This patch adds the opensbi firmware with u-boot payload (smode) for the qemu-riscv64 machine. Using that, the generated riscv64 images can be booted on qemu. Signed-off-by: Felix Moessbauer <felix.mo

From: Jan Kiszka <jan.kiszka@...> This will break if IMAGE_FULLNAME is not PN-DISTRO-MACHINE, e.g. when enabling kas/ops/test.yml. Signed-off-by: Jan Kiszka <jan.kiszka@...> --- classes/swupdate.bbcla

From: Jan Kiszka <jan.kiszka@...> We can't pull IMAGE_FULLNAME from the image class as this is a dpkg class, but we should account for potential global changes to this variable like done by kas/opt/te

From: Jan Kiszka <jan.kiszka@...> This allows to enable both SWUpdate and the security-extended image at the same time. Signed-off-by: Jan Kiszka <jan.kiszka@...> --- kas/opt/security.yml | 3 +++ reci

This allows to build SWupdate/secure boot images with test extensions as well as security extensions. Jan Jan Kiszka (5): swupdate: Avoid open-coding IMAGE_FULLNAME initramfs-*-hook: Avoid open-coding

From: Jan Kiszka <jan.kiszka@...> Signed-off-by: Jan Kiszka <jan.kiszka@...> --- recipes-core/security-customizations/files/postinst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/r

From: Jan Kiszka <jan.kiszka@...> Signed-off-by: Jan Kiszka <jan.kiszka@...> --- start-qemu.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/start-qemu.sh b/start-qemu.sh inde

From: Jan Kiszka <jan.kiszka@...> Signed-off-by: Jan Kiszka <jan.kiszka@...> --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index

This patch enables the swupdate KConfig entry for the qemu-riscv64 board. For that, we also duplicate the qemu-arm64-efibootguard.wks template for qemu-riscv64. As this is the first riscv64 board, we

This patch adds the mapping between the efi architecture and the distro architecture for riscv64. Signed-off-by: Felix Moessbauer <felix.moessbauer@...> --- scripts/lib/wic/plugins/source/efibootguard

This commit backports an upstream patch for efibootguard that fixes the riscv64 install location. As it is not yet in an EBG release, we add it as a patch here. No internal logic of EBG is changed, he

Changes since v2: The v2 adds the required infrastructure to test the swupdate support in qemu-riscv64. This includes the following additions: - update of cip kernel config for qemu-riscv64 machine (f

This patch adds support to run swupdate images for RISC-V64 on qemu. As firmware, we use OpenSBI with u-boot payload in s-mode. Signed-off-by: Felix Moessbauer <felix.moessbauer@...> --- start-qemu.sh

Hi all, at least some of the isar-cip-core users are in a need for formal release of the layer. The plan so far is to follow the Debian point-release cycles, means basically having one every 3 months.

Hi all, Kindly be reminded to attend the weekly meeting through IRC to discuss technical topics with CIP kernel today. Our channel is the following: irc:irc.libera.chat:6667/cip The IRC meeting is sch

Hi ! It's this week's CVE report. This week reported 22 new CVEs and 4 updated CVEs. * New CVEs CVE-2023-23039: drivers: tty: vcc: Fix use-after-free in vcc_open() CVSS v3 score is not provided. An is

From: Srinuvasan A <srinuvasan.a@...> Update SWUpdate document based on the current implementation. Signed-off-by: Srinuvasan A <srinuvasan.a@...> --- doc/README.swupdate.md | 32 ++++++++++++++++++---

From: Srinuvasan A <srinuvasan.a@...> Update the secureboot document based on the current implementation. Note: Now secureboot directly boot the linux hence no need to provide the efi file path in efi

From: Quirin Gylstorff <quirin.gylstorff@...> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...> --- doc/README.tpm2.encryption.md | 39 +++++++++++++++++++++++++++++++++++ 1 file changed, 39 inser

From: Quirin Gylstorff <quirin.gylstorff@...> If /var shall be encrypted encrypt_partition needs to be executed before the overlay script. If the prerequisite is not available the overlay script will