summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2022-10-18agl-compositor_git.bb: Bump SRCREVMarius Vlad1-1/+1
This SRCREV bump update brings in a helpful way to designate a certain area such that the compositor would use it when activating applications, rather than using the entire output. When not having panels the background surface would cover the entire output, making it impossible to keep visible areas of the background surface and, in the same time, display another's application surface. While the solution would be use panels specifically designed to handle this case, that's not always possible. We circumvent that by having this area specified manually in this update, with a direct follow-up to have a request in the agl-shell protocol that specifies that area programmatically. Besides that change, a few more changes made it through, all of them being added from upstream and adapted from weston to the AGL compositor, mostly related to how we handle signals. In detail the following changes made it through since the last SRCREV bump update: - 924473ef016b Add manual activation area configuration option - 897449688a9c compositor: Use sigaction to trap SIGINT - e8761762fcd0 compositor: Add missing SIGCHLD handler - 315496ddbb9f compositor: Stop trapping SIGQUIT - f980c0d90329 shell: Rewrite client_exec as client_launch - edb6d397a4c6 process-util: Move Xwayland fork helpers to shared - 86146a4e7455 shared: add str_printf() - 1b93121761e1 shared: introduce os_fd_clear_cloexec() Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I23e0aba9f2b77cab4fe81754a8feaeebb7cea340 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28056 ci-image-build: Jenkins Job builder account Tested-by: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-10-08meta-app-framework: applaunchd: run under a separate userDenys Dmytriyenko5-3/+9
Since applaunchd needs to start/stop systemd units, the user is granted elevated systemd unit-management permissions via PolKit policy. If applaunchd and all the apps run under the same agl-driver user, all the apps have these elevated systemd permissions too. Separating them into different users allows removing elevated systemd unit-management permission from individual apps, but leaving such permission for applaunchd, which enhances overall security of the system. - add new applaunchd user and group - switch applaunchd (gRPC) service to be started under new user - since HTML5 apps haven't migrated to gRPC yet and still use D-Bus API, applaunchd-dbus gets activated by agl-session and runs under agl-driver - temporarily add agl-driver user into the applaunchd group and switch PolKit policy to check for applaunchd group, instead of the user - once D-Bus API is completely deprecated, agl-driver user can be removed from applaunchd group Bug-AGL: SPEC-4579 Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Change-Id: I75384177578bba6cb458a81df6a9dc1738c972e0 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28039 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-10-07Update bbe machine template for kirkstonePaul Barker1-1/+1
The meta-ti layer has now been split into two sub-layers so we need to update BBLAYERS. Signed-off-by: Paul Barker <paul.barker@sancloud.com> Change-Id: Iacb6940d55cb4c8dc60b3caae124cd2cd3295abe Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28042 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-10-07Revert "meta-agl-bsp: meta-sancloud: Revert problematic kernel commit"Paul Barker2-49/+0
This reverts commit a12a83ebdfcd4287264e50edf3b11a156f418ae9. The patch is no longer needed as the kernel version used by linux-bbe has been updated. Change-Id: I2ea6fd05b99018517fb2e1f3f03153dfd4ccd0e8 Signed-off-by: Paul Barker <paul.barker@sancloud.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28043 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-25weston-ini-conf.bb: Change from append to an inline editMarius Vlad1-2/+1
We don't really support section entries with the same name, so rather than appending a new key entry value under the same section, use sed to edit the configuration file in place. Fixes 6a8a33f99a66ae1 Bug-AGL: SPEC-4528 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I12b982dd7e6dd8d11e5fb373c8cba0b1e762c485 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28019 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-25Add openssh-sftp-server when agl-devel is onJan-Simon Moeller1-0/+1
For simplified development workflows on newer host distros add the sftp server. Bug-AGL: SPEC-4443 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I580e5d342fb6afb286b00d41b03c98a9b936160f Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28018 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Marius Vlad <marius.vlad@collabora.com>
2022-09-22virtualization/linux-yocto: Support linux-yocto-dev for VIRTIO.Vasyl Vavrychuk1-0/+10
Bug-AGL: SPEC-4453 Change-Id: Id4dd3c3543dedf15cf09956414f32face685e498 Signed-off-by: Vasyl Vavrychuk <vasyl.vavrychuk@opensynergy.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27881 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-22virtualization/linux-yocto: For kernel metadata use git repository instead ↵Vasyl Vavrychuk14-245/+11
of local files. This will allow using branches for supporting multiple kernel versions more easily. Note, that BSP description root file virtio-aarch64-standard.scc has to be kept local withing a recipe. This is needed to add this scc file explicitly to SRC_URI to have AGL VIRTIO patches applied during kernel recipe build. As explained in [1, 2], Yocto kernel metadata is commonly used for two purposes: 1. To construct Yocto kernel git by committing patches listed in scc files. 2. To configure Yocto kernel during Yocto build. When scc file is not explicitly added to SRC_URI, then patch commands will be ignored during Yocto build because it is assumed that patches are already pre-applied during Yocto kernel git tree construction. But, there is not AGL Linux kernel tree, only a repository for AGL kernel metadata (this one). So, patches from this metadata repository have to be applied during kernel recipe build. On the other hand, to ignore patches from YP kernel metadata (which are already pre-applied), standard.scc is included with `nopatch` keyword. [1]: https://www.yoctoproject.org/pipermail/yocto/2019-October/046986.html [2]: https://docs.yoctoproject.org/kernel-dev/maint-appx.html Bug-AGL: SPEC-4452 Change-Id: Idde8e507eb18fa26e6a5b84ab8443576badb58bf Signed-off-by: Vasyl Vavrychuk <vasyl.vavrychuk@opensynergy.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27878 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-22weston-ini-conf: Add weston-ini-config-no-activateMarius Vlad2-0/+17
This patch adds a way to tick dynamically activate-by-default to false, and provide a safe migration towards disabling by default activation entirely. We do this with just only the Qt toolkit and will proceed with WAM/chromium once that has support as well for this. Bug-AGL: SPEC-4528 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I3573ea92d3ea865db223bd01e58b9ec202cfa7ae Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27990 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-22agl-compositor_git.bb: Bump SRCREV to grab latest changesMarius Vlad1-1/+1
This SRCREV bump update for the AGL compositor includes two new protocol updates, one that adds two new events, specifically bound_ok, bound_fail which would allow clients to determine if they're in charge of managing panels and background surfaces. The other protocol update fixes an issue with activation by default of applications but also paves the way to move out bits from the agl-shell-desktop protocol to just the agl-shell protocol. Note that the shell client supporting the latest change of the protocol will need to add at least add stubs for the v2 of the protocol, even if v2 isn't required to be supported at all. Updates to version 3 of the protocol will be required once we'll switch out from activation by default from true to false and finally remove support from the compositor entirely and let the shell client be the one in charge for activation. Additionally, this bump includes a few fixes, most notable handling remote surface roles much better, including migration, in real time of applications from one output to another, making possible a back-and-forth movement of applications. In more detail the following changes have been included: - d08a5b2010f6e6 desktop: Do not attempt to send terminate event - 0512e7251611e7 protocol/agl-shell.xml: Add an app_state event -- app state notification - bb730ca304a5f6 layout: Handle dynamic application/surface movement between outputs - b92397ef12626a shell: Remove the black curtain installed on outputs - 372eb222b17bbc layout: Detect when an application should be migrated to other outputs - 39c91d5ccae3b6 desktop: Avoid sending the dimensions for the first output - a99d56dad0ad4a layout: State explicity the output - fc783c19e6f6b9 layout: Use view's mapping once we placed the view in the hidden layer - e1b15f95e834ac desktop: Install a black background for REMOTE roles - bb79d12c92fa6e desktop: Include REMOTE role in initial configuration - 3e72564852a6f3 agl-shell: Add bound_ok and bound_fail events and a default destructor Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I25c53e9d69270651cd40c7ee9ec3edce28f899a6 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27989 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-21meta-app-framework: applaunchd: update for gRPC additionScott Murray2-2/+21
Changes to facilitate building gRPC enabled versionm of applaunchd: - Bump SRCREV to pick up gRPC changes - Add required protobuf and gRPC dependencies to DEPENDS - Add new systemd unit for standalone gRPC API daemon Bug-AGL: SPEC-4559 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I21778f27b2eabd952e983b4571de05ad5d6c5af2 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27984 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-16Change master branch name to octopusJan-Simon Moeller1-5/+5
Long live the new codename 'Optimistic Octopus'. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I1f12f334a2082ffa813cb453aa976ef5f995732c Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27998 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-09-07meta-agl-bsp: arm-trusted-firmware: Change the way how ↵Vasyl Vavrychuk2-33/+3
RCAR_BL33_EXECUTION_EL is set to not conflict with other layers. Replace '0001-Boot-Normal-World-in-EL2.patch' which conflicts with: meta-agl-refhw/meta-agl-refhw-gen3/recipes-bsp/arm-trusted-firmware/files/0001-Boot-Normal-World-in-EL2.patch Bug-AGL: SPEC-4532 Change-Id: Ia0291030748e7c7c51c4a706df1994275dffcdf7 Signed-off-by: Vasyl Vavrychuk <vasyl.vavrychuk@opensynergy.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27938 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Scott Murray <scott.murray@konsulko.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-01weston_10.0_aglcore.inc: Update wl_output to version 4Marius Vlad2-1/+118
This allows clients to query the output name and description name as seen by the compositor. Previously this was only possible only with xdg_output_manager extension but a recent update to the core wayland protocol allows us to do just that. Patch is posted upstream https://gitlab.freedesktop.org/wayland/weston/-/merge_requests/987, but will take some time to get in, as we're in the process of a release. Bug-AGL: SPEC-4530 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I709b941a220e9906078944ee585435df7141d448 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27949 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-01recipes-graphics/wayland/weston: Add tile orientation statesMarius Vlad2-0/+170
This was recently integrated into libweston 11 pre-release, and should be removed once yocto updates its libweston version to at least 11. For the time being we'll rely on these to have split type of windows. Bug-AGL: SPEC-3906 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I7bc5caa6126d36d843d0f00cde56c020fa3f97dc Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27906 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-08-22qtbase: Add backported patches for OpenSSL 3 supportScott Murray3-0/+177
To make QSslSocket work when building with OpenSSL 3.x, add two backported patches pulled from the v5.15.3-lts-lgpl branch of the KDE repo: https://invent.kde.org/qt/qt/qtbase This appears to be the minimal fix for e.g. QtLocation's SSL usage. For more information on the KDE Qt5 patch collection, see: https://community.kde.org/Qt5PatchCollection Bug-AGL: SPEC-4395 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I0bc3fe7c0726aaea71a2c162db040e57ac92a9db Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27902 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-08-05[RCAR] Update kernel-module-vspm-if recipice nameRonan Le Martret1-3/+0
* The last update of RCAR BSP has change the recipes name of the recipes kernel-module-vspm-if. meta-agl must be updated too. Bug-AGL: SPEC-4517 Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh> Change-Id: I02f978c2ddca7e5a2d12e25145ea1cfad1be0a25 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27868 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-08-05Revert "meta-rcar-gen3: workaround recipe incompatibilities with YP 4.0.2"Ronan Le Martret5-213/+0
This reverts commit d60a670349027852e93d006114b82a82cff5f27a. Bug-AGL: SPEC-4517 Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh> Change-Id: I2c8cffa37a99cefa80510998aae1920231006090 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27867 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-08-05Prepare Nifty Needlefish Milestone 3Jan-Simon Moeller1-1/+1
Update the distro manifest. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I8899b1140ddc2e12a025c2ba537852420dd6aedd Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27864 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-08-04meta-app-framework: update Flutter app templateScott Murray1-1/+1
Update systemd template unit for Flutter based applications for the embedder binary rename (to flutter-auto) and a required rename of the application id command-line option (to --xdg-shell-app-id). Bug-AGL: SPEC-4485 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Icb03775f379929a852d3b270d52b3e88277aa3cc Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27862 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> ci-image-boot-test: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-08-04Add empty for append syntaxChanghyeok Bae3-6/+6
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Change-Id: I3a67f2dca0148be04d96e5261a4bef4030e93fbf Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27852 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-31Prepare Nifty Needlefish Milestone 2needlefish_13.92.0needlefish/13.92.013.92.0Jan-Simon Moeller1-1/+1
Update the distro configuration. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Id87aff77dff68ff0bdd8fdac067ad0e7a40a38db Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27849 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-07-29Fix a dependency issue when building the SDKJan-Simon Moeller1-0/+4
When using -c populate_sdk, then the -dev packages are installed. There is a hard dependency of the -dev package on the package. As we have multiple subtypes here and switch using ALTERNATIVES, this collides in this corner case. Fix it by not creating a -dev package in the first place as it is not needed here anyway. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I21326c9edc5cb7571ed94593eae1075cf56353db Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27841 Reviewed-by: Scott Murray <scott.murray@konsulko.com> Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-07-29meta-app-framework: add Flutter app templateScott Murray2-1/+15
Add a systemd template unit for Flutter based applications to the applaunchd recipe. Bug-AGL: SPEC-4466 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ia7cb24d27beebf7c7e4bcfb7a256bd45ffa432ce Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27838 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> ci-image-boot-test: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-29meta-app-framework: Update app template schemeScott Murray5-10/+107
Changes to support the move to systemd unit based app enumeration in applaunchd: - Bump applaunchd SRCREV to pick up enumeration changes. - Tweak the polkit rule to match agl-app* instead of agl-app@* to allow more flexibility with respect to different app templates. - Tweak the Description field definition in the agl-app service template to just use the instance name, as that field is now used for the application display name by applaunchd. - Add a agl-app-web service template for web apps. - Add a agl-app.bbclass for use in application recipes to simplify installation of the now required systemd template instances and potential generation of override files to tweak application configuration. - Split the agl-app and agl-app-web templates into their own packages in the applaunchd recipe so they can be depended on by applications as required. - Move applaunchd installed systemd units and override files to /lib/systemd/system since that matches the upstream recommendation for units installed as part of the system installation. Bug-AGL: SPEC-4466 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I32ff6c9624850662856b79a2b14b33a05e7f9a65 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27835 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jose Dapena Paz <jdapena@igalia.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-29meta-agl-bsp: Pin i.MX platform kernels to 5.15 LTSScott Murray3-2/+10
The recent bump of meta-freescale with the kirkstone 4.0.2 upgrade brought an upgrade to 5.18 in the linux-fslc kernel, which breaks sllin compilation. Tweak the i.MX6 and i.MX8 machine templates to use the 5.15 linux-fslc-lts kernel, which matches linux-yocto in poky and seems a better choice going forward with kirkstone. Bug-AGL: SPEC-4501 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ib75d8c844301c5ac902e18d02ff8ac6176f614c7 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27842 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-27meta-netboot: Add SELinux supportScott Murray4-1/+55
Changes: - Add logic to init.sh to handle autorelabeling the root filesystem if it is tagged as requiring it. In practice this should only be required when booting images built on hosts that have xattr support, or if relabeling is manually triggered on subsequent boots. There was a stated goal of avoiding the reboot from the later userspace handling of autorelabeling in CI, so this hook aims to enable that for the non-xattr build host corner case. - Add a resolv-conf-relabel recipe that installs a systemd unit to relabel /etc/resolv.conf when netbooting. This is required because the file always gets modified inside init.sh, and it does not seem worthwhile to always do the extra policy load required to relabel it in the initramfs. This may need to be revisited if it proves difficult to handle denials in early booting when netbooting. - Add the required extra packages for relabeling to IMAGE_INSTALL. Bug-AGL: SPEC-4332 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I26b27c1cea68a029264352bd206c160cac3d451e Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27791 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-27Add SELinux featureScott Murray14-1/+179
Add agl-selinux feature to enable SELinux support. Notes: - SELinux is in permissive mode by default for now, and using the targeted policy by default. - The linux-yocto specific bbappend in meta-selinux is masked out in favor of adding a more universal kernel configuration fragment with AGL's own scheme. - SELinux specific recipes and bbappends are added via a meta-selinux dynamic-layers addition in meta-agl-core to keep using meta-selinux optional. This will avoid issues with the Yocto autobuilder testing of meta-agl-core. - To avoid the effectively hard-coded autorelabel on first boot, a bbappend is added to the selinux-autorelabel recipe to remove the flag creation. In the off chance that a build happens on a filesystem without xattr support, the logic in the selinux-image bbclass will still touch the /.autorelabel flag and trigger relabeling. - A systemd unit and script are added with a new systemd-selinux-relabel recipe to handle relabeling of some systemd generated files that do not get handled during root filesystem construction. Some of these can be addressed by some upstream tweaks, but /etc/machine-id will always need special handling unless there is a shift to using read-only or stateless root by default. With this workaround we still avoid doing a full relabel and reboot on first boot, which helps simplify CI. Bug-AGL: SPEC-4332 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ibf469e11eb3a67709074cc6794b3d12cd5071a90 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27790 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-20Fix reproducability issue reported by YP autobuilderJan-Simon Moeller3-3/+81
The main issue was the rewrite of CFLAGS that resulted in missing flags, namely the DEBUG_PREFIX_MAP. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Ie4f939f4cb17ab13c6dc59b8d4c122f86d26b006 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27781 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-07-15Prepare Nifty Needlefish Milestone 1needlefish_13.91.0needlefish/13.91.013.91.0Jan-Simon Moeller1-2/+2
Update the distro configuration for Nifty Needlefish Milestone 1. Bug-AGL: SPEC-4476 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Iac9f7cfc57f83bdca34f752d2345b8f4d8aa7074 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27769 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-07-14Add feature for SPDX SBOM generationJan-Simon Moeller4-0/+11
We enable the built-in features of YP in kirkstone to create an spdx file that can serve as SBOM. Bug-AGL: SPEC-4384 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I98907fc07aee8c6eefbb6f0e12d30583268832d7 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27694 Tested-by: Jenkins Job builder account
2022-07-13meta-rcar-gen3: workaround recipe incompatibilities with YP 4.0.2Scott Murray5-0/+213
This adds a workaround for the strictly versioned gstreamer bbappends until the BSP gets updated to be compatible with 4.0.2. Bug-AGL: SPEC-4473 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ie25b18779ac6fdb3efd9102317955342bd8e58af Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27766 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-13applaunchd: update and install agl-app@ template and sandboxing configsDenys Dmytriyenko4-5/+33
The new applaunchd adds systemd_manager that allows launching apps as systemd services in a sandboxed environment. And dbus_activation_manager is deprecated. * Update SRCREV for the new code * Bump version to indicate a major change * Install supporting config files * Add build dependency on systemd * Add runtime dependency on polkit rule to manage agl-app@ services Bug-AGL: SPEC-4466 Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Change-Id: I01b0247d18be8d97b4ea2866d161cffbda8f9155 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27752 Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Reviewed-by: Scott Murray <scott.murray@konsulko.com> Tested-by: Jenkins Job builder account
2022-07-13polkit: add rule to allow agl-driver to control agl-app@ systemd servicesDenys Dmytriyenko2-0/+23
Bug-AGL: SPEC-4466 Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Change-Id: I8007aacc12f8b6bdfbca660c994d321ef1b5eca7 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27751 Reviewed-by: Scott Murray <scott.murray@konsulko.com> Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-11agl-compositor_git: Bump SRCREV for AGL compositorMarius Vlad1-1/+1
Most notable in this this bump update, is the ability to receive focus (xdg-shell and input) even though there isn't any keyboard attached in the system. More than that, this update also includes a few fixes related to remote apps placement to different outputs and a fix on how we activate by default applications, in various circumstances. Specifically, this AGL compositor bump includes the following changes: - 2cc479fd8f3e53265 layout: Add a wrapper for adding the view to the hidden layer - baf8a28e6329fdb6c shell: Fix a typo when adding surface to pending list - 1797ef75adcb4c586 compositor: Allow passing continue-without-input - c859ca5a97d53a00c shell: Make sure that app_id is valid before checking it - 89440e0ffdfea2568 layout: Keep track of popup state to handle activation - 89f67c5cf793bc69c compositor: Perform activation from keybindings - 8cc1032b2f5542028 compositor: Pass flags when adding keybindgs - 9cccfe829aab45fd2 layout: Add a way common way activate views - 394b5da7676612600 shell: Extract some common functions - cac00851d454fcfe6 input: Migrate ivi_seat to ivi_compositor header - 2844fde1df83707f3 input: Remove keyboard listener keyboard focus activation - b4a52c732dbf3863b compositor: Properly dispose of fullscreen views at shutdown Bug-AGL: SPEC-2982 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I83fd9513114a6ffd4cb98a8506063544ccce377a Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27696 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-11bsp: Delete the patch not used any longerZhou Mingying1-58/+0
The patch 0004-ADSP-enable-and-add-sound-hardware-abstraction_kf.patch is no longer used in AGL. So delete this unused patch. Bug-AGL: SPEC-4434 Signed-off-by: Zhou Mingying <zhoumy@fujitsu.com> Change-Id: I8489e24b9430a2769a10b90135add316042a2584 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27747 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account
2022-07-11Machine cleanup for Nifty NeedlefishScott Murray22-141/+0
Remove machine templates and associated files for: - hsdk - dragonboard-410c - dragonboard-820c - nitrogen6x Bug-AGL: SPEC-4402 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I7ff2665fe5ceef55454905d57e7793d5fcf0ef8a Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27701 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-07[RCAR] Fixed the unrecomennd operator usageHarunobu Kurokawa1-1/+1
This commit would remove WANING for kernel-module-vspmif RPROVIDES:${PN}:remove += is not a recommended operator combination, please replace it. Bug-AGL: SPEC-4436 Change-Id: I1e2d736fc9450766ddff9a0abb0ba87c15d8fd3d Signed-off-by: Harunobu Kurokawa <harunobu.kurokawa.dn@renesas.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27702 Reviewed-by: Naoto YAMAGUCHI <naoto.yamaguchi@aisin.co.jp> Reviewed-by: ronan Le Martret <ronan.lemartret@iot.bzh> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-07-05x86-extra-graphic-devices: Build vmwgfx driver as built-inMarius Vlad1-1/+1
Rather than building the vmwgfx driver as a module, build it as a built-in in module to avoid a possible probe failure when the driver loads up. This is a temporary work-around which seems to work just fine on VBox but also on qemu. Bug-AGL: SPEC-4449 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I4f342854df1a0ed2d14ed0ca2bbe754618c61689 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27695 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-05Re-enable PRServ and HashservJan-Simon Moeller1-5/+5
With the new improved PRServ and HashServ we can run this. Also we can expose the readonly ports to the public. Bug-AGL: SPEC-4381 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I2c52cd80fa387457fd95b853519d8768fafacb10 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27699 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-06-29Remove use of AGL_APP_REVISIONJan-Simon Moeller2-7/+6
We did use the variable AGL_APP_REVISION to change between the HEAD of the branch via to the fixed tag at release time (regs/tags/xyz) . While this worked well previously, it turns out that bitbake will query git every time it runs for either or tags likewise. For tags it cannot trust whatever is known locally is actually the latest tags as there can be force pushed tags. To fix this we use a well-defined SRCREV for apps/* in the same way as we do it for src/* . Bug-AGL: SPEC-4455 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I54bad2ef6c8b171b1ae1270b4adb951fb180b260 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27693 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account
2022-06-29freetype: Delete a patch that is no longer usedduerpei1-31/+0
The patch /meta-agl/meta-agl-core-test/recipes-test/freetype/files/0001-ft2demos-Makefile-Do-not-hardcode-libtool-path.patch is already deleted from the file freetype_2.%.bbappend by https://git.automotivelinux.org/AGL/meta-agl/commit/meta-agl-core-test/recipes-test/freetype/freetype_2.%25.bbappend?id=f8e4906de8e21b9affb9f901527d587eb31b68ff and it was no longer used Bug-AGL: SPEC-4451 Signed-off-by: duerpei <duep.fnst@fujitsu.com> Change-Id: I0787bf9bba8b2140da2ebc0c912e321a51b48f46 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27685 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-06-28meta-agl-core: add connman-conf dependencyJose Dapena Paz2-2/+9
After kirkstone, connman has an independent package for its configuration. This package is not added as a dependency. As a consequence, we do not ship /etc/connman/main.conf, that, in AGL builds, is expected to provide a fallback for NTP. This means Raspberry PI4 does not synchronize the clock on boot if connection is available. As a side effect, all SSL connections fail. Bug-AGL: SPEC-4447 Change-Id: Iaa34c0a41cd161b0a0edea7602c39f724831412a Signed-off-by: Jose Dapena Paz <jdapena@igalia.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27683 Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account
2022-06-17[RCAR] Fix video stream for user "agl-driver"Ronan Le Martret4-0/+45
* Remove RPROVIDES:${PN} "kernel-module-vspm-if" in kernel-module-vspmif recipes. kernel-module-vspmif should not provide "kernel-module-vspm-if". "kernel-module-vspm-if" is a separate package with module rules. * Add udev rules for /dev files: uvcs_drv, vspm_if, mmngr, mmngrbuf Bug-AGL: SPEC-4436 Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh> Change-Id: I44a0665d6576cdcc9dbbfe5401de3dc9bc281473 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27635 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-06-17weston: Delete four patches that are no longer usedduerpei4-320/+0
The following four patches are submitted in https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27257 to fix a potential memory leak problem. Now that Weston has been updated to 10.0, the original memory leak problem has been solved, and the following four patches are no longer required Bug-AGL: SPEC-4438 Signed-off-by: duerpei <duep.fnst@fujitsu.com> Change-Id: Ibe4191a2a902ddac9f9a32d4f6239ae5761894a4 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27665 Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account
2022-06-15Feature cleanup for Nifty NeedlefishJan-Simon Moeller4-20/+0
Remove features with upstream deprecated or unmaintained: - meta-gplv2 Bug-AGL: SPEC-4407 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I39a08b3ebd26a0187a8fd31e6f154dd53471bb9c Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27658 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Scott Murray <scott.murray@konsulko.com>
2022-05-31pipewire: Fix recipe style errorduerpei1-1/+1
The bitbake recipe has style guide at https://www.openembedded.org/wiki/Styleguide In do_install Don't use mkdir to create destination directories, use install -d instead. Bug-AGL: SPEC-4401 Signed-off-by: duerpei <duep.fnst@fujitsu.com> Change-Id: Iaf33b842321e0199aee7227077520a12a9a53d74 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27562 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-05-30meta-agl-core: add kuksa user and groupScott Murray2-0/+2
Add a kuksa user and group to the static passwd and group files to facilitate running the KUKSA.val Vehicle Information Service (VIS) server as non-root and control access to some of its configuration files. Bug-AGL: SPEC-4405 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I199d79df42a6e5ea032ccfa084a1d38625b508f0 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27557 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> (cherry picked from commit 9363f1c67fe97a0c47cf44985ce0fb7f879bf7ac) Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27538
2022-05-27meta-agl-core: move polkit addition to dynamic-layersScott Murray4-1/+5
Since polkit comes from meta-oe and not poky, move adding it to packagegroup-agl-graphical-weston to a bbappend that is in a meta-oe dynamic-layers hierarchy. This is required to avoid breaking the meta-agl-core testing on the Yocto autobuilder, which does not pull in meta-oe currently. This may need to be revisited down the road when providing a binary packagefeed is attempted, as it may be the case that explicitly adding meta-oe as a meta-agl-core dependency ends up the better solution for packagefeed stability. Bug-AGL: SPEC-4359, SPEC-4375 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I920d9184f936d0c529db944bf1667a470aa863c6 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27568 Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account
2022-05-26packagegroup-agl-graphical-weston: Add polkit to RDEPENDSMarius Vlad1-0/+1
Images that require/inherit packagegroup-agl-graphical-weston would pull in polkit which is needed by weston/AGL compositor in order to be able to switch VTs as a regular user without needing CAP_SYS_ADMIN privileges. Added initially a workaround, by incorrectly assuming that this was due to missing psplash. Upon further investigation noticed that polkit wasn't really installed which ultimately failed to activate the session. With this change, I'm able to boot-up and display the gallery app for agl-image-flutter and cluster-dashboard application for the agl-cluster-demo-platform image. Bug-AGL: SPEC-4359, SPEC-4375 Suggested-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: Ifd01fb61fc4d0f797519b54bf22395970e2a9fec Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27482 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>