diff options
-rw-r--r-- | CONTRIBUTING.adoc | 6 | ||||
-rw-r--r-- | classes/image_types_ostree.bbclass | 35 | ||||
-rw-r--r-- | classes/image_types_ota.bbclass | 173 | ||||
-rw-r--r-- | classes/sota.bbclass | 10 | ||||
-rw-r--r-- | conf/distro/sota.conf.inc | 6 | ||||
-rw-r--r-- | lib/oeqa/selftest/cases/updater.py | 8 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb | 6 | ||||
-rw-r--r-- | recipes-sota/ostree/ostree_git.bb | 5 | ||||
-rw-r--r-- | recipes-support/libp11/libp11_git.bb (renamed from recipes-support/libp11/libp11_0.4.9.bb) | 4 | ||||
-rw-r--r-- | recipes-support/sc-hsm-embedded/files/0001-Cross-compilation-tweaks.patch | 86 | ||||
-rw-r--r-- | recipes-support/sc-hsm-embedded/sc-hsm-embedded_git.bb | 22 |
11 files changed, 130 insertions, 231 deletions
diff --git a/CONTRIBUTING.adoc b/CONTRIBUTING.adoc index 4d9e8f6..0b40438 100644 --- a/CONTRIBUTING.adoc +++ b/CONTRIBUTING.adoc | |||
@@ -13,6 +13,12 @@ Previously, some older branches were also regularly supported, and while they sh | |||
13 | 13 | ||
14 | If you are developing with meta-updater, it may be helpful to read the README and other documentation for link:README.adoc[this repo], https://github.com/advancedtelematic/aktualizr[aktualizr], and the https://github.com/advancedtelematic/updater-repo/[updater-repo], particularly the sections about development and debugging. | 14 | If you are developing with meta-updater, it may be helpful to read the README and other documentation for link:README.adoc[this repo], https://github.com/advancedtelematic/aktualizr[aktualizr], and the https://github.com/advancedtelematic/updater-repo/[updater-repo], particularly the sections about development and debugging. |
15 | 15 | ||
16 | == Developer Certificate of Origin (DCO) | ||
17 | |||
18 | All commits in pull requests must contain a `Signed-off-by:` line to indicate that the developer has agreed to the terms of the https://developercertificate.org[Developer Certificate of Origin]. A simple way to achieve that is to use the `-s` flag of `git commit`. | ||
19 | |||
20 | New pull requests will automatically be checked by the https://probot.github.io/apps/dco/[probot/dco]. | ||
21 | |||
16 | == Contributor checklist | 22 | == Contributor checklist |
17 | 23 | ||
18 | * OTA-enabled build succeeds for at least one platform, the resulting image boots, and an update can be installed. This check is absolutely necessary for every pull request unless it only touches documentation. | 24 | * OTA-enabled build succeeds for at least one platform, the resulting image boots, and an update can be installed. This check is absolutely necessary for every pull request unless it only touches documentation. |
diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass index 0acc786..97290ac 100644 --- a/classes/image_types_ostree.bbclass +++ b/classes/image_types_ostree.bbclass | |||
@@ -1,26 +1,19 @@ | |||
1 | # OSTree deployment | 1 | # OSTree deployment |
2 | 2 | ||
3 | do_image_ostree[depends] += "ostree-native:do_populate_sysroot \ | 3 | do_image_ostree[depends] += "ostree-native:do_populate_sysroot \ |
4 | openssl-native:do_populate_sysroot \ | ||
5 | coreutils-native:do_populate_sysroot \ | 4 | coreutils-native:do_populate_sysroot \ |
6 | unzip-native:do_populate_sysroot \ | ||
7 | virtual/kernel:do_deploy \ | 5 | virtual/kernel:do_deploy \ |
8 | ${OSTREE_INITRAMFS_IMAGE}:do_image_complete" | 6 | ${OSTREE_INITRAMFS_IMAGE}:do_image_complete" |
9 | do_image_ostree[lockfiles] += "${OSTREE_REPO}/ostree.lock" | 7 | do_image_ostree[lockfiles] += "${OSTREE_REPO}/ostree.lock" |
10 | 8 | ||
11 | export OSTREE_REPO | ||
12 | export OSTREE_BRANCHNAME | ||
13 | export GARAGE_TARGET_NAME | ||
14 | |||
15 | RAMDISK_EXT ?= ".${OSTREE_INITRAMFS_FSTYPES}" | 9 | RAMDISK_EXT ?= ".${OSTREE_INITRAMFS_FSTYPES}" |
16 | 10 | ||
17 | OSTREE_KERNEL ??= "${KERNEL_IMAGETYPE}" | 11 | OSTREE_KERNEL ??= "${KERNEL_IMAGETYPE}" |
18 | |||
19 | OSTREE_COMMIT_SUBJECT ??= "Commit-id: ${IMAGE_NAME}" | 12 | OSTREE_COMMIT_SUBJECT ??= "Commit-id: ${IMAGE_NAME}" |
20 | OSTREE_COMMIT_BODY ??= "" | 13 | OSTREE_COMMIT_BODY ??= "" |
21 | OSTREE_UPDATE_SUMMARY ??= "0" | 14 | OSTREE_UPDATE_SUMMARY ??= "0" |
22 | 15 | ||
23 | export SYSTEMD_USED = "${@oe.utils.ifelse(d.getVar('VIRTUAL-RUNTIME_init_manager', True) == 'systemd', 'true', '')}" | 16 | SYSTEMD_USED = "${@oe.utils.ifelse(d.getVar('VIRTUAL-RUNTIME_init_manager', True) == 'systemd', 'true', '')}" |
24 | 17 | ||
25 | IMAGE_CMD_ostree () { | 18 | IMAGE_CMD_ostree () { |
26 | if [ -z "$OSTREE_REPO" ]; then | 19 | if [ -z "$OSTREE_REPO" ]; then |
@@ -65,7 +58,7 @@ IMAGE_CMD_ostree () { | |||
65 | fi | 58 | fi |
66 | done | 59 | done |
67 | 60 | ||
68 | if [ -n "$SYSTEMD_USED" ]; then | 61 | if [ -n "${SYSTEMD_USED}" ]; then |
69 | mkdir -p usr/etc/tmpfiles.d | 62 | mkdir -p usr/etc/tmpfiles.d |
70 | tmpfiles_conf=usr/etc/tmpfiles.d/00ostree-tmpfiles.conf | 63 | tmpfiles_conf=usr/etc/tmpfiles.d/00ostree-tmpfiles.conf |
71 | echo "d /var/rootdirs 0755 root root -" >>${tmpfiles_conf} | 64 | echo "d /var/rootdirs 0755 root root -" >>${tmpfiles_conf} |
@@ -101,7 +94,7 @@ IMAGE_CMD_ostree () { | |||
101 | bbwarn "Data in /$dir directory is not preserved by OSTree. Consider moving it under /usr" | 94 | bbwarn "Data in /$dir directory is not preserved by OSTree. Consider moving it under /usr" |
102 | fi | 95 | fi |
103 | 96 | ||
104 | if [ -n "$SYSTEMD_USED" ]; then | 97 | if [ -n "${SYSTEMD_USED}" ]; then |
105 | echo "d /var/rootdirs/${dir} 0755 root root -" >>${tmpfiles_conf} | 98 | echo "d /var/rootdirs/${dir} 0755 root root -" >>${tmpfiles_conf} |
106 | else | 99 | else |
107 | echo "mkdir -p /var/rootdirs/${dir}; chown 755 /var/rootdirs/${dir}" >>${tmpfiles_conf} | 100 | echo "mkdir -p /var/rootdirs/${dir}; chown 755 /var/rootdirs/${dir}" >>${tmpfiles_conf} |
@@ -113,11 +106,10 @@ IMAGE_CMD_ostree () { | |||
113 | 106 | ||
114 | if [ -d root ] && [ ! -L root ]; then | 107 | if [ -d root ] && [ ! -L root ]; then |
115 | if [ "$(ls -A root)" ]; then | 108 | if [ "$(ls -A root)" ]; then |
116 | bberror "Data in /root directory is not preserved by OSTree." | 109 | bbfatal "Data in /root directory is not preserved by OSTree." |
117 | exit 1 | ||
118 | fi | 110 | fi |
119 | 111 | ||
120 | if [ -n "$SYSTEMD_USED" ]; then | 112 | if [ -n "${SYSTEMD_USED}" ]; then |
121 | echo "d /var/roothome 0755 root root -" >>${tmpfiles_conf} | 113 | echo "d /var/roothome 0755 root root -" >>${tmpfiles_conf} |
122 | else | 114 | else |
123 | echo "mkdir -p /var/roothome; chown 755 /var/roothome" >>${tmpfiles_conf} | 115 | echo "mkdir -p /var/roothome; chown 755 /var/roothome" >>${tmpfiles_conf} |
@@ -189,7 +181,10 @@ IMAGE_CMD_ostreepush () { | |||
189 | } | 181 | } |
190 | 182 | ||
191 | IMAGE_TYPEDEP_garagesign = "ostreepush" | 183 | IMAGE_TYPEDEP_garagesign = "ostreepush" |
192 | do_image_garagesign[depends] += "aktualizr-native:do_populate_sysroot" | 184 | do_image_garagesign[depends] += "unzip-native:do_populate_sysroot" |
185 | # This lock solves OTA-1866, which is that removing GARAGE_SIGN_REPO while using | ||
186 | # garage-sign simultaneously for two images often causes problems. | ||
187 | do_image_garagesign[lockfiles] += "${DEPLOY_DIR_IMAGE}/garagesign.lock" | ||
193 | IMAGE_CMD_garagesign () { | 188 | IMAGE_CMD_garagesign () { |
194 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 189 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
195 | # if credentials are issued by a server that doesn't support offline signing, exit silently | 190 | # if credentials are issued by a server that doesn't support offline signing, exit silently |
@@ -197,11 +192,9 @@ IMAGE_CMD_garagesign () { | |||
197 | 192 | ||
198 | java_version=$( java -version 2>&1 | awk -F '"' '/version/ {print $2}' ) | 193 | java_version=$( java -version 2>&1 | awk -F '"' '/version/ {print $2}' ) |
199 | if [ "${java_version}" = "" ]; then | 194 | if [ "${java_version}" = "" ]; then |
200 | bberror "Java is required for synchronization with update backend, but is not installed on the host machine" | 195 | bbfatal "Java is required for synchronization with update backend, but is not installed on the host machine" |
201 | exit 1 | ||
202 | elif [ "${java_version}" \< "1.8" ]; then | 196 | elif [ "${java_version}" \< "1.8" ]; then |
203 | bberror "Java version >= 8 is required for synchronization with update backend" | 197 | bbfatal "Java version >= 8 is required for synchronization with update backend" |
204 | exit 1 | ||
205 | fi | 198 | fi |
206 | 199 | ||
207 | rm -rf ${GARAGE_SIGN_REPO} | 200 | rm -rf ${GARAGE_SIGN_REPO} |
@@ -252,14 +245,12 @@ IMAGE_CMD_garagesign () { | |||
252 | rm -rf ${GARAGE_SIGN_REPO} | 245 | rm -rf ${GARAGE_SIGN_REPO} |
253 | 246 | ||
254 | if [ "$push_success" -ne "1" ]; then | 247 | if [ "$push_success" -ne "1" ]; then |
255 | bberror "Couldn't push to garage repository" | 248 | bbfatal "Couldn't push to garage repository" |
256 | exit 1 | ||
257 | fi | 249 | fi |
258 | fi | 250 | fi |
259 | } | 251 | } |
260 | 252 | ||
261 | IMAGE_TYPEDEP_garagecheck = "ostreepush garagesign" | 253 | IMAGE_TYPEDEP_garagecheck = "garagesign" |
262 | do_image_garagecheck[depends] += "aktualizr-native:do_populate_sysroot" | ||
263 | IMAGE_CMD_garagecheck () { | 254 | IMAGE_CMD_garagecheck () { |
264 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 255 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
265 | # if credentials are issued by a server that doesn't support offline signing, exit silently | 256 | # if credentials are issued by a server that doesn't support offline signing, exit silently |
diff --git a/classes/image_types_ota.bbclass b/classes/image_types_ota.bbclass index f677491..56ba726 100644 --- a/classes/image_types_ota.bbclass +++ b/classes/image_types_ota.bbclass | |||
@@ -44,106 +44,99 @@ calculate_size () { | |||
44 | echo "${SIZE}" | 44 | echo "${SIZE}" |
45 | } | 45 | } |
46 | 46 | ||
47 | export OSTREE_OSNAME | 47 | IMAGE_CMD_otaimg () { |
48 | export OSTREE_BRANCHNAME | 48 | if ${@bb.utils.contains('IMAGE_FSTYPES', 'otaimg', 'false', 'true', d)}; then |
49 | export OSTREE_REPO | 49 | return |
50 | export OSTREE_BOOTLOADER | 50 | fi |
51 | if [ -z "$OSTREE_REPO" ]; then | ||
52 | bbfatal "OSTREE_REPO should be set in your local.conf" | ||
53 | fi | ||
51 | 54 | ||
52 | export GARAGE_TARGET_NAME | 55 | if [ -z "$OSTREE_OSNAME" ]; then |
56 | bbfatal "OSTREE_OSNAME should be set in your local.conf" | ||
57 | fi | ||
53 | 58 | ||
54 | IMAGE_CMD_otaimg () { | 59 | if [ -z "$OSTREE_BRANCHNAME" ]; then |
55 | if ${@bb.utils.contains('IMAGE_FSTYPES', 'otaimg', 'true', 'false', d)}; then | 60 | bbfatal "OSTREE_BRANCHNAME should be set in your local.conf" |
56 | if [ -z "$OSTREE_REPO" ]; then | 61 | fi |
57 | bbfatal "OSTREE_REPO should be set in your local.conf" | ||
58 | fi | ||
59 | 62 | ||
60 | if [ -z "$OSTREE_OSNAME" ]; then | 63 | PHYS_SYSROOT=`mktemp -d ${WORKDIR}/ota-sysroot-XXXXX` |
61 | bbfatal "OSTREE_OSNAME should be set in your local.conf" | ||
62 | fi | ||
63 | 64 | ||
64 | if [ -z "$OSTREE_BRANCHNAME" ]; then | 65 | ostree admin --sysroot=${PHYS_SYSROOT} init-fs ${PHYS_SYSROOT} |
65 | bbfatal "OSTREE_BRANCHNAME should be set in your local.conf" | 66 | ostree admin --sysroot=${PHYS_SYSROOT} os-init ${OSTREE_OSNAME} |
66 | fi | ||
67 | 67 | ||
68 | PHYS_SYSROOT=`mktemp -d ${WORKDIR}/ota-sysroot-XXXXX` | 68 | mkdir -p ${PHYS_SYSROOT}/boot/loader.0 |
69 | 69 | ln -s loader.0 ${PHYS_SYSROOT}/boot/loader | |
70 | ostree admin --sysroot=${PHYS_SYSROOT} init-fs ${PHYS_SYSROOT} | ||
71 | ostree admin --sysroot=${PHYS_SYSROOT} os-init ${OSTREE_OSNAME} | ||
72 | |||
73 | mkdir -p ${PHYS_SYSROOT}/boot/loader.0 | ||
74 | ln -s loader.0 ${PHYS_SYSROOT}/boot/loader | ||
75 | |||
76 | if [ "${OSTREE_BOOTLOADER}" = "grub" ]; then | ||
77 | mkdir -p ${PHYS_SYSROOT}/boot/grub2 | ||
78 | ln -s ../loader/grub.cfg ${PHYS_SYSROOT}/boot/grub2/grub.cfg | ||
79 | elif [ "${OSTREE_BOOTLOADER}" = "u-boot" ]; then | ||
80 | touch ${PHYS_SYSROOT}/boot/loader/uEnv.txt | ||
81 | else | ||
82 | bberror "Invalid bootloader: ${OSTREE_BOOTLOADER}" | ||
83 | fi; | ||
84 | |||
85 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) | ||
86 | |||
87 | ostree --repo=${PHYS_SYSROOT}/ostree/repo pull-local --remote=${OSTREE_OSNAME} ${OSTREE_REPO} ${ostree_target_hash} | ||
88 | export OSTREE_BOOT_PARTITION="/boot" | ||
89 | kargs_list="" | ||
90 | for arg in ${OSTREE_KERNEL_ARGS}; do | ||
91 | kargs_list="${kargs_list} --karg-append=$arg" | ||
92 | done | ||
93 | |||
94 | ostree admin --sysroot=${PHYS_SYSROOT} deploy ${kargs_list} --os=${OSTREE_OSNAME} ${ostree_target_hash} | ||
95 | |||
96 | # Copy deployment /home and /var/sota to sysroot | ||
97 | HOME_TMP=`mktemp -d ${WORKDIR}/home-tmp-XXXXX` | ||
98 | tar --xattrs --xattrs-include='*' -C ${HOME_TMP} -xf ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2 ./usr/homedirs ./var/local || true | ||
99 | |||
100 | cp -a ${IMAGE_ROOTFS}/var/sota ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true | ||
101 | # Create /var/sota if it doesn't exist yet | ||
102 | mkdir -p ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota | ||
103 | # Ensure the permissions are correctly set | ||
104 | chmod 700 ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota | ||
105 | |||
106 | mv ${HOME_TMP}/var/local ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true | ||
107 | mv ${HOME_TMP}/usr/homedirs/home ${PHYS_SYSROOT}/ || true | ||
108 | # Ensure that /var/local exists (AGL symlinks /usr/local to /var/local) | ||
109 | install -d ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/local | ||
110 | # Set package version for the first deployment | ||
111 | target_version=${ostree_target_hash} | ||
112 | if [ -n "${GARAGE_TARGET_VERSION}" ]; then | ||
113 | target_version=${GARAGE_TARGET_VERSION} | ||
114 | elif [ -e "${STAGING_DATADIR_NATIVE}/target_version" ]; then | ||
115 | target_version=$(cat "${STAGING_DATADIR_NATIVE}/target_version") | ||
116 | fi | ||
117 | mkdir -p ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import | ||
118 | echo "{\"${ostree_target_hash}\":\"${GARAGE_TARGET_NAME}-${target_version}\"}" > ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import/installed_versions | ||
119 | 70 | ||
120 | rm -rf ${HOME_TMP} | 71 | if [ "${OSTREE_BOOTLOADER}" = "grub" ]; then |
72 | mkdir -p ${PHYS_SYSROOT}/boot/grub2 | ||
73 | ln -s ../loader/grub.cfg ${PHYS_SYSROOT}/boot/grub2/grub.cfg | ||
74 | elif [ "${OSTREE_BOOTLOADER}" = "u-boot" ]; then | ||
75 | touch ${PHYS_SYSROOT}/boot/loader/uEnv.txt | ||
76 | else | ||
77 | bbfatal "Invalid bootloader: ${OSTREE_BOOTLOADER}" | ||
78 | fi | ||
121 | 79 | ||
122 | # Calculate image type | 80 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) |
123 | OTA_ROOTFS_SIZE=$(calculate_size `du -ks $PHYS_SYSROOT | cut -f 1` "${IMAGE_OVERHEAD_FACTOR}" "${IMAGE_ROOTFS_SIZE}" "${IMAGE_ROOTFS_MAXSIZE}" `expr ${IMAGE_ROOTFS_EXTRA_SPACE}` "${IMAGE_ROOTFS_ALIGNMENT}") | 81 | |
82 | ostree --repo=${PHYS_SYSROOT}/ostree/repo pull-local --remote=${OSTREE_OSNAME} ${OSTREE_REPO} ${ostree_target_hash} | ||
83 | kargs_list="" | ||
84 | for arg in ${OSTREE_KERNEL_ARGS}; do | ||
85 | kargs_list="${kargs_list} --karg-append=$arg" | ||
86 | done | ||
87 | |||
88 | ostree admin --sysroot=${PHYS_SYSROOT} deploy ${kargs_list} --os=${OSTREE_OSNAME} ${ostree_target_hash} | ||
89 | |||
90 | # Copy deployment /home and /var/sota to sysroot | ||
91 | HOME_TMP=`mktemp -d ${WORKDIR}/home-tmp-XXXXX` | ||
92 | tar --xattrs --xattrs-include='*' -C ${HOME_TMP} -xf ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2 ./usr/homedirs ./var/local || true | ||
93 | |||
94 | cp -a ${IMAGE_ROOTFS}/var/sota ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true | ||
95 | # Create /var/sota if it doesn't exist yet | ||
96 | mkdir -p ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota | ||
97 | # Ensure the permissions are correctly set | ||
98 | chmod 700 ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota | ||
99 | |||
100 | mv ${HOME_TMP}/var/local ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true | ||
101 | mv ${HOME_TMP}/usr/homedirs/home ${PHYS_SYSROOT}/ || true | ||
102 | # Ensure that /var/local exists (AGL symlinks /usr/local to /var/local) | ||
103 | install -d ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/local | ||
104 | # Set package version for the first deployment | ||
105 | target_version=${ostree_target_hash} | ||
106 | if [ -n "${GARAGE_TARGET_VERSION}" ]; then | ||
107 | target_version=${GARAGE_TARGET_VERSION} | ||
108 | elif [ -e "${STAGING_DATADIR_NATIVE}/target_version" ]; then | ||
109 | target_version=$(cat "${STAGING_DATADIR_NATIVE}/target_version") | ||
110 | fi | ||
111 | mkdir -p ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import | ||
112 | echo "{\"${ostree_target_hash}\":\"${GARAGE_TARGET_NAME}-${target_version}\"}" > ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import/installed_versions | ||
124 | 113 | ||
125 | if [ $OTA_ROOTFS_SIZE -lt 0 ]; then | 114 | rm -rf ${HOME_TMP} |
126 | exit -1 | 115 | |
127 | fi | 116 | # Calculate image size |
128 | eval local COUNT=\"0\" | 117 | OTA_ROOTFS_SIZE=$(calculate_size `du -ks $PHYS_SYSROOT | cut -f 1` "${IMAGE_OVERHEAD_FACTOR}" "${IMAGE_ROOTFS_SIZE}" "${IMAGE_ROOTFS_MAXSIZE}" `expr ${IMAGE_ROOTFS_EXTRA_SPACE}` "${IMAGE_ROOTFS_ALIGNMENT}") |
129 | eval local MIN_COUNT=\"60\" | ||
130 | if [ $OTA_ROOTFS_SIZE -lt $MIN_COUNT ]; then | ||
131 | eval COUNT=\"$MIN_COUNT\" | ||
132 | fi | ||
133 | 118 | ||
134 | # create image | 119 | if [ ${OTA_ROOTFS_SIZE} -lt 0 ]; then |
135 | rm -rf ${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.otaimg | 120 | exit -1 |
136 | sync | ||
137 | dd if=/dev/zero of=${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.otaimg seek=$OTA_ROOTFS_SIZE count=$COUNT bs=1024 | ||
138 | mkfs.ext4 -O ^64bit ${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.otaimg -L otaroot -d ${PHYS_SYSROOT} | ||
139 | rm -rf ${PHYS_SYSROOT} | ||
140 | |||
141 | rm -f ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.otaimg | ||
142 | ln -s ${IMAGE_NAME}.otaimg ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.otaimg | ||
143 | # for forward compatibility | ||
144 | rm -f ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.ota-ext4 | ||
145 | ln -s ${IMAGE_NAME}.otaimg ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.ota-ext4 | ||
146 | fi | 121 | fi |
122 | eval local COUNT=\"0\" | ||
123 | eval local MIN_COUNT=\"60\" | ||
124 | if [ ${OTA_ROOTFS_SIZE} -lt ${MIN_COUNT} ]; then | ||
125 | eval COUNT=\"${MIN_COUNT}\" | ||
126 | fi | ||
127 | |||
128 | # create image | ||
129 | rm -rf ${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.otaimg | ||
130 | sync | ||
131 | dd if=/dev/zero of=${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.otaimg seek=${OTA_ROOTFS_SIZE} count=${COUNT} bs=1024 | ||
132 | mkfs.ext4 -O ^64bit ${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.otaimg -L otaroot -d ${PHYS_SYSROOT} | ||
133 | rm -rf ${PHYS_SYSROOT} | ||
134 | |||
135 | rm -f ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.otaimg | ||
136 | ln -s ${IMAGE_NAME}.otaimg ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.otaimg | ||
137 | # for forward compatibility | ||
138 | rm -f ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.ota-ext4 | ||
139 | ln -s ${IMAGE_NAME}.otaimg ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.ota-ext4 | ||
147 | } | 140 | } |
148 | 141 | ||
149 | IMAGE_TYPEDEP_otaimg = "ostree" | 142 | IMAGE_TYPEDEP_otaimg = "ostree" |
diff --git a/classes/sota.bbclass b/classes/sota.bbclass index 1e149ea..4ee4191 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass | |||
@@ -26,11 +26,13 @@ EXTRA_IMAGEDEPENDS_append_sota = " parted-native mtools-native dosfstools-native | |||
26 | OSTREE_INITRAMFS_FSTYPES ??= "${@oe.utils.ifelse(d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot', 'ext4.gz.u-boot', 'ext4.gz')}" | 26 | OSTREE_INITRAMFS_FSTYPES ??= "${@oe.utils.ifelse(d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot', 'ext4.gz.u-boot', 'ext4.gz')}" |
27 | 27 | ||
28 | # Please redefine OSTREE_REPO in order to have a persistent OSTree repo | 28 | # Please redefine OSTREE_REPO in order to have a persistent OSTree repo |
29 | OSTREE_REPO ?= "${DEPLOY_DIR_IMAGE}/ostree_repo" | 29 | export OSTREE_REPO ?= "${DEPLOY_DIR_IMAGE}/ostree_repo" |
30 | OSTREE_BRANCHNAME ?= "${SOTA_HARDWARE_ID}" | 30 | export OSTREE_BRANCHNAME ?= "${SOTA_HARDWARE_ID}" |
31 | OSTREE_OSNAME ?= "poky" | 31 | export OSTREE_OSNAME ?= "poky" |
32 | export OSTREE_BOOTLOADER ??= 'u-boot' | ||
33 | export OSTREE_BOOT_PARTITION ??= "/boot" | ||
34 | |||
32 | OSTREE_INITRAMFS_IMAGE ?= "initramfs-ostree-image" | 35 | OSTREE_INITRAMFS_IMAGE ?= "initramfs-ostree-image" |
33 | OSTREE_BOOTLOADER ??= 'u-boot' | ||
34 | 36 | ||
35 | GARAGE_SIGN_REPO ?= "${DEPLOY_DIR_IMAGE}/garage_sign_repo" | 37 | GARAGE_SIGN_REPO ?= "${DEPLOY_DIR_IMAGE}/garage_sign_repo" |
36 | GARAGE_SIGN_KEYNAME ?= "garage-key" | 38 | GARAGE_SIGN_KEYNAME ?= "garage-key" |
diff --git a/conf/distro/sota.conf.inc b/conf/distro/sota.conf.inc index ea1ca95..4f7547f 100644 --- a/conf/distro/sota.conf.inc +++ b/conf/distro/sota.conf.inc | |||
@@ -10,4 +10,10 @@ INHERIT += " sota" | |||
10 | # Prelinking increases the size of downloads and causes build errors | 10 | # Prelinking increases the size of downloads and causes build errors |
11 | USER_CLASSES_remove = "image-prelink" | 11 | USER_CLASSES_remove = "image-prelink" |
12 | 12 | ||
13 | # Enable reproducible builds. Use 0 as mtime, the same as OSTree is using. | ||
14 | INHERIT += "reproducible_build_simple" | ||
15 | |||
16 | export SOURCE_DATE_EPOCH ?= "0" | ||
17 | REPRODUCIBLE_TIMESTAMP_ROOTFS ?= "0" | ||
18 | |||
13 | HOSTTOOLS_append = " sync sha256sum" | 19 | HOSTTOOLS_append = " sync sha256sum" |
diff --git a/lib/oeqa/selftest/cases/updater.py b/lib/oeqa/selftest/cases/updater.py index b857ab6..f269c1e 100644 --- a/lib/oeqa/selftest/cases/updater.py +++ b/lib/oeqa/selftest/cases/updater.py | |||
@@ -655,7 +655,13 @@ def qemu_launch(efi=False, machine=None, imagename=None): | |||
655 | args.dir = 'tmp/deploy/images' | 655 | args.dir = 'tmp/deploy/images' |
656 | args.efi = efi | 656 | args.efi = efi |
657 | args.machine = machine | 657 | args.machine = machine |
658 | args.kvm = None # Autodetect | 658 | qemu_use_kvm = get_bb_var("QEMU_USE_KVM") |
659 | if qemu_use_kvm and \ | ||
660 | (qemu_use_kvm == 'True' and 'x86' in machine or \ | ||
661 | get_bb_var('MACHINE') in qemu_use_kvm.split()): | ||
662 | args.kvm = True | ||
663 | else: | ||
664 | args.kvm = None # Autodetect | ||
659 | args.no_gui = True | 665 | args.no_gui = True |
660 | args.gdb = False | 666 | args.gdb = False |
661 | args.pcap = None | 667 | args.pcap = None |
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb index 41af7c0..7420983 100644 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb | |||
@@ -21,11 +21,11 @@ do_install() { | |||
21 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem | 21 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem |
22 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem | 22 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem |
23 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA | 23 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA |
24 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" | 24 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at ${SOTA_CACERT_PATH}" |
25 | 25 | ||
26 | if [ ! -f ${SOTA_CACERT_PATH} ]; then | 26 | if [ ! -f ${SOTA_CACERT_PATH} ]; then |
27 | bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" | 27 | bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" |
28 | SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")" | 28 | SOTA_CACERT_DIR_PATH="$(dirname "${SOTA_CACERT_PATH}")" |
29 | openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 | 29 | openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 |
30 | openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert | 30 | openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert |
31 | bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" | 31 | bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" |
@@ -33,7 +33,7 @@ do_install() { | |||
33 | fi | 33 | fi |
34 | 34 | ||
35 | if [ -z ${SOTA_CAKEY_PATH} ]; then | 35 | if [ -z ${SOTA_CAKEY_PATH} ]; then |
36 | bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning" | 36 | bbfatal "SOTA_CAKEY_PATH should be set when using implicit provisioning" |
37 | fi | 37 | fi |
38 | 38 | ||
39 | install -m 0700 -d ${D}${localstatedir}/sota | 39 | install -m 0700 -d ${D}${localstatedir}/sota |
diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index 3e3c951..93ae6e7 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb | |||
@@ -7,9 +7,9 @@ inherit autotools pkgconfig systemd bash-completion gobject-introspection | |||
7 | 7 | ||
8 | SRC_URI = "gitsm://github.com/ostreedev/ostree.git;branch=master" | 8 | SRC_URI = "gitsm://github.com/ostreedev/ostree.git;branch=master" |
9 | 9 | ||
10 | SRCREV="3e96ec9811b5cfc5481f8b6b06c8d34d9a35408e" | 10 | SRCREV = "f3eba6bcec39c163eb831c02c148ffa483292906" |
11 | 11 | ||
12 | PV = "v2018.7" | 12 | PV = "v2018.9" |
13 | 13 | ||
14 | S = "${WORKDIR}/git" | 14 | S = "${WORKDIR}/git" |
15 | 15 | ||
@@ -61,6 +61,7 @@ FILES_${PN} = "${bindir} \ | |||
61 | ${libdir}/ostree/ostree-remount \ | 61 | ${libdir}/ostree/ostree-remount \ |
62 | ${libdir}/girepository-1.0/* \ | 62 | ${libdir}/girepository-1.0/* \ |
63 | ${@bb.utils.contains('DISTRO_FEATURES','systemd','${libdir}/tmpfiles.d', '', d)} \ | 63 | ${@bb.utils.contains('DISTRO_FEATURES','systemd','${libdir}/tmpfiles.d', '', d)} \ |
64 | ${@bb.utils.contains('DISTRO_FEATURES','systemd','${systemd_unitdir}/system/*.path', '', d)} \ | ||
64 | ${@bb.utils.contains('DISTRO_FEATURES','systemd','${systemd_unitdir}/system-generators', '', d)} \ | 65 | ${@bb.utils.contains('DISTRO_FEATURES','systemd','${systemd_unitdir}/system-generators', '', d)} \ |
65 | " | 66 | " |
66 | FILES_${PN}-dev += " ${datadir}/gir-1.0" | 67 | FILES_${PN}-dev += " ${datadir}/gir-1.0" |
diff --git a/recipes-support/libp11/libp11_0.4.9.bb b/recipes-support/libp11/libp11_git.bb index 6d0165f..e51bcce 100644 --- a/recipes-support/libp11/libp11_0.4.9.bb +++ b/recipes-support/libp11/libp11_git.bb | |||
@@ -11,7 +11,9 @@ RDEPENDS_${PN} += " opensc" | |||
11 | 11 | ||
12 | SRC_URI = "git://github.com/OpenSC/libp11.git \ | 12 | SRC_URI = "git://github.com/OpenSC/libp11.git \ |
13 | file://0001-Workaround-for-a-buggy-version-of-openssl-1.0.2m.patch" | 13 | file://0001-Workaround-for-a-buggy-version-of-openssl-1.0.2m.patch" |
14 | SRCREV = "e1210903291b1de9eabcad26e740a4b2fbcca692" | 14 | SRCREV = "57ca68ff67efa08e3be1f26dec6d23bf5bb977f2" |
15 | |||
16 | PV = "0.4.9+git${SRCPV}" | ||
15 | 17 | ||
16 | S = "${WORKDIR}/git" | 18 | S = "${WORKDIR}/git" |
17 | 19 | ||
diff --git a/recipes-support/sc-hsm-embedded/files/0001-Cross-compilation-tweaks.patch b/recipes-support/sc-hsm-embedded/files/0001-Cross-compilation-tweaks.patch deleted file mode 100644 index b3a7622..0000000 --- a/recipes-support/sc-hsm-embedded/files/0001-Cross-compilation-tweaks.patch +++ /dev/null | |||
@@ -1,86 +0,0 @@ | |||
1 | From b6add28acb884b6006216e8422cc18504483c72e Mon Sep 17 00:00:00 2001 | ||
2 | From: Anton Gerasimov <anton@advancedtelematic.com> | ||
3 | Date: Fri, 8 Sep 2017 15:08:40 +0200 | ||
4 | Subject: [PATCH] Cross-compilation tweaks | ||
5 | |||
6 | --- | ||
7 | m4/acx_openssl.m4 | 2 ++ | ||
8 | m4/acx_openssl_ecc.m4 | 3 +++ | ||
9 | m4/acx_openssl_fips.m4 | 2 ++ | ||
10 | m4/acx_openssl_gost.m4 | 2 ++ | ||
11 | 4 files changed, 9 insertions(+) | ||
12 | |||
13 | diff --git a/m4/acx_openssl.m4 b/m4/acx_openssl.m4 | ||
14 | index e90c78f..9de6055 100644 | ||
15 | --- a/m4/acx_openssl.m4 | ||
16 | +++ b/m4/acx_openssl.m4 | ||
17 | @@ -25,6 +25,7 @@ AC_DEFUN([ACX_OPENSSL],[ | ||
18 | AC_CHECK_HEADERS([openssl/ssl.h],,[AC_MSG_ERROR([Can't find OpenSSL headers])]) | ||
19 | AC_CHECK_LIB(crypto, BN_new,,[AC_MSG_ERROR([Can't find OpenSSL library])]) | ||
20 | |||
21 | + if test "$cross_compiling" != yes; then | ||
22 | AC_MSG_CHECKING([for OpenSSL version]) | ||
23 | CHECK_OPENSSL_VERSION=m4_format(0x%02x%02x%02x000L, $1, $2, $3) | ||
24 | AC_LANG_PUSH([C]) | ||
25 | @@ -51,6 +52,7 @@ AC_DEFUN([ACX_OPENSSL],[ | ||
26 | AC_MSG_ERROR([OpenSSL library too old ($1.$2.$3 or later required)]) | ||
27 | ],[]) | ||
28 | AC_LANG_POP([C]) | ||
29 | + fi | ||
30 | |||
31 | CPPFLAGS=$tmp_CPPFLAGS | ||
32 | LIBS=$tmp_LIBS | ||
33 | diff --git a/m4/acx_openssl_ecc.m4 b/m4/acx_openssl_ecc.m4 | ||
34 | index 612c505..ba2389d 100644 | ||
35 | --- a/m4/acx_openssl_ecc.m4 | ||
36 | +++ b/m4/acx_openssl_ecc.m4 | ||
37 | @@ -1,4 +1,5 @@ | ||
38 | AC_DEFUN([ACX_OPENSSL_ECC],[ | ||
39 | + if test "$cross_compiling" != yes; then | ||
40 | AC_MSG_CHECKING(for OpenSSL ECC support) | ||
41 | |||
42 | tmp_CPPFLAGS=$CPPFLAGS | ||
43 | @@ -32,6 +33,8 @@ AC_DEFUN([ACX_OPENSSL_ECC],[ | ||
44 | ],[]) | ||
45 | AC_LANG_POP([C]) | ||
46 | |||
47 | + fi | ||
48 | + | ||
49 | CPPFLAGS=$tmp_CPPFLAGS | ||
50 | LIBS=$tmp_LIBS | ||
51 | ]) | ||
52 | diff --git a/m4/acx_openssl_fips.m4 b/m4/acx_openssl_fips.m4 | ||
53 | index 0491397..896cdbf 100644 | ||
54 | --- a/m4/acx_openssl_fips.m4 | ||
55 | +++ b/m4/acx_openssl_fips.m4 | ||
56 | @@ -1,4 +1,5 @@ | ||
57 | AC_DEFUN([ACX_OPENSSL_FIPS],[ | ||
58 | + if test "$cross_compiling" != yes; then | ||
59 | AC_MSG_CHECKING(for OpenSSL FIPS capable library) | ||
60 | |||
61 | tmp_CPPFLAGS=$CPPFLAGS | ||
62 | @@ -47,4 +48,5 @@ AC_DEFUN([ACX_OPENSSL_FIPS],[ | ||
63 | |||
64 | CPPFLAGS=$tmp_CPPFLAGS | ||
65 | LIBS=$tmp_LIBS | ||
66 | + fi | ||
67 | ]) | ||
68 | diff --git a/m4/acx_openssl_gost.m4 b/m4/acx_openssl_gost.m4 | ||
69 | index dca489b..34c39d8 100644 | ||
70 | --- a/m4/acx_openssl_gost.m4 | ||
71 | +++ b/m4/acx_openssl_gost.m4 | ||
72 | @@ -1,4 +1,5 @@ | ||
73 | AC_DEFUN([ACX_OPENSSL_GOST],[ | ||
74 | + if test "$cross_compiling" != yes; then | ||
75 | AC_MSG_CHECKING(for OpenSSL GOST support) | ||
76 | |||
77 | tmp_CPPFLAGS=$CPPFLAGS | ||
78 | @@ -62,4 +63,5 @@ AC_DEFUN([ACX_OPENSSL_GOST],[ | ||
79 | |||
80 | CPPFLAGS=$tmp_CPPFLAGS | ||
81 | LIBS=$tmp_LIBS | ||
82 | + fi | ||
83 | ]) | ||
84 | -- | ||
85 | 2.7.4 | ||
86 | |||
diff --git a/recipes-support/sc-hsm-embedded/sc-hsm-embedded_git.bb b/recipes-support/sc-hsm-embedded/sc-hsm-embedded_git.bb deleted file mode 100644 index 062d514..0000000 --- a/recipes-support/sc-hsm-embedded/sc-hsm-embedded_git.bb +++ /dev/null | |||
@@ -1,22 +0,0 @@ | |||
1 | SUMMARY = "Smartcard HSM driver" | ||
2 | LICENSE = "BSD" | ||
3 | LIC_FILES_CHKSUM = "file://COPYING;md5=55b854a477953696452f698a3af5de1c" | ||
4 | |||
5 | inherit autotools-brokensep | ||
6 | |||
7 | |||
8 | SRC_URI = "git://github.com/CardContact/sc-hsm-embedded.git;branch=master" | ||
9 | SRCREV="a45155d4249575ebdfb16ff26fdedbc4c4813002" | ||
10 | |||
11 | S = "${WORKDIR}/git" | ||
12 | |||
13 | DEPENDS += " openssl pcsc-lite" | ||
14 | |||
15 | do_configure() { | ||
16 | autoreconf -fi | ||
17 | oe_runconf | ||
18 | } | ||
19 | |||
20 | FILES_${PN} += "${libdir}" | ||
21 | FILES_SOLIBSDEV = "" | ||
22 | |||