summaryrefslogtreecommitdiffstats
path: root/meta/classes
Commit message (Collapse)AuthorAgeFilesLines
* default-distrovars.inc: Switch connectivity check to a yoctoproject.org pageRichard Purdie2022-02-201-1/+1
| | | | | | | | | | | | | example.com is proving unreliable at present so switch to our own connectivity page instead. That page is very simple avoiding app overhead on our web server which was an original reason for switching to example.com. (From OE-Core rev: 3d9f68e06736817871d8694fe0c6e779c005872b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dc6b043cb75c5751b5a98afd2201aa31f9b4b9f6) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: create directory of CVE_CHECK_MANIFEST before copyStefan Herbrechtsmeier2022-02-201-0/+1
| | | | | | | | | | | | | Create directory of the CVE_CHECK_MANIFEST variable before copy to it, so that the variable can use an arbitrary directory name. (From OE-Core rev: 113b21fd3edc599c280f34875ca1477606424eec) Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9829c16301bf2dce39fa046401a984f112fa0322) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: A third fix for for touching files inside pseudoPeter Kjellerstedt2022-02-101-5/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | This continues where commit676757f "sstate: fix touching files inside pseudo" and commit 29fc8599 "sstate: another fix for touching files inside pseudo" left off. The previous changes switched from trying to check if the sstate file is writable before touching it, to always touching the sstate file and ignoring any errors. However, if the sstate file is actually a symbolic link that links to nothing, this would actually result in an empty sstate file being created. And this in turn leads to that future setscene tasks will fail when they try to unpack the empty file. Change the code so that if an sstate file linking to nothing already exists, it is overwritten with the new sstate file. Also change it so that the temporary file that is used is always removed, even if ln fails to link the sstate file to it. (From OE-Core rev: 3eceda67a1098ab9641cb1b7fc789048b7daeae8) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> (cherry picked from commit b2a5d9bc61e0b2b7e0f187a262a514952ed30563) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: add lockfile to taskKonrad Weihmann2022-01-251-0/+1
| | | | | | | | | | | | | | | | | | | | | | this should prevent running into the very rare error sqlite3.OperationalError: attempt to write a readonly database As highlighted by https://www.sqlite.org/faq.html#q5 it is likely that the adapter won't allow use multiple exec calls at the same time. So it's best to prevent multiple accesses at a time, by reusing the already in place CVE_CHECK_DB_FILE_LOCK YOCTO #14110 (From OE-Core rev: 155c238d340fdc82420ba9f367cb23014c78b705) Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 677f5741bd265be49d4a5bb933b3e8d8c4eec653) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* populate_sdk_base: remove unneeded dirs such as /devChen Qi2022-01-251-1/+10
| | | | | | | | | | | | | | | | | | | | | We met a problem that core-image-tiny-initramfs's SDK cannot be installed. The error message is like below. tar: ./sysroots/core2-64-poky-linux/dev/console: Cannot mknod: Operation not permitted In fact, the '/dev' direcotry is not needed by SDK. So remove it. This patches uses a variable, SDK_PRUNE_SYSROOT_DIRS, to hold useless dir entries so that it could be extended. For example, '/usr/bin' could be added if wanted. (From OE-Core rev: 9154f71c7267e9731156c1dfd57397103e9e6a2b) (From OE-Core rev: 0211ccb94ecc13ed0f4d3f351baf4f9a39f2ccea) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uboot-sign: fix the concatenation when multiple U-BOOT configurations are ↵Thomas Perrot2021-12-151-1/+15
| | | | | | | | | | | | | | | | | | | | specified Some BSPs, especially those of meta-freescale and meta-ti allow to build U-Boot binaries using different configuration for a given target, for example: - UBOOT_CONFIG ??= "tfa-secure-boot tfa" - UBOOT_CONFIG ??= "nand sdcard spi nor" When this is the case the public key wasn't concatenated to all U-Boot binaries built. (From OE-Core rev: ffa802f5a60f244141f1b263f3c69936d4c2f388) Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit dfd71ae3d102f3010c6117d774e9739a322930f6) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildhistory: Fix srcrevs outputRichard Purdie2021-12-151-17/+13
| | | | | | | | | | | | | | | | | | | The code was assuming that the a recipe with only one srcrev wouldn't "name" it. This isn't the case as the glibc or bzip2 recipes show, you can have a single srcrev which is named. We can pull the data from the fetcher and in fact we already have it, we just need to handle the "default" case and make that code the default for all srcrev regardless of length. [YOCTO #14017] (From OE-Core rev: f21ae68097f331e772960bdb0d488fdd53a21055) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 45ae567932ba52b758eb41754453e9828d9533a1) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands: update systemd_create_usersVyacheslav Yurkov2021-12-151-1/+1
| | | | | | | | | | | | | | | | | | | Process all systemd-sysusers configuration files in order to create users/groups at build time. systemd-sysusers would try to create them at run-time, but for read-only rootfs that's not possible and results in warnings from different services: systemd-udevd[166]: /lib/udev/rules.d/50-udev-default.rules:39 Unknown group 'render', ignoring systemd-udevd[166]: /lib/udev/rules.d/50-udev-default.rules:40 Unknown group 'render', ignoring systemd-udevd[166]: /lib/udev/rules.d/50-udev-default.rules:42 Unknown group 'sgx', ignoring (From OE-Core rev: a94e622f222253c6646f1a1157f918d8aa586866) Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f86ffdb1b77c6ba32ec250545a40c1c54f983f21) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Add version to uninative tarball nameRichard Purdie2021-12-051-1/+1
| | | | | | | | | | | | | | | | | uninative works via hashes and doesn't need the version in the tarball name but it does make things easier to inspect in DL_DIR. There were reasons such as ease of publication of the build tarballs but we can handle those differently now and the signature issues from the early code aren't an issue now. From 3.4 onwards we can use a version'd name. [YOCTO #12970] (From OE-Core rev: e3ba0041ccb9633ec21241cb6852aa50c2663677) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dadba70d6a24d8ebb5576598efffa973151c7218) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mirrors: Add kernel.org sources mirror for downloads.yoctoproject.orgRichard Purdie2021-11-241-0/+1
| | | | | | | | | | | | kernel.org now has a mirror of the downloads.yoctoproject.org sources archive so include this in our mirrors list. (From OE-Core rev: 97b819750b985f080c0e586aba0312bc0f62cdb9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f602b6c2046bbc52a95dcc68a754f1cbb2db6761) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mirrors: Add uninative mirror on kernel.orgRichard Purdie2021-11-241-0/+1
| | | | | | | | | | | | | | At the last nas outage, we realised that we don't have good mirrors of the uninative tarball if our main system can't be accessed. kernel.org mirrors some Yocto Project data so we've ensured uninative is there. Add the appropriate mirror url to make use of that. (From OE-Core rev: e716c371992ea567171fb7f7bb8691ec92dfc71b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1833cb0c5841afafb468b963b74b63366b09a134) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cross-canadian: correct the location of pkg-config filesAlexander Kanavin2021-11-211-1/+1
| | | | | | | | | | | | layout_libdir has not been defined for many years. (From OE-Core rev: e5022ff0a3e403d772a5b0654f9219274c1d6fb9) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2c84fbed676a8e6717592c86c3742566ad0decac) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: add explicit branch and protocol to SRC_URIAnuj Mittal2021-11-211-1/+1
| | | | | | | | | | | | Add branch name explicitly to SRC_URI where it's not defined and switch to using https protocol for Github projects. The change was made using convert-srcuri script in scripts/contrib. (From OE-Core rev: ab781d4e3fa7425d96ea770ddfd0f01f62018c5b) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: another fix for touching files inside pseudoJose Quaresma2021-11-211-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch is a fixup for 676757f "sstate: fix touching files inside pseudo" running the 'id' command inside the sstate_unpack_package function shows that this funcion run inside the pseudo: uid=0(root) gid=0(root) groups=0(root) The check for [ -w ${SSTATE_PKG} ] and [ -O ${SSTATE_PKG}.siginfo ] will always return true and the touch can fail when the real user don't have permission or in readonly filesystem. As the documentation refers: - the file test operator "-w" check if the file has write permission (for the user running the test). - the file test operator "-O" check if you are owner of file We can avoid this test running the touch and mask any return errors that we have. (From OE-Core rev: 29fc85997ade490ae46ffca37ef8e1a56957c876) (From OE-Core rev: a5240d78f287ff5f3c5831af69e6e0ca3feaf769) Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5b9210d66c78bb3f79056e5586cea7b0edd714a9) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: Account for reserved characters when shortening sstate filenamesManuel Leonhardt2021-11-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | Previously, when shortening sstate filenames, the reserved characters for .siginfo were not considered, when siginfo=False, resulting in differently shortend filenames for the sstate and siginfo files. With this change, the filenames of the truncated sstate and siginfo files have the same basename, just as is already the case for untruncated filenames. Making sure that the .siginfo files always have the filename of the corresponding sstate file plus its .siginfo suffix, also when being truncated, makes it easier to manage the sstate cache and an sstate mirror outside of Bitbake/Yocto. (From OE-Core rev: 186062278e2d1e129815c4f8cf3d9003f3ac2809) Signed-off-by: Manuel Leonhardt <mleonhardt@arri.de> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c2e0e43b7123cf5149833e0072c8edaea3629112) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: fix touching files inside pseudoJose Quaresma2021-11-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | running the 'id' command inside the sstate_create_package function shows that this funcion run inside the pseudo: uid=0(root) gid=0(root) groups=0(root) The check for touch files [ ! -w ${SSTATE_PKG} ] will always return true and the touch can fail when the real user don't have permission or in readonly filesystem. As the documentation refers, the file test operator "-w" check if the file has write permission (for the user running the test). We can avoid this test running the touch and mask any return errors that we have. (From OE-Core rev: 8acd5626b5b89fb48d5d7f0e4eee263793ba383f) Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f6e7445c94443544e92fda97a017ce93393c5f84) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* testimage: fix unclosed testdata fileRoss Burton2021-11-031-3/+4
| | | | | | | | | | (From OE-Core rev: 0392005d2ed9648ed6eedd3dd3541249bf4fc404) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0c192a97e3e1c015a48667d6903cc07a8b2620e4) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* reproducible_build: Work around caching issuesRichard Purdie2021-10-291-4/+7
| | | | | | | | | | | | | | | | | | SOURCE_DATE_EPOCH can be expanded early in the parsing process before the class extensions are applied. This can mean the directory pointed to for the SDE can be incorrect until later in parsing. Cache the file name in the cached value and allow it to dynamically update. This isn't ideal but avoding expansion of the variable likely isn't possible and I'm not sure how else to handle this. This works around the issue until a better solution can be found. (From OE-Core rev: 7e3752dcce2236a4d1ad046b1df2edf8ee5619b4) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 44dc97cd1223e4d2b635669627ec5f796838d42d) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Improve glob to handle glibc 2.34Ross Burton2021-10-291-1/+1
| | | | | | | | | | | | | | With glibc 2.34, the libraries were renamed. Tweak the glob to support both as this is needed for newer uninative versions. [RP: tweak commit message] (From OE-Core rev: f60da44d32a579f5ba5c95dd60f80d624de39ce4) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 98248306e4b5f023e96375293b60524574ebb686) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch.bbclass: when the patch fails show more info on the fatal errorJose Quaresma2021-10-291-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are situations when the user have the 'patchdir' defined as a parameter on SRC_URI. However he doesn't know that with this the patch is applied relatively to the receipe source dir 'S'. - When user have 'patchdir' defined check if this directory exist. - If the patch fails show addition info to the user: - Import: show the striplevel - Resolver: show the expanded 'patchdir' to the user. The next example is from opencv in meta-oe layer, here the patch is applied on the target directory ${WORKDIR}/git/contrib. S = "${WORKDIR}/git" SRCREV_FORMAT = "opencv_contrib" SRC_URI = "git://github.com/opencv/opencv.git;name=opencv \ git://github.com/opencv/opencv_contrib.git;destsuffix=contrib;name=contrib \ file://0001-sfm-link-with-Glog_LIBS.patch;patchdir=../contrib \ " * When the patch fail there are no message that indicates the real reason. patchdir=../no-found-on-file-system ERROR: opencv-4.5.2-r0 do_patch: Command Error: 'quilt --quiltrc /build/tmp/work/core2-64-poky-linux/opencv/4.5.2-r0/recipe-sysroot-native/etc/quiltrc push' exited with 0 Output: stdout: Applying patch 0001-sfm-link-with-Glog_LIBS.patch can't find file to patch at input line 37 Perhaps you used the wrong -p or --strip option? * The check of the patchdir will add a new fatal error when the user specifies a wrong path than don't exist. patchdir=../no-found-on-file-system ERROR: opencv-4.5.2-r0 do_patch: Target directory '/build/tmp/work/core2-64-poky-linux/opencv/4.5.2-r0/git/../no-found-on-file-system' not found, patchdir '../no-found-on-file-system' is incorrect in patch file '0001-sfm-link-with-Glog_LIBS.patch' * When we can't aplly the patch but the patchdir exist, show the expanded patchdir on fatal error. patchdir=../git ERROR: opencv-4.5.2-r0 do_patch: Applying patch '0001-sfm-link-with-Glog_LIBS.patch' on target directory '/build/tmp/work/core2-64-poky-linux/opencv/4.5.2-r0/git/../git' Command Error: 'quilt --quiltrc /build/tmp/work/core2-64-poky-linux/opencv/4.5.2-r0/recipe-sysroot-native/etc/quiltrc push' exited with 0 Output: stdout: Applying patch 0001-sfm-link-with-Glog_LIBS.patch can't find file to patch at input line 37 Perhaps you used the wrong -p or --strip option? (From OE-Core rev: 0b57a6f07a2d69f809120f1bc1988738c35c095b) Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit c44bc7c0fb8b7c2e44dd93607a3bfd9733e1df80) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* externalsrc: Fix a source date epoch race in reproducible buildsRichard Purdie2021-10-291-10/+9
| | | | | | | | | | | | | | | When reproducible builds are enabled and externalsrc is in use, the source date epoch function is added. The conditions on the conditional code removing the unpack task need to match the deltask function, else the source date epoch function can end up running twice and the functions can race with each other causing build failures or corruption. (From OE-Core rev: 295947ac48a8c14eba8f2bedcfb7b59121a1da5f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e82095c02881410035ca23dc12692f074d8ed39b) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* externalsrc: Work with reproducible_buildMark Hatle2021-10-291-0/+10
| | | | | | | | | | | | | | | | | | | Externalsrc removes do_fetch, do_unpack, and do_patch. The system normally discovers the correct reproducible date as a postfuncs of do_unpack, so this date is never found, so it falls back to the default epoch. Instead we can move the discovery function to a prefuncs on the epoch deploy task. This task will run before do_configure, and since the source is already available can run safely at anytime. (From OE-Core rev: bc8448b55f06c75ec129fc32cee75ef945a49d3e) Signed-off-by: Mark Hatle <mark.hatle@xilinx.com> Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0b7dd711a54e92ce54abe99f59fc67e683d52dfe) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package: Ensure pclist files are deterministic and don't use full pathsRichard Purdie2021-10-291-3/+3
| | | | | | | | | | | | | | Currently the pkgconfig pclist files contain full paths which are build host specific and the order of entries is not deterministic. Fix both these issues so the files are deterministic. (From OE-Core rev: 59655c76c395ffaae0342458a6a2ce0494b8e1a6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e422e29bca4af3ab4073e04490f38b05cd7c38c0) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rm_work.bbclass: Fix for files starting with -William A. Kennington III2021-10-071-4/+4
| | | | | | | | | | | | | | This makes it possible to name files starting with a hyphen in the work directory. Without this change rm will fail due to an unexpected option being passed. (From OE-Core rev: 88d67525dc70c21b5a29dbcef65d12a1c780d717) Signed-off-by: William A. Kennington III <wak@google.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5f1a63e0de4921ef970114a16d0827fcddcdaa0e) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_ipk: Use localdata store when signing packagesKenfe-Mickael Laventure2021-10-071-2/+2
| | | | | | | | | | | | | | | | | | | When signing a package, we were resolving the `PKGV` version using the original data store (`d`). However, since that store does not have the package name in its `OVERRIDES` list the wrong version can be returned in recipes that produce multiple packages. One such example would be `external-arm-toolchain.bb`. The above issue is fixed by using `localdata` instead of `d` when resolving the needed variables. (From OE-Core rev: c4724cd652b5a3adc398652b48e16d1fd1a90e89) Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@verkada.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2b5f01cf5a92a873ac4c3f0ba0584cab2cc05714) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: Avoid problems with recipes using SRCPV when fetching sstateRichard Purdie2021-09-241-0/+4
| | | | | | | | | | | | | | | When fetching sstate, SRCPV can be expanded withuin PV which breaks the sstate fetcher as other variables like SRC_URI are changed by the fetcher code. Expand the variable before doing this to avoid those problems and hence avoid setscene task failures with remote sstate storage in git recipes. (From OE-Core rev: 5232aa1c46380e7197098bed39fc6d5b8456caa7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0d9d7acebe0be42d4cf8a30ecbbbbcb2dfd16a4b) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sdk: Decouple default install path from built in pathRichard Purdie2021-09-091-0/+1
| | | | | | | | | | | | | | | | | Add SDKPATHINSTALL which is used as the default install location of the SDK instead of SDKPATH. This means the default install path isn't encoded into every SDK binary, meaning if a date is used there the entire SDK doesn't have to rebuild. Most distros can switch to only customise SDKPATHINSTALL meaning more sstate reuse too. [YOCTO #14100] (From OE-Core rev: 1b4309ee196c45661ddb79d8529517a8777a8d53) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bc4ee5453560dcefc4a4ecc5657df5cc1666e153) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-yocto: Simplify no git repo case in do_kernel_checkoutPaul Barker2021-09-091-15/+15
| | | | | | | | | | | | | | | | | | | | | If the kernel sources are not fetched via git, a local git repository is created in do_kernel_checkout. In this case we know that there will be no remote branches and we will already be on the correct branch (since only one branch will exist). So we can simplify things by skipping these steps. This also removes the assumption that the default git branch name will be "master". Prior to this change, the final git checkout command in do_kernel_checkout could fail if a local git repo was created and the user had changed init.defaultBranch in their gitconfig. (From OE-Core rev: 0c8d643d7b474a845588ad7dbf86f85a9aad5c49) Signed-off-by: Paul Barker <paul@pbarker.dev> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit af2a9c92d4498492ca23388c7b4bbed48abdc4d7) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* image_types: Restore pre-btrfs-tools 4.14.1 mkfs.btrfs shrink behaviorMarek Vasut2021-09-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the mkfs.btrfs generates large images with a lot of wasted space. This happens since OE-core updated btrfs-tools from 4.13.3 to 4.15.1 in commit 94b645aa77 ("btrfs-tools: update to 4.15.1") . Note in mkfs.btrfs(8) manpage section -r says the following: " -r|--rootdir <rootdir> ... Note This option may enlarge the image or file to ensure it’s big enough to contain the files from rootdir. Since version 4.14.1 the filesystem size is not minimized. Please see option --shrink if you need that functionality. --shrink Shrink the filesystem to its minimal size, only works with --rootdir option. ... Note prior to version 4.14.1, the shrinking was done automatically. " Add the --shrink option to EXTRA_IMAGECMD_btrfs to reinstate the original behavior and un-waste the space. (From OE-Core rev: 6a72c7c688c7985d19f0387121b3a77639ba6f60) Signed-off-by: Marek Vasut <marex@denx.de> Cc: Alexander Kanavin <alexander.kanavin@linux.intel.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Cc: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c4a99d36967302c176b62fad840b5e79486ea356) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sdk: Enable do_populate_sdk with multilibsKhem Raj2021-08-262-2/+1
| | | | | | | | | | | | | | | | | | | This patch enables building image based SDKs for multi-libbed images e.g. lib32-core-image-minimal and so on. Change the path to nativesdk tools to use recipe-sysroot since thats where the nativesdk components are installed and it will need access to qemu wrappers during build for processing intercepts [YOCTO #14444] (From OE-Core rev: 3d18d1924ff0dcf8788ee856e3f056e77db8f920) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 6196a785eababb040ee1dee9f33cb6d6dad77eef) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* utils: Reduce the number of calls to the "dirname" commandOleksandr Popovych2021-08-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | utils.bbclass contains create_cmdline_wrapper() function that creates wrapper script with additional arguments for any passed "$cmd" command, and uses several calls to "dirname". Because "dirname" is an external command, in cases of lots of calls to wrapped "$cmd", each call of "dirname" will incur significant overhead. There are three same calls to "dirname": one for saving it`s output to "realdir" variable, and other two in "exec" command. So last two "dirname" calls can be replaced with cached value from "realdir" variable. (From OE-Core rev: 33ebb967a9489384c2407e7e3211f8bfca7c3916) Signed-off-by: Oleksandr Popovych <opopovyc@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4b9cf2c80fd14386e0b88a2e6c40a9fa3f1ae0f7) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* terminal.bbclass: force bash for devshellJoe Slater2021-08-261-1/+4
| | | | | | | | | | | | | | | | | Since shell_trap_code in build.py sets /bin/sh as the interpreter we will die a silent death if our environment contains things like "export -f bodilyfunction" and /bin/sh is really /bin/dash. Fixes this for the case of devshell. (From OE-Core rev: 48fe148e5ca344d2a6bad444ef48d9c5ea414448) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 23d296b3567aa31bad7b2a8558d4bd3e4505843b) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate.bbclass: fix error handling when sstate mirrors is roJose Quaresma2021-08-261-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The commit dd555537fc35c5f934af09d601d70772eb5955ae 'sstate.bbclass: fix errors about read-only sstate mirrors' adds an additional exception handler to silently mask read only rootfs errors thrown during the touch. The exception handler checks the error type with the python module errno but this module needs to be imported as it don't exist. Example of the error: File: 'exec_python_func() autogenerated', lineno: 2, function: <module> 0001: *** 0002:sstate_task_postfunc(d) 0003: File: '/home/builder/src/base/poky/meta/classes/sstate.bbclass', lineno: 778, function: sstate_task_postfunc 0774: 0775: omask = os.umask(0o002) 0776: if omask != 0o002: 0777: bb.note("Using umask 0o002 (not %0o) for sstate packaging" % omask) *** 0778: sstate_package(shared_state, d) 0779: os.umask(omask) 0780: 0781: sstateinst = d.getVar("SSTATE_INSTDIR") 0782: d.setVar('SSTATE_FIXMEDIR', shared_state['fixmedir']) File: '/home/builder/src/base/poky/meta/classes/sstate.bbclass', lineno: 708, function: sstate_package 0704: except PermissionError: 0705: pass 0706: except OSError as e: 0707: # Handle read-only file systems gracefully *** 0708: if e.errno != errno.EROFS: 0709: raise e 0710: 0711: return 0712: Exception: NameError: name 'errno' is not defined (From OE-Core rev: 2e5cf13aa46f25d8976ece55fcb4129bfd75659f) Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 15f30ad144fbe25e9a5e71bc7e42e746d2039992) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: improve comment about CVE patch file namesMichael Opdenacker2021-08-141-3/+6
| | | | | | | | | | (From OE-Core rev: fea9f2edf515cca07e867213294d0e6dafbfbd74) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8aa613480663e11ecc62278d8c57ca719eb23899) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: update link to NVD website for CVE detailsMichael Opdenacker2021-08-141-1/+1
| | | | | | | | | | | | | | | The old URL schema https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-ID now redirects to https://nvd.nist.gov/vuln/detail/CVE-ID (From OE-Core rev: 7dfaadfbdc5f5e6dd96fadb092314ab9d05674fd) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 57adb57a9d9b08c08ab606ec7b561792e4f4ff2d) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: fix commentsMichael Opdenacker2021-08-141-4/+4
| | | | | | | | | | | | | | This implements various fixes in comments in cve-check.bbclass In particular, the "whitlisted" typo is important as the "whitelisted" word is going to be replaced in a near future. (From OE-Core rev: 80941c3ae3c2ee8ca48462f20ef5187b26a35247) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5eecd2bf942254d08c252388594e5ec7ae330f45) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license: Exclude COPYING.MIT from pseudoRichard Purdie2021-08-141-1/+1
| | | | | | | | | | | | | | | | | | | Along with the other license exclusions, we need to exclude the top level COPYING.MIT file else when: COPY_LIC_DIRS = "1" COPY_LIC_MANIFEST = "1" is set, we see eSDK failures from a pseudo abort. [YOCTO #14366] (From OE-Core rev: 632220213cb576941c6d4961c79286a31e9e5f42) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3eb580843de3f055e42fcce60b0f15c4190c0542) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: Fix rebuilds when changing layer configRichard Purdie2021-08-141-0/+1
| | | | | | | | | | | | | | | | When adding a layer which changed SSTATE_EXCLUDEDEPS_SYSROOT, the state hashes were changing when they should not. This was caused by wider use of setscene_depvalid which means the dependency on the variable was seen when it was previously not. Exclude the variable since this should be be included in the hashes. (From OE-Core rev: 084d81058682e0c9074203c907f80d6eabe63534) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 09725a29365c69ccbd603fe3a1de72189f26d5ac) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* archiver.bbclass: fix do_ar_configured failure for kernelChangqing Li2021-08-061-1/+4
| | | | | | | | | | | (From OE-Core rev: 7ff54f2b1842830d526295192a8de2d168835911) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d7776a23cbea836ddb8ac5ec77012af2449ab875) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* archiver.bbclass: Fix patch error for recipes that inherit dos2unix.leimaohui2021-08-061-0/+3
| | | | | | | | | | | | | do_unpack_and_patch error happens for these recipes inherit dos2unix. (From OE-Core rev: d2405585f0bcdf80950fb41438168d622b1c3181) Signed-off-by: Lei Maohui <leimaohui@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2ceda7c90c0087f52693c54d5ccab143b27f4d21) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: Drop pseudo exclusionRichard Purdie2021-08-061-2/+0
| | | | | | | | | | | | | | | | Now that pseudo-native always includes statx support and we have sanity checks on pseudo-native to ensure it always contains a minimum feature set, we no longer need to mark pseudo-native as distro specific. This fixes eSDK build problems. [YOCTO #14428] (From OE-Core rev: 4c7c9326da92ea93fdef1ad804685c21a197f1d4) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3279e43fcb469edb63c7c4eb60fdc565d5751f9d) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto-dev: base AUTOREV on specified versionBruce Ashfield2021-07-201-0/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | linux-yocto-dev tracks the latest mainline kernel, and uses standard/* for that support. Archived -dev versions are under v<kernel version>/standard/base. This policy works, except that a released branch will still follow the new kernel versions, causing potential breakage with newer kernels than are supported in that release. Rather than lock the SRCREVs and update branches in old releases, we can preserve the AUTOREV nature of -dev, and allow them to switch automatically to the archived branch based on the LINUX_VERSION in the -dev recipe (which is unchanged in the release branch). This is consistent with the other branch switching done for the kernels and with the -dev workflow. (From OE-Core rev: b3228b4140575bfc20cb4e5bade0f3737d374e86) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 84e14b6116a7d1e52051c5c80be2d8e3db67c2d7) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate/staging: Handle directory creation race issueRichard Purdie2021-07-202-6/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The sstate code tries to be careful about racing around directory creation. In particular, the copyhardlinktree code creates the directory tree first allowing for "already exists" errors and ignoring them, then hardlinks the files in. Unfortunately the sstate removal code can race against this since it will try and remove empty directories. If there is some bad timing, a newly created directory can be removed before it was populated, leading to build failures. We could try and add locking but this would damage performance, we've been there before. It is also unclear where to actually place locks just based on the contents of a manifest file which may cover multiple sstate install locations for a given task. Instead, lets disable directory removal in the problematic "shared" core path. This could result in a few more empty directories being left on disk but those should be harmless and better than locking hurting performance or rare build races. [YOCTO #13999] [YOCTO #14379] (From OE-Core rev: 3bea0da687d28c80f0b63e2ad81573a3601bb482) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4f94d9296394bc7ce241439f00df86eb5912875f) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-devicetree: Fix interaction when packaging disabledRichard Purdie2021-07-061-4/+7
| | | | | | | | | | | | | When packaging is disabled using the nopackages class, ensure we don't add to PACKAGES. This fixes builds where we have an unpackaged kernel alongside a packaged kernel. (From OE-Core rev: 13a1e550b0252d6f3a1164d39614f8ac847e1095) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d6b114cf5a9b22688c0b59a3afc46a07450d87b5) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate.bbclass: fix errors about read-only sstate mirrorsMichael Ho2021-07-061-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a read-only sstate mirror is used in conjunction with hash equiv, then OSError will be raised when an sstate-cache hit is achieved. This is because sstate_task_postfunc will try to "touch" the symlinks that point to the read-only sstate mirror when sstate_report_unihash has changed SSTATE_PKG. This commit adds an additional exception handler to silently mask read only rootfs errors thrown during the touch. The fix is also duplicated to sstate_eventhandler as the code is very similar but it may not be needed there. Example of the error: File: 'exec_python_func() autogenerated', lineno: 2, function: <module> 0001: *** 0002:sstate_task_postfunc(d) 0003: File: '/poky/meta/classes/sstate.bbclass', lineno: 774, function: sstate_task_postfunc 0770: 0771: omask = os.umask(0o002) 0772: if omask != 0o002: 0773: bb.note("Using umask 0o002 (not %0o) for sstate packaging" % omask) *** 0774: sstate_package(shared_state, d) 0775: os.umask(omask) 0776: 0777: sstateinst = d.getVar("SSTATE_INSTDIR") 0778: d.setVar('SSTATE_FIXMEDIR', shared_state['fixmedir']) File: '/poky/meta/classes/sstate.bbclass', lineno: 703, function: sstate_package 0699: if not os.path.exists(siginfo): 0700: bb.siggen.dump_this_task(siginfo, d) 0701: else: 0702: try: *** 0703: os.utime(siginfo, None) 0704: except PermissionError: 0705: pass 0706: 0707: return Exception: OSError: [Errno 30] Read-only file system (From OE-Core rev: 1d86f3c8f5d47e1b3e3ca759076e24710ee7dc02) Signed-off-by: Michael Ho <Michael.Ho@bmw.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 244b3be0358a66e0cca4016fe26144e3d7323390) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel: Fix interaction when packaging disabledRichard Purdie2021-07-061-0/+2
| | | | | | | | | | | | | When packaging is disabled using the nopackages class, ensure we don't add to PACKAGES. This fixes builds where we have an unpackaged kernel alongside a packaged kernel. (From OE-Core rev: 8068eaccf89779d374791837215895432e45e85d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2522daf22e2c27dd9c7926feda0345978217c6c3) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_pkgdata: Avoid task hash mismatches for generic task changesRichard Purdie2021-07-061-1/+1
| | | | | | | | | | | | | Add SSTATETASKS to package_prepare_pkgdata[vardepsexclude] since otherwise the task hashes vary depending upon which packaging backends are enabled and likely other changes which add/remove unrelated sstate tasks. (From OE-Core rev: 5663bd42a27d25be9843d9f3611ea476b553930b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4011d31d4372639fd72ee0eefae210bf59c90d13) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uboot-sign.bbclass: fix some install commandsMing Liu2021-07-061-5/+3
| | | | | | | | | | | | | | | | | | | | A "install -d" command is missing when dealing with ${UBOOT_NODTB_BINARY} in install_spl_helper function, this can lead to invalid install error saying: | install: cannot create .../usr/share/u-boot-nodtb-2021.04-r0.bin': No such file or directory Let's drop all "install -d" and replace them with "install -Dm" in install_helper/install_spl_helper functions. (From OE-Core rev: 0fc4e10250e69a67c5250ce48bfc632d90a34097) Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit db2b1da511ea3d4daef136a8b1d85b7040a46632) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel.bbclass: fix do_sizecheck() comparisonAndrea Adami2021-06-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | The routine do_sizecheck() was historically needed by legacy devices with limited flash memory. The lowest extreme is probably with Zaurus collie having exactly 1024*1024 = 1048576 bytes for the kernel partition. In the years the KERNEL_IMAGE_MAXSIZE has been converted to kilobytes thus rounded so we have now KERNEL_IMAGE_MAXSIZE_collie = "1024". The effect is that now the check fails because we hit curiously this | WARNING: This kernel zImage (size=1024(K) > 1024(K)) is too big for... even though zImage is 1047288 bytes (kernel + kexecboot-klibc-initramfs). Fix this case using test -gt (greater) instead of -ge (greater or equal). (From OE-Core rev: 61feebd88960eb4e074a80a0e45b36a7a1db869c) Signed-off-by: Andrea Adami <andrea.adami@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 254ca956d63b4ce6aa294213b60bb943f9f3a9e6) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linuxloader: Be aware of riscv32 ldsoKhem Raj2021-06-261-0/+2
| | | | | | | | | | (From OE-Core rev: 1008b02ae998324960e6192a308319d80a84d06b) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0d7aa00663e1e41980afb24d0ada2d76e8723e2b) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>