diff options
author | Stephane Desneux <stephane.desneux@iot.bzh> | 2017-03-27 15:37:07 +0200 |
---|---|---|
committer | Stephane Desneux <stephane.desneux@iot.bzh> | 2017-03-27 17:43:10 +0200 |
commit | 497d7db5bfc71367c6393a09a2f768b812fce83f (patch) | |
tree | df8ffe1b8e5f74f2cf6c535fba55cc2c331061a8 | |
parent | a72d5234e827756647c0fb78e70e2d8e4d6f2ab0 (diff) |
Migrate meta-app-framework to meta-agl
Application Framework is now part of core AGL components
and has been moved from meta-agl-extra to meta-agl.
Bug-AGL: SPEC-448
The commit history has been kept and the following commits have been moved
from meta-agl-extra to meta-agl:
e08fc10 2017-03-14 13:07:12 +0100 jose.bollo@iot.bzh Move to AGL framework on top of systemd
8bdc96f 2017-03-24 16:15:04 +0100 ronan.lemartret@iot.bzh Rename webruntime DISTRO_FEATURES
02faef6 2017-03-14 12:50:03 +0100 jose.bollo@iot.bzh Upgrade application framework
9731d66 2017-03-08 14:19:42 +0100 jose.bollo@iot.bzh base-files for the framework
ed214a2 2017-03-06 17:19:16 +0100 jose.bollo@iot.bzh Ensure that eXtended Attributes are managed
2969a9f 2017-03-07 17:30:18 +0100 jose.bollo@iot.bzh shadow: 'useradd' copies root's extended attributes
e159294 2017-03-08 13:15:58 +0100 jose.bollo@iot.bzh Removes systemd warnings
d19db32 2017-03-06 17:11:33 +0100 ronan.lemartret@iot.bzh Add service dependency on run-agl-postinsts
d3a02ef 2017-02-23 23:41:45 +0700 tranmanphong@gmail.com Fix the error of homescreen for QEMU x86-64
913a263 2017-02-23 11:03:08 +0100 ronan.lemartret@iot.bzh Update af-main
d36e635 2017-02-17 14:35:31 +0100 stephane.desneux@iot.bzh aglwgt.bbclass: fix bashism
72265ee 2017-02-16 18:03:32 +0100 ronan.lemartret@iot.bzh Add dependency to images
f3292e8 2017-02-15 17:02:52 +0100 ronan.lemartret@iot.bzh Allowed wgt app to auto-install at the first boot
347aa4d 2017-02-15 16:54:11 +0100 ronan.lemartret@iot.bzh Add afm-install used to install wgt at first boot
9153078 2017-01-20 16:30:39 +0100 ronan.lemartret@iot.bzh Move feature code into the meta recipes
b5ce617 2017-01-16 19:43:03 +0100 jsmoeller@linuxfoundation.org Add missing DEPENDS to af-binder
ba2ad47 2016-10-25 16:11:27 +0200 ronan.lemartret@iot.bzh fix for gcc6 build
8f15654 2016-10-14 14:21:15 +0200 ronan.lemartret@iot.bzh fix libcap patch
24b96c4 2017-01-03 11:46:04 +0100 jose.bollo@iot.bzh Activates threading and hook features
f518d36 2017-01-02 17:10:24 +0100 ronan.lemartret@iot.bzh add fakeroot to aglwgt_deploy task
4c81238 2016-12-28 20:45:11 +0100 jsmoeller@linuxfoundation.org Be more precise in addtask
a930811 2016-12-28 19:15:54 +0100 jsmoeller@linuxfoundation.org Fix whitespace in aglwgt bbclass
de41ad3 2016-12-28 14:54:42 +0100 jsmoeller@linuxfoundation.org Add aglwgt class
5999238 2016-12-20 15:45:34 +0100 jose.bollo@iot.bzh Authorize the requested permissions
a79a010 2016-12-16 12:37:44 +0100 anton@advancedtelematic.com Don't override SYSTEMD_SERVICE of original recipe.
b6960b3 2016-12-14 16:34:29 +0100 stephane.desneux@iot.bzh af-main: remove --roothttp option from afm-launch.conf
524e557 2016-12-14 14:08:16 +0100 anton@advancedtelematic.com Move all writable data used by security-manager and appfw to /var
d32c40a 2016-12-14 11:26:23 +0100 jose.bollo@iot.bzh af-main: fix exec flag and case sensitive ids
9e930f5 2016-12-07 19:58:18 +0100 ronan.lemartret@iot.bzh add native build for af-main
5b8d3a4 2016-12-05 10:16:12 +0100 stephane.desneux@iot.bzh agl-appfw-smack: remove dependency on meta-agl-security
f45014a 2016-11-21 15:37:32 +0100 jose.bollo@iot.bzh Improves places for QT_WAYLAND_SHELL_INTEGRATION
d1c5151 2016-11-17 16:26:32 +0100 jose.bollo@iot.bzh smack: removed already applied patch
f0d8be8 2016-11-16 13:27:36 +0100 jose.bollo@iot.bzh appfwk: improvements
1d8243b 2016-11-10 12:46:59 +0100 stephane.desneux@iot.bzh meta-app-framework: fix unpackaged files in nativesdk-af-main
4da956c 2016-11-03 11:30:25 +0100 jose.bollo@iot.bzh Smack: add audit when smack is active
c6b0317 2016-11-08 11:38:51 +0100 jose.bollo@iot.bzh web-runtime: provide IVI tuning for porter
c294b3a 2016-11-08 17:27:51 +0100 jose.bollo@iot.bzh af-main: update
c50805d 2016-11-03 11:26:17 +0100 jose.bollo@iot.bzh Smack: fixup of bluetooth socket labelling
ce583cd 2016-11-01 15:52:09 +0100 ronan.lemartret@iot.bzh Allow build without meta-agl-demo
eadecc1 2016-10-14 13:25:07 +0200 jose.bollo@iot.bzh FWK: Adaptations for jethro
111007a 2016-09-20 14:40:51 +0200 jose.bollo@iot.bzh app-framework: Improvements
53ae34d 2016-09-05 17:13:10 +0200 jose.bollo@iot.bzh app-framework: improvements
8303ea3 2016-08-29 23:25:25 +0200 jose.bollo@iot.bzh Improves the handling of upgrade for websockets
2b33f74 2016-08-10 18:44:15 +0200 jose.bollo@iot.bzh app-framework: fix minor bugs
73771f1 2016-07-18 15:48:59 +0000 mbc@iot.bzh meta-app-framework: install missing libafbwsc library
edf0c91 2016-07-15 11:56:18 +0000 stephane.desneux@iot.bzh meta-app-framework: sync with latest af-main sources
f848612 2016-07-12 14:17:37 +0000 stephane.desneux@iot.bzh meta-app-framework: sync with latest af-binder sources
d277fb2 2016-07-11 21:05:55 +0000 stephane.desneux@iot.bzh meta-app-framework: add missing dependency between af-binder-dev and libafbwsc-dev
17fd881 2016-07-10 17:53:06 +0000 stephane.desneux@iot.bzh meta-app-framework: af-binder must create ${libdir}/afb at postinst time
c664012 2016-07-08 15:08:25 +0000 stephane.desneux@iot.bzh meta-app-framework: add af-main-tools and dependencies in nativesdk-packagegroup-sdk-host
d7a5a54 2016-07-08 14:24:51 +0000 stephane.desneux@iot.bzh meta-app-framework: af-binder source code update
68dde03 2016-07-05 16:04:51 +0000 stephane.desneux@iot.bzh meta-app-framework: build master branch
f3b34f5 2016-06-28 22:13:58 +0000 stephane.desneux@iot.bzh add features agl-demo, agl-appfw-smack and agl-localdev
f4b76be 2016-06-28 21:34:29 +0000 stephane.desneux@iot.bzh add feature agl-appfw-smack
e80d00c 2016-06-24 11:01:25 +0200 jose.bollo@iot.bzh upgrade to new namings and bug fixes
7cd29bd 2016-06-23 16:00:59 +0000 stephane.desneux@iot.bzh add layer meta-app-framework
Change-Id: I4ee34dfd8810ae6f10435308b1005e11e03bd05a
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
59 files changed, 0 insertions, 1901 deletions
diff --git a/meta-app-framework/classes/aglwgt.bbclass b/meta-app-framework/classes/aglwgt.bbclass deleted file mode 100644 index afe9a55..0000000 --- a/meta-app-framework/classes/aglwgt.bbclass +++ /dev/null @@ -1,61 +0,0 @@ -# -# aglwgt bbclass -# -# Jan-Simon Moeller, jsmoeller@linuxfoundation.org -# -# This class expects a "make package" target in the makefile -# which creates the wgt files in the package/ subfolder. -# The makefile needs to use wgtpkg-pack. -# - - -# 'wgtpkg-pack' in af-main-native is required. -DEPENDS_append = " af-main-native" - -# for bindings af-binder is required. -DEPENDS_append = " af-binder" - -do_aglwgt_package() { - cd ${B} - make package || ( \ - bbwarn "Your makefile must support the 'make package' target" ; \ - bbwarn "and generate a .wgt file using wgtpack in the"; \ - bbwarn "subfolder ./package/ !" ; \ - bbwarn "Fix your package as it will not work within the SDK" ; \ - bbwarn "See: https://wiki.automotivelinux.org/troubleshooting/app-recipes" \ - ) -} - -python () { - d.setVarFlag('do_aglwgt_deploy', 'fakeroot', '1') -} - - -POST_INSTALL_LEVEL ?= "10" -POST_INSTALL_SCRIPT ?= "${POST_INSTALL_LEVEL}-${PN}.sh" - -EXTRA_WGT_POSTINSTALL ?= "" - -do_aglwgt_deploy() { - install -d ${D}/usr/AGL/apps - install -m 0644 ${B}/package/*.wgt ${D}/usr/AGL/apps/ - APP_FILES="" - for file in ${D}/usr/AGL/apps/*.wgt;do - APP_FILES="${APP_FILES} $(basename $file)"; - done - install -d ${D}/${sysconfdir}/agl-postinsts - cat > ${D}/${sysconfdir}/agl-postinsts/${POST_INSTALL_SCRIPT} <<EOF -#!/bin/sh -e -for file in ${APP_FILES}; do - /usr/bin/afm-install install /usr/AGL/apps/\$file -done -sync -${EXTRA_WGT_POSTINSTALL} -EOF - chmod a+x ${D}/${sysconfdir}/agl-postinsts/${POST_INSTALL_SCRIPT} -} - -FILES_${PN} += "/usr/AGL/apps/*.wgt ${sysconfdir}/agl-postinsts/${POST_INSTALL_SCRIPT}" - -addtask aglwgt_deploy before do_package after do_install -addtask aglwgt_package before do_aglwgt_deploy after do_compile diff --git a/meta-app-framework/conf/include/agl-appfw-smack.inc b/meta-app-framework/conf/include/agl-appfw-smack.inc deleted file mode 100644 index 133f6b0..0000000 --- a/meta-app-framework/conf/include/agl-appfw-smack.inc +++ /dev/null @@ -1,16 +0,0 @@ -# enable security features (smack, cynara) - required by Application Framework -OVERRIDES .= ":smack" -DISTRO_FEATURES_append = " smack dbus-cynara xattr" - -# use tar-native to support SMACK extended attributes independently of host config -IMAGE_CMD_TAR = "tar --xattrs --xattrs-include='*'" -IMAGE_DEPENDS_tar_append = " tar-replacement-native" -EXTRANATIVEPATH += "tar-native" - -# security: enable ssh server in place of dropbear to support PAM on user sessions -IMAGE_FEATURES += "ssh-server-openssh" - -# enforce copy of xattrs (to be removed, see SPEC-475) -PACKAGECONFIG_append_pn-shadow = " attr" -PACKAGECONFIG_append_pn-shadow-native = " attr" - diff --git a/meta-app-framework/conf/layer.conf b/meta-app-framework/conf/layer.conf deleted file mode 100644 index f74ebd6..0000000 --- a/meta-app-framework/conf/layer.conf +++ /dev/null @@ -1,11 +0,0 @@ -# We have a conf and classes directory, add to BBPATH -BBPATH .= ":${LAYERDIR}" - -# We have recipes-* directories, add to BBFILES -BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \ - ${LAYERDIR}/recipes-*/*/*.bbappend" - -BBFILE_COLLECTIONS += "app-framework" -BBFILE_PATTERN_app-framework = "^${LAYERDIR}/" -BBFILE_PRIORITY_app-framework = "7" - diff --git a/meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb b/meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb deleted file mode 100644 index 832c51c..0000000 --- a/meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb +++ /dev/null @@ -1,21 +0,0 @@ -inherit allarch useradd - -SUMMARY = "AGL Users Seed" -DESCRIPTION = "This is a core framework component that\ - defines how users are managed and who are the default users." - -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" - - -SRC_URI = "" - -ALLOW_EMPTY_${PN} = "1" - -USERADD_PACKAGES = "${PN}" - -USERADD_PARAM_${PN} = "\ - -g users -d /home/agl-driver -m -K PASS_MAX_DAYS=-1 agl-driver ; \ - -g users -d /home/agl-passenger -m -K PASS_MAX_DAYS=-1 agl-passenger \ -" - diff --git a/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb b/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb deleted file mode 100644 index 2ecb2aa..0000000 --- a/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb +++ /dev/null @@ -1,78 +0,0 @@ -SUMMARY = "HTTP REST interface to automotive backends for HTML5 UI support" -DESCRIPTION = "Automotive-Framework-Binder Daemon provides a HTTP REST \ -interface to various automotive-oriented bindings, \ -allowing HTML5 UIs to send platform-specific requests in a secure way." -HOMEPAGE = "https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-binder" - -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57" - -DEPENDS = "file json-c libmicrohttpd systemd util-linux openssl" - -SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-binder;protocol=https;branch=master" -SRC_URI_files = "" -SRC_URI = "${SRC_URI_git} \ - ${SRC_URI_files} \ - " - -SRCREV = "e85e5d8ffe242f826b5f98e2834407b5d4c46690" -S = "${WORKDIR}/git" - -inherit cmake pkgconfig - -FILES_${PN} += "${datadir}" - -pkg_postinst_${PN}() { - mkdir -p "$D${libdir}/afb" -} - -############################################# -# setup meta package -############################################# -PACKAGES += "${PN}-meta" -ALLOW_EMPTY_${PN}-meta = "1" - -############################################# -# setup sample binding packages -############################################# -PACKAGES_DYNAMIC = "${PN}-binding-*" - -python populate_packages_prepend () { - afb_libdir = d.expand('${libdir}/afb') - postinst = d.getVar('binding_postinst', True) - pkgs = [] - pkgs_dbg = [] - - pkgs += do_split_packages(d, afb_libdir, '(.*)-api\.so$', d.expand('${PN}-binding-%s'), 'AFB binding for %s', postinst=postinst, extra_depends=d.expand('${PN}')) - pkgs += do_split_packages(d, afb_libdir, '(.*(?!-api))\.so$', d.expand('${PN}-binding-%s'), 'AFB binding for %s', postinst=postinst, extra_depends=d.expand('${PN}')) - - pkgs_dbg += do_split_packages(d, oe.path.join(afb_libdir, ".debug"), '(.*)-api\.so$', d.expand('${PN}-binding-%s-dbg'), 'AFB binding for %s, debug info', postinst=postinst, extra_depends=d.expand('${PN}')) - pkgs_dbg += do_split_packages(d, oe.path.join(afb_libdir, ".debug"), '(.*(?!-api))\.so$', d.expand('${PN}-binding-%s-dbg'), 'AFB binding for %s, debug info', postinst=postinst, extra_depends=d.expand('${PN}')) - - metapkg = d.getVar('PN', True) + '-meta' - d.setVar('RDEPENDS_' + metapkg, ' '.join(pkgs)) -} - -############################################# -# setup libafbwsc package -############################################# -PACKAGES =+ "libafbwsc libafbwsc-dev libafbwsc-dbg" - -FILES_libafbwsc = "\ - ${libdir}/libafbwsc.so.* \ -" -FILES_libafbwsc-dev = "\ - ${includedir}/afb/afb-wsj1.h \ - ${includedir}/afb/afb-ws-client.h \ - ${bindir}/afb-client-demo \ - ${libdir}/libafbwsc.so \ - ${libdir}/pkgconfig/libafbwsc.pc \ -" -FILES_libafbwsc-dbg = "\ - ${libdir}/.debug/libafbwsc.so.* \ - ${bindir}/.debug/afb-client-demo \ -" -RDEPENDS_libafbwsc-dbg += "${PN}-dbg libafbwsc-dev" - -RDEPENDS_${PN}-dev += "libafbwsc-dev" - diff --git a/meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch b/meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch deleted file mode 100644 index 44e8bce..0000000 --- a/meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch +++ /dev/null @@ -1,29 +0,0 @@ -From a4fbfb88f1b7c4f4287d9279767220fae80d26da Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> -Date: Thu, 21 Jan 2016 15:07:29 +0100 -Subject: [PATCH] Hack to allow the debugging - -This is a temporarily fix to continue debugging -afm-main. This should be removed later. - -Change-Id: I2f10f0cb1fce2ee30bd0754ad2e7bc8e2f6513aa ---- - conf/afm-user-daemon.conf | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/conf/afm-user-daemon.conf b/conf/afm-user-daemon.conf -index 801c7ae..98a3152 100644 ---- a/conf/afm-user-daemon.conf -+++ b/conf/afm-user-daemon.conf -@@ -25,7 +25,7 @@ - </policy> - - <policy context="default"> -- <deny own="org.AGL.afm.user"/> -+ <allow own="org.AGL.afm.user"/> - <allow send_destination="org.AGL.afm.system"/> - </policy> - --- -2.1.4 - diff --git a/meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch b/meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch deleted file mode 100644 index c92415b..0000000 --- a/meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/conf/afm-unit.conf b/conf/afm-unit.conf -index 82113ef..2fbc9e2 100644 ---- a/conf/afm-unit.conf -+++ b/conf/afm-unit.conf -@@ -127,6 +127,7 @@ SuccessExitStatus=0 SIGKILL - WorkingDirectory=-{{&#metadata.app-data-dir}}/{{id}} - ExecStartPre=/bin/mkdir -p {{&#metadata.app-data-dir}}/{{id}} - Environment=AFM_APP_INSTALL_DIR={{:#metadata.install-dir}} -+Environment=QT_WAYLAND_SHELL_INTEGRATION=ivi-shell - - %systemd-unit user - {{#required-permission.urn:AGL:permission::public:hidden}}\ diff --git a/meta-app-framework/recipes-core/af-main/af-main/afm-install b/meta-app-framework/recipes-core/af-main/af-main/afm-install deleted file mode 100755 index 6d37bae..0000000 --- a/meta-app-framework/recipes-core/af-main/af-main/afm-install +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh - -pretty() { - sed \ - -e '/^method return .*/d' \ - -e 's/^Error org.freedesktop.DBus.Error.Failed: "\?\(.*\)"\?$/ERROR: \1/' \ - -e 's/^ string "\(.*\)"/\1/' \ - -e 's/},/&\n/' -} - -send() { - dbus-send --system --print-reply \ - --dest=org.AGL.afm.system \ - /org/AGL/afm/system \ - org.AGL.afm.system.$1 \ - "string:$2" | - pretty -} - -case "$1" in - - add|install) - f=$(realpath $2) - send install '{"wgt":"'"$f"'","force":true}' - ;; - - -h|--help|help) - cat << EOC - -The commands are: - - add wgt - install wgt install the wgt file - -EOC - ;; - - *) - echo "unknown command $1" >&2 - exit 1 - ;; -esac - - diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb deleted file mode 100644 index 3c1b692..0000000 --- a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb +++ /dev/null @@ -1,106 +0,0 @@ -require af-main_${PV}.inc - -# NOTE: using libcap-native and setcap in install doesn't work -# NOTE: there is no SYSTEMD_USER_SERVICE_... -# NOTE: maybe setting afm_name to agl-framework is cleaner but has implications -# NOTE: there is a hack of security for using groups and dbus (to be checked) -# NOTE: using ZIP programs creates directories with mode 777 (very bad) - -inherit cmake pkgconfig useradd systemd -BBCLASSEXTEND = "native" - -SECTION = "base" - -DEPENDS = "openssl libxml2 xmlsec1 systemd libzip json-c systemd security-manager libcap-native af-binder" -DEPENDS_class-native = "openssl libxml2 xmlsec1 libzip json-c" - -EXTRA_OECMAKE_class-native = "\ - -DUSE_LIBZIP=1 \ - -DUSE_SIMULATION=1 \ - -DUSE_SDK=1 \ - -Dafm_name=${afm_name} \ - -Dafm_confdir=${afm_confdir} \ - -Dafm_datadir=${afm_datadir} \ -" - -EXTRA_OECMAKE = "\ - -DUSE_LIBZIP=1 \ - -DUSE_SIMULATION=0 \ - -DUSE_SDK=0 \ - -Dafm_name=${afm_name} \ - -Dafm_confdir=${afm_confdir} \ - -Dafm_datadir=${afm_datadir} \ - -Dsystemd_units_root=${systemd_units_root} \ - -DUNITDIR_USER=${systemd_user_unitdir} \ - -DUNITDIR_SYSTEM=${systemd_system_unitdir} \ -" - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM_${PN} = "-g ${afm_name} -d ${afm_datadir} -r ${afm_name}" -GROUPADD_PARAM_${PN} = "-r ${afm_name}" - -SYSTEMD_SERVICE_${PN} = "afm-system-daemon.service" -SYSTEMD_AUTO_ENABLE = "enable" - -FILES_${PN} += "\ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_user_unitdir}/afm-user-daemon.service', '', d)} \ -" -RDEPENDS_${PN}_append_smack = " smack-userspace" -DEPENDS_append_smack = " smack-userspace-native" - -# short hacks here -SRC_URI += "\ - file://Hack-to-allow-the-debugging.patch \ -" - -# tools used to install wgt at first boot -SRC_URI += "\ - file://afm-install \ - file://add-qt-wayland-shell-integration.patch \ -" - -do_install_append() { - install -d ${D}${bindir} - install -d -m 0775 ${D}${systemd_units_root}/{system,user} - install -d -m 0775 ${D}${systemd_units_root}/{system,user}/default.target.wants - install -d ${D}${afm_datadir}/{applications,icons} - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - mkdir -p ${D}${sysconfdir}/systemd/{system,user}/default.target.wants - ln -sf ${systemd_user_unitdir}/afm-user-daemon.service ${D}${sysconfdir}/systemd/user/default.target.wants - fi - install -m 0755 ${WORKDIR}/afm-install ${D}${bindir} -} - -do_install_append_qemux86-64() { - sed -i -e '/LD_PRELOAD=\/usr\/lib\/libEGL.so/d' ${D}${systemd_user_unitdir}/afm-user-daemon.service -} - -pkg_postinst_${PN}() { - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - chgrp ${afm_name} $D${systemd_units_root}/{system,user}/{default.target.wants,.} - fi - chown ${afm_name}:${afm_name} $D${afm_datadir}/{applications,icons,.} - setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon - setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon -} - -pkg_postinst_${PN}_smack() { - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - chgrp ${afm_name} $D${systemd_units_root}/{system,user}/{default.target.wants,.} - chsmack -a 'System::Shared' -t $D${systemd_units_root}/{system,user}/{default.target.wants,.} - fi - chown ${afm_name}:${afm_name} $D${afm_datadir}/{applications,icons,.} - chsmack -a 'System::Shared' -t $D${afm_datadir}/{applications,icons,.} - setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon - setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon -} -FILES_${PN} += " ${systemd_units_root} " - -PACKAGES =+ "${PN}-binding ${PN}-binding-dbg" -FILES_${PN}-binding = " ${afb_binding_dir}/afm-main-binding.so " -FILES_${PN}-binding-dbg = " ${afb_binding_dir}/.debug/afm-main-binding.so " - -PACKAGES =+ "${PN}-tools ${PN}-tools-dbg" -FILES_${PN}-tools = "${bindir}/wgtpkg-*" -FILES_${PN}-tools-dbg = "${bindir}/.debug/wgtpkg-*" - diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.inc b/meta-app-framework/recipes-core/af-main/af-main_1.0.inc deleted file mode 100644 index 6ce87ed..0000000 --- a/meta-app-framework/recipes-core/af-main/af-main_1.0.inc +++ /dev/null @@ -1,26 +0,0 @@ -SUMMARY = "AGL Framework Main part" -DESCRIPTION = "\ -This is a core framework component for managing \ -applications, widgets, and components. \ -" - -HOMEPAGE = "https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-main" -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://COPYING;md5=3b83ef96387f14655fc854ddc3c6bd57" - -SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-main;protocol=https;branch=master" -SRC_URI_files = "" -SRC_URI = "${SRC_URI_git} \ - ${SRC_URI_files} \ - " - -SRCREV = "255c83029f56e8d90e7ce185b007c4ca65afec1e" - -S = "${WORKDIR}/git" - -afm_name = "afm" -afm_confdir = "${sysconfdir}/${afm_name}" -afm_datadir = "/var/local/lib/${afm_name}" -afb_binding_dir = "${libdir}/afb" -systemd_units_root = "/usr/local/lib/systemd" - diff --git a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb deleted file mode 100644 index 8d04434..0000000 --- a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb +++ /dev/null @@ -1,26 +0,0 @@ -require af-main_${PV}.inc - -inherit nativesdk cmake pkgconfig - -SECTION = "base" - -DEPENDS = "nativesdk-openssl nativesdk-libxml2 nativesdk-xmlsec1 nativesdk-libzip nativesdk-json-c" - -EXTRA_OECMAKE = "\ - -DUSE_LIBZIP=1 \ - -DUSE_SIMULATION=1 \ - -DUSE_SDK=1 \ - -Dafm_name=${afm_name} \ - -Dafm_confdir=${afm_confdir} \ - -Dafm_datadir=${afm_datadir} \ -" - -do_install_append() { - # remove unused .pc file we don't want to package - rm -rf ${D}/${libdir} -} - -PACKAGES = "${PN}-tools ${PN}-tools-dbg" -FILES_${PN}-tools = "${bindir}/wgtpkg-* ${afm_confdir}/*" -FILES_${PN}-tools-dbg = "${bindir}/.debug/wgtpkg-*" - diff --git a/meta-app-framework/recipes-core/base-files/base-files_%.bbappend b/meta-app-framework/recipes-core/base-files/base-files_%.bbappend deleted file mode 100644 index 7e12bc8..0000000 --- a/meta-app-framework/recipes-core/base-files/base-files_%.bbappend +++ /dev/null @@ -1,22 +0,0 @@ -DEPENDS_append_smack = " smack-userspace-native" -RDEPENDS_${PN}_append_smack = " smack-userspace" - -do_install_append() { - install -d ${D}/${sysconfdir}/skel/app-data - install -d ${D}/${sysconfdir}/skel/.config -} - -do_install_append_smack () { - install -d ${D}/${sysconfdir}/smack/accesses.d - cat > ${D}/${sysconfdir}/smack/accesses.d/default-access-domains-no-user <<EOF -System User::App-Shared rwxat -System User::Home rwxat -EOF - chmod 0644 ${D}/${sysconfdir}/smack/accesses.d/default-access-domains-no-user -} - -pkg_postinst_${PN}_append_smack() { - chsmack -r -a 'User::Home' -t -D $D/${sysconfdir}/skel - chsmack -a 'User::App-Shared' -D $D/${sysconfdir}/skel/app-data -} - diff --git a/meta-app-framework/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bbappend b/meta-app-framework/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bbappend deleted file mode 100644 index ca0b54f..0000000 --- a/meta-app-framework/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bbappend +++ /dev/null @@ -1,2 +0,0 @@ -RDEPENDS_${PN} =+ "nativesdk-af-main-tools" - diff --git a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework-examples.bb b/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework-examples.bb deleted file mode 100644 index e95b754..0000000 --- a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework-examples.bb +++ /dev/null @@ -1,16 +0,0 @@ -SUMMARY = "AGL Application Framework examples" -DESCRIPTION = "The set of examples associated to the AGL Application Framework" -LICENSE = "MIT" - -inherit packagegroup - -PACKAGES = "\ - packagegroup-agl-app-framework-examples \ - " - -ALLOW_EMPTY_${PN} = "1" - -RDEPENDS_${PN} += "\ - afm-client \ - afb-client \ - " diff --git a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework.bb b/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework.bb deleted file mode 100644 index 0fdaabc..0000000 --- a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework.bb +++ /dev/null @@ -1,20 +0,0 @@ -SUMMARY = "AGL Application Framework core packages" -DESCRIPTION = "The set of packages required by the AGL Application Framework" -LICENSE = "MIT" - -inherit packagegroup - -PACKAGES = "\ - packagegroup-agl-app-framework \ - " - -ALLOW_EMPTY_${PN} = "1" - -RDEPENDS_${PN} += "\ - af-binder \ - af-binder-binding-afb-dbus-binding \ - af-binder-binding-authlogin \ - libafbwsc \ - af-main \ - ${@bb.utils.contains('DISTRO_FEATURES', 'webruntime', 'virtual/webruntime', '', d)} \ - " diff --git a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-core-security.bbappend b/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-core-security.bbappend deleted file mode 100644 index 0c9efe4..0000000 --- a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-core-security.bbappend +++ /dev/null @@ -1,9 +0,0 @@ -RDEPENDS_${PN} += "\ - xmlsec1 \ - cynara \ - dbus-cynara \ - security-manager \ - security-manager-policy \ - agl-users \ - " - diff --git a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-image-minimal.bbappend b/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-image-minimal.bbappend deleted file mode 100644 index ad09e5d..0000000 --- a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-image-minimal.bbappend +++ /dev/null @@ -1,3 +0,0 @@ -RDEPENDS_${PN} += "\ - packagegroup-agl-app-framework \ - " diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Adapt-rules-to-AGL.patch b/meta-app-framework/recipes-core/security-manager/security-manager/0001-Adapt-rules-to-AGL.patch deleted file mode 100644 index 4c91f7f..0000000 --- a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Adapt-rules-to-AGL.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 935e4e4e746b5ffcda80c80097dc75c2581c1a89 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> -Date: Wed, 19 Oct 2016 13:45:54 +0200 -Subject: [PATCH] Adapt rules to AGL -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -AGL distribution uses the repository https://github.com/01org/meta-intel-iot-security.git -as basis for the integration of security framework. The security framework -that it provides is an evolution of the security framework of tizen refited -to the distribution Ostro of Intel. This refit took the decision to simplify -the model by removing the running label "User". More can be viewed here: -https://github.com/01org/meta-intel-iot-security/pull/116 - -This commits adapt the template to the rules that are now needed -after this evolution. - -It also integrates one other evolutions: the shared label becomes User::App-Shared instead -of User::App::Shared to avoid collision with application of id "Shared". - -Change-Id: Ieb566b63f8c8e691b5f75e06499a3b576d042546 -Signed-off-by: José Bollo <jose.bollo@iot.bzh> ---- - policy/app-rules-template.smack | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/policy/app-rules-template.smack b/policy/app-rules-template.smack -index 1311169..b4cd2e3 100644 ---- a/policy/app-rules-template.smack -+++ b/policy/app-rules-template.smack -@@ -1,12 +1,10 @@ --System ~APP~ rwx -+System ~APP~ rwxa -+System ~PKG~ rwxat - ~APP~ System wx - ~APP~ System::Shared rx - ~APP~ System::Run rwxat - ~APP~ System::Log rwxa - ~APP~ _ l --User ~APP~ rwxa --User ~PKG~ rwxat --~APP~ User wx - ~APP~ User::Home rxl --~APP~ User::App::Shared rwxat -+~APP~ User::App-Shared rwxat - ~APP~ ~PKG~ rwxat --- -2.7.4 - diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-Cmake-conf-for-gcc6-build.patch b/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-Cmake-conf-for-gcc6-build.patch deleted file mode 100644 index 43a3ee1..0000000 --- a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-Cmake-conf-for-gcc6-build.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 19c99315a5dcba3b696c30d1fdd42a1dcd574a80 Mon Sep 17 00:00:00 2001 -From: Ronan <ronan.lemartret@iot.bzh> -Date: Thu, 13 Oct 2016 11:37:47 +0200 -Subject: [PATCH] Fix Cmake conf for gcc6 build - -Signed-off-by: Ronan <ronan.lemartret@iot.bzh> ---- - src/cmd/CMakeLists.txt | 4 +--- - src/server/CMakeLists.txt | 1 - - 2 files changed, 1 insertion(+), 4 deletions(-) - -diff --git a/src/cmd/CMakeLists.txt b/src/cmd/CMakeLists.txt -index ee9a160..aa7a12c 100644 ---- a/src/cmd/CMakeLists.txt -+++ b/src/cmd/CMakeLists.txt -@@ -1,8 +1,6 @@ - FIND_PACKAGE(Boost REQUIRED COMPONENTS program_options) - --INCLUDE_DIRECTORIES(SYSTEM -- ${Boost_INCLUDE_DIRS} -- ) -+ - - INCLUDE_DIRECTORIES( - ${INCLUDE_PATH} -diff --git a/src/server/CMakeLists.txt b/src/server/CMakeLists.txt -index 753eb96..8eef25d 100644 ---- a/src/server/CMakeLists.txt -+++ b/src/server/CMakeLists.txt -@@ -8,7 +8,6 @@ FIND_PACKAGE(Threads REQUIRED) - - INCLUDE_DIRECTORIES(SYSTEM - ${SERVER_DEP_INCLUDE_DIRS} -- ${Boost_INCLUDE_DIRS} - ${Threads_INCLUDE_DIRS} - ) - --- -2.6.6 - diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-gcc6-build.patch b/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-gcc6-build.patch deleted file mode 100644 index 1b3c8c4..0000000 --- a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-gcc6-build.patch +++ /dev/null @@ -1,38 +0,0 @@ -From cb9acc2b723b297ee373bf814282711f02657aa5 Mon Sep 17 00:00:00 2001 -From: Ronan <ronan.lemartret@iot.bzh> -Date: Wed, 12 Oct 2016 17:48:55 +0200 -Subject: [PATCH] Fix gcc6 build - -Signed-off-by: ronan <ronan@ot.bzh> ---- - src/client/client-security-manager.cpp | 1 + - src/common/include/privilege_db.h | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp -index 74a6b30..347cddd 100644 ---- a/src/client/client-security-manager.cpp -+++ b/src/client/client-security-manager.cpp -@@ -46,6 +46,7 @@ - #include <service_impl.h> - #include <security-manager.h> - #include <client-offline.h> -+#include <linux/xattr.h> - - static const char *EMPTY = ""; - -diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h -index 03c6680..8dd39a1 100644 ---- a/src/common/include/privilege_db.h -+++ b/src/common/include/privilege_db.h -@@ -32,6 +32,7 @@ - #include <map> - #include <stdbool.h> - #include <string> -+#include <vector> - - #include <dpl/db/sql_connection.h> - --- -2.6.6 - diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch b/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch deleted file mode 100644 index 4830db2..0000000 --- a/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch +++ /dev/null @@ -1,196 +0,0 @@ -From 72e66d0e42f3bb6efd689ce33b1df407d94b3c60 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> -Date: Mon, 16 Nov 2015 14:26:25 +0100 -Subject: [PATCH] Removing tizen-platform-config - -Change-Id: Ic832a2b75229517b09faba969c27fb1a4b490121 ---- - policy/security-manager-policy-reload | 2 +- - src/common/file-lock.cpp | 4 +--- - src/common/include/file-lock.h | 1 - - src/common/include/privilege_db.h | 3 +-- - src/common/service_impl.cpp | 39 +++++++++++------------------------ - src/common/smack-rules.cpp | 12 ++++------- - 6 files changed, 19 insertions(+), 42 deletions(-) - -diff --git a/policy/security-manager-policy-reload b/policy/security-manager-policy-reload -index 6f211c6..ed8047a 100755 ---- a/policy/security-manager-policy-reload -+++ b/policy/security-manager-policy-reload -@@ -2,7 +2,7 @@ - - POLICY_PATH=/usr/share/security-manager/policy - PRIVILEGE_GROUP_MAPPING=$POLICY_PATH/privilege-group.list --DB_FILE=`tzplatform-get TZ_SYS_DB | cut -d= -f2`/.security-manager.db -+DB_FILE=/var/db/security-manager/.security-manager.db - - # Create default buckets - while read bucket default_policy -diff --git a/src/common/file-lock.cpp b/src/common/file-lock.cpp -index 6f3996c..1dada17 100644 ---- a/src/common/file-lock.cpp -+++ b/src/common/file-lock.cpp -@@ -30,9 +30,7 @@ - - namespace SecurityManager { - --char const * const SERVICE_LOCK_FILE = tzplatform_mkpath3(TZ_SYS_RUN, -- "lock", -- "security-manager.lock"); -+char const * const SERVICE_LOCK_FILE = "/var/run/lock/security-manager.lock"; - - FileLocker::FileLocker(const std::string &lockFile, bool blocking) - { -diff --git a/src/common/include/file-lock.h b/src/common/include/file-lock.h -index 604b019..21a86a0 100644 ---- a/src/common/include/file-lock.h -+++ b/src/common/include/file-lock.h -@@ -29,7 +29,6 @@ - - #include <dpl/exception.h> - #include <dpl/noncopyable.h> --#include <tzplatform_config.h> - - namespace SecurityManager { - -diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h -index 4d73d90..03c6680 100644 ---- a/src/common/include/privilege_db.h -+++ b/src/common/include/privilege_db.h -@@ -34,14 +34,13 @@ - #include <string> - - #include <dpl/db/sql_connection.h> --#include <tzplatform_config.h> - - #ifndef PRIVILEGE_DB_H_ - #define PRIVILEGE_DB_H_ - - namespace SecurityManager { - --const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db"); -+const char *const PRIVILEGE_DB_PATH = "/var/db/security-manager/.security-manager.db"; - - enum class QueryType { - EGetPkgPrivileges, -diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp -index ae305d3..65cc8b5 100644 ---- a/src/common/service_impl.cpp -+++ b/src/common/service_impl.cpp -@@ -32,7 +32,6 @@ - #include <algorithm> - - #include <dpl/log/log.h> --#include <tzplatform_config.h> - - #include "protocols.h" - #include "privilege_db.h" -@@ -131,7 +130,13 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr, - - static uid_t getGlobalUserId(void) - { -- static uid_t globaluid = tzplatform_getuid(TZ_SYS_GLOBALAPP_USER); -+ static uid_t globaluid = 0; -+ if (!globaluid) { -+ struct passwd pw, *p; -+ char buf[4096]; -+ int rc = getpwnam_r("userapp", &pw, buf, sizeof buf, &p); -+ globaluid = (rc || p == NULL) ? 555 : p->pw_uid; -+ } - return globaluid; - } - -@@ -161,37 +166,17 @@ static inline bool isSubDir(const char *parent, const char *subdir) - - static bool getUserAppDir(const uid_t &uid, std::string &userAppDir) - { -- struct tzplatform_context *tz_ctx = nullptr; -- -- if (tzplatform_context_create(&tz_ctx)) -- return false; -- -- if (tzplatform_context_set_user(tz_ctx, uid)) { -- tzplatform_context_destroy(tz_ctx); -- tz_ctx = nullptr; -+ struct passwd pw, *p; -+ char buf[4096]; -+ int rc = getpwuid_r(uid, &pw, buf, sizeof buf, &p); -+ if (rc || p == NULL) - return false; -- } -- -- enum tzplatform_variable id = -- (uid == getGlobalUserId()) ? TZ_SYS_RW_APP : TZ_USER_APP; -- const char *appDir = tzplatform_context_getenv(tz_ctx, id); -- if (!appDir) { -- tzplatform_context_destroy(tz_ctx); -- tz_ctx = nullptr; -- return false; -- } -- -- userAppDir = appDir; -- -- tzplatform_context_destroy(tz_ctx); -- tz_ctx = nullptr; -- -+ userAppDir = p->pw_dir; - return true; - } - - static inline bool installRequestAuthCheck(const app_inst_req &req, uid_t uid, bool &isCorrectPath, std::string &appPath) - { -- std::string userHome; - std::string userAppDir; - std::stringstream correctPath; - -diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp -index d834e42..8b5728b 100644 ---- a/src/common/smack-rules.cpp -+++ b/src/common/smack-rules.cpp -@@ -34,7 +34,6 @@ - #include <memory> - - #include <dpl/log/log.h> --#include <tzplatform_config.h> - - #include "smack-labels.h" - #include "smack-rules.h" -@@ -43,7 +42,7 @@ namespace SecurityManager { - - const char *const SMACK_APP_LABEL_TEMPLATE = "~APP~"; - const char *const SMACK_PKG_LABEL_TEMPLATE = "~PKG~"; --const char *const APP_RULES_TEMPLATE_FILE_PATH = tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", "app-rules-template.smack"); -+const char *const APP_RULES_TEMPLATE_FILE_PATH = "/usr/share/security-manager/policy/app-rules-template.smack"; - const char *const SMACK_APP_IN_PACKAGE_PERMS = "rwxat"; - - SmackRules::SmackRules() -@@ -237,14 +236,12 @@ void SmackRules::generatePackageCrossDeps(const std::vector<std::string> &pkgCon - - std::string SmackRules::getPackageRulesFilePath(const std::string &pkgId) - { -- std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("pkg_" + pkgId).c_str())); -- return path; -+ return "/etc/smack/accesses.d/pkg_" + pkgId; - } - - std::string SmackRules::getApplicationRulesFilePath(const std::string &appId) - { -- std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("app_" + appId).c_str())); -- return path; -+ return "/etc/smack/accesses.d/app_" + appId; - } - void SmackRules::installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId, - const std::vector<std::string> &pkgContents, const std::vector<std::string> &privileges) -@@ -256,8 +253,7 @@ void SmackRules::installApplicationPrivilegesRules(const std::string &appId, con - for (auto privilege : privileges) { - if (privilege.empty()) - continue; -- std::string fprivilege ( privilege + "-template.smack"); -- std::string path(tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", fprivilege.c_str())); -+ std::string path = "/usr/share/security-manager/policy/" + privilege + "-template.smack"; - if( stat(path.c_str(), &buffer) == 0) - smackRules.addFromTemplateFile(appId, pkgId, path); - } --- -2.1.4 - diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service deleted file mode 100644 index 8ed5e86..0000000 --- a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service +++ /dev/null @@ -1,15 +0,0 @@ -# -# Install security-manager DB to /var - -[Unit] -Description=Install Security Manager database -After=sysinit.target -Before=security-manager.service - -[Install] -WantedBy=default.target - -[Service] -Type=oneshot -User=root -ExecStart=/usr/bin/init-security-manager-db.sh diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh deleted file mode 100644 index ef41286..0000000 --- a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -if [ ! -e "/var/db/security-manager" ]; then - mkdir -p /var/db - cp -ra /usr/dbspace/ /var/db/security-manager -fi diff --git a/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend b/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend deleted file mode 100644 index 23ceb29..0000000 --- a/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend +++ /dev/null @@ -1,22 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/security-manager:" - -SRC_URI += " file://0001-Adapt-rules-to-AGL.patch \ - file://init-security-manager-db.service \ - file://init-security-manager-db.sh \ - file://0001-Fix-gcc6-build.patch \ - file://0001-Fix-Cmake-conf-for-gcc6-build.patch \ -" - -FILES_${PN}_append = "${bindir}/init-security-manager-db.sh \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_unitdir}/system/init-security-manager-db.service', '', d)} \ -" - -do_install_append () { - install -p -D ${WORKDIR}/init-security-manager-db.sh ${D}${bindir}/init-security-manager-db.sh - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - mkdir -p ${D}${systemd_unitdir}/system - mkdir -p ${D}${sysconfdir}/systemd/system/default.target.wants - install -m 644 -p -D ${WORKDIR}/init-security-manager-db.service ${D}${systemd_unitdir}/system/init-security-manager-db.service - ln -sf ${systemd_unitdir}/system/init-security-manager-db.service ${D}${sysconfdir}/systemd/system/default.target.wants - fi -} diff --git a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime b/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime deleted file mode 100755 index ca712e1..0000000 --- a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec /usr/bin/qt5/qmlscene "$1" /usr/bin/web-runtime-webkit.qml diff --git a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime-webkit.qml b/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime-webkit.qml deleted file mode 100644 index d18b672..0000000 --- a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime-webkit.qml +++ /dev/null @@ -1,13 +0,0 @@ -import QtQuick 2.1 -import QtQuick.Controls 1.1 -import QtWebKit 3.0 - -ApplicationWindow { - width: 1024 - height: 768 - visible: true - WebView { - url: Qt.application.arguments[1] - anchors.fill: parent - } -} diff --git a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime.qml b/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime.qml deleted file mode 100644 index afe8a77..0000000 --- a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime.qml +++ /dev/null @@ -1,13 +0,0 @@ -import QtQuick 2.1 -import QtQuick.Controls 1.1 -import QtWebEngine 1.1 - -ApplicationWindow { - width: 1024 - height: 768 - visible: true - WebEngineView { - url: Qt.application.arguments[1] - anchors.fill: parent - } -} diff --git a/meta-app-framework/recipes-core/web-runtime/web-runtime_0.1.bb b/meta-app-framework/recipes-core/web-runtime/web-runtime_0.1.bb deleted file mode 100644 index fa14987..0000000 --- a/meta-app-framework/recipes-core/web-runtime/web-runtime_0.1.bb +++ /dev/null @@ -1,34 +0,0 @@ -inherit allarch - -SUMMARY = "Provides the 'web-runtime' command" -DESCRIPTION = "The command 'web-runtime' is an abstraction that allows to " - -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" - -SRC_URI = "\ - file://web-runtime;md5sum=6114c0bdd20290912a423fa01beb50f0 \ - file://web-runtime.qml;md5sum=5d6a379e9b7e5654319e5ba638824a58 \ - file://web-runtime-webkit.qml;md5sum=4daf9df39078634c27a7923d37e82e3d \ -" - -RDEPENDS_${PN} = "qtwebkit-qmlplugins" - -do_configure() { - : -} - -do_install() { - install -d ${D}${bindir} - install -m 0755 ${WORKDIR}/web-runtime ${D}${bindir}/web-runtime - install -m 0644 ${WORKDIR}/web-runtime.qml ${D}${bindir}/web-runtime.qml - install -m 0644 ${WORKDIR}/web-runtime-webkit.qml ${D}${bindir}/web-runtime-webkit.qml -} - -do_install_append_rcar-gen2() { - # workaround for porter board: force the use of libEGL provided by mesa at runtime - # otherwise, the proprietary libEGL is used and a problem then occurs due to a missing EGL function - sed -i 's|^\(exec /usr/bin/qt5/qmlscene\)|LD_PRELOAD=/usr/lib/libEGL.so \1|g' ${D}${bindir}/web-runtime -} - - diff --git a/meta-app-framework/recipes-devtools/run-agl-postinsts/run-agl-postinsts_1.0.bbappend b/meta-app-framework/recipes-devtools/run-agl-postinsts/run-agl-postinsts_1.0.bbappend deleted file mode 100644 index 590ab70..0000000 --- a/meta-app-framework/recipes-devtools/run-agl-postinsts/run-agl-postinsts_1.0.bbappend +++ /dev/null @@ -1 +0,0 @@ -SYSTEMD_SERVICE_AFTER_append = " afm-system-daemon.service" diff --git a/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb b/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb deleted file mode 100644 index 21605d2..0000000 --- a/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb +++ /dev/null @@ -1,29 +0,0 @@ -SUMMARY = "HTML5 demo template for AFB" -DESCRIPTION = "afb-client is a sample AngularJS/HTML5 application using \ -Application Framework Binder with token binding." -HOMEPAGE = "http://www.iot.bzh" - -LICENSE = "GPLv3+" -LIC_FILES_CHKSUM = "file://LICENSE;md5=6cb04bdb88e11107e3af4d8e3f301be5" - -#DEPENDS = "nodejs-native" -RDEPENDS_${PN} = "af-binder af-binder-binding-authlogin" - -SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=master" -SRC_URI_files = "file://afb-client \ - " -SRC_URI = "${SRC_URI_git} \ - ${SRC_URI_files} \ - " -SRCREV = "9e9b459fa27d7a359a060024c9639b99b45813d5" -S = "${WORKDIR}/git/afb-client" - -do_install () { - mkdir -p ${D}/${datadir}/agl/afb-client - cp -ra ${S}/dist.prod/* ${D}/${datadir}/agl/afb-client/ - - mkdir -p ${D}/${bindir} - install -m 0755 ${WORKDIR}/afb-client ${D}/${bindir}/afb-client -} - -FILES_${PN} += "${datadir}" diff --git a/meta-app-framework/recipes-example/afb-client/files/afb-client b/meta-app-framework/recipes-example/afb-client/files/afb-client deleted file mode 100644 index 99e6aa9..0000000 --- a/meta-app-framework/recipes-example/afb-client/files/afb-client +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -if [ -z "${XDG_RUNTIME_DIR+1}" ]; then - export XDG_RUNTIME_DIR=/run/user/$UID -fi -LD_PRELOAD=/usr/lib/libEGL.so /usr/bin/qt5/qmlscene http://localhost:1234/opa /usr/share/agl/afb-viewer.qml - diff --git a/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb b/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb deleted file mode 100644 index 4cd80db..0000000 --- a/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb +++ /dev/null @@ -1,40 +0,0 @@ -SUMMARY = "Sample client for AFM to install/start/stop/remove applications" -DESCRIPTION = "afm-client is a sample AngularJS/HTML5 application using \ -Application Framework Manager to install, start, stop, or remove \ -applications provided as .wgt widget packages." -HOMEPAGE = "http://www.iot.bzh" - -inherit systemd - -LICENSE = "GPLv3+" -LIC_FILES_CHKSUM = "file://LICENSE;md5=6cb04bdb88e11107e3af4d8e3f301be5" - -#DEPENDS = "nodejs-native" -RDEPENDS_${PN} = "af-main af-binder af-main-binding af-binder-binding-demopost af-binder-binding-authlogin" - -SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=master" -SRC_URI_files = "file://afm-client \ - file://afm-client.service \ - " -SRC_URI = "${SRC_URI_git} \ - ${SRC_URI_files} \ - " -SRCREV = "9e9b459fa27d7a359a060024c9639b99b45813d5" -S = "${WORKDIR}/git/afm-client" - -do_install () { - mkdir -p ${D}/${datadir}/agl/afm-client - cp -ra ${S}/dist.prod/* ${D}/${datadir}/agl/afm-client/ - - mkdir -p ${D}/${bindir} - install -m 0755 ${WORKDIR}/afm-client ${D}/${bindir}/afm-client - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${systemd_user_unitdir} - install -d ${D}${sysconfdir}/systemd/user/default.target.wants - install -m 0644 ${WORKDIR}/afm-client.service ${D}/${systemd_user_unitdir}/afm-client.service - ln -sf ${systemd_user_unitdir}/afm-client.service ${D}${sysconfdir}/systemd/user/default.target.wants - fi -} - -FILES_${PN} += "${datadir} ${systemd_user_unitdir}" diff --git a/meta-app-framework/recipes-example/afm-client/files/afm-client b/meta-app-framework/recipes-example/afm-client/files/afm-client deleted file mode 100644 index ba868e9..0000000 --- a/meta-app-framework/recipes-example/afm-client/files/afm-client +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -if [ -z "${XDG_RUNTIME_DIR+1}" ]; then - export XDG_RUNTIME_DIR=/run/user/$UID -fi -LD_PRELOAD=/usr/lib/libEGL.so /usr/bin/web-runtime http://localhost:1236/opa - diff --git a/meta-app-framework/recipes-example/afm-client/files/afm-client.service b/meta-app-framework/recipes-example/afm-client/files/afm-client.service deleted file mode 100644 index 7357174..0000000 --- a/meta-app-framework/recipes-example/afm-client/files/afm-client.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Simplest application manager - -[Service] -ExecStart=/usr/bin/afb-daemon --mode=remote --port=1234 --token='' --sessiondir=/home/root/.afb-daemon --rootdir=/usr/share/agl/afm-client --alias=/icons:/var/lib/afm/icons -Restart=on-failure -RestartSec=5 - -[Install] -WantedBy=default.target - diff --git a/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home-native.patch b/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home-native.patch deleted file mode 100644 index ff420d8..0000000 --- a/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home-native.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 008637fc8bd7f601eb6554d572bba025613913b7 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> -Date: Wed, 8 Mar 2017 14:10:10 +0100 -Subject: [PATCH] useradd: copy extended attributes of home (native) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The Home directory wasn't getting the extended attributes -of /etc/skel. This patch fixes that issue and adds the copy -of the extended attributes of the root of the home directory. - -Change-Id: Ib6836e1b18c4c7f73e02c1f1fc9558dc749ba9da -Signed-off-by: José Bollo <jose.bollo@iot.bzh> ---- - src/useradd.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/useradd.c b/src/useradd.c -index 4c418af..8ba8af6 100644 ---- a/src/useradd.c -+++ b/src/useradd.c -@@ -55,6 +55,9 @@ - #include <sys/stat.h> - #include <sys/types.h> - #include <time.h> -+#ifdef WITH_ATTR -+#include <attr/libattr.h> -+#endif - #include "chkname.h" - #include "defines.h" - #include "faillog.h" -@@ -1950,6 +1953,9 @@ static void create_home (void) - chown (user_home, user_id, user_gid); - chmod (user_home, - 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); -+#ifdef WITH_ATTR -+ attr_copy_file (def_template, user_home, NULL, NULL); -+#endif - home_added = true; - #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, Prog, --- -2.9.3 - diff --git a/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home.patch b/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home.patch deleted file mode 100644 index f231c3c..0000000 --- a/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home.patch +++ /dev/null @@ -1,45 +0,0 @@ -From acec93540eba6899661c607408498ac72ab07a47 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> -Date: Tue, 7 Mar 2017 16:03:03 +0100 -Subject: [PATCH] useradd: copy extended attributes of home -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The Home directory wasn't getting the extended attributes -of /etc/skel. This patch fixes that issue and adds the copy -of the extended attributes of the root of the home directory. - -Change-Id: Icd633f7c6c494efd2a30cb8f04c306f749ad0c3b -Signed-off-by: José Bollo <jose.bollo@iot.bzh> ---- - src/useradd.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/useradd.c b/src/useradd.c -index a8a1f76..8aefb9c 100644 ---- a/src/useradd.c -+++ b/src/useradd.c -@@ -52,6 +52,9 @@ - #include <sys/stat.h> - #include <sys/types.h> - #include <time.h> -+#ifdef WITH_ATTR -+#include <attr/libattr.h> -+#endif - #include "chkname.h" - #include "defines.h" - #include "faillog.h" -@@ -1915,6 +1918,9 @@ static void create_home (void) - chown (user_home, user_id, user_gid); - chmod (user_home, - 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); -+#ifdef WITH_ATTR -+ attr_copy_file (def_template, user_home, NULL, NULL); -+#endif - home_added = true; - #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, Prog, --- -2.9.3 - diff --git a/meta-app-framework/recipes-extended/shadow/shadow_%.bbappend b/meta-app-framework/recipes-extended/shadow/shadow_%.bbappend deleted file mode 100644 index f084355..0000000 --- a/meta-app-framework/recipes-extended/shadow/shadow_%.bbappend +++ /dev/null @@ -1,4 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/files:" - -SRC_URI_append_class-target = " file://0001-useradd-copy-extended-attributes-of-home.patch " -SRC_URI_append_class-native = " file://0001-useradd-copy-extended-attributes-of-home-native.patch " diff --git a/meta-app-framework/recipes-kernel/linux/linux-%.bbappend b/meta-app-framework/recipes-kernel/linux/linux-%.bbappend deleted file mode 100644 index 02595ef..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux-%.bbappend +++ /dev/null @@ -1,3 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/linux:" -SRC_URI_append_smack = " file://audit.cfg" - diff --git a/meta-app-framework/recipes-kernel/linux/linux-yocto_4.1.bbappend b/meta-app-framework/recipes-kernel/linux/linux-yocto_4.1.bbappend deleted file mode 100644 index c1c6572..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux-yocto_4.1.bbappend +++ /dev/null @@ -1,12 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/linux/linux-yocto-4.1:" - -#------------------------------------------------------------------------- -# smack patches for handling bluetooth - -SRC_URI_append_smack = "\ - file://0001-Smack-File-receive-for-sockets.patch \ - file://0002-smack-fix-cache-of-access-labels.patch \ - file://0003-Smack-ignore-null-signal-in-smack_task_kill.patch \ - file://0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch \ -" - diff --git a/meta-app-framework/recipes-kernel/linux/linux-yocto_4.4.bbappend b/meta-app-framework/recipes-kernel/linux/linux-yocto_4.4.bbappend deleted file mode 100644 index 51df087..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux-yocto_4.4.bbappend +++ /dev/null @@ -1,11 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/linux/linux-yocto-4.4:" - -#------------------------------------------------------------------------- -# smack patches for handling bluetooth - -SRC_URI_append_smack = "\ - file://0002-smack-fix-cache-of-access-labels.patch \ - file://0003-Smack-ignore-null-signal-in-smack_task_kill.patch \ - file://0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch \ -" - diff --git a/meta-app-framework/recipes-kernel/linux/linux/audit.cfg b/meta-app-framework/recipes-kernel/linux/linux/audit.cfg deleted file mode 100644 index 214dbe3..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux/audit.cfg +++ /dev/null @@ -1,2 +0,0 @@ -CONFIG_AUDIT=y -CONFIG_AUDITSYSCALL=y diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0001-Smack-File-receive-for-sockets.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0001-Smack-File-receive-for-sockets.patch deleted file mode 100644 index b0c5ee8..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0001-Smack-File-receive-for-sockets.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 2e65b888820ea372984d412cee3bd7dcba05d7d2 Mon Sep 17 00:00:00 2001 -From: Casey Schaufler <casey@schaufler-ca.com> -Date: Mon, 7 Dec 2015 14:34:32 -0800 -Subject: [PATCH 1/4] Smack: File receive for sockets - -The existing file receive hook checks for access on -the file inode even for UDS. This is not right, as -the inode is not used by Smack to make access checks -for sockets. This change checks for an appropriate -access relationship between the receiving (current) -process and the socket. If the process can't write -to the socket's send label or the socket's receive -label can't write to the process fail. - -This will allow the legitimate cases, where the -socket sender and socket receiver can freely communicate. -Only strangly set socket labels should cause a problem. - -Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> ---- - security/smack/smack_lsm.c | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index b644757..487b2f3 100644 ---- a/security/smack/smack_lsm.c -+++ b/security/smack/smack_lsm.c -@@ -1672,9 +1672,31 @@ static int smack_file_receive(struct file *file) - int may = 0; - struct smk_audit_info ad; - struct inode *inode = file_inode(file); -+ struct socket *sock; -+ struct task_smack *tsp; -+ struct socket_smack *ssp; - - smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); - smk_ad_setfield_u_fs_path(&ad, file->f_path); -+ -+ if (S_ISSOCK(inode->i_mode)) { -+ sock = SOCKET_I(inode); -+ ssp = sock->sk->sk_security; -+ tsp = current_security(); -+ /* -+ * If the receiving process can't write to the -+ * passed socket or if the passed socket can't -+ * write to the receiving process don't accept -+ * the passed socket. -+ */ -+ rc = smk_access(tsp->smk_task, ssp->smk_out, MAY_WRITE, &ad); -+ rc = smk_bu_file(file, may, rc); -+ if (rc < 0) -+ return rc; -+ rc = smk_access(ssp->smk_in, tsp->smk_task, MAY_WRITE, &ad); -+ rc = smk_bu_file(file, may, rc); -+ return rc; -+ } - /* - * This code relies on bitmasks. - */ --- -2.7.4 - diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0002-smack-fix-cache-of-access-labels.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0002-smack-fix-cache-of-access-labels.patch deleted file mode 100644 index 51c3b31..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0002-smack-fix-cache-of-access-labels.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 5bcea0fc4e5360deca133e211fdc76717a1693a4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jobol@nonadev.net> -Date: Tue, 12 Jan 2016 21:23:40 +0100 -Subject: [PATCH 2/4] smack: fix cache of access labels -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Before this commit, removing the access property of -a file, aka, the extended attribute security.SMACK64 -was not effictive until the cache had been cleaned. - -This patch fixes that problem. - -Signed-off-by: José Bollo <jobol@nonadev.net> -Acked-by: Casey Schaufler <casey@schaufler-ca.com> ---- - security/smack/smack_lsm.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index 487b2f3..b9393e3 100644 ---- a/security/smack/smack_lsm.c -+++ b/security/smack/smack_lsm.c -@@ -1256,9 +1256,13 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name) - * Don't do anything special for these. - * XATTR_NAME_SMACKIPIN - * XATTR_NAME_SMACKIPOUT -- * XATTR_NAME_SMACKEXEC - */ -- if (strcmp(name, XATTR_NAME_SMACK) == 0) -+ if (strcmp(name, XATTR_NAME_SMACK) == 0) { -+ struct super_block *sbp = d_backing_inode(dentry)->i_sb; -+ struct superblock_smack *sbsp = sbp->s_security; -+ -+ isp->smk_inode = sbsp->smk_default; -+ } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0) - isp->smk_task = NULL; - else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0) - isp->smk_mmap = NULL; --- -2.7.4 - diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0003-Smack-ignore-null-signal-in-smack_task_kill.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0003-Smack-ignore-null-signal-in-smack_task_kill.patch deleted file mode 100644 index 67761ae..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0003-Smack-ignore-null-signal-in-smack_task_kill.patch +++ /dev/null @@ -1,39 +0,0 @@ -From aa63c4f8ece0c54a9be735ac38667f11fcd6f44a Mon Sep 17 00:00:00 2001 -From: Rafal Krypa <r.krypa@samsung.com> -Date: Mon, 4 Apr 2016 11:14:53 +0200 -Subject: [PATCH 3/4] Smack: ignore null signal in smack_task_kill - -Kill with signal number 0 is commonly used for checking PID existence. -Smack treated such cases like any other kills, although no signal is -actually delivered when sig == 0. - -Checking permissions when sig == 0 didn't prevent an unprivileged caller -from learning whether PID exists or not. When it existed, kernel returned -EPERM, when it didn't - ESRCH. The only effect of policy check in such -case is noise in audit logs. - -This change lets Smack silently ignore kill() invocations with sig == 0. - -Signed-off-by: Rafal Krypa <r.krypa@samsung.com> -Acked-by: Casey Schaufler <casey@schaufler-ca.com> ---- - security/smack/smack_lsm.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index b9393e3..c916f58 100644 ---- a/security/smack/smack_lsm.c -+++ b/security/smack/smack_lsm.c -@@ -2056,6 +2056,9 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info, - struct smack_known *tkp = smk_of_task_struct(p); - int rc; - -+ if (!sig) -+ return 0; /* null signal; existence test */ -+ - smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); - smk_ad_setfield_u_tsk(&ad, p); - /* --- -2.7.4 - diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch deleted file mode 100644 index 4281c20..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch +++ /dev/null @@ -1,49 +0,0 @@ -From b2b9e7ec8e79ede841104f76464f4b77c057b011 Mon Sep 17 00:00:00 2001 -From: jooseong lee <jooseong.lee@samsung.com> -Date: Thu, 3 Nov 2016 10:55:43 +0100 -Subject: [PATCH 4/4] Smack: Assign smack_known_web label for kernel thread's -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Assign smack_known_web label for kernel thread's socket in the sk_alloc_security hook - -Creating struct sock by sk_alloc function in various kernel subsystems -like bluetooth dosen't call smack_socket_post_create(). In such case, -received sock label is the floor('_') label and makes access deny. - -Refers-to: https://review.tizen.org/gerrit/#/c/80717/4 - -Change-Id: I2e5c9359bfede84a988fd4d4d74cdb9dfdfc52d8 -Signed-off-by: jooseong lee <jooseong.lee@samsung.com> -Signed-off-by: José Bollo <jose.bollo@iot.bzh> ---- - security/smack/smack_lsm.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index c916f58..cc6769b 100644 ---- a/security/smack/smack_lsm.c -+++ b/security/smack/smack_lsm.c -@@ -2138,8 +2138,16 @@ static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags) - if (ssp == NULL) - return -ENOMEM; - -- ssp->smk_in = skp; -- ssp->smk_out = skp; -+ /* -+ * Sockets created by kernel threads receive web label. -+ */ -+ if (unlikely(current->flags & PF_KTHREAD)) { -+ ssp->smk_in = &smack_known_web; -+ ssp->smk_out = &smack_known_web; -+ } else { -+ ssp->smk_in = skp; -+ ssp->smk_out = skp; -+ } - ssp->smk_packet = NULL; - - sk->sk_security = ssp; --- -2.7.4 - diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0001-Smack-File-receive-for-sockets.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0001-Smack-File-receive-for-sockets.patch deleted file mode 100644 index 4021e5d..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0001-Smack-File-receive-for-sockets.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 2b206c36b16e72cfe41cd22448d8527359ffd962 Mon Sep 17 00:00:00 2001 -From: Casey Schaufler <casey@schaufler-ca.com> -Date: Mon, 7 Dec 2015 14:34:32 -0800 -Subject: [PATCH 1/4] Smack: File receive for sockets - -The existing file receive hook checks for access on -the file inode even for UDS. This is not right, as -the inode is not used by Smack to make access checks -for sockets. This change checks for an appropriate -access relationship between the receiving (current) -process and the socket. If the process can't write -to the socket's send label or the socket's receive -label can't write to the process fail. - -This will allow the legitimate cases, where the -socket sender and socket receiver can freely communicate. -Only strangly set socket labels should cause a problem. - -Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> ---- - security/smack/smack_lsm.c | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index ff81026..b20ef06 100644 ---- a/security/smack/smack_lsm.c -+++ b/security/smack/smack_lsm.c -@@ -1860,12 +1860,34 @@ static int smack_file_receive(struct file *file) - int may = 0; - struct smk_audit_info ad; - struct inode *inode = file_inode(file); -+ struct socket *sock; -+ struct task_smack *tsp; -+ struct socket_smack *ssp; - - if (unlikely(IS_PRIVATE(inode))) - return 0; - - smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); - smk_ad_setfield_u_fs_path(&ad, file->f_path); -+ -+ if (S_ISSOCK(inode->i_mode)) { -+ sock = SOCKET_I(inode); -+ ssp = sock->sk->sk_security; -+ tsp = current_security(); -+ /* -+ * If the receiving process can't write to the -+ * passed socket or if the passed socket can't -+ * write to the receiving process don't accept -+ * the passed socket. -+ */ -+ rc = smk_access(tsp->smk_task, ssp->smk_out, MAY_WRITE, &ad); -+ rc = smk_bu_file(file, may, rc); -+ if (rc < 0) -+ return rc; -+ rc = smk_access(ssp->smk_in, tsp->smk_task, MAY_WRITE, &ad); -+ rc = smk_bu_file(file, may, rc); -+ return rc; -+ } - /* - * This code relies on bitmasks. - */ --- -2.7.4 - diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0002-smack-fix-cache-of-access-labels.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0002-smack-fix-cache-of-access-labels.patch deleted file mode 100644 index c516f3a..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0002-smack-fix-cache-of-access-labels.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 99267706991ab84bd44ceaea9a7ec886bbdd58e0 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jobol@nonadev.net> -Date: Tue, 12 Jan 2016 21:23:40 +0100 -Subject: [PATCH 2/4] smack: fix cache of access labels -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Before this commit, removing the access property of -a file, aka, the extended attribute security.SMACK64 -was not effictive until the cache had been cleaned. - -This patch fixes that problem. - -Signed-off-by: José Bollo <jobol@nonadev.net> -Acked-by: Casey Schaufler <casey@schaufler-ca.com> ---- - security/smack/smack_lsm.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index b20ef06..b2bcb14 100644 ---- a/security/smack/smack_lsm.c -+++ b/security/smack/smack_lsm.c -@@ -1444,9 +1444,13 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name) - * Don't do anything special for these. - * XATTR_NAME_SMACKIPIN - * XATTR_NAME_SMACKIPOUT -- * XATTR_NAME_SMACKEXEC - */ -- if (strcmp(name, XATTR_NAME_SMACK) == 0) -+ if (strcmp(name, XATTR_NAME_SMACK) == 0) { -+ struct super_block *sbp = d_backing_inode(dentry)->i_sb; -+ struct superblock_smack *sbsp = sbp->s_security; -+ -+ isp->smk_inode = sbsp->smk_default; -+ } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0) - isp->smk_task = NULL; - else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0) - isp->smk_mmap = NULL; --- -2.7.4 - diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0003-Smack-ignore-null-signal-in-smack_task_kill.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0003-Smack-ignore-null-signal-in-smack_task_kill.patch deleted file mode 100644 index c9180bb..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0003-Smack-ignore-null-signal-in-smack_task_kill.patch +++ /dev/null @@ -1,39 +0,0 @@ -From ec4eb03af07b0fbc330aecca6ac4ebd6accd8825 Mon Sep 17 00:00:00 2001 -From: Rafal Krypa <r.krypa@samsung.com> -Date: Mon, 4 Apr 2016 11:14:53 +0200 -Subject: [PATCH 3/4] Smack: ignore null signal in smack_task_kill - -Kill with signal number 0 is commonly used for checking PID existence. -Smack treated such cases like any other kills, although no signal is -actually delivered when sig == 0. - -Checking permissions when sig == 0 didn't prevent an unprivileged caller -from learning whether PID exists or not. When it existed, kernel returned -EPERM, when it didn't - ESRCH. The only effect of policy check in such -case is noise in audit logs. - -This change lets Smack silently ignore kill() invocations with sig == 0. - -Signed-off-by: Rafal Krypa <r.krypa@samsung.com> -Acked-by: Casey Schaufler <casey@schaufler-ca.com> ---- - security/smack/smack_lsm.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index b2bcb14..cf8a93f 100644 ---- a/security/smack/smack_lsm.c -+++ b/security/smack/smack_lsm.c -@@ -2239,6 +2239,9 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info, - struct smack_known *tkp = smk_of_task_struct(p); - int rc; - -+ if (!sig) -+ return 0; /* null signal; existence test */ -+ - smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK); - smk_ad_setfield_u_tsk(&ad, p); - /* --- -2.7.4 - diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch deleted file mode 100644 index a1eeac3..0000000 --- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch +++ /dev/null @@ -1,49 +0,0 @@ -From c8bbb0f916de54610513e376070aea531af19dd6 Mon Sep 17 00:00:00 2001 -From: jooseong lee <jooseong.lee@samsung.com> -Date: Thu, 3 Nov 2016 10:55:43 +0100 -Subject: [PATCH 4/4] Smack: Assign smack_known_web label for kernel thread's -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Assign smack_known_web label for kernel thread's socket in the sk_alloc_security hook - -Creating struct sock by sk_alloc function in various kernel subsystems -like bluetooth dosen't call smack_socket_post_create(). In such case, -received sock label is the floor('_') label and makes access deny. - -Refers-to: https://review.tizen.org/gerrit/#/c/80717/4 - -Change-Id: I2e5c9359bfede84a988fd4d4d74cdb9dfdfc52d8 -Signed-off-by: jooseong lee <jooseong.lee@samsung.com> -Signed-off-by: José Bollo <jose.bollo@iot.bzh> ---- - security/smack/smack_lsm.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index cf8a93f..21651bc 100644 ---- a/security/smack/smack_lsm.c -+++ b/security/smack/smack_lsm.c -@@ -2321,8 +2321,16 @@ static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags) - if (ssp == NULL) - return -ENOMEM; - -- ssp->smk_in = skp; -- ssp->smk_out = skp; -+ /* -+ * Sockets created by kernel threads receive web label. -+ */ -+ if (unlikely(current->flags & PF_KTHREAD)) { -+ ssp->smk_in = &smack_known_web; -+ ssp->smk_out = &smack_known_web; -+ } else { -+ ssp->smk_in = skp; -+ ssp->smk_out = skp; -+ } - ssp->smk_packet = NULL; - - sk->sk_security = ssp; --- -2.7.4 - diff --git a/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch b/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch deleted file mode 100644 index fa359fa..0000000 --- a/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch +++ /dev/null @@ -1,87 +0,0 @@ -From c34b2725817d4fd1fd6878bbb16617cb9e3e3a70 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> -Date: Fri, 22 Jan 2016 16:23:59 +0100 -Subject: [PATCH] removing capability enforcement - -Signed-off-by: ronan <ronan@iot.bzh> - -Change-Id: Idb724192ceab176a611bbed45c0ebc9c8eb5dd30 ---- - progs/setcap.c | 45 +-------------------------------------------- - 1 file changed, 1 insertion(+), 44 deletions(-) - -diff --git a/progs/setcap.c b/progs/setcap.c -index 7304343..71999b6 100644 ---- a/progs/setcap.c -+++ b/progs/setcap.c -@@ -58,11 +58,9 @@ static int read_caps(int quiet, const char *filename, char *buffer) - - int main(int argc, char **argv) - { -- int tried_to_cap_setfcap = 0; - char buffer[MAXCAP+1]; - int retval, quiet=0, verify=0; - cap_t mycaps; -- cap_value_t capflag; - - if (argc < 3) { - usage(); -@@ -150,54 +148,13 @@ int main(int argc, char **argv) - printf("%s: OK\n", *argv); - } - } else { -- if (!tried_to_cap_setfcap) { -- capflag = CAP_SETFCAP; -- -- /* -- * Raise the effective CAP_SETFCAP. -- */ -- if (cap_set_flag(mycaps, CAP_EFFECTIVE, 1, &capflag, CAP_SET) -- != 0) { -- perror("unable to manipulate CAP_SETFCAP - " -- "try a newer libcap?"); -- exit(1); -- } -- if (cap_set_proc(mycaps) != 0) { -- perror("unable to set CAP_SETFCAP effective capability"); -- exit(1); -- } -- tried_to_cap_setfcap = 1; -- } - retval = cap_set_file(*++argv, cap_d); - if (retval != 0) { -- int explained = 0; - int oerrno = errno; --#ifdef linux -- cap_value_t cap; -- cap_flag_value_t per_state; -- -- for (cap = 0; -- cap_get_flag(cap_d, cap, CAP_PERMITTED, &per_state) != -1; -- cap++) { -- cap_flag_value_t inh_state, eff_state; -- -- cap_get_flag(cap_d, cap, CAP_INHERITABLE, &inh_state); -- cap_get_flag(cap_d, cap, CAP_EFFECTIVE, &eff_state); -- if ((inh_state | per_state) != eff_state) { -- fprintf(stderr, "NOTE: Under Linux, effective file capabilities must either be empty, or\n" -- " exactly match the union of selected permitted and inheritable bits.\n"); -- explained = 1; -- break; -- } -- } --#endif /* def linux */ -- - fprintf(stderr, - "Failed to set capabilities on file `%s' (%s)\n", - argv[0], strerror(oerrno)); -- if (!explained) { -- usage(); -- } -+ - } - } - if (cap_d) { --- -2.6.6 - diff --git a/meta-app-framework/recipes-support/libcap/libcap_%.bbappend b/meta-app-framework/recipes-support/libcap/libcap_%.bbappend deleted file mode 100644 index fbe8935..0000000 --- a/meta-app-framework/recipes-support/libcap/libcap_%.bbappend +++ /dev/null @@ -1,5 +0,0 @@ -FILESEXTRAPATHS_append_class-native := ":${THISDIR}/${PN}" -SRC_URI_append_class-native = " file://removing-capability-enforcement.patch" -PACKAGECONFIG_class-native ?= "attr" -DEPENDS_append_class-native = " attr-native" - diff --git a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd/allows-upgrade.patch b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd/allows-upgrade.patch deleted file mode 100644 index 19601a5..0000000 --- a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd/allows-upgrade.patch +++ /dev/null @@ -1,81 +0,0 @@ -diff -Naur a/src/microhttpd/connection.c b/src/microhttpd/connection.c ---- a/src/microhttpd/connection.c 2016-04-08 21:02:26.000000000 +0200 -+++ b/src/microhttpd/connection.c 2016-08-29 22:41:53.790560238 +0200 -@@ -708,6 +708,8 @@ - * "keep-alive", we proceed to use the default for the respective HTTP - * version (which is conservative for HTTP 1.0, but might be a bit - * optimistic for HTTP 1.1). -+ * In the case of Upgrade, the header Connection should not be set -+ * to keep-alive. - * - * @param connection the connection to check for keepalive - * @return #MHD_YES if (based on the request), a keepalive is -@@ -750,6 +752,59 @@ - - - /** -+ * Should we try to keep the given connection alive? We can use the -+ * TCP stream for a second request if the connection is HTTP 1.1 and -+ * the "Connection" header either does not exist or is not set to -+ * "close", or if the connection is HTTP 1.0 and the "Connection" -+ * header is explicitly set to "keep-alive". If no HTTP version is -+ * specified (or if it is not 1.0 or 1.1), we definitively close the -+ * connection. If the "Connection" header is not exactly "close" or -+ * "keep-alive", we proceed to use the default for the respective HTTP -+ * version (which is conservative for HTTP 1.0, but might be a bit -+ * optimistic for HTTP 1.1). -+ * In the case of Upgrade, the connection should be kept alive even if -+ * the header Connection is not keep-alive. -+ * -+ * @param connection the connection to check for keepalive -+ * @return #MHD_YES if (based on the request), a keepalive is -+ * legal -+ */ -+static int -+should_keepalive (struct MHD_Connection *connection) -+{ -+ const char *end; -+ -+ if (NULL == connection->version) -+ return MHD_NO; -+ if ( (NULL != connection->response) && -+ (0 != (connection->response->flags & MHD_RF_HTTP_VERSION_1_0_ONLY) ) ) -+ return MHD_NO; -+ end = MHD_lookup_connection_value (connection, -+ MHD_HEADER_KIND, -+ MHD_HTTP_HEADER_CONNECTION); -+ if (MHD_str_equal_caseless_(connection->version, -+ MHD_HTTP_VERSION_1_1)) -+ { -+ if (NULL == end) -+ return MHD_YES; -+ if ( (MHD_str_equal_caseless_ (end, "close")) ) -+ return MHD_NO; -+ return MHD_YES; -+ } -+ if (MHD_str_equal_caseless_(connection->version, -+ MHD_HTTP_VERSION_1_0)) -+ { -+ if (NULL == end) -+ return MHD_NO; -+ if (MHD_str_equal_caseless_(end, "Keep-Alive")) -+ return MHD_YES; -+ return MHD_NO; -+ } -+ return MHD_NO; -+} -+ -+ -+/** - * Produce HTTP "Date:" header. - * - * @param date where to write the header, with -@@ -2795,7 +2850,7 @@ - } - if (((MHD_YES == connection->read_closed) && - (0 == connection->read_buffer_offset)) || -- (MHD_NO == keepalive_possible (connection))) -+ (MHD_NO == should_keepalive (connection))) - { - /* have to close for some reason */ - MHD_connection_close_ (connection, diff --git a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bb b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bb deleted file mode 100644 index 9abb200..0000000 --- a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bb +++ /dev/null @@ -1,25 +0,0 @@ -DESCRIPTION = "A small C library that is supposed to make it easy to run an HTTP server as part of another application" -HOMEPAGE = "http://www.gnu.org/software/libmicrohttpd/" -LICENSE = "LGPL-2.1+" -LIC_FILES_CHKSUM = "file://COPYING;md5=9331186f4f80db7da0e724bdd6554ee5" -SECTION = "net" -DEPENDS = "libgcrypt gnutls file" - -SRC_URI = "http://ftp.gnu.org/gnu/libmicrohttpd/${BPN}-${PV}.tar.gz" -SRC_URI[md5sum] = "3209aa2ac6199b874a6325342b86edbc" -SRC_URI[sha256sum] = "9407d8252548ab97ace3276e0032f073820073c0599d43baff832902a8dab11c" - -inherit autotools lib_package pkgconfig - -EXTRA_OECONF += "--disable-static --with-gnutls=${STAGING_LIBDIR}/../" - -PACKAGECONFIG ?= "curl" -PACKAGECONFIG_append_class-target = "\ - ${@bb.utils.contains('DISTRO_FEATURES', 'largefile', 'largefile', '', d)} \ -" -PACKAGECONFIG[largefile] = "--enable-largefile,--disable-largefile,," -PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl," - -do_compile_append() { - sed -i s:-L${STAGING_LIBDIR}::g libmicrohttpd.pc -} diff --git a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bbappend b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bbappend deleted file mode 100644 index c26b811..0000000 --- a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bbappend +++ /dev/null @@ -1,5 +0,0 @@ - -FILESEXTRAPATHS_append := ":${THISDIR}/${PN}" -SRC_URI += " file://allows-upgrade.patch" - - diff --git a/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb b/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb deleted file mode 100644 index 4509711..0000000 --- a/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb +++ /dev/null @@ -1,32 +0,0 @@ -inherit autotools - -SUMMARY = "Library providing support for handling zip files" -DESCRIPTION = "\ - This library is wrapping zlib and allows \ - to easily create, browse, inflate of deflate \ - the zip files. \ - It also provides tools for zip comparing, merging or browsing.\ -" - -HOMEPAGE = "http://nih.at/libzip/index.html" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=23ebf7ca347ed9703b4ef40824d0ef66" - -SRC_URI = "http://nih.at/libzip/libzip-1.1.1.tar.xz;md5sum=0c86a1a94fbc3ec6724801036726ae1f" - -#SRC_URI = "hg://hg.nih.at/libzip;module=libzip;protocol=http" -#SRCREV = "5895e34af7f9" -#S = "${HGDIR}" - -SECTION = "base" - -DEPENDS = "zlib" - -RDEPENDS_${PN} = "zlib" - -PROVIDES += "${PN}-tools" -RDEPENDS_${PN}-tools = "${PN}" -FILES_${PN}-tools = "${bindir}/zipcmp ${bindir}/zipmerge ${bindir}/ziptool" - -BBCLASSEXTEND = "native nativesdk" - diff --git a/meta-app-framework/recipes-support/xmlsec1/xmlsec1/Only-require-libxslt-in-.pc-files-when-necessary.patch b/meta-app-framework/recipes-support/xmlsec1/xmlsec1/Only-require-libxslt-in-.pc-files-when-necessary.patch deleted file mode 100644 index c92df77..0000000 --- a/meta-app-framework/recipes-support/xmlsec1/xmlsec1/Only-require-libxslt-in-.pc-files-when-necessary.patch +++ /dev/null @@ -1,115 +0,0 @@ -From 1e39acf581ef47876b058da41774cbc92560d797 Mon Sep 17 00:00:00 2001 -From: Manuel Bachmann <manuel.bachmann@iot.bzh> -Date: Wed, 27 Jan 2016 14:16:40 +0100 -Subject: [PATCH] Only require libxslt in .pc files when necessary - -If we build xmlsec without libxslt ("--without-libxslt" at -configure time), dependent packages will still require it -because it is unconditionally mentioned in .pc files (used -by pkg-config). - -We now make sure that this dependency is mentioned only if -the configure script validates libxslt presence. - -Signed-off-by: Manuel Bachmann <manuel.bachmann@iot.bzh> ---- - configure.in | 4 ++++ - xmlsec-gcrypt.pc.in | 2 +- - xmlsec-gnutls.pc.in | 2 +- - xmlsec-nss.pc.in | 2 +- - xmlsec-openssl.pc.in | 2 +- - xmlsec.pc.in | 2 +- - 6 files changed, 9 insertions(+), 5 deletions(-) - -diff --git a/configure.in b/configure.in -index 7d976d0..a8350a9 100644 ---- a/configure.in -+++ b/configure.in -@@ -255,6 +255,7 @@ dnl ========================================================================== - dnl find libxslt - dnl ========================================================================== - XMLSEC_NO_LIBXSLT="1" -+LIBXSLT_COND="libxslt >=" - LIBXSLT_MIN_VERSION=1.0.20 - LIBXSLT_CONFIG="xslt-config" - LIBXSLT_CFLAGS="" -@@ -324,6 +325,8 @@ fi - if test "z$LIBXSLT_FOUND" = "zyes" ; then - XMLSEC_NO_LIBXSLT="0" - else -+ LIBXSLT_COND="" -+ LIBXSLT_MIN_VERSION="" - XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_XSLT=1" - fi - -@@ -332,6 +335,7 @@ AC_SUBST(LIBXSLT_CFLAGS) - AC_SUBST(LIBXSLT_LIBS) - AC_SUBST(LIBXSLT_CONFIG) - AC_SUBST(LIBXSLT_MIN_VERSION) -+AC_SUBST(LIBXSLT_COND) - - dnl ========================================================================== - dnl See if we can find a crypto library -diff --git a/xmlsec-gcrypt.pc.in b/xmlsec-gcrypt.pc.in -index 1c00496..33bc2ff 100644 ---- a/xmlsec-gcrypt.pc.in -+++ b/xmlsec-gcrypt.pc.in -@@ -6,6 +6,6 @@ includedir=@includedir@ - Name: xmlsec1-gcrypt - Version: @VERSION@ - Description: XML Security Library implements XML Signature and XML Encryption standards --Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ -+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@ - Cflags: -DXMLSEC_CRYPTO=\"gcrypt\" @XMLSEC_GCRYPT_CFLAGS@ - Libs: @XMLSEC_GCRYPT_LIBS@ -diff --git a/xmlsec-gnutls.pc.in b/xmlsec-gnutls.pc.in -index e538cd4..d01cf82 100644 ---- a/xmlsec-gnutls.pc.in -+++ b/xmlsec-gnutls.pc.in -@@ -6,6 +6,6 @@ includedir=@includedir@ - Name: xmlsec1-gnutls - Version: @VERSION@ - Description: XML Security Library implements XML Signature and XML Encryption standards --Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ -+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@ - Cflags: -DXMLSEC_CRYPTO=\"gnutls\" @XMLSEC_GNUTLS_CFLAGS@ - Libs: @XMLSEC_GNUTLS_LIBS@ -diff --git a/xmlsec-nss.pc.in b/xmlsec-nss.pc.in -index a6d6c5c..75f0232 100644 ---- a/xmlsec-nss.pc.in -+++ b/xmlsec-nss.pc.in -@@ -6,6 +6,6 @@ includedir=@includedir@ - Name: xmlsec1-nss - Version: @VERSION@ - Description: XML Security Library implements XML Signature and XML Encryption standards --Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ @NSPR_PACKAGE@ >= @MOZILLA_MIN_VERSION@ @NSS_PACKAGE@ >= @MOZILLA_MIN_VERSION@ -+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@ @NSPR_PACKAGE@ >= @MOZILLA_MIN_VERSION@ @NSS_PACKAGE@ >= @MOZILLA_MIN_VERSION@ - Cflags: -DXMLSEC_CRYPTO=\"nss\" -DXMLSEC_CRYPTO_NSS=1 @XMLSEC_CORE_CFLAGS@ - Libs: -L${libdir} -lxmlsec1-nss @XMLSEC_CORE_LIBS@ -diff --git a/xmlsec-openssl.pc.in b/xmlsec-openssl.pc.in -index 85ee2b0..e9d0651 100644 ---- a/xmlsec-openssl.pc.in -+++ b/xmlsec-openssl.pc.in -@@ -6,6 +6,6 @@ includedir=@includedir@ - Name: xmlsec1-openssl - Version: @VERSION@ - Description: XML Security Library implements XML Signature and XML Encryption standards --Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ -+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@ - Cflags: -DXMLSEC_CRYPTO=\"openssl\" @XMLSEC_OPENSSL_CFLAGS@ - Libs: @XMLSEC_OPENSSL_LIBS@ -diff --git a/xmlsec.pc.in b/xmlsec.pc.in -index a750ab8..14ea670 100644 ---- a/xmlsec.pc.in -+++ b/xmlsec.pc.in -@@ -6,6 +6,6 @@ includedir=@includedir@ - Name: xmlsec1 - Version: @VERSION@ - Description: XML Security Library implements XML Signature and XML Encryption standards --Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ -+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@ - Cflags: -DXMLSEC_CRYPTO=\"@XMLSEC_CRYPTO@\" -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1 @XMLSEC_CORE_CFLAGS@ - Libs: -L${libdir} @XMLSEC_CORE_LIBS@ --- -2.6.2 - diff --git a/meta-app-framework/recipes-support/xmlsec1/xmlsec1_1.%.bbappend b/meta-app-framework/recipes-support/xmlsec1/xmlsec1_1.%.bbappend deleted file mode 100644 index 8f1972f..0000000 --- a/meta-app-framework/recipes-support/xmlsec1/xmlsec1_1.%.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -FILESEXTRAPATHS_append := ":${THISDIR}/${PN}" -SRC_URI += "file://Only-require-libxslt-in-.pc-files-when-necessary.patch" - -DEPENDS += "libxml2" - -BBCLASSEXTEND = "native nativesdk" diff --git a/templates/feature/agl-appfw-smack/50_bblayers.conf.inc b/templates/feature/agl-appfw-smack/50_bblayers.conf.inc deleted file mode 100644 index db6858f..0000000 --- a/templates/feature/agl-appfw-smack/50_bblayers.conf.inc +++ /dev/null @@ -1,6 +0,0 @@ -BBLAYERS =+ " \ - ${METADIR}/meta-intel-iot-security/meta-security-smack \ - ${METADIR}/meta-intel-iot-security/meta-security-framework \ - ${METADIR}/meta-agl-extra/meta-app-framework \ - " - diff --git a/templates/feature/agl-appfw-smack/50_local.conf.inc b/templates/feature/agl-appfw-smack/50_local.conf.inc deleted file mode 100644 index add62a3..0000000 --- a/templates/feature/agl-appfw-smack/50_local.conf.inc +++ /dev/null @@ -1,2 +0,0 @@ -#see meta-agl-extra/meta-app-framework/conf/include/agl-appfw-smack.inc -require conf/include/agl-appfw-smack.inc |