| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
github is removing git:// access, and fetches will start experiencing
interruptions in service, and eventually will fail completely.
bitbake will also begin to warn on github src_uri's that don't use
https. So we convert the meta-virt instances to use protocol=https
(done using the oe-core contrib conversion script)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As introduced in the oe-core post:
https://lists.openembedded.org/g/openembedded-core/message/157623
SRC_URIs without an explicit branch will generate warnings, and
eventually be an error.
We run the provided conversion script to make sure that meta-virt
is ready for the change.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
OEcore has moved to 1.34.1 of busybox, so we do the same with our
initrd recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Similar to the oe-core commit:
commit 93ac180d8c389f16964bce8bd5538d9389e970e6
Author: Michael Opdenacker <michael.opdenacker@bootlin.com>
Date: Wed Sep 1 11:20:20 2021 +0200
meta: stop using "virtual/" in RPROVIDES and RDEPENDS
Fixes [YOCTO #14538]
Recipes shouldn't use the "virtual/" string in RPROVIDES and RDEPENDS.
That's confusing because "virtual/" has no special meaning in
RPROVIDES and RDEPENDS (unlike in PROVIDES and DEPENDS).
Instead, using "virtual-" instead of "virtual/"
as already done in the glibc recipe.
We stop rproviding virtual/containerd to keep the namespace clean.
There aren't many users of this virtual provides, but we keep
it around (for now) to maintain compatibility.
At the same time we convert the RPROVIDES to virtual-containerd, to keep
it available and consistent with oe-core use virtual-libc, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Similar to the oe-core commit:
commit 93ac180d8c389f16964bce8bd5538d9389e970e6
Author: Michael Opdenacker <michael.opdenacker@bootlin.com>
Date: Wed Sep 1 11:20:20 2021 +0200
meta: stop using "virtual/" in RPROVIDES and RDEPENDS
Fixes [YOCTO #14538]
Recipes shouldn't use the "virtual/" string in RPROVIDES and RDEPENDS.
That's confusing because "virtual/" has no special meaning in
RPROVIDES and RDEPENDS (unlike in PROVIDES and DEPENDS).
Instead, using "virtual-" instead of "virtual/"
as already done in the glibc recipe.
We stop rproviding virtual/runc to keep the namespace clean.
There aren't many users of this virtual provides, but we keep
it around (for now) to maintain compatibility.
At the same time we convert the RPROVIDES to virtual-runc, to keep
it available and consistent with oe-core use virtual-libc, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
Upgraded in:
https://git.openembedded.org/openembedded-core/commit/?id=d0e694ef4ec7bd862bdefee494210e3878152b44
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OEcore/bitbake are moving to use the clearer ":" as an overrides
separator.
This is pass one of updating the meta-virt recipes to use that
syntax.
This has only been minimally build/runtime tested, more changes
will be required for missed overrides, or incorrect conversions
Note: A recent bitbake is required:
commit 75fad23fc06c008a03414a1fc288a8614c6af9ca
Author: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Sun Jul 18 12:59:15 2021 +0100
bitbake: data_smart/parse: Allow ':' characters in variable/function names
It is becomming increasingly clear we need to find a way to show what
is/is not an override in our syntax. We need to do this in a way which
is clear to users, readable and in a way we can transition to.
The most effective way I've found to this is to use the ":" charater
to directly replace "_" where an override is being specified. This
includes "append", "prepend" and "remove" which are effectively special
override directives.
This patch simply adds the character to the parser so bitbake accepts
the value but maps it back to "_" internally so there is no behaviour
change.
This change is simple enough it could potentially be backported to older
version of bitbake meaning layers using the new syntax/markup could
work with older releases. Even if other no other changes are accepted
at this time and we don't backport, it does set us on a path where at
some point in future we could
require a more explict syntax.
I've tested this patch by converting oe-core/meta-yocto to the new
syntax for overrides (9000+ changes) and then seeing that builds
continue to work with this patch.
(Bitbake rev: 0dbbb4547cb2570d2ce607e9a53459df3c0ac284)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
OE core has updated busybox, so we bump to match.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
libseccomp has moved to oe-core, so we can drop our checks and
blacklisting of packages if meta-security is not in the layer
configuration.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
To ensure yocto compatibility, we should not be changing the behaviour
of recipes simply when meta-virt is included.
As such, we change our sysvinit-inittab changes to only trigger when
virtualization is in the distro features.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
Add nsenter to Busybox configuration as it is required by Podman at runtime
Signed-off-by: Nathan Dunne <Nathan.Dunne@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
calling bb.parse.SkipRecipe with conditional PNBLACKLISTs
* PNBLACKLISTs are IMHO a bit easier to read and easier to override from distro
which e.g. provides own recipe for libseccomp
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
* copy the skip from podman recipe, because this packagegroup
depends on podman
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fixes world build:
ERROR: Nothing RPROVIDES 'k3s-server' (but meta-virtualization/recipes-core/packagegroups/packagegroup-kubernetes.bb RDEPENDS on or otherwise requires it)
k3s RPROVIDES k3s-server but was skipped: missing required distro feature 'seccomp' (not in DISTRO_FEATURES)
NOTE: Runtime target 'k3s-server' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['k3s-server']
ERROR: Required build target 'meta-world-pkgdata' has no buildable providers.
Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'packagegroup-kubernetes', 'k3s-server']
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
bumping runX to the 1.0 tag
- drop patches that are part of the release
- bump kernel to v5.4.104 to work with our gcc10
- tweak initrd install to use externally provided busybox
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
To make it easier to build container host or k*s host images (as
well as guests), we start to add some packagegroups that wrap the
required elements.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
| |
OE core has updated busybox, so we bump to match.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In some scenarios (and package managers), packages post install
scripts may have references to /bin/sh.
The package manager doesn't know if the scripts will run on the
build host or target, so we get a calculated redepnds on /bin/sh
base-files and base-passwd fall into this category of having
post installs, but no need for /bin/sh on the target.
If you know what you are installing, and want the smallest
container possible, this package will satisfy the dependency when
assembling the rootfs.
To enable it, put the following in a configuration file (local.conf
or otherwise):
PACKAGE_EXTRA_ARCHS_append = " container-dummy-provides"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Some of the dependencies are no longer valid for the kata runtime
recipe.
This also drops hyperstart as a dependency. With this removal, we
need a replacement kernel and initrd for kata. That replacement
will happen in future commits.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
We already have a distro feature that controls the static/non-static
configuration of libgcrypt: 'vmsep'
To avoid build errors on distros that don't have static libgcrypt
available, we move the CONFIG_STATIC config to a fragment and only
enable it whent he distro feature is set.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
runx knows how to build its own copy of busybox for its initrd,
adding a flag to allow us to select which mode we want.
Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding one build and one runtime robustness change:
- build: specify the syroot native as a library path to qemu user.
This allows us to run dynamic executables
- runtime: add a patch to increase the serial fd timeout. We'll
drop this once it is merged upstream.
Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a busybox variant that inherits almost all of its support from
the core busybox recipe, but adds configuration values that are
appropriate to be used in an initrd.
In particular:
- we build busybox statically
- we enable runlevel and init functionality
- mdev is always enabled
- applet install support is enabled
Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
There are some missing dependencies for a fully functional runx
host. We add them here.
Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Fix the linux kernel versions referenced in the recipe. For ease of use, add
variables KERNEL_SRC_VER and KERNEL_URL_VER that can be used to udpate the
linux versions.
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the tip of the runx repository. This brings in some build
changes, as well as introducing the v5.4 kernel.
Our patches for cross compilation need to be tweaked to the new
structure, as well as the install task to pickup the new location
of some files.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Runx needs busybox static binary that contains symlinks to mount. However, in
zeus, busybox by default uses BUSYBOX_SPLIT_SUID = 1. With the variable set,
busybox binary gets split into two busybox.suid and busybox.nosuid busybox.suid
contains links to mount while runx recipes pulls in busybox.nosuid.
When vmsep is enabled, set BUSYBOX_SPLIT_SUID = 0 so that an unstripped busybox
binary is generated which contains all the required links including mount.
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
The package name for xen-xl has changed, so we need to update the
runx rdepends .. or we are unbuildable.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously the following message was printed on the console every 5
minutes:
INIT: Id "X0" respawning too fast: disabled for 5 minutes
Installing and using a getty-wrapper that will check for the hypervisor
(hvc0) device and if not present, will call sleep
Signed-off-by: Jaewon Lee <jaewon.lee@xilinx.com>
Signed-off-by: Mark Hatle <mark.hatle@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
distro_features_check bbclass is deprecated, inherit features_check
instead.
Signed-off-by: Ming Liu <ming.liu@toradex.com>
|
|
|
|
|
|
|
|
|
| |
Remove the placeholder code for go console integration.
Pin the recipe to use the latest commit and copy additional scripts needed at runtime.
Inlcude socat, daemonize and gobuild as required dependencies.
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
Rename bbappend file so that bitbake finds the right recipe. Else during parse
time, a dangling bbappend warning is generated.
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
If vmsep is a distro feature, we need to allow the static libraries to
be built (so we remove --diable-static). Without this, busybox cannot
be statically built and we can't (easily) use it as part of an initrd.
Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com>
|
|
|
|
|
|
|
|
|
|
|
| |
If "vmsep" is in distro features, we need to configure busybox
as a static build. This allows for it to be used as party of an
initrd.
We also ensure that the installer support is added to busybox, so
it can be installed to the initrd via: busybox --install
Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is the initial version of the runX OCI wrapper to allow Xen based virtual
machines to be launched and managed as containers via an OCI interface.
In this first version, runx consists of the following components:
- runX binary/wrapper (/usr/bin/)
- state control wrappers (/usr/share/runX)
- runx kernel
- initrd
Once built and installed these allow the launching of Xen virtual machines
in an OCI compliant manner.
Dependencies of this recipe include:
- kernel: must be a specific version, currently 4.15. This is done as
a nested build and not as a multiconfig (by design).
- static target busybox: used for the initrd
- initrd: constructed from the kernel + busybox
The configuration of the system to build the dependencies in the right
mode for use in runX is controlled via the DISTRO_FEATURE "vmsep". If
this feature is missing, and runx is bitbaked, an error is thrown.
Installing the "runx" package to a rootfs will install all the required
support components (and dependencies).
Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com>
|
|
|
|
|
|
|
| |
The initscripts bbappend should only activate when virtualization is
in distro features.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the go-lang container recipes were first created there were issues
with strip and the resulting binaries. As such, strip was inhibited for
the various packages.
This variable is now set in the default classes, and tests show that
strip works on the binaries (saving up to 2M on disk for some binaries)
with no runtime issues found.
So we drop our explicit set of the inhibit and let the build proceed
by the defaults.
If issues are found, we can re-enable the setting or bbappends can
turn it back on for builds showing issues.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
Temporarily reverting this commit, since it has broken some Xen boot
usecases. We'll revisit this in the future.
This reverts commit 50cdecca7b2a0e1bb5eacbec132f26b802f950fc.
|
|
|
|
|
|
|
|
|
|
| |
This commit switches over to using existing SERIAL_CONSOLES mechanism
for hvc0 inittab entry generation. This then results in
/bin/start_getty wrapper being used, which avoids the getty failure seen
when running a xen capable rootfs natively on linux.
Signed-off-by: Manjukumar Matha <manjukumar.harthikote-matha@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
lxc-net wants to take care of DNS itself using dnsmasq, while named in
bind does the same thing on all network interfaces by default and causes
the following error.
dnsmasq: failed to create listening socket for 10.0.3.1: Address already in use
Failed to setup lxc-net.
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
| |
This prevents the signature from being modified
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the yocto-check-layer failed with:
Dependency on variable DISTRO_FEATURES_LIBC was added
Variable do_install value changed:
@@ -32,3 +32,7 @@
done
echo "" >> ${D}${sysconfdir}/inittab
fi
+ if echo "${DISTRO_FEATURES}" | grep -q 'xen'; then
+ echo "" >> ${D}${sysconfdir}/inittab
+ echo "X0:12345:respawn:/sbin/getty 115200 hvc0" >> ${D}${sysconfdir}/inittab
+ fi
used idea from meta-selinux
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
| |
runv needs a kernel and initrd as part of its startup. The tested
configuration for these is hyperstart, so we add it to the rdepends
to ensure it is installed.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introducing runv, which is a Hypervisor-based Runtime for OCI.
runV is compatible with OCI. However, due to the difference between
hypervisors and containers, the following sections of OCI don't apply to runV:
- Namespace
- Capability
- Device
- linux and mount fields in OCI specs are ignored
- Hypervisor
The current release of runV supports the following hypervisors:
- KVM (QEMU 2.1 or later)
- KVM (Kvmtool)
- Xen (4.5 or later)
- QEMU without KVM (NOT RECOMMENDED. QEMU 2.1 or later)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This approach breaks images which have Xen in DISTRO_FEATURES,
but are not booting under Xen (and mounting /proc/xen fails).
xencommons, xendriverdomain, or proc-xen.mount should take care of
mounting /proc/xen.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using a wildcard will simplify things when using meta-virtualization
against different yocto or oe branches and prevent having to make
future updates to keep in step with package uprevs.
The changes found within these bbappend tend to be generic and
non-version specific, thus safe for 'porting' via wildcard.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
| |
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|