Date   

[cip-kernel-sec] failure when importing stable

daniel.sangorrin@...
 

Hello Ben,

I am trying to write a Quickstart about "cip-kernel-sec" for the CIP wiki (see initial draft attached).
The Readme file mentions that you need two remote branches (torvalds and stable) defined on the ../kernel directory by default. However, that didn't seem enough because conf/remotes.yml also includes a remote branch "cip". I added a "cip" remote branch, but then I got an error when importing (see draft). Could you help me understand why do I need the CIP remote branch if ../kernel already has the CIP information? It seems I am doing something wrong.

I am still trying to figure out the correct workflow. I have thought of at least two use cases:

1) CIP kernel maintainer: (s)he wants to know whether there are debian/ubuntu CVEs pending on his branch.
$ ./scripts/report_affected.py linux-4.4.y

2) Product engineer: he wants to know which CVEs are pending on the kernel since he shipped the device. If the CVEs are critical he may decide to create a new release and update the device.
$ ./scripts/report_affected.py linux-4.4.y:v4.4.176-cip31<-- is something like this possible?

Also, I wanted to know how new issues are added. I am guessing something like this:

$ ./scripts/import_debian.py
-> automatically adds yml files in issues/
$ ./scripts/validate.py
-> checks all yml syntax
$ vi issues/CVE-xxx <-- edit by hand those with syntax errors, or other errors?
$ ./scripts/validate.py <-- repeat validate until no errors appear
$ ./scripts/cleanup.py <-- correct indentation or spaces?

Thanks,
Daniel


[Git][cip-project/cip-kernel/cip-kernel-sec][master] Add fix for CVE-2019-5489 in 4.4

Agustin Benito Bethencourt
 

Ben Hutchings pushed to branch master at cip-project / cip-kernel / cip-kernel-sec

Commits:

  • ffa1ed40
    by Ben Hutchings at 2019-06-13T21:18:59Z
    Add fix for CVE-2019-5489 in 4.4
    

1 changed file:

Changes:

  • issues/CVE-2019-5489.yml
    ... ... @@ -53,5 +53,6 @@ introduced-by:
    53 53
     fixed-by:
    
    54 54
       linux-4.14.y: [212c5685825c1ed45ac3a191dd7ada6e5889bfa2]
    
    55 55
       linux-4.19.y: [f580a54bbd522f2518fd642f7d4d73ad728e5d58]
    
    56
    +  linux-4.4.y: [b614485b6b93dbb2f6202341c60594fcdc110d5c]
    
    56 57
       linux-4.9.y: [fef85fb00224cb22f9efec262e9ffe8970e555ee]
    
    57 58
       mainline: [574823bfab82d9d8fa47f422778043fbb4b4f50e]


  • [Git][cip-project/cip-kernel/cip-kernel-sec][master] 2 commits: Mark CVE-2019-11487 to be ignored for 3.16 and 4.4

    Agustin Benito Bethencourt
     

    Ben Hutchings pushed to branch master at cip-project / cip-kernel / cip-kernel-sec

    Commits:

    • 45959f97
      by Ben Hutchings at 2019-06-13T21:07:43Z
      Mark CVE-2019-11487 to be ignored for 3.16 and 4.4
      
    • f06464f8
      by Ben Hutchings at 2019-06-13T21:12:52Z
      Mark eBPF filter denial-of-service to be ignored for 4.4
      

    2 changed files:

    Changes:

  • issues/CVE-2018-ebpf-filter-dos.yml
    1 1
     description: Ability to fill entire module space with eBPF JIT socket filters
    
    2 2
     comments:
    
    3 3
       Debian-bwh: This should be minor for Debian because we don't enable JIT by default.
    
    4
    +  bwh: |
    
    5
    +    It was not safe to enable BPF JIT for unprivileged users before
    
    6
    +    commit 4f3446bb809f "bpf: add generic constant blinding for use in
    
    7
    +    jits" in Linux 4.7, so this can be ignored for older versions.
    
    4 8
     introduced-by:
    
    5 9
       linux-4.14.y: [6fde36d5ce7ba4303865d5e11601cd3094e5909b]
    
    6 10
       linux-4.4.y: [28c486744e6de4d882a1d853aa63d99fcba4b7a6]
    
    ... ... @@ -10,3 +14,6 @@ introduced-by:
    10 14
     fixed-by:
    
    11 15
       linux-4.19.y: [43caa29c99db5a41b204e8ced01b00e151335ca8]
    
    12 16
       mainline: [ede95a63b5e84ddeea6b0c473b36ab8bfd8c6ce3]
    
    17
    +ignore:
    
    18
    +  linux-4.4.y: Unprivileged BPF JIT should not be enabled
    
    19
    +  linux-4.4.y-cip: Unprivileged BPF JIT should not be enabled

  • issues/CVE-2019-11487.yml
    ... ... @@ -36,3 +36,7 @@ fixed-by:
    36 36
         ad73e3a199066ad9bf48ea1334ef312e5aa078f4, 258fc3baeb4b2da15391735fd806facf4a91b585]
    
    37 37
       mainline: [15fab63e1e57be9fdb5eec1bbc5916e9825e9acb, 88b1a17dfc3ed7728316478fae0f5ad508f50397,
    
    38 38
         8fde12ca79aff9b5ba951fce1a2641901b8d8e64, f958d7b528b1b40c44cfda5eabe2d82760d868c3]
    
    39
    +ignore:
    
    40
    +  linux-3.16.y: Minor issue, difficult to backport fix
    
    41
    +  linux-4.4.y: Minor issue, difficult to backport fix
    
    42
    +  linux-4.4.y-cip: Minor issue, difficult to backport fix


  • Re: CIP IRC weekly meeting today

    Chris Paterson
     

    Hello SZ,

    From: cip-dev-bounces@... <cip-dev-bounces@...
    project.org> On Behalf Of SZ Lin (???)
    Sent: 13 June 2019 00:27

    Hi all,

    Kindly be reminded to attend the weekly meeting through IRC to discuss
    technical topics with CIP kernel today.

    *Please note that IRC meeting was rescheduled to UTC (GMT) 09:00 starting
    from the first week of Apr. according to TSC meeting*
    https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019
    &month=6&day=13&hour=9&min=0&sec=0&p1=241&p2=137&p3=179&p4=1
    36&p5=37&p6=248

    US-West US-East   UK     DE     TW     JP
    02:00    05:00   10:00   11:00   17:00   18:00

    Channel:
    * irc:chat.freenode.net:6667/cip

    Agenda:

    * Action item
    1. send investigating email for kernel-testing lab to cip-dev - patersonc
    Sorry for the delay, I'm still waiting on an internal discussion to conclude before making a proposal to CIP.
    Hopefully I'll get this done by next week.

    Kind regards, Chris

    2. provide the script for CIP kernel config collection - bwh
    3. provide the plan about next cip-rt kernel release - szlin

    * Kernel maintenance updates
    * Kernel testing
    * CIP Core
    * Software update
    * AOB

    The meeting will take 30 min, although it can be extended to an hour if it
    makes sense and those involved in the topics can stay. Otherwise, the topic
    will be taken offline or in the next meeting.

    Best regards,

    SZ Lin, Moxa.
    _______________________________________________
    cip-dev mailing list
    cip-dev@...
    https://lists.cip-project.org/mailman/listinfo/cip-dev


    Re: [next] iwg20m: add support for this board

    daniel.sangorrin@...
     

    - Bmap notes

    The document doc/README_iwg20m.md uses bmaptool to
    flash the image onto an SDCard. This functionality
    is not yet available on the ISAR version used by
    isar-cip-core. For now, you can either backport the
    bmap patch [1] or use dd as explained in the README.

    [1] https://lists.cip-project.org/pipermail/cip-dev/2019-June/002430.html
    We can add that patch to isar-cip-core until we update to a version that
    contains it -> follow-up patch.
    OK, I added that and sent the patch to the list. I have also sent you a merge request on gitlab with the 3 patches.

    Thanks,
    Daniel


    [isar-cip-core][next] bmap: apply bmap patch to isar until we upgrade

    Daniel Sangorrin <daniel.sangorrin@...>
     

    A similar bmap patch has been sent to ISAR upstream,
    but while it gets accepted and until we update the ISAR
    version, we can use this backport.

    Signed-off-by: Daniel Sangorrin <daniel.sangorrin@...>
    ---
    0001-bmap-generate-bmap-for-wic-images.patch | 57 ++++++++++++++++++++
    kas.yml | 4 ++
    2 files changed, 61 insertions(+)
    create mode 100644 0001-bmap-generate-bmap-for-wic-images.patch

    diff --git a/0001-bmap-generate-bmap-for-wic-images.patch b/0001-bmap-generate-bmap-for-wic-images.patch
    new file mode 100644
    index 0000000..63ebe54
    --- /dev/null
    +++ b/0001-bmap-generate-bmap-for-wic-images.patch
    @@ -0,0 +1,57 @@
    +From 4bf7d60b4fb64ed0a7a131431cc6a2573e7178a4 Mon Sep 17 00:00:00 2001
    +From: Daniel Sangorrin <daniel.sangorrin@...>
    +Date: Thu, 13 Jun 2019 13:51:28 +0900
    +Subject: [PATCH] bmap: generate bmap for wic images
    +
    +bmap shortens the time required to flash an image.
    +This can be useful when you need a fixed-size image, for
    +example to update partitions with swupdate.
    +
    +Example usage:
    +sudo bmaptool copy --bmap \
    +build/tmp/deploy/images/iwg20m/cip-core-image-cip-core-iwg20m.wic.img.bmap \
    +build/tmp/deploy/images/iwg20m/cip-core-image-cip-core-iwg20m.wic.img \
    +/dev/sdf
    +
    +Signed-off-by: Daniel Sangorrin <daniel.sangorrin@...>
    +---
    + meta/classes/wic-img.bbclass | 5 ++++-
    + meta/conf/distro/debian-common.conf | 4 ++--
    + 2 files changed, 6 insertions(+), 3 deletions(-)
    +
    +diff --git a/meta/classes/wic-img.bbclass b/meta/classes/wic-img.bbclass
    +index 09d9f2e..f227655 100644
    +--- a/meta/classes/wic-img.bbclass
    ++++ b/meta/classes/wic-img.bbclass
    +@@ -151,9 +151,12 @@ EOSUDO
    + ${ISARROOT}/scripts/wic create ${WKS_FULL_PATH} \
    + --vars "${STAGING_DIR}/${MACHINE}/imgdata/" \
    + -o /tmp/${IMAGE_FULLNAME}.wic/ \
    ++ --bmap \
    + -e ${IMAGE_BASENAME} ${WIC_CREATE_EXTRA_ARGS}
    + sudo chown -R $(stat -c "%U" ${ISARROOT}) ${ISARROOT}/meta ${ISARROOT}/meta-isar ${ISARROOT}/scripts || true
    +- cp -f $(ls -t -1 ${BUILDCHROOT_DIR}/tmp/${IMAGE_FULLNAME}.wic/*.direct | head -1) ${WIC_IMAGE_FILE}
    ++ WIC_DIRECT=$(ls -t -1 ${BUILDCHROOT_DIR}/tmp/${IMAGE_FULLNAME}.wic/*.direct | head -1)
    ++ cp -f ${WIC_DIRECT} ${WIC_IMAGE_FILE}
    ++ cp -f ${WIC_DIRECT}.bmap ${WIC_IMAGE_FILE}.bmap
    + }
    +
    + do_wic_image[file-checksums] += "${WKS_FILE_CHECKSUM}"
    +diff --git a/meta/conf/distro/debian-common.conf b/meta/conf/distro/debian-common.conf
    +index 5a47483..c1e5d6b 100644
    +--- a/meta/conf/distro/debian-common.conf
    ++++ b/meta/conf/distro/debian-common.conf
    +@@ -10,8 +10,8 @@ WIC_IMAGER_INSTALL = "parted \
    + util-linux \
    + dosfstools \
    + mtools \
    +- e2fsprogs \
    +- python3"
    ++ python3 \
    ++ bmap-tools"
    +
    + GRUB_BOOTLOADER_INSTALL_amd64 = "grub-efi-amd64-bin"
    + GRUB_BOOTLOADER_INSTALL_i386 = "grub-efi-ia32-bin"
    +--
    +2.17.1
    +
    diff --git a/kas.yml b/kas.yml
    index 21a776e..c726079 100644
    --- a/kas.yml
    +++ b/kas.yml
    @@ -20,6 +20,10 @@ repos:
    isar:
    url: https://github.com/ilbers/isar
    refspec: 596732aa99c361b756655434bc90e0108e1caa33
    + patches:
    + bmap:
    + repo: cip-core
    + path: 0001-bmap-generate-bmap-for-wic-images.patch
    layers:
    meta:

    --
    2.17.1


    CIP IRC weekly meeting today

    SZ Lin (林上智) <SZ.Lin@...>
     

    Hi all,

    Kindly be reminded to attend the weekly meeting through IRC to discuss technical topics with CIP kernel today.

    *Please note that IRC meeting was rescheduled to UTC (GMT) 09:00 starting from the first week of Apr. according to TSC meeting*
    https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=6&day=13&hour=9&min=0&sec=0&p1=241&p2=137&p3=179&p4=136&p5=37&p6=248

    US-West US-East   UK     DE     TW     JP
    02:00    05:00   10:00   11:00   17:00   18:00

    Channel:
    * irc:chat.freenode.net:6667/cip

    Agenda:

    * Action item
    1. send investigating email for kernel-testing lab to cip-dev - patersonc
    2. provide the script for CIP kernel config collection - bwh
    3. provide the plan about next cip-rt kernel release - szlin

    * Kernel maintenance updates
    * Kernel testing
    * CIP Core
    * Software update
    * AOB

    The meeting will take 30 min, although it can be extended to an hour if it makes sense and those involved in the topics can stay. Otherwise, the topic will be taken offline or in the next meeting.

    Best regards,

    SZ Lin, Moxa.


    [Git][cip-project/cip-kernel/cip-kernel-sec][master] 4 commits: Import more data

    Agustin Benito Bethencourt
     


    Re: gitlab-ci for CIP tiny profile (Deby)

    daniel.sangorrin@...
     

    Thanks Michael,

    It seems that worked out!
    https://gitlab.com/cip-project/cip-core/deby/-/jobs/229463821

    Best regards,
    Daniel

    -----Original Message-----
    From: Adler, Michael <michael.adler@...>
    Sent: Tuesday, June 11, 2019 6:16 PM
    To: sangorrin daniel(サンゴリン ダニエル ○SWC□OST) <daniel.sangorrin@...>
    Cc: cip-dev@...
    Subject: Re: [cip-dev] gitlab-ci for CIP tiny profile (Deby)

    Hi Daniel,

    I've done some experiments as well [1]. Could you try prefixing the "kas build" command with "gosu builder"?
    Something like this:

    gosu builder kas build --target core-image-minimal meta-cip-bbb/kas-bbb.yml

    See also my gitlab-ci.yml [2].

    Best regards,
    Michael

    [1] https://gitlab.com/therisen06/entrypoint-debug/-/jobs/228882512
    [2]
    https://gitlab.com/therisen06/entrypoint-debug/blob/3c1ffef93ca7880e11a984d4338bf04965962f1f/.gitlab-
    ci.yml

    --
    Michael Adler
    Siemens AG, Corporate Technology, CT RDA IOT SES-DE, Otto-Hahn-Ring 6, 81739 Munich, Germany

    Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme; Managing Board: Joe Kaeser,
    Chairman, President and Chief Executive Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel,
    Siegfried Russwurm, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; Commercial registries:
    Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322


    Re: Kernel configurations for 4.19?

    minmin@plathome.co.jp
     

    Hi,

    Sorry for loooooooooooooooong time.

    I got kernel config for 4.19 from our development team.

    Attachment is for OpenBlocks IoT VX2.

    Best regards.

    minmin

    Plat'Home Co., Ltd.


    Re: gitlab-ci for CIP tiny profile (Deby)

    Michael Adler
     

    Hi Daniel,

    I've done some experiments as well [1]. Could you try prefixing the "kas build" command with "gosu builder"?
    Something like this:

    gosu builder kas build --target core-image-minimal meta-cip-bbb/kas-bbb.yml

    See also my gitlab-ci.yml [2].

    Best regards,
    Michael

    [1] https://gitlab.com/therisen06/entrypoint-debug/-/jobs/228882512
    [2] https://gitlab.com/therisen06/entrypoint-debug/blob/3c1ffef93ca7880e11a984d4338bf04965962f1f/.gitlab-ci.yml

    --
    Michael Adler
    Siemens AG, Corporate Technology, CT RDA IOT SES-DE, Otto-Hahn-Ring 6, 81739 Munich, Germany

    Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme; Managing Board: Joe Kaeser, Chairman, President and Chief Executive Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel, Siegfried Russwurm, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322


    Re: gitlab-ci for CIP tiny profile (Deby)

    daniel.sangorrin@...
     

    Hi Michael,

    From: Adler, Michael <michael.adler@...>
    [snip]
    Meanwhile, various workarounds are possible:

    * Use su/sudo in your gitlab-ci.yml to run bitbake as non-root user
    I tried but I got this weird behavior:
    https://gitlab.com/cip-project/cip-core/deby/-/jobs/228110647

    $ export USER_ID=30000
    $ /bin/bash /kas/docker-entrypoint
    $ whoami
    root
    $ cat /etc/passwd
    builder:x:30000:30000::/builder:/bin/sh
    $ su - builder
    $ whoami
    root <-- not builder!
    $ kas build --target core-image-minimal meta-cip-bbb/kas-bbb.yml
    Do not use Bitbake as root.
    ERROR: Job failed: command terminated with exit code 1

    * Fork the kas Docker image and insert a USER directive [4]
    * ...

    As usual, it is better to push the fix upstream instead of downstream and fix the bug in Gitlab runner.
    Then I could also get rid of this [5] ugly workaround :-)

    I should be back on Tuesday here. So long, Michael.
    Happy Pfingstmontag ;)

    Thanks,
    Daniel


    [1] https://gitlab.com/cip-project/cip-core/deby/-/jobs/226291592
    [2]
    https://github.com/siemens/kas/blob/90ae592ff1b835bb7a8ee5999fe0d619242972c5/docker-entrypoint
    [3] https://gitlab.com/gitlab-org/gitlab-runner/issues/4125
    [4] https://docs.docker.com/engine/reference/builder/#user
    [5]
    https://gitlab.com/cip-playground/gitlab-cloud-ci/blob/master/share/k8s/setup-host-binfmt/daemonset.yaml

    --
    Michael Adler
    Siemens AG, Corporate Technology, CT RDA IOT SES-DE, Otto-Hahn-Ring 6, 81739 Munich, Germany

    Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme; Managing Board: Joe Kaeser,
    Chairman, President and Chief Executive Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel,
    Siegfried Russwurm, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; Commercial registries:
    Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322


    Re: [next] iwg20m: add support for this board

    Ben Hutchings <ben.hutchings@...>
     

    On Fri, 2019-06-07 at 15:06 +0000, Chris Paterson wrote:
    Hello,

    From: cip-dev-bounces@... <cip-dev-bounces@...
    project.org> On Behalf Of Ben Hutchings
    Sent: 07 June 2019 15:41

    On Thu, 2019-06-06 at 16:48 +0900, Daniel Sangorrin wrote:
    This patch adds support for the iwg20m board to isar-cip-core.

    - Kernel version notes

    This board is only supported by the 4.4 kernel. For that
    reason, the preferred version is set to 4.4 and the user
    doesn't need to specify :opt-4.4.yml
    [...]

    This really shouldn't be allowed to happen.  All the patches applied to
    4.4-cip to support this board were already upstream, so this must be a
    regression.  If this board is used as a basis for real systems that
    need to run beyond EOL of the 4.4-cip branch (~2026), it needs to be
    possible to upgrade them to a new kernel version at that time.
    Actually, the iwg20m board does work with the upstream Kernel as well
    as v4.19.y-cip, e.g. [1].
    Oh, good.

    I think it's just that Renesas doesn't intend to support the board
    with anything other than v4.4.y-cip.
    I understand the desire to limit the support burden. But I hope that
    there is a plan to support a newer kernel version eventually, if
    necessary.

    Ben.

    [1] https://lava.ciplatform.org/scheduler/job/1219

    Kind regards, Chris
    --
    Ben Hutchings, Software Developer   Codethink Ltd
    https://www.codethink.co.uk/ Dale House, 35 Dale Street
    Manchester, M1 2HF, United Kingdom


    Re: [next] iwg20m: add support for this board

    Chris Paterson
     

    Hello,

    From: cip-dev-bounces@... <cip-dev-bounces@...
    project.org> On Behalf Of Ben Hutchings
    Sent: 07 June 2019 15:41

    On Thu, 2019-06-06 at 16:48 +0900, Daniel Sangorrin wrote:
    This patch adds support for the iwg20m board to isar-cip-core.

    - Kernel version notes

    This board is only supported by the 4.4 kernel. For that
    reason, the preferred version is set to 4.4 and the user
    doesn't need to specify :opt-4.4.yml
    [...]

    This really shouldn't be allowed to happen. All the patches applied to
    4.4-cip to support this board were already upstream, so this must be a
    regression. If this board is used as a basis for real systems that
    need to run beyond EOL of the 4.4-cip branch (~2026), it needs to be
    possible to upgrade them to a new kernel version at that time.
    Actually, the iwg20m board does work with the upstream Kernel as well as v4.19.y-cip, e.g. [1].

    I think it's just that Renesas doesn't intend to support the board with anything other than v4.4.y-cip.

    [1] https://lava.ciplatform.org/scheduler/job/1219

    Kind regards, Chris


    Ben.

    --
    Ben Hutchings, Software Developer   Codethink Ltd
    https://www.codethink.co.uk/ Dale House, 35 Dale Street
    Manchester, M1 2HF, United Kingdom
    _______________________________________________
    cip-dev mailing list
    cip-dev@...
    https://lists.cip-project.org/mailman/listinfo/cip-dev


    Re: [isar-cip-core] iwg20m: temporary patch for review v2

    Ben Hutchings <ben.hutchings@...>
     

    On Wed, 2019-06-05 at 11:16 +0900, Daniel Sangorrin wrote:
    I added a revipe for building iwg20m's u-boot.
    This u-boot is very old (2013) and had some compile problems.

    - u-boot fatal error: linux/compiler-gcc6.h: No such file or directory
    - arm-linux-gnueabihf-ld.bfd: unrecognized option '-Wl,-z,relro'

    I solved the first one but not the second one.
    [...]

    "-Wl,-z,relro" is a gcc option which should result in passing
    "-z relro" to the linker. Perhaps a Makefile is invoking $(LD) with
    $(LDFLAGS), where it should be invoking $(CC) instead?

    In any case, this is a hardening option for dynamically linked binaries
    and I don't think it makes any difference to the kernel or u-boot.

    Ben.

    --
    Ben Hutchings, Software Developer   Codethink Ltd
    https://www.codethink.co.uk/ Dale House, 35 Dale Street
    Manchester, M1 2HF, United Kingdom


    Re: [next] iwg20m: add support for this board

    Ben Hutchings <ben.hutchings@...>
     

    On Thu, 2019-06-06 at 16:48 +0900, Daniel Sangorrin wrote:
    This patch adds support for the iwg20m board to isar-cip-core.

    - Kernel version notes

    This board is only supported by the 4.4 kernel. For that
    reason, the preferred version is set to 4.4 and the user
    doesn't need to specify :opt-4.4.yml
    [...]

    This really shouldn't be allowed to happen. All the patches applied to
    4.4-cip to support this board were already upstream, so this must be a
    regression. If this board is used as a basis for real systems that
    need to run beyond EOL of the 4.4-cip branch (~2026), it needs to be
    possible to upgrade them to a new kernel version at that time.

    Ben.

    --
    Ben Hutchings, Software Developer   Codethink Ltd
    https://www.codethink.co.uk/ Dale House, 35 Dale Street
    Manchester, M1 2HF, United Kingdom


    Re: gitlab-ci for CIP tiny profile (Deby)

    Michael Adler
     

    Alright, the token exchange was successful this morning and gitlab-cloud-ci runner should be visible to all child
    projects now. However, we ran into an issue [1] when executing Daniel's CI pipeline:

    Gitlab runner does not execute the container's entrypoint [2] which in the above scenario is responsible for switching
    to a non-privileged user. This is actually a bug in the Gitlab Kubernetes runner itself [3]. Maybe someone here is
    eager enough to fix it :-)? The fix itself should be just a few lines of code, but testing will require some time and
    effort.

    Meanwhile, various workarounds are possible:

    * Use su/sudo in your gitlab-ci.yml to run bitbake as non-root user
    * Fork the kas Docker image and insert a USER directive [4]
    * ...

    As usual, it is better to push the fix upstream instead of downstream and fix the bug in Gitlab runner.
    Then I could also get rid of this [5] ugly workaround :-)

    I should be back on Tuesday here. So long, Michael.

    [1] https://gitlab.com/cip-project/cip-core/deby/-/jobs/226291592
    [2] https://github.com/siemens/kas/blob/90ae592ff1b835bb7a8ee5999fe0d619242972c5/docker-entrypoint
    [3] https://gitlab.com/gitlab-org/gitlab-runner/issues/4125
    [4] https://docs.docker.com/engine/reference/builder/#user
    [5] https://gitlab.com/cip-playground/gitlab-cloud-ci/blob/master/share/k8s/setup-host-binfmt/daemonset.yaml

    --
    Michael Adler
    Siemens AG, Corporate Technology, CT RDA IOT SES-DE, Otto-Hahn-Ring 6, 81739 Munich, Germany

    Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme; Managing Board: Joe Kaeser, Chairman, President and Chief Executive Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel, Siegfried Russwurm, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322


    Re: [next] iwg20m: add support for this board

    Jan Kiszka
     

    On 06.06.19 09:48, Daniel Sangorrin wrote:
    This patch adds support for the iwg20m board to isar-cip-core.
    - Kernel version notes
    This board is only supported by the 4.4 kernel. For that
    reason, the preferred version is set to 4.4 and the user
    doesn't need to specify :opt-4.4.yml
    - U-boot notes
    The u-boot version shipped with the board is rather
    old (2013.01) and comes without distro boot support.
    We could try building it with CONFIG_CMD_SOURCE to use
    a boot.scr script. However, the build gave several
    Ah, now I read the reasoning properly - got it, unfortunate, but makes sense.

    errors probably caused by incompatibilities with
    modern compilers. Additionally, u-boot resides
    on an SPI device and any failures while updating
    it will brick the board. For all these reasons,
    this patch relies on the u-boot shipped with the
    board completely. The user needs to setup some
    additional u-boot environment variables as described
    in doc/README_iwg20m.md
    - Kernel configuration notes
    The configuration is based on the kernel's
    shmobile_defconfig. Then it adds some
    configuration bits for booting on an SDCard with
    EXT4, booting from a ramdisk, and running Systemd.
    - Bmap notes
    The document doc/README_iwg20m.md uses bmaptool to
    flash the image onto an SDCard. This functionality
    is not yet available on the ISAR version used by
    isar-cip-core. For now, you can either backport the
    bmap patch [1] or use dd as explained in the README.
    [1] https://lists.cip-project.org/pipermail/cip-dev/2019-June/002430.html
    We can add that patch to isar-cip-core until we update to a version that contains it -> follow-up patch.

    Jan

    Signed-off-by: Daniel Sangorrin <daniel.sangorrin@...>
    sdf
    Signed-off-by: Daniel Sangorrin <daniel.sangorrin@...>
    ---
    board-iwg20m.yml | 16 ++
    conf/machine/iwg20m.conf | 24 ++
    doc/README_iwg20m.md | 49 ++++
    recipes-kernel/linux/files/iwg20m_defconfig | 275 ++++++++++++++++++++
    wic/iwg20m.wks | 18 ++
    5 files changed, 382 insertions(+)
    create mode 100644 board-iwg20m.yml
    create mode 100644 conf/machine/iwg20m.conf
    create mode 100644 doc/README_iwg20m.md
    create mode 100644 recipes-kernel/linux/files/iwg20m_defconfig
    create mode 100644 wic/iwg20m.wks
    diff --git a/board-iwg20m.yml b/board-iwg20m.yml
    new file mode 100644
    index 0000000..fbb2a2e
    --- /dev/null
    +++ b/board-iwg20m.yml
    @@ -0,0 +1,16 @@
    +#
    +# CIP Core, generic profile
    +#
    +# Copyright (c) Toshiba corp., 2019
    +#
    +# Authors:
    +# Daniel Sangorrin <daniel.sangorrin@...>
    +#
    +# SPDX-License-Identifier: MIT
    +#
    +
    +header:
    + version: 8
    +
    +machine: iwg20m
    +target: cip-core-image
    diff --git a/conf/machine/iwg20m.conf b/conf/machine/iwg20m.conf
    new file mode 100644
    index 0000000..2f91771
    --- /dev/null
    +++ b/conf/machine/iwg20m.conf
    @@ -0,0 +1,24 @@
    +#
    +# CIP Core, generic profile
    +#
    +# Copyright (c) Toshiba corp. 2019
    +#
    +# SPDX-License-Identifier: MIT
    +#
    +DISTRO_ARCH = "armhf"
    +
    +# see wic/iwg20m.wks
    +IMAGE_TYPE = "wic-img"
    +
    +# sets serial login getty
    +MACHINE_SERIAL = "ttySC0"
    +BAUDRATE_TTY = "115200"
    +
    +# kernel version
    +PREFERRED_VERSION_linux-cip ?= "4.4.%"
    +PREFERRED_VERSION_linux-cip-rt ?= "4.4.%"
    +
    +# Boot partition files
    +DTB_FILE = "r8a7743-iwg20d-q7-dbcm-ca.dtb"
    +KERNEL_IMAGE="zImage"
    +IMAGE_BOOT_FILES = "${KERNEL_IMAGE} ${DTB_FILE}"
    diff --git a/doc/README_iwg20m.md b/doc/README_iwg20m.md
    new file mode 100644
    index 0000000..25fdf72
    --- /dev/null
    +++ b/doc/README_iwg20m.md
    @@ -0,0 +1,49 @@
    +# ISAR CIP Core: Instructions for the Renesas IWG20M board
    +
    +Version: 20190606
    +Copyright: Toshiba corp.
    +
    +## Build the CIP Core image
    +
    +Use [kas-docker](https://github.com/siemens/kas/blob/master/kas-docker) to build the image. Currently this board is only supported by the CIP kernel version `4.4.y`.
    +
    +```
    +$ git clone https://gitlab.com/cip-project/cip-core/isar-cip-core.git
    +$ cd isar-cip-core
    +$ wget https://raw.githubusercontent.com/siemens/kas/master/kas-docker
    +$ chmod a+x kas-docker
    +$ ./kas-docker --isar build kas.yml:board-iwg20m.yml
    +```
    +
    +After the build is finished, insert a micro SDCard and flash the image with `bmaptool` (a better `dd`). Make sure you substitute `/dev/sdX` by the device file corresponding to your SDCard.
    +
    +```
    +$ sudo apt install bmap-tools
    +$ sudo bmaptool copy --bmap build/tmp/deploy/images/iwg20m/cip-core-image-cip-core-iwg20m.wic.img.bmap build/tmp/deploy/images/iwg20m/cip-core-image-cip-core-iwg20m.wic.img /dev/sdX
    +```
    +
    +[Note] the bmap file will only be created on newer versions of ISAR. If the bmap file was not created then use `dd`.
    +
    +## U-boot settings
    +
    +
    +In order to boot from the micro SDCard, we need to set some environment variables on u-boot. Insert the card on the microSD slot (on the upper hardware module), and a USB-serial cable to the USB Debug port (on the lower hardware module). Open a serial terminal (here we use `picocom`), and then switch on the board and enter the u-boot interactive command line to set the environment variables.
    +
    +```
    +$ picocom -b 115200 /dev/ttyUSB0
    +iWave-G20M > setenv bootargs_msd 'setenv bootargs ${bootargs_base} root=/dev/mmcblk0p2 rw rootfstype=ext4 rootwait'
    +iWave-G20M > setenv bootcmd_msd 'run bootargs_msd;run fdt_check;mmc dev 1;fatload mmc 1 ${loadaddr} zImage;fatload mmc 1 ${fdt_addr} r8a7743-iwg20d-q7-dbcm-ca.dtb;bootz ${loadaddr} - ${fdt_addr}'
    +iWave-G20M > saveenv
    +```
    +
    +Note that `mmcblk0p2` represents the SDCard when running the CIP kernel 4.4. Once the environment variables are setup, you can boot from the SDCard as follows
    +
    +```
    +iWave-G20M > run bootcmd_msd
    +```
    +
    +Finally, to make that persistent set the `bootcmd` variable.
    +
    +```
    +iWave-G20M > setenv bootcmd 'run bootcmd_msd'
    +```
    diff --git a/recipes-kernel/linux/files/iwg20m_defconfig b/recipes-kernel/linux/files/iwg20m_defconfig
    new file mode 100644
    index 0000000..7fb16de
    --- /dev/null
    +++ b/recipes-kernel/linux/files/iwg20m_defconfig
    @@ -0,0 +1,275 @@
    +
    +# systemd configs
    +CONFIG_DEVTMPFS=y
    +CONFIG_CGROUPS=y
    +CONFIG_INOTIFY_USER=y
    +CONFIG_SIGNALFD=y
    +CONFIG_TIMERFD=y
    +CONFIG_EPOLL=y
    +CONFIG_NET=y
    +CONFIG_SYSFS=y
    +CONFIG_PROC_FS=y
    +CONFIG_FHANDLE=y
    +CONFIG_CRYPTO_USER_API_HASH=y
    +CONFIG_CRYPTO_HMAC=y
    +CONFIG_CRYPTO_SHA256=y
    +CONFIG_SYSFS_DEPRECATED=n
    +CONFIG_UEVENT_HELPER_PATH=""
    +CONFIG_FW_LOADER_USER_HELPER=n
    +CONFIG_DMIID=y
    +CONFIG_BLK_DEV_BSG=y
    +CONFIG_NET_NS=y
    +CONFIG_USER_NS=y
    +CONFIG_IPV6=y
    +CONFIG_AUTOFS_FS=y
    +CONFIG_TMPFS_XATTR=y
    +CONFIG_EXT4_FS_POSIX_ACL=y
    +#CONFIG_REISERFS_FS_POSIX_ACL=y
    +#CONFIG_JFS_POSIX_ACL=y
    +#CONFIG_XFS_POSIX_ACL=y
    +#CONFIG_BTRFS_FS_POSIX_ACL=y
    +#CONFIG_F2FS_FS_POSIX_ACL=y
    +CONFIG_FS_POSIX_ACL=y
    +CONFIG_TMPFS_POSIX_ACL=y
    +#CONFIG_JFFS2_FS_POSIX_ACL=y
    +#CONFIG_CEPH_FS_POSIX_ACL=y
    +#CONFIG_9P_FS_POSIX_ACL=y
    +CONFIG_SECCOMP=Y
    +CONFIG_SECCOMP_FILTER=y
    +CONFIG_CHECKPOINT_RESTORE=y
    +CONFIG_CGROUP_SCHED=y
    +CONFIG_FAIR_GROUP_SCHED=y
    +CONFIG_CFS_BANDWIDTH=y
    +CONFIG_CGROUP_BPF=y
    +CONFIG_RT_GROUP_SCHED=n
    +
    +# to boot from the SD Card
    +CONFIG_EXT4_FS=y
    +CONFIG_EXT4_USE_FOR_EXT2=y
    +
    +# to boot from an initramfs
    +CONFIG_BLK_DEV_RAM=y
    +CONFIG_BLK_DEV_RAM_COUNT=4
    +CONFIG_BLK_DEV_RAM_SIZE=250000
    +
    +# shmobile_defconfig
    +CONFIG_SYSVIPC=y
    +CONFIG_NO_HZ=y
    +CONFIG_IKCONFIG=y
    +CONFIG_IKCONFIG_PROC=y
    +CONFIG_LOG_BUF_SHIFT=16
    +CONFIG_BLK_DEV_INITRD=y
    +CONFIG_CC_OPTIMIZE_FOR_SIZE=y
    +CONFIG_SYSCTL_SYSCALL=y
    +CONFIG_EMBEDDED=y
    +CONFIG_PERF_EVENTS=y
    +CONFIG_SLAB=y
    +CONFIG_ARCH_SHMOBILE_MULTI=y
    +CONFIG_ARCH_EMEV2=y
    +CONFIG_ARCH_R7S72100=y
    +CONFIG_ARCH_R8A73A4=y
    +CONFIG_ARCH_R8A7740=y
    +CONFIG_ARCH_R8A7743=y
    +CONFIG_ARCH_R8A7745=y
    +CONFIG_ARCH_R8A77470=y
    +CONFIG_ARCH_R8A7778=y
    +CONFIG_ARCH_R8A7779=y
    +CONFIG_ARCH_R8A7790=y
    +CONFIG_ARCH_R8A7791=y
    +CONFIG_ARCH_R8A7793=y
    +CONFIG_ARCH_R8A7794=y
    +CONFIG_ARCH_SH73A0=y
    +CONFIG_CPU_BPREDICT_DISABLE=y
    +CONFIG_PL310_ERRATA_588369=y
    +CONFIG_ARM_ERRATA_754322=y
    +CONFIG_PCI=y
    +CONFIG_PCI_RCAR_GEN2=y
    +CONFIG_PCI_RCAR_GEN2_PCIE=y
    +CONFIG_SMP=y
    +CONFIG_SCHED_MC=y
    +CONFIG_HAVE_ARM_ARCH_TIMER=y
    +CONFIG_NR_CPUS=8
    +CONFIG_AEABI=y
    +CONFIG_HIGHMEM=y
    +CONFIG_CMA=y
    +CONFIG_ZBOOT_ROM_TEXT=0x0
    +CONFIG_ZBOOT_ROM_BSS=0x0
    +CONFIG_ARM_APPENDED_DTB=y
    +CONFIG_KEXEC=y
    +CONFIG_CPU_FREQ=y
    +CONFIG_CPU_FREQ_STAT_DETAILS=y
    +CONFIG_CPU_FREQ_GOV_POWERSAVE=y
    +CONFIG_CPU_FREQ_GOV_USERSPACE=y
    +CONFIG_CPU_FREQ_GOV_ONDEMAND=y
    +CONFIG_CPU_FREQ_GOV_CONSERVATIVE=y
    +CONFIG_CPUFREQ_DT=y
    +CONFIG_VFP=y
    +CONFIG_NEON=y
    +# CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set
    +CONFIG_NET=y
    +CONFIG_PACKET=y
    +CONFIG_UNIX=y
    +CONFIG_INET=y
    +CONFIG_IP_PNP=y
    +CONFIG_IP_PNP_DHCP=y
    +CONFIG_CAN=y
    +CONFIG_CAN_RCAR=y
    +CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug"
    +CONFIG_DEVTMPFS=y
    +CONFIG_DEVTMPFS_MOUNT=y
    +CONFIG_DMA_CMA=y
    +CONFIG_CMA_SIZE_MBYTES=64
    +CONFIG_SIMPLE_PM_BUS=y
    +CONFIG_MTD=y
    +CONFIG_MTD_BLOCK=y
    +CONFIG_MTD_M25P80=y
    +CONFIG_MTD_SPI_NOR=y
    +CONFIG_EEPROM_AT24=y
    +CONFIG_BLK_DEV_SD=y
    +CONFIG_ATA=y
    +CONFIG_SATA_RCAR=y
    +CONFIG_NETDEVICES=y
    +# CONFIG_NET_VENDOR_ARC is not set
    +# CONFIG_NET_CADENCE is not set
    +# CONFIG_NET_VENDOR_BROADCOM is not set
    +# CONFIG_NET_VENDOR_CIRRUS is not set
    +# CONFIG_NET_VENDOR_FARADAY is not set
    +# CONFIG_NET_VENDOR_INTEL is not set
    +# CONFIG_NET_VENDOR_MARVELL is not set
    +# CONFIG_NET_VENDOR_MICREL is not set
    +# CONFIG_NET_VENDOR_NATSEMI is not set
    +CONFIG_SH_ETH=y
    +CONFIG_RAVB=y
    +# CONFIG_NET_VENDOR_SEEQ is not set
    +CONFIG_SMSC911X=y
    +# CONFIG_NET_VENDOR_STMICRO is not set
    +# CONFIG_NET_VENDOR_VIA is not set
    +# CONFIG_NET_VENDOR_WIZNET is not set
    +CONFIG_SMSC_PHY=y
    +CONFIG_MICREL_PHY=y
    +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set
    +CONFIG_INPUT_EVDEV=y
    +CONFIG_KEYBOARD_GPIO=y
    +# CONFIG_INPUT_MOUSE is not set
    +CONFIG_INPUT_TOUCHSCREEN=y
    +CONFIG_TOUCHSCREEN_ST1232=y
    +CONFIG_INPUT_MISC=y
    +CONFIG_INPUT_ADXL34X=y
    +# CONFIG_LEGACY_PTYS is not set
    +CONFIG_SERIAL_8250=y
    +CONFIG_SERIAL_8250_CONSOLE=y
    +CONFIG_SERIAL_8250_EM=y
    +CONFIG_SERIAL_SH_SCI=y
    +CONFIG_SERIAL_SH_SCI_NR_UARTS=20
    +CONFIG_SERIAL_SH_SCI_CONSOLE=y
    +CONFIG_I2C_CHARDEV=y
    +CONFIG_I2C_GPIO=y
    +CONFIG_I2C_RIIC=y
    +CONFIG_I2C_SH_MOBILE=y
    +CONFIG_I2C_RCAR=y
    +CONFIG_SPI=y
    +CONFIG_SPI_RSPI=y
    +CONFIG_SPI_SH_MSIOF=y
    +CONFIG_SPI_SH_HSPI=y
    +CONFIG_GPIO_EM=y
    +CONFIG_GPIO_RCAR=y
    +CONFIG_GPIO_PCF857X=y
    +CONFIG_POWER_SUPPLY=y
    +CONFIG_POWER_RESET=y
    +CONFIG_POWER_RESET_RMOBILE=y
    +# CONFIG_HWMON is not set
    +CONFIG_THERMAL=y
    +CONFIG_CPU_THERMAL=y
    +CONFIG_RCAR_THERMAL=y
    +CONFIG_WATCHDOG=y
    +CONFIG_DA9063_WATCHDOG=y
    +CONFIG_RENESAS_WDT=y
    +CONFIG_MFD_AS3711=y
    +CONFIG_MFD_DA9063=y
    +CONFIG_REGULATOR_FIXED_VOLTAGE=y
    +CONFIG_REGULATOR_AS3711=y
    +CONFIG_REGULATOR_DA9210=y
    +CONFIG_REGULATOR_GPIO=y
    +CONFIG_REGULATOR_MAX8973=y
    +CONFIG_MEDIA_SUPPORT=y
    +CONFIG_MEDIA_CAMERA_SUPPORT=y
    +CONFIG_MEDIA_CONTROLLER=y
    +CONFIG_VIDEO_V4L2_SUBDEV_API=y
    +CONFIG_V4L_PLATFORM_DRIVERS=y
    +CONFIG_SOC_CAMERA=y
    +CONFIG_SOC_CAMERA_PLATFORM=y
    +CONFIG_VIDEO_RCAR_VIN=y
    +CONFIG_V4L_MEM2MEM_DRIVERS=y
    +CONFIG_VIDEO_RENESAS_VSP1=y
    +# CONFIG_MEDIA_SUBDRV_AUTOSELECT is not set
    +CONFIG_VIDEO_ADV7180=y
    +CONFIG_VIDEO_ML86V7667=y
    +CONFIG_DRM=y
    +CONFIG_DRM_I2C_ADV7511=y
    +CONFIG_DRM_RCAR_DU=y
    +CONFIG_DRM_RCAR_HDMI=y
    +CONFIG_DRM_RCAR_LVDS=y
    +CONFIG_FB_SH_MOBILE_LCDC=y
    +CONFIG_FB_SH_MOBILE_MERAM=y
    +# CONFIG_LCD_CLASS_DEVICE is not set
    +# CONFIG_BACKLIGHT_GENERIC is not set
    +CONFIG_BACKLIGHT_PWM=y
    +CONFIG_BACKLIGHT_AS3711=y
    +CONFIG_SOUND=y
    +CONFIG_SND=y
    +CONFIG_SND_SOC=y
    +CONFIG_SND_SOC_SH4_FSI=y
    +CONFIG_SND_SOC_RCAR=y
    +CONFIG_SND_SOC_RSRC_CARD=y
    +CONFIG_SND_SOC_AK4642=y
    +CONFIG_SND_SOC_SGTL5000=y
    +CONFIG_SND_SOC_WM8978=y
    +CONFIG_USB=y
    +CONFIG_USB_XHCI_HCD=y
    +CONFIG_USB_XHCI_RCAR=y
    +CONFIG_USB_EHCI_HCD=y
    +CONFIG_USB_OHCI_HCD=y
    +CONFIG_USB_R8A66597_HCD=y
    +CONFIG_USB_RENESAS_USBHS=y
    +CONFIG_USB_RCAR_PHY=y
    +CONFIG_USB_GADGET=y
    +CONFIG_USB_RENESAS_USBHS_UDC=y
    +CONFIG_USB_ETH=y
    +CONFIG_MMC=y
    +CONFIG_MMC_SDHI=y
    +CONFIG_MMC_SH_MMCIF=y
    +CONFIG_NEW_LEDS=y
    +CONFIG_LEDS_CLASS=y
    +CONFIG_LEDS_GPIO=y
    +CONFIG_RTC_CLASS=y
    +CONFIG_RTC_DRV_RS5C372=y
    +CONFIG_RTC_DRV_BQ32K=y
    +CONFIG_RTC_DRV_S35390A=y
    +CONFIG_RTC_DRV_RX8581=y
    +CONFIG_DMADEVICES=y
    +CONFIG_SH_DMAE=y
    +CONFIG_RCAR_DMAC=y
    +CONFIG_RENESAS_USB_DMAC=y
    +# CONFIG_IOMMU_SUPPORT is not set
    +CONFIG_IIO=y
    +CONFIG_AK8975=y
    +CONFIG_PWM=y
    +CONFIG_PWM_RCAR=y
    +CONFIG_PWM_RENESAS_TPU=y
    +CONFIG_GENERIC_PHY=y
    +CONFIG_PHY_RCAR_GEN2=y
    +# CONFIG_DNOTIFY is not set
    +CONFIG_MSDOS_FS=y
    +CONFIG_VFAT_FS=y
    +CONFIG_TMPFS=y
    +# CONFIG_MISC_FILESYSTEMS is not set
    +CONFIG_NFS_FS=y
    +CONFIG_NFS_V3_ACL=y
    +CONFIG_NFS_V4=y
    +CONFIG_NFS_V4_1=y
    +CONFIG_ROOT_NFS=y
    +CONFIG_NLS_CODEPAGE_437=y
    +CONFIG_NLS_ISO8859_1=y
    +# CONFIG_ENABLE_WARN_DEPRECATED is not set
    +# CONFIG_ENABLE_MUST_CHECK is not set
    +# CONFIG_ARM_UNWIND is not set
    diff --git a/wic/iwg20m.wks b/wic/iwg20m.wks
    new file mode 100644
    index 0000000..14bf8b0
    --- /dev/null
    +++ b/wic/iwg20m.wks
    @@ -0,0 +1,18 @@
    +#
    +# CIP Core, generic profile
    +#
    +# Copyright (c) Toshiba corp., 2019
    +#
    +# Authors:
    +# Daniel Sangorrin <daniel.sangorrin@...>
    +#
    +# SPDX-License-Identifier: MIT
    +#
    +
    +# [Note] u-boot runs from an SPI memory device
    +
    +# SDCard Boot partition (copies files in IMAGE_BOOT_FILES: zImage and device tree)
    +part /boot --source bootimg-partition --ondisk mmcblk0 --fstype vfat --label boot --align 1 --size 32M --extra-space 0
    +
    +# Rootfs partition
    +part / --source rootfs --ondisk mmcblk0 --fstype ext4 --label root --align 1024 --size 2G --active


    Re: [PATCH] iwg20m: add support for this board

    Claudius Heine <ch@...>
     

    Hi,

    On 06/06/2019 10.17, daniel.sangorrin@... wrote:
    If yes, why not using u-boot-script
    and loading /boot/boot.scr instead?
    After loading boot.scr, don't we need the "source" command to work? "source" does not seem to be configured in the pre-installed u-boot.

    Also, to create boot.scr we need mkimage. I wonder if modern Debian u-boot-tools' mkimage will create a boot.scr that is compatible with the pre-installed u-boot (remember that I couldn't build the old u-boot with the new compilers).
    You could just use the mkimage that comes from your u-boot source to be
    certain. I do something similar [1] since the upstream debian
    u-boot-tools do not support creating signed fit images.

    [1] https://github.com/ilbers/isar/blob/master/meta/classes/fit-img.bbclass

    regards,
    Claudius

    --
    DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
    HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
    Phone: (+49)-8142-66989-54 Fax: (+49)-8142-66989-80 Email: ch@...

    PGP key: 6FF2 E59F 00C6 BC28 31D8 64C1 1173 CB19 9808 B153
    Keyserver: hkp://pool.sks-keyservers.net


    Re: gitlab-ci for CIP tiny profile (Deby)

    daniel.sangorrin@...
     

    Continuing with this conversation on the public list, it seems that the job on gitlab-cloud-ci failed:
    https://gitlab.com/cip-project/cip-core/deby/-/jobs/226291592

    --- Error summary ---
    ERROR: OE-core's config sanity checker detected a potential misconfiguration.
    Either fix the cause of this error or at your own risk disable the checker (see sanity.conf).
    Following is the list of potential problems / advisories:

    Do not use Bitbake as root

    Perhaps it has something to do with privileged containers?

    Thanks,
    Daniel

    -----Original Message-----
    From: Adler, Michael <michael.adler@...>
    Sent: Thursday, June 6, 2019 3:52 PM
    To: sangorrin daniel(サンゴリン ダニエル ○SWC□OST) <daniel.sangorrin@...>
    Cc: cip-dev@...
    Subject: Re: gitlab-ci for CIP tiny profile (Deby)

    Hi Daniel,

    For that reason, I would like to register our Runner. Please let me know what should I do.
    sure, no problem! I suggest moving my instance of the gitlab-ci runner to the project-level.
    Then it should be visible to all sub-projects (which includes your project).
    For this however, I would require the *runner registration token* of the parent project:

    * Go to https://gitlab.com/cip-project, "Settings -> CI/CD"
    * Expand "Runners" section, copy&paste the token under "Set up a specific Runner manually"
    * Send me the token in in a pgp-encrypted mail (keyserver pgp.mit.edu, keyid: 0xf39a07eca4aabc19)

    Best regards,
    Michael

    --
    Michael Adler
    Siemens AG, Corporate Technology, CT RDA IOT SES-DE, Otto-Hahn-Ring 6, 81739 Munich, Germany

    Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme; Managing Board: Joe Kaeser,
    Chairman, President and Chief Executive Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel,
    Siegfried Russwurm, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; Commercial registries:
    Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322

    7661 - 7680 of 10123