aboutsummaryrefslogtreecommitdiffstats
path: root/meta-agl-core
AgeCommit message (Collapse)AuthorFilesLines
2022-12-16linux: config: add systemd sandboxing fragmentDenys Dmytriyenko2-0/+10
Add a kernel config fragment that enables additional features needed for systemd sandboxing support, using Classic BPF (Berkeley Packet Filter) kernel framework. Eventually this will be extended with more advanced features using eBPF (extended BPF), BTF (BPF Type Format) and LSM (Lunux Security Module) frameworks. Bug-AGL: SPEC-4627 Change-Id: I9ed21c654b2e0298be66073750dab6920e49b0c9 Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28297 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-12-16linux: config: move CONFIG_AUDIT* into own fragmentDenys Dmytriyenko3-2/+3
Enabling CONFIG_AUDIT* is needed by auditd and should be safe whether systemd is used or not and is not specific to SELinux. Note that systemd README has this old caveat mentioned | Note that kernel auditing is broken when used with systemd's | container code. When using systemd in conjunction with | containers, please make sure to either turn off auditing at | runtime using the kernel command line option "audit=0", or | turn it off at kernel compile time using: | CONFIG_AUDIT=n | If systemd is compiled with libseccomp support on | architectures which do not use socketcall() and where seccomp | is supported (this effectively means x86-64 and ARM, but | excludes 32-bit x86!), then nspawn will now install a | work-around seccomp filter that makes containers boot even | with audit being enabled. This works correctly only on kernels | 3.14 and newer though. TL;DR: turn audit off, still. But that seems to only apply to nspawn usage in some specific cases and on older kernels, plus there are even runtime workarounds available when needed, so let's enable it by default. Bug-AGL: SPEC-4627 Change-Id: I5fcd58ba41929d2966fadea27b6751e4fa6589c9 Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28276 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-12-16linux: config: enable kernel settings that systemd requiresDenys Dmytriyenko2-0/+44
Add kernel config fragment with all settings required by systemd. Some more generic settings need to be explicitly set here as well to satisfy necessary dependencies from systemd settings down the tree, otherwise some BSPs would break. Bug-AGL: SPEC-4627 Change-Id: I7a2796ea65da58a4f1fa0556cd94df67e7df7db9 Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28275 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-12-10Update cluster network configurationScott Murray3-3/+3
Update configuration files as appropriate with the IVI board as 192.168.10.2 and the cluster as 192.168.10.3. Bug-AGL: SPEC-4632 Change-Id: Idd41daa75fc6258d07d8f654848e78ced85dff35 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28154 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-12-10systemd-conf-canbus: Add FD configurationScott Murray2-0/+13
Add canbus-can-fd.network configuration that can be selected via CANBUS_NETWORK_CONFIG. Bug-AGL: SPEC-4633 Change-Id: Ic662be3e991910a4b35e114f144fe399a88ce477 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28153 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-12-08libsdl2: PACKAGECONFIG tweaksScott Murray2-0/+4
Add a couple of bbappends for libsdl2 to tweak its PACKAGECONFIG, based on Panasonic QEMU+KVM documentation. Bug-AGL: SPEC-4618 Change-Id: I7ceb4e46faa88f09311ad359a3b0b13a462f6cb2 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28192 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account
2022-12-08linux-yocto: Rework virtio-aarch64 kernel configurationScott Murray1-0/+4
Changes: - Appending the virtio kernel metadata to SRC_URI in the linux-yocto bbappend was having the side-effect of overriding a lot of the changes from the other AGL configuration fragments. To avoid this, prepend the addition to AGL_KCONFIG_FRAGMENTS instead. - Add the HDA sound driver config fragment for virtio machines to allow using the QEMU emulation. - Add config fragment for the virtio kernel to ensure that CONFIG_DRM and the fbdev emulation are on. - Add config fragment for the virtio kernel to turn on CONFIG_PCI, as there are some peripherals that we may need to expose to guests with it. This and the DRM changes will be rationalized in the metadata repo once it's clear we do need them. Bug-AGL: SPEC-4618 Change-Id: I453b84d9840498772afd01404dd374f5c1d245da Signed-off-by: Scott Murray <scott.murray@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28191 ci-image-build: Jenkins Job builder account Tested-by: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-12-08linux: config: move BBE-specific fragment from meta-agl-core to meta-agl-bspDenys Dmytriyenko2-2/+0
Commit d009fa0c42042a0b7d069779852953621e46469b as part of SPEC-4156 added a kernel config fragment to disable CONFIG_RELAY. Since this fragment is only applied to BBE, there's no need for it to reside in meta-agl-core and can be moved to meta-agl-bsp/meta-sancloud. Bug-AGL: SPEC-4156 Change-Id: I5da2632d6eb00bbf99ddb48cef861564d2ce868d Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28203 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-12-08linux-agl-config: correct override syntax for virtualmachineDenys Dmytriyenko1-1/+1
Commit dd6fc5dcaa0a027b7651bb365d5dd0f623498f8f as part of SPEC-4052 converted all overrides to the new syntax, but missed the one used for "virtualmachine" Bug-AGL: SPEC-4052 Change-Id: I1905c7e3b70b05c4ef06d8b4f240d0e144587fab Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28204 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-11-23Prepare Optimistic Octopus Milestone 1octopus_14.91.0octopus/14.91.014.91.0Jan-Simon Moeller1-2/+2
Update the distro configuration. Bug-AGL: SPEC-4616 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Iba55e4e0e51bfec2a1949a0fc9775760a6a8732b Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28177 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-11-23meta-agl-core: systemd: Disable `BitRate` setting for `can*` network for VIRTIO.Vasyl Vavrychuk5-4/+33
VIRTIO CAN [1] does not support bitrate configuration, it assumes bitrate configuration is done on backend. Fixes systemd-networkd failure: can0: Failed to set CAN interface configurations: Operation not supported File `canbus-virtio-can.network` is copied from `canbus-can.network` with `BitRate=` setting removed. v2: rework patchset to use own systemd-conf-canbus package to avoid changes in main systemd package. [1]: https://lists.oasis-open.org/archives/virtio-dev/202208/msg00159.html Bug-AGL: SPEC-4597 Change-Id: Idb132203501bb99103e76098eea3bb6394b645da Signed-off-by: Vasyl Vavrychuk <vasyl.vavrychuk@opensynergy.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28104 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-11-23weston-ini-conf: add virtio-aarch64 configurationScott Murray1-0/+1
Add a WESTON_DISPLAYS tweak for the virtio-aarch64 machine so the demo platform image gets the required weston configuration when built for it. Bug-AGL: SPEC-4618 Change-Id: I90974a25d51fc3b4ad3d8e9450d98f8ae82f759a Signed-off-by: Scott Murray <scott.murray@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28187 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-11-23native-shell-client: Add recipeScott Murray1-0/+16
Add recipe for native-shell-client simple agl-shell protocol client. It can be used for testing agl-compositor and also enables using it in simple usecases such as displaying the output from guest VMs with QEMU+KVM. Bug-AGL: SPEC-4618 Change-Id: I16b7c8b703b2aa3c875b7ffd78b24021eafd3a7f Signed-off-by: Scott Murray <scott.murray@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28186 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-11-23agl-compositor: RDEPENDS fixesScott Murray3-2/+2
Changes: - Add the required xkeyboard-config RDEPENDS to the agl-compositor recipe to avoid surprises if nothing else that pulls that in is in an image. - Move the agl-compositor RDEPENDS on polkit directly into the recipe instead of getting indirectly via a meta-oe presence driven addition to packagegroup-agl-graphical-weston. This is more correct, avoids surprises if that packagegroup happens to not be used, and will work better with a binary packagefeed. The RDEPENDS is still conditional on the presence of "polkit" in DISTRO_FEATURES, which seems a reasonable alternative to using dynamic-layers. Bug-AGL: SPEC-4619 Change-Id: I595f55a9d598b4a15fe345f50d1a7a203616dd15 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28184 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-11-21agl-compositor: Bump SRCREVScott Murray1-1/+1
Bump agl-compositor SRCREV to pick up: adf173e layout: Allow background surface roles (to) be activated 77d94d8 agl-shell: Add support for defining an activation area Bug-AGL: SPEC-4594 Change-Id: I4d003c4ce26fe3e6b3e3fe07b845538a5a9e508c Signed-off-by: Scott Murray <scott.murray@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28181 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-11-21Enable qemu and kvm user and groupJan-Simon Moeller2-0/+3
This supports the meta-virtualization layer. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I919f9669c0c9aff83d6f0b961d892eb6077902a6 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28055 Tested-by: Jenkins Job builder account
2022-11-21Exempt also nbd.server in connman serviceJan-Simon Moeller1-1/+2
This adds a check for the nbd.server kernel commandline and prevents connman service from being started. If nbdroot is set and the networkinterface is resetup, then the rootfs will fail. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Ic15fade35fd2c47b828e51692609d438225ef739 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28054 Tested-by: Jenkins Job builder account
2022-10-18agl-compositor_git.bb: Bump SRCREVMarius Vlad1-1/+1
This SRCREV bump update brings in a helpful way to designate a certain area such that the compositor would use it when activating applications, rather than using the entire output. When not having panels the background surface would cover the entire output, making it impossible to keep visible areas of the background surface and, in the same time, display another's application surface. While the solution would be use panels specifically designed to handle this case, that's not always possible. We circumvent that by having this area specified manually in this update, with a direct follow-up to have a request in the agl-shell protocol that specifies that area programmatically. Besides that change, a few more changes made it through, all of them being added from upstream and adapted from weston to the AGL compositor, mostly related to how we handle signals. In detail the following changes made it through since the last SRCREV bump update: - 924473ef016b Add manual activation area configuration option - 897449688a9c compositor: Use sigaction to trap SIGINT - e8761762fcd0 compositor: Add missing SIGCHLD handler - 315496ddbb9f compositor: Stop trapping SIGQUIT - f980c0d90329 shell: Rewrite client_exec as client_launch - edb6d397a4c6 process-util: Move Xwayland fork helpers to shared - 86146a4e7455 shared: add str_printf() - 1b93121761e1 shared: introduce os_fd_clear_cloexec() Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I23e0aba9f2b77cab4fe81754a8feaeebb7cea340 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28056 ci-image-build: Jenkins Job builder account Tested-by: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-10-08meta-app-framework: applaunchd: run under a separate userDenys Dmytriyenko2-0/+2
Since applaunchd needs to start/stop systemd units, the user is granted elevated systemd unit-management permissions via PolKit policy. If applaunchd and all the apps run under the same agl-driver user, all the apps have these elevated systemd permissions too. Separating them into different users allows removing elevated systemd unit-management permission from individual apps, but leaving such permission for applaunchd, which enhances overall security of the system. - add new applaunchd user and group - switch applaunchd (gRPC) service to be started under new user - since HTML5 apps haven't migrated to gRPC yet and still use D-Bus API, applaunchd-dbus gets activated by agl-session and runs under agl-driver - temporarily add agl-driver user into the applaunchd group and switch PolKit policy to check for applaunchd group, instead of the user - once D-Bus API is completely deprecated, agl-driver user can be removed from applaunchd group Bug-AGL: SPEC-4579 Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Change-Id: I75384177578bba6cb458a81df6a9dc1738c972e0 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28039 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-25weston-ini-conf.bb: Change from append to an inline editMarius Vlad1-2/+1
We don't really support section entries with the same name, so rather than appending a new key entry value under the same section, use sed to edit the configuration file in place. Fixes 6a8a33f99a66ae1 Bug-AGL: SPEC-4528 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I12b982dd7e6dd8d11e5fb373c8cba0b1e762c485 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28019 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-25Add openssh-sftp-server when agl-devel is onJan-Simon Moeller1-0/+1
For simplified development workflows on newer host distros add the sftp server. Bug-AGL: SPEC-4443 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I580e5d342fb6afb286b00d41b03c98a9b936160f Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28018 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Marius Vlad <marius.vlad@collabora.com>
2022-09-22weston-ini-conf: Add weston-ini-config-no-activateMarius Vlad1-0/+16
This patch adds a way to tick dynamically activate-by-default to false, and provide a safe migration towards disabling by default activation entirely. We do this with just only the Qt toolkit and will proceed with WAM/chromium once that has support as well for this. Bug-AGL: SPEC-4528 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I3573ea92d3ea865db223bd01e58b9ec202cfa7ae Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27990 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-22agl-compositor_git.bb: Bump SRCREV to grab latest changesMarius Vlad1-1/+1
This SRCREV bump update for the AGL compositor includes two new protocol updates, one that adds two new events, specifically bound_ok, bound_fail which would allow clients to determine if they're in charge of managing panels and background surfaces. The other protocol update fixes an issue with activation by default of applications but also paves the way to move out bits from the agl-shell-desktop protocol to just the agl-shell protocol. Note that the shell client supporting the latest change of the protocol will need to add at least add stubs for the v2 of the protocol, even if v2 isn't required to be supported at all. Updates to version 3 of the protocol will be required once we'll switch out from activation by default from true to false and finally remove support from the compositor entirely and let the shell client be the one in charge for activation. Additionally, this bump includes a few fixes, most notable handling remote surface roles much better, including migration, in real time of applications from one output to another, making possible a back-and-forth movement of applications. In more detail the following changes have been included: - d08a5b2010f6e6 desktop: Do not attempt to send terminate event - 0512e7251611e7 protocol/agl-shell.xml: Add an app_state event -- app state notification - bb730ca304a5f6 layout: Handle dynamic application/surface movement between outputs - b92397ef12626a shell: Remove the black curtain installed on outputs - 372eb222b17bbc layout: Detect when an application should be migrated to other outputs - 39c91d5ccae3b6 desktop: Avoid sending the dimensions for the first output - a99d56dad0ad4a layout: State explicity the output - fc783c19e6f6b9 layout: Use view's mapping once we placed the view in the hidden layer - e1b15f95e834ac desktop: Install a black background for REMOTE roles - bb79d12c92fa6e desktop: Include REMOTE role in initial configuration - 3e72564852a6f3 agl-shell: Add bound_ok and bound_fail events and a default destructor Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I25c53e9d69270651cd40c7ee9ec3edce28f899a6 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27989 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-16Change master branch name to octopusJan-Simon Moeller1-5/+5
Long live the new codename 'Optimistic Octopus'. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I1f12f334a2082ffa813cb453aa976ef5f995732c Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27998 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-09-01weston_10.0_aglcore.inc: Update wl_output to version 4Marius Vlad2-1/+118
This allows clients to query the output name and description name as seen by the compositor. Previously this was only possible only with xdg_output_manager extension but a recent update to the core wayland protocol allows us to do just that. Patch is posted upstream https://gitlab.freedesktop.org/wayland/weston/-/merge_requests/987, but will take some time to get in, as we're in the process of a release. Bug-AGL: SPEC-4530 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I709b941a220e9906078944ee585435df7141d448 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27949 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-01recipes-graphics/wayland/weston: Add tile orientation statesMarius Vlad2-0/+170
This was recently integrated into libweston 11 pre-release, and should be removed once yocto updates its libweston version to at least 11. For the time being we'll rely on these to have split type of windows. Bug-AGL: SPEC-3906 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I7bc5caa6126d36d843d0f00cde56c020fa3f97dc Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27906 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-08-22qtbase: Add backported patches for OpenSSL 3 supportScott Murray3-0/+177
To make QSslSocket work when building with OpenSSL 3.x, add two backported patches pulled from the v5.15.3-lts-lgpl branch of the KDE repo: https://invent.kde.org/qt/qt/qtbase This appears to be the minimal fix for e.g. QtLocation's SSL usage. For more information on the KDE Qt5 patch collection, see: https://community.kde.org/Qt5PatchCollection Bug-AGL: SPEC-4395 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I0bc3fe7c0726aaea71a2c162db040e57ac92a9db Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27902 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-08-05Prepare Nifty Needlefish Milestone 3Jan-Simon Moeller1-1/+1
Update the distro manifest. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I8899b1140ddc2e12a025c2ba537852420dd6aedd Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27864 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-08-04Add empty for append syntaxChanghyeok Bae1-1/+1
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Change-Id: I3a67f2dca0148be04d96e5261a4bef4030e93fbf Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27852 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-31Prepare Nifty Needlefish Milestone 2needlefish_13.92.0needlefish/13.92.013.92.0Jan-Simon Moeller1-1/+1
Update the distro configuration. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Id87aff77dff68ff0bdd8fdac067ad0e7a40a38db Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27849 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-07-29Fix a dependency issue when building the SDKJan-Simon Moeller1-0/+4
When using -c populate_sdk, then the -dev packages are installed. There is a hard dependency of the -dev package on the package. As we have multiple subtypes here and switch using ALTERNATIVES, this collides in this corner case. Fix it by not creating a -dev package in the first place as it is not needed here anyway. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I21326c9edc5cb7571ed94593eae1075cf56353db Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27841 Reviewed-by: Scott Murray <scott.murray@konsulko.com> Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-07-27Add SELinux featureScott Murray11-1/+163
Add agl-selinux feature to enable SELinux support. Notes: - SELinux is in permissive mode by default for now, and using the targeted policy by default. - The linux-yocto specific bbappend in meta-selinux is masked out in favor of adding a more universal kernel configuration fragment with AGL's own scheme. - SELinux specific recipes and bbappends are added via a meta-selinux dynamic-layers addition in meta-agl-core to keep using meta-selinux optional. This will avoid issues with the Yocto autobuilder testing of meta-agl-core. - To avoid the effectively hard-coded autorelabel on first boot, a bbappend is added to the selinux-autorelabel recipe to remove the flag creation. In the off chance that a build happens on a filesystem without xattr support, the logic in the selinux-image bbclass will still touch the /.autorelabel flag and trigger relabeling. - A systemd unit and script are added with a new systemd-selinux-relabel recipe to handle relabeling of some systemd generated files that do not get handled during root filesystem construction. Some of these can be addressed by some upstream tweaks, but /etc/machine-id will always need special handling unless there is a shift to using read-only or stateless root by default. With this workaround we still avoid doing a full relabel and reboot on first boot, which helps simplify CI. Bug-AGL: SPEC-4332 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ibf469e11eb3a67709074cc6794b3d12cd5071a90 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27790 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-20Fix reproducability issue reported by YP autobuilderJan-Simon Moeller3-3/+81
The main issue was the rewrite of CFLAGS that resulted in missing flags, namely the DEBUG_PREFIX_MAP. Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Ie4f939f4cb17ab13c6dc59b8d4c122f86d26b006 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27781 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-07-15Prepare Nifty Needlefish Milestone 1needlefish_13.91.0needlefish/13.91.013.91.0Jan-Simon Moeller1-2/+2
Update the distro configuration for Nifty Needlefish Milestone 1. Bug-AGL: SPEC-4476 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Iac9f7cfc57f83bdca34f752d2345b8f4d8aa7074 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27769 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-07-14Add feature for SPDX SBOM generationJan-Simon Moeller1-0/+1
We enable the built-in features of YP in kirkstone to create an spdx file that can serve as SBOM. Bug-AGL: SPEC-4384 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I98907fc07aee8c6eefbb6f0e12d30583268832d7 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27694 Tested-by: Jenkins Job builder account
2022-07-11agl-compositor_git: Bump SRCREV for AGL compositorMarius Vlad1-1/+1
Most notable in this this bump update, is the ability to receive focus (xdg-shell and input) even though there isn't any keyboard attached in the system. More than that, this update also includes a few fixes related to remote apps placement to different outputs and a fix on how we activate by default applications, in various circumstances. Specifically, this AGL compositor bump includes the following changes: - 2cc479fd8f3e53265 layout: Add a wrapper for adding the view to the hidden layer - baf8a28e6329fdb6c shell: Fix a typo when adding surface to pending list - 1797ef75adcb4c586 compositor: Allow passing continue-without-input - c859ca5a97d53a00c shell: Make sure that app_id is valid before checking it - 89440e0ffdfea2568 layout: Keep track of popup state to handle activation - 89f67c5cf793bc69c compositor: Perform activation from keybindings - 8cc1032b2f5542028 compositor: Pass flags when adding keybindgs - 9cccfe829aab45fd2 layout: Add a way common way activate views - 394b5da7676612600 shell: Extract some common functions - cac00851d454fcfe6 input: Migrate ivi_seat to ivi_compositor header - 2844fde1df83707f3 input: Remove keyboard listener keyboard focus activation - b4a52c732dbf3863b compositor: Properly dispose of fullscreen views at shutdown Bug-AGL: SPEC-2982 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I83fd9513114a6ffd4cb98a8506063544ccce377a Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27696 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-05x86-extra-graphic-devices: Build vmwgfx driver as built-inMarius Vlad1-1/+1
Rather than building the vmwgfx driver as a module, build it as a built-in in module to avoid a possible probe failure when the driver loads up. This is a temporary work-around which seems to work just fine on VBox but also on qemu. Bug-AGL: SPEC-4449 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I4f342854df1a0ed2d14ed0ca2bbe754618c61689 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27695 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-06-29Remove use of AGL_APP_REVISIONJan-Simon Moeller1-6/+5
We did use the variable AGL_APP_REVISION to change between the HEAD of the branch via to the fixed tag at release time (regs/tags/xyz) . While this worked well previously, it turns out that bitbake will query git every time it runs for either or tags likewise. For tags it cannot trust whatever is known locally is actually the latest tags as there can be force pushed tags. To fix this we use a well-defined SRCREV for apps/* in the same way as we do it for src/* . Bug-AGL: SPEC-4455 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I54bad2ef6c8b171b1ae1270b4adb951fb180b260 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27693 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account
2022-06-28meta-agl-core: add connman-conf dependencyJose Dapena Paz2-2/+9
After kirkstone, connman has an independent package for its configuration. This package is not added as a dependency. As a consequence, we do not ship /etc/connman/main.conf, that, in AGL builds, is expected to provide a fallback for NTP. This means Raspberry PI4 does not synchronize the clock on boot if connection is available. As a side effect, all SSL connections fail. Bug-AGL: SPEC-4447 Change-Id: Iaa34c0a41cd161b0a0edea7602c39f724831412a Signed-off-by: Jose Dapena Paz <jdapena@igalia.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27683 Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account
2022-06-17weston: Delete four patches that are no longer usedduerpei4-320/+0
The following four patches are submitted in https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27257 to fix a potential memory leak problem. Now that Weston has been updated to 10.0, the original memory leak problem has been solved, and the following four patches are no longer required Bug-AGL: SPEC-4438 Signed-off-by: duerpei <duep.fnst@fujitsu.com> Change-Id: Ibe4191a2a902ddac9f9a32d4f6239ae5761894a4 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27665 Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account
2022-06-15Feature cleanup for Nifty NeedlefishJan-Simon Moeller1-8/+0
Remove features with upstream deprecated or unmaintained: - meta-gplv2 Bug-AGL: SPEC-4407 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I39a08b3ebd26a0187a8fd31e6f154dd53471bb9c Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27658 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Scott Murray <scott.murray@konsulko.com>
2022-05-30meta-agl-core: add kuksa user and groupScott Murray2-0/+2
Add a kuksa user and group to the static passwd and group files to facilitate running the KUKSA.val Vehicle Information Service (VIS) server as non-root and control access to some of its configuration files. Bug-AGL: SPEC-4405 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I199d79df42a6e5ea032ccfa084a1d38625b508f0 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27557 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> (cherry picked from commit 9363f1c67fe97a0c47cf44985ce0fb7f879bf7ac) Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27538
2022-05-27meta-agl-core: move polkit addition to dynamic-layersScott Murray4-1/+5
Since polkit comes from meta-oe and not poky, move adding it to packagegroup-agl-graphical-weston to a bbappend that is in a meta-oe dynamic-layers hierarchy. This is required to avoid breaking the meta-agl-core testing on the Yocto autobuilder, which does not pull in meta-oe currently. This may need to be revisited down the road when providing a binary packagefeed is attempted, as it may be the case that explicitly adding meta-oe as a meta-agl-core dependency ends up the better solution for packagefeed stability. Bug-AGL: SPEC-4359, SPEC-4375 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I920d9184f936d0c529db944bf1667a470aa863c6 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27568 Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account
2022-05-26packagegroup-agl-graphical-weston: Add polkit to RDEPENDSMarius Vlad1-0/+1
Images that require/inherit packagegroup-agl-graphical-weston would pull in polkit which is needed by weston/AGL compositor in order to be able to switch VTs as a regular user without needing CAP_SYS_ADMIN privileges. Added initially a workaround, by incorrectly assuming that this was due to missing psplash. Upon further investigation noticed that polkit wasn't really installed which ultimately failed to activate the session. With this change, I'm able to boot-up and display the gallery app for agl-image-flutter and cluster-dashboard application for the agl-cluster-demo-platform image. Bug-AGL: SPEC-4359, SPEC-4375 Suggested-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: Ifd01fb61fc4d0f797519b54bf22395970e2a9fec Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27482 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-05-26agl-shell-activator: Bump SRCREVMarius Vlad1-1/+1
A bug-fixing update, includes the following changes: - 0b21156c3b4f0493 Fix compilation error due to missing wl_output_listener fields initializers. - 22f8d43e58594012 Fix no reaction to 'Ctrl+C'. - 6ebbb41822da663b Remove unneeded wl_display_flush. Bug-AGL: SPEC-4324 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: Ieb68a256f891af5507e261a46e2e645ea5bf0608 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27484 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-05-16agl-compositor_git: Bump up SRCREVMarius Vlad1-1/+1
This SRCREV bump is a bug-fixing update: includes some fixes with fullscreen surface roles, uses libweston's _fini calls to verify and check-up and if cleaned up correctly when shutting down the compositor, and finally, does some minor clean-ups. Specifically, the following changes have been added since the last update: - 1304d412eb2bcefd4 shell: Do not set none role for applications w/o appid - 43bdf9a42bac33df1 shell: Let the output destroy handler handle layer fini - a89fbd6702dd82c4b desktop: Document the repaint schedule - 5274f6ea9da2f119f Revert "desktop: No need to schedule a compositor repaint" - 71deafe03f41738bf shell: Added missing layer fini calls - 41791c9fa1839e93a compositor: Proper indentation - 40f5e3bbfac73375b desktop: Remove dead code - 8f85581e96bc71512 desktop: No need to schedule a compositor repaint - c40f46aa4d2644b18 meson.build: Bump up meson version - 7a7b46bd7040b2814 layout: Inform client to resize for fullscreen roles - 13ac8bab43fffd002 layout: Send dimensions when setting up property as fullscreen - 2cd345013ccaaccd7 layout: Do perform a view update transform when unmapped - b13e185e7214218ca layout: Make the view mapped at activation completion - 7ecc8c2ee8a776bb1 compositor: Rename activated_by_default to mapped Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I3f5735fad1ea99fa6ce388fbb73796436f956bf6 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27450 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-05-06Enable usrmergeScott Murray1-1/+1
An increasing number of advanced systemd features with respect to immutable systems and sandboxing are effectively dependent on the usrmerge distro feature, so it seems reasonable to enable it since upstream AGL currently requires systemd usage. See SPEC-4352 for more detailed discussion of rationale. Changes: - Add usrmerge to AGL_DEFAULT_DISTRO_FEATURES in poky-agl.conf. - Add workarounds via bbappends in meta-agl-bsp for the assumption of using /lib instead of ${nonarch_base_libdir} in various meta-rcar-gen3 kernel module recipes. This will be followed up with upstream to hopefully fix the recipes. - Replaced some explicit /sbin usage with ${sbindir} in the initramfs-netboot recipe used by the agl-netboot feature to avoid packaging errors. Bug-AGL: SPEC-4352 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ibc0ae1e2628aca6474401e0852bbb97085f4ecfa Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27437 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
2022-05-03agl-shell-activator_git.bb: Update agl-shell-activatorMarius Vlad1-3/+3
Bumps agl-shell-activator to include the following changes: - b1006c97511b6e6ed script/agl-activator: No need for the script - 69bda7298f3ee3199 main: Handle agl-shell-desktop events - 81f41152446b315b7 meson.build: Update compositor protocols version Bug-AGL: SPEC-4324 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I46b7470f7731eaa83cf0dc0ef6e722d0124a8c82 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27384 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-05-02meta-agl-core: switch next branch users back to masterScott Murray3-5/+2
Remove the aglnext override that was added on the next branch to switch the couple of affected libweston users (agl-compositor and waltham-transmitter-plugin) to forked next branches for handling Weston 9.0 and 10.0 changes. Now that those changes have been merged to the master branches in the respective repositories, this is no longer required. As well, bump the SRCREVs to pick up the Weston update changes. Bug-AGL: SPEC-4343 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I7a4598a9e776aefa3ec7b2bf13b2e89c086c0681 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27418
2022-04-11meta-agl-core: update connman configuration overrideScott Murray5-11/+5
Upstream is now supplying a connman main.conf file in the connman-conf recipe, move installing our own modified version in our bbappend to just supplying our alternative file in a connman-conf bbappend. Bug-AGL: SPEC-3819 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ib89a24b29fd94093ead9ca6d13d9e60bb97b8a60