Date   

CIP IRC weekly meeting today on libera.chat

Jan Kiszka
 

Hi all,

Kindly be reminded to attend the weekly meeting through IRC to discuss
technical topics with CIP kernel today.

Please note that we moved from Freenode to libera.chat. Our channel is
the following:

irc:irc.libera.chat:6667/cip

Furthermore note that the IRC meeting is now scheduled to UTC (GMT) 13:00:

https://www.timeanddate.com/worldclock/meetingdetails.html?year=2021&month=10&day=21&hour=13&min=0&sec=0&p1=224&p2=179&p3=136&p4=37&p5=241&p6=248

USWest USEast UK DE TW JP
06:00 09:00 14:00 15:00 21:00 22:00

Last meeting minutes:

https://irclogs.baserock.org/meetings/cip/2021/10/cip.2021-10-14-13.01.log.html

* Action item
1. Combine root filesystem with kselftest binary - iwamatsu & alicef
2. Look into S3 artifact upload issues - patersonc
* Kernel maintenance updates
* Kernel testing
* AOB

Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux


New CVE entry this week

Masami Ichikawa
 

Hi !

It's this week's CVE report.

This week reported 7 new CVEs.

* New CVEs

CVE-2021-20320: kernel: s390 eBPF JIT miscompilation issues fixes.

This bug is in BPF subsystem and s390 architecture specific. Patches
haven't been backported to 4.4 kernel. However, according to the
cip-kernel-config, it looks like no one uses s390, so can it ignore it
until someone backport patches?

CVSS v3 score is not provided.

Fixed status

mainline: [db7bee653859ef7179be933e7d1384644f795f26,
6e61dc9da0b7a0d91d57c2e20b5ea4fd2d4e7e53,
1511df6f5e9ef32826f20db2ee81f8527154dc14]
stable/4.19: [ddf58efd05b5d16d86ea4638675e8bd397320930]
stable/4.9: [c22cf38428cb910f1996839c917e9238d2e44d4b,
8a09222a512bf7b32e55bb89a033e08522798299]
stable/5.10: [d92d3a9c2b6541f29f800fc2bd44620578b8f8a6,
4320c222c2ffe778a8aff5b8bc4ac33af6d54eba,
ab7cf225016159bc2c3590be6fa12965565d903b]
stable/5.14: [7a31ec4d215a800b504de74b248795f8be666f8e,
6a8787093b04057d855822094d63d04a2506444a,
a7593244dc31ad0eea70319f6110975f9c738dca]

CVE-2021-20321: kernel: In Overlayfs missing a check for a negative
dentry before calling vfs_rename()

CVSS v3 score is not provided.

A local attacker can escalate their privileges up to root via
overlayfs vulnerability.
Patch for 4.4 is applied
failed(https://lore.kernel.org/stable/163378772914820@kroah.com/). It
needs to modify the patch. I attached a patch, if it looks good, I'll
send it to the stable mailing list.

Fixed status

mainline: [a295aef603e109a47af355477326bd41151765b6]
stable/4.14: [1caaa820915d802328bc72e4de0d5b1629eab5da]
stable/4.19: [9d4969d8b5073d02059bae3f1b8d9a20cf023c55]
stable/4.9: [286f94453fb34f7bd6b696861c89f9a13f498721]
stable/5.10: [9763ffd4da217adfcbdcd519e9f434dfa3952fc3]
stable/5.14: [71b8b36187af58f9e67b25021f5debbc04a18a5d]
stable/5.4: [fab338f33c25c4816ca0b2d83a04a0097c2c4aaf]

CVE-2021-3847: low-privileged user privileges escalation

CVSS v3 score is not provided.

A Local attacker can escalate their privileges up to root by overlay
fs's vulnerability
(https://www.openwall.com/lists/oss-security/2021/10/14/3).

Fixed status

Not fixed yet.

CVE-2021-42252: soc: aspeed: lpc-ctrl: Fix boundary check for mmap

CVSS v3 score is not provided.

This bug has been introduced since 4.12-rc1. so all stable kernels are fixed.

Fixed status

mainline: [b49a0e69a7b1a68c8d3f64097d06dabb770fec96]
stable/4.14: [b1b55e4073d3da6119ecc41636a2994b67a2be37]
stable/4.19: [9c8891b638319ddba9cfa330247922cd960c95b0]
stable/5.10: [3fdf2feb6cbe76c6867224ed8527b356e805352c]
stable/5.14: [865f5ba9fdfc3ac6acabcac9630056ce99db600d]
stable/5.4: [2712f29c44f18db826c7e093915a727b6f3a20e4]

CVE-2021-20322: new DNS Cache Poisoning Attack based on ICMP fragment
needed packets replies

CVSS v3 score is not provided.

A flaw in the processing of the received ICMP errors (ICMP fragment
needed and ICMP redirect) in the Linux kernel functionality was found
that allows to quickly scan open UDP ports. This flaw allows an
off-path remote user to effectively bypassing source port UDP
randomization.
This flaw is similar to the previous CVE-2020-25705 (both DNS
poisoning attack based on ICMP replies for open ports scanning, but
other type of ICMP packets).

Commit 4785305c ("ipv6: use siphash in rt6_exception_hash()") fixes
35732d01 ("ipv6: introduce a hash table to store dst cache") which was
merged in 4.15-rc1.
stable/4.4 doesn't contain upstream commit 35732d01. stable/4.19
contains upstream commit 35732d01.

Commit 6457378f ("ipv4: use siphash instead of Jenkins in
fnhe_hashfun()") fixes d546c621 ("ipv4: harden fnhe_hashfun()") which
was merged in 3.18-rc1
stable/4.4 and stable/4.19 contain upstream commit d546c621.

Commit a00df2ca ("ipv6: make exception cache less predictible") fixes
35732d01 ("ipv6: introduce a hash table to store dst cache") which was
merged in 4.15-rc1.
stable/4.4 doesn't contain upstream commit 35732d01. stable/4.19
contains upstream commit 35732d01.

Commit 67d6d681 ("ipv4: make exception cache less predictible") fixes
4895c771 ("ipv4: Add FIB nexthop exceptions.") which was merged in
3.6-rc1.
stable/4.19 applied this patch at commit 3e6bd2b5. stable/4.4 applied
this patch at commit bed8941f.

Fixed status

mainline: [4785305c05b25a242e5314cc821f54ade4c18810,
6457378fe796815c973f631a1904e147d6ee33b1,
a00df2caffed3883c341d5685f830434312e4a43,
67d6d681e15b578c1725bad8ad079e05d1c48a8e]
stable/4.19: [3e6bd2b583f18da9856fc9741ffa200a74a52cba]
stable/4.4: [bed8941fbdb72a61f6348c4deb0db69c4de87aca]
stable/4.9: [f10ce783bcc4d8ea454563a7d56ae781640e7dcb]
stable/5.10: [8692f0bb29927d13a871b198adff1d336a8d2d00,
5867e20e1808acd0c832ddea2587e5ee49813874,
dced8347a727528b388f04820f48166f1e651af6,
beefd5f0c63a31a83bc5a99e6888af884745684b]
stable/5.14: [4785305c05b25a242e5314cc821f54ade4c18810,
6457378fe796815c973f631a1904e147d6ee33b1,
55938482a1461a35087c6f3051f8447662889ea8,
4589a12dcf80af31137ef202be1ff4a321707a73]

CVE-2021-42739: A buffer overflow bug is found in the firewire subsystem

CVSS v3 score is not provided.

Patches have been sent to Linux Media mailing list but it hasn't been
merged in linux-media tree nor mainline yet. According to the
cip-kernel-config repo, no CIP member uses firewire driver.

Fixed status

Not fixed yet.

CVE-2021-34866: Linux Kernel eBPF Type Confusion Privilege Escalation
Vulnerability

CVSS v3 score is not provided.

A type confusion bug is found in eBPF subsystem which can leads a
local attacker escalates their privileges via this bug.
This bug was introduced in commit 457f44363a88 ("bpf: Implement BPF
ring buffer and verifier support for it") that has been merged since
5.8-rc1. so before 5.8 kernels aren't affected by this CVE.

Fixed status

mainline: [5b029a32cfe4600f5e10e36b41778506b90fd4de]
stable/5.10: [9dd6f6d89693d8f09af53d2488afad22a8a44a57]

* Updated CVEs

CVE-2020-29374: gup: document and work around "COW can break either way" issue

This bug has been fixed since 5.8-rc1. 4.4 and 4.9 have been fixed this week.
All stable kernels are fixed.

Fixed status

mainline: [17839856fd588f4ab6b789f482ed3ffd7c403e1f]
stable/4.14: [407faed92b4a4e2ad900d61ea3831dd597640f29]
stable/4.19: [5e24029791e809d641e9ea46a1f99806484e53fc]
stable/4.4: [58facc9c7ae307be5ecffc1697552550fedb55bd]
stable/4.9: [9bbd42e79720122334226afad9ddcac1c3e6d373]
stable/5.4: [1027dc04f557328eb7b7b7eea48698377a959157]

CVE-2021-41864: bpf: Fix integer overflow in prealloc_elems_and_freelist()

4.9 and 4.19 have been fixed this week. This bug was introduced in
4.6-rc1 therefore 4.4 doesn't affect.
All stable kernels are fixed.

Fixed status

mainline: [30e29a9a2bc6a4888335a6ede968b75cd329657a]
stable/4.14: [f34bcd10c4832d491049905d25ea3f46a410c426]
stable/4.19: [078cdd572408176a3900a6eb5a403db0da22f8e0]
stable/4.9: [4fd6663eb01bc3c73143cd27fefd7b8351bc6aa6]
stable/5.10: [064faa8e8a9b50f5010c5aa5740e06d477677a89]
stable/5.14: [3a1ac1e368bedae2777d9a7cfdc65df4859f7e71]
stable/5.4: [b14f28126c51533bb329379f65de5b0dd689b13a]


Currently tracking CVEs

CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2

There is no fix information.

CVE-2021-3640: UAF in sco_send_frame function

Fixed in bluetooth-next tree.

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/net/bluetooth/sco.c?id=99c23da0eed4fd20cae8243f2b51e10e66aa0951

CVE-2020-26555: BR/EDR pin code pairing broken

No fix information

CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM

No fix information.

CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning

No fix information.


Regards,
--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@cybertrust.co.jp
:masami.ichikawa@miraclelinux.com


Re: [isar-cip-dev] [PATCH] Update efibootguard to latest release 0.9

Jan Kiszka
 

On 18.10.21 13:19, Srinuvasan A wrote:
From: Srinuvasan A <srinuvasan_a@mentor.com>

Uprevision the latest revision and tag.

Signed-off-by: Srinuvasan A <srinuvasan_a@mentor.com>
---
...fibootguard_0.8-git+isar.bb => efibootguard_0.9-git+isar.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename recipes-bsp/efibootguard/{efibootguard_0.8-git+isar.bb => efibootguard_0.9-git+isar.bb} (95%)

diff --git a/recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb b/recipes-bsp/efibootguard/efibootguard_0.9-git+isar.bb
similarity index 95%
rename from recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb
rename to recipes-bsp/efibootguard/efibootguard_0.9-git+isar.bb
index ebd848d..2817e5b 100644
--- a/recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb
+++ b/recipes-bsp/efibootguard/efibootguard_0.9-git+isar.bb
@@ -22,7 +22,7 @@ SRC_URI = "git://github.com/siemens/efibootguard.git;branch=master;protocol=http

S = "${WORKDIR}/git"

-SRCREV = "ac1685aea75fb3e3d16c0c0e4f8261a2edb63536"
+SRCREV = "c01324d0da202727eb0744c0f67a78f9c9b65c46"

PROVIDES = "${PN}"
PROVIDES += "${PN}-dev"
Thanks, applied.

Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux


Re: [isar-cip-dev] [PATCH] Update efibootguard to latest release 0.9

Srinuvasan A
 

Hi All,

                 Please merge this into cip-core to pull latest changes of efibootguard.

Thanks,
Srinuvasan.A


[isar-cip-dev] [PATCH] Update efibootguard to latest release 0.9

Srinuvasan A
 

From: Srinuvasan A <srinuvasan_a@mentor.com>

Uprevision the latest revision and tag.

Signed-off-by: Srinuvasan A <srinuvasan_a@mentor.com>
---
...fibootguard_0.8-git+isar.bb => efibootguard_0.9-git+isar.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename recipes-bsp/efibootguard/{efibootguard_0.8-git+isar.bb => efibootguard_0.9-git+isar.bb} (95%)

diff --git a/recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb b/recipes-bsp/efibootguard/efibootguard_0.9-git+isar.bb
similarity index 95%
rename from recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb
rename to recipes-bsp/efibootguard/efibootguard_0.9-git+isar.bb
index ebd848d..2817e5b 100644
--- a/recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb
+++ b/recipes-bsp/efibootguard/efibootguard_0.9-git+isar.bb
@@ -22,7 +22,7 @@ SRC_URI = "git://github.com/siemens/efibootguard.git;branch=master;protocol=http

S = "${WORKDIR}/git"

-SRCREV = "ac1685aea75fb3e3d16c0c0e4f8261a2edb63536"
+SRCREV = "c01324d0da202727eb0744c0f67a78f9c9b65c46"

PROVIDES = "${PN}"
PROVIDES += "${PN}-dev"
--
2.25.1


Re: Duplicate messages in archive

Neal Caidin
 

This should be fixed now. Please let me know if otherwise.

Thanks!

Neal

Neal Caidin
Program Manager, Program Management & Operations
The Linux Foundation
+1 (919) 238-9104 (w/h)
+1 (919) 949-1861 (m)




On Mon, Oct 4, 2021 at 8:13 AM Jan Kiszka <jan.kiszka@...> wrote:
Hi all,

did anyone already examined or reported that all messages to cip-dev now
seem to get archived twice on lore.kernel.org? See e.g.
https://lore.kernel.org/cip-dev/TYAPR01MB6252C6286EDCA87D7DB8B10892AE9@.../T/#t

They also appear twice via nntp, that's how I noticed, but are likely
not sent twice to subscribers.

Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux




Re: [isar-cip-dev] [PATCH] Update efibootguard to latest one

Quirin Gylstorff
 

On 10/14/21 11:27 AM, Srinuvasan A via lists.cip-project.org wrote:
From: Srinuvasan A <srinuvasan_a@mentor.com>
Update efibootguard to latest one.
Signed-off-by: Srinuvasan A <srinuvasan_a@mentor.com>
---
recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb b/recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb
index ebd848d..4e7b9b2 100644
--- a/recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb
+++ b/recipes-bsp/efibootguard/efibootguard_0.8-git+isar.bb
@@ -22,7 +22,7 @@ SRC_URI = "git://github.com/siemens/efibootguard.git;branch=master;protocol=http
S = "${WORKDIR}/git"
-SRCREV = "ac1685aea75fb3e3d16c0c0e4f8261a2edb63536"
+SRCREV = "66d78b8d96e80caaf20007f08b5ca720de628d49"

Why do you need to update to a non released version of efibootguard?

Until now we used only tag version in this recipe.

Quirin
PROVIDES = "${PN}"
PROVIDES += "${PN}-dev"


Re: New CVE entry this week

Pavel Machek
 

Hi!

* New CVEs

CVE-2021-0935: bug is in ipv6 and l2tp code.

This CVE addresses two commits, one in the ipv6 stack and the other in l2tp.
There is two introduced commits one is 85cb73f ("net: ipv6: reset
daddr and dport in sk if connect() fails") was merged in 4.12 and the
other commit 3557baa ("[L2TP]: PPP over L2TP driver core") was merged
in 2.6.23-rc1.

Fixed commits have been merged since 4.16-rc7 so 4.16 or later kernels
don't affect this vulnerability.

Commit 2f987a76("net: ipv6: keep sk status consistent after datagram
connect failure") fixes 85cb73f and commit b954f940("l2tp: fix races
with ipv4-mapped ipv6 addresses") fixes commit 3557baa.

To apply patches to 4.4, it needs to fix conflicts.

CVSS v3 score is not provided.

Fixed status

mainline: [2f987a76a97773beafbc615b9c4d8fe79129a7f4,
b954f94023dcc61388c8384f0f14eb8e42c863c5]
stable/4.4: not fixed yet
Others are fixed, but this one may be worth watching. Fortunately it
is not remote attack, AFAICT.

Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany


CIP IRC weekly meeting today on libera.chat

Jan Kiszka
 

Hi all,

Kindly be reminded to attend the weekly meeting through IRC to discuss
technical topics with CIP kernel today.

Please note that we moved from Freenode to libera.chat. Our channel is
the following:

irc:irc.libera.chat:6667/cip

Furthermore note that the IRC meeting is now scheduled to UTC (GMT) 13:00:

https://www.timeanddate.com/worldclock/meetingdetails.html?year=2021&month=10&day=14&hour=13&min=0&sec=0&p1=224&p2=179&p3=136&p4=37&p5=241&p6=248

USWest USEast UK DE TW JP
06:00 09:00 14:00 15:00 21:00 22:00

Last meeting minutes:

https://irclogs.baserock.org/meetings/cip/2021/10/cip.2021-10-07-13.01.log.html

* Action item
1. Combine root filesystem with kselftest binary - iwamatsu & alicef
2. Document new LAVA domains in wiki - patersonc
3. Look into S3 artifact upload issues - patersonc
* Kernel maintenance updates
* Kernel testing
* AOB

Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux


New CVE entry this week

Masami Ichikawa
 

Hi !

It's this week's CVE report.

This week reported 4 new CVEs.

* New CVEs

CVE-2021-0935: bug is in ipv6 and l2tp code.

This CVE addresses two commits, one in the ipv6 stack and the other in l2tp.
There is two introduced commits one is 85cb73f ("net: ipv6: reset
daddr and dport in sk if connect() fails") was merged in 4.12 and the
other commit 3557baa ("[L2TP]: PPP over L2TP driver core") was merged
in 2.6.23-rc1.

Fixed commits have been merged since 4.16-rc7 so 4.16 or later kernels
don't affect this vulnerability.

Commit 2f987a76("net: ipv6: keep sk status consistent after datagram
connect failure") fixes 85cb73f and commit b954f940("l2tp: fix races
with ipv4-mapped ipv6 addresses") fixes commit 3557baa.

To apply patches to 4.4, it needs to fix conflicts.

CVSS v3 score is not provided.

Fixed status

mainline: [2f987a76a97773beafbc615b9c4d8fe79129a7f4,
b954f94023dcc61388c8384f0f14eb8e42c863c5]
stable/4.14: [a8f02befc87d6f1a882c9b14a31bcfa1fbd3d430,
b0850604cc5dac60754cc2fcdf7d2ca97a68a4dc]
stable/4.19: [2f987a76a97773beafbc615b9c4d8fe79129a7f4,
b954f94023dcc61388c8384f0f14eb8e42c863c5]
stable/4.4: not fixed yet
stable/4.9: [c49f30b2979bfc8701620e598558f29a48e07234,
535ef684ec6079bccc2037c76bc607d29dca05dc]
stable/5.10: [2f987a76a97773beafbc615b9c4d8fe79129a7f4,
b954f94023dcc61388c8384f0f14eb8e42c863c5]
stable/5.4: [2f987a76a97773beafbc615b9c4d8fe79129a7f4,
b954f94023dcc61388c8384f0f14eb8e42c863c5]

CVE-2021-0937: netfilter: x_tables: fix compat match/target pad
out-of-bound write

This vulnerability was introduced since 4.6.19-rc1 and fixed in
5.12-rc8. All stable kernels are already fixed.

CVSS v3 score is not provided.

Fixed status

mainline: [b29c457a6511435960115c0f548c4360d5f4801d]
stable/4.14: [522a0191944e3db9c30ade5fa6b6ec0d7c42f40d]
stable/4.19: [12ec80252edefff00809d473a47e5f89c7485499]
stable/4.4: [b0d98b2193a38ef93c92e5e1953d134d0f426531]
stable/4.9: [0c58c9f9c5c5326320bbe0429a0f45fc1b92024b]
stable/5.10: [1f3b9000cb44318b0de40a0f495a5a708cd9be6e]
stable/5.4: [cc59b872f2e1995b8cc819b9445c1198bfe83b2d]


CVE-2021-0938: compiler.h: fix barrier_data() on clang

This bug was introduced in 4.19-rc1 and fixed in 5.10-rc4. so all
stable kernels are fixed.
If kernel was built from clang, this bug will be affected.

CVSS v3 score is not provided.

Fixed status

mainline: [3347acc6fcd4ee71ad18a9ff9d9dac176b517329]
stable/4.14: not affect
stable/4.19: [b207caff4176e3a6ba273243da2db2e595e4aad2]
stable/4.4: not affect
stable/4.9: not affect
stable/5.10: not affect
stable/5.4: [c2c5dc84ac51da90cadcb12554c69bdd5ac7aeeb]

CVE-2021-0941: bpf: Remove MTU check in __bpf_skb_max_len

CVSS v3 score is not provided.

This bug is fixed in v5.12-rc1-dontuse. The kernel 4.4 doesn't contain
__bpf_skb_max_len() so 4.4 may not affect this vulnerability. The
__bpf_skb_max_len() was introduced since 4.13-rc1 commit
2be7e212("bpf: add bpf_skb_adjust_room helper
").

Fixed status.

mainline: [6306c1189e77a513bf02720450bb43bd4ba5d8ae]
stable/4.14: [64cf6c3156a5cbd9c29f54370b801b336d2f7894]
stable/4.19: [8c1a77ae15ce70a72f26f4bb83c50f769011220c]
stable/4.4: not affect
stable/4.9: [1636af9e8a8840f5696ad2c01130832411986af4]
stable/5.10: [fd38d4e6757b6b99f60314f67f44a286f0ab7fc0]
stable/5.4: [42c83e3bca434d9f63c58f9cbf2881e635679fee]

* Updated CVEs

CVE-2021-3744: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
CVE-2021-3764: DoS in ccp_run_aes_gcm_cmd() function

CVE-2021-3744 and CVE-2021-3764 are fixed by commit 505d9dcb("crypto:
ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
"). Both vulnerabilities were in ccp_run_aes_gcm_cmd() which has been
introduced since 4.12-rc1. Therefore before 4.12 kernels aren't
affected this vulnerability.

Fixed status

mainline: [505d9dcb0f7ddf9d075e729523a33d38642ae680]
stable/4.14: [3707e37b3fcef4d5e9a81b9c2c48ba7248051c2a]
stable/4.19: [710be7c42d2f724869e5b18b21998ceddaffc4a9]
stable/4.4: not affect
stable/4.9: not affect
stable/5.10: [17ccc64e4fa5d3673528474bfeda814d95dc600a]
stable/5.14: [e450c422aa233e9f80515f2ee9164e33f158a472]
stable/5.4: [24f3d2609114f1e1f6b487b511ce5fa36f21e0ae]

CVE-2021-41864: bpf: Fix integer overflow in prealloc_elems_and_freelist()

This bug was introduced in 4.6-rc1 so that 4.4 isn't affected this bug.
4.19, 5.10, 5.14, and 5.4 have been fixed this week.
Patch to 4.14 can be applied by git am without any modification. Patch
to 4.9 can be applied by 3-way merge.

Fixed status

mainline: [30e29a9a2bc6a4888335a6ede968b75cd329657a]
stable/4.14: not fixed yet
stable/4.19: [078cdd572408176a3900a6eb5a403db0da22f8e0]
stable/4.4: not affect
stable/4.14: not fixed yet
stable/5.10: [064faa8e8a9b50f5010c5aa5740e06d477677a89]
stable/5.14: [3a1ac1e368bedae2777d9a7cfdc65df4859f7e71]
stable/5.4: [b14f28126c51533bb329379f65de5b0dd689b13a]

Currently tracking CVEs

CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2

There is no fix information.

CVE-2021-3640: UAF in sco_send_frame function

Fixed in bluetooth-next tree.

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/net/bluetooth/sco.c?id=99c23da0eed4fd20cae8243f2b51e10e66aa0951

CVE-2020-26555: BR/EDR pin code pairing broken

No fix information

CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM

No fix information.

CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning

No fix information.


Regards,
--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@cybertrust.co.jp
:masami.ichikawa@miraclelinux.com


Re: [isar-cip-core][PATCH v2 0/4] Use SWUpdate from salsa.debian.org

Jan Kiszka
 

On 13.10.21 15:40, Q. Gylstorff wrote:
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

This patch series uses the source from sala.debian.org for the build of SWUpdate.

The build is patched to contain most of the previous build option from swupdate-config.bbclass.

The recipes support Debian Buster and Debian Bullseye.

Changes V2:
- Correct spacing and end of file
- rename recipe swupdate-handlers to swupdate-handler-roundrobin
- extend comment in recipe swupdate

Quirin Gylstorff (4):
swupdate: Move handler to own recipe
swupdate: Use dpkg-gbp build with salsa
swupdate-handler: Use same lua version as swupdate-debian-gbp
swupdate: remove version 2021.04+isar-git

classes/kconfig-snippets.bbclass | 90 -------------------
classes/swupdate-config.bbclass | 89 ------------------
kas/opt/swupdate.yml | 1 +
.../swupdate.handler.efibootguard.ini | 0
.../files/swupdate.handler.efibootguard.ini | 0
.../swupdate-handler-roundrobin_0.1.bb | 33 +++++++
...dd-option-to-build-with-efibootguard.patch | 39 ++++++++
.../0002-debian-rules-Add-CONFIG_MTD.patch | 27 ++++++
...-debian-config-Make-signing-optional.patch | 40 +++++++++
...onfig-Make-image-encryption-optional.patch | 40 +++++++++
...ules-Add-Embedded-Lua-handler-option.patch | 30 +++++++
...es-Add-option-to-disable-fs-creation.patch | 47 ++++++++++
...ules-Add-option-to-disable-webserver.patch | 42 +++++++++
...Make-CONFIG_HW_COMPATIBILTY-optional.patch | 40 +++++++++
...ules-Add-Embedded-Lua-handler-option.patch | 30 +++++++
...prepare-build-for-isar-debian-buster.patch | 72 +++++++++++++++
.../swupdate/files/debian/changelog.tmpl | 6 --
recipes-core/swupdate/files/debian/compat | 1 -
.../swupdate/files/debian/control.tmpl | 15 ----
recipes-core/swupdate/files/debian/copyright | 36 --------
recipes-core/swupdate/files/debian/rules.tmpl | 31 -------
.../swupdate/files/debian/swupdate.examples | 2 -
.../swupdate/files/debian/swupdate.install | 2 -
.../swupdate/files/debian/swupdate.manpages | 5 --
.../swupdate/files/debian/swupdate.tmpfile | 2 -
recipes-core/swupdate/files/debian/watch | 12 ---
recipes-core/swupdate/files/postinst | 2 -
recipes-core/swupdate/files/swupdate.cfg | 6 --
.../swupdate/files/swupdate.service.example | 11 ---
.../swupdate/files/swupdate.socket.example | 11 ---
.../swupdate/files/swupdate.socket.tmpl | 13 ---
.../swupdate/files/swupdate_defconfig | 83 -----------------
.../swupdate_defconfig_efibootguard.snippet | 3 -
.../files/swupdate_defconfig_lua.snippet | 2 -
.../swupdate_defconfig_luahandler.snippet | 4 -
.../files/swupdate_defconfig_mtd.snippet | 1 -
.../files/swupdate_defconfig_u-boot.snippet | 3 -
.../files/swupdate_defconfig_ubi.snippet | 6 --
recipes-core/swupdate/swupdate.bb | 61 -------------
recipes-core/swupdate/swupdate.inc | 53 +++++++++++
.../swupdate/swupdate_2021.04-1+debian-gbp.bb | 48 ++++++++++
41 files changed, 542 insertions(+), 497 deletions(-)
delete mode 100644 classes/kconfig-snippets.bbclass
delete mode 100644 classes/swupdate-config.bbclass
rename recipes-core/{swupdate => swupdate-handler-roundrobin}/files/secureboot/swupdate.handler.efibootguard.ini (100%)
rename recipes-core/{swupdate => swupdate-handler-roundrobin}/files/swupdate.handler.efibootguard.ini (100%)
create mode 100644 recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb
create mode 100644 recipes-core/swupdate/files/0001-debian-Add-option-to-build-with-efibootguard.patch
create mode 100644 recipes-core/swupdate/files/0002-debian-rules-Add-CONFIG_MTD.patch
create mode 100644 recipes-core/swupdate/files/0003-debian-config-Make-signing-optional.patch
create mode 100644 recipes-core/swupdate/files/0004-debian-config-Make-image-encryption-optional.patch
create mode 100644 recipes-core/swupdate/files/0005-debian-rules-Add-Embedded-Lua-handler-option.patch
create mode 100644 recipes-core/swupdate/files/0005-debian-rules-Add-option-to-disable-fs-creation.patch
create mode 100644 recipes-core/swupdate/files/0006-debian-rules-Add-option-to-disable-webserver.patch
create mode 100644 recipes-core/swupdate/files/0007-debian-Make-CONFIG_HW_COMPATIBILTY-optional.patch
create mode 100644 recipes-core/swupdate/files/0008-debian-rules-Add-Embedded-Lua-handler-option.patch
create mode 100644 recipes-core/swupdate/files/0009-debian-prepare-build-for-isar-debian-buster.patch
delete mode 100644 recipes-core/swupdate/files/debian/changelog.tmpl
delete mode 100644 recipes-core/swupdate/files/debian/compat
delete mode 100644 recipes-core/swupdate/files/debian/control.tmpl
delete mode 100644 recipes-core/swupdate/files/debian/copyright
delete mode 100755 recipes-core/swupdate/files/debian/rules.tmpl
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.examples
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.install
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.manpages
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.tmpfile
delete mode 100644 recipes-core/swupdate/files/debian/watch
delete mode 100644 recipes-core/swupdate/files/postinst
delete mode 100644 recipes-core/swupdate/files/swupdate.cfg
delete mode 100644 recipes-core/swupdate/files/swupdate.service.example
delete mode 100644 recipes-core/swupdate/files/swupdate.socket.example
delete mode 100644 recipes-core/swupdate/files/swupdate.socket.tmpl
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_efibootguard.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_lua.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_luahandler.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_mtd.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_u-boot.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_ubi.snippet
delete mode 100644 recipes-core/swupdate/swupdate.bb
create mode 100644 recipes-core/swupdate/swupdate.inc
create mode 100644 recipes-core/swupdate/swupdate_2021.04-1+debian-gbp.bb
Thanks, applied.

Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux


Re: [isar-cip-core][PATCH v2 1/4] swupdate: Move handler to own recipe

Jan Kiszka
 

On 13.10.21 16:01, Gylstorff Quirin wrote:


On 10/13/21 3:47 PM, Jan Kiszka wrote:
Plural or singular? Can a generic swupdate-handler package container
multiple handlers? Or will it only ever provide a single handler? In the
latter case, make this "swupdate-handler" as well.
An handler package could contain multiple handlers. Currently we have
only swupdate-handler-roundrobin.
Ok, thanks for clarifying.

Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux


Re: [isar-cip-core][PATCH v2 1/4] swupdate: Move handler to own recipe

Quirin Gylstorff
 

On 10/13/21 3:47 PM, Jan Kiszka wrote:
Plural or singular? Can a generic swupdate-handler package container
multiple handlers? Or will it only ever provide a single handler? In the
latter case, make this "swupdate-handler" as well.
An handler package could contain multiple handlers. Currently we have only swupdate-handler-roundrobin.

Quirin


Re: [isar-cip-core][PATCH v2 1/4] swupdate: Move handler to own recipe

Jan Kiszka
 

On 13.10.21 15:40, Q. Gylstorff wrote:
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

Split the SWUpdate lua handler into a seperate recipe in
preparation for using the Debian provided SWUpdate package.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
classes/swupdate-config.bbclass | 8 -----
kas/opt/swupdate.yml | 1 +
.../swupdate.handler.efibootguard.ini | 0
.../files/swupdate.handler.efibootguard.ini | 0
.../swupdate-handler-roundrobin_0.1.bb | 32 +++++++++++++++++++
recipes-core/swupdate/swupdate.bb | 13 --------
6 files changed, 33 insertions(+), 21 deletions(-)
rename recipes-core/{swupdate => swupdate-handler-roundrobin}/files/secureboot/swupdate.handler.efibootguard.ini (100%)
rename recipes-core/{swupdate => swupdate-handler-roundrobin}/files/swupdate.handler.efibootguard.ini (100%)
create mode 100644 recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb

diff --git a/classes/swupdate-config.bbclass b/classes/swupdate-config.bbclass
index e4879c7..1d57ce1 100644
--- a/classes/swupdate-config.bbclass
+++ b/classes/swupdate-config.bbclass
@@ -17,14 +17,6 @@ BUILD_DEB_DEPENDS = " \
zlib1g-dev, debhelper, libconfig-dev, libarchive-dev, \
python-sphinx:native, dh-systemd, libsystemd-dev, libssl-dev, pkg-config"

-SRC_URI += " ${@ 'git://gitlab.com/cip-project/cip-sw-updates/swupdate-handler-roundrobin.git;protocol=https;destsuffix=swupdate-handler-roundrobin;name=swupdate-handler-roundrobin;nobranch=1' \
- if d.getVar('SWUPDATE_USE_ROUND_ROBIN_HANDLER_REPO') == '1' else '' \
- }"
-SRCREV_swupdate-handler-roundrobin ?= "6f561f136fdbe51d2e9066b934dfcb06b94c6624"
-
-SWUPDATE_USE_ROUND_ROBIN_HANDLER_REPO ?= "1"
-SWUPDATE_LUASCRIPT ?= "swupdate-handler-roundrobin/swupdate_handlers_roundrobin.lua"
-
KFEATURE_lua = ""
KFEATURE_lua[BUILD_DEB_DEPENDS] = "liblua5.3-dev"
KFEATURE_lua[KCONFIG_SNIPPETS] = "file://swupdate_defconfig_lua.snippet"
diff --git a/kas/opt/swupdate.yml b/kas/opt/swupdate.yml
index bd0f6e4..974eacb 100644
--- a/kas/opt/swupdate.yml
+++ b/kas/opt/swupdate.yml
@@ -17,6 +17,7 @@ header:
local_conf_header:
swupdate: |
IMAGE_INSTALL_append = " swupdate"
+ IMAGE_INSTALL_append = " swupdate-handler-roundrobin"

wic-swu: |
IMAGE_TYPE = "wic-swu-img"
diff --git a/recipes-core/swupdate/files/secureboot/swupdate.handler.efibootguard.ini b/recipes-core/swupdate-handler-roundrobin/files/secureboot/swupdate.handler.efibootguard.ini
similarity index 100%
rename from recipes-core/swupdate/files/secureboot/swupdate.handler.efibootguard.ini
rename to recipes-core/swupdate-handler-roundrobin/files/secureboot/swupdate.handler.efibootguard.ini
diff --git a/recipes-core/swupdate/files/swupdate.handler.efibootguard.ini b/recipes-core/swupdate-handler-roundrobin/files/swupdate.handler.efibootguard.ini
similarity index 100%
rename from recipes-core/swupdate/files/swupdate.handler.efibootguard.ini
rename to recipes-core/swupdate-handler-roundrobin/files/swupdate.handler.efibootguard.ini
diff --git a/recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb b/recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb
new file mode 100644
index 0000000..b9ccec2
--- /dev/null
+++ b/recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb
@@ -0,0 +1,32 @@
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Siemens AG, 2021
+#
+# Authors:
+# Quirin Gylstorff <quirin.gylstorff@siemens.com>
+#
+# SPDX-License-Identifier: MIT
+
+inherit dpkg-raw
+
+PROVIDES = "swupdate-handlers"
Plural or singular? Can a generic swupdate-handler package container
multiple handlers? Or will it only ever provide a single handler? In the
latter case, make this "swupdate-handler" as well.

Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux


[isar-cip-core][PATCH v2 4/4] swupdate: remove version 2021.04+isar-git

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

This version is replace by 2021.04-1+debian-gbp.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
classes/kconfig-snippets.bbclass | 90 -------------------
classes/swupdate-config.bbclass | 81 -----------------
conf/distro/cip-core-bullseye.conf | 1 -
conf/distro/cip-core-buster.conf | 1 -
.../swupdate/files/debian/changelog.tmpl | 6 --
recipes-core/swupdate/files/debian/compat | 1 -
.../swupdate/files/debian/control.tmpl | 15 ----
recipes-core/swupdate/files/debian/copyright | 36 --------
recipes-core/swupdate/files/debian/rules.tmpl | 31 -------
.../swupdate/files/debian/swupdate.examples | 2 -
.../swupdate/files/debian/swupdate.install | 2 -
.../swupdate/files/debian/swupdate.manpages | 5 --
.../swupdate/files/debian/swupdate.tmpfile | 2 -
recipes-core/swupdate/files/debian/watch | 12 ---
recipes-core/swupdate/files/postinst | 2 -
recipes-core/swupdate/files/swupdate.cfg | 6 --
.../swupdate/files/swupdate.service.example | 11 ---
.../swupdate/files/swupdate.socket.example | 11 ---
.../swupdate/files/swupdate.socket.tmpl | 13 ---
.../swupdate/files/swupdate_defconfig | 83 -----------------
.../swupdate_defconfig_efibootguard.snippet | 3 -
.../files/swupdate_defconfig_lua.snippet | 2 -
.../swupdate_defconfig_luahandler.snippet | 4 -
.../files/swupdate_defconfig_mtd.snippet | 1 -
.../files/swupdate_defconfig_u-boot.snippet | 3 -
.../files/swupdate_defconfig_ubi.snippet | 6 --
recipes-core/swupdate/swupdate.bb | 48 ----------
27 files changed, 478 deletions(-)
delete mode 100644 classes/kconfig-snippets.bbclass
delete mode 100644 classes/swupdate-config.bbclass
delete mode 100644 recipes-core/swupdate/files/debian/changelog.tmpl
delete mode 100644 recipes-core/swupdate/files/debian/compat
delete mode 100644 recipes-core/swupdate/files/debian/control.tmpl
delete mode 100644 recipes-core/swupdate/files/debian/copyright
delete mode 100755 recipes-core/swupdate/files/debian/rules.tmpl
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.examples
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.install
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.manpages
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.tmpfile
delete mode 100644 recipes-core/swupdate/files/debian/watch
delete mode 100644 recipes-core/swupdate/files/postinst
delete mode 100644 recipes-core/swupdate/files/swupdate.cfg
delete mode 100644 recipes-core/swupdate/files/swupdate.service.example
delete mode 100644 recipes-core/swupdate/files/swupdate.socket.example
delete mode 100644 recipes-core/swupdate/files/swupdate.socket.tmpl
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_efibootguard.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_lua.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_luahandler.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_mtd.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_u-boot.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_ubi.snippet
delete mode 100644 recipes-core/swupdate/swupdate.bb

diff --git a/classes/kconfig-snippets.bbclass b/classes/kconfig-snippets.bbclass
deleted file mode 100644
index d754654..0000000
--- a/classes/kconfig-snippets.bbclass
+++ /dev/null
@@ -1,90 +0,0 @@
-#
-# CIP Core, generic profile
-#
-# Copyright (c) Siemens AG, 2020
-#
-# Authors:
-# Christian Storm <christian.storm@siemens.com>
-#
-# SPDX-License-Identifier: MIT
-
-KCONFIG_SNIPPETS = ""
-
-# The following function defines the kconfig snippet system
-# with automatich debian dependency injection
-#
-# To define a feature set, the user has to define the following
-# variable to an empty string:
-#
-# KFEATURE_featurename = ""
-#
-# Then, required additions to the variables can be defined:
-#
-# KFEATURE_featurename[KCONFIG_SNIPPETS] = "file://snippet-file-name.snippet"
-# KFEATURE_featurename[SRC_URI] = "file://required-file.txt"
-# KFEATURE_featurename[DEPENDS] = "deb-pkg1 deb-pkg2 deb-pkg3"
-# KFEATURE_featurename[DEBIAN_DEPENDS] = "deb-pkg1"
-# KFEATURE_featurename[BUILD_DEB_DEPENDS] = "deb-pkg1,deb-pkg2,deb-pkg3"
-
-# The 'KCONFIG_SNIPPETS' flag gives a list of URI entries, where only
-# file:// is supported. These snippets are appended to the DEFCONFIG file.
-#
-# Features can depend on other features via the following mechanism:
-#
-# KFEATURE_DEPS[feature1] = "feature2"
-
-python () {
- requested_features = d.getVar("KFEATURES", True) or ""
-
- features = set(requested_features.split())
- old_features = set()
- feature_deps = d.getVarFlags("KFEATURE_DEPS") or {}
- while old_features != features:
- diff_features = old_features.symmetric_difference(features)
- old_features = features.copy()
- for i in diff_features:
- features.update(feature_deps.get(i, "").split())
-
- for f in sorted(features):
- bb.debug(2, "Feature: " + f)
- varname = "KFEATURE_" + f
- dummyvar = d.getVar(varname, False)
- if dummyvar == None:
- bb.error("Feature var " + f + " must be defined with needed flags.")
- else:
- feature_flags = d.getVarFlags(varname)
- for feature_varname in sorted(feature_flags):
- if feature_flags.get(feature_varname, "") != "":
- sep = " "
-
- # Required to add KCONFIG_SNIPPETS to SRC_URI here,
- # because 'SRC_URI += "${KCONFIG_SNIPPETS}"' would
- # conflict with SRC_APT feature.
- if feature_varname == "KCONFIG_SNIPPETS":
- d.appendVar('SRC_URI',
- " " + feature_flags[feature_varname].strip())
-
- # BUILD_DEP_DEPENDS and DEBIAN_DEPENDS is ',' separated
- # Only add ',' if there is already something there
- if feature_varname in ["BUILD_DEB_DEPENDS",
- "DEBIAN_DEPENDS"]:
- sep = "," if d.getVar(feature_varname) else ""
-
- d.appendVar(feature_varname,
- sep + feature_flags[feature_varname].strip())
-}
-
-# DEFCONFIG must be a predefined bitbake variable and the corresponding file
-# must exist in the WORKDIR.
-# The resulting generated config is the same file suffixed with ".gen"
-
-do_prepare_build_prepend() {
- sh -x
- GENCONFIG="${WORKDIR}/${DEFCONFIG}".gen
- rm -f "$GENCONFIG"
- cp "${WORKDIR}/${DEFCONFIG}" "$GENCONFIG"
- for CONFIG_SNIPPET in $(echo "${KCONFIG_SNIPPETS}" | sed 's#file://##g')
- do
- cat ${WORKDIR}/$CONFIG_SNIPPET >> "$GENCONFIG"
- done
-}
diff --git a/classes/swupdate-config.bbclass b/classes/swupdate-config.bbclass
deleted file mode 100644
index 1d57ce1..0000000
--- a/classes/swupdate-config.bbclass
+++ /dev/null
@@ -1,81 +0,0 @@
-#
-# CIP Core, generic profile
-#
-# Copyright (c) Siemens AG, 2020
-#
-# Authors:
-# Christian Storm <christian.storm@siemens.com>
-#
-# SPDX-License-Identifier: MIT
-
-# This class manages the config snippets together with their dependencies
-# to build SWUpdate
-
-inherit kconfig-snippets
-
-BUILD_DEB_DEPENDS = " \
- zlib1g-dev, debhelper, libconfig-dev, libarchive-dev, \
- python-sphinx:native, dh-systemd, libsystemd-dev, libssl-dev, pkg-config"
-
-KFEATURE_lua = ""
-KFEATURE_lua[BUILD_DEB_DEPENDS] = "liblua5.3-dev"
-KFEATURE_lua[KCONFIG_SNIPPETS] = "file://swupdate_defconfig_lua.snippet"
-
-KFEATURE_luahandler = ""
-KFEATURE_luahandler[KCONFIG_SNIPPETS] = "file://swupdate_defconfig_luahandler.snippet"
-KFEATURE_luahandler[SRC_URI] = "${@ 'file://${SWUPDATE_LUASCRIPT}' \
- if d.getVar('SWUPDATE_USE_ROUND_ROBIN_HANDLER_REPO') == '0' else '' }"
-KFEATURE_DEPS = ""
-KFEATURE_DEPS[luahandler] = "lua"
-
-KFEATURE_efibootguard = ""
-KFEATURE_efibootguard[BUILD_DEB_DEPENDS] = "efibootguard-dev"
-KFEATURE_efibootguard[DEBIAN_DEPENDS] = ""
-KFEATURE_efibootguard[DEPENDS] = "efibootguard-dev"
-KFEATURE_efibootguard[KCONFIG_SNIPPETS] = "file://swupdate_defconfig_efibootguard.snippet"
-
-KFEATURE_mtd = ""
-KFEATURE_mtd[BUILD_DEB_DEPENDS] = "libmtd-dev"
-KFEATURE_mtd[DEPENDS] = "mtd-utils"
-KFEATURE_mtd[KCONFIG_SNIPPETS] = "file://swupdate_defconfig_mtd.snippet"
-
-KFEATURE_ubi = ""
-KFEATURE_ubi[BUILD_DEB_DEPENDS] = "libubi-dev"
-KFEATURE_ubi[KCONFIG_SNIPPETS] = "file://swupdate_defconfig_ubi.snippet"
-
-KFEATURE_DEPS[ubi] = "mtd"
-
-KFEATURE_u-boot = ""
-KFEATURE_u-boot[BUILD_DEB_DEPENDS] = "libubootenv-dev"
-# we need u-boot-${MACHINE}-config for fw_env.config
-# only custom build u-boot provides this package
-# for u-boot provided by debian u-boot-tools provides
-# example configurations at /usr/share/doc/u-boot-tools/examples
-KFEATURE_u-boot[DEBIAN_DEPENDS] = "${@ 'libubootenv0.1, u-boot-${MACHINE}-config' \
- if d.getVar("U_BOOT_CONFIG_PACKAGE", True) == "1" \
- else 'libubootenv0.1'}"
-KFEATURE_u-boot[DEPENDS] = "${@ 'libubootenv u-boot-${MACHINE}-config' \
- if d.getVar("U_BOOT_CONFIG_PACKAGE", True) == "1" \
- else 'libubootenv'}"
-KFEATURE_u-boot[KCONFIG_SNIPPETS] = "file://swupdate_defconfig_u-boot.snippet"
-
-def get_bootloader_featureset(d):
- bootloader = d.getVar("SWUPDATE_BOOTLOADER", True) or ""
- if bootloader == "efibootguard":
- return "efibootguard"
- if bootloader == "u-boot":
- return "u-boot"
- return ""
-
-SWUPDATE_KFEATURES ??= ""
-KFEATURES = "${SWUPDATE_KFEATURES}"
-KFEATURES += "${@get_bootloader_featureset(d)}"
-
-# Astonishingly, as an anonymous python function, SWUPDATE_BOOTLOADER is always None
-# one time before it gets set. So the following must be a task.
-python do_check_bootloader () {
- bootloader = d.getVar("SWUPDATE_BOOTLOADER", True) or "None"
- if not bootloader in ["efibootguard", "u-boot"]:
- bb.warn("swupdate: SWUPDATE_BOOTLOADER set to incompatible value: " + bootloader)
-}
-addtask check_bootloader before do_fetch
diff --git a/conf/distro/cip-core-bullseye.conf b/conf/distro/cip-core-bullseye.conf
index 9357b6c..38014b4 100644
--- a/conf/distro/cip-core-bullseye.conf
+++ b/conf/distro/cip-core-bullseye.conf
@@ -14,4 +14,3 @@ require cip-core-common.inc

PREFERRED_VERSION_linux-cip ?= "4.19.%"
PREFERRED_VERSION_linux-cip-rt ?= "4.19.%"
-PREFERRED_VERSION_swupdate ?= "2021.04-1+debian-gbp"
diff --git a/conf/distro/cip-core-buster.conf b/conf/distro/cip-core-buster.conf
index 61fcb41..c5cb39c 100644
--- a/conf/distro/cip-core-buster.conf
+++ b/conf/distro/cip-core-buster.conf
@@ -14,4 +14,3 @@ require cip-core-common.inc

PREFERRED_VERSION_linux-cip ?= "4.19.%"
PREFERRED_VERSION_linux-cip-rt ?= "4.19.%"
-PREFERRED_VERSION_swupdate ?= "2021.4-git+isar"
diff --git a/recipes-core/swupdate/files/debian/changelog.tmpl b/recipes-core/swupdate/files/debian/changelog.tmpl
deleted file mode 100644
index 81087d3..0000000
--- a/recipes-core/swupdate/files/debian/changelog.tmpl
+++ /dev/null
@@ -1,6 +0,0 @@
-swupdate (${PV}) unstable; urgency=medium
-
- * SWUpdate
-
- -- Christian Storm <christian.storm@siemens.com> Thu, 31 Jan 2019 15:23:56 +0100
-
diff --git a/recipes-core/swupdate/files/debian/compat b/recipes-core/swupdate/files/debian/compat
deleted file mode 100644
index b4de394..0000000
--- a/recipes-core/swupdate/files/debian/compat
+++ /dev/null
@@ -1 +0,0 @@
-11
diff --git a/recipes-core/swupdate/files/debian/control.tmpl b/recipes-core/swupdate/files/debian/control.tmpl
deleted file mode 100644
index 2b92850..0000000
--- a/recipes-core/swupdate/files/debian/control.tmpl
+++ /dev/null
@@ -1,15 +0,0 @@
-Source: swupdate
-Section: embedded
-Priority: optional
-Maintainer: Stefano Babic <sbabic@denx.de>
-Build-Depends: ${BUILD_DEB_DEPENDS}
-Standards-Version: 4.2.1
-Homepage: http://sbabic.github.io/swupdate
-
-Package: swupdate
-Architecture: any
-Depends: ${DEBIAN_DEPENDS}
-Description: reliable way to update an embedded system
- This project is thought to help to update an embedded system from a storage media or from network.
- However, it should be mainly considered as a framework, where further protocols or installers
- (in SWUpdate they are called handlers) can be easily added to the application.
diff --git a/recipes-core/swupdate/files/debian/copyright b/recipes-core/swupdate/files/debian/copyright
deleted file mode 100644
index f920942..0000000
--- a/recipes-core/swupdate/files/debian/copyright
+++ /dev/null
@@ -1,36 +0,0 @@
-Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: swupdate
-Maintainer: Stefano Babic <sbabic@denx.de>
-Source: http://github.com/sbabic/swupdate
-
-Files: *
-Copyright: 2014-2017 Stefano Babic <sbabic@denx.de>
-
-License: GPL-2 with OpenSSL exception
- This package is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
- .
- In addition, as a special exception, the author of this
- program gives permission to link the code of its
- release with the OpenSSL project's "OpenSSL" library (or
- with modified versions of it that use the same license as
- the "OpenSSL" library), and distribute the linked
- executables. You must obey the GNU General Public
- License in all respects for all of the code used other
- than "OpenSSL". If you modify this file, you may extend
- this exception to your version of the file, but you are
- not obligated to do so. If you do not wish to do so,
- delete this exception statement from your version.
- .
- This package is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- .
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <https://www.gnu.org/licenses/>
- .
- On Debian systems, the complete text of the GNU General
- Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
diff --git a/recipes-core/swupdate/files/debian/rules.tmpl b/recipes-core/swupdate/files/debian/rules.tmpl
deleted file mode 100755
index ec83a88..0000000
--- a/recipes-core/swupdate/files/debian/rules.tmpl
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/make -f
-
-ifneq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE))
-export CROSS_COMPILE=$(DEB_HOST_GNU_TYPE)-
-export PKG_CONFIG_PATH=/usr/lib/$(DEB_HOST_GNU_TYPE)/pkgconfig
-export CC=$(DEB_HOST_GNU_TYPE)-gcc
-export LD=$(DEB_HOST_GNU_TYPE)-gcc
-endif
-
-export DH_VERBOSE = 1
-
-export DEB_BUILD_MAINT_OPTIONS = hardening=+bindnow
-
-documentation: configure
- make man
-
-configure:
- make ${DEFCONFIG}
-
-build: documentation configure
- dh $@
-
-%:
- echo $@
- dh $@
-
-override_dh_installchangelogs:
- true
-
-override_dh_installdocs:
- true
diff --git a/recipes-core/swupdate/files/debian/swupdate.examples b/recipes-core/swupdate/files/debian/swupdate.examples
deleted file mode 100644
index c257b75..0000000
--- a/recipes-core/swupdate/files/debian/swupdate.examples
+++ /dev/null
@@ -1,2 +0,0 @@
-examples/configuration
-examples/description
diff --git a/recipes-core/swupdate/files/debian/swupdate.install b/recipes-core/swupdate/files/debian/swupdate.install
deleted file mode 100644
index 8957cc6..0000000
--- a/recipes-core/swupdate/files/debian/swupdate.install
+++ /dev/null
@@ -1,2 +0,0 @@
-swupdate usr/bin
-swupdate.cfg /etc
diff --git a/recipes-core/swupdate/files/debian/swupdate.manpages b/recipes-core/swupdate/files/debian/swupdate.manpages
deleted file mode 100644
index c3438e0..0000000
--- a/recipes-core/swupdate/files/debian/swupdate.manpages
+++ /dev/null
@@ -1,5 +0,0 @@
-doc/build/man/swupdate.1
-doc/build/man/client.1
-doc/build/man/sendtohawkbit.1
-doc/build/man/hawkbitcfg.1
-doc/build/man/progress.1
diff --git a/recipes-core/swupdate/files/debian/swupdate.tmpfile b/recipes-core/swupdate/files/debian/swupdate.tmpfile
deleted file mode 100644
index 4743672..0000000
--- a/recipes-core/swupdate/files/debian/swupdate.tmpfile
+++ /dev/null
@@ -1,2 +0,0 @@
-X /tmp/datadst
-X /tmp/scripts
diff --git a/recipes-core/swupdate/files/debian/watch b/recipes-core/swupdate/files/debian/watch
deleted file mode 100644
index bc4c53e..0000000
--- a/recipes-core/swupdate/files/debian/watch
+++ /dev/null
@@ -1,12 +0,0 @@
-# Example watch control file for uscan
-# Rename this file to "watch" and then you can run the "uscan" command
-# to check for upstream updates and more.
-# See uscan(1) for format
-
-# Compulsory line, this is a version 4 file
-version=4
-
-# GitHub hosted projects
-opts="filenamemangle="s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%<project>-$1.tar.gz%" \
- https://github.com/<user>/swupdate/tags \
- (?:.*?/)?v?(\d[\d.]*)\.tar\.gz debian uupdate
diff --git a/recipes-core/swupdate/files/postinst b/recipes-core/swupdate/files/postinst
deleted file mode 100644
index f15ac10..0000000
--- a/recipes-core/swupdate/files/postinst
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-deb-systemd-helper enable swupdate.socket || true
diff --git a/recipes-core/swupdate/files/swupdate.cfg b/recipes-core/swupdate/files/swupdate.cfg
deleted file mode 100644
index e0222f1..0000000
--- a/recipes-core/swupdate/files/swupdate.cfg
+++ /dev/null
@@ -1,6 +0,0 @@
-globals :
-{
- verbose = true;
- loglevel = 10;
- syslog = false;
-};
diff --git a/recipes-core/swupdate/files/swupdate.service.example b/recipes-core/swupdate/files/swupdate.service.example
deleted file mode 100644
index d0b821e..0000000
--- a/recipes-core/swupdate/files/swupdate.service.example
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=SWUpdate daemon
-Documentation=https://github.com/sbabic/swupdate
-
-[Service]
-Type=simple
-ExecStart=/usr/bin/swupdate -f /etc/swupdate.cfg
-KillMode=mixed
-
-[Install]
-WantedBy=multi-user.target
diff --git a/recipes-core/swupdate/files/swupdate.socket.example b/recipes-core/swupdate/files/swupdate.socket.example
deleted file mode 100644
index 2b75671..0000000
--- a/recipes-core/swupdate/files/swupdate.socket.example
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=SWUpdate socket listener
-Documentation=https://github.com/sbabic/swupdate
-Documentation=https://sbabic.github.io/swupdate
-
-[Socket]
-ListenStream=/tmp/sockinstctrl
-ListenStream=/tmp/swupdateprog
-
-[Install]
-WantedBy=sockets.target
diff --git a/recipes-core/swupdate/files/swupdate.socket.tmpl b/recipes-core/swupdate/files/swupdate.socket.tmpl
deleted file mode 100644
index 8e7fc1d..0000000
--- a/recipes-core/swupdate/files/swupdate.socket.tmpl
+++ /dev/null
@@ -1,13 +0,0 @@
-[Unit]
-Description=SWUpdate socket listener
-Documentation=https://github.com/sbabic/swupdate
-Documentation=https://sbabic.github.io/swupdate
-
-[Socket]
-SocketUser=${SWUPDATE_SOCKET_OWNER}
-SocketGroup=root
-ListenStream=/tmp/sockinstctrl
-ListenStream=/tmp/swupdateprog
-
-[Install]
-WantedBy=sockets.target
diff --git a/recipes-core/swupdate/files/swupdate_defconfig b/recipes-core/swupdate/files/swupdate_defconfig
deleted file mode 100644
index 9ae7cb5..0000000
--- a/recipes-core/swupdate/files/swupdate_defconfig
+++ /dev/null
@@ -1,83 +0,0 @@
-#
-# Automatically generated file; DO NOT EDIT.
-# Swupdate Configuration
-#
-CONFIG_HAVE_DOT_CONFIG=y
-
-#
-# Swupdate Settings
-#
-
-#
-# General Configuration
-#
-# CONFIG_CURL is not set
-# CONFIG_CURL_SSL is not set
-CONFIG_SYSTEMD=y
-CONFIG_SCRIPTS=y
-# CONFIG_HW_COMPATIBILITY is not set
-CONFIG_SW_VERSIONS_FILE="/etc/sw-versions"
-
-#
-# Socket Paths
-#
-CONFIG_SOCKET_CTRL_PATH="/tmp/sockinstctrl"
-CONFIG_SOCKET_PROGRESS_PATH="/tmp/swupdateprog"
-CONFIG_SOCKET_REMOTE_HANDLER_DIRECTORY="/tmp/"
-# CONFIG_MTD is not set
-# CONFIG_LUA is not set
-# CONFIG_LUAPKG is not set
-# CONFIG_FEATURE_SYSLOG is not set
-
-#
-# Build Options
-#
-CONFIG_CROSS_COMPILE=""
-CONFIG_SYSROOT=""
-CONFIG_EXTRA_CFLAGS=""
-CONFIG_EXTRA_LDFLAGS=""
-CONFIG_EXTRA_LDLIBS=""
-
-#
-# Debugging Options
-#
-# CONFIG_DEBUG is not set
-# CONFIG_WERROR is not set
-# CONFIG_NOCLEANUP is not set
-# CONFIG_BOOTLOADER_EBG is not set
-# CONFIG_UBOOT is not set
-# CONFIG_BOOTLOADER_NONE is not set
-# CONFIG_BOOTLOADER_GRUB is not set
-# CONFIG_DOWNLOAD is not set
-# CONFIG_DOWNLOAD_SSL is not set
-# CONFIG_CHANNEL_CURL is not set
-# CONFIG_HASH_VERIFY=y
-# CONFIG_SIGNED_IMAGES is not set
-# CONFIG_ENCRYPTED_IMAGES is not set
-# CONFIG_SURICATTA is not set
-# CONFIG_WEBSERVER is not set
-CONFIG_GUNZIP=y
-
-#
-# Parser Features
-#
-CONFIG_LIBCONFIG=y
-CONFIG_PARSERROOT=""
-# CONFIG_JSON is not set
-# CONFIG_LUAEXTERNAL is not set
-# CONFIG_SETEXTPARSERNAME is not set
-# CONFIG_SETSWDESCRIPTION is not set
-
-#
-# Image Handlers
-#
-CONFIG_RAW=y
-# CONFIG_LUASCRIPTHANDLER is not set
-# CONFIG_SHELLSCRIPTHANDLER is not set
-# CONFIG_HANDLER_IN_LUA is not set
-# CONFIG_EMBEDDED_LUA_HANDLER is not set
-# CONFIG_EMBEDDED_LUA_HANDLER_SOURCE is not set
-CONFIG_ARCHIVE=y
-# CONFIG_REMOTE_HANDLER is not set
-# CONFIG_SWUFORWARDER_HANDLER is not set
-# CONFIG_BOOTLOADERHANDLER is not set
diff --git a/recipes-core/swupdate/files/swupdate_defconfig_efibootguard.snippet b/recipes-core/swupdate/files/swupdate_defconfig_efibootguard.snippet
deleted file mode 100644
index 8e3688c..0000000
--- a/recipes-core/swupdate/files/swupdate_defconfig_efibootguard.snippet
+++ /dev/null
@@ -1,3 +0,0 @@
-CONFIG_BOOTLOADER_NONE=n
-CONFIG_BOOTLOADER_EBG=y
-CONFIG_BOOTLOADERHANDLER=y
diff --git a/recipes-core/swupdate/files/swupdate_defconfig_lua.snippet b/recipes-core/swupdate/files/swupdate_defconfig_lua.snippet
deleted file mode 100644
index b39f9df..0000000
--- a/recipes-core/swupdate/files/swupdate_defconfig_lua.snippet
+++ /dev/null
@@ -1,2 +0,0 @@
-CONFIG_LUA=y
-CONFIG_LUAPKG="lua53"
diff --git a/recipes-core/swupdate/files/swupdate_defconfig_luahandler.snippet b/recipes-core/swupdate/files/swupdate_defconfig_luahandler.snippet
deleted file mode 100644
index b4a2de8..0000000
--- a/recipes-core/swupdate/files/swupdate_defconfig_luahandler.snippet
+++ /dev/null
@@ -1,4 +0,0 @@
-CONFIG_LUASCRIPTHANDLER=y
-CONFIG_HANDLER_IN_LUA=y
-CONFIG_EMBEDDED_LUA_HANDLER=y
-CONFIG_EMBEDDED_LUA_HANDLER_SOURCE="swupdate_handlers.lua"
diff --git a/recipes-core/swupdate/files/swupdate_defconfig_mtd.snippet b/recipes-core/swupdate/files/swupdate_defconfig_mtd.snippet
deleted file mode 100644
index eab98dd..0000000
--- a/recipes-core/swupdate/files/swupdate_defconfig_mtd.snippet
+++ /dev/null
@@ -1 +0,0 @@
-CONFIG_MTD=y
diff --git a/recipes-core/swupdate/files/swupdate_defconfig_u-boot.snippet b/recipes-core/swupdate/files/swupdate_defconfig_u-boot.snippet
deleted file mode 100644
index 6b5832a..0000000
--- a/recipes-core/swupdate/files/swupdate_defconfig_u-boot.snippet
+++ /dev/null
@@ -1,3 +0,0 @@
-CONFIG_UBOOT=y
-CONFIG_UBOOT_FWENV="/etc/fw_env.config"
-CONFIG_BOOTLOADERHANDLER=y
diff --git a/recipes-core/swupdate/files/swupdate_defconfig_ubi.snippet b/recipes-core/swupdate/files/swupdate_defconfig_ubi.snippet
deleted file mode 100644
index d1c7732..0000000
--- a/recipes-core/swupdate/files/swupdate_defconfig_ubi.snippet
+++ /dev/null
@@ -1,6 +0,0 @@
-CONFIG_UBIVOL=y
-CONFIG_UBIATTACH=y
-CONFIG_UBIBLACKLIST=""
-CONFIG_UBIWHITELIST=""
-CONFIG_UBIVIDOFFSET=0
-CONFIG_CFI=y
diff --git a/recipes-core/swupdate/swupdate.bb b/recipes-core/swupdate/swupdate.bb
deleted file mode 100644
index a29a797..0000000
--- a/recipes-core/swupdate/swupdate.bb
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# CIP Core, generic profile
-#
-# Copyright (c) Siemens AG, 2020
-#
-# Authors:
-# Quirin Gylstorff <quirin.gylstorff@siemens.com>
-#
-# SPDX-License-Identifier: MIT
-
-DESCRIPTION = "swupdate utility for software updates"
-HOMEPAGE= "https://github.com/sbabic/swupdate"
-LICENSE = "GPL-2.0"
-LIC_FILES_CHKSUM = "file://${LAYERDIR_isar}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
-
-SRC_URI = "git://github.com/sbabic/swupdate.git;branch=master;protocol=https"
-
-SRCREV = "47a1246435fdb78fba15cc969596994130412956"
-PV = "2021.4-git+isar"
-
-DEFCONFIG := "swupdate_defconfig"
-
-SRC_URI += "file://debian \
- file://${DEFCONFIG} \
- file://${PN}.cfg"
-
-DEBIAN_DEPENDS = "${shlibs:Depends}, ${misc:Depends}"
-
-inherit dpkg
-inherit swupdate-config
-
-KFEATURES += "luahandler"
-
-S = "${WORKDIR}/git"
-
-TEMPLATE_FILES = "debian/changelog.tmpl debian/control.tmpl debian/rules.tmpl"
-TEMPLATE_VARS += "BUILD_DEB_DEPENDS DEFCONFIG DEBIAN_DEPENDS"
-
-do_prepare_build() {
- cp -R ${WORKDIR}/debian ${S}
-
- install -m 0644 ${WORKDIR}/${PN}.cfg ${S}/swupdate.cfg
- install -m 0644 ${WORKDIR}/${DEFCONFIG}.gen ${S}/configs/${DEFCONFIG}
-
- if ! grep -q "configs/${DEFCONFIG}" ${S}/.gitignore; then
- echo "configs/${DEFCONFIG}" >> ${S}/.gitignore
- fi
-}
--
2.30.2


[isar-cip-core][PATCH v2 2/4] swupdate: Use dpkg-gbp build with salsa

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

This reduce the maintaince effort for SWUpdate in Debian 11(Bullseye)
and later.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
conf/distro/cip-core-bullseye.conf | 1 +
conf/distro/cip-core-buster.conf | 1 +
...dd-option-to-build-with-efibootguard.patch | 39 ++++++++++
.../0002-debian-rules-Add-CONFIG_MTD.patch | 27 +++++++
...-debian-config-Make-signing-optional.patch | 40 +++++++++++
...onfig-Make-image-encryption-optional.patch | 40 +++++++++++
...ules-Add-Embedded-Lua-handler-option.patch | 30 ++++++++
...es-Add-option-to-disable-fs-creation.patch | 47 ++++++++++++
...ules-Add-option-to-disable-webserver.patch | 42 +++++++++++
...Make-CONFIG_HW_COMPATIBILTY-optional.patch | 40 +++++++++++
...ules-Add-Embedded-Lua-handler-option.patch | 30 ++++++++
...prepare-build-for-isar-debian-buster.patch | 72 +++++++++++++++++++
recipes-core/swupdate/swupdate.inc | 53 ++++++++++++++
.../swupdate/swupdate_2021.04-1+debian-gbp.bb | 48 +++++++++++++
14 files changed, 510 insertions(+)
create mode 100644 recipes-core/swupdate/files/0001-debian-Add-option-to-build-with-efibootguard.patch
create mode 100644 recipes-core/swupdate/files/0002-debian-rules-Add-CONFIG_MTD.patch
create mode 100644 recipes-core/swupdate/files/0003-debian-config-Make-signing-optional.patch
create mode 100644 recipes-core/swupdate/files/0004-debian-config-Make-image-encryption-optional.patch
create mode 100644 recipes-core/swupdate/files/0005-debian-rules-Add-Embedded-Lua-handler-option.patch
create mode 100644 recipes-core/swupdate/files/0005-debian-rules-Add-option-to-disable-fs-creation.patch
create mode 100644 recipes-core/swupdate/files/0006-debian-rules-Add-option-to-disable-webserver.patch
create mode 100644 recipes-core/swupdate/files/0007-debian-Make-CONFIG_HW_COMPATIBILTY-optional.patch
create mode 100644 recipes-core/swupdate/files/0008-debian-rules-Add-Embedded-Lua-handler-option.patch
create mode 100644 recipes-core/swupdate/files/0009-debian-prepare-build-for-isar-debian-buster.patch
create mode 100644 recipes-core/swupdate/swupdate.inc
create mode 100644 recipes-core/swupdate/swupdate_2021.04-1+debian-gbp.bb

diff --git a/conf/distro/cip-core-bullseye.conf b/conf/distro/cip-core-bullseye.conf
index 38014b4..9357b6c 100644
--- a/conf/distro/cip-core-bullseye.conf
+++ b/conf/distro/cip-core-bullseye.conf
@@ -14,3 +14,4 @@ require cip-core-common.inc

PREFERRED_VERSION_linux-cip ?= "4.19.%"
PREFERRED_VERSION_linux-cip-rt ?= "4.19.%"
+PREFERRED_VERSION_swupdate ?= "2021.04-1+debian-gbp"
diff --git a/conf/distro/cip-core-buster.conf b/conf/distro/cip-core-buster.conf
index c5cb39c..61fcb41 100644
--- a/conf/distro/cip-core-buster.conf
+++ b/conf/distro/cip-core-buster.conf
@@ -14,3 +14,4 @@ require cip-core-common.inc

PREFERRED_VERSION_linux-cip ?= "4.19.%"
PREFERRED_VERSION_linux-cip-rt ?= "4.19.%"
+PREFERRED_VERSION_swupdate ?= "2021.4-git+isar"
diff --git a/recipes-core/swupdate/files/0001-debian-Add-option-to-build-with-efibootguard.patch b/recipes-core/swupdate/files/0001-debian-Add-option-to-build-with-efibootguard.patch
new file mode 100644
index 0000000..00f9a5f
--- /dev/null
+++ b/recipes-core/swupdate/files/0001-debian-Add-option-to-build-with-efibootguard.patch
@@ -0,0 +1,39 @@
+From fe3f090e3764e1e2625d509a56bd521bab507ce7 Mon Sep 17 00:00:00 2001
+From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+Date: Wed, 15 Sep 2021 12:36:09 +0200
+Subject: [PATCH 1/9] debian: Add option to build with efibootguard
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ debian/control | 1 +
+ debian/rules | 2 ++
+ 2 files changed, 3 insertions(+)
+
+diff --git a/debian/control b/debian/control
+index 9e43eab..6031537 100644
+--- a/debian/control
++++ b/debian/control
+@@ -28,6 +28,7 @@ Build-Depends: debhelper-compat (= 13),
+ libwebsockets-dev (>= 3.2.0) <!pkg.swupdate.bpo>,
+ liburiparser-dev <!pkg.swupdate.bpo>,
+ libubootenv-dev <pkg.swupdate.uboot>,
++ efibootguard-dev <pkg.swupdate.efibootguard>,
+ libcmocka-dev,
+ pkg-config,
+ gawk,
+diff --git a/debian/rules b/debian/rules
+index 4b55be2..c076839 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -33,6 +33,8 @@ ifneq (,$(filter pkg.swupdate.uboot,$(DEB_BUILD_PROFILES)))
+ else ifneq (,$(filter pkg.swupdate.grub,$(DEB_BUILD_PROFILES)))
+ echo CONFIG_BOOTLOADER_GRUB=y >> configs/debian_defconfig
+ echo CONFIG_GRUBENV_PATH=\"/boot/grub/grubenv\" >> configs/debian_defconfig
++else ifneq (,$(filter pkg.swupdate.efibootguard,$(DEB_BUILD_PROFILES)))
++ echo CONFIG_BOOTLOADER_EBG=y >> configs/debian_defconfig
+ else
+ echo CONFIG_BOOTLOADER_NONE=y >> configs/debian_defconfig
+ endif
+--
+2.30.2
+
diff --git a/recipes-core/swupdate/files/0002-debian-rules-Add-CONFIG_MTD.patch b/recipes-core/swupdate/files/0002-debian-rules-Add-CONFIG_MTD.patch
new file mode 100644
index 0000000..0921aef
--- /dev/null
+++ b/recipes-core/swupdate/files/0002-debian-rules-Add-CONFIG_MTD.patch
@@ -0,0 +1,27 @@
+From 43365f98d70d83dac42913ff907a8a9dd25a4333 Mon Sep 17 00:00:00 2001
+From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+Date: Wed, 29 Sep 2021 11:29:57 +0200
+Subject: [PATCH 2/9] debian/rules: Add CONFIG_MTD
+
+if pkg.swupdate.bpo is set CONFIG_MTD is disable but not enabled.
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ debian/rules | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/debian/rules b/debian/rules
+index c076839..292133b 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -20,6 +20,7 @@ endif
+ override_dh_auto_configure:
+ cp debian/configs/defconfig configs/debian_defconfig
+ ifeq (,$(filter pkg.swupdate.bpo,$(DEB_BUILD_PROFILES)))
++ echo CONFIG_MTD=y >> configs/debian_defconfig
+ echo CONFIG_SWUFORWARDER_HANDLER=y >> configs/debian_defconfig
+ echo CONFIG_CFI=y >> configs/debian_defconfig
+ echo CONFIG_CFIHAMMING1=y >> configs/debian_defconfig
+--
+2.30.2
+
diff --git a/recipes-core/swupdate/files/0003-debian-config-Make-signing-optional.patch b/recipes-core/swupdate/files/0003-debian-config-Make-signing-optional.patch
new file mode 100644
index 0000000..347b316
--- /dev/null
+++ b/recipes-core/swupdate/files/0003-debian-config-Make-signing-optional.patch
@@ -0,0 +1,40 @@
+From 37f9afeeac5483f677b5be41b3d31e6557fcc146 Mon Sep 17 00:00:00 2001
+From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+Date: Wed, 29 Sep 2021 15:27:51 +0200
+Subject: [PATCH 3/9] debian/config: Make signing optional
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ debian/configs/defconfig | 1 -
+ debian/rules | 3 +++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/debian/configs/defconfig b/debian/configs/defconfig
+index b38aa62..f959e44 100644
+--- a/debian/configs/defconfig
++++ b/debian/configs/defconfig
+@@ -2,7 +2,6 @@ CONFIG_SYSTEMD=y
+ CONFIG_HW_COMPATIBILITY=y
+ CONFIG_DOWNLOAD=y
+ CONFIG_DOWNLOAD_SSL=y
+-CONFIG_SIGNED_IMAGES=y
+ CONFIG_SIGALG_CMS=y
+ CONFIG_ENCRYPTED_IMAGES=y
+ CONFIG_SURICATTA=y
+diff --git a/debian/rules b/debian/rules
+index 292133b..4793c84 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -39,6 +39,9 @@ else ifneq (,$(filter pkg.swupdate.efibootguard,$(DEB_BUILD_PROFILES)))
+ else
+ echo CONFIG_BOOTLOADER_NONE=y >> configs/debian_defconfig
+ endif
++ifeq (,$(filter pkg.swupdate.nosigning,$(DEB_BUILD_PROFILES)))
++ echo CONFIG_SIGNED_IMAGES=y >> configs/debian_defconfig
++endif
+ ifneq (,$(filter pkg.swupdate.p11,$(DEB_BUILD_PROFILES)))
+ echo CONFIG_PKCS11=y >> configs/debian_defconfig
+ endif
+--
+2.30.2
+
diff --git a/recipes-core/swupdate/files/0004-debian-config-Make-image-encryption-optional.patch b/recipes-core/swupdate/files/0004-debian-config-Make-image-encryption-optional.patch
new file mode 100644
index 0000000..45990f8
--- /dev/null
+++ b/recipes-core/swupdate/files/0004-debian-config-Make-image-encryption-optional.patch
@@ -0,0 +1,40 @@
+From b0cfcc9980c6daf6383c6dc51fdbe90e1c7625d5 Mon Sep 17 00:00:00 2001
+From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+Date: Wed, 29 Sep 2021 15:28:21 +0200
+Subject: [PATCH 4/9] debian/config: Make image encryption optional
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ debian/configs/defconfig | 1 -
+ debian/rules | 3 +++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/debian/configs/defconfig b/debian/configs/defconfig
+index f959e44..8e1a810 100644
+--- a/debian/configs/defconfig
++++ b/debian/configs/defconfig
+@@ -3,7 +3,6 @@ CONFIG_HW_COMPATIBILITY=y
+ CONFIG_DOWNLOAD=y
+ CONFIG_DOWNLOAD_SSL=y
+ CONFIG_SIGALG_CMS=y
+-CONFIG_ENCRYPTED_IMAGES=y
+ CONFIG_SURICATTA=y
+ CONFIG_SURICATTA_SSL=y
+ CONFIG_UPDATE_STATE_CHOICE_BOOTLOADER=y
+diff --git a/debian/rules b/debian/rules
+index 4793c84..6d32d50 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -42,6 +42,9 @@ endif
+ ifeq (,$(filter pkg.swupdate.nosigning,$(DEB_BUILD_PROFILES)))
+ echo CONFIG_SIGNED_IMAGES=y >> configs/debian_defconfig
+ endif
++ifeq (,$(filter pkg.swupdate.noencryption,$(DEB_BUILD_PROFILES)))
++ echo CONFIG_ENCRYPTED_IMAGES=y >> configs/debian_defconfig
++endif
+ ifneq (,$(filter pkg.swupdate.p11,$(DEB_BUILD_PROFILES)))
+ echo CONFIG_PKCS11=y >> configs/debian_defconfig
+ endif
+--
+2.30.2
+
diff --git a/recipes-core/swupdate/files/0005-debian-rules-Add-Embedded-Lua-handler-option.patch b/recipes-core/swupdate/files/0005-debian-rules-Add-Embedded-Lua-handler-option.patch
new file mode 100644
index 0000000..84665cd
--- /dev/null
+++ b/recipes-core/swupdate/files/0005-debian-rules-Add-Embedded-Lua-handler-option.patch
@@ -0,0 +1,30 @@
+From 0200687ad67d6e5a0e9bbdf2e8c86e3f8e717c5e Mon Sep 17 00:00:00 2001
+From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+Date: Wed, 29 Sep 2021 11:32:41 +0200
+Subject: [PATCH 5/6] debian/rules: Add Embedded Lua handler option
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ debian/rules | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/debian/rules b/debian/rules
+index 69fd790..9ace348 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -52,7 +52,12 @@ ifneq (,$(LUA_VERSION))
+ echo CONFIG_LUAPKG=\"lua$(LUA_VERSION)\" >> configs/debian_defconfig
+ echo CONFIG_LUASCRIPTHANDLER=y >> configs/debian_defconfig
+ echo CONFIG_HANDLER_IN_LUA=y >> configs/debian_defconfig
++ifneq (,$(filter pkg.swupdate.embeddedlua,$(DEB_BUILD_PROFILES)))
++ echo CONFIG_EMBEDDED_LUA_HANDLER=y >> configs/debian_defconfig
++ echo CONFIG_EMBEDDED_LUA_HANDLER_SOURCE=\"/usr/share/lua/$(LUA_VERSION)/swupdate_handlers.lua\" >> configs/debian_defconfig
+ endif
++endif
++
+ echo CONFIG_EXTRA_CFLAGS=\"$(CFLAGS) $(CPPFLAGS)\" >> configs/debian_defconfig
+ echo CONFIG_EXTRA_LDFLAGS=\"$(LDFLAGS)\" >> configs/debian_defconfig
+ echo CONFIG_EXTRA_LDLIBS=\"$(LDLIBS)\" >> configs/debian_defconfig
+--
+2.30.2
+
diff --git a/recipes-core/swupdate/files/0005-debian-rules-Add-option-to-disable-fs-creation.patch b/recipes-core/swupdate/files/0005-debian-rules-Add-option-to-disable-fs-creation.patch
new file mode 100644
index 0000000..1121923
--- /dev/null
+++ b/recipes-core/swupdate/files/0005-debian-rules-Add-option-to-disable-fs-creation.patch
@@ -0,0 +1,47 @@
+From 22a96e95676123c6ce8800b9d911402704dce9e2 Mon Sep 17 00:00:00 2001
+From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+Date: Mon, 4 Oct 2021 17:15:56 +0200
+Subject: [PATCH 5/9] debian/rules: Add option to disable fs creation
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ debian/configs/defconfig | 4 ----
+ debian/rules | 7 +++++++
+ 2 files changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/debian/configs/defconfig b/debian/configs/defconfig
+index 8e1a810..d011deb 100644
+--- a/debian/configs/defconfig
++++ b/debian/configs/defconfig
+@@ -9,10 +9,6 @@ CONFIG_UPDATE_STATE_CHOICE_BOOTLOADER=y
+ CONFIG_WEBSERVER=y
+ CONFIG_MONGOOSESSL=y
+ CONFIG_ZSTD=y
+-CONFIG_DISKPART=y
+-CONFIG_DISKFORMAT=y
+-CONFIG_FAT_FILESYSTEM=y
+-CONFIG_EXT_FILESYSTEM=y
+ CONFIG_UNIQUEUUID=y
+ CONFIG_RAW=y
+ CONFIG_RDIFFHANDLER=y
+diff --git a/debian/rules b/debian/rules
+index 6d32d50..9349c22 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -45,6 +45,13 @@ endif
+ ifeq (,$(filter pkg.swupdate.noencryption,$(DEB_BUILD_PROFILES)))
+ echo CONFIG_ENCRYPTED_IMAGES=y >> configs/debian_defconfig
+ endif
++ifeq (,$(filter pkg.swupdate.nocreatefs,$(DEB_BUILD_PROFILES)))
++ echo CONFIG_DISKPART=y >> configs/debian_defconfig
++ echo CONFIG_DISKFORMAT=y >> configs/debian_defconfig
++ echo CONFIG_FAT_FILESYSTEM=y >> configs/debian_defconfig
++ echo CONFIG_EXT_FILESYSTEM=y >> configs/debian_defconfig
++endif
++
+ ifneq (,$(filter pkg.swupdate.p11,$(DEB_BUILD_PROFILES)))
+ echo CONFIG_PKCS11=y >> configs/debian_defconfig
+ endif
+--
+2.30.2
+
diff --git a/recipes-core/swupdate/files/0006-debian-rules-Add-option-to-disable-webserver.patch b/recipes-core/swupdate/files/0006-debian-rules-Add-option-to-disable-webserver.patch
new file mode 100644
index 0000000..23a456d
--- /dev/null
+++ b/recipes-core/swupdate/files/0006-debian-rules-Add-option-to-disable-webserver.patch
@@ -0,0 +1,42 @@
+From 9caabe416aca7ca2bf1cd2d8be89cfc89cedf6cd Mon Sep 17 00:00:00 2001
+From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+Date: Mon, 4 Oct 2021 17:27:11 +0200
+Subject: [PATCH 6/9] debian/rules: Add option to disable webserver
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ debian/configs/defconfig | 2 --
+ debian/rules | 4 ++++
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/debian/configs/defconfig b/debian/configs/defconfig
+index d011deb..337fcce 100644
+--- a/debian/configs/defconfig
++++ b/debian/configs/defconfig
+@@ -6,8 +6,6 @@ CONFIG_SIGALG_CMS=y
+ CONFIG_SURICATTA=y
+ CONFIG_SURICATTA_SSL=y
+ CONFIG_UPDATE_STATE_CHOICE_BOOTLOADER=y
+-CONFIG_WEBSERVER=y
+-CONFIG_MONGOOSESSL=y
+ CONFIG_ZSTD=y
+ CONFIG_UNIQUEUUID=y
+ CONFIG_RAW=y
+diff --git a/debian/rules b/debian/rules
+index 9349c22..4574b18 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -39,6 +39,10 @@ else ifneq (,$(filter pkg.swupdate.efibootguard,$(DEB_BUILD_PROFILES)))
+ else
+ echo CONFIG_BOOTLOADER_NONE=y >> configs/debian_defconfig
+ endif
++ifeq (,$(filter pkg.swupdate.nowebserver,$(DEB_BUILD_PROFILES)))
++ echo CONFIG_WEBSERVER=y >> configs/debian_defconfig
++ echo CONFIG_MONGOOSESSL=y >> configs/debian_defconfig
++endif
+ ifeq (,$(filter pkg.swupdate.nosigning,$(DEB_BUILD_PROFILES)))
+ echo CONFIG_SIGNED_IMAGES=y >> configs/debian_defconfig
+ endif
+--
+2.30.2
+
diff --git a/recipes-core/swupdate/files/0007-debian-Make-CONFIG_HW_COMPATIBILTY-optional.patch b/recipes-core/swupdate/files/0007-debian-Make-CONFIG_HW_COMPATIBILTY-optional.patch
new file mode 100644
index 0000000..c2d37a9
--- /dev/null
+++ b/recipes-core/swupdate/files/0007-debian-Make-CONFIG_HW_COMPATIBILTY-optional.patch
@@ -0,0 +1,40 @@
+From 538e54a36b24eb6caf49d7dca91598fa9fc86713 Mon Sep 17 00:00:00 2001
+From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+Date: Tue, 5 Oct 2021 10:56:25 +0200
+Subject: [PATCH 7/9] debian: Make CONFIG_HW_COMPATIBILTY optional
+
+Add option for qemu.
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ debian/configs/defconfig | 1 -
+ debian/rules | 3 +++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/debian/configs/defconfig b/debian/configs/defconfig
+index 337fcce..6fc1137 100644
+--- a/debian/configs/defconfig
++++ b/debian/configs/defconfig
+@@ -1,5 +1,4 @@
+ CONFIG_SYSTEMD=y
+-CONFIG_HW_COMPATIBILITY=y
+ CONFIG_DOWNLOAD=y
+ CONFIG_DOWNLOAD_SSL=y
+ CONFIG_SIGALG_CMS=y
+diff --git a/debian/rules b/debian/rules
+index 4574b18..9a4b0d4 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -39,6 +39,9 @@ else ifneq (,$(filter pkg.swupdate.efibootguard,$(DEB_BUILD_PROFILES)))
+ else
+ echo CONFIG_BOOTLOADER_NONE=y >> configs/debian_defconfig
+ endif
++ifneq (,$(filter pkg.swupdate.hwcompatibility,$(DEB_BUILD_PROFILES)))
++ echo CONFIG_HW_COMPATIBILITY=y >> configs/debian_defconfig
++endif
+ ifeq (,$(filter pkg.swupdate.nowebserver,$(DEB_BUILD_PROFILES)))
+ echo CONFIG_WEBSERVER=y >> configs/debian_defconfig
+ echo CONFIG_MONGOOSESSL=y >> configs/debian_defconfig
+--
+2.30.2
+
diff --git a/recipes-core/swupdate/files/0008-debian-rules-Add-Embedded-Lua-handler-option.patch b/recipes-core/swupdate/files/0008-debian-rules-Add-Embedded-Lua-handler-option.patch
new file mode 100644
index 0000000..44a83c4
--- /dev/null
+++ b/recipes-core/swupdate/files/0008-debian-rules-Add-Embedded-Lua-handler-option.patch
@@ -0,0 +1,30 @@
+From c2f07b552c6d83562fed5452bc778ae0e5e19cd4 Mon Sep 17 00:00:00 2001
+From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+Date: Wed, 29 Sep 2021 11:32:41 +0200
+Subject: [PATCH 8/9] debian/rules: Add Embedded Lua handler option
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ debian/rules | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/debian/rules b/debian/rules
+index 9a4b0d4..a1f73fd 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -66,7 +66,12 @@ ifneq (,$(LUA_VERSION))
+ echo CONFIG_LUAPKG=\"lua$(LUA_VERSION)\" >> configs/debian_defconfig
+ echo CONFIG_LUASCRIPTHANDLER=y >> configs/debian_defconfig
+ echo CONFIG_HANDLER_IN_LUA=y >> configs/debian_defconfig
++ifneq (,$(filter pkg.swupdate.embeddedlua,$(DEB_BUILD_PROFILES)))
++ echo CONFIG_EMBEDDED_LUA_HANDLER=y >> configs/debian_defconfig
++ echo CONFIG_EMBEDDED_LUA_HANDLER_SOURCE=\"/usr/share/lua/$(LUA_VERSION)/swupdate_handlers.lua\" >> configs/debian_defconfig
+ endif
++endif
++
+ echo CONFIG_EXTRA_CFLAGS=\"$(CFLAGS) $(CPPFLAGS)\" >> configs/debian_defconfig
+ echo CONFIG_EXTRA_LDFLAGS=\"$(LDFLAGS)\" >> configs/debian_defconfig
+ echo CONFIG_EXTRA_LDLIBS=\"$(LDLIBS)\" >> configs/debian_defconfig
+--
+2.30.2
+
diff --git a/recipes-core/swupdate/files/0009-debian-prepare-build-for-isar-debian-buster.patch b/recipes-core/swupdate/files/0009-debian-prepare-build-for-isar-debian-buster.patch
new file mode 100644
index 0000000..8462951
--- /dev/null
+++ b/recipes-core/swupdate/files/0009-debian-prepare-build-for-isar-debian-buster.patch
@@ -0,0 +1,72 @@
+From 16dd48c2282aba91f8fc1f458f7b0c06504cac19 Mon Sep 17 00:00:00 2001
+From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+Date: Wed, 29 Sep 2021 16:17:03 +0200
+Subject: [PATCH 9/9] debian: prepare build for isar debian buster
+
+Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
+---
+ debian/compat | 1 +
+ debian/control | 10 +++++-----
+ debian/rules | 4 +++-
+ 3 files changed, 9 insertions(+), 6 deletions(-)
+ create mode 100644 debian/compat
+
+diff --git a/debian/compat b/debian/compat
+new file mode 100644
+index 0000000..f599e28
+--- /dev/null
++++ b/debian/compat
+@@ -0,0 +1 @@
++10
+diff --git a/debian/control b/debian/control
+index 6031537..710cb2d 100644
+--- a/debian/control
++++ b/debian/control
+@@ -4,7 +4,7 @@ Priority: optional
+ Maintainer: Stefano Babic <sbabic@denx.de>
+ Uploaders: SZ Lin (林上智) <szlin@debian.org>,
+ Nobuhiro Iwamatsu <iwamatsu@debian.org>
+-Build-Depends: debhelper-compat (= 13),
++Build-Depends: debhelper,
+ dh-lua:native <!nolua>,
+ liblua5.2-dev <!nolua>,
+ libfdisk-dev,
+@@ -23,10 +23,10 @@ Build-Depends: debhelper-compat (= 13),
+ libzstd-dev,
+ libp11-kit-dev <pkg.swupdate.p11>,
+ libwolfssl-dev <pkg.swupdate.p11>,
+- libmtd-dev <!pkg.swupdate.bpo>,
+- libubi-dev <!pkg.swupdate.bpo>,
+- libwebsockets-dev (>= 3.2.0) <!pkg.swupdate.bpo>,
+- liburiparser-dev <!pkg.swupdate.bpo>,
++ libmtd-dev <pkg.swupdate.mtd> <pkg.swupdate.ubi>,
++ libubi-dev <pkg.swupdate.ubi>,
++ libwebsockets-dev,
++ liburiparser-dev,
+ libubootenv-dev <pkg.swupdate.uboot>,
+ efibootguard-dev <pkg.swupdate.efibootguard>,
+ libcmocka-dev,
+diff --git a/debian/rules b/debian/rules
+index a1f73fd..a2ae1ac 100755
+--- a/debian/rules
++++ b/debian/rules
+@@ -19,13 +19,15 @@ endif
+
+ override_dh_auto_configure:
+ cp debian/configs/defconfig configs/debian_defconfig
+-ifeq (,$(filter pkg.swupdate.bpo,$(DEB_BUILD_PROFILES)))
++ifneq (,$(filter pkg.swupdate.mtd,$(DEB_BUILD_PROFILES)))
+ echo CONFIG_MTD=y >> configs/debian_defconfig
++ifneq (,$(filter pkg.swupdate.ubi,$(DEB_BUILD_PROFILES)))
+ echo CONFIG_SWUFORWARDER_HANDLER=y >> configs/debian_defconfig
+ echo CONFIG_CFI=y >> configs/debian_defconfig
+ echo CONFIG_CFIHAMMING1=y >> configs/debian_defconfig
+ echo CONFIG_UBIVOL=y >> configs/debian_defconfig
+ echo CONFIG_SSBLSWITCH=y >> configs/debian_defconfig
++endif
+ else
+ echo "# CONFIG_MTD is not set" >> configs/debian_defconfig
+ endif
+--
+2.30.2
+
diff --git a/recipes-core/swupdate/swupdate.inc b/recipes-core/swupdate/swupdate.inc
new file mode 100644
index 0000000..a469587
--- /dev/null
+++ b/recipes-core/swupdate/swupdate.inc
@@ -0,0 +1,53 @@
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Siemens AG, 2021
+#
+# Authors:
+# Quirin Gylstorff <quirin.gylstorff@siemens.com>
+#
+# SPDX-License-Identifier: MIT
+
+DESCRIPTION = "swupdate utility for software updates"
+HOMEPAGE= "https://github.com/sbabic/swupdate"
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://${LAYERDIR_isar}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
+
+def get_bootloader_build_profile(d):
+ bootloader = d.getVar("SWUPDATE_BOOTLOADER") or ""
+ if bootloader == "efibootguard":
+ return "pkg.swupdate.efibootguard"
+ if bootloader == "u-boot":
+ return "pkg.swupdate.uboot"
+ return ""
+
+SWUPDATE_BUILD_PROFILES += "${@get_bootloader_build_profile(d)}"
+
+def get_bootloader_dependencies(d):
+ bootloader = d.getVar("SWUPDATE_BOOTLOADER", True) or ""
+ if bootloader == "efibootguard":
+ return "efibootguard-dev"
+ if bootloader == "u-boot":
+ if d.getVar("U_BOOT_CONFIG_PACKAGE", True) == "1":
+ return "libubootenv u-boot-{}-config".format(d.getVar("MACHINE", TRUE))
+ else:
+ return "libubootenv"
+ return ""
+
+DEPENDS += "${@get_bootloader_dependencies(d)}"
+DEPENDS += "${@bb.utils.contains('SWUPDATE_BUILD_PROFILES', 'mtd', 'mtd-utils', '', d)}"
+
+do_install_builddeps_prepend() {
+ export DEB_BUILD_PROFILES="${SWUPDATE_BUILD_PROFILES}"
+}
+
+dpkg_runbuild_prepend() {
+ export DEB_BUILD_PROFILES="${SWUPDATE_BUILD_PROFILES}"
+}
+
+python do_check_bootloader () {
+ bootloader = d.getVar("SWUPDATE_BOOTLOADER", True) or "None"
+ if not bootloader in ["efibootguard", "u-boot"]:
+ bb.warn("swupdate: SWUPDATE_BOOTLOADER set to incompatible value: " + bootloader)
+}
+addtask check_bootloader before do_fetch
diff --git a/recipes-core/swupdate/swupdate_2021.04-1+debian-gbp.bb b/recipes-core/swupdate/swupdate_2021.04-1+debian-gbp.bb
new file mode 100644
index 0000000..a451b55
--- /dev/null
+++ b/recipes-core/swupdate/swupdate_2021.04-1+debian-gbp.bb
@@ -0,0 +1,48 @@
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Siemens AG, 2021
+#
+# Authors:
+# Quirin Gylstorff <quirin.gylstorff@siemens.com>
+#
+# SPDX-License-Identifier: MIT
+
+inherit dpkg-gbp
+
+include swupdate.inc
+
+SRC_URI = "git://salsa.debian.org/debian/swupdate.git;protocol=https;branch=debian/master"
+SRCREV ="debian/2021.04-1"
+
+# add options to DEB_BUILD_PROFILES
+SRC_URI += "file://0001-debian-Add-option-to-build-with-efibootguard.patch \
+ file://0002-debian-rules-Add-CONFIG_MTD.patch \
+ file://0003-debian-config-Make-signing-optional.patch \
+ file://0004-debian-config-Make-image-encryption-optional.patch \
+ file://0005-debian-rules-Add-option-to-disable-fs-creation.patch \
+ file://0006-debian-rules-Add-option-to-disable-webserver.patch \
+ file://0007-debian-Make-CONFIG_HW_COMPATIBILTY-optional.patch \
+ file://0008-debian-rules-Add-Embedded-Lua-handler-option.patch"
+
+# deactivate signing and encryption for simple a/b rootfs update
+SWUPDATE_BUILD_PROFILES += "pkg.swupdate.nosigning pkg.swupdate.noencryption"
+
+# If the luahandler shall be embedded into the swupdate binary
+# include the following lines.
+# DEPENDS += "swupdate-handlers"
+# GBP_DEPENDS += "swupdate-handlers"
+# SWUPDATE_BUILD_PROFILES += "pkg.swupdate.embeddedlua"
+
+# modify for debian buster build
+SRC_URI_append_cip-core-buster = " file://0009-debian-prepare-build-for-isar-debian-buster.patch"
+
+# disable documentation due to missing packages in debian buster
+# disable create filesystem due to missing symbols in debian buster
+# disable webserver due to missing symbols in debian buster
+SWUPDATE_BUILD_PROFILES_append_cip-core-buster = " nodoc \
+ pkg.swupdate.nocreatefs \
+ pkg.swupdate.nowebserver "
+# In debian buster the git-compression defaults to gz and does not detect other
+# compression formats.
+GBP_EXTRA_OPTIONS += "--git-compression=xz"
--
2.30.2


[isar-cip-core][PATCH v2 3/4] swupdate-handler: Use same lua version as swupdate-debian-gbp

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
.../swupdate-handler-roundrobin_0.1.bb | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb b/recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb
index b9ccec2..3a5a51e 100644
--- a/recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb
+++ b/recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb
@@ -20,11 +20,12 @@ SWUPDATE_LUASCRIPT = "swupdate-handler-roundrobin/swupdate_handlers_roundrobin.l
SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG ?= "swupdate.handler.${SWUPDATE_BOOTLOADER}.ini"
SRC_URI += "${@('file://' + d.getVar('SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG')) if d.getVar('SWUPDATE_BOOTLOADER') else ''}"

+# lua version 5.2 is currently hard coded in swupdate @ debian salsa
do_install[cleandirs] = "${D}/etc \
- ${D}/usr/share/lua/5.3"
+ ${D}/usr/share/lua/5.2"
do_install() {
if [ -e ${WORKDIR}/${SWUPDATE_LUASCRIPT} ]; then
- install -m 0644 ${WORKDIR}/${SWUPDATE_LUASCRIPT} ${D}/usr/share/lua/5.3/swupdate_handlers.lua
+ install -m 0644 ${WORKDIR}/${SWUPDATE_LUASCRIPT} ${D}/usr/share/lua/5.2/swupdate_handlers.lua
fi
if [ -e ${WORKDIR}/${SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG} ]; then
install -m 0644 ${WORKDIR}/${SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG} ${D}/etc/swupdate.handler.ini
--
2.30.2


[isar-cip-core][PATCH v2 0/4] Use SWUpdate from salsa.debian.org

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

This patch series uses the source from sala.debian.org for the build of SWUpdate.

The build is patched to contain most of the previous build option from swupdate-config.bbclass.

The recipes support Debian Buster and Debian Bullseye.

Changes V2:
- Correct spacing and end of file
- rename recipe swupdate-handlers to swupdate-handler-roundrobin
- extend comment in recipe swupdate

Quirin Gylstorff (4):
swupdate: Move handler to own recipe
swupdate: Use dpkg-gbp build with salsa
swupdate-handler: Use same lua version as swupdate-debian-gbp
swupdate: remove version 2021.04+isar-git

classes/kconfig-snippets.bbclass | 90 -------------------
classes/swupdate-config.bbclass | 89 ------------------
kas/opt/swupdate.yml | 1 +
.../swupdate.handler.efibootguard.ini | 0
.../files/swupdate.handler.efibootguard.ini | 0
.../swupdate-handler-roundrobin_0.1.bb | 33 +++++++
...dd-option-to-build-with-efibootguard.patch | 39 ++++++++
.../0002-debian-rules-Add-CONFIG_MTD.patch | 27 ++++++
...-debian-config-Make-signing-optional.patch | 40 +++++++++
...onfig-Make-image-encryption-optional.patch | 40 +++++++++
...ules-Add-Embedded-Lua-handler-option.patch | 30 +++++++
...es-Add-option-to-disable-fs-creation.patch | 47 ++++++++++
...ules-Add-option-to-disable-webserver.patch | 42 +++++++++
...Make-CONFIG_HW_COMPATIBILTY-optional.patch | 40 +++++++++
...ules-Add-Embedded-Lua-handler-option.patch | 30 +++++++
...prepare-build-for-isar-debian-buster.patch | 72 +++++++++++++++
.../swupdate/files/debian/changelog.tmpl | 6 --
recipes-core/swupdate/files/debian/compat | 1 -
.../swupdate/files/debian/control.tmpl | 15 ----
recipes-core/swupdate/files/debian/copyright | 36 --------
recipes-core/swupdate/files/debian/rules.tmpl | 31 -------
.../swupdate/files/debian/swupdate.examples | 2 -
.../swupdate/files/debian/swupdate.install | 2 -
.../swupdate/files/debian/swupdate.manpages | 5 --
.../swupdate/files/debian/swupdate.tmpfile | 2 -
recipes-core/swupdate/files/debian/watch | 12 ---
recipes-core/swupdate/files/postinst | 2 -
recipes-core/swupdate/files/swupdate.cfg | 6 --
.../swupdate/files/swupdate.service.example | 11 ---
.../swupdate/files/swupdate.socket.example | 11 ---
.../swupdate/files/swupdate.socket.tmpl | 13 ---
.../swupdate/files/swupdate_defconfig | 83 -----------------
.../swupdate_defconfig_efibootguard.snippet | 3 -
.../files/swupdate_defconfig_lua.snippet | 2 -
.../swupdate_defconfig_luahandler.snippet | 4 -
.../files/swupdate_defconfig_mtd.snippet | 1 -
.../files/swupdate_defconfig_u-boot.snippet | 3 -
.../files/swupdate_defconfig_ubi.snippet | 6 --
recipes-core/swupdate/swupdate.bb | 61 -------------
recipes-core/swupdate/swupdate.inc | 53 +++++++++++
.../swupdate/swupdate_2021.04-1+debian-gbp.bb | 48 ++++++++++
41 files changed, 542 insertions(+), 497 deletions(-)
delete mode 100644 classes/kconfig-snippets.bbclass
delete mode 100644 classes/swupdate-config.bbclass
rename recipes-core/{swupdate => swupdate-handler-roundrobin}/files/secureboot/swupdate.handler.efibootguard.ini (100%)
rename recipes-core/{swupdate => swupdate-handler-roundrobin}/files/swupdate.handler.efibootguard.ini (100%)
create mode 100644 recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb
create mode 100644 recipes-core/swupdate/files/0001-debian-Add-option-to-build-with-efibootguard.patch
create mode 100644 recipes-core/swupdate/files/0002-debian-rules-Add-CONFIG_MTD.patch
create mode 100644 recipes-core/swupdate/files/0003-debian-config-Make-signing-optional.patch
create mode 100644 recipes-core/swupdate/files/0004-debian-config-Make-image-encryption-optional.patch
create mode 100644 recipes-core/swupdate/files/0005-debian-rules-Add-Embedded-Lua-handler-option.patch
create mode 100644 recipes-core/swupdate/files/0005-debian-rules-Add-option-to-disable-fs-creation.patch
create mode 100644 recipes-core/swupdate/files/0006-debian-rules-Add-option-to-disable-webserver.patch
create mode 100644 recipes-core/swupdate/files/0007-debian-Make-CONFIG_HW_COMPATIBILTY-optional.patch
create mode 100644 recipes-core/swupdate/files/0008-debian-rules-Add-Embedded-Lua-handler-option.patch
create mode 100644 recipes-core/swupdate/files/0009-debian-prepare-build-for-isar-debian-buster.patch
delete mode 100644 recipes-core/swupdate/files/debian/changelog.tmpl
delete mode 100644 recipes-core/swupdate/files/debian/compat
delete mode 100644 recipes-core/swupdate/files/debian/control.tmpl
delete mode 100644 recipes-core/swupdate/files/debian/copyright
delete mode 100755 recipes-core/swupdate/files/debian/rules.tmpl
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.examples
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.install
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.manpages
delete mode 100644 recipes-core/swupdate/files/debian/swupdate.tmpfile
delete mode 100644 recipes-core/swupdate/files/debian/watch
delete mode 100644 recipes-core/swupdate/files/postinst
delete mode 100644 recipes-core/swupdate/files/swupdate.cfg
delete mode 100644 recipes-core/swupdate/files/swupdate.service.example
delete mode 100644 recipes-core/swupdate/files/swupdate.socket.example
delete mode 100644 recipes-core/swupdate/files/swupdate.socket.tmpl
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_efibootguard.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_lua.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_luahandler.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_mtd.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_u-boot.snippet
delete mode 100644 recipes-core/swupdate/files/swupdate_defconfig_ubi.snippet
delete mode 100644 recipes-core/swupdate/swupdate.bb
create mode 100644 recipes-core/swupdate/swupdate.inc
create mode 100644 recipes-core/swupdate/swupdate_2021.04-1+debian-gbp.bb

--
2.30.2


[isar-cip-core][PATCH v2 1/4] swupdate: Move handler to own recipe

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

Split the SWUpdate lua handler into a seperate recipe in
preparation for using the Debian provided SWUpdate package.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
classes/swupdate-config.bbclass | 8 -----
kas/opt/swupdate.yml | 1 +
.../swupdate.handler.efibootguard.ini | 0
.../files/swupdate.handler.efibootguard.ini | 0
.../swupdate-handler-roundrobin_0.1.bb | 32 +++++++++++++++++++
recipes-core/swupdate/swupdate.bb | 13 --------
6 files changed, 33 insertions(+), 21 deletions(-)
rename recipes-core/{swupdate => swupdate-handler-roundrobin}/files/secureboot/swupdate.handler.efibootguard.ini (100%)
rename recipes-core/{swupdate => swupdate-handler-roundrobin}/files/swupdate.handler.efibootguard.ini (100%)
create mode 100644 recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb

diff --git a/classes/swupdate-config.bbclass b/classes/swupdate-config.bbclass
index e4879c7..1d57ce1 100644
--- a/classes/swupdate-config.bbclass
+++ b/classes/swupdate-config.bbclass
@@ -17,14 +17,6 @@ BUILD_DEB_DEPENDS = " \
zlib1g-dev, debhelper, libconfig-dev, libarchive-dev, \
python-sphinx:native, dh-systemd, libsystemd-dev, libssl-dev, pkg-config"

-SRC_URI += " ${@ 'git://gitlab.com/cip-project/cip-sw-updates/swupdate-handler-roundrobin.git;protocol=https;destsuffix=swupdate-handler-roundrobin;name=swupdate-handler-roundrobin;nobranch=1' \
- if d.getVar('SWUPDATE_USE_ROUND_ROBIN_HANDLER_REPO') == '1' else '' \
- }"
-SRCREV_swupdate-handler-roundrobin ?= "6f561f136fdbe51d2e9066b934dfcb06b94c6624"
-
-SWUPDATE_USE_ROUND_ROBIN_HANDLER_REPO ?= "1"
-SWUPDATE_LUASCRIPT ?= "swupdate-handler-roundrobin/swupdate_handlers_roundrobin.lua"
-
KFEATURE_lua = ""
KFEATURE_lua[BUILD_DEB_DEPENDS] = "liblua5.3-dev"
KFEATURE_lua[KCONFIG_SNIPPETS] = "file://swupdate_defconfig_lua.snippet"
diff --git a/kas/opt/swupdate.yml b/kas/opt/swupdate.yml
index bd0f6e4..974eacb 100644
--- a/kas/opt/swupdate.yml
+++ b/kas/opt/swupdate.yml
@@ -17,6 +17,7 @@ header:
local_conf_header:
swupdate: |
IMAGE_INSTALL_append = " swupdate"
+ IMAGE_INSTALL_append = " swupdate-handler-roundrobin"

wic-swu: |
IMAGE_TYPE = "wic-swu-img"
diff --git a/recipes-core/swupdate/files/secureboot/swupdate.handler.efibootguard.ini b/recipes-core/swupdate-handler-roundrobin/files/secureboot/swupdate.handler.efibootguard.ini
similarity index 100%
rename from recipes-core/swupdate/files/secureboot/swupdate.handler.efibootguard.ini
rename to recipes-core/swupdate-handler-roundrobin/files/secureboot/swupdate.handler.efibootguard.ini
diff --git a/recipes-core/swupdate/files/swupdate.handler.efibootguard.ini b/recipes-core/swupdate-handler-roundrobin/files/swupdate.handler.efibootguard.ini
similarity index 100%
rename from recipes-core/swupdate/files/swupdate.handler.efibootguard.ini
rename to recipes-core/swupdate-handler-roundrobin/files/swupdate.handler.efibootguard.ini
diff --git a/recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb b/recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb
new file mode 100644
index 0000000..b9ccec2
--- /dev/null
+++ b/recipes-core/swupdate-handler-roundrobin/swupdate-handler-roundrobin_0.1.bb
@@ -0,0 +1,32 @@
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Siemens AG, 2021
+#
+# Authors:
+# Quirin Gylstorff <quirin.gylstorff@siemens.com>
+#
+# SPDX-License-Identifier: MIT
+
+inherit dpkg-raw
+
+PROVIDES = "swupdate-handlers"
+
+SRC_URI += "git://gitlab.com/cip-project/cip-sw-updates/swupdate-handler-roundrobin.git;protocol=https;destsuffix=swupdate-handler-roundrobin;name=swupdate-handler-roundrobin;nobranch=1"
+SRCREV_swupdate-handler-roundrobin ?= "ba4c5ae8e664a9624335753cb152e6e264b3f518"
+
+SWUPDATE_LUASCRIPT = "swupdate-handler-roundrobin/swupdate_handlers_roundrobin.lua"
+
+SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG ?= "swupdate.handler.${SWUPDATE_BOOTLOADER}.ini"
+SRC_URI += "${@('file://' + d.getVar('SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG')) if d.getVar('SWUPDATE_BOOTLOADER') else ''}"
+
+do_install[cleandirs] = "${D}/etc \
+ ${D}/usr/share/lua/5.3"
+do_install() {
+ if [ -e ${WORKDIR}/${SWUPDATE_LUASCRIPT} ]; then
+ install -m 0644 ${WORKDIR}/${SWUPDATE_LUASCRIPT} ${D}/usr/share/lua/5.3/swupdate_handlers.lua
+ fi
+ if [ -e ${WORKDIR}/${SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG} ]; then
+ install -m 0644 ${WORKDIR}/${SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG} ${D}/etc/swupdate.handler.ini
+ fi
+}
diff --git a/recipes-core/swupdate/swupdate.bb b/recipes-core/swupdate/swupdate.bb
index 8bef9ab..a29a797 100644
--- a/recipes-core/swupdate/swupdate.bb
+++ b/recipes-core/swupdate/swupdate.bb
@@ -29,8 +29,6 @@ DEBIAN_DEPENDS = "${shlibs:Depends}, ${misc:Depends}"
inherit dpkg
inherit swupdate-config

-SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG ?= "swupdate.handler.${SWUPDATE_BOOTLOADER}.ini"
-SRC_URI += "${@('file://' + d.getVar('SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG')) if d.getVar('SWUPDATE_BOOTLOADER') else ''}"
KFEATURES += "luahandler"

S = "${WORKDIR}/git"
@@ -47,15 +45,4 @@ do_prepare_build() {
if ! grep -q "configs/${DEFCONFIG}" ${S}/.gitignore; then
echo "configs/${DEFCONFIG}" >> ${S}/.gitignore
fi
- # luahandler
- if [ -e ${WORKDIR}/${SWUPDATE_LUASCRIPT} ]; then
- install -m 0644 ${WORKDIR}/${SWUPDATE_LUASCRIPT} ${S}/swupdate_handlers.lua
- fi
- if [ -e ${WORKDIR}/swupdate.handler.${SWUPDATE_BOOTLOADER}.ini ]; then
- install -m 0644 ${WORKDIR}/swupdate.handler.${SWUPDATE_BOOTLOADER}.ini ${S}/swupdate.handler.ini
- echo "swupdate.handler.ini etc/" >> ${S}/debian/swupdate.install
- elif [ -e ${WORKDIR}/${SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG} ]; then
- install -m 0644 ${WORKDIR}/${SWUPDATE_ROUND_ROBIN_HANDLER_CONFIG} ${S}/swupdate.handler.ini
- echo "swupdate.handler.ini etc/" >> ${S}/debian/swupdate.install
- fi
}
--
2.30.2


cip/linux-4.19.y-cip sleep: 8 runs, 2 regressions (v4.19.209-cip59) #kernelci

kernelci.org bot <bot@...>
 

cip/linux-4.19.y-cip sleep: 8 runs, 2 regressions (v4.19.209-cip59)

Regressions Summary
-------------------

platform | arch | lab | compiler | defconfig | regressions
-------------------+--------+---------------+----------+------------------------------+------------
hp-11A-G6-EE-grunt | x86_64 | lab-collabora | gcc-8 | x86_64_defcon...6-chromebook | 2

Details: https://kernelci.org/test/job/cip/branch/linux-4.19.y-cip/kernel/v4.19.209-cip59/plan/sleep/

Test: sleep
Tree: cip
Branch: linux-4.19.y-cip
Describe: v4.19.209-cip59
URL: https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
SHA: 11e803e05e061dc32e92deb7bd73c20dfbc48ae5


Test Regressions
----------------


platform | arch | lab | compiler | defconfig | regressions
-------------------+--------+---------------+----------+------------------------------+------------
hp-11A-G6-EE-grunt | x86_64 | lab-collabora | gcc-8 | x86_64_defcon...6-chromebook | 2

Details: https://kernelci.org/test/plan/id/6165cbc2f8f0cd8e0a08fac0

Results: 21 PASS, 2 FAIL, 0 SKIP
Full config: x86_64_defconfig+x86-chromebook
Compiler: gcc-8 (gcc (Debian 8.3.0-6) 8.3.0)
Plain log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.209-cip59/x86_64/x86_64_defconfig+x86-chromebook/gcc-8/lab-collabora/sleep-hp-11A-G6-EE-grunt.txt
HTML log: https://storage.kernelci.org//cip/linux-4.19.y-cip/v4.19.209-cip59/x86_64/x86_64_defconfig+x86-chromebook/gcc-8/lab-collabora/sleep-hp-11A-G6-EE-grunt.html
Rootfs: http://storage.kernelci.org/images/rootfs/debian/buster/20211008.0/amd64/rootfs.cpio.gz


* sleep.rtcwake-freeze-8: https://kernelci.org/test/case/id/6165cbc2f8f0cd8e0a08fac4
new failure (last pass: v4.19.206-cip57)

2021-10-12T17:53:35.328305 rtcwake: assuming RTC uses UTC ...
2021-10-12T17:53:35.333729 rtcwake: wakeup from \"freeze\" using rtc0 at Tue Oct 12 17:53:41 2021
2021-10-12T17:53:35.346487 <6>[ 61.447864] Freezing user space processes ... (elapsed 0.001 seconds) done.
2021-10-12T17:53:35.349601 <6>[ 61.456127] OOM killer disabled.
2021-10-12T17:53:35.360237 <6>[ 61.459614] Freezing remaining freezable tasks ... (elapsed 0.003 seconds) done.
2021-10-12T17:53:35.366813 <6>[ 61.470306] Suspending console(s) (use no_console_suspend to debug)
2021-10-12T17:53:35.619989
2021-10-12T17:53:35.620828
2021-10-12T17:53:35.624849 coreboot-56f9d1cd49 Thu Sep 5 21:57:06 UTC 2019 smm starting...
2021-10-12T17:53:35.625521
... (1147 line(s) more)

* sleep.rtcwake-freeze-7: https://kernelci.org/test/case/id/6165cbc2f8f0cd8e0a08fac5
new failure (last pass: v4.19.206-cip57)

2021-10-12T17:53:35.296526 rtcwake: assuming RTC uses UTC ...
2021-10-12T17:53:35.303034 rtcwake: wakeup from \"freeze\" using rtc0 at Tue Oct 12 17:53:41 2021
2021-10-12T17:53:35.314017 <6>[ 61.419378] PM: suspend entry (s2idle)
2021-10-12T17:53:35.316924 <6>[ 61.423401] PM: suspend exit
2021-10-12T17:53:35.319258 rtcwake: write error

1581 - 1600 of 8411