diff options
28 files changed, 193 insertions, 49 deletions
diff --git a/.gitreview b/.gitreview index 8b5a8f7de..9e6f9aef4 100644 --- a/.gitreview +++ b/.gitreview @@ -2,3 +2,4 @@ host=gerrit.automotivelinux.org port=29418 project=AGL/meta-agl +defaultbranch=master diff --git a/meta-agl-bsp/conf/include/agl_ulcb-nogfx.inc b/meta-agl-bsp/conf/include/agl_ulcb-nogfx.inc index 8d97996f9..380011896 100644 --- a/meta-agl-bsp/conf/include/agl_ulcb-nogfx.inc +++ b/meta-agl-bsp/conf/include/agl_ulcb-nogfx.inc @@ -1,7 +1,7 @@ DISTRO_FEATURES_append = " sota" OSTREE_KERNEL = "Image" -IMAGE_BOOT_FILES_sota = "renesas-ota-bootfiles/* Image-${DTB_SUFFIX}.dtb" +IMAGE_BOOT_FILES_sota = "renesas-ota-bootfiles/* ${DTB_SUFFIX}.dtb" OSTREE_BOOTLOADER ?= "u-boot" WKS_FILE = "singlepart-noloader.wks" diff --git a/meta-agl-bsp/meta-rcar-gen3-adas/recipes-bsp/si-tools/si-tools.bbappend b/meta-agl-bsp/meta-rcar-gen3-adas/recipes-bsp/si-tools/si-tools.bbappend index 7a4593144..98c66737b 100644 --- a/meta-agl-bsp/meta-rcar-gen3-adas/recipes-bsp/si-tools/si-tools.bbappend +++ b/meta-agl-bsp/meta-rcar-gen3-adas/recipes-bsp/si-tools/si-tools.bbappend @@ -6,3 +6,23 @@ SRC_URI += " \ EXTRA_OEMAKE_append = " 'LDFLAGS=${LDFLAGS}'" +do_install() { + install -d ${D}${bindir} + install -d ${D}${nonarch_base_libdir}/firmware/radio/ + + install -m 755 si_ctl ${D}${bindir} + install -m 755 si_flash ${D}${bindir} + for file in ${SCRIPTS}; do + install -m 755 ${S}/scripts/$file ${D}${bindir} + sed -e 's,^\(SI_ARGS\s*=\s*\).*,\1"/dev/i2c-12 0x65",' -i ${D}${bindir}/$file + done + + for file in ${FIRMWARE}; do + install -m 644 ${S}/firmware/$file ${D}${nonarch_base_libdir}/firmware/radio/ + done +} + +FILES_${PN} = " \ + ${bindir} \ + ${nonarch_base_libdir}/firmware/radio \ +" diff --git a/meta-agl-bsp/meta-rcar-gen3-adas/recipes-bsp/ti-bt-firmware/ti-bt-firmware_git.bbappend b/meta-agl-bsp/meta-rcar-gen3-adas/recipes-bsp/ti-bt-firmware/ti-bt-firmware_git.bbappend new file mode 100644 index 000000000..e29e54e44 --- /dev/null +++ b/meta-agl-bsp/meta-rcar-gen3-adas/recipes-bsp/ti-bt-firmware/ti-bt-firmware_git.bbappend @@ -0,0 +1,6 @@ +do_install() { + install -d ${D}${nonarch_base_libdir}/firmware/ti-connectivity/ + cp *.bts ${D}${nonarch_base_libdir}/firmware/ti-connectivity/ +} + +FILES_${PN} = "${nonarch_base_libdir}/firmware/ti-connectivity/*" diff --git a/meta-agl-bsp/meta-rcar-gen3/recipes-bsp/bootfiles/files/uEnv-ota-h3ulcb.txt b/meta-agl-bsp/meta-rcar-gen3/recipes-bsp/bootfiles/files/uEnv-ota-h3ulcb.txt index ff86b4e8f..a08cc7d9c 100644 --- a/meta-agl-bsp/meta-rcar-gen3/recipes-bsp/bootfiles/files/uEnv-ota-h3ulcb.txt +++ b/meta-agl-bsp/meta-rcar-gen3/recipes-bsp/bootfiles/files/uEnv-ota-h3ulcb.txt @@ -12,7 +12,7 @@ rootmmc=0:2 booteload_sd=ext4load mmc ${rootmmc} ${bootkaddr} boot/loader/uEnv.txt; env import -t ${bootkaddr} ${filesize} bootkload_sd=ext4load mmc ${rootmmc} ${bootkaddr} boot/${kernel_image} bootiload_sd=ext4load mmc ${rootmmc} ${bootiaddr} boot/${ramdisk_image}; setenv ramdisk_size ${filesize} -bootdload_sd=fatload mmc ${bootmmc} ${bootdaddr} Image-r8a7795-h3ulcb.dtb +bootdload_sd=fatload mmc ${bootmmc} ${bootdaddr} r8a7795-h3ulcb.dtb bootcmd=run booteload_sd; setenv bootargs ${bootargs} ${bootargs_console} ${bootargs_root} ${bootargs_extra}; run bootkload_sd; run bootiload_sd; run bootdload_sd; booti ${bootkaddr} ${bootiaddr}:${ramdisk_size} ${bootdaddr} diff --git a/meta-agl-bsp/meta-rcar-gen3/recipes-bsp/bootfiles/files/uEnv-ota-m3ulcb.txt b/meta-agl-bsp/meta-rcar-gen3/recipes-bsp/bootfiles/files/uEnv-ota-m3ulcb.txt index 64f83330c..979014a28 100644 --- a/meta-agl-bsp/meta-rcar-gen3/recipes-bsp/bootfiles/files/uEnv-ota-m3ulcb.txt +++ b/meta-agl-bsp/meta-rcar-gen3/recipes-bsp/bootfiles/files/uEnv-ota-m3ulcb.txt @@ -12,7 +12,7 @@ rootmmc=0:2 booteload_sd=ext4load mmc ${rootmmc} ${bootkaddr} boot/loader/uEnv.txt; env import -t ${bootkaddr} ${filesize} bootkload_sd=ext4load mmc ${rootmmc} ${bootkaddr} boot/${kernel_image} bootiload_sd=ext4load mmc ${rootmmc} ${bootiaddr} boot/${ramdisk_image}; setenv ramdisk_size ${filesize} -bootdload_sd=fatload mmc ${bootmmc} ${bootdaddr} Image-r8a7796-m3ulcb.dtb +bootdload_sd=fatload mmc ${bootmmc} ${bootdaddr} r8a7796-m3ulcb.dtb bootcmd=run booteload_sd; setenv bootargs ${bootargs} ${bootargs_console} ${bootargs_root} ${bootargs_extra}; run bootkload_sd; run bootiload_sd; run bootdload_sd; booti ${bootkaddr} ${bootiaddr}:${ramdisk_size} ${bootdaddr} diff --git a/meta-agl-distro/conf/distro/poky-agl.conf b/meta-agl-distro/conf/distro/poky-agl.conf index 8ea3ea23b..63a421645 100644 --- a/meta-agl-distro/conf/distro/poky-agl.conf +++ b/meta-agl-distro/conf/distro/poky-agl.conf @@ -8,7 +8,7 @@ DISTRO_NAME = "Automotive Grade Linux" # Release flags DISTRO_CODENAME = "icefish" AGL_BRANCH = "master" -AGLVERSION = "8.99.4" +AGLVERSION = "8.99.5" # switch devel/release AGLRELEASETYPE ?= "agldevelopment" #AGLRELEASETYPE ?= "aglrelease" diff --git a/meta-agl-profile-core/recipes-core/packagegroups/packagegroup-core-tools-profile.bbappend b/meta-agl-profile-core/recipes-core/packagegroups/packagegroup-core-tools-profile.bbappend new file mode 100644 index 000000000..301a1d573 --- /dev/null +++ b/meta-agl-profile-core/recipes-core/packagegroups/packagegroup-core-tools-profile.bbappend @@ -0,0 +1 @@ +RDEPENDS_${PN}_remove_sota = "systemtap" diff --git a/meta-agl-profile-core/recipes-core/systemd/systemd/canbus-can.network b/meta-agl-profile-core/recipes-core/systemd/systemd/canbus-can.network index 9768c4bf9..ae5514bca 100644 --- a/meta-agl-profile-core/recipes-core/systemd/systemd/canbus-can.network +++ b/meta-agl-profile-core/recipes-core/systemd/systemd/canbus-can.network @@ -3,3 +3,4 @@ Name=can* [CAN] BitRate=500K +RestartSec=0.1 diff --git a/meta-agl-profile-core/recipes-devtools/libafb-helpers/libafb-helpers_git.inc b/meta-agl-profile-core/recipes-devtools/libafb-helpers/libafb-helpers_git.inc index 003a6ed91..6753225b4 100644 --- a/meta-agl-profile-core/recipes-devtools/libafb-helpers/libafb-helpers_git.inc +++ b/meta-agl-profile-core/recipes-devtools/libafb-helpers/libafb-helpers_git.inc @@ -5,7 +5,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" SRC_URI = "git://gerrit.automotivelinux.org/gerrit/src/libafb-helpers;protocol=https;branch=${AGL_BRANCH}" -SRCREV = "5b9cce9fd0a1da9aeaaba8465f9a2780282a2247" +SRCREV = "1d1c6cef6039effd4c045a76d30414b589336d0e" PV = "${AGLVERSION}" S = "${WORKDIR}/git" diff --git a/meta-agl-profile-core/recipes-devtools/libappcontroller/libappcontroller_git.bb b/meta-agl-profile-core/recipes-devtools/libappcontroller/libappcontroller_git.bb index 362348e67..0ee9c5e84 100644 --- a/meta-agl-profile-core/recipes-devtools/libappcontroller/libappcontroller_git.bb +++ b/meta-agl-profile-core/recipes-devtools/libappcontroller/libappcontroller_git.bb @@ -5,7 +5,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" SRC_URI = "git://gerrit.automotivelinux.org/gerrit/src/libappcontroller;protocol=https;branch=${AGL_BRANCH}" -SRCREV = "b39c6883f7d7d58d60178441c8d408118788418b" +SRCREV = "1bef31c8bbad27f4914484c5007b2e199fb073d4" PV = "${AGLVERSION}" S = "${WORKDIR}/git" diff --git a/meta-agl-profile-core/recipes-devtools/packagegroups/packagegroup-agl-core-devel.bb b/meta-agl-profile-core/recipes-devtools/packagegroups/packagegroup-agl-core-devel.bb index 09f652036..97ce254f5 100644 --- a/meta-agl-profile-core/recipes-devtools/packagegroups/packagegroup-agl-core-devel.bb +++ b/meta-agl-profile-core/recipes-devtools/packagegroups/packagegroup-agl-core-devel.bb @@ -15,7 +15,6 @@ RDEPENDS_${PN} = "\ perf \ htop \ powertop \ - systemtap \ screen \ usbutils \ rsync \ @@ -25,4 +24,5 @@ RDEPENDS_${PN} = "\ jq \ libxslt-bin \ agl-service-network-tools \ + gcc-sanitizers \ " diff --git a/meta-agl-profile-core/recipes-test/afb-test/afb-test_git.bb b/meta-agl-profile-core/recipes-test/afb-test/afb-test_git.bb index 238e7ff4e..fc1874aa3 100644 --- a/meta-agl-profile-core/recipes-test/afb-test/afb-test_git.bb +++ b/meta-agl-profile-core/recipes-test/afb-test/afb-test_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Apache-2.0;md5=89aea4e17d99a7ca SECTION = "apps" SRC_URI = "git://gerrit.automotivelinux.org/gerrit/apps/app-afb-test;protocol=https;branch=${AGL_BRANCH}" -SRCREV = "5c3503e35c1b883e97ed6874f7683d0a7b5938b7" +SRCREV = "4d0948a2eeb60522b773d058f63418fd640d78c5" DEPENDS += "lua libafb-helpers libappcontroller" RDEPENDS_${PN} += "lua bash jq" diff --git a/meta-agl-profile-graphical/recipes-apis/agl-service-homescreen/agl-service-homescreen_git.bb b/meta-agl-profile-graphical/recipes-apis/agl-service-homescreen/agl-service-homescreen_git.bb index 6b250f839..0722f1b1c 100644 --- a/meta-agl-profile-graphical/recipes-apis/agl-service-homescreen/agl-service-homescreen_git.bb +++ b/meta-agl-profile-graphical/recipes-apis/agl-service-homescreen/agl-service-homescreen_git.bb @@ -10,5 +10,5 @@ DEPENDS = "dbus glib-2.0 af-binder json-c" inherit cmake aglwgt SRC_URI = "git://gerrit.automotivelinux.org/gerrit/apps/agl-service-homescreen;protocol=https;branch=${AGL_BRANCH}" -SRCREV = "6c3015a7607c45313fa10792b9914864f8c25831" +SRCREV = "b9969c45e5a2f01e672270fab1348c81b7ff3288" S = "${WORKDIR}/git" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/agl-compositor_git.bb b/meta-agl-profile-graphical/recipes-graphics/wayland/agl-compositor_git.bb index f42b2882b..5f37877b3 100644 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/agl-compositor_git.bb +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/agl-compositor_git.bb @@ -11,11 +11,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fac6abe0003c4d142ff8fa1f18316df0" DEPENDS = "wayland wayland-protocols wayland-native weston" SRC_URI = "git://gerrit.automotivelinux.org/gerrit/src/agl-compositor.git;protocol=https;branch=${AGL_BRANCH}" -SRCREV = "aa4ba5d283d641da25722af7a966c31d61a9686b" +SRCREV = "357c5a034a89dc227d671e63e8c10c4c62f9201e" PV = "0.0.10+git${SRCPV}" S = "${WORKDIR}/git" inherit meson pkgconfig python3native -FILES_${PN} = "${bindir}/agl-compositor" +FILES_${PN} = "${bindir}/agl-compositor ${datadir}/${PN}/protocols/agl-shell.xml" diff --git a/meta-app-framework/classes/aglwgt.bbclass b/meta-app-framework/classes/aglwgt.bbclass index 717bd7b90..d0f8055ae 100644 --- a/meta-app-framework/classes/aglwgt.bbclass +++ b/meta-app-framework/classes/aglwgt.bbclass @@ -27,26 +27,43 @@ EXTRA_OECMAKE_append_agl-ptest = " -DBUILD_TEST_WGT=TRUE" OECMAKE_GENERATOR = "Unix Makefiles" do_aglwgt_package() { - cd ${B} - ${S}/autobuild/agl/autobuild package BUILD_DIR=${B} DEST=${B} VERBOSE=TRUE || \ - ( ${S}/conf.d/autobuild/agl/autobuild package BUILD_DIR=${B} DEST=${B}/package VERBOSE=TRUE && \ - ( bbwarn "OBSOLETE: Your autobuild script should be located in :" ; \ - bbwarn "autobuild/agl/ from the project root source folder"; \ - bbwarn "and generate a .wgt file using wgtpack in the build"; \ - bbwarn "root folder calling:" ; \ - bbwarn "./autobuild/agl/autobuild package DEST=<BUILDDIR>" ; \ - bbwarn "See: https://wiki.automotivelinux.org/troubleshooting/app-recipes" \ - ) - ) || - ( bbwarn "OBSOLETE: You must have an autobuild script located in:" ; \ - bbwarn "autobuild/agl/ from the project root source folder"; \ - bbwarn "with filename autobuild which should generate"; \ - bbwarn "a .wgt file using wgtpack in the build"; \ - bbwarn "root folder calling:" ; \ - bbwarn "./autobuild/agl/autobuild package DEST=<BUILDDIR>" ; \ - bbwarn "Fix your package as it will not work within the SDK" ; \ - bbwarn "See: https://wiki.automotivelinux.org/troubleshooting/app-recipes"; \ - make package) + + mkdir -p ${S}/build-test + mkdir -p ${S}/build-debug + mkdir -p ${S}/build-coverage + + cd ${B} + ${S}/autobuild/agl/autobuild package BUILD_DIR=${B} DEST=${S}/widgets VERBOSE=TRUE || \ + ( ${S}/conf.d/autobuild/agl/autobuild package BUILD_DIR=${B} DEST=${B}/package VERBOSE=TRUE && \ + ( bbwarn "OBSOLETE: Your autobuild script should be located in :" ; \ + bbwarn "autobuild/agl/ from the project root source folder"; \ + bbwarn "and generate a .wgt file using wgtpack in the build"; \ + bbwarn "root folder calling:" ; \ + bbwarn "./autobuild/agl/autobuild package DEST=<BUILDDIR>" ; \ + bbwarn "See: https://wiki.automotivelinux.org/troubleshooting/app-recipes" \ + ) + ) || + ( bbwarn "OBSOLETE: You must have an autobuild script located in:" ; \ + bbwarn "autobuild/agl/ from the project root source folder"; \ + bbwarn "with filename autobuild which should generate"; \ + bbwarn "a .wgt file using wgtpack in the build"; \ + bbwarn "root folder calling:" ; \ + bbwarn "./autobuild/agl/autobuild package DEST=<BUILDDIR>" ; \ + bbwarn "Fix your package as it will not work within the SDK" ; \ + bbwarn "See: https://wiki.automotivelinux.org/troubleshooting/app-recipes"; \ + make package) + + cd ${S}/build-test + ${S}/autobuild/agl/autobuild package-test BUILD_DIR=${S}/build-test DEST=${S}/widgets VERBOSE=TRUE || \ + ( bbwarn "Target: package-test failed") + + cd ${S}/build-debug + ${S}/autobuild/agl/autobuild package-debug BUILD_DIR=${S}/build-debug DEST=${S}/widgets VERBOSE=TRUE || \ + ( bbwarn "Target: package-debug failed") + + cd ${S}/build-coverage + ${S}/autobuild/agl/autobuild package-coverage BUILD_DIR=${S}/build-coverage DEST=${S}/widgets VERBOSE=TRUE || \ + ( bbwarn "Target: package-coverage failed") } python () { @@ -61,21 +78,39 @@ EXTRA_WGT_POSTINSTALL ?= "" do_aglwgt_deploy() { TEST_WGT="*-test.wgt" + DEBUG_WGT="*-debug.wgt" + COVERAGE_WGT="*-coverage.wgt" if [ "${AGLWGT_AUTOINSTALL_${PN}}" = "0" ] - then - install -d ${D}/usr/AGL/apps/manualinstall - install -m 0644 ${B}/*.wgt ${D}/usr/AGL/apps/manualinstall || \ - install -m 0644 ${B}/package/*.wgt ${D}/usr/AGL/apps/manualinstall - else - install -d ${D}/usr/AGL/apps/autoinstall - install -m 0644 ${B}/*.wgt ${D}/usr/AGL/apps/autoinstall || \ - install -m 0644 ${B}/package/*.wgt ${D}/usr/AGL/apps/autoinstall - - if [ "$(find ${D}/usr/AGL/apps/autoinstall -name ${TEST_WGT})" ] - then - install -d ${D}/usr/AGL/apps/testwgt - mv ${D}/usr/AGL/apps/autoinstall/*-test.wgt ${D}/usr/AGL/apps/testwgt - fi + then + install -d ${D}/usr/AGL/apps/manualinstall + install -m 0644 ${B}/*.wgt ${D}/usr/AGL/apps/manualinstall || \ + install -m 0644 ${B}/package/*.wgt ${D}/usr/AGL/apps/manualinstall + else + install -d ${D}/usr/AGL/apps/autoinstall + install -m 0644 ${B}/*.wgt ${D}/usr/AGL/apps/autoinstall || \ + install -m 0644 ${B}/package/*.wgt ${D}/usr/AGL/apps/autoinstall + + install -m 0644 ${S}/widgets/*.wgt ${D}/usr/AGL/apps/autoinstall || \ + ( bbwarn "no package found in widget directory") + + if [ "$(find ${D}/usr/AGL/apps/autoinstall -name ${TEST_WGT})" ] + then + install -d ${D}/usr/AGL/apps/testwgt + mv ${D}/usr/AGL/apps/autoinstall/*-test.wgt ${D}/usr/AGL/apps/testwgt + fi + + if [ "$(find ${D}/usr/AGL/apps/autoinstall -name ${DEBUG_WGT})" ] + then + install -d ${D}/usr/AGL/apps/debugwgt + mv ${D}/usr/AGL/apps/autoinstall/*-debug.wgt ${D}/usr/AGL/apps/debugwgt + fi + + if [ "$(find ${D}/usr/AGL/apps/autoinstall -name ${COVERAGE_WGT})" ] + then + install -d ${D}/usr/AGL/apps/coveragewgt + mv ${D}/usr/AGL/apps/autoinstall/*-coverage.wgt ${D}/usr/AGL/apps/coveragewgt + fi + fi APP_FILES="" @@ -97,6 +132,8 @@ EOF FILES_${PN} += "/usr/AGL/apps/autoinstall/*.wgt \ /usr/AGL/apps/manualinstall/*.wgt \ /usr/AGL/apps/testwgt/*.wgt \ + /usr/AGL/apps/debugwgt/*.wgt \ + /usr/AGL/apps/coveragewgt/*.wgt \ ${sysconfdir}/agl-postinsts/${POST_INSTALL_SCRIPT} \ " diff --git a/meta-app-framework/recipes-core/af-main/af-main_git.bb b/meta-app-framework/recipes-core/af-main/af-main_git.bb index 6e44c4959..66b93db5d 100644 --- a/meta-app-framework/recipes-core/af-main/af-main_git.bb +++ b/meta-app-framework/recipes-core/af-main/af-main_git.bb @@ -85,7 +85,9 @@ do_install_append_class-target() { ln -sf ../afm-system-daemon.service ${D}${systemd_system_unitdir}/multi-user.target.wants/afm-system-daemon.service ln -sf ../afm-system-daemon.socket ${D}${systemd_system_unitdir}/sockets.target.wants/afm-system-daemon.socket fi - echo "QT_WAYLAND_SHELL_INTEGRATION=ivi-shell" > ${D}${afm_confdir}/unit.env.d/qt-for-ivi-shell + + DEFAULT_WM_SHELL="${@bb.utils.contains('DISTRO_FEATURES', 'agl-compositor', 'xdg-shell-v6', 'ivi-shell', d)}" + echo "QT_WAYLAND_SHELL_INTEGRATION=${DEFAULT_WM_SHELL}" > ${D}${afm_confdir}/unit.env.d/qt-shell } pkg_postinst_ontarget_${PN}() { diff --git a/meta-app-framework/recipes-core/af-main/af-main_git.inc b/meta-app-framework/recipes-core/af-main/af-main_git.inc index f61081555..b1cf7eb48 100644 --- a/meta-app-framework/recipes-core/af-main/af-main_git.inc +++ b/meta-app-framework/recipes-core/af-main/af-main_git.inc @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=3b83ef96387f14655fc854ddc3c6bd57" SRC_URI = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-main;protocol=https;branch=${AGL_BRANCH}" -SRCREV = "c98333b595beb7858a4d3c17cd405dde2f79ce2e" +SRCREV = "ab26673e4cef62736c15d5d7da02597d8382c65b" PV = "${AGL_BRANCH}+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/meta-security/recipes-kernel/linux/linux/smack.cfg b/meta-security/recipes-kernel/linux/linux/smack.cfg index 62f465a45..45a92f148 100644 --- a/meta-security/recipes-kernel/linux/linux/smack.cfg +++ b/meta-security/recipes-kernel/linux/linux/smack.cfg @@ -5,4 +5,5 @@ CONFIG_EXT3_FS_SECURITY=y CONFIG_EXT4_FS_SECURITY=y CONFIG_SECURITY=y CONFIG_SECURITY_SMACK=y +CONFIG_SECURITY_SMACK_APPEND_SIGNALS=y CONFIG_TMPFS_XATTR=y diff --git a/meta-security/recipes-security/cynagora/cynagora_2.0.bb b/meta-security/recipes-security/cynagora/cynagora_2.0.bb index 1f7160080..b34cb7d71 100644 --- a/meta-security/recipes-security/cynagora/cynagora_2.0.bb +++ b/meta-security/recipes-security/cynagora/cynagora_2.0.bb @@ -3,7 +3,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://Apache-2.0;md5=3b83ef96387f14655fc854ddc3c6bd57" SRC_URI = "git://gerrit.automotivelinux.org/gerrit/src/cynagora;protocol=https;branch=${AGL_BRANCH}" -SRCREV = "c29761cd1628960ee2b11a469763479ac5ef1dfa" +SRCREV = "218dad2eddcbedaede44753e64ea7c30b73b00aa" PV = "2.0+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/meta-security/recipes-security/security-manager/security-manager/0015-Restrict-socket-accesses.patch b/meta-security/recipes-security/security-manager/security-manager/0015-Restrict-socket-accesses.patch new file mode 100644 index 000000000..d9949193b --- /dev/null +++ b/meta-security/recipes-security/security-manager/security-manager/0015-Restrict-socket-accesses.patch @@ -0,0 +1,34 @@ +From 7cffcd61378a9d7c0e7db5691b2da3a37448c969 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> +Date: Thu, 30 Jan 2020 09:19:25 +0100 +Subject: [PATCH 15/15] Restrict socket accesses +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Ensure that only members of the group and the owner can access +the security manager. + +Bug-AGL: SPEC-3146 + +Change-Id: I68ce6523db4bfd4707c3680555c3cb0cf8858ef2 +Signed-off-by: José Bollo <jose.bollo@iot.bzh> +--- + systemd/security-manager.socket | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/systemd/security-manager.socket b/systemd/security-manager.socket +index af1c1da..b401f77 100644 +--- a/systemd/security-manager.socket ++++ b/systemd/security-manager.socket +@@ -1,6 +1,6 @@ + [Socket] + ListenStream=/run/security-manager.socket +-SocketMode=0777 ++SocketMode=0660 + SmackLabelIPIn=* + SmackLabelIPOut=@ + +-- +2.21.1 + diff --git a/meta-security/recipes-security/security-manager/security-manager_git.bb b/meta-security/recipes-security/security-manager/security-manager_git.bb index f438ea505..b34973519 100644 --- a/meta-security/recipes-security/security-manager/security-manager_git.bb +++ b/meta-security/recipes-security/security-manager/security-manager_git.bb @@ -20,6 +20,7 @@ SRC_URI += " \ file://0012-Avoid-casting-from-const-T-to-void.patch \ file://0013-Removing-tizen-platform-config.patch \ file://0014-Ensure-post-install-initialization-of-database.patch \ + file://0015-Restrict-socket-accesses.patch \ " # Use make with cmake and not ninja diff --git a/templates/feature/agl-archiver/.50_FEATURE.md.swp b/templates/feature/agl-archiver/.50_FEATURE.md.swp Binary files differdeleted file mode 100644 index b93845515..000000000 --- a/templates/feature/agl-archiver/.50_FEATURE.md.swp +++ /dev/null diff --git a/templates/feature/agl-archiver/50_local.conf.inc b/templates/feature/agl-archiver/50_local.conf.inc index 946c262df..6ff284cdb 100644 --- a/templates/feature/agl-archiver/50_local.conf.inc +++ b/templates/feature/agl-archiver/50_local.conf.inc @@ -1,2 +1,4 @@ INHERIT += "archiver" ARCHIVER_MODE[src] = "original" +COPYLEFT_LICENSE_INCLUDE = "*" +COPYLEFT_LICENSE_EXCLUDE += "CLOSED Proprietary Custom Firmware-* Freescale-* NXP-* TI TI-*" diff --git a/templates/feature/agl-compositor/50_local.conf.inc b/templates/feature/agl-compositor/50_local.conf.inc index be749b799..4bddfb6e9 100644 --- a/templates/feature/agl-compositor/50_local.conf.inc +++ b/templates/feature/agl-compositor/50_local.conf.inc @@ -1 +1,15 @@ DISTRO_FEATURES_append = " agl-compositor" + +# note that these are for testing only, should be removed once the changes +# land in their respective repositories + +# shell client +AGL_BRANCH_pn-homescreen = "sandbox/mvlad/agl-compositor" +DEPENDS_append_pn-homescreen = " wayland-native wayland qtwayland qtwayland-native" + +# normal apps +AGL_BRANCH_pn-launcher = "sandbox/mvlad/agl-compositor" +AGL_BRANCH_pn-hvac = "sandbox/mvlad/agl-compositor" +DEPENDS_append_pn-hvac = " libafb-helpers-qt" +AGL_BRANCH_pn-navigation-demo = "sandbox/mvlad/agl-compositor" +AGL_BRANCH_pn-mediaplayer = "sandbox/mvlad/agl-compositor" diff --git a/templates/feature/agl-sota/50_bblayers.conf.inc b/templates/feature/agl-sota/50_bblayers.conf.inc index 67c41d230..48655fdcb 100644 --- a/templates/feature/agl-sota/50_bblayers.conf.inc +++ b/templates/feature/agl-sota/50_bblayers.conf.inc @@ -1,6 +1,5 @@ BBLAYERS =+ " \ ${METADIR}/external/meta-updater \ - ${METADIR}/external/meta-updater-qemux86-64 \ ${METADIR}/external/meta-openembedded/meta-filesystems \ ${METADIR}/external/meta-openembedded/meta-python \ " diff --git a/templates/feature/agl-sota/50_local.conf.inc b/templates/feature/agl-sota/50_local.conf.inc index 509cf6125..477694aed 100644 --- a/templates/feature/agl-sota/50_local.conf.inc +++ b/templates/feature/agl-sota/50_local.conf.inc @@ -2,3 +2,4 @@ INHERIT += "sota" DISTRO_FEATURES_append = " sota usrmerge" DISTRO_FEATURES_NATIVE_append = " sota" +AGL_DEFAULT_INITRAMFS_FSTYPES = "cpio.gz" diff --git a/templates/feature/agl-sota/50_setup.sh b/templates/feature/agl-sota/50_setup.sh new file mode 100644 index 000000000..c5aeb532d --- /dev/null +++ b/templates/feature/agl-sota/50_setup.sh @@ -0,0 +1,24 @@ + +cat <<EOF >> ${BUILDDIR}/conf/bblayers.conf + +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # +# fragment { +# ${METADIR}/meta-agl/templates/feature/agl-sota/50_setup.sh +# +EOF + +case ${MACHINE} in + "qemux86-64") + echo "BBLAYERS =+ \"\${METADIR}/external/meta-updater-qemux86-64\"" >> ${BUILDDIR}/conf/bblayers.conf;; + *) + echo "#No extra SOTA feature layer for MACHINE ${MACHINE}" >> ${BUILDDIR}/conf/bblayers.conf;; +esac + + +cat <<EOF >> ${BUILDDIR}/conf/bblayers.conf + +# +# } +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # + +EOF |