Age | Commit message (Collapse) | Author | Files | Lines |
|
Add agl-selinux feature to enable SELinux support.
Notes:
- SELinux is in permissive mode by default for now, and using the
targeted policy by default.
- The linux-yocto specific bbappend in meta-selinux is masked out in
favor of adding a more universal kernel configuration fragment with
AGL's own scheme.
- SELinux specific recipes and bbappends are added via a meta-selinux
dynamic-layers addition in meta-agl-core to keep using meta-selinux
optional. This will avoid issues with the Yocto autobuilder testing
of meta-agl-core.
- To avoid the effectively hard-coded autorelabel on first boot, a
bbappend is added to the selinux-autorelabel recipe to remove the
flag creation. In the off chance that a build happens on a filesystem
without xattr support, the logic in the selinux-image bbclass will
still touch the /.autorelabel flag and trigger relabeling.
- A systemd unit and script are added with a new systemd-selinux-relabel
recipe to handle relabeling of some systemd generated files that do
not get handled during root filesystem construction. Some of these
can be addressed by some upstream tweaks, but /etc/machine-id will
always need special handling unless there is a shift to using
read-only or stateless root by default. With this workaround we still
avoid doing a full relabel and reboot on first boot, which helps
simplify CI.
Bug-AGL: SPEC-4332
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ibf469e11eb3a67709074cc6794b3d12cd5071a90
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27790
Tested-by: Jenkins Job builder account
ci-image-build: Jenkins Job builder account
ci-image-boot-test: Jenkins Job builder account
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
This should be set down in the final images if required.
We do not need it in the core image that will be reused.
Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Change-Id: Ic694e5a3209336adbb6e558ceb205c7cc306b8d8
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27168
ci-image-build: Jenkins Job builder account
Tested-by: Jenkins Job builder account
ci-image-boot-test: Jenkins Job builder account
Reviewed-by: Scott Murray <scott.murray@konsulko.com>
|
|
A follow-up cleanup to the previous changes.
- the aws+azure binders are deprecated in master, thus remove meta-iot-cloud
- meta-security is no longer a dependency
- rm agl-sota (due to meta-updater deprecation)
- rm agl-sign-wgts feature
- cleanup poky-agl.conf
Bug-AGL: SPEC-4121
Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Change-Id: I274179ab1fb74b274e955bd9a3eeccccac615770
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26870
Tested-by: Jenkins Job builder account
ci-image-build: Jenkins Job builder account
ci-image-boot-test: Jenkins Job builder account
Reviewed-by: Scott Murray <scott.murray@konsulko.com>
|
|
This image embeds the agl-compositor and can be reused
to create images.
Bug-AGL: SPEC-3852
Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Change-Id: I3950fbf997a57c221a08bf89b9396171613b7999
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26863
Tested-by: Jenkins Job builder account
ci-image-build: Jenkins Job builder account
ci-image-boot-test: Jenkins Job builder account
|
|
Changes/rework to get weston and agl-compositor starting again:
- Since an upgrade to a newer Yocto release is in the near future,
update weston-init and associated files to effectively backport
the new weston startup behavior added in 3.3/Hardknott as our
new base. The changes mean weston or agl-compositor will by
default start as a "weston" user that replaces the "display"
user that had been added previously in AGL. The goal is that
any new work done on top of this base should hopefully work
on 3.5/Kirkstone without further substantial rework.
- Add new agl-compositor-init recipe that replaces the previous
weston-init bbappend in meta-agl-demo. Having it as a separate
recipe in core so weston or agl-compositor "just work" in simple
test images seems like a better approach.
- As part of the above, drop the --log option to agl-compositor
in its command-line to address SPEC-4112.
- Add SYSTEMD_DEFAULT_TARGET definition to agl-image-weston and
in a new core-image-weston bbappend to result in agl-compositor
and weston starting automatically in the corresponding images.
This is required with the new weston-init behavior until we
upgrade past 3.3/Hardknott, when "weston" in IMAGE_FEATURES
can be used instead.
Bug-AGL: SPEC-4121, SPEC-4112
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ia64894416846569abf8e744006ef26637279a895
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26782
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
This is mostly the result of running a slightly customized version
of the convert-overrides.py script from poky with additional
overrides added. A few minor fixups were done by hand afterwards
during a review of the changes.
The intent of these changes is to minimize the effort to keep the
"next" branch that builds against poky master up to date and tested
in preparation for the switch to the next Yocto LTS release in
early 2022.
Bug-AGL: SPEC-4052
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ia3bf63b7cb1aa1d95ada373d1a3ab56def0a125d
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26564
Tested-by: Jenkins Job builder account
ci-image-build: Jenkins Job builder account
ci-image-boot-test: Jenkins Job builder account
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
To avoid the problem of it drift with respect to the upstream
packagegroup-core-boot that it was originally derived from, rework
packagegroup-agl-core-boot to just RDEPEND on it instead. This
has the benefit of making the AGL additions more clearly visible.
Additionally:
- Define VIRTUAL-RUNTIME_base-utils-syslog for packagegroup-core-boot
to match AGL's current default.
- Add a VIRTUAL-RUNTIME_rngd variable to allow downstream users to
remove or replace rng-tools in their distro configuration.
- Explicitly add the packagegroup to IMAGE_INSTALL in the base
agl-image-boot.inc to better match upstream core-image-minimal in
definition, and make sure that any derived image that is created by
including the inc file (instead of the bb file) is usable.
Bug-AGL: SPEC-3932
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ib82d5d6b561eca4d059c56b01a0caddefcb48776
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26376
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jenkins Job builder account
|
|
Remove the anonymous python logic added to override any changes
to IMAGE_FSTYPES via _append/_remove by BSPs to fix SPEC-3741.
The updated Renesas BSP no longer does so, and removing this
logic avoids issues when using meta-agl-core with distribution
configurations other than poky-agl.
Additionally:
- Change the IMAGE_FSTYPES and INITRAMFS_FSTYPES assignments in
poky-agl.conf back to regular ("=") instead of immediate
(":=") so that things like the _appends being done to
AGL_DEFAULT_IMAGE_FSTYPES for netboot and CI usecases will
take affect. They were only currently working because of the
later evaluation in the anonymous python logic that is being
removed.
- Rationalize agl-image-minimal.inc to just include
agl-image-boot.inc, and remove the unnecessary use of the
AGL_EXTRA_IMAGE_FSTYPES variable in agl-image-boot.inc.
Bug-AGL: SPEC-3897
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Id655683c705678dd3ab1caff8980dba06f46a1bc
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26292
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jenkins Job builder account
|
|
Remove now libsoup bbappend as it seems no longer necessary with
upstream poky master, and also remove libsoup from the autobuilder
image, as there is no longer any need to test building it.
Bug-AGL: SPEC-3819
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: I01b9fbfbf0d5b40df72f6be88322bbd855335d92
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26097
Tested-by: Jenkins Job builder account
ci-image-build: Jenkins Job builder account
ci-image-boot-test: Jenkins Job builder account
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
The anonymous python snippet in agl-image-minimal.inc to reset
IMAGE_FSTYPES needs to be before the inherit of core-image to
actually take effect when building. This was not immediately
apparent from the variable expansion information visible in
"bitbake -e" output. A comment explaining the snippet and this
requirement has been added for clarity.
Bug-AGL: SPEC-3741
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ife1dca4c3ff961a9f693631ec0dac498114d395d
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25859
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
|
|
Add anonymous python snippet in agl-image-minimal.inc to reset
the value of IMAGE_FSTYPES to AGL_DEFAULT_IMAGE_FSTYPES plus
AGL_EXTRA_IMAGE_FSTYPES (i.e. the value defined in poky-agl.conf).
This is a very big hammer, but at present seems the best way to
avoid the build time/space costs from BSP appends adding extra
types that are not required.
Bug-AGL: SPEC-3741
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Idad57d0371ae59058b2b1acffbeae85db97aa91d
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25846
|
|
Goal is to reach a minimal meta-agl-core as base for IVI and IC work at the same time.
Trim dependencies and move most 'demo' related recipes to meta-agl-demo.
v2: changed to bbapend + .inc , added description
v3: testbuild of all images
v4: restore -test packagegroup and -qa images, compare manifests and adapt packagegroups.
v5: rebased
v6: merged meta-agl-distro into meta-agl-core,
due to dependency on meta-oe, moved -test packagegroup and -qa images
to own layer meta-agl-core-test
v7: Fixed comments from Paul Barker
v8: Update the markdown files
v9: restore wayland/weston/agl-compositor recipes/appends, reworked to
move app f/w specific changes to bbappends in meta-app-framework and
only demo specific weston-init changes to meta-agl-demo
v10: fix s/agldemo/aglcore/ missed in weston-init.bbappend
Description:
This patch is part 1 out of 2 large patches that implement the layer rework
discussed during the previous workshop. Essentially meta-agl-core is the
small but versatile new core layer of AGL serving as basis for
the work done by the IC and IVI EGs.
All demo related work is moved to meta-agl-demo in the 2nd patchset.
This should be applied together as atomic change.
The resulting meta-agl/* follows these guidelines:
- only bsp adaptations in meta-agl-bsp
- remove the agl-profile-* layers for simplicity
-- the packagegroup-agl(-profile)-graphical and so on
have been kept in meta-agl-demo
- meta-agl-profile-core is now meta-agl-core
- meta-agl-core does pass yocto-check-layer
-- therefore use the bbappend + conditional + .inc file
construct found in meta-virtualization
- meta-agl/meta-security has been merged into meta-agl/meta-app-framework
- meta-netboot does pass yocto-check-layer
- meta-pipewire does pass yocto-check-layer
Migration:
All packagegroups are preserved but they're now enabled by 'agl-demo'.
Bug-AGL: SPEC-3723
Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ia6c6e5e6ce2b4ffa69ea94959cdc57c310ba7c53
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25769
|