updater/meta-sota-raspberrypi ${METADIR}/meta-raspberrypi " | ||
diff --git a/meta-sota/conf/include/bblayers/sota_raspberrypi3.inc b/meta-sota/conf/include/bblayers/sota_raspberrypi3.inc new file mode 100644 index 0000000..726c862 --- /dev/null +++ b/meta-sota/conf/include/bblayers/sota_raspberrypi3.inc | |||
@@ -0,0 +1,3 @@ | |||
1 | BBLAYERS += " ${METADIR}/meta-openembedded/meta-python " | ||
2 | |||
3 | BBLAYERS += " ${METADIR}/meta-updater/meta-sota-raspberrypi ${METADIR}/meta-raspberrypi " | ||
diff --git a/meta-sota/conf/layer.conf b/meta-sota/conf/layer.conf new file mode 100644 index 0000000..798ceba --- /dev/null +++ b/meta-sota/conf/layer.conf | |||
@@ -0,0 +1,13 @@ | |||
1 | # We have a conf and classes directory, add to BBPATH | ||
2 | BBPATH .= ":${LAYERDIR}" | ||
3 | |||
4 | # We have recipes-* directories, add to BBFILES | ||
5 | BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \ | ||
6 | ${LAYERDIR}/recipes-*/*/*.bbappend" | ||
7 | |||
8 | BBFILE_COLLECTIONS += "sota" | ||
9 | BBFILE_PATTERN_sota = "^${LAYERDIR}/" | ||
10 | BBFILE_PRIORITY_sota = "7" | ||
11 | |||
12 | LAYERDEPENDS_sota = "filesystems-layer" | ||
13 | LAYERSERIES_COMPAT_sota = "sumo" | ||
diff --git a/meta-sota/lib/oeqa/selftest/cases/qemucommand.py b/meta-sota/lib/oeqa/selftest/cases/qemucommand.py new file mode 120000 index 0000000..075cdb8 --- /dev/null +++ b/meta-sota/lib/oeqa/selftest/cases/qemucommand.py | |||
@@ -0,0 +1 @@ | |||
../../../../scripts/qemucommand.py \ No newline at end of file | |||
diff --git a/meta-sota/lib/oeqa/selftest/cases/updater.py b/meta-sota/lib/oeqa/selftest/cases/updater.py new file mode 100644 index 0000000..2efef15 --- /dev/null +++ b/meta-sota/lib/oeqa/selftest/cases/updater.py | |||
@@ -0,0 +1,692 @@ | |||
1 | # pylint: disable=C0111,C0325 | ||
2 | import os | ||
3 | import logging | ||
4 | import re | ||
5 | import subprocess | ||
6 | import unittest | ||
7 | from time import sleep | ||
8 | |||
9 | from oeqa.selftest.case import OESelftestTestCase | ||
10 | from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars | ||
11 | from qemucommand import QemuCommand | ||
12 | |||
13 | |||
14 | class SotaToolsTests(OESelftestTestCase): | ||
15 | |||
16 | @classmethod | ||
17 | def setUpClass(cls): | ||
18 | super(SotaToolsTests, cls).setUpClass() | ||
19 | logger = logging.getLogger("selftest") | ||
20 | logger.info('Running bitbake to build aktualizr-native tools') | ||
21 | bitbake('aktualizr-native') | ||
22 | |||
23 | def test_push_help(self): | ||
24 | akt_native_run(self, 'garage-push --help') | ||
25 | |||
26 | def test_deploy_help(self): | ||
27 | akt_native_run(self, 'garage-deploy --help') | ||
28 | |||
29 | def test_garagesign_help(self): | ||
30 | akt_native_run(self, 'garage-sign --help') | ||
31 | |||
32 | |||
33 | class GeneralTests(OESelftestTestCase): | ||
34 | |||
35 | def test_feature_sota(self): | ||
36 | result = get_bb_var('DISTRO_FEATURES').find('sota') | ||
37 | self.assertNotEqual(result, -1, 'Feature "sota" not set at DISTRO_FEATURES') | ||
38 | |||
39 | def test_feature_systemd(self): | ||
40 | result = get_bb_var('DISTRO_FEATURES').find('systemd') | ||
41 | self.assertNotEqual(result, -1, 'Feature "systemd" not set at DISTRO_FEATURES') | ||
42 | |||
43 | def test_credentials(self): | ||
44 | logger = logging.getLogger("selftest") | ||
45 | logger.info('Running bitbake to build core-image-minimal') | ||
46 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-auto-prov"') | ||
47 | bitbake('core-image-minimal') | ||
48 | credentials = get_bb_var('SOTA_PACKED_CREDENTIALS') | ||
49 | # skip the test if the variable SOTA_PACKED_CREDENTIALS is not set | ||
50 | if credentials is None: | ||
51 | raise unittest.SkipTest("Variable 'SOTA_PACKED_CREDENTIALS' not set.") | ||
52 | # Check if the file exists | ||
53 | self.assertTrue(os.path.isfile(credentials), "File %s does not exist" % credentials) | ||
54 | deploydir = get_bb_var('DEPLOY_DIR_IMAGE') | ||
55 | imagename = get_bb_var('IMAGE_LINK_NAME', 'core-image-minimal') | ||
56 | # Check if the credentials are included in the output image | ||
57 | result = runCmd('tar -jtvf %s/%s.tar.bz2 | grep sota_provisioning_credentials.zip' % | ||
58 | (deploydir, imagename), ignore_status=True) | ||
59 | self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) | ||
60 | |||
61 | def test_java(self): | ||
62 | result = runCmd('which java', ignore_status=True) | ||
63 | self.assertEqual(result.status, 0, | ||
64 | "Java not found. Do you have a JDK installed on your host machine?") | ||
65 | |||
66 | def test_add_package(self): | ||
67 | deploydir = get_bb_var('DEPLOY_DIR_IMAGE') | ||
68 | imagename = get_bb_var('IMAGE_LINK_NAME', 'core-image-minimal') | ||
69 | image_path = deploydir + '/' + imagename + '.otaimg' | ||
70 | logger = logging.getLogger("selftest") | ||
71 | |||
72 | logger.info('Running bitbake with man in the image package list') | ||
73 | self.append_config('IMAGE_INSTALL_append = " man "') | ||
74 | bitbake('-c cleanall man') | ||
75 | bitbake('core-image-minimal') | ||
76 | result = runCmd('oe-pkgdata-util find-path /usr/bin/man') | ||
77 | self.assertEqual(result.output, 'man: /usr/bin/man') | ||
78 | path1 = os.path.realpath(image_path) | ||
79 | size1 = os.path.getsize(path1) | ||
80 | logger.info('First image %s has size %i' % (path1, size1)) | ||
81 | |||
82 | logger.info('Running bitbake without man in the image package list') | ||
83 | self.append_config('IMAGE_INSTALL_remove = " man "') | ||
84 | bitbake('-c cleanall man') | ||
85 | bitbake('core-image-minimal') | ||
86 | result = runCmd('oe-pkgdata-util find-path /usr/bin/man', ignore_status=True) | ||
87 | self.assertEqual(result.status, 1, "Status different than 1. output: %s" % result.output) | ||
88 | self.assertEqual(result.output, 'ERROR: Unable to find any package producing path /usr/bin/man') | ||
89 | path2 = os.path.realpath(image_path) | ||
90 | size2 = os.path.getsize(path2) | ||
91 | logger.info('Second image %s has size %i', path2, size2) | ||
92 | self.assertNotEqual(path1, path2, "Image paths are identical; image was not rebuilt.") | ||
93 | self.assertNotEqual(size1, size2, "Image sizes are identical; image was not rebuilt.") | ||
94 | |||
95 | |||
96 | class AktualizrToolsTests(OESelftestTestCase): | ||
97 | |||
98 | @classmethod | ||
99 | def setUpClass(cls): | ||
100 | super(AktualizrToolsTests, cls).setUpClass() | ||
101 | logger = logging.getLogger("selftest") | ||
102 | logger.info('Running bitbake to build aktualizr-native tools') | ||
103 | bitbake('aktualizr-native') | ||
104 | |||
105 | def test_implicit_writer_help(self): | ||
106 | akt_native_run(self, 'aktualizr_implicit_writer --help') | ||
107 | |||
108 | def test_cert_provider_help(self): | ||
109 | akt_native_run(self, 'aktualizr_cert_provider --help') | ||
110 | |||
111 | def test_cert_provider_local_output(self): | ||
112 | logger = logging.getLogger("selftest") | ||
113 | logger.info('Running bitbake to build aktualizr-implicit-prov') | ||
114 | bitbake('aktualizr-implicit-prov') | ||
115 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS', 'T'], 'aktualizr-native') | ||
116 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] | ||
117 | temp_dir = bb_vars['T'] | ||
118 | bb_vars_prov = get_bb_vars(['STAGING_DIR_NATIVE', 'libdir'], 'aktualizr-implicit-prov') | ||
119 | config = bb_vars_prov['STAGING_DIR_NATIVE'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov.toml' | ||
120 | |||
121 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -r -l {temp} -g {config}' | ||
122 | .format(creds=creds, temp=temp_dir, config=config)) | ||
123 | |||
124 | # Might be nice if these names weren't hardcoded. | ||
125 | cert_path = temp_dir + '/client.pem' | ||
126 | self.assertTrue(os.path.isfile(cert_path), "Client certificate not found at %s." % cert_path) | ||
127 | self.assertTrue(os.path.getsize(cert_path) > 0, "Client certificate at %s is empty." % cert_path) | ||
128 | pkey_path = temp_dir + '/pkey.pem' | ||
129 | self.assertTrue(os.path.isfile(pkey_path), "Private key not found at %s." % pkey_path) | ||
130 | self.assertTrue(os.path.getsize(pkey_path) > 0, "Private key at %s is empty." % pkey_path) | ||
131 | ca_path = temp_dir + '/root.crt' | ||
132 | self.assertTrue(os.path.isfile(ca_path), "Client certificate not found at %s." % ca_path) | ||
133 | self.assertTrue(os.path.getsize(ca_path) > 0, "Client certificate at %s is empty." % ca_path) | ||
134 | |||
135 | |||
136 | class AutoProvTests(OESelftestTestCase): | ||
137 | |||
138 | def setUpLocal(self): | ||
139 | layer = "meta-updater-qemux86-64" | ||
140 | result = runCmd('bitbake-layers show-layers') | ||
141 | if re.search(layer, result.output) is None: | ||
142 | # Assume the directory layout for finding other layers. We could also | ||
143 | # make assumptions by using 'show-layers', but either way, if the | ||
144 | # layers we need aren't where we expect them, we are out of like. | ||
145 | path = os.path.abspath(os.path.dirname(__file__)) | ||
146 | metadir = path + "/../../../../../" | ||
147 | self.meta_qemu = metadir + layer | ||
148 | runCmd('bitbake-layers add-layer "%s"' % self.meta_qemu) | ||
149 | else: | ||
150 | self.meta_qemu = None | ||
151 | self.append_config('MACHINE = "qemux86-64"') | ||
152 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | ||
153 | # Test aktualizr-example-interface package. | ||
154 | self.append_config('IMAGE_INSTALL_append = " aktualizr-examples aktualizr-example-interface "') | ||
155 | self.qemu, self.s = qemu_launch(machine='qemux86-64') | ||
156 | |||
157 | def tearDownLocal(self): | ||
158 | qemu_terminate(self.s) | ||
159 | if self.meta_qemu: | ||
160 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_qemu, ignore_status=True) | ||
161 | |||
162 | def qemu_command(self, command): | ||
163 | return qemu_send_command(self.qemu.ssh_port, command) | ||
164 | |||
165 | def test_provisioning(self): | ||
166 | print('Checking machine name (hostname) of device:') | ||
167 | stdout, stderr, retcode = self.qemu_command('hostname') | ||
168 | self.assertEqual(retcode, 0, "Unable to check hostname. " + | ||
169 | "Is an ssh daemon (such as dropbear or openssh) installed on the device?") | ||
170 | machine = get_bb_var('MACHINE', 'core-image-minimal') | ||
171 | self.assertEqual(stderr, b'', 'Error: ' + stderr.decode()) | ||
172 | # Strip off line ending. | ||
173 | value = stdout.decode()[:-1] | ||
174 | self.assertEqual(value, machine, | ||
175 | 'MACHINE does not match hostname: ' + machine + ', ' + value) | ||
176 | print(value) | ||
177 | print('Checking output of aktualizr-info:') | ||
178 | ran_ok = False | ||
179 | for delay in [1, 2, 5, 10, 15]: | ||
180 | stdout, stderr, retcode = self.qemu_command('aktualizr-info') | ||
181 | if retcode == 0 and stderr == b'': | ||
182 | ran_ok = True | ||
183 | break | ||
184 | sleep(delay) | ||
185 | self.assertTrue(ran_ok, 'aktualizr-info failed: ' + stderr.decode() + stdout.decode()) | ||
186 | |||
187 | verifyProvisioned(self, machine) | ||
188 | # Test aktualizr-example-interface package. | ||
189 | stdout, stderr, retcode = self.qemu_command('aktualizr-info') | ||
190 | self.assertIn(b'hardware ID: example1', stdout, | ||
191 | 'Legacy secondary initialization failed: ' + stderr.decode() + stdout.decode()) | ||
192 | self.assertIn(b'hardware ID: example2', stdout, | ||
193 | 'Legacy secondary initialization failed: ' + stderr.decode() + stdout.decode()) | ||
194 | |||
195 | |||
196 | class RpiTests(OESelftestTestCase): | ||
197 | |||
198 | def setUpLocal(self): | ||
199 | # Add layers before changing the machine type, otherwise the sanity | ||
200 | # checker complains loudly. | ||
201 | layer_python = "meta-openembedded/meta-python" | ||
202 | layer_rpi = "meta-raspberrypi" | ||
203 | layer_upd_rpi = "meta-updater-raspberrypi" | ||
204 | result = runCmd('bitbake-layers show-layers') | ||
205 | # Assume the directory layout for finding other layers. We could also | ||
206 | # make assumptions by using 'show-layers', but either way, if the | ||
207 | # layers we need aren't where we expect them, we are out of like. | ||
208 | path = os.path.abspath(os.path.dirname(__file__)) | ||
209 | metadir = path + "/../../../../../" | ||
210 | if re.search(layer_python, result.output) is None: | ||
211 | self.meta_python = metadir + layer_python | ||
212 | runCmd('bitbake-layers add-layer "%s"' % self.meta_python) | ||
213 | else: | ||
214 | self.meta_python = None | ||
215 | if re.search(layer_rpi, result.output) is None: | ||
216 | self.meta_rpi = metadir + layer_rpi | ||
217 | runCmd('bitbake-layers add-layer "%s"' % self.meta_rpi) | ||
218 | else: | ||
219 | self.meta_rpi = None | ||
220 | if re.search(layer_upd_rpi, result.output) is None: | ||
221 | self.meta_upd_rpi = metadir + layer_upd_rpi | ||
222 | runCmd('bitbake-layers add-layer "%s"' % self.meta_upd_rpi) | ||
223 | else: | ||
224 | self.meta_upd_rpi = None | ||
225 | |||
226 | # This is trickier that I would've thought. The fundamental problem is | ||
227 | # that the qemu layer changes the u-boot file extension to .rom, but | ||
228 | # raspberrypi still expects .bin. To prevent this, the qemu layer must | ||
229 | # be temporarily removed if it is present. It has to be removed by name | ||
230 | # without the complete path, but to add it back when we are done, we | ||
231 | # need the full path. | ||
232 | p = re.compile(r'meta-updater-qemux86-64\s*(\S*meta-updater-qemux86-64)\s') | ||
233 | m = p.search(result.output) | ||
234 | if m and m.lastindex > 0: | ||
235 | self.meta_qemu = m.group(1) | ||
236 | runCmd('bitbake-layers remove-layer meta-updater-qemux86-64') | ||
237 | else: | ||
238 | self.meta_qemu = None | ||
239 | |||
240 | self.append_config('MACHINE = "raspberrypi3"') | ||
241 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | ||
242 | |||
243 | def tearDownLocal(self): | ||
244 | if self.meta_qemu: | ||
245 | runCmd('bitbake-layers add-layer "%s"' % self.meta_qemu, ignore_status=True) | ||
246 | if self.meta_upd_rpi: | ||
247 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_upd_rpi, ignore_status=True) | ||
248 | if self.meta_rpi: | ||
249 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_rpi, ignore_status=True) | ||
250 | if self.meta_python: | ||
251 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_python, ignore_status=True) | ||
252 | |||
253 | def test_rpi(self): | ||
254 | logger = logging.getLogger("selftest") | ||
255 | logger.info('Running bitbake to build rpi-basic-image') | ||
256 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-auto-prov"') | ||
257 | bitbake('rpi-basic-image') | ||
258 | credentials = get_bb_var('SOTA_PACKED_CREDENTIALS') | ||
259 | # Skip the test if the variable SOTA_PACKED_CREDENTIALS is not set. | ||
260 | if credentials is None: | ||
261 | raise unittest.SkipTest("Variable 'SOTA_PACKED_CREDENTIALS' not set.") | ||
262 | # Check if the file exists. | ||
263 | self.assertTrue(os.path.isfile(credentials), "File %s does not exist" % credentials) | ||
264 | deploydir = get_bb_var('DEPLOY_DIR_IMAGE') | ||
265 | imagename = get_bb_var('IMAGE_LINK_NAME', 'rpi-basic-image') | ||
266 | # Check if the credentials are included in the output image. | ||
267 | result = runCmd('tar -jtvf %s/%s.tar.bz2 | grep sota_provisioning_credentials.zip' % | ||
268 | (deploydir, imagename), ignore_status=True) | ||
269 | self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) | ||
270 | |||
271 | |||
272 | class GrubTests(OESelftestTestCase): | ||
273 | |||
274 | def setUpLocal(self): | ||
275 | layer_intel = "meta-intel" | ||
276 | layer_minnow = "meta-updater-minnowboard" | ||
277 | result = runCmd('bitbake-layers show-layers') | ||
278 | # Assume the directory layout for finding other layers. We could also | ||
279 | # make assumptions by using 'show-layers', but either way, if the | ||
280 | # layers we need aren't where we expect them, we are out of like. | ||
281 | path = os.path.abspath(os.path.dirname(__file__)) | ||
282 | metadir = path + "/../../../../../" | ||
283 | if re.search(layer_intel, result.output) is None: | ||
284 | self.meta_intel = metadir + layer_intel | ||
285 | runCmd('bitbake-layers add-layer "%s"' % self.meta_intel) | ||
286 | else: | ||
287 | self.meta_intel = None | ||
288 | if re.search(layer_minnow, result.output) is None: | ||
289 | self.meta_minnow = metadir + layer_minnow | ||
290 | runCmd('bitbake-layers add-layer "%s"' % self.meta_minnow) | ||
291 | else: | ||
292 | self.meta_minnow = None | ||
293 | self.append_config('MACHINE = "intel-corei7-64"') | ||
294 | self.append_config('OSTREE_BOOTLOADER = "grub"') | ||
295 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | ||
296 | self.qemu, self.s = qemu_launch(efi=True, machine='intel-corei7-64') | ||
297 | |||
298 | def tearDownLocal(self): | ||
299 | qemu_terminate(self.s) | ||
300 | if self.meta_intel: | ||
301 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_intel, ignore_status=True) | ||
302 | if self.meta_minnow: | ||
303 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_minnow, ignore_status=True) | ||
304 | |||
305 | def qemu_command(self, command): | ||
306 | return qemu_send_command(self.qemu.ssh_port, command) | ||
307 | |||
308 | def test_grub(self): | ||
309 | print('Checking machine name (hostname) of device:') | ||
310 | stdout, stderr, retcode = self.qemu_command('hostname') | ||
311 | self.assertEqual(retcode, 0, "Unable to check hostname. " + | ||
312 | "Is an ssh daemon (such as dropbear or openssh) installed on the device?") | ||
313 | machine = get_bb_var('MACHINE', 'core-image-minimal') | ||
314 | self.assertEqual(stderr, b'', 'Error: ' + stderr.decode()) | ||
315 | # Strip off line ending. | ||
316 | value = stdout.decode()[:-1] | ||
317 | self.assertEqual(value, machine, | ||
318 | 'MACHINE does not match hostname: ' + machine + ', ' + value + | ||
319 | '\nIs TianoCore ovmf installed on your host machine?') | ||
320 | print(value) | ||
321 | print('Checking output of aktualizr-info:') | ||
322 | ran_ok = False | ||
323 | for delay in [1, 2, 5, 10, 15]: | ||
324 | stdout, stderr, retcode = self.qemu_command('aktualizr-info') | ||
325 | if retcode == 0 and stderr == b'': | ||
326 | ran_ok = True | ||
327 | break | ||
328 | sleep(delay) | ||
329 | self.assertTrue(ran_ok, 'aktualizr-info failed: ' + stderr.decode() + stdout.decode()) | ||
330 | |||
331 | verifyProvisioned(self, machine) | ||
332 | |||
333 | |||
334 | class ImplProvTests(OESelftestTestCase): | ||
335 | |||
336 | def setUpLocal(self): | ||
337 | layer = "meta-updater-qemux86-64" | ||
338 | result = runCmd('bitbake-layers show-layers') | ||
339 | if re.search(layer, result.output) is None: | ||
340 | # Assume the directory layout for finding other layers. We could also | ||
341 | # make assumptions by using 'show-layers', but either way, if the | ||
342 | # layers we need aren't where we expect them, we are out of like. | ||
343 | path = os.path.abspath(os.path.dirname(__file__)) | ||
344 | metadir = path + "/../../../../../" | ||
345 | self.meta_qemu = metadir + layer | ||
346 | runCmd('bitbake-layers add-layer "%s"' % self.meta_qemu) | ||
347 | else: | ||
348 | self.meta_qemu = None | ||
349 | self.append_config('MACHINE = "qemux86-64"') | ||
350 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-implicit-prov "') | ||
351 | self.qemu, self.s = qemu_launch(machine='qemux86-64') | ||
352 | |||
353 | def tearDownLocal(self): | ||
354 | qemu_terminate(self.s) | ||
355 | if self.meta_qemu: | ||
356 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_qemu, ignore_status=True) | ||
357 | |||
358 | def qemu_command(self, command): | ||
359 | return qemu_send_command(self.qemu.ssh_port, command) | ||
360 | |||
361 | def test_provisioning(self): | ||
362 | print('Checking machine name (hostname) of device:') | ||
363 | stdout, stderr, retcode = self.qemu_command('hostname') | ||
364 | self.assertEqual(retcode, 0, "Unable to check hostname. " + | ||
365 | "Is an ssh daemon (such as dropbear or openssh) installed on the device?") | ||
366 | machine = get_bb_var('MACHINE', 'core-image-minimal') | ||
367 | self.assertEqual(stderr, b'', 'Error: ' + stderr.decode()) | ||
368 | # Strip off line ending. | ||
369 | value = stdout.decode()[:-1] | ||
370 | self.assertEqual(value, machine, | ||
371 | 'MACHINE does not match hostname: ' + machine + ', ' + value) | ||
372 | print(value) | ||
373 | print('Checking output of aktualizr-info:') | ||
374 | ran_ok = False | ||
375 | for delay in [1, 2, 5, 10, 15]: | ||
376 | stdout, stderr, retcode = self.qemu_command('aktualizr-info') | ||
377 | if retcode == 0 and stderr == b'': | ||
378 | ran_ok = True | ||
379 | break | ||
380 | sleep(delay) | ||
381 | self.assertTrue(ran_ok, 'aktualizr-info failed: ' + stderr.decode() + stdout.decode()) | ||
382 | # Verify that device has NOT yet provisioned. | ||
383 | self.assertIn(b'Couldn\'t load device ID', stdout, | ||
384 | 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) | ||
385 | self.assertIn(b'Couldn\'t load ECU serials', stdout, | ||
386 | 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) | ||
387 | self.assertIn(b'Provisioned on server: no', stdout, | ||
388 | 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) | ||
389 | self.assertIn(b'Fetched metadata: no', stdout, | ||
390 | 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) | ||
391 | |||
392 | # Run cert_provider. | ||
393 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') | ||
394 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] | ||
395 | bb_vars_prov = get_bb_vars(['STAGING_DIR_NATIVE', 'libdir'], 'aktualizr-implicit-prov') | ||
396 | config = bb_vars_prov['STAGING_DIR_NATIVE'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov.toml' | ||
397 | |||
398 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -s -g {config}' | ||
399 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) | ||
400 | |||
401 | verifyProvisioned(self, machine) | ||
402 | |||
403 | |||
404 | class HsmTests(OESelftestTestCase): | ||
405 | |||
406 | def setUpLocal(self): | ||
407 | layer = "meta-updater-qemux86-64" | ||
408 | result = runCmd('bitbake-layers show-layers') | ||
409 | if re.search(layer, result.output) is None: | ||
410 | # Assume the directory layout for finding other layers. We could also | ||
411 | # make assumptions by using 'show-layers', but either way, if the | ||
412 | # layers we need aren't where we expect them, we are out of like. | ||
413 | path = os.path.abspath(os.path.dirname(__file__)) | ||
414 | metadir = path + "/../../../../../" | ||
415 | self.meta_qemu = metadir + layer | ||
416 | runCmd('bitbake-layers add-layer "%s"' % self.meta_qemu) | ||
417 | else: | ||
418 | self.meta_qemu = None | ||
419 | self.append_config('MACHINE = "qemux86-64"') | ||
420 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-hsm-prov"') | ||
421 | self.append_config('SOTA_CLIENT_FEATURES = "hsm"') | ||
422 | self.qemu, self.s = qemu_launch(machine='qemux86-64') | ||
423 | |||
424 | def tearDownLocal(self): | ||
425 | qemu_terminate(self.s) | ||
426 | if self.meta_qemu: | ||
427 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_qemu, ignore_status=True) | ||
428 | |||
429 | def qemu_command(self, command): | ||
430 | return qemu_send_command(self.qemu.ssh_port, command) | ||
431 | |||
432 | def test_provisioning(self): | ||
433 | print('Checking machine name (hostname) of device:') | ||
434 | stdout, stderr, retcode = self.qemu_command('hostname') | ||
435 | self.assertEqual(retcode, 0, "Unable to check hostname. " + | ||
436 | "Is an ssh daemon (such as dropbear or openssh) installed on the device?") | ||
437 | machine = get_bb_var('MACHINE', 'core-image-minimal') | ||
438 | self.assertEqual(stderr, b'', 'Error: ' + stderr.decode()) | ||
439 | # Strip off line ending. | ||
440 | value = stdout.decode()[:-1] | ||
441 | self.assertEqual(value, machine, | ||
442 | 'MACHINE does not match hostname: ' + machine + ', ' + value + | ||
443 | '\nIs tianocore ovmf installed?') | ||
444 | print(value) | ||
445 | print('Checking output of aktualizr-info:') | ||
446 | ran_ok = False | ||
447 | for delay in [1, 2, 5, 10, 15]: | ||
448 | stdout, stderr, retcode = self.qemu_command('aktualizr-info') | ||
449 | if retcode == 0 and stderr == b'': | ||
450 | ran_ok = True | ||
451 | break | ||
452 | sleep(delay) | ||
453 | self.assertTrue(ran_ok, 'aktualizr-info failed: ' + stderr.decode() + stdout.decode()) | ||
454 | # Verify that device has NOT yet provisioned. | ||
455 | self.assertIn(b'Couldn\'t load device ID', stdout, | ||
456 | 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) | ||
457 | self.assertIn(b'Couldn\'t load ECU serials', stdout, | ||
458 | 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) | ||
459 | self.assertIn(b'Provisioned on server: no', stdout, | ||
460 | 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) | ||
461 | self.assertIn(b'Fetched metadata: no', stdout, | ||
462 | 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) | ||
463 | |||
464 | # Verify that HSM is not yet initialized. | ||
465 | pkcs11_command = 'pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so -O' | ||
466 | stdout, stderr, retcode = self.qemu_command(pkcs11_command) | ||
467 | self.assertNotEqual(retcode, 0, 'pkcs11-tool succeeded before initialization: ' + | ||
468 | stdout.decode() + stderr.decode()) | ||
469 | softhsm2_command = 'softhsm2-util --show-slots' | ||
470 | stdout, stderr, retcode = self.qemu_command(softhsm2_command) | ||
471 | self.assertNotEqual(retcode, 0, 'softhsm2-tool succeeded before initialization: ' + | ||
472 | stdout.decode() + stderr.decode()) | ||
473 | |||
474 | # Run cert_provider. | ||
475 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') | ||
476 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] | ||
477 | bb_vars_prov = get_bb_vars(['STAGING_DIR_NATIVE', 'libdir'], 'aktualizr-hsm-prov') | ||
478 | config = bb_vars_prov['STAGING_DIR_NATIVE'] + bb_vars_prov['libdir'] + '/sota/sota_hsm_prov.toml' | ||
479 | |||
480 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -r -s -g {config}' | ||
481 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) | ||
482 | |||
483 | # Verify that HSM is able to initialize. | ||
484 | ran_ok = False | ||
485 | for delay in [5, 5, 5, 5, 10]: | ||
486 | sleep(delay) | ||
487 | p11_out, p11_err, p11_ret = self.qemu_command(pkcs11_command) | ||
488 | hsm_out, hsm_err, hsm_ret = self.qemu_command(softhsm2_command) | ||
489 | if p11_ret == 0 and hsm_ret == 0 and hsm_err == b'': | ||
490 | ran_ok = True | ||
491 | break | ||
492 | self.assertTrue(ran_ok, 'pkcs11-tool or softhsm2-tool failed: ' + p11_err.decode() + | ||
493 | p11_out.decode() + hsm_err.decode() + hsm_out.decode()) | ||
494 | self.assertIn(b'present token', p11_err, 'pkcs11-tool failed: ' + p11_err.decode() + p11_out.decode()) | ||
495 | self.assertIn(b'X.509 cert', p11_out, 'pkcs11-tool failed: ' + p11_err.decode() + p11_out.decode()) | ||
496 | self.assertIn(b'Initialized: yes', hsm_out, 'softhsm2-tool failed: ' + | ||
497 | hsm_err.decode() + hsm_out.decode()) | ||
498 | self.assertIn(b'User PIN init.: yes', hsm_out, 'softhsm2-tool failed: ' + | ||
499 | hsm_err.decode() + hsm_out.decode()) | ||
500 | |||
501 | # Check that pkcs11 output matches sofhsm output. | ||
502 | p11_p = re.compile(r'Using slot [0-9] with a present token \((0x[0-9a-f]*)\)\s') | ||
503 | p11_m = p11_p.search(p11_err.decode()) | ||
504 | self.assertTrue(p11_m, 'Slot number not found with pkcs11-tool: ' + p11_err.decode() + p11_out.decode()) | ||
505 | self.assertGreater(p11_m.lastindex, 0, 'Slot number not found with pkcs11-tool: ' + | ||
506 | p11_err.decode() + p11_out.decode()) | ||
507 | hsm_p = re.compile(r'Description:\s*SoftHSM slot ID (0x[0-9a-f]*)\s') | ||
508 | hsm_m = hsm_p.search(hsm_out.decode()) | ||
509 | self.assertTrue(hsm_m, 'Slot number not found with softhsm2-tool: ' + hsm_err.decode() + hsm_out.decode()) | ||
510 | self.assertGreater(hsm_m.lastindex, 0, 'Slot number not found with softhsm2-tool: ' + | ||
511 | hsm_err.decode() + hsm_out.decode()) | ||
512 | self.assertEqual(p11_m.group(1), hsm_m.group(1), 'Slot number does not match: ' + | ||
513 | p11_err.decode() + p11_out.decode() + hsm_err.decode() + hsm_out.decode()) | ||
514 | |||
515 | verifyProvisioned(self, machine) | ||
516 | |||
517 | class SecondaryTests(OESelftestTestCase): | ||
518 | @classmethod | ||
519 | def setUpClass(cls): | ||
520 | super(SecondaryTests, cls).setUpClass() | ||
521 | logger = logging.getLogger("selftest") | ||
522 | logger.info('Running bitbake to build secondary-image') | ||
523 | bitbake('secondary-image') | ||
524 | |||
525 | def setUpLocal(self): | ||
526 | layer = "meta-updater-qemux86-64" | ||
527 | result = runCmd('bitbake-layers show-layers') | ||
528 | if re.search(layer, result.output) is None: | ||
529 | # Assume the directory layout for finding other layers. We could also | ||
530 | # make assumptions by using 'show-layers', but either way, if the | ||
531 | # layers we need aren't where we expect them, we are out of like. | ||
532 | path = os.path.abspath(os.path.dirname(__file__)) | ||
533 | metadir = path + "/../../../../../" | ||
534 | self.meta_qemu = metadir + layer | ||
535 | runCmd('bitbake-layers add-layer "%s"' % self.meta_qemu) | ||
536 | else: | ||
537 | self.meta_qemu = None | ||
538 | self.append_config('MACHINE = "qemux86-64"') | ||
539 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | ||
540 | self.qemu, self.s = qemu_launch(machine='qemux86-64', imagename='secondary-image') | ||
541 | |||
542 | def tearDownLocal(self): | ||
543 | qemu_terminate(self.s) | ||
544 | if self.meta_qemu: | ||
545 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_qemu, ignore_status=True) | ||
546 | |||
547 | def qemu_command(self, command): | ||
548 | return qemu_send_command(self.qemu.ssh_port, command) | ||
549 | |||
550 | def test_secondary_present(self): | ||
551 | print('Checking aktualizr-secondary is present') | ||
552 | stdout, stderr, retcode = self.qemu_command('aktualizr-secondary --help') | ||
553 | self.assertEqual(retcode, 0, "Unable to run aktualizr-secondary --help") | ||
554 | self.assertEqual(stderr, b'', 'Error: ' + stderr.decode()) | ||
555 | |||
556 | def test_secondary_listening(self): | ||
557 | print('Checking aktualizr-secondary service is listening') | ||
558 | stdout, stderr, retcode = self.qemu_command('echo test | nc localhost 9030') | ||
559 | self.assertEqual(retcode, 0, "Unable to connect to secondary") | ||
560 | |||
561 | |||
562 | class PrimaryTests(OESelftestTestCase): | ||
563 | @classmethod | ||
564 | def setUpClass(cls): | ||
565 | super(PrimaryTests, cls).setUpClass() | ||
566 | logger = logging.getLogger("selftest") | ||
567 | logger.info('Running bitbake to build primary-image') | ||
568 | bitbake('primary-image') | ||
569 | |||
570 | def setUpLocal(self): | ||
571 | layer = "meta-updater-qemux86-64" | ||
572 | result = runCmd('bitbake-layers show-layers') | ||
573 | if re.search(layer, result.output) is None: | ||
574 | # Assume the directory layout for finding other layers. We could also | ||
575 | # make assumptions by using 'show-layers', but either way, if the | ||
576 | # layers we need aren't where we expect them, we are out of like. | ||
577 | path = os.path.abspath(os.path.dirname(__file__)) | ||
578 | metadir = path + "/../../../../../" | ||
579 | self.meta_qemu = metadir + layer | ||
580 | runCmd('bitbake-layers add-layer "%s"' % self.meta_qemu) | ||
581 | else: | ||
582 | self.meta_qemu = None | ||
583 | self.append_config('MACHINE = "qemux86-64"') | ||
584 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | ||
585 | self.append_config('SOTA_CLIENT_FEATURES = "secondary-network"') | ||
586 | self.qemu, self.s = qemu_launch(machine='qemux86-64', imagename='primary-image') | ||
587 | |||
588 | def tearDownLocal(self): | ||
589 | qemu_terminate(self.s) | ||
590 | if self.meta_qemu: | ||
591 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_qemu, ignore_status=True) | ||
592 | |||
593 | def qemu_command(self, command): | ||
594 | return qemu_send_command(self.qemu.ssh_port, command) | ||
595 | |||
596 | def test_aktualizr_present(self): | ||
597 | print('Checking aktualizr is present') | ||
598 | stdout, stderr, retcode = self.qemu_command('aktualizr --help') | ||
599 | self.assertEqual(retcode, 0, "Unable to run aktualizr --help") | ||
600 | self.assertEqual(stderr, b'', 'Error: ' + stderr.decode()) | ||
601 | |||
602 | |||
603 | def qemu_launch(efi=False, machine=None, imagename=None): | ||
604 | logger = logging.getLogger("selftest") | ||
605 | logger.info('Running bitbake to build core-image-minimal') | ||
606 | bitbake('core-image-minimal') | ||
607 | # Create empty object. | ||
608 | args = type('', (), {})() | ||
609 | if imagename: | ||
610 | args.imagename = imagename | ||
611 | else: | ||
612 | args.imagename = 'core-image-minimal' | ||
613 | args.mac = None | ||
614 | # Could use DEPLOY_DIR_IMAGE here but it's already in the machine | ||
615 | # subdirectory. | ||
616 | args.dir = 'tmp/deploy/images' | ||
617 | args.efi = efi | ||
618 | args.machine = machine | ||
619 | args.kvm = None # Autodetect | ||
620 | args.no_gui = True | ||
621 | args.gdb = False | ||
622 | args.pcap = None | ||
623 | args.overlay = None | ||
624 | args.dry_run = False | ||
625 | args.secondary_network = False | ||
626 | |||
627 | qemu = QemuCommand(args) | ||
628 | cmdline = qemu.command_line() | ||
629 | print('Booting image with run-qemu-ota...') | ||
630 | s = subprocess.Popen(cmdline) | ||
631 | sleep(10) | ||
632 | return qemu, s | ||
633 | |||
634 | |||
635 | def qemu_terminate(s): | ||
636 | try: | ||
637 | s.terminate() | ||
638 | except KeyboardInterrupt: | ||
639 | pass | ||
640 | |||
641 | |||
642 | def qemu_send_command(port, command): | ||
643 | command = ['ssh -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@localhost -p ' + | ||
644 | str(port) + ' "' + command + '"'] | ||
645 | s2 = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) | ||
646 | stdout, stderr = s2.communicate(timeout=60) | ||
647 | return stdout, stderr, s2.returncode | ||
648 | |||
649 | |||
650 | def akt_native_run(testInst, cmd, **kwargs): | ||
651 | # run a command supplied by aktualizr-native and checks that: | ||
652 | # - the executable exists | ||
653 | # - the command runs without error | ||
654 | # NOTE: the base test class must have built aktualizr-native (in | ||
655 | # setUpClass, for example) | ||
656 | bb_vars = get_bb_vars(['SYSROOT_DESTDIR', 'base_prefix', 'libdir', 'bindir'], | ||
657 | 'aktualizr-native') | ||
658 | sysroot = bb_vars['SYSROOT_DESTDIR'] + bb_vars['base_prefix'] | ||
659 | sysrootbin = bb_vars['SYSROOT_DESTDIR'] + bb_vars['bindir'] | ||
660 | libdir = bb_vars['libdir'] | ||
661 | |||
662 | program, *_ = cmd.split(' ') | ||
663 | p = '{}/{}'.format(sysrootbin, program) | ||
664 | testInst.assertTrue(os.path.isfile(p), msg="No {} found ({})".format(program, p)) | ||
665 | env = dict(os.environ) | ||
666 | env['LD_LIBRARY_PATH'] = libdir | ||
667 | result = runCmd(cmd, env=env, native_sysroot=sysroot, ignore_status=True, **kwargs) | ||
668 | testInst.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) | ||
669 | |||
670 | |||
671 | def verifyProvisioned(testInst, machine): | ||
672 | # Verify that device HAS provisioned. | ||
673 | ran_ok = False | ||
674 | for delay in [5, 5, 5, 5, 10, 10, 10, 10]: | ||
675 | stdout, stderr, retcode = testInst.qemu_command('aktualizr-info') | ||
676 | if retcode == 0 and stderr == b'' and stdout.decode().find('Fetched metadata: yes') >= 0: | ||
677 | ran_ok = True | ||
678 | break | ||
679 | sleep(delay) | ||
680 | testInst.assertIn(b'Device ID: ', stdout, 'Provisioning failed: ' + stderr.decode() + stdout.decode()) | ||
681 | testInst.assertIn(b'Primary ecu hardware ID: ' + machine.encode(), stdout, | ||
682 | 'Provisioning failed: ' + stderr.decode() + stdout.decode()) | ||
683 | testInst.assertIn(b'Fetched metadata: yes', stdout, 'Provisioning failed: ' + stderr.decode() + stdout.decode()) | ||
684 | p = re.compile(r'Device ID: ([a-z0-9-]*)\n') | ||
685 | m = p.search(stdout.decode()) | ||
686 | testInst.assertTrue(m, 'Device ID could not be read: ' + stderr.decode() + stdout.decode()) | ||
687 | testInst.assertGreater(m.lastindex, 0, 'Device ID could not be read: ' + stderr.decode() + stdout.decode()) | ||
688 | logger = logging.getLogger("selftest") | ||
689 | logger.info('Device successfully provisioned with ID: ' + m.group(1)) | ||
690 | |||
691 | |||
692 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/recipes-core/images/initramfs-ostree-image.bb b/meta-sota/recipes-core/images/initramfs-ostree-image.bb new file mode 100644 index 0000000..b2d9e27 --- /dev/null +++ b/meta-sota/recipes-core/images/initramfs-ostree-image.bb | |||
@@ -0,0 +1,29 @@ | |||
1 | # Netboot initramfs image. | ||
2 | DESCRIPTION = "OSTree initramfs image" | ||
3 | |||
4 | PACKAGE_INSTALL = "ostree-switchroot ostree-initrd busybox base-passwd ${ROOTFS_BOOTSTRAP_INSTALL}" | ||
5 | |||
6 | SYSTEMD_DEFAULT_TARGET = "initrd.target" | ||
7 | |||
8 | # Do not pollute the initrd image with rootfs features | ||
9 | IMAGE_FEATURES = "" | ||
10 | |||
11 | export IMAGE_BASENAME = "initramfs-ostree-image" | ||
12 | IMAGE_LINGUAS = "" | ||
13 | |||
14 | LICENSE = "MIT" | ||
15 | |||
16 | IMAGE_FSTYPES = "${OSTREE_INITRAMFS_FSTYPES}" | ||
17 | |||
18 | inherit core-image | ||
19 | |||
20 | IMAGE_ROOTFS_SIZE = "8192" | ||
21 | |||
22 | # Users will often ask for extra space in their rootfs by setting this | ||
23 | # globally. Since this is a initramfs, we don't want to make it bigger | ||
24 | IMAGE_ROOTFS_EXTRA_SPACE = "0" | ||
25 | IMAGE_OVERHEAD_FACTOR = "1.0" | ||
26 | |||
27 | BAD_RECOMMENDATIONS += "busybox-syslog" | ||
28 | |||
29 | |||
diff --git a/meta-sota/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/meta-sota/recipes-sota/aktualizr/aktualizr-auto-prov.bb new file mode 100644 index 0000000..8deee7e --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/aktualizr-auto-prov.bb | |||
@@ -0,0 +1,56 @@ | |||
1 | SUMMARY = "Aktualizr configuration for autoprovisioning" | ||
2 | DESCRIPTION = "Systemd service and configurations for autoprovisioning Aktualizr, the SOTA Client application written in C++" | ||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "MPL-2.0" | ||
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | ||
7 | DEPENDS = "aktualizr-native zip-native" | ||
8 | RDEPENDS_${PN} = "aktualizr" | ||
9 | PV = "1.0" | ||
10 | PR = "6" | ||
11 | |||
12 | SRC_URI = " \ | ||
13 | file://LICENSE \ | ||
14 | " | ||
15 | |||
16 | require environment.inc | ||
17 | require credentials.inc | ||
18 | |||
19 | do_install() { | ||
20 | if [ -n "${SOTA_AUTOPROVISION_CREDENTIALS}" ]; then | ||
21 | bbwarn "SOTA_AUTOPROVISION_CREDENTIALS are ignored. Please use SOTA_PACKED_CREDENTIALS" | ||
22 | fi | ||
23 | if [ -n "${SOTA_AUTOPROVISION_URL}" ]; then | ||
24 | bbwarn "SOTA_AUTOPROVISION_URL is ignored. Please use SOTA_PACKED_CREDENTIALS" | ||
25 | fi | ||
26 | if [ -n "${SOTA_AUTOPROVISION_URL_FILE}" ]; then | ||
27 | bbwarn "SOTA_AUTOPROVISION_URL_FILE is ignored. Please use SOTA_PACKED_CREDENTIALS" | ||
28 | fi | ||
29 | if [ -n "${OSTREE_PUSH_CREDENTIALS}" ]; then | ||
30 | bbwarn "OSTREE_PUSH_CREDENTIALS is ignored. Please use SOTA_PACKED_CREDENTIALS" | ||
31 | fi | ||
32 | |||
33 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
34 | install -m 0700 -d ${D}${localstatedir}/sota | ||
35 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
36 | aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)} | ||
37 | |||
38 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} ${D}${libdir}/sota/conf.d/20-sota.toml | ||
39 | |||
40 | # deploy SOTA credentials | ||
41 | if [ -e ${SOTA_PACKED_CREDENTIALS} ]; then | ||
42 | cp ${SOTA_PACKED_CREDENTIALS} ${D}${localstatedir}/sota/sota_provisioning_credentials.zip | ||
43 | # Device should not be able to push data to treehub | ||
44 | zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip treehub.json | ||
45 | fi | ||
46 | fi | ||
47 | } | ||
48 | |||
49 | FILES_${PN} = " \ | ||
50 | ${libdir}/sota/conf.d \ | ||
51 | ${libdir}/sota/conf.d/20-sota.toml \ | ||
52 | ${localstatedir}/sota \ | ||
53 | ${localstatedir}/sota/sota_provisioning_credentials.zip \ | ||
54 | " | ||
55 | |||
56 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb b/meta-sota/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb new file mode 100644 index 0000000..319074e --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb | |||
@@ -0,0 +1,72 @@ | |||
1 | SUMMARY = "Aktualizr configuration for implicit provisioning with CA" | ||
2 | DESCRIPTION = "Systemd service and configurations for implicitly provisioning Aktualizr using externally provided or generated CA" | ||
3 | |||
4 | # WARNING: it is NOT a production solution. The secure way to provision devices is to create certificate request directly on the device | ||
5 | # (either with HSM/TPM or with software) and then sign it with a CA stored on a disconnected machine | ||
6 | |||
7 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
8 | SECTION = "base" | ||
9 | LICENSE = "MPL-2.0" | ||
10 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | ||
11 | |||
12 | DEPENDS = "aktualizr-native openssl-native" | ||
13 | RDEPENDS_${PN} = "aktualizr" | ||
14 | |||
15 | SRC_URI = " \ | ||
16 | file://LICENSE \ | ||
17 | file://ca.cnf \ | ||
18 | " | ||
19 | PV = "1.0" | ||
20 | PR = "1" | ||
21 | |||
22 | require environment.inc | ||
23 | require credentials.inc | ||
24 | |||
25 | export SOTA_CACERT_PATH | ||
26 | export SOTA_CAKEY_PATH | ||
27 | |||
28 | do_install() { | ||
29 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
30 | |||
31 | if [ -z "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
32 | bberror "SOTA_PACKED_CREDENTIALS are required for implicit provisioning" | ||
33 | fi | ||
34 | |||
35 | if [ -z ${SOTA_CACERT_PATH} ]; then | ||
36 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem | ||
37 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem | ||
38 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA | ||
39 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" | ||
40 | |||
41 | if [ ! -f ${SOTA_CACERT_PATH} ]; then | ||
42 | bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" | ||
43 | SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")" | ||
44 | openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 | ||
45 | openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert | ||
46 | bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" | ||
47 | fi | ||
48 | fi | ||
49 | |||
50 | if [ -z ${SOTA_CAKEY_PATH} ]; then | ||
51 | bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning" | ||
52 | fi | ||
53 | |||
54 | install -m 0700 -d ${D}${localstatedir}/sota | ||
55 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov_ca.toml ${D}${libdir}/sota/conf.d/20-sota.toml | ||
56 | aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \ | ||
57 | --device-ca ${SOTA_CACERT_PATH} \ | ||
58 | --device-ca-key ${SOTA_CAKEY_PATH} \ | ||
59 | --root-ca \ | ||
60 | --server-url \ | ||
61 | --local ${D}${localstatedir}/sota \ | ||
62 | --config ${D}${libdir}/sota/conf.d/20-sota.toml | ||
63 | } | ||
64 | |||
65 | FILES_${PN} = " \ | ||
66 | ${libdir}/sota/conf.d \ | ||
67 | ${libdir}/sota/conf.d/20-sota.toml \ | ||
68 | ${libdir}/sota/root.crt \ | ||
69 | ${localstatedir}/sota/* \ | ||
70 | " | ||
71 | |||
72 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/recipes-sota/aktualizr/aktualizr-hsm-prov.bb b/meta-sota/recipes-sota/aktualizr/aktualizr-hsm-prov.bb new file mode 100644 index 0000000..504f0d8 --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/aktualizr-hsm-prov.bb | |||
@@ -0,0 +1,33 @@ | |||
1 | SUMMARY = "Aktualizr configuration with HSM support" | ||
2 | DESCRIPTION = "Systemd service and configurations for HSM provisioning with Aktualizr, the SOTA Client application written in C++" | ||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "MPL-2.0" | ||
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | ||
7 | |||
8 | DEPENDS = "aktualizr-native" | ||
9 | RDEPENDS_${PN} = "aktualizr softhsm softhsm-testtoken" | ||
10 | |||
11 | SRC_URI = " \ | ||
12 | file://LICENSE \ | ||
13 | " | ||
14 | PV = "1.0" | ||
15 | PR = "6" | ||
16 | |||
17 | require environment.inc | ||
18 | require credentials.inc | ||
19 | |||
20 | do_install() { | ||
21 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
22 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
23 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} --no-root-ca \ | ||
24 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_hsm_prov.toml -o ${D}${libdir}/sota/conf.d/20-sota.toml -p ${D} | ||
25 | fi | ||
26 | } | ||
27 | |||
28 | FILES_${PN} = " \ | ||
29 | ${libdir}/sota/conf.d \ | ||
30 | ${libdir}/sota/conf.d/20-sota.toml \ | ||
31 | " | ||
32 | |||
33 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/meta-sota/recipes-sota/aktualizr/aktualizr-implicit-prov.bb new file mode 100644 index 0000000..dcfaffb --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/aktualizr-implicit-prov.bb | |||
@@ -0,0 +1,34 @@ | |||
1 | SUMMARY = "Aktualizr configuration for implicit provisioning" | ||
2 | DESCRIPTION = "Systemd service and configurations for implicitly provisioning Aktualizr, the SOTA Client application written in C++" | ||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "MPL-2.0" | ||
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | ||
7 | |||
8 | DEPENDS = "aktualizr-native" | ||
9 | RDEPENDS_${PN} = "aktualizr" | ||
10 | |||
11 | SRC_URI = " \ | ||
12 | file://LICENSE \ | ||
13 | " | ||
14 | PV = "1.0" | ||
15 | PR = "1" | ||
16 | |||
17 | require environment.inc | ||
18 | require credentials.inc | ||
19 | |||
20 | do_install() { | ||
21 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
22 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
23 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ | ||
24 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml -o ${D}${libdir}/sota/conf.d/20-sota.toml -p ${D} | ||
25 | fi | ||
26 | } | ||
27 | |||
28 | FILES_${PN} = " \ | ||
29 | ${libdir}/sota/conf.d \ | ||
30 | ${libdir}/sota/conf.d/20-sota.toml \ | ||
31 | ${libdir}/sota/root.crt \ | ||
32 | " | ||
33 | |||
34 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/recipes-sota/aktualizr/aktualizr_git.bb b/meta-sota/recipes-sota/aktualizr/aktualizr_git.bb new file mode 100755 index 0000000..2c0d59f --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/aktualizr_git.bb | |||
@@ -0,0 +1,119 @@ | |||
1 | SUMMARY = "Aktualizr SOTA Client" | ||
2 | DESCRIPTION = "SOTA Client application written in C++" | ||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "MPL-2.0" | ||
6 | LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | ||
7 | |||
8 | DEPENDS = "boost curl openssl libarchive libsodium asn1c-native sqlite3 " | ||
9 | DEPENDS_append_class-target = "ostree ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', ' libp11', '', d)} " | ||
10 | DEPENDS_append_class-native = "glib-2.0-native " | ||
11 | |||
12 | RDEPENDS_${PN}_class-target = "lshw " | ||
13 | RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} " | ||
14 | |||
15 | PV = "1.0+git${SRCPV}" | ||
16 | PR = "7" | ||
17 | |||
18 | SRC_URI = " \ | ||
19 | gitsm://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \ | ||
20 | file://aktualizr.service \ | ||
21 | file://aktualizr-secondary.service \ | ||
22 | file://aktualizr-secondary.socket \ | ||
23 | file://aktualizr-serialcan.service \ | ||
24 | " | ||
25 | SRCREV = "3b89858cf8ce9a8331cc4e6a5d2b5783d2eb7ae9" | ||
26 | BRANCH ?= "master" | ||
27 | |||
28 | S = "${WORKDIR}/git" | ||
29 | |||
30 | inherit cmake | ||
31 | |||
32 | inherit systemd | ||
33 | |||
34 | SYSTEMD_PACKAGES = "${PN} ${PN}-secondary" | ||
35 | SYSTEMD_SERVICE_${PN} = "aktualizr.service" | ||
36 | SYSTEMD_SERVICE_${PN}-secondary = "aktualizr-secondary.socket" | ||
37 | |||
38 | BBCLASSEXTEND =+ "native" | ||
39 | |||
40 | require garage-sign-version.inc | ||
41 | |||
42 | EXTRA_OECMAKE = "-DWARNING_AS_ERROR=OFF \ | ||
43 | -DCMAKE_BUILD_TYPE=Release \ | ||
44 | -DAKTUALIZR_VERSION=${PV} \ | ||
45 | -DBUILD_LOAD_TESTS=OFF" | ||
46 | EXTRA_OECMAKE_append_class-target = " -DBUILD_OSTREE=ON \ | ||
47 | -DBUILD_ISOTP=ON \ | ||
48 | ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', '-DBUILD_P11=ON', '', d)} " | ||
49 | EXTRA_OECMAKE_append_class-native = " -DBUILD_SOTA_TOOLS=ON \ | ||
50 | -DBUILD_OSTREE=OFF \ | ||
51 | -DBUILD_SYSTEMD=OFF \ | ||
52 | -DGARAGE_SIGN_VERSION=${GARAGE_SIGN_VERSION} \ | ||
53 | -DGARAGE_SIGN_SHA256=${GARAGE_SIGN_SHA256}" | ||
54 | |||
55 | do_install_append () { | ||
56 | rm -fr ${D}${libdir}/systemd | ||
57 | rm -f ${D}${libdir}/sota/sota.toml # Only needed for the Debian package | ||
58 | install -d ${D}${libdir}/sota | ||
59 | install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml | ||
60 | install -m 0644 ${S}/config/sota_autoprov_primary.toml ${D}/${libdir}/sota/sota_autoprov_primary.toml | ||
61 | install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml | ||
62 | install -m 0644 ${S}/config/sota_implicit_prov.toml ${D}/${libdir}/sota/sota_implicit_prov.toml | ||
63 | install -m 0644 ${S}/config/sota_implicit_prov_ca.toml ${D}/${libdir}/sota/sota_implicit_prov_ca.toml | ||
64 | install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml | ||
65 | install -d ${D}${systemd_unitdir}/system | ||
66 | install -m 0644 ${WORKDIR}/aktualizr-secondary.socket ${D}${systemd_unitdir}/system/aktualizr-secondary.socket | ||
67 | install -m 0644 ${WORKDIR}/aktualizr-secondary.service ${D}${systemd_unitdir}/system/aktualizr-secondary.service | ||
68 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
69 | install -m 0700 -d ${D}${sysconfdir}/sota/conf.d | ||
70 | } | ||
71 | |||
72 | do_install_append_class-target () { | ||
73 | install -m 0755 -d ${D}${systemd_unitdir}/system | ||
74 | aktualizr_service=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', '${WORKDIR}/aktualizr-serialcan.service', '${WORKDIR}/aktualizr.service', d)} | ||
75 | install -m 0644 ${aktualizr_service} ${D}${systemd_unitdir}/system/aktualizr.service | ||
76 | } | ||
77 | |||
78 | do_install_append_class-native () { | ||
79 | install -m 0755 ${B}/src/sota_tools/garage-sign/bin/* ${D}${bindir} | ||
80 | install -m 0644 ${B}/src/sota_tools/garage-sign/lib/* ${D}${libdir} | ||
81 | } | ||
82 | |||
83 | PACKAGES =+ " ${PN}-examples ${PN}-host-tools ${PN}-secondary " | ||
84 | |||
85 | FILES_${PN} = " \ | ||
86 | ${bindir}/aktualizr \ | ||
87 | ${bindir}/aktualizr-info \ | ||
88 | ${bindir}/aktualizr-check-discovery \ | ||
89 | ${systemd_unitdir}/system/aktualizr.service \ | ||
90 | ${libdir}/sota/conf.d \ | ||
91 | ${sysconfdir}/sota/conf.d \ | ||
92 | " | ||
93 | |||
94 | FILES_${PN}-examples = " \ | ||
95 | ${libdir}/sota/demo_secondary.json \ | ||
96 | ${bindir}/example-interface \ | ||
97 | ${bindir}/isotp-test-interface \ | ||
98 | " | ||
99 | |||
100 | FILES_${PN}-host-tools = " \ | ||
101 | ${bindir}/aktualizr_cert_provider \ | ||
102 | ${bindir}/aktualizr_implicit_writer \ | ||
103 | ${bindir}/garage-deploy \ | ||
104 | ${bindir}/garage-push \ | ||
105 | ${libdir}/sota/sota_autoprov.toml \ | ||
106 | ${libdir}/sota/sota_autoprov_primary.toml \ | ||
107 | ${libdir}/sota/sota_hsm_prov.toml \ | ||
108 | ${libdir}/sota/sota_implicit_prov.toml \ | ||
109 | ${libdir}/sota/sota_implicit_prov_ca.toml \ | ||
110 | " | ||
111 | |||
112 | FILES_${PN}-secondary = " \ | ||
113 | ${bindir}/aktualizr-secondary \ | ||
114 | ${libdir}/sota/sota_secondary.toml \ | ||
115 | ${systemd_unitdir}/system/aktualizr-secondary.socket \ | ||
116 | ${systemd_unitdir}/system/aktualizr-secondary.service \ | ||
117 | " | ||
118 | |||
119 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/recipes-sota/aktualizr/credentials.inc b/meta-sota/recipes-sota/aktualizr/credentials.inc new file mode 100644 index 0000000..256c8ff --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/credentials.inc | |||
@@ -0,0 +1 @@ | |||
SRC_URI_append = "${@('file://' + d.getVar('SOTA_PACKED_CREDENTIALS', True)) if d.getVar('SOTA_PACKED_CREDENTIALS', True) else ''}" | |||
diff --git a/meta-sota/recipes-sota/aktualizr/environment.inc b/meta-sota/recipes-sota/aktualizr/environment.inc new file mode 100644 index 0000000..16e789e --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/environment.inc | |||
@@ -0,0 +1,11 @@ | |||
1 | export SOTA_VIRTUAL_SECONDARIES | ||
2 | |||
3 | do_install_append() { | ||
4 | for sec in ${SOTA_VIRTUAL_SECONDARIES}; do | ||
5 | AKTUALIZR_PARAMETERS_VIRTUALSECS="${AKTUALIZR_PARAMETERS_VIRTUALSECS} --secondary-config $sec" | ||
6 | done | ||
7 | |||
8 | echo "AKTUALIZR_CMDLINE_PARAMETERS=${AKTUALIZR_PARAMETERS_VIRTUALSECS}" > ${D}${libdir}/sota/sota.env | ||
9 | } | ||
10 | |||
11 | FILES_${PN}_append = " ${libdir}/sota/sota.env" | ||
diff --git a/meta-sota/recipes-sota/aktualizr/files/LICENSE b/meta-sota/recipes-sota/aktualizr/files/LICENSE new file mode 100644 index 0000000..a612ad9 --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/files/LICENSE | |||
@@ -0,0 +1,373 @@ | |||
1 | Mozilla Public License Version 2.0 | ||
2 | ================================== | ||
3 | |||
4 | 1. Definitions | ||
5 | -------------- | ||
6 | |||
7 | 1.1. "Contributor" | ||
8 | means each individual or legal entity that creates, contributes to | ||
9 | the creation of, or owns Covered Software. | ||
10 | |||
11 | 1.2. "Contributor Version" | ||
12 | means the combination of the Contributions of others (if any) used | ||
13 | by a Contributor and that particular Contributor's Contribution. | ||
14 | |||
15 | 1.3. "Contribution" | ||
16 | means Covered Software of a particular Contributor. | ||
17 | |||
18 | 1.4. "Covered Software" | ||
19 | means Source Code Form to which the initial Contributor has attached | ||
20 | the notice in Exhibit A, the Executable Form of such Source Code | ||
21 | Form, and Modifications of such Source Code Form, in each case | ||
22 | including portions thereof. | ||
23 | |||
24 | 1.5. "Incompatible With Secondary Licenses" | ||
25 | means | ||
26 | |||
27 | (a) that the initial Contributor has attached the notice described | ||
28 | in Exhibit B to the Covered Software; or | ||
29 | |||
30 | (b) that the Covered Software was made available under the terms of | ||
31 | version 1.1 or earlier of the License, but not also under the | ||
32 | terms of a Secondary License. | ||
33 | |||
34 | 1.6. "Executable Form" | ||
35 | means any form of the work other than Source Code Form. | ||
36 | |||
37 | 1.7. "Larger Work" | ||
38 | means a work that combines Covered Software with other material, in | ||
39 | a separate file or files, that is not Covered Software. | ||
40 | |||
41 | 1.8. "License" | ||
42 | means this document. | ||
43 | |||
44 | 1.9. "Licensable" | ||
45 | means having the right to grant, to the maximum extent possible, | ||
46 | whether at the time of the initial grant or subsequently, any and | ||
47 | all of the rights conveyed by this License. | ||
48 | |||
49 | 1.10. "Modifications" | ||
50 | means any of the following: | ||
51 | |||
52 | (a) any file in Source Code Form that results from an addition to, | ||
53 | deletion from, or modification of the contents of Covered | ||
54 | Software; or | ||
55 | |||
56 | (b) any new file in Source Code Form that contains any Covered | ||
57 | Software. | ||
58 | |||
59 | 1.11. "Patent Claims" of a Contributor | ||
60 | means any patent claim(s), including without limitation, method, | ||
61 | process, and apparatus claims, in any patent Licensable by such | ||
62 | Contributor that would be infringed, but for the grant of the | ||
63 | License, by the making, using, selling, offering for sale, having | ||
64 | made, import, or transfer of either its Contributions or its | ||
65 | Contributor Version. | ||
66 | |||
67 | 1.12. "Secondary License" | ||
68 | means either the GNU General Public License, Version 2.0, the GNU | ||
69 | Lesser General Public License, Version 2.1, the GNU Affero General | ||
70 | Public License, Version 3.0, or any later versions of those | ||
71 | licenses. | ||
72 | |||
73 | 1.13. "Source Code Form" | ||
74 | means the form of the work preferred for making modifications. | ||
75 | |||
76 | 1.14. "You" (or "Your") | ||
77 | means an individual or a legal entity exercising rights under this | ||
78 | License. For legal entities, "You" includes any entity that | ||
79 | controls, is controlled by, or is under common control with You. For | ||
80 | purposes of this definition, "control" means (a) the power, direct | ||
81 | or indirect, to cause the direction or management of such entity, | ||
82 | whether by contract or otherwise, or (b) ownership of more than | ||
83 | fifty percent (50%) of the outstanding shares or beneficial | ||
84 | ownership of such entity. | ||
85 | |||
86 | 2. License Grants and Conditions | ||
87 | -------------------------------- | ||
88 | |||
89 | 2.1. Grants | ||
90 | |||
91 | Each Contributor hereby grants You a world-wide, royalty-free, | ||
92 | non-exclusive license: | ||
93 | |||
94 | (a) under intellectual property rights (other than patent or trademark) | ||
95 | Licensable by such Contributor to use, reproduce, make available, | ||
96 | modify, display, perform, distribute, and otherwise exploit its | ||
97 | Contributions, either on an unmodified basis, with Modifications, or | ||
98 | as part of a Larger Work; and | ||
99 | |||
100 | (b) under Patent Claims of such Contributor to make, use, sell, offer | ||
101 | for sale, have made, import, and otherwise transfer either its | ||
102 | Contributions or its Contributor Version. | ||
103 | |||
104 | 2.2. Effective Date | ||
105 | |||
106 | The licenses granted in Section 2.1 with respect to any Contribution | ||
107 | become effective for each Contribution on the date the Contributor first | ||
108 | distributes such Contribution. | ||
109 | |||
110 | 2.3. Limitations on Grant Scope | ||
111 | |||
112 | The licenses granted in this Section 2 are the only rights granted under | ||
113 | this License. No additional rights or licenses will be implied from the | ||
114 | distribution or licensing of Covered Software under this License. | ||
115 | Notwithstanding Section 2.1(b) above, no patent license is granted by a | ||
116 | Contributor: | ||
117 | |||
118 | (a) for any code that a Contributor has removed from Covered Software; | ||
119 | or | ||
120 | |||
121 | (b) for infringements caused by: (i) Your and any other third party's | ||
122 | modifications of Covered Software, or (ii) the combination of its | ||
123 | Contributions with other software (except as part of its Contributor | ||
124 | Version); or | ||
125 | |||
126 | (c) under Patent Claims infringed by Covered Software in the absence of | ||
127 | its Contributions. | ||
128 | |||
129 | This License does not grant any rights in the trademarks, service marks, | ||
130 | or logos of any Contributor (except as may be necessary to comply with | ||
131 | the notice requirements in Section 3.4). | ||
132 | |||
133 | 2.4. Subsequent Licenses | ||
134 | |||
135 | No Contributor makes additional grants as a result of Your choice to | ||
136 | distribute the Covered Software under a subsequent version of this | ||
137 | License (see Section 10.2) or under the terms of a Secondary License (if | ||
138 | permitted under the terms of Section 3.3). | ||
139 | |||
140 | 2.5. Representation | ||
141 | |||
142 | Each Contributor represents that the Contributor believes its | ||
143 | Contributions are its original creation(s) or it has sufficient rights | ||
144 | to grant the rights to its Contributions conveyed by this License. | ||
145 | |||
146 | 2.6. Fair Use | ||
147 | |||
148 | This License is not intended to limit any rights You have under | ||
149 | applicable copyright doctrines of fair use, fair dealing, or other | ||
150 | equivalents. | ||
151 | |||
152 | 2.7. Conditions | ||
153 | |||
154 | Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted | ||
155 | in Section 2.1. | ||
156 | |||
157 | 3. Responsibilities | ||
158 | ------------------- | ||
159 | |||
160 | 3.1. Distribution of Source Form | ||
161 | |||
162 | All distribution of Covered Software in Source Code Form, including any | ||
163 | Modifications that You create or to which You contribute, must be under | ||
164 | the terms of this License. You must inform recipients that the Source | ||
165 | Code Form of the Covered Software is governed by the terms of this | ||
166 | License, and how they can obtain a copy of this License. You may not | ||
167 | attempt to alter or restrict the recipients' rights in the Source Code | ||
168 | Form. | ||
169 | |||
170 | 3.2. Distribution of Executable Form | ||
171 | |||
172 | If You distribute Covered Software in Executable Form then: | ||
173 | |||
174 | (a) such Covered Software must also be made available in Source Code | ||
175 | Form, as described in Section 3.1, and You must inform recipients of | ||
176 | the Executable Form how they can obtain a copy of such Source Code | ||
177 | Form by reasonable means in a timely manner, at a charge no more | ||
178 | than the cost of distribution to the recipient; and | ||
179 | |||
180 | (b) You may distribute such Executable Form under the terms of this | ||
181 | License, or sublicense it under different terms, provided that the | ||
182 | license for the Executable Form does not attempt to limit or alter | ||
183 | the recipients' rights in the Source Code Form under this License. | ||
184 | |||
185 | 3.3. Distribution of a Larger Work | ||
186 | |||
187 | You may create and distribute a Larger Work under terms of Your choice, | ||
188 | provided that You also comply with the requirements of this License for | ||
189 | the Covered Software. If the Larger Work is a combination of Covered | ||
190 | Software with a work governed by one or more Secondary Licenses, and the | ||
191 | Covered Software is not Incompatible With Secondary Licenses, this | ||
192 | License permits You to additionally distribute such Covered Software | ||
193 | under the terms of such Secondary License(s), so that the recipient of | ||
194 | the Larger Work may, at their option, further distribute the Covered | ||
195 | Software under the terms of either this License or such Secondary | ||
196 | License(s). | ||
197 | |||
198 | 3.4. Notices | ||
199 | |||
200 | You may not remove or alter the substance of any license notices | ||
201 | (including copyright notices, patent notices, disclaimers of warranty, | ||
202 | or limitations of liability) contained within the Source Code Form of | ||
203 | the Covered Software, except that You may alter any license notices to | ||
204 | the extent required to remedy known factual inaccuracies. | ||
205 | |||
206 | 3.5. Application of Additional Terms | ||
207 | |||
208 | You may choose to offer, and to charge a fee for, warranty, support, | ||
209 | indemnity or liability obligations to one or more recipients of Covered | ||
210 | Software. However, You may do so only on Your own behalf, and not on | ||
211 | behalf of any Contributor. You must make it absolutely clear that any | ||
212 | such warranty, support, indemnity, or liability obligation is offered by | ||
213 | You alone, and You hereby agree to indemnify every Contributor for any | ||
214 | liability incurred by such Contributor as a result of warranty, support, | ||
215 | indemnity or liability terms You offer. You may include additional | ||
216 | disclaimers of warranty and limitations of liability specific to any | ||
217 | jurisdiction. | ||
218 | |||
219 | 4. Inability to Comply Due to Statute or Regulation | ||
220 | --------------------------------------------------- | ||
221 | |||
222 | If it is impossible for You to comply with any of the terms of this | ||
223 | License with respect to some or all of the Covered Software due to | ||
224 | statute, judicial order, or regulation then You must: (a) comply with | ||
225 | the terms of this License to the maximum extent possible; and (b) | ||
226 | describe the limitations and the code they affect. Such description must | ||
227 | be placed in a text file included with all distributions of the Covered | ||
228 | Software under this License. Except to the extent prohibited by statute | ||
229 | or regulation, such description must be sufficiently detailed for a | ||
230 | recipient of ordinary skill to be able to understand it. | ||
231 | |||
232 | 5. Termination | ||
233 | -------------- | ||
234 | |||
235 | 5.1. The rights granted under this License will terminate automatically | ||
236 | if You fail to comply with any of its terms. However, if You become | ||
237 | compliant, then the rights granted under this License from a particular | ||
238 | Contributor are reinstated (a) provisionally, unless and until such | ||
239 | Contributor explicitly and finally terminates Your grants, and (b) on an | ||
240 | ongoing basis, if such Contributor fails to notify You of the | ||
241 | non-compliance by some reasonable means prior to 60 days after You have | ||
242 | come back into compliance. Moreover, Your grants from a particular | ||
243 | Contributor are reinstated on an ongoing basis if such Contributor | ||
244 | notifies You of the non-compliance by some reasonable means, this is the | ||
245 | first time You have received notice of non-compliance with this License | ||
246 | from such Contributor, and You become compliant prior to 30 days after | ||
247 | Your receipt of the notice. | ||
248 | |||
249 | 5.2. If You initiate litigation against any entity by asserting a patent | ||
250 | infringement claim (excluding declaratory judgment actions, | ||
251 | counter-claims, and cross-claims) alleging that a Contributor Version | ||
252 | directly or indirectly infringes any patent, then the rights granted to | ||
253 | You by any and all Contributors for the Covered Software under Section | ||
254 | 2.1 of this License shall terminate. | ||
255 | |||
256 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all | ||
257 | end user license agreements (excluding distributors and resellers) which | ||
258 | have been validly granted by You or Your distributors under this License | ||
259 | prior to termination shall survive termination. | ||
260 | |||
261 | ************************************************************************ | ||
262 | * * | ||
263 | * 6. Disclaimer of Warranty * | ||
264 | * ------------------------- * | ||
265 | * * | ||
266 | * Covered Software is provided under this License on an "as is" * | ||
267 | * basis, without warranty of any kind, either expressed, implied, or * | ||
268 | * statutory, including, without limitation, warranties that the * | ||
269 | * Covered Software is free of defects, merchantable, fit for a * | ||
270 | * particular purpose or non-infringing. The entire risk as to the * | ||
271 | * quality and performance of the Covered Software is with You. * | ||
272 | * Should any Covered Software prove defective in any respect, You * | ||
273 | * (not any Contributor) assume the cost of any necessary servicing, * | ||
274 | * repair, or correction. This disclaimer of warranty constitutes an * | ||
275 | * essential part of this License. No use of any Covered Software is * | ||
276 | * authorized under this License except under this disclaimer. * | ||
277 | * * | ||
278 | ************************************************************************ | ||
279 | |||
280 | ************************************************************************ | ||
281 | * * | ||
282 | * 7. Limitation of Liability * | ||
283 | * -------------------------- * | ||
284 | * * | ||
285 | * Under no circumstances and under no legal theory, whether tort * | ||
286 | * (including negligence), contract, or otherwise, shall any * | ||
287 | * Contributor, or anyone who distributes Covered Software as * | ||
288 | * permitted above, be liable to You for any direct, indirect, * | ||
289 | * special, incidental, or consequential damages of any character * | ||
290 | * including, without limitation, damages for lost profits, loss of * | ||
291 | * goodwill, work stoppage, computer failure or malfunction, or any * | ||
292 | * and all other commercial damages or losses, even if such party * | ||
293 | * shall have been informed of the possibility of such damages. This * | ||
294 | * limitation of liability shall not apply to liability for death or * | ||
295 | * personal injury resulting from such party's negligence to the * | ||
296 | * extent applicable law prohibits such limitation. Some * | ||
297 | * jurisdictions do not allow the exclusion or limitation of * | ||
298 | * incidental or consequential damages, so this exclusion and * | ||
299 | * limitation may not apply to You. * | ||
300 | * * | ||
301 | ************************************************************************ | ||
302 | |||
303 | 8. Litigation | ||
304 | ------------- | ||
305 | |||
306 | Any litigation relating to this License may be brought only in the | ||
307 | courts of a jurisdiction where the defendant maintains its principal | ||
308 | place of business and such litigation shall be governed by laws of that | ||
309 | jurisdiction, without reference to its conflict-of-law provisions. | ||
310 | Nothing in this Section shall prevent a party's ability to bring | ||
311 | cross-claims or counter-claims. | ||
312 | |||
313 | 9. Miscellaneous | ||
314 | ---------------- | ||
315 | |||
316 | This License represents the complete agreement concerning the subject | ||
317 | matter hereof. If any provision of this License is held to be | ||
318 | unenforceable, such provision shall be reformed only to the extent | ||
319 | necessary to make it enforceable. Any law or regulation which provides | ||
320 | that the language of a contract shall be construed against the drafter | ||
321 | shall not be used to construe this License against a Contributor. | ||
322 | |||
323 | 10. Versions of the License | ||
324 | --------------------------- | ||
325 | |||
326 | 10.1. New Versions | ||
327 | |||
328 | Mozilla Foundation is the license steward. Except as provided in Section | ||
329 | 10.3, no one other than the license steward has the right to modify or | ||
330 | publish new versions of this License. Each version will be given a | ||
331 | distinguishing version number. | ||
332 | |||
333 | 10.2. Effect of New Versions | ||
334 | |||
335 | You may distribute the Covered Software under the terms of the version | ||
336 | of the License under which You originally received the Covered Software, | ||
337 | or under the terms of any subsequent version published by the license | ||
338 | steward. | ||
339 | |||
340 | 10.3. Modified Versions | ||
341 | |||
342 | If you create software not governed by this License, and you want to | ||
343 | create a new license for such software, you may create and use a | ||
344 | modified version of this License if you rename the license and remove | ||
345 | any references to the name of the license steward (except to note that | ||
346 | such modified license differs from this License). | ||
347 | |||
348 | 10.4. Distributing Source Code Form that is Incompatible With Secondary | ||
349 | Licenses | ||
350 | |||
351 | If You choose to distribute Source Code Form that is Incompatible With | ||
352 | Secondary Licenses under the terms of this version of the License, the | ||
353 | notice described in Exhibit B of this License must be attached. | ||
354 | |||
355 | Exhibit A - Source Code Form License Notice | ||
356 | ------------------------------------------- | ||
357 | |||
358 | This Source Code Form is subject to the terms of the Mozilla Public | ||
359 | License, v. 2.0. If a copy of the MPL was not distributed with this | ||
360 | file, You can obtain one at http://mozilla.org/MPL/2.0/. | ||
361 | |||
362 | If it is not possible or desirable to put the notice in a particular | ||
363 | file, then You may include the notice in a location (such as a LICENSE | ||
364 | file in a relevant directory) where a recipient would be likely to look | ||
365 | for such a notice. | ||
366 | |||
367 | You may add additional accurate notices of copyright ownership. | ||
368 | |||
369 | Exhibit B - "Incompatible With Secondary Licenses" Notice | ||
370 | --------------------------------------------------------- | ||
371 | |||
372 | This Source Code Form is "Incompatible With Secondary Licenses", as | ||
373 | defined by the Mozilla Public License, v. 2.0. | ||
diff --git a/meta-sota/recipes-sota/aktualizr/files/aktualizr-secondary.service b/meta-sota/recipes-sota/aktualizr/files/aktualizr-secondary.service new file mode 100644 index 0000000..a1e0e1b --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/files/aktualizr-secondary.service | |||
@@ -0,0 +1,9 @@ | |||
1 | [Unit] | ||
2 | Description=Aktualizr SOTA Client (UPTANE Secondary) | ||
3 | |||
4 | [Service] | ||
5 | RestartSec=10 | ||
6 | Restart=always | ||
7 | EnvironmentFile=-/etc/sota/sota.env | ||
8 | ExecStart=/usr/bin/aktualizr-secondary --config /usr/lib/sota/sota_secondary.toml | ||
9 | |||
diff --git a/meta-sota/recipes-sota/aktualizr/files/aktualizr-secondary.socket b/meta-sota/recipes-sota/aktualizr/files/aktualizr-secondary.socket new file mode 100644 index 0000000..da0ee44 --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/files/aktualizr-secondary.socket | |||
@@ -0,0 +1,6 @@ | |||
1 | [Socket] | ||
2 | ListenStream=9030 | ||
3 | ListenDatagram=9031 | ||
4 | |||
5 | [Install] | ||
6 | WantedBy=sockets.target \ No newline at end of file | ||
diff --git a/meta-sota/recipes-sota/aktualizr/files/aktualizr-serialcan.service b/meta-sota/recipes-sota/aktualizr/files/aktualizr-serialcan.service new file mode 100644 index 0000000..b42f348 --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/files/aktualizr-serialcan.service | |||
@@ -0,0 +1,15 @@ | |||
1 | [Unit] | ||
2 | Description=Aktualizr SOTA Client | ||
3 | Wants=network-online.target slcand@ttyACM0.service | ||
4 | After=network.target network-online.target slcand@ttyACM0.service | ||
5 | |||
6 | Requires=network-online.target | ||
7 | |||
8 | [Service] | ||
9 | RestartSec=10 | ||
10 | Restart=always | ||
11 | EnvironmentFile=/usr/lib/sota/sota.env | ||
12 | ExecStart=/bin/sh -c "(ip addr | grep can0) && /usr/bin/aktualizr $AKTUALIZR_CMDLINE_PARAMETERS" | ||
13 | |||
14 | [Install] | ||
15 | WantedBy=multi-user.target | ||
diff --git a/meta-sota/recipes-sota/aktualizr/files/aktualizr.service b/meta-sota/recipes-sota/aktualizr/files/aktualizr.service new file mode 100644 index 0000000..1c2e1df --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/files/aktualizr.service | |||
@@ -0,0 +1,15 @@ | |||
1 | [Unit] | ||
2 | Description=Aktualizr SOTA Client | ||
3 | Wants=network-online.target | ||
4 | After=network.target network-online.target | ||
5 | Requires=network-online.target | ||
6 | |||
7 | [Service] | ||
8 | RestartSec=10 | ||
9 | Restart=always | ||
10 | EnvironmentFile=/usr/lib/sota/sota.env | ||
11 | EnvironmentFile=-/etc/sota/sota.env | ||
12 | ExecStart=/usr/bin/aktualizr $AKTUALIZR_CMDLINE_PARAMETERS | ||
13 | |||
14 | [Install] | ||
15 | WantedBy=multi-user.target | ||
diff --git a/meta-sota/recipes-sota/aktualizr/files/ca.cnf b/meta-sota/recipes-sota/aktualizr/files/ca.cnf new file mode 100644 index 0000000..352ec38 --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/files/ca.cnf | |||
@@ -0,0 +1,10 @@ | |||
1 | [req] | ||
2 | req_extensions = cacert | ||
3 | distinguished_name = req_distinguished_name | ||
4 | |||
5 | [req_distinguished_name] | ||
6 | |||
7 | [cacert] | ||
8 | basicConstraints = critical,CA:true | ||
9 | keyUsage = keyCertSign | ||
10 | |||
diff --git a/meta-sota/recipes-sota/aktualizr/garage-sign-version.inc b/meta-sota/recipes-sota/aktualizr/garage-sign-version.inc new file mode 100644 index 0000000..66e3ffd --- /dev/null +++ b/meta-sota/recipes-sota/aktualizr/garage-sign-version.inc | |||
@@ -0,0 +1,23 @@ | |||
1 | |||
2 | python () { | ||
3 | if d.getVar("GARAGE_SIGN_VERSION", True) or not d.getVar("SOTA_PACKED_CREDENTIALS", True): | ||
4 | return | ||
5 | import json | ||
6 | import urllib.request | ||
7 | import zipfile | ||
8 | with zipfile.ZipFile(d.getVar("SOTA_PACKED_CREDENTIALS", True), 'r') as zip_ref: | ||
9 | try: | ||
10 | with zip_ref.open('tufrepo.url', mode='r') as url_file: | ||
11 | url = url_file.read().decode() + '/health/version' | ||
12 | except (KeyError, ValueError, RuntimeError): | ||
13 | return | ||
14 | r = urllib.request.urlopen(url) | ||
15 | if r.code != 200: | ||
16 | return | ||
17 | resp = r.read().decode('utf-8') | ||
18 | j = json.loads(resp) | ||
19 | version = 'cli-' + j['version'] + '.tgz' | ||
20 | d.setVar("GARAGE_SIGN_VERSION", version) | ||
21 | } | ||
22 | |||
23 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/recipes-sota/asn1c/asn1c.bb b/meta-sota/recipes-sota/asn1c/asn1c.bb new file mode 100644 index 0000000..9d1517d --- /dev/null +++ b/meta-sota/recipes-sota/asn1c/asn1c.bb | |||
@@ -0,0 +1,17 @@ | |||
1 | SUMMARY = "ASN.1 to C compiler" | ||
2 | DESCRIPTION = "Generates serialization routines from ASN.1 schemas" | ||
3 | HOMEPAGE = "http://lionet.info/asn1c" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "BSD" | ||
6 | LIC_FILES_CHKSUM = "file://LICENSE;md5=ee8bfaaa7d71cf3edb079475e6716d4b" | ||
7 | |||
8 | inherit autotools native | ||
9 | |||
10 | PV = "0.9.28" | ||
11 | SRC_URI = "https://github.com/vlm/asn1c/releases/download/v${PV}/asn1c-${PV}.tar.gz \ | ||
12 | file://skeletons_dir_fix.patch" | ||
13 | SRC_URI[sha256sum] = "8007440b647ef2dd9fb73d931c33ac11764e6afb2437dbe638bb4e5fc82386b9" | ||
14 | |||
15 | BBCLASSEXTEND = "native nativesdk" | ||
16 | |||
17 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/recipes-sota/asn1c/files/skeletons_dir_fix.patch b/meta-sota/recipes-sota/asn1c/files/skeletons_dir_fix.patch new file mode 100644 index 0000000..f1caa2f --- /dev/null +++ b/meta-sota/recipes-sota/asn1c/files/skeletons_dir_fix.patch | |||
@@ -0,0 +1,44 @@ | |||
1 | From 1a1c2c94f700cf0f4dc5dba863950b16477fdc6d Mon Sep 17 00:00:00 2001 | ||
2 | From: Laurent Bonnans <laurent.bonnans@here.com> | ||
3 | Date: Thu, 25 Jan 2018 09:49:41 +0100 | ||
4 | Subject: [PATCH] Patch the skeletons directory detection | ||
5 | |||
6 | Detect `share/asn1c` from `bin/` if it exists | ||
7 | --- | ||
8 | asn1c/asn1c.c | 9 ++++----- | ||
9 | 1 file changed, 4 insertions(+), 5 deletions(-) | ||
10 | |||
11 | diff --git a/asn1c/asn1c.c b/asn1c/asn1c.c | ||
12 | index eb1eff7c..dd9fc832 100644 | ||
13 | --- a/asn1c/asn1c.c | ||
14 | +++ b/asn1c/asn1c.c | ||
15 | @@ -226,22 +226,21 @@ main(int ac, char **av) { | ||
16 | if(skeletons_dir == NULL) { | ||
17 | struct stat sb; | ||
18 | skeletons_dir = DATADIR; | ||
19 | - if((av[-optind][0] == '.' || av[-optind][1] == '/') | ||
20 | - && stat(skeletons_dir, &sb)) { | ||
21 | + if(stat(skeletons_dir, &sb)) { | ||
22 | /* | ||
23 | * The default skeletons directory does not exist, | ||
24 | * compute it from my file name: | ||
25 | - * ./asn1c/asn1c -> ./skeletons | ||
26 | + * ./asn1c/asn1c -> ./share/asn1c | ||
27 | */ | ||
28 | char *p; | ||
29 | size_t len; | ||
30 | |||
31 | p = a1c_dirname(av[-optind]); | ||
32 | |||
33 | - len = strlen(p) + sizeof("/../skeletons"); | ||
34 | + len = strlen(p) + sizeof("/../share/asn1c"); | ||
35 | skeletons_dir = malloc(len); | ||
36 | assert(skeletons_dir); | ||
37 | - snprintf(skeletons_dir, len, "%s/../skeletons", p); | ||
38 | + snprintf(skeletons_dir, len, "%s/../share/asn1c", p); | ||
39 | if(stat(skeletons_dir, &sb)) { | ||
40 | fprintf(stderr, | ||
41 | "WARNING: skeletons are neither in " | ||
42 | -- | ||
43 | 2.15.1 | ||
44 | |||
diff --git a/meta-sota/recipes-sota/config/aktualizr-disable-send-ip.bb b/meta-sota/recipes-sota/config/aktualizr-disable-send-ip.bb new file mode 100644 index 0000000..cab7696 --- /dev/null +++ b/meta-sota/recipes-sota/config/aktualizr-disable-send-ip.bb | |||
@@ -0,0 +1,23 @@ | |||
1 | SUMMARY = "Disable IP reporting in Aktualizr" | ||
2 | DESCRIPTION = "Configures aktualizr to disable IP reporting to the server" | ||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "MPL-2.0" | ||
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | ||
7 | |||
8 | SRC_URI = " \ | ||
9 | file://LICENSE \ | ||
10 | file://30-disable-send-ip.toml \ | ||
11 | " | ||
12 | |||
13 | do_install_append () { | ||
14 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
15 | install -m 0644 ${WORKDIR}/30-disable-send-ip.toml ${D}${libdir}/sota/conf.d/30-disable-send-ip.toml | ||
16 | } | ||
17 | |||
18 | FILES_${PN} = " \ | ||
19 | ${libdir}/sota/conf.d/30-disable-send-ip.toml \ | ||
20 | " | ||
21 | |||
22 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
23 | |||
diff --git a/meta-sota/recipes-sota/config/aktualizr-example-interface.bb b/meta-sota/recipes-sota/config/aktualizr-example-interface.bb new file mode 100644 index 0000000..37a9184 --- /dev/null +++ b/meta-sota/recipes-sota/config/aktualizr-example-interface.bb | |||
@@ -0,0 +1,22 @@ | |||
1 | SUMMARY = "Aktualizr example interface" | ||
2 | DESCRIPTION = "Aktualizr example interface for legacy secondaries" | ||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "MPL-2.0" | ||
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | ||
7 | |||
8 | SRC_URI = " \ | ||
9 | file://LICENSE \ | ||
10 | file://30-example-interface.toml \ | ||
11 | " | ||
12 | |||
13 | do_install_append () { | ||
14 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
15 | install -m 0644 ${WORKDIR}/30-example-interface.toml ${D}${libdir}/sota/conf.d/30-example-interface.toml | ||
16 | } | ||
17 | |||
18 | FILES_${PN} = " \ | ||
19 | ${libdir}/sota/conf.d/30-example-interface.toml \ | ||
20 | " | ||
21 | |||
22 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/recipes-sota/config/aktualizr-log-debug.bb b/meta-sota/recipes-sota/config/aktualizr-log-debug.bb new file mode 100644 index 0000000..e628616 --- /dev/null +++ b/meta-sota/recipes-sota/config/aktualizr-log-debug.bb | |||
@@ -0,0 +1,23 @@ | |||
1 | SUMMARY = "Set debug logging in Aktualizr" | ||
2 | DESCRIPTION = "Configures aktualizr to log at a debugging level" | ||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "MPL-2.0" | ||
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | ||
7 | |||
8 | SRC_URI = " \ | ||
9 | file://LICENSE \ | ||
10 | file://05-log-debug.toml \ | ||
11 | " | ||
12 | |||
13 | do_install_append () { | ||
14 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
15 | install -m 0644 ${WORKDIR}/05-log-debug.toml ${D}${libdir}/sota/conf.d/05-log-debug.toml | ||
16 | } | ||
17 | |||
18 | FILES_${PN} = " \ | ||
19 | ${libdir}/sota/conf.d/05-log-debug.toml \ | ||
20 | " | ||
21 | |||
22 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
23 | |||
diff --git a/meta-sota/recipes-sota/config/files/05-log-debug.toml b/meta-sota/recipes-sota/config/files/05-log-debug.toml new file mode 100644 index 0000000..100a146 --- /dev/null +++ b/meta-sota/recipes-sota/config/files/05-log-debug.toml | |||
@@ -0,0 +1,2 @@ | |||
1 | [logger] | ||
2 | loglevel = 0 | ||
diff --git a/meta-sota/recipes-sota/config/files/30-disable-send-ip.toml b/meta-sota/recipes-sota/config/files/30-disable-send-ip.toml new file mode 100644 index 0000000..5cd5108 --- /dev/null +++ b/meta-sota/recipes-sota/config/files/30-disable-send-ip.toml | |||
@@ -0,0 +1,2 @@ | |||
1 | [telemetry] | ||
2 | report_network = false | ||
diff --git a/meta-sota/recipes-sota/config/files/30-example-interface.toml b/meta-sota/recipes-sota/config/files/30-example-interface.toml new file mode 100644 index 0000000..fc4e9ec --- /dev/null +++ b/meta-sota/recipes-sota/config/files/30-example-interface.toml | |||
@@ -0,0 +1,2 @@ | |||
1 | [uptane] | ||
2 | legacy_interface = "/usr/bin/example-interface" | ||
diff --git a/meta-sota/recipes-sota/config/files/LICENSE b/meta-sota/recipes-sota/config/files/LICENSE new file mode 100644 index 0000000..a612ad9 --- /dev/null +++ b/meta-sota/recipes-sota/config/files/LICENSE | |||
@@ -0,0 +1,373 @@ | |||
1 | Mozilla Public License Version 2.0 | ||
2 | ================================== | ||
3 | |||
4 | 1. Definitions | ||
5 | -------------- | ||
6 | |||
7 | 1.1. "Contributor" | ||
8 | means each individual or legal entity that creates, contributes to | ||
9 | the creation of, or owns Covered Software. | ||
10 | |||
11 | 1.2. "Contributor Version" | ||
12 | means the combination of the Contributions of others (if any) used | ||
13 | by a Contributor and that particular Contributor's Contribution. | ||
14 | |||
15 | 1.3. "Contribution" | ||
16 | means Covered Software of a particular Contributor. | ||
17 | |||
18 | 1.4. "Covered Software" | ||
19 | means Source Code Form to which the initial Contributor has attached | ||
20 | the notice in Exhibit A, the Executable Form of such Source Code | ||
21 | Form, and Modifications of such Source Code Form, in each case | ||
22 | including portions thereof. | ||
23 | |||
24 | 1.5. "Incompatible With Secondary Licenses" | ||
25 | means | ||
26 | |||
27 | (a) that the initial Contributor has attached the notice described | ||
28 | in Exhibit B to the Covered Software; or | ||
29 | |||
30 | (b) that the Covered Software was made available under the terms of | ||
31 | version 1.1 or earlier of the License, but not also under the | ||
32 | terms of a Secondary License. | ||
33 | |||
34 | 1.6. "Executable Form" | ||
35 | means any form of the work other than Source Code Form. | ||
36 | |||
37 | 1.7. "Larger Work" | ||
38 | means a work that combines Covered Software with other material, in | ||
39 | a separate file or files, that is not Covered Software. | ||
40 | |||
41 | 1.8. "License" | ||
42 | means this document. | ||
43 | |||
44 | 1.9. "Licensable" | ||
45 | means having the right to grant, to the maximum extent possible, | ||
46 | whether at the time of the initial grant or subsequently, any and | ||
47 | all of the rights conveyed by this License. | ||
48 | |||
49 | 1.10. "Modifications" | ||
50 | means any of the following: | ||
51 | |||
52 | (a) any file in Source Code Form that results from an addition to, | ||
53 | deletion from, or modification of the contents of Covered | ||
54 | Software; or | ||
55 | |||
56 | (b) any new file in Source Code Form that contains any Covered | ||
57 | Software. | ||
58 | |||
59 | 1.11. "Patent Claims" of a Contributor | ||
60 | means any patent claim(s), including without limitation, method, | ||
61 | process, and apparatus claims, in any patent Licensable by such | ||
62 | Contributor that would be infringed, but for the grant of the | ||
63 | License, by the making, using, selling, offering for sale, having | ||
64 | made, import, or transfer of either its Contributions or its | ||
65 | Contributor Version. | ||
66 | |||
67 | 1.12. "Secondary License" | ||
68 | means either the GNU General Public License, Version 2.0, the GNU | ||
69 | Lesser General Public License, Version 2.1, the GNU Affero General | ||
70 | Public License, Version 3.0, or any later versions of those | ||
71 | licenses. | ||
72 | |||
73 | 1.13. "Source Code Form" | ||
74 | means the form of the work preferred for making modifications. | ||
75 | |||
76 | 1.14. "You" (or "Your") | ||
77 | means an individual or a legal entity exercising rights under this | ||
78 | License. For legal entities, "You" includes any entity that | ||
79 | controls, is controlled by, or is under common control with You. For | ||
80 | purposes of this definition, "control" means (a) the power, direct | ||
81 | or indirect, to cause the direction or management of such entity, | ||
82 | whether by contract or otherwise, or (b) ownership of more than | ||
83 | fifty percent (50%) of the outstanding shares or beneficial | ||
84 | ownership of such entity. | ||
85 | |||
86 | 2. License Grants and Conditions | ||
87 | -------------------------------- | ||
88 | |||
89 | 2.1. Grants | ||
90 | |||
91 | Each Contributor hereby grants You a world-wide, royalty-free, | ||
92 | non-exclusive license: | ||
93 | |||
94 | (a) under intellectual property rights (other than patent or trademark) | ||
95 | Licensable by such Contributor to use, reproduce, make available, | ||
96 | modify, display, perform, distribute, and otherwise exploit its | ||
97 | Contributions, either on an unmodified basis, with Modifications, or | ||
98 | as part of a Larger Work; and | ||
99 | |||
100 | (b) under Patent Claims of such Contributor to make, use, sell, offer | ||
101 | for sale, have made, import, and otherwise transfer either its | ||
102 | Contributions or its Contributor Version. | ||
103 | |||
104 | 2.2. Effective Date | ||
105 | |||
106 | The licenses granted in Section 2.1 with respect to any Contribution | ||
107 | become effective for each Contribution on the date the Contributor first | ||
108 | distributes such Contribution. | ||
109 | |||
110 | 2.3. Limitations on Grant Scope | ||
111 | |||
112 | The licenses granted in this Section 2 are the only rights granted under | ||
113 | this License. No additional rights or licenses will be implied from the | ||
114 | distribution or licensing of Covered Software under this License. | ||
115 | Notwithstanding Section 2.1(b) above, no patent license is granted by a | ||
116 | Contributor: | ||
117 | |||
118 | (a) for any code that a Contributor has removed from Covered Software; | ||
119 | or | ||
120 | |||
121 | (b) for infringements caused by: (i) Your and any other third party's | ||
122 | modifications of Covered Software, or (ii) the combination of its | ||
123 | Contributions with other software (except as part of its Contributor | ||
124 | Version); or | ||
125 | |||
126 | (c) under Patent Claims infringed by Covered Software in the absence of | ||
127 | its Contributions. | ||
128 | |||
129 | This License does not grant any rights in the trademarks, service marks, | ||
130 | or logos of any Contributor (except as may be necessary to comply with | ||
131 | the notice requirements in Section 3.4). | ||
132 | |||
133 | 2.4. Subsequent Licenses | ||
134 | |||
135 | No Contributor makes additional grants as a result of Your choice to | ||
136 | distribute the Covered Software under a subsequent version of this | ||
137 | License (see Section 10.2) or under the terms of a Secondary License (if | ||
138 | permitted under the terms of Section 3.3). | ||
139 | |||
140 | 2.5. Representation | ||
141 | |||
142 | Each Contributor represents that the Contributor believes its | ||
143 | Contributions are its original creation(s) or it has sufficient rights | ||
144 | to grant the rights to its Contributions conveyed by this License. | ||
145 | |||
146 | 2.6. Fair Use | ||
147 | |||
148 | This License is not intended to limit any rights You have under | ||
149 | applicable copyright doctrines of fair use, fair dealing, or other | ||
150 | equivalents. | ||
151 | |||
152 | 2.7. Conditions | ||
153 | |||
154 | Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted | ||
155 | in Section 2.1. | ||
156 | |||
157 | 3. Responsibilities | ||
158 | ------------------- | ||
159 | |||
160 | 3.1. Distribution of Source Form | ||
161 | |||
162 | All distribution of Covered Software in Source Code Form, including any | ||
163 | Modifications that You create or to which You contribute, must be under | ||
164 | the terms of this License. You must inform recipients that the Source | ||
165 | Code Form of the Covered Software is governed by the terms of this | ||
166 | License, and how they can obtain a copy of this License. You may not | ||
167 | attempt to alter or restrict the recipients' rights in the Source Code | ||
168 | Form. | ||
169 | |||
170 | 3.2. Distribution of Executable Form | ||
171 | |||
172 | If You distribute Covered Software in Executable Form then: | ||
173 | |||
174 | (a) such Covered Software must also be made available in Source Code | ||
175 | Form, as described in Section 3.1, and You must inform recipients of | ||
176 | the Executable Form how they can obtain a copy of such Source Code | ||
177 | Form by reasonable means in a timely manner, at a charge no more | ||
178 | than the cost of distribution to the recipient; and | ||
179 | |||
180 | (b) You may distribute such Executable Form under the terms of this | ||
181 | License, or sublicense it under different terms, provided that the | ||
182 | license for the Executable Form does not attempt to limit or alter | ||
183 | the recipients' rights in the Source Code Form under this License. | ||
184 | |||
185 | 3.3. Distribution of a Larger Work | ||
186 | |||
187 | You may create and distribute a Larger Work under terms of Your choice, | ||
188 | provided that You also comply with the requirements of this License for | ||
189 | the Covered Software. If the Larger Work is a combination of Covered | ||
190 | Software with a work governed by one or more Secondary Licenses, and the | ||
191 | Covered Software is not Incompatible With Secondary Licenses, this | ||
192 | License permits You to additionally distribute such Covered Software | ||
193 | under the terms of such Secondary License(s), so that the recipient of | ||
194 | the Larger Work may, at their option, further distribute the Covered | ||
195 | Software under the terms of either this License or such Secondary | ||
196 | License(s). | ||
197 | |||
198 | 3.4. Notices | ||
199 | |||
200 | You may not remove or alter the substance of any license notices | ||
201 | (including copyright notices, patent notices, disclaimers of warranty, | ||
202 | or limitations of liability) contained within the Source Code Form of | ||
203 | the Covered Software, except that You may alter any license notices to | ||
204 | the extent required to remedy known factual inaccuracies. | ||
205 | |||
206 | 3.5. Application of Additional Terms | ||
207 | |||
208 | You may choose to offer, and to charge a fee for, warranty, support, | ||
209 | indemnity or liability obligations to one or more recipients of Covered | ||
210 | Software. However, You may do so only on Your own behalf, and not on | ||
211 | behalf of any Contributor. You must make it absolutely clear that any | ||
212 | such warranty, support, indemnity, or liability obligation is offered by | ||
213 | You alone, and You hereby agree to indemnify every Contributor for any | ||
214 | liability incurred by such Contributor as a result of warranty, support, | ||
215 | indemnity or liability terms You offer. You may include additional | ||
216 | disclaimers of warranty and limitations of liability specific to any | ||
217 | jurisdiction. | ||
218 | |||
219 | 4. Inability to Comply Due to Statute or Regulation | ||
220 | --------------------------------------------------- | ||
221 | |||
222 | If it is impossible for You to comply with any of the terms of this | ||
223 | License with respect to some or all of the Covered Software due to | ||
224 | statute, judicial order, or regulation then You must: (a) comply with | ||
225 | the terms of this License to the maximum extent possible; and (b) | ||
226 | describe the limitations and the code they affect. Such description must | ||
227 | be placed in a text file included with all distributions of the Covered | ||
228 | Software under this License. Except to the extent prohibited by statute | ||
229 | or regulation, such description must be sufficiently detailed for a | ||
230 | recipient of ordinary skill to be able to understand it. | ||
231 | |||
232 | 5. Termination | ||
233 | -------------- | ||
234 | |||
235 | 5.1. The rights granted under this License will terminate automatically | ||
236 | if You fail to comply with any of its terms. However, if You become | ||
237 | compliant, then the rights granted under this License from a particular | ||
238 | Contributor are reinstated (a) provisionally, unless and until such | ||
239 | Contributor explicitly and finally terminates Your grants, and (b) on an | ||
240 | ongoing basis, if such Contributor fails to notify You of the | ||
241 | non-compliance by some reasonable means prior to 60 days after You have | ||
242 | come back into compliance. Moreover, Your grants from a particular | ||
243 | Contributor are reinstated on an ongoing basis if such Contributor | ||
244 | notifies You of the non-compliance by some reasonable means, this is the | ||
245 | first time You have received notice of non-compliance with this License | ||
246 | from such Contributor, and You become compliant prior to 30 days after | ||
247 | Your receipt of the notice. | ||
248 | |||
249 | 5.2. If You initiate litigation against any entity by asserting a patent | ||
250 | infringement claim (excluding declaratory judgment actions, | ||
251 | counter-claims, and cross-claims) alleging that a Contributor Version | ||
252 | directly or indirectly infringes any patent, then the rights granted to | ||
253 | You by any and all Contributors for the Covered Software under Section | ||
254 | 2.1 of this License shall terminate. | ||
255 | |||
256 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all | ||
257 | end user license agreements (excluding distributors and resellers) which | ||
258 | have been validly granted by You or Your distributors under this License | ||
259 | prior to termination shall survive termination. | ||
260 | |||
261 | ************************************************************************ | ||
262 | * * | ||
263 | * 6. Disclaimer of Warranty * | ||
264 | * ------------------------- * | ||
265 | * * | ||
266 | * Covered Software is provided under this License on an "as is" * | ||
267 | * basis, without warranty of any kind, either expressed, implied, or * | ||
268 | * statutory, including, without limitation, warranties that the * | ||
269 | * Covered Software is free of defects, merchantable, fit for a * | ||
270 | * particular purpose or non-infringing. The entire risk as to the * | ||
271 | * quality and performance of the Covered Software is with You. * | ||
272 | * Should any Covered Software prove defective in any respect, You * | ||
273 | * (not any Contributor) assume the cost of any necessary servicing, * | ||
274 | * repair, or correction. This disclaimer of warranty constitutes an * | ||
275 | * essential part of this License. No use of any Covered Software is * | ||
276 | * authorized under this License except under this disclaimer. * | ||
277 | * * | ||
278 | ************************************************************************ | ||
279 | |||
280 | ************************************************************************ | ||
281 | * * | ||
282 | * 7. Limitation of Liability * | ||
283 | * -------------------------- * | ||
284 | * * | ||
285 | * Under no circumstances and under no legal theory, whether tort * | ||
286 | * (including negligence), contract, or otherwise, shall any * | ||
287 | * Contributor, or anyone who distributes Covered Software as * | ||
288 | * permitted above, be liable to You for any direct, indirect, * | ||
289 | * special, incidental, or consequential damages of any character * | ||
290 | * including, without limitation, damages for lost profits, loss of * | ||
291 | * goodwill, work stoppage, computer failure or malfunction, or any * | ||
292 | * and all other commercial damages or losses, even if such party * | ||
293 | * shall have been informed of the possibility of such damages. This * | ||
294 | * limitation of liability shall not apply to liability for death or * | ||
295 | * personal injury resulting from such party's negligence to the * | ||
296 | * extent applicable law prohibits such limitation. Some * | ||
297 | * jurisdictions do not allow the exclusion or limitation of * | ||
298 | * incidental or consequential damages, so this exclusion and * | ||
299 | * limitation may not apply to You. * | ||
300 | * * | ||
301 | ************************************************************************ | ||
302 | |||
303 | 8. Litigation | ||
304 | ------------- | ||
305 | |||
306 | Any litigation relating to this License may be brought only in the | ||
307 | courts of a jurisdiction where the defendant maintains its principal | ||
308 | place of business and such litigation shall be governed by laws of that | ||
309 | jurisdiction, without reference to its conflict-of-law provisions. | ||
310 | Nothing in this Section shall prevent a party's ability to bring | ||
311 | cross-claims or counter-claims. | ||
312 | |||
313 | 9. Miscellaneous | ||
314 | ---------------- | ||
315 | |||
316 | This License represents the complete agreement concerning the subject | ||
317 | matter hereof. If any provision of this License is held to be | ||
318 | unenforceable, such provision shall be reformed only to the extent | ||
319 | necessary to make it enforceable. Any law or regulation which provides | ||
320 | that the language of a contract shall be construed against the drafter | ||
321 | shall not be used to construe this License against a Contributor. | ||
322 | |||
323 | 10. Versions of the License | ||
324 | --------------------------- | ||
325 | |||
326 | 10.1. New Versions | ||
327 | |||
328 | Mozilla Foundation is the license steward. Except as provided in Section | ||
329 | 10.3, no one other than the license steward has the right to modify or | ||
330 | publish new versions of this License. Each version will be given a | ||
331 | distinguishing version number. | ||
332 | |||
333 | 10.2. Effect of New Versions | ||
334 | |||
335 | You may distribute the Covered Software under the terms of the version | ||
336 | of the License under which You originally received the Covered Software, | ||
337 | or under the terms of any subsequent version published by the license | ||
338 | steward. | ||
339 | |||
340 | 10.3. Modified Versions | ||
341 | |||
342 | If you create software not governed by this License, and you want to | ||
343 | create a new license for such software, you may create and use a | ||
344 | modified version of this License if you rename the license and remove | ||
345 | any references to the name of the license steward (except to note that | ||
346 | such modified license differs from this License). | ||
347 | |||
348 | 10.4. Distributing Source Code Form that is Incompatible With Secondary | ||
349 | Licenses | ||
350 | |||
351 | If You choose to distribute Source Code Form that is Incompatible With | ||
352 | Secondary Licenses under the terms of this version of the License, the | ||
353 | notice described in Exhibit B of this License must be attached. | ||
354 | |||
355 | Exhibit A - Source Code Form License Notice | ||
356 | ------------------------------------------- | ||
357 | |||
358 | This Source Code Form is subject to the terms of the Mozilla Public | ||
359 | License, v. 2.0. If a copy of the MPL was not distributed with this | ||
360 | file, You can obtain one at http://mozilla.org/MPL/2.0/. | ||
361 | |||
362 | If it is not possible or desirable to put the notice in a particular | ||
363 | file, then You may include the notice in a location (such as a LICENSE | ||
364 | file in a relevant directory) where a recipient would be likely to look | ||
365 | for such a notice. | ||
366 | |||
367 | You may add additional accurate notices of copyright ownership. | ||
368 | |||
369 | Exhibit B - "Incompatible With Secondary Licenses" Notice | ||
370 | --------------------------------------------------------- | ||
371 | |||
372 | This Source Code Form is "Incompatible With Secondary Licenses", as | ||
373 | defined by the Mozilla Public License, v. 2.0. | ||
diff --git a/meta-sota/recipes-sota/ostree-initrd/files/init.sh b/meta-sota/recipes-sota/ostree-initrd/files/init.sh new file mode 100644 index 0000000..d7e0429 --- /dev/null +++ b/meta-sota/recipes-sota/ostree-initrd/files/init.sh | |||
@@ -0,0 +1,85 @@ | |||
1 | #!/bin/sh | ||
2 | set -eu | ||
3 | |||
4 | # ------------------------------------------- | ||
5 | |||
6 | log_info() { echo "$0[$$]: $*" >&2; } | ||
7 | log_error() { echo "$0[$$]: ERROR $*" >&2; } | ||
8 | |||
9 | do_mount_fs() { | ||
10 | log_info "mounting FS: $*" | ||
11 | [[ -e /proc/filesystems ]] && { grep -q "$1" /proc/filesystems || { log_error "Unknown filesystem"; return 1; } } | ||
12 | [[ -d "$2" ]] || mkdir -p "$2" | ||
13 | [[ -e /proc/mounts ]] && { grep -q -e "^$1 $2 $1" /proc/mounts && { log_info "$2 ($1) already mounted"; return 0; } } | ||
14 | mount -t "$1" "$1" "$2" | ||
15 | } | ||
16 | |||
17 | bail_out() { | ||
18 | log_error "$@" | ||
19 | log_info "Rebooting..." | ||
20 | #exec reboot -f | ||
21 | exec sh | ||
22 | } | ||
23 | |||
24 | get_ostree_sysroot() { | ||
25 | for opt in $(cat /proc/cmdline); do | ||
26 | arg=$(echo "$opt" | cut -d'=' -f1) | ||
27 | if [ "$arg" == "ostree_root" ]; then | ||
28 | echo "$opt" | cut -d'=' -f2- | ||
29 | return | ||
30 | fi | ||
31 | done | ||
32 | echo "LABEL=otaroot" | ||
33 | } | ||
34 | |||
35 | export PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/lib/ostree | ||
36 | |||
37 | log_info "Starting OSTree initrd script" | ||
38 | |||
39 | do_mount_fs proc /proc | ||
40 | do_mount_fs sysfs /sys | ||
41 | do_mount_fs devtmpfs /dev | ||
42 | do_mount_fs devpts /dev/pts | ||
43 | do_mount_fs tmpfs /dev/shm | ||
44 | do_mount_fs tmpfs /tmp | ||
45 | do_mount_fs tmpfs /run | ||
46 | |||
47 | # check if smack is active (and if so, mount smackfs) | ||
48 | grep -q smackfs /proc/filesystems && { | ||
49 | do_mount_fs smackfs /sys/fs/smackfs | ||
50 | |||
51 | # adjust current label and network label | ||
52 | echo System >/proc/self/attr/current | ||
53 | echo System >/sys/fs/smackfs/ambient | ||
54 | } | ||
55 | |||
56 | mkdir -p /sysroot | ||
57 | ostree_sysroot=$(get_ostree_sysroot) | ||
58 | |||
59 | mount "$ostree_sysroot" /sysroot || { | ||
60 | # The SD card in the R-Car M3 takes a bit of time to come up | ||
61 | # Retry the mount if it fails the first time | ||
62 | log_info "Mounting $ostree_sysroot failed, waiting 5s for the device to be available..." | ||
63 | sleep 5 | ||
64 | mount "$ostree_sysroot" /sysroot || bail_out "Unable to mount $ostree_sysroot as physical sysroot" | ||
65 | } | ||
66 | ostree-prepare-root /sysroot | ||
67 | |||
68 | # move mounted devices to new root | ||
69 | cd /sysroot | ||
70 | for x in dev proc run; do | ||
71 | log_info "Moving /$x to new rootfs" | ||
72 | mount -o move "/$x" "$x" | ||
73 | done | ||
74 | |||
75 | # switch to new rootfs | ||
76 | log_info "Switching to new rootfs" | ||
77 | mkdir -p run/initramfs | ||
78 | |||
79 | pivot_root . run/initramfs || bail_out "pivot_root failed." | ||
80 | |||
81 | log_info "Launching target init" | ||
82 | |||
83 | exec chroot . sh -c 'umount /run/initramfs; exec /sbin/init' \ | ||
84 | <dev/console >dev/console 2>&1 | ||
85 | |||
diff --git a/meta-sota/recipes-sota/ostree-initrd/ostree-initrd.bb b/meta-sota/recipes-sota/ostree-initrd/ostree-initrd.bb new file mode 100644 index 0000000..6046c81 --- /dev/null +++ b/meta-sota/recipes-sota/ostree-initrd/ostree-initrd.bb | |||
@@ -0,0 +1,20 @@ | |||
1 | SUMMARY = "Extremely basic live image init script" | ||
2 | LICENSE = "MIT" | ||
3 | LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" | ||
4 | SRC_URI = "file://init.sh" | ||
5 | |||
6 | S = "${WORKDIR}" | ||
7 | |||
8 | PV = "3" | ||
9 | |||
10 | do_install() { | ||
11 | install -dm 0755 ${D}/etc | ||
12 | touch ${D}/etc/initrd-release | ||
13 | install -dm 0755 ${D}/dev | ||
14 | install -dm 0755 ${D}/sbin | ||
15 | install -m 0755 ${WORKDIR}/init.sh ${D}/sbin/init | ||
16 | } | ||
17 | |||
18 | inherit allarch | ||
19 | |||
20 | FILES_${PN} += " /dev /etc/initrd-release /sbin/init " | ||
diff --git a/meta-sota/recipes-sota/ostree/ostree_git.bb b/meta-sota/recipes-sota/ostree/ostree_git.bb new file mode 100644 index 0000000..cdcb485 --- /dev/null +++ b/meta-sota/recipes-sota/ostree/ostree_git.bb | |||
@@ -0,0 +1,92 @@ | |||
1 | SUMMARY = "Tool for managing bootable, immutable, versioned filesystem trees" | ||
2 | LICENSE = "GPLv2+" | ||
3 | LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2" | ||
4 | |||
5 | inherit autotools-brokensep pkgconfig systemd gobject-introspection | ||
6 | |||
7 | INHERIT_remove_class-native = "systemd" | ||
8 | |||
9 | SRC_URI = "gitsm://github.com/ostreedev/ostree.git;branch=master" | ||
10 | |||
11 | SRCREV="854a823e05d6fe8b610c02c2a71eaeb2bf1e98a6" | ||
12 | |||
13 | PV = "v2017.13" | ||
14 | PR = "1" | ||
15 | |||
16 | S = "${WORKDIR}/git" | ||
17 | |||
18 | BBCLASSEXTEND = "native" | ||
19 | |||
20 | DEPENDS += "attr libarchive glib-2.0 pkgconfig gpgme libgsystem fuse e2fsprogs gtk-doc-native curl xz" | ||
21 | DEPENDS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd', '', d)}" | ||
22 | DEPENDS_remove_class-native = "systemd-native" | ||
23 | |||
24 | RDEPENDS_${PN} = "util-linux-libuuid util-linux-libblkid util-linux-libmount libcap bash" | ||
25 | |||
26 | EXTRA_OECONF = "CFLAGS='-Wno-error=missing-prototypes' --with-libarchive --disable-gtk-doc --disable-gtk-doc-html --disable-gtk-doc-pdf --disable-man --with-smack --with-builtin-grub2-mkconfig --with-curl --without-soup" | ||
27 | EXTRA_OECONF_append_class-native = " --enable-wrpseudo-compat" | ||
28 | |||
29 | # Path to ${prefix}/lib/ostree/ostree-grub-generator is hardcoded on the | ||
30 | # do_configure stage so we do depend on it | ||
31 | SYSROOT_DIR = "${STAGING_DIR_TARGET}" | ||
32 | SYSROOT_DIR_class-native = "${STAGING_DIR_NATIVE}" | ||
33 | do_configure[vardeps] += "SYSROOT_DIR" | ||
34 | |||
35 | SYSTEMD_REQUIRED = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}" | ||
36 | SYSTEMD_REQUIRED_class-native = "" | ||
37 | |||
38 | SYSTEMD_SERVICE_${PN} = "ostree-prepare-root.service ostree-remount.service" | ||
39 | SYSTEMD_SERVICE_${PN}_class-native = "" | ||
40 | |||
41 | PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" | ||
42 | PACKAGECONFIG_class-native = "" | ||
43 | PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/ --with-dracut" | ||
44 | |||
45 | FILES_${PN} += "${libdir}/ostree/ ${libdir}/ostbuild" | ||
46 | |||
47 | export STAGING_INCDIR | ||
48 | export STAGING_LIBDIR | ||
49 | |||
50 | do_configure() { | ||
51 | unset docdir | ||
52 | NOCONFIGURE=1 ./autogen.sh | ||
53 | oe_runconf | ||
54 | } | ||
55 | |||
56 | do_compile_prepend() { | ||
57 | export BUILD_SYS="${BUILD_SYS}" | ||
58 | export HOST_SYS="${HOST_SYS}" | ||
59 | } | ||
60 | |||
61 | export SYSTEMD_REQUIRED | ||
62 | |||
63 | do_install_append() { | ||
64 | if [ -n ${SYSTEMD_REQUIRED} ]; then | ||
65 | install -m 0644 -D ${S}/src/boot/ostree-prepare-root.service ${D}${systemd_unitdir}/system/ostree-prepare-root.service | ||
66 | install -m 0644 -D ${S}/src/boot/ostree-remount.service ${D}${systemd_unitdir}/system/ostree-remount.service | ||
67 | fi | ||
68 | } | ||
69 | |||
70 | do_install_append_class-native() { | ||
71 | create_wrapper ${D}${bindir}/ostree OSTREE_GRUB2_EXEC="${STAGING_LIBDIR_NATIVE}/ostree/ostree-grub-generator" | ||
72 | } | ||
73 | |||
74 | |||
75 | FILES_${PN} += " \ | ||
76 | ${@'${systemd_unitdir}/system/' if d.getVar('SYSTEMD_REQUIRED', True) else ''} \ | ||
77 | ${@'${libdir}/dracut/modules.d/98ostree/module-setup.sh' if d.getVar('SYSTEMD_REQUIRED', True) else ''} \ | ||
78 | ${datadir}/gir-1.0 \ | ||
79 | ${datadir}/gir-1.0/OSTree-1.0.gir \ | ||
80 | ${libdir}/girepository-1.0 \ | ||
81 | ${libdir}/girepository-1.0/OSTree-1.0.typelib \ | ||
82 | ${libdir}/tmpfiles.d/ostree-tmpfiles.conf \ | ||
83 | ${datadir}/bash-completion/completions/ostree \ | ||
84 | ${systemd_unitdir}/system-generators/ostree-system-generator \ | ||
85 | " | ||
86 | |||
87 | PACKAGES =+ "${PN}-switchroot" | ||
88 | |||
89 | FILES_${PN}-switchroot = "${libdir}/ostree/ostree-prepare-root" | ||
90 | RDEPENDS_${PN}-switchroot = "" | ||
91 | DEPENDS_remove_class-native = "systemd-native" | ||
92 | |||
diff --git a/meta-sota/recipes-support/ca-certificates/ca-certificates_%.bbappend b/meta-sota/recipes-support/ca-certificates/ca-certificates_%.bbappend new file mode 100644 index 0000000..cc95a68 --- /dev/null +++ b/meta-sota/recipes-support/ca-certificates/ca-certificates_%.bbappend | |||
@@ -0,0 +1 @@ | |||
SYSROOT_DIRS += "${sysconfdir}" | |||
diff --git a/meta-sota/recipes-support/fuse/fuse_%.bbappend b/meta-sota/recipes-support/fuse/fuse_%.bbappend new file mode 100644 index 0000000..85bdf50 --- /dev/null +++ b/meta-sota/recipes-support/fuse/fuse_%.bbappend | |||
@@ -0,0 +1,3 @@ | |||
1 | BBCLASSEXTEND_append_sota = " native" | ||
2 | |||
3 | PACKAGES_append_class-native_sota = "${@bb.utils.contains('DISTRO_FEATURES', 'sota', ' fuse-utils-dbg-native fuse-utils-native libulockmgr-native libulockmgr-dev-native libulockmgr-dbg-native', ' ', d)}" | ||
diff --git a/meta-sota/recipes-support/gpgme/gpgme_%.bbappend b/meta-sota/recipes-support/gpgme/gpgme_%.bbappend new file mode 100644 index 0000000..fccb949 --- /dev/null +++ b/meta-sota/recipes-support/gpgme/gpgme_%.bbappend | |||
@@ -0,0 +1 @@ | |||
BBCLASSEXTEND_append_sota = " native" | |||
diff --git a/meta-sota/recipes-support/libgsystem/libgsystem_git.bb b/meta-sota/recipes-support/libgsystem/libgsystem_git.bb new file mode 100644 index 0000000..e2b362f --- /dev/null +++ b/meta-sota/recipes-support/libgsystem/libgsystem_git.bb | |||
@@ -0,0 +1,40 @@ | |||
1 | SUMMARY = "GIO-based library, targeted primarily for use by operating system components" | ||
2 | LICENSE = "GPLv2+" | ||
3 | LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2" | ||
4 | |||
5 | SRC_URI = "gitsm://github.com/GNOME/libgsystem.git" | ||
6 | SRCREV="d606bec68ddfea78de4b03c3f3568afb71bdc1ce" | ||
7 | |||
8 | S = "${WORKDIR}/git" | ||
9 | |||
10 | inherit autotools-brokensep gobject-introspection | ||
11 | |||
12 | DEPENDS += "attr glib-2.0 pkgconfig libcap gtk-doc-native gpgme" | ||
13 | RDEPENDS_${PN} = "xz " | ||
14 | RDEPENDS_${PN}_append = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd', '', d)}" | ||
15 | |||
16 | RDEPENDS_${PN}_remove_class-native = "systemd-native" | ||
17 | |||
18 | BBCLASSEXTEND = "native" | ||
19 | |||
20 | export STAGING_INCDIR | ||
21 | export STAGING_LIBDIR | ||
22 | |||
23 | do_configure() { | ||
24 | #NOCONFIGURE=true ./autogen.sh | ||
25 | autoreconf -vfi | ||
26 | oe_runconf | ||
27 | } | ||
28 | |||
29 | do_compile_prepend() { | ||
30 | export BUILD_SYS="${BUILD_SYS}" | ||
31 | export HOST_SYS="${HOST_SYS}" | ||
32 | } | ||
33 | |||
34 | FILES_${PN} += " \ | ||
35 | ${datadir} \ | ||
36 | ${datadir}/gir-1.0 \ | ||
37 | ${datadir}/gir-1.0/GSystem-1.0.gir \ | ||
38 | ${libdir}/girepository-1.0/ \ | ||
39 | ${libdir}/girepository-1.0/GSystem-1.0.typelib \ | ||
40 | " | ||
diff --git a/meta-sota/recipes-support/libp11/files/0001-Workaround-for-a-buggy-version-of-openssl-1.0.2m.patch b/meta-sota/recipes-support/libp11/files/0001-Workaround-for-a-buggy-version-of-openssl-1.0.2m.patch new file mode 100644 index 0000000..902352c --- /dev/null +++ b/meta-sota/recipes-support/libp11/files/0001-Workaround-for-a-buggy-version-of-openssl-1.0.2m.patch | |||
@@ -0,0 +1,42 @@ | |||
1 | From ccab5ce63dd5d3dbb4bd02998d21d34407e550f2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Anton Gerasimov <anton.gerasimov@here.com> | ||
3 | Date: Fri, 19 Jan 2018 12:44:27 +0100 | ||
4 | Subject: [PATCH] Workaround for a buggy version of openssl (1.0.2m) | ||
5 | |||
6 | --- | ||
7 | src/p11_pkey.c | 12 +++++++++--- | ||
8 | 1 file changed, 9 insertions(+), 3 deletions(-) | ||
9 | |||
10 | diff --git a/src/p11_pkey.c b/src/p11_pkey.c | ||
11 | index 45d5ad3..75625e6 100644 | ||
12 | --- a/src/p11_pkey.c | ||
13 | +++ b/src/p11_pkey.c | ||
14 | @@ -139,8 +139,14 @@ static void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src) | ||
15 | |||
16 | #endif | ||
17 | |||
18 | -#if OPENSSL_VERSION_NUMBER < 0x100020d0L || defined(LIBRESSL_VERSION_NUMBER) | ||
19 | -static void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth, | ||
20 | +#if OPENSSL_VERSION_NUMBER < 0x10002100L || defined(LIBRESSL_VERSION_NUMBER) | ||
21 | + | ||
22 | +# if (OPENSSL_VERSION_NUMBER & 0xFFFFFFF0) == 0x100020d0L | ||
23 | +# undef EVP_PKEY_meth_get_sign | ||
24 | +# undef EVP_PKEY_meth_get_decrypt | ||
25 | +# endif | ||
26 | + | ||
27 | +void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth, | ||
28 | int (**psign_init) (EVP_PKEY_CTX *ctx), | ||
29 | int (**psign) (EVP_PKEY_CTX *ctx, | ||
30 | unsigned char *sig, size_t *siglen, | ||
31 | @@ -152,7 +158,7 @@ static void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth, | ||
32 | *psign = pmeth->sign; | ||
33 | } | ||
34 | |||
35 | -static void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth, | ||
36 | +void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth, | ||
37 | int (**pdecrypt_init) (EVP_PKEY_CTX *ctx), | ||
38 | int (**pdecrypt) (EVP_PKEY_CTX *ctx, | ||
39 | unsigned char *out, | ||
40 | -- | ||
41 | 2.15.1 | ||
42 | |||
diff --git a/meta-sota/recipes-support/libp11/libp11_0.4.7.bb b/meta-sota/recipes-support/libp11/libp11_0.4.7.bb new file mode 100644 index 0000000..02d9e50 --- /dev/null +++ b/meta-sota/recipes-support/libp11/libp11_0.4.7.bb | |||
@@ -0,0 +1,39 @@ | |||
1 | SUMMARY = "Library for using PKCS" | ||
2 | DESCRIPTION = "\ | ||
3 | Libp11 is a library implementing a small layer on top of PKCS \ | ||
4 | make using PKCS" | ||
5 | HOMEPAGE = "http://www.opensc-project.org/libp11" | ||
6 | SECTION = "Development/Libraries" | ||
7 | LICENSE = "LGPLv2+" | ||
8 | LIC_FILES_CHKSUM = "file://COPYING;md5=fad9b3332be894bab9bc501572864b29" | ||
9 | DEPENDS = "libtool openssl" | ||
10 | RDEPENDS_${PN} += " opensc" | ||
11 | |||
12 | SRC_URI = "git://github.com/OpenSC/libp11.git \ | ||
13 | file://0001-Workaround-for-a-buggy-version-of-openssl-1.0.2m.patch" | ||
14 | SRCREV = "da725ab727342083478150a203a3c80c4551feb4" | ||
15 | |||
16 | S = "${WORKDIR}/git" | ||
17 | |||
18 | inherit autotools pkgconfig | ||
19 | |||
20 | # Currently, Makefile dependencies are incorrectly defined which causes build errors | ||
21 | # The number of jobs is high | ||
22 | # See https://github.com/OpenSC/libp11/issues/94 | ||
23 | PARALLEL_MAKE = "" | ||
24 | EXTRA_OECONF = "--disable-static" | ||
25 | |||
26 | do_install_append () { | ||
27 | rm -rf ${D}${libdir}/*.la | ||
28 | rm -rf ${D}${docdir}/${BPN} | ||
29 | } | ||
30 | |||
31 | FILES_${PN} = "${libdir}/engines/pkcs11.so \ | ||
32 | ${libdir}/engines/libpkcs11${SOLIBS} \ | ||
33 | ${libdir}/libp11${SOLIBS}" | ||
34 | |||
35 | FILES_${PN}-dev = " \ | ||
36 | ${libdir}/engines/libpkcs11${SOLIBSDEV} \ | ||
37 | ${libdir}/libp11${SOLIBSDEV} \ | ||
38 | ${libdir}/pkgconfig/libp11.pc \ | ||
39 | /usr/include" | ||
diff --git a/meta-sota/recipes-support/libssh2/libssh2_%.bbappend b/meta-sota/recipes-support/libssh2/libssh2_%.bbappend new file mode 100644 index 0000000..bebaf84 --- /dev/null +++ b/meta-sota/recipes-support/libssh2/libssh2_%.bbappend | |||
@@ -0,0 +1,2 @@ | |||
1 | # meta-oe/recipes-support/libssh2 | ||
2 | BBCLASSEXTEND_append_sota = " native" | ||
diff --git a/meta-sota/recipes-support/lshw/files/cross-compile.patch b/meta-sota/recipes-support/lshw/files/cross-compile.patch new file mode 100644 index 0000000..221b7e5 --- /dev/null +++ b/meta-sota/recipes-support/lshw/files/cross-compile.patch | |||
@@ -0,0 +1,39 @@ | |||
1 | --- | ||
2 | src/Makefile | 2 +- | ||
3 | src/core/Makefile | 2 +- | ||
4 | src/gui/Makefile | 4 ++-- | ||
5 | 3 files changed, 4 insertions(+), 4 deletions(-) | ||
6 | |||
7 | --- a/src/Makefile | ||
8 | +++ b/src/Makefile | ||
9 | @@ -18,7 +18,7 @@ export MANDIR | ||
10 | export DATADIR | ||
11 | export SQLITE | ||
12 | |||
13 | -CXX?=c++ | ||
14 | +CXX?=$(CROSS_COMPILE)c++ | ||
15 | INCLUDES=-I./core/ | ||
16 | DEFINES=-DPREFIX=\"$(PREFIX)\" -DSBINDIR=\"$(SBINDIR)\" -DMANDIR=\"$(MANDIR)\" -DDATADIR=\"$(DATADIR)\" | ||
17 | CXXFLAGS=-g -Wall -g $(INCLUDES) $(DEFINES) $(RPM_OPT_FLAGS) | ||
18 | --- a/src/core/Makefile | ||
19 | +++ b/src/core/Makefile | ||
20 | @@ -1,6 +1,6 @@ | ||
21 | PACKAGENAME?=lshw | ||
22 | |||
23 | -CXX=c++ | ||
24 | +CXX?=$(CROSS_COMPILE)c++ | ||
25 | INCLUDES= | ||
26 | DEFINES=-DPREFIX=\"$(PREFIX)\" -DSBINDIR=\"$(SBINDIR)\" -DMANDIR=\"$(MANDIR)\" -DDATADIR=\"$(DATADIR)\" | ||
27 | CXXFLAGS?=-g -Wall $(INCLUDES) $(DEFINES) $(RPM_OPT_FLAGS) | ||
28 | --- a/src/gui/Makefile | ||
29 | +++ b/src/gui/Makefile | ||
30 | @@ -1,7 +1,7 @@ | ||
31 | PACKAGENAME?=lshw | ||
32 | |||
33 | -CXX?=c++ | ||
34 | -CC?=cc | ||
35 | +CXX?=$(CROSS_COMPILE)c++ | ||
36 | +CC?=$(CROSS_COMPILE)cc | ||
37 | STRIP?=strip | ||
38 | OBJCOPY?=objcopy | ||
39 | |||
diff --git a/meta-sota/recipes-support/lshw/files/ldflags.patch b/meta-sota/recipes-support/lshw/files/ldflags.patch new file mode 100644 index 0000000..83e0410 --- /dev/null +++ b/meta-sota/recipes-support/lshw/files/ldflags.patch | |||
@@ -0,0 +1,42 @@ | |||
1 | diff -Naur /home/anton/lshw-old/src/Makefile lshw-B.02.16/src/Makefile | ||
2 | --- /home/anton/lshw-old/src/Makefile 2017-02-07 16:21:52.554738182 +0100 | ||
3 | +++ lshw-B.02.16/src/Makefile 2017-02-07 16:22:45.578588072 +0100 | ||
4 | @@ -25,9 +25,9 @@ | ||
5 | ifeq ($(SQLITE), 1) | ||
6 | CXXFLAGS+= -DSQLITE $(shell pkg-config --cflags sqlite3) | ||
7 | endif | ||
8 | -LDFLAGS=-L./core/ -g | ||
9 | +LDEXTRAS=-L./core/ -g | ||
10 | ifneq ($(shell $(LD) --help 2| grep -- --as-needed), ) | ||
11 | - LDFLAGS+= -Wl,--as-needed | ||
12 | + LDEXTRAS+= -Wl,--as-needed | ||
13 | endif | ||
14 | LDSTATIC=-static | ||
15 | LIBS=-llshw -lresolv | ||
16 | @@ -37,7 +37,7 @@ | ||
17 | |||
18 | export CXXFLAGS | ||
19 | export LIBS | ||
20 | -export LDFLAGS | ||
21 | +export LDEXTRAS | ||
22 | |||
23 | DATAFILES = pci.ids usb.ids oui.txt manuf.txt | ||
24 | |||
25 | @@ -51,7 +51,7 @@ | ||
26 | +make -C core all | ||
27 | |||
28 | $(PACKAGENAME): core $(PACKAGENAME).o | ||
29 | - $(CXX) $(LDFLAGS) -o $@ $(PACKAGENAME).o $(LIBS) | ||
30 | + $(CXX) $(LDFLAGS) ${LDEXTRAS} -o $@ $(PACKAGENAME).o $(LIBS) | ||
31 | |||
32 | .PHONY: po | ||
33 | po: | ||
34 | @@ -69,7 +69,7 @@ | ||
35 | static: $(PACKAGENAME)-static | ||
36 | |||
37 | $(PACKAGENAME)-static: core core/lib$(PACKAGENAME).a $(PACKAGENAME).o | ||
38 | - $(CXX) $(LDSTATIC) $(LDFLAGS) -o $@ $(PACKAGENAME).o $(LIBS) | ||
39 | + $(CXX) $(LDSTATIC) $(LDFLAGS) ${LDEXTRAS} -o $@ $(PACKAGENAME).o $(LIBS) | ||
40 | $(STRIP) $@ | ||
41 | |||
42 | .PHONY: compressed | ||
diff --git a/meta-sota/recipes-support/lshw/lshw_02.16.bb b/meta-sota/recipes-support/lshw/lshw_02.16.bb new file mode 100644 index 0000000..99901ff --- /dev/null +++ b/meta-sota/recipes-support/lshw/lshw_02.16.bb | |||
@@ -0,0 +1,36 @@ | |||
1 | # From meta-linaro | ||
2 | # http://git.linaro.org/openembedded/meta-linaro.git | ||
3 | |||
4 | DESCRIPTION = "A small tool to provide detailed information on the hardware \ | ||
5 | configuration of the machine. It can report exact memory configuration, \ | ||
6 | firmware version, mainboard configuration, CPU version and speed, cache \ | ||
7 | configuration, bus speed, etc. on DMI-capable or EFI systems." | ||
8 | SUMMARY = "Hardware lister" | ||
9 | HOMEPAGE = "http://ezix.org/project/wiki/HardwareLiSter" | ||
10 | SECTION = "console/tools" | ||
11 | LICENSE = "GPLv2+" | ||
12 | LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" | ||
13 | DEPENDS = "pciutils \ | ||
14 | usbutils" | ||
15 | COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" | ||
16 | |||
17 | SRC_URI="http://ezix.org/software/files/lshw-B.${PV}.tar.gz \ | ||
18 | file://cross-compile.patch \ | ||
19 | file://ldflags.patch \ | ||
20 | " | ||
21 | |||
22 | SRC_URI[md5sum] = "67479167add605e8f001097c30e96d0d" | ||
23 | SRC_URI[sha256sum] = "809882429555b93259785cc261dbff04c16c93d064db5f445a51945bc47157cb" | ||
24 | |||
25 | S="${WORKDIR}/lshw-B.${PV}" | ||
26 | |||
27 | do_compile() { | ||
28 | # build core only - don't ship gui | ||
29 | oe_runmake -C src core | ||
30 | } | ||
31 | |||
32 | do_install() { | ||
33 | oe_runmake install DESTDIR=${D} | ||
34 | # data files provided by dependencies | ||
35 | rm -rf ${D}/usr/share/lshw | ||
36 | } | ||
diff --git a/meta-sota/recipes-support/python-canonicaljson/python-canonicaljson.bb b/meta-sota/recipes-support/python-canonicaljson/python-canonicaljson.bb new file mode 100644 index 0000000..d8a0728 --- /dev/null +++ b/meta-sota/recipes-support/python-canonicaljson/python-canonicaljson.bb | |||
@@ -0,0 +1,18 @@ | |||
1 | DESCRIPTION = "python-canonicaljson recipe" | ||
2 | |||
3 | LICENSE = "Apache-2.0" | ||
4 | LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=2ee41112a44fe7014dce33e26468ba93" | ||
5 | |||
6 | SRCREV = "92e2c06871cc275c2a8b8e3e899141a212aae0e8" | ||
7 | SRC_URI = "git://github.com/matrix-org/python-canonicaljson.git" | ||
8 | S = "${WORKDIR}/git" | ||
9 | |||
10 | # Generate with: | ||
11 | # git describe --tags | cut -b2- | ||
12 | PV = "1.0.0" | ||
13 | inherit setuptools | ||
14 | |||
15 | RDEPENDS_${PN} = "\ | ||
16 | python-simplejson \ | ||
17 | python-frozendict \ | ||
18 | " | ||
diff --git a/meta-sota/recipes-support/python-frozendict/python-frozendict.bb b/meta-sota/recipes-support/python-frozendict/python-frozendict.bb new file mode 100644 index 0000000..79fe5c8 --- /dev/null +++ b/meta-sota/recipes-support/python-frozendict/python-frozendict.bb | |||
@@ -0,0 +1,12 @@ | |||
1 | DESCRIPTION = "python-frozendict recipe" | ||
2 | |||
3 | LICENSE = "BSD" | ||
4 | LIC_FILES_CHKSUM = "file://${S}/LICENSE.txt;md5=f4da037a49c09b456fdbbc7a5bd36132" | ||
5 | |||
6 | SRCREV = "c5d16bafcca7b72ff3e8f40d3a9081e4c9233f1b" | ||
7 | SRC_URI = "git://github.com/slezica/python-frozendict.git" | ||
8 | S = "${WORKDIR}/git" | ||
9 | |||
10 | PV = "1.2" | ||
11 | inherit setuptools | ||
12 | |||
diff --git a/meta-sota/recipes-support/python-petname/python-petname.bb b/meta-sota/recipes-support/python-petname/python-petname.bb new file mode 100644 index 0000000..9abd5d9 --- /dev/null +++ b/meta-sota/recipes-support/python-petname/python-petname.bb | |||
@@ -0,0 +1,16 @@ | |||
1 | DESCRIPTION = "python-petname recipe" | ||
2 | |||
3 | LICENSE = "Apache-2.0" | ||
4 | LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" | ||
5 | |||
6 | SRCREV = "d0b767cdb1567defb104f29c3fd022239a7f231e" | ||
7 | SRC_URI = "git://github.com/dustinkirkland/python-petname.git" | ||
8 | S = "${WORKDIR}/git" | ||
9 | |||
10 | PV = "2.2" | ||
11 | inherit setuptools | ||
12 | RDEPENDS_${PN} = " python-setuptools \ | ||
13 | python-argparse \ | ||
14 | " | ||
15 | |||
16 | FILES_${PN} = "${libdir} ${bindir}/petname" | ||
diff --git a/meta-sota/recipes-support/sc-hsm-embedded/files/0001-Cross-compilation-tweaks.patch b/meta-sota/recipes-support/sc-hsm-embedded/files/0001-Cross-compilation-tweaks.patch new file mode 100644 index 0000000..b3a7622 --- /dev/null +++ b/meta-sota/recipes-support/sc-hsm-embedded/files/0001-Cross-compilation-tweaks.patch | |||
@@ -0,0 +1,86 @@ | |||
1 | From b6add28acb884b6006216e8422cc18504483c72e Mon Sep 17 00:00:00 2001 | ||
2 | From: Anton Gerasimov <anton@advancedtelematic.com> | ||
3 | Date: Fri, 8 Sep 2017 15:08:40 +0200 | ||
4 | Subject: [PATCH] Cross-compilation tweaks | ||
5 | |||
6 | --- | ||
7 | m4/acx_openssl.m4 | 2 ++ | ||
8 | m4/acx_openssl_ecc.m4 | 3 +++ | ||
9 | m4/acx_openssl_fips.m4 | 2 ++ | ||
10 | m4/acx_openssl_gost.m4 | 2 ++ | ||
11 | 4 files changed, 9 insertions(+) | ||
12 | |||
13 | diff --git a/m4/acx_openssl.m4 b/m4/acx_openssl.m4 | ||
14 | index e90c78f..9de6055 100644 | ||
15 | --- a/m4/acx_openssl.m4 | ||
16 | +++ b/m4/acx_openssl.m4 | ||
17 | @@ -25,6 +25,7 @@ AC_DEFUN([ACX_OPENSSL],[ | ||
18 | AC_CHECK_HEADERS([openssl/ssl.h],,[AC_MSG_ERROR([Can't find OpenSSL headers])]) | ||
19 | AC_CHECK_LIB(crypto, BN_new,,[AC_MSG_ERROR([Can't find OpenSSL library])]) | ||
20 | |||
21 | + if test "$cross_compiling" != yes; then | ||
22 | AC_MSG_CHECKING([for OpenSSL version]) | ||
23 | CHECK_OPENSSL_VERSION=m4_format(0x%02x%02x%02x000L, $1, $2, $3) | ||
24 | AC_LANG_PUSH([C]) | ||
25 | @@ -51,6 +52,7 @@ AC_DEFUN([ACX_OPENSSL],[ | ||
26 | AC_MSG_ERROR([OpenSSL library too old ($1.$2.$3 or later required)]) | ||
27 | ],[]) | ||
28 | AC_LANG_POP([C]) | ||
29 | + fi | ||
30 | |||
31 | CPPFLAGS=$tmp_CPPFLAGS | ||
32 | LIBS=$tmp_LIBS | ||
33 | diff --git a/m4/acx_openssl_ecc.m4 b/m4/acx_openssl_ecc.m4 | ||
34 | index 612c505..ba2389d 100644 | ||
35 | --- a/m4/acx_openssl_ecc.m4 | ||
36 | +++ b/m4/acx_openssl_ecc.m4 | ||
37 | @@ -1,4 +1,5 @@ | ||
38 | AC_DEFUN([ACX_OPENSSL_ECC],[ | ||
39 | + if test "$cross_compiling" != yes; then | ||
40 | AC_MSG_CHECKING(for OpenSSL ECC support) | ||
41 | |||
42 | tmp_CPPFLAGS=$CPPFLAGS | ||
43 | @@ -32,6 +33,8 @@ AC_DEFUN([ACX_OPENSSL_ECC],[ | ||
44 | ],[]) | ||
45 | AC_LANG_POP([C]) | ||
46 | |||
47 | + fi | ||
48 | + | ||
49 | CPPFLAGS=$tmp_CPPFLAGS | ||
50 | LIBS=$tmp_LIBS | ||
51 | ]) | ||
52 | diff --git a/m4/acx_openssl_fips.m4 b/m4/acx_openssl_fips.m4 | ||
53 | index 0491397..896cdbf 100644 | ||
54 | --- a/m4/acx_openssl_fips.m4 | ||
55 | +++ b/m4/acx_openssl_fips.m4 | ||
56 | @@ -1,4 +1,5 @@ | ||
57 | AC_DEFUN([ACX_OPENSSL_FIPS],[ | ||
58 | + if test "$cross_compiling" != yes; then | ||
59 | AC_MSG_CHECKING(for OpenSSL FIPS capable library) | ||
60 | |||
61 | tmp_CPPFLAGS=$CPPFLAGS | ||
62 | @@ -47,4 +48,5 @@ AC_DEFUN([ACX_OPENSSL_FIPS],[ | ||
63 | |||
64 | CPPFLAGS=$tmp_CPPFLAGS | ||
65 | LIBS=$tmp_LIBS | ||
66 | + fi | ||
67 | ]) | ||
68 | diff --git a/m4/acx_openssl_gost.m4 b/m4/acx_openssl_gost.m4 | ||
69 | index dca489b..34c39d8 100644 | ||
70 | --- a/m4/acx_openssl_gost.m4 | ||
71 | +++ b/m4/acx_openssl_gost.m4 | ||
72 | @@ -1,4 +1,5 @@ | ||
73 | AC_DEFUN([ACX_OPENSSL_GOST],[ | ||
74 | + if test "$cross_compiling" != yes; then | ||
75 | AC_MSG_CHECKING(for OpenSSL GOST support) | ||
76 | |||
77 | tmp_CPPFLAGS=$CPPFLAGS | ||
78 | @@ -62,4 +63,5 @@ AC_DEFUN([ACX_OPENSSL_GOST],[ | ||
79 | |||
80 | CPPFLAGS=$tmp_CPPFLAGS | ||
81 | LIBS=$tmp_LIBS | ||
82 | + fi | ||
83 | ]) | ||
84 | -- | ||
85 | 2.7.4 | ||
86 | |||
diff --git a/meta-sota/recipes-support/sc-hsm-embedded/sc-hsm-embedded_git.bb b/meta-sota/recipes-support/sc-hsm-embedded/sc-hsm-embedded_git.bb new file mode 100644 index 0000000..062d514 --- /dev/null +++ b/meta-sota/recipes-support/sc-hsm-embedded/sc-hsm-embedded_git.bb | |||
@@ -0,0 +1,22 @@ | |||
1 | SUMMARY = "Smartcard HSM driver" | ||
2 | LICENSE = "BSD" | ||
3 | LIC_FILES_CHKSUM = "file://COPYING;md5=55b854a477953696452f698a3af5de1c" | ||
4 | |||
5 | inherit autotools-brokensep | ||
6 | |||
7 | |||
8 | SRC_URI = "git://github.com/CardContact/sc-hsm-embedded.git;branch=master" | ||
9 | SRCREV="a45155d4249575ebdfb16ff26fdedbc4c4813002" | ||
10 | |||
11 | S = "${WORKDIR}/git" | ||
12 | |||
13 | DEPENDS += " openssl pcsc-lite" | ||
14 | |||
15 | do_configure() { | ||
16 | autoreconf -fi | ||
17 | oe_runconf | ||
18 | } | ||
19 | |||
20 | FILES_${PN} += "${libdir}" | ||
21 | FILES_SOLIBSDEV = "" | ||
22 | |||
diff --git a/meta-sota/recipes-support/slcand-start/files/slcand@.service b/meta-sota/recipes-support/slcand-start/files/slcand@.service new file mode 100644 index 0000000..c539568 --- /dev/null +++ b/meta-sota/recipes-support/slcand-start/files/slcand@.service | |||
@@ -0,0 +1,8 @@ | |||
1 | [Unit] | ||
2 | Description=Serial CAN daemon (can-utils) | ||
3 | |||
4 | [Service] | ||
5 | Type=forking | ||
6 | ExecStart=/usr/bin/slcand -o -c -s4 %I can0 | ||
7 | ExecStartPost=/bin/sh -c '/bin/sleep 3; /sbin/ip link set can0 up' | ||
8 | |||
diff --git a/meta-sota/recipes-support/slcand-start/slcand-start.bb b/meta-sota/recipes-support/slcand-start/slcand-start.bb new file mode 100644 index 0000000..dfefaea --- /dev/null +++ b/meta-sota/recipes-support/slcand-start/slcand-start.bb | |||
@@ -0,0 +1,21 @@ | |||
1 | SUMMARY = "Mock smartcard for aktualizr" | ||
2 | LICENSE = "MIT" | ||
3 | LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ | ||
4 | file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" | ||
5 | |||
6 | |||
7 | inherit systemd | ||
8 | |||
9 | RDEPENDS_${PN} = "can-utils" | ||
10 | |||
11 | SRC_URI = "file://slcand@.service" | ||
12 | |||
13 | SYSTEMD_SERVICE_${PN} = "slcand@.service" | ||
14 | |||
15 | do_install() { | ||
16 | install -d ${D}${systemd_unitdir}/system | ||
17 | install -m 0644 ${WORKDIR}/slcand@.service ${D}${systemd_unitdir}/system/slcand@.service | ||
18 | } | ||
19 | |||
20 | FILES_${PN} = "${systemd_unitdir}/system/createtoken.service" | ||
21 | |||
diff --git a/meta-sota/recipes-support/softhsm-testtoken/files/createtoken.service b/meta-sota/recipes-support/softhsm-testtoken/files/createtoken.service new file mode 100644 index 0000000..23317b9 --- /dev/null +++ b/meta-sota/recipes-support/softhsm-testtoken/files/createtoken.service | |||
@@ -0,0 +1,12 @@ | |||
1 | [Unit] | ||
2 | Description=Create a mock smartcard for testing | ||
3 | Before=aktualizr.service | ||
4 | RequiredBy=aktualizr.service | ||
5 | |||
6 | [Service] | ||
7 | RestartSec=10 | ||
8 | Restart=on-failure | ||
9 | ExecStart=/usr/bin/createtoken.sh | ||
10 | |||
11 | [Install] | ||
12 | WantedBy=aktualizr.service | ||
diff --git a/meta-sota/recipes-support/softhsm-testtoken/files/createtoken.sh b/meta-sota/recipes-support/softhsm-testtoken/files/createtoken.sh new file mode 100644 index 0000000..b01db47 --- /dev/null +++ b/meta-sota/recipes-support/softhsm-testtoken/files/createtoken.sh | |||
@@ -0,0 +1,26 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | if pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so -O; then | ||
4 | # The token has already been initialized, exit | ||
5 | exit 0 | ||
6 | fi | ||
7 | |||
8 | if ! ls /var/sota/token/pkey.pem /var/sota/token/client.pem /var/sota/token/pkey.pem; then | ||
9 | # Key/certificate pair is not present, repeat | ||
10 | exit 1 | ||
11 | fi | ||
12 | |||
13 | mkdir -p /var/lib/softhsm/tokens | ||
14 | softhsm2-util --init-token --slot 0 --label "Virtual token" --pin 1234 --so-pin 1234 | ||
15 | |||
16 | softhsm2-util --import /var/sota/token/pkey.pem --label "pkey" --id 02 --token 'Virtual token' --pin 1234 | ||
17 | openssl x509 -outform der -in /var/sota/token/client.pem -out /var/sota/token/client.der | ||
18 | pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --id 1 --write-object /var/sota/token/client.der --type cert --login --pin 1234 | ||
19 | |||
20 | # Import UPTANE keypair if it exists | ||
21 | if [ -f /var/sota/token/ecukey.pem ]; then | ||
22 | openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /var/sota/token/ecukey.pem -out /var/sota/token/ecukey.p8 | ||
23 | softhsm2-util --import /var/sota/token/ecukey.p8 --label "uptanekey" --id 03 --token 'Virtual token' --pin 1234 | ||
24 | fi | ||
25 | |||
26 | exit 0 | ||
diff --git a/meta-sota/recipes-support/softhsm-testtoken/softhsm-testtoken.bb b/meta-sota/recipes-support/softhsm-testtoken/softhsm-testtoken.bb new file mode 100644 index 0000000..c5691db --- /dev/null +++ b/meta-sota/recipes-support/softhsm-testtoken/softhsm-testtoken.bb | |||
@@ -0,0 +1,27 @@ | |||
1 | SUMMARY = "Mock smartcard for aktualizr" | ||
2 | LICENSE = "MIT" | ||
3 | LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ | ||
4 | file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" | ||
5 | |||
6 | |||
7 | inherit systemd | ||
8 | |||
9 | RDEPENDS_${PN} = "softhsm libp11" | ||
10 | DEPENDS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd', '', d)}" | ||
11 | |||
12 | |||
13 | SRC_URI = "file://createtoken.service \ | ||
14 | file://createtoken.sh" | ||
15 | |||
16 | SYSTEMD_SERVICE_${PN} = "createtoken.service" | ||
17 | |||
18 | do_install() { | ||
19 | install -d ${D}${systemd_unitdir}/system | ||
20 | install -m 0644 ${WORKDIR}/createtoken.service ${D}${systemd_unitdir}/system/createtoken.service | ||
21 | install -d ${D}${bindir} | ||
22 | install -m 0744 ${WORKDIR}/createtoken.sh ${D}${bindir}/createtoken.sh | ||
23 | } | ||
24 | |||
25 | FILES_${PN} = "${bindir}/createtoken.sh \ | ||
26 | ${systemd_unitdir}/system/createtoken.service" | ||
27 | |||
diff --git a/meta-sota/recipes-support/softhsm/files/0001-Cross-compilation-tweaks.patch b/meta-sota/recipes-support/softhsm/files/0001-Cross-compilation-tweaks.patch new file mode 100644 index 0000000..b3a7622 --- /dev/null +++ b/meta-sota/recipes-support/softhsm/files/0001-Cross-compilation-tweaks.patch | |||
@@ -0,0 +1,86 @@ | |||
1 | From b6add28acb884b6006216e8422cc18504483c72e Mon Sep 17 00:00:00 2001 | ||
2 | From: Anton Gerasimov <anton@advancedtelematic.com> | ||
3 | Date: Fri, 8 Sep 2017 15:08:40 +0200 | ||
4 | Subject: [PATCH] Cross-compilation tweaks | ||
5 | |||
6 | --- | ||
7 | m4/acx_openssl.m4 | 2 ++ | ||
8 | m4/acx_openssl_ecc.m4 | 3 +++ | ||
9 | m4/acx_openssl_fips.m4 | 2 ++ | ||
10 | m4/acx_openssl_gost.m4 | 2 ++ | ||
11 | 4 files changed, 9 insertions(+) | ||
12 | |||
13 | diff --git a/m4/acx_openssl.m4 b/m4/acx_openssl.m4 | ||
14 | index e90c78f..9de6055 100644 | ||
15 | --- a/m4/acx_openssl.m4 | ||
16 | +++ b/m4/acx_openssl.m4 | ||
17 | @@ -25,6 +25,7 @@ AC_DEFUN([ACX_OPENSSL],[ | ||
18 | AC_CHECK_HEADERS([openssl/ssl.h],,[AC_MSG_ERROR([Can't find OpenSSL headers])]) | ||
19 | AC_CHECK_LIB(crypto, BN_new,,[AC_MSG_ERROR([Can't find OpenSSL library])]) | ||
20 | |||
21 | + if test "$cross_compiling" != yes; then | ||
22 | AC_MSG_CHECKING([for OpenSSL version]) | ||
23 | CHECK_OPENSSL_VERSION=m4_format(0x%02x%02x%02x000L, $1, $2, $3) | ||
24 | AC_LANG_PUSH([C]) | ||
25 | @@ -51,6 +52,7 @@ AC_DEFUN([ACX_OPENSSL],[ | ||
26 | AC_MSG_ERROR([OpenSSL library too old ($1.$2.$3 or later required)]) | ||
27 | ],[]) | ||
28 | AC_LANG_POP([C]) | ||
29 | + fi | ||
30 | |||
31 | CPPFLAGS=$tmp_CPPFLAGS | ||
32 | LIBS=$tmp_LIBS | ||
33 | diff --git a/m4/acx_openssl_ecc.m4 b/m4/acx_openssl_ecc.m4 | ||
34 | index 612c505..ba2389d 100644 | ||
35 | --- a/m4/acx_openssl_ecc.m4 | ||
36 | +++ b/m4/acx_openssl_ecc.m4 | ||
37 | @@ -1,4 +1,5 @@ | ||
38 | AC_DEFUN([ACX_OPENSSL_ECC],[ | ||
39 | + if test "$cross_compiling" != yes; then | ||
40 | AC_MSG_CHECKING(for OpenSSL ECC support) | ||
41 | |||
42 | tmp_CPPFLAGS=$CPPFLAGS | ||
43 | @@ -32,6 +33,8 @@ AC_DEFUN([ACX_OPENSSL_ECC],[ | ||
44 | ],[]) | ||
45 | AC_LANG_POP([C]) | ||
46 | |||
47 | + fi | ||
48 | + | ||
49 | CPPFLAGS=$tmp_CPPFLAGS | ||
50 | LIBS=$tmp_LIBS | ||
51 | ]) | ||
52 | diff --git a/m4/acx_openssl_fips.m4 b/m4/acx_openssl_fips.m4 | ||
53 | index 0491397..896cdbf 100644 | ||
54 | --- a/m4/acx_openssl_fips.m4 | ||
55 | +++ b/m4/acx_openssl_fips.m4 | ||
56 | @@ -1,4 +1,5 @@ | ||
57 | AC_DEFUN([ACX_OPENSSL_FIPS],[ | ||
58 | + if test "$cross_compiling" != yes; then | ||
59 | AC_MSG_CHECKING(for OpenSSL FIPS capable library) | ||
60 | |||
61 | tmp_CPPFLAGS=$CPPFLAGS | ||
62 | @@ -47,4 +48,5 @@ AC_DEFUN([ACX_OPENSSL_FIPS],[ | ||
63 | |||
64 | CPPFLAGS=$tmp_CPPFLAGS | ||
65 | LIBS=$tmp_LIBS | ||
66 | + fi | ||
67 | ]) | ||
68 | diff --git a/m4/acx_openssl_gost.m4 b/m4/acx_openssl_gost.m4 | ||
69 | index dca489b..34c39d8 100644 | ||
70 | --- a/m4/acx_openssl_gost.m4 | ||
71 | +++ b/m4/acx_openssl_gost.m4 | ||
72 | @@ -1,4 +1,5 @@ | ||
73 | AC_DEFUN([ACX_OPENSSL_GOST],[ | ||
74 | + if test "$cross_compiling" != yes; then | ||
75 | AC_MSG_CHECKING(for OpenSSL GOST support) | ||
76 | |||
77 | tmp_CPPFLAGS=$CPPFLAGS | ||
78 | @@ -62,4 +63,5 @@ AC_DEFUN([ACX_OPENSSL_GOST],[ | ||
79 | |||
80 | CPPFLAGS=$tmp_CPPFLAGS | ||
81 | LIBS=$tmp_LIBS | ||
82 | + fi | ||
83 | ]) | ||
84 | -- | ||
85 | 2.7.4 | ||
86 | |||
diff --git a/meta-sota/recipes-support/softhsm/softhsm_git.bb b/meta-sota/recipes-support/softhsm/softhsm_git.bb new file mode 100644 index 0000000..c26903d --- /dev/null +++ b/meta-sota/recipes-support/softhsm/softhsm_git.bb | |||
@@ -0,0 +1,27 @@ | |||
1 | SUMMARY = "HSM emulator" | ||
2 | LICENSE = "BSD" | ||
3 | LIC_FILES_CHKSUM = "file://LICENSE;md5=ef3f77a3507c3d91e75b9f2bdaee4210" | ||
4 | |||
5 | inherit autotools-brokensep | ||
6 | |||
7 | |||
8 | SRC_URI = "git://github.com/opendnssec/SoftHSMv2.git;branch=master \ | ||
9 | file://0001-Cross-compilation-tweaks.patch" | ||
10 | SRCREV="1f7498c0c65b1b1ad5e1bdbd87e9d4b100705745" | ||
11 | |||
12 | S = "${WORKDIR}/git" | ||
13 | |||
14 | DEPENDS += " openssl" | ||
15 | |||
16 | EXTRA_OECONF = "--disable-gost --with-openssl=${STAGING_LIBDIR}/.." | ||
17 | |||
18 | do_configure() { | ||
19 | unset docdir | ||
20 | sh ./autogen.sh | ||
21 | oe_runconf | ||
22 | } | ||
23 | |||
24 | FILES_${PN} = "${bindir} \ | ||
25 | ${libdir}/softhsm \ | ||
26 | ${sysconfdir} \ | ||
27 | ${localstatedir}/lib/softhsm " | ||
diff --git a/meta-sota/recipes-test/big-update/big-update_1.0.bb b/meta-sota/recipes-test/big-update/big-update_1.0.bb new file mode 100644 index 0000000..68b9746 --- /dev/null +++ b/meta-sota/recipes-test/big-update/big-update_1.0.bb | |||
@@ -0,0 +1,13 @@ | |||
1 | DESCRIPTION = "Example Package with 10MB of random, seeded content" | ||
2 | LICENSE = "CLOSED" | ||
3 | |||
4 | SRC_URI = "file://rand_file.py" | ||
5 | |||
6 | FILES_${PN} = "/usr/lib/big-update" | ||
7 | |||
8 | DEPENDS = "coreutils-native" | ||
9 | |||
10 | do_install() { | ||
11 | install -d ${D}/usr/lib/big-update | ||
12 | python ${S}/../rand_file.py ${D}/usr/lib/big-update/a-big-file $(numfmt --from=iec 10M) | ||
13 | } | ||
diff --git a/meta-sota/recipes-test/big-update/big-update_2.0.bb b/meta-sota/recipes-test/big-update/big-update_2.0.bb new file mode 100644 index 0000000..20c8138 --- /dev/null +++ b/meta-sota/recipes-test/big-update/big-update_2.0.bb | |||
@@ -0,0 +1,13 @@ | |||
1 | DESCRIPTION = "Example Package with 12MB of random, seeded content" | ||
2 | LICENSE = "CLOSED" | ||
3 | |||
4 | SRC_URI = "file://rand_file.py" | ||
5 | |||
6 | FILES_${PN} = "/usr/lib/big-update" | ||
7 | |||
8 | DEPENDS = "coreutils-native" | ||
9 | |||
10 | do_install() { | ||
11 | install -d ${D}/usr/lib/big-update | ||
12 | python ${S}/../rand_file.py ${D}/usr/lib/big-update/a-big-file $(numfmt --from=iec 12M) | ||
13 | } | ||
diff --git a/meta-sota/recipes-test/big-update/files/rand_file.py b/meta-sota/recipes-test/big-update/files/rand_file.py new file mode 100644 index 0000000..0f4f16e --- /dev/null +++ b/meta-sota/recipes-test/big-update/files/rand_file.py | |||
@@ -0,0 +1,16 @@ | |||
1 | import sys | ||
2 | from random import seed, randint | ||
3 | |||
4 | def main(): | ||
5 | n = int(sys.argv[2]) | ||
6 | ba = bytearray(n) | ||
7 | |||
8 | seed(42) | ||
9 | for i in range(0, n): | ||
10 | ba[i] = randint(0, 255) | ||
11 | |||
12 | with open(sys.argv[1], 'wb') as f: | ||
13 | f.write(bytes(ba)) | ||
14 | |||
15 | if __name__ == "__main__": | ||
16 | main() | ||
diff --git a/meta-sota/recipes-test/demo-network-config/files/25-dhcp-server.network b/meta-sota/recipes-test/demo-network-config/files/25-dhcp-server.network new file mode 100644 index 0000000..4766f9a --- /dev/null +++ b/meta-sota/recipes-test/demo-network-config/files/25-dhcp-server.network | |||
@@ -0,0 +1,12 @@ | |||
1 | [Match] | ||
2 | Name=enp0s4 | ||
3 | |||
4 | [Network] | ||
5 | Description=Private internal network between aktualizr Primary and Secondary nodes | ||
6 | DHCPServer=yes | ||
7 | Address=10.0.3.1/24 | ||
8 | IPForward=yes | ||
9 | IPMasquerade=yes | ||
10 | |||
11 | [DHCPServer] | ||
12 | PoolOffset=10 \ No newline at end of file | ||
diff --git a/meta-sota/recipes-test/demo-network-config/files/26-dhcp-client.network b/meta-sota/recipes-test/demo-network-config/files/26-dhcp-client.network new file mode 100644 index 0000000..319664f --- /dev/null +++ b/meta-sota/recipes-test/demo-network-config/files/26-dhcp-client.network | |||
@@ -0,0 +1,6 @@ | |||
1 | [Match] | ||
2 | Name=enp0s4 | ||
3 | |||
4 | [Network] | ||
5 | Description=Private internal network between aktualizr Primary and Secondary nodes | ||
6 | DHCP=yes | ||
diff --git a/meta-sota/recipes-test/demo-network-config/files/27-dhcp-client-external.network b/meta-sota/recipes-test/demo-network-config/files/27-dhcp-client-external.network new file mode 100644 index 0000000..ba49593 --- /dev/null +++ b/meta-sota/recipes-test/demo-network-config/files/27-dhcp-client-external.network | |||
@@ -0,0 +1,6 @@ | |||
1 | [Match] | ||
2 | Name=enp0s3 | ||
3 | |||
4 | [Network] | ||
5 | Description=External network for secondary | ||
6 | DHCP=yes | ||
diff --git a/meta-sota/recipes-test/demo-network-config/primary-network-config.bb b/meta-sota/recipes-test/demo-network-config/primary-network-config.bb new file mode 100644 index 0000000..78678a2 --- /dev/null +++ b/meta-sota/recipes-test/demo-network-config/primary-network-config.bb | |||
@@ -0,0 +1,16 @@ | |||
1 | DESCRIPTION = "Sample network configuration for an Uptane Primary" | ||
2 | LICENSE = "CLOSED" | ||
3 | |||
4 | inherit allarch | ||
5 | |||
6 | SRC_URI = "file://25-dhcp-server.network" | ||
7 | |||
8 | |||
9 | FILES_${PN} = "/usr/lib/systemd/network" | ||
10 | |||
11 | PR = "1" | ||
12 | |||
13 | do_install() { | ||
14 | install -d ${D}/usr/lib/systemd/network | ||
15 | install -m 0644 ${WORKDIR}/25-dhcp-server.network ${D}/usr/lib/systemd/network/ | ||
16 | } | ||
diff --git a/meta-sota/recipes-test/demo-network-config/secondary-network-config.bb b/meta-sota/recipes-test/demo-network-config/secondary-network-config.bb new file mode 100644 index 0000000..9091c65 --- /dev/null +++ b/meta-sota/recipes-test/demo-network-config/secondary-network-config.bb | |||
@@ -0,0 +1,20 @@ | |||
1 | DESCRIPTION = "Sample network configuration for an Uptane Secondary" | ||
2 | LICENSE = "CLOSED" | ||
3 | |||
4 | inherit allarch | ||
5 | |||
6 | SRC_URI = "\ | ||
7 | file://26-dhcp-client.network \ | ||
8 | file://27-dhcp-client-external.network \ | ||
9 | " | ||
10 | |||
11 | |||
12 | FILES_${PN} = "/usr/lib/systemd/network" | ||
13 | |||
14 | PR = "1" | ||
15 | |||
16 | do_install() { | ||
17 | install -d ${D}/usr/lib/systemd/network | ||
18 | install -m 0644 ${WORKDIR}/26-dhcp-client.network ${D}/usr/lib/systemd/network/ | ||
19 | install -m 0644 ${WORKDIR}/27-dhcp-client-external.network ${D}/usr/lib/systemd/network/ | ||
20 | } | ||
diff --git a/meta-sota/recipes-test/images/primary-image.bb b/meta-sota/recipes-test/images/primary-image.bb new file mode 100644 index 0000000..6d2df94 --- /dev/null +++ b/meta-sota/recipes-test/images/primary-image.bb | |||
@@ -0,0 +1,14 @@ | |||
1 | include recipes-core/images/core-image-minimal.bb | ||
2 | |||
3 | SUMMARY = "A minimal Uptane Primary image running aktualizr, for testing with a Linux secondary" | ||
4 | |||
5 | LICENSE = "MIT" | ||
6 | |||
7 | IMAGE_INSTALL_remove = " \ | ||
8 | " | ||
9 | |||
10 | IMAGE_INSTALL_append = " \ | ||
11 | primary-network-config \ | ||
12 | " | ||
13 | |||
14 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/meta-sota/recipes-test/images/secondary-image.bb b/meta-sota/recipes-test/images/secondary-image.bb new file mode 100644 index 0000000..9adbdc5 --- /dev/null +++ b/meta-sota/recipes-test/images/secondary-image.bb | |||
@@ -0,0 +1,25 @@ | |||
1 | include recipes-core/images/core-image-minimal.bb | ||
2 | |||
3 | SUMMARY = "A minimal Uptane Secondary image running aktualizr-secondary" | ||
4 | |||
5 | LICENSE = "MIT" | ||
6 | |||
7 | |||
8 | # Remove default aktualizr primary, and the provisioning configuration (which | ||
9 | # RDEPENDS on aktualizr) | ||
10 | IMAGE_INSTALL_remove = " \ | ||
11 | aktualizr \ | ||
12 | aktualizr-auto-prov \ | ||
13 | aktualizr-ca-implicit-prov \ | ||
14 | aktualizr-hsm-prov \ | ||
15 | aktualizr-implicit-prov \ | ||
16 | connman \ | ||
17 | connman-client \ | ||
18 | " | ||
19 | |||
20 | IMAGE_INSTALL_append = " \ | ||
21 | aktualizr-secondary \ | ||
22 | secondary-network-config \ | ||
23 | " | ||
24 | |||
25 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||