From 6cab35d83bda92540ca7b24ef874d871542a37c2 Mon Sep 17 00:00:00 2001 From: Jan-Simon Möller Date: Tue, 5 Nov 2019 12:17:23 +0100 Subject: Declare layer compatibility with zeus MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For the uprev to YP 3.0 zeus we need to update the layer compatibility. Change-Id: Ib762915305588c39400c3c8343152b4ecbfa4556 Signed-off-by: Jan-Simon Möller --- meta-agl-bsp/conf/layer.conf | 2 +- meta-agl-bsp/meta-rcar-gen3-adas/conf/layer.conf | 2 +- meta-agl-distro/conf/layer.conf | 2 +- meta-agl-profile-cluster-qt5/conf/layer.conf | 2 +- meta-agl-profile-cluster/conf/layer.conf | 2 +- meta-agl-profile-core/conf/layer.conf | 2 +- meta-agl-profile-graphical-qt5/conf/layer.conf | 2 +- meta-agl-profile-graphical/conf/layer.conf | 2 +- meta-agl-profile-hud/conf/layer.conf | 2 +- meta-agl-profile-telematics/conf/layer.conf | 2 +- meta-agl/conf/layer.conf | 2 +- meta-app-framework/conf/layer.conf | 2 +- meta-netboot/conf/layer.conf | 2 +- meta-security/conf/layer.conf | 2 +- 14 files changed, 14 insertions(+), 14 deletions(-) diff --git a/meta-agl-bsp/conf/layer.conf b/meta-agl-bsp/conf/layer.conf index 35bf81123..1ff027ce0 100644 --- a/meta-agl-bsp/conf/layer.conf +++ b/meta-agl-bsp/conf/layer.conf @@ -23,4 +23,4 @@ BBFILE_COLLECTIONS += "aglbsp" BBFILE_PATTERN_aglbsp = "^${LAYERDIR}/" BBFILE_PRIORITY_aglbsp = "60" -LAYERSERIES_COMPAT_aglbsp = "thud" +LAYERSERIES_COMPAT_aglbsp = "zeus" diff --git a/meta-agl-bsp/meta-rcar-gen3-adas/conf/layer.conf b/meta-agl-bsp/meta-rcar-gen3-adas/conf/layer.conf index 796d92684..561b1bb0f 100644 --- a/meta-agl-bsp/meta-rcar-gen3-adas/conf/layer.conf +++ b/meta-agl-bsp/meta-rcar-gen3-adas/conf/layer.conf @@ -13,7 +13,7 @@ BBFILE_COLLECTIONS += "rcar-gen3-cogent" BBFILE_PATTERN_rcar-gen3-cogent := "^${LAYERDIR}/../../../bsp/meta-rcar/meta-rcar-gen3-adas/" BBFILE_PRIORITY_rcar-gen3-cogent = "7" -LAYERSERIES_COMPAT_rcar-gen3-cogent = "thud" +LAYERSERIES_COMPAT_rcar-gen3-cogent = "zeus" # Custom packages IMAGE_INSTALL_append_rcar-gen3 = " \ diff --git a/meta-agl-distro/conf/layer.conf b/meta-agl-distro/conf/layer.conf index 3c60fd4c7..7028ca3e2 100644 --- a/meta-agl-distro/conf/layer.conf +++ b/meta-agl-distro/conf/layer.conf @@ -9,4 +9,4 @@ BBFILE_COLLECTIONS += "agl-distro" BBFILE_PATTERN_agl-distro = "^${LAYERDIR}/" BBFILE_PRIORITY_agl-distro = "70" -LAYERSERIES_COMPAT_agl-distro = "thud" +LAYERSERIES_COMPAT_agl-distro = "zeus" diff --git a/meta-agl-profile-cluster-qt5/conf/layer.conf b/meta-agl-profile-cluster-qt5/conf/layer.conf index aa11e32de..c45ac5904 100644 --- a/meta-agl-profile-cluster-qt5/conf/layer.conf +++ b/meta-agl-profile-cluster-qt5/conf/layer.conf @@ -9,4 +9,4 @@ BBFILE_COLLECTIONS += "aglprofileclusterqt5" BBFILE_PATTERN_aglprofileclusterqt5 = "^${LAYERDIR}/" BBFILE_PRIORITY_aglprofileclusterqt5 = "70" -LAYERSERIES_COMPAT_aglprofileclusterqt5 = "thud" +LAYERSERIES_COMPAT_aglprofileclusterqt5 = "zeus" diff --git a/meta-agl-profile-cluster/conf/layer.conf b/meta-agl-profile-cluster/conf/layer.conf index e15c3be4a..d00404e07 100644 --- a/meta-agl-profile-cluster/conf/layer.conf +++ b/meta-agl-profile-cluster/conf/layer.conf @@ -9,4 +9,4 @@ BBFILE_COLLECTIONS += "aglprofilecluster" BBFILE_PATTERN_aglprofilecluster = "^${LAYERDIR}/" BBFILE_PRIORITY_aglprofilecluster = "70" -LAYERSERIES_COMPAT_aglprofilecluster = "thud" +LAYERSERIES_COMPAT_aglprofilecluster = "zeus" diff --git a/meta-agl-profile-core/conf/layer.conf b/meta-agl-profile-core/conf/layer.conf index 641b22867..7579c04fc 100644 --- a/meta-agl-profile-core/conf/layer.conf +++ b/meta-agl-profile-core/conf/layer.conf @@ -9,4 +9,4 @@ BBFILE_COLLECTIONS += "aglprofilecore" BBFILE_PATTERN_aglprofilecore = "^${LAYERDIR}/" BBFILE_PRIORITY_aglprofilecore = "80" -LAYERSERIES_COMPAT_aglprofilecore = "thud" +LAYERSERIES_COMPAT_aglprofilecore = "zeus" diff --git a/meta-agl-profile-graphical-qt5/conf/layer.conf b/meta-agl-profile-graphical-qt5/conf/layer.conf index d73b8aa64..1ae215c32 100644 --- a/meta-agl-profile-graphical-qt5/conf/layer.conf +++ b/meta-agl-profile-graphical-qt5/conf/layer.conf @@ -9,4 +9,4 @@ BBFILE_COLLECTIONS += "aglprofilegraphicalqt5" BBFILE_PATTERN_aglprofilegraphicalqt5 = "^${LAYERDIR}/" BBFILE_PRIORITY_aglprofilegraphicalqt5 = "70" -LAYERSERIES_COMPAT_aglprofilegraphicalqt5 = "thud" +LAYERSERIES_COMPAT_aglprofilegraphicalqt5 = "zeus" diff --git a/meta-agl-profile-graphical/conf/layer.conf b/meta-agl-profile-graphical/conf/layer.conf index a857b0c33..bfd8ef647 100644 --- a/meta-agl-profile-graphical/conf/layer.conf +++ b/meta-agl-profile-graphical/conf/layer.conf @@ -9,4 +9,4 @@ BBFILE_COLLECTIONS += "aglprofilegraphical" BBFILE_PATTERN_aglprofilegraphical = "^${LAYERDIR}/" BBFILE_PRIORITY_aglprofilegraphical = "70" -LAYERSERIES_COMPAT_aglprofilegraphical = "thud" +LAYERSERIES_COMPAT_aglprofilegraphical = "zeus" diff --git a/meta-agl-profile-hud/conf/layer.conf b/meta-agl-profile-hud/conf/layer.conf index 4f5d06fcb..c1e45c58a 100644 --- a/meta-agl-profile-hud/conf/layer.conf +++ b/meta-agl-profile-hud/conf/layer.conf @@ -9,4 +9,4 @@ BBFILE_COLLECTIONS += "aglprofilehud" BBFILE_PATTERN_aglprofilehud = "^${LAYERDIR}/" BBFILE_PRIORITY_aglprofilehud = "70" -LAYERSERIES_COMPAT_aglprofilehud = "thud" +LAYERSERIES_COMPAT_aglprofilehud = "zeus" diff --git a/meta-agl-profile-telematics/conf/layer.conf b/meta-agl-profile-telematics/conf/layer.conf index 6d17746bc..11c70f5ea 100644 --- a/meta-agl-profile-telematics/conf/layer.conf +++ b/meta-agl-profile-telematics/conf/layer.conf @@ -9,4 +9,4 @@ BBFILE_COLLECTIONS += "aglprofiletelematics" BBFILE_PATTERN_aglprofiletelematics = "^${LAYERDIR}/" BBFILE_PRIORITY_aglprofiletelematics = "70" -LAYERSERIES_COMPAT_aglprofiletelematics = "thud" +LAYERSERIES_COMPAT_aglprofiletelematics = "zeus" diff --git a/meta-agl/conf/layer.conf b/meta-agl/conf/layer.conf index c46ec8096..cec39ace6 100644 --- a/meta-agl/conf/layer.conf +++ b/meta-agl/conf/layer.conf @@ -9,4 +9,4 @@ BBFILE_COLLECTIONS += "agl" BBFILE_PATTERN_agl = "^${LAYERDIR}/" BBFILE_PRIORITY_agl = "70" -LAYERSERIES_COMPAT_agl = "thud" +LAYERSERIES_COMPAT_agl = "zeus" diff --git a/meta-app-framework/conf/layer.conf b/meta-app-framework/conf/layer.conf index 4af5354a6..61a5a968e 100644 --- a/meta-app-framework/conf/layer.conf +++ b/meta-app-framework/conf/layer.conf @@ -9,4 +9,4 @@ BBFILE_COLLECTIONS += "app-framework" BBFILE_PATTERN_app-framework = "^${LAYERDIR}/" BBFILE_PRIORITY_app-framework = "70" -LAYERSERIES_COMPAT_app-framework = "thud" +LAYERSERIES_COMPAT_app-framework = "zeus" diff --git a/meta-netboot/conf/layer.conf b/meta-netboot/conf/layer.conf index d22a86446..119fe02fb 100644 --- a/meta-netboot/conf/layer.conf +++ b/meta-netboot/conf/layer.conf @@ -12,4 +12,4 @@ BBFILE_COLLECTIONS += "meta-netboot" BBFILE_PATTERN_meta-netboot = "^${LAYERDIR}/" BBFILE_PRIORITY_meta-netboot = "60" -LAYERSERIES_COMPAT_meta-netboot = "thud" +LAYERSERIES_COMPAT_meta-netboot = "zeus" diff --git a/meta-security/conf/layer.conf b/meta-security/conf/layer.conf index 16dae3989..608cf62ed 100644 --- a/meta-security/conf/layer.conf +++ b/meta-security/conf/layer.conf @@ -11,4 +11,4 @@ BBFILE_COLLECTIONS += "security-smack" BBFILE_PATTERN_security-smack := "^${LAYERDIR}/" BBFILE_PRIORITY_security-smack = "60" -LAYERSERIES_COMPAT_security-smack = "thud" +LAYERSERIES_COMPAT_security-smack = "zeus" -- cgit 1.2.3-korg From 2d0270f656766b76763a3661355742f9ccef63ab Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 13:17:36 -0500 Subject: meta-security: remove keyutils recipe Remove keyutils 1.5.8 recipe since meta-oe has a newer 1.6 recipe. Bug-AGL: SPEC-2932 Change-Id: I0a0d2507922c0d705eb064577c0a2a8fcc081d3f Signed-off-by: Scott Murray --- .../keyutils/keyutils-arm-remove-m32-m64.patch | 19 ---------- .../keyutils/keyutils_fix_library_install.patch | 30 --------------- .../keyutils/keyutils_fix_x86-64_cflags.patch | 13 ------- .../keyutils/keyutils_fix_x86_cflags.patch | 13 ------- .../recipes-security/keyutils/keyutils_1.5.8.bb | 44 ---------------------- 5 files changed, 119 deletions(-) delete mode 100644 meta-security/recipes-security/keyutils/keyutils/keyutils-arm-remove-m32-m64.patch delete mode 100644 meta-security/recipes-security/keyutils/keyutils/keyutils_fix_library_install.patch delete mode 100644 meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86-64_cflags.patch delete mode 100644 meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86_cflags.patch delete mode 100644 meta-security/recipes-security/keyutils/keyutils_1.5.8.bb diff --git a/meta-security/recipes-security/keyutils/keyutils/keyutils-arm-remove-m32-m64.patch b/meta-security/recipes-security/keyutils/keyutils/keyutils-arm-remove-m32-m64.patch deleted file mode 100644 index a049fd23f..000000000 --- a/meta-security/recipes-security/keyutils/keyutils/keyutils-arm-remove-m32-m64.patch +++ /dev/null @@ -1,19 +0,0 @@ -Index: keyutils-1.5.5/Makefile -=================================================================== ---- keyutils-1.5.5.orig/Makefile 2011-12-20 11:05:10.000000000 +0200 -+++ keyutils-1.5.5/Makefile 2011-12-20 11:06:27.000000000 +0200 -@@ -58,12 +58,12 @@ - LNS := ln -sf - - ifeq ($(BUILDFOR),32-bit) --CFLAGS += -m32 -+#CFLAGS += -m32 - LIBDIR := /usr/lib - USRLIBDIR := /usr/lib - else - ifeq ($(BUILDFOR),64-bit) --CFLAGS += -m64 -+#CFLAGS += -m64 - LIBDIR := /usr/lib - USRLIBDIR := /usr/lib - endif diff --git a/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_library_install.patch b/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_library_install.patch deleted file mode 100644 index adf064304..000000000 --- a/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_library_install.patch +++ /dev/null @@ -1,30 +0,0 @@ -Index: keyutils-1.5.5/Makefile -=================================================================== ---- keyutils-1.5.5.orig/Makefile 2011-11-30 17:27:43.000000000 +0200 -+++ keyutils-1.5.5/Makefile 2011-12-21 16:05:53.000000000 +0200 -@@ -59,13 +59,13 @@ - - ifeq ($(BUILDFOR),32-bit) - CFLAGS += -m32 --LIBDIR := /lib -+LIBDIR := /usr/lib - USRLIBDIR := /usr/lib - else - ifeq ($(BUILDFOR),64-bit) - CFLAGS += -m64 --LIBDIR := /lib64 --USRLIBDIR := /usr/lib64 -+LIBDIR := /usr/lib -+USRLIBDIR := /usr/lib - endif - endif - -@@ -152,7 +152,7 @@ - $(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME) - $(LNS) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME) - mkdir -p $(DESTDIR)$(USRLIBDIR) -- $(LNS) $(LIBDIR)/$(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB) -+ $(LNS) $(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB) - $(INSTALL) -D keyctl $(DESTDIR)$(BINDIR)/keyctl - $(INSTALL) -D request-key $(DESTDIR)$(SBINDIR)/request-key - $(INSTALL) -D request-key-debug.sh $(DESTDIR)$(SHAREDIR)/request-key-debug.sh diff --git a/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86-64_cflags.patch b/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86-64_cflags.patch deleted file mode 100644 index 8dd224505..000000000 --- a/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86-64_cflags.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: git/Makefile -=================================================================== ---- git.orig/Makefile 2012-11-16 15:40:05.258723425 +0200 -+++ git/Makefile 2012-11-16 15:41:08.978725491 +0200 -@@ -53,7 +53,7 @@ - ############################################################################### - LIBDIR := $(shell ldd /usr/bin/make | grep '\(/libc\)' | sed -e 's!.*\(/.*\)/libc[.].*!\1!') - USRLIBDIR := $(patsubst /lib/%,/usr/lib/%,$(LIBDIR)) --BUILDFOR := $(shell file /usr/bin/make | sed -e 's!.*ELF \(32\|64\)-bit.*!\1!')-bit -+BUILDFOR := 64-bit - - LNS := ln -sf - diff --git a/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86_cflags.patch b/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86_cflags.patch deleted file mode 100644 index 573c429b8..000000000 --- a/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86_cflags.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: git/Makefile -=================================================================== ---- git.orig/Makefile 2012-11-16 15:40:05.258723425 +0200 -+++ git/Makefile 2012-11-16 15:41:08.978725491 +0200 -@@ -53,7 +53,7 @@ - ############################################################################### - LIBDIR := $(shell ldd /usr/bin/make | grep '\(/libc\)' | sed -e 's!.*\(/.*\)/libc[.].*!\1!') - USRLIBDIR := $(patsubst /lib/%,/usr/lib/%,$(LIBDIR)) --BUILDFOR := $(shell file /usr/bin/make | sed -e 's!.*ELF \(32\|64\)-bit.*!\1!')-bit -+BUILDFOR := 32-bit - - LNS := ln -sf - diff --git a/meta-security/recipes-security/keyutils/keyutils_1.5.8.bb b/meta-security/recipes-security/keyutils/keyutils_1.5.8.bb deleted file mode 100644 index 46b2b622a..000000000 --- a/meta-security/recipes-security/keyutils/keyutils_1.5.8.bb +++ /dev/null @@ -1,44 +0,0 @@ -SUMMARY = "Linux Key Management Utilities" -DESCRIPTION = "Keyutils is a set of utilities for managing the key retention \ -facility in the kernel, which can be used by filesystems, block devices and \ -more to gain and retain the authorization and encryption keys required to \ -perform secure operations." -SECTION = "base" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://LICENCE.GPL;md5=5f6e72824f5da505c1f4a7197f004b45" - -PR = "r1" - -SRCREV = "dd64114721edca5808872190e7e2e927ee2e994c" - -SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git;protocol=git \ - file://keyutils_fix_library_install.patch \ - " -SRC_URI_append_arm = " file://keyutils-arm-remove-m32-m64.patch" -SRC_URI_append_x86 = " file://keyutils_fix_x86_cflags.patch" -SRC_URI_append_x86-64 = " file://keyutils_fix_x86-64_cflags.patch" - -S = "${WORKDIR}/git" - -INSTALL_FLAGS = " \ -BINDIR=${bindir} \ -SBINDIR=${sbindir} \ -INCLUDEDIR=${includedir} \ -ETCDIR=${sysconfdir} \ -LIBDIR=${libdir} \ -USRLIBDIR=${libdir} \ -SHAREDIR=${datadir} \ -MAN1=${mandir}/man1 \ -MAN3=${mandir}/man3 \ -MAN5=${mandir}/man5 \ -MAN8=${mandir}/man8 \ -DESTDIR=${D}" - -do_install() { - cd ${S} && oe_runmake ${INSTALL_FLAGS} install - - # Debugging script of unknown value, not packaged. - rm -f "${D}${datadir}/request-key-debug.sh" -} - -BBCLASSEXTEND = "native" -- cgit 1.2.3-korg From b11090e106630bf72bf6c7fe8aeb7da453367eff Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 13:20:56 -0500 Subject: meta-app-framework: remove libzip recipe Remove libzip 1.1.1 recipe since meta-oe has a newer 1.5.2 recipe now, and add a bbappend to enable required native and nativesdk building with BBCLASSEXTEND. Bug-AGL: SPEC-2932 Change-Id: I224ba96ffce78c07590d7f791d4ab3b64c7febda Signed-off-by: Scott Murray --- .../recipes-support/libzip/libzip_%.bbappend | 1 + .../recipes-support/libzip/libzip_1.1.1.bb | 32 ---------------------- 2 files changed, 1 insertion(+), 32 deletions(-) create mode 100644 meta-app-framework/recipes-support/libzip/libzip_%.bbappend delete mode 100644 meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb diff --git a/meta-app-framework/recipes-support/libzip/libzip_%.bbappend b/meta-app-framework/recipes-support/libzip/libzip_%.bbappend new file mode 100644 index 000000000..5174650b1 --- /dev/null +++ b/meta-app-framework/recipes-support/libzip/libzip_%.bbappend @@ -0,0 +1 @@ +BBCLASSEXTEND += "native nativesdk" diff --git a/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb b/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb deleted file mode 100644 index 450971176..000000000 --- a/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb +++ /dev/null @@ -1,32 +0,0 @@ -inherit autotools - -SUMMARY = "Library providing support for handling zip files" -DESCRIPTION = "\ - This library is wrapping zlib and allows \ - to easily create, browse, inflate of deflate \ - the zip files. \ - It also provides tools for zip comparing, merging or browsing.\ -" - -HOMEPAGE = "http://nih.at/libzip/index.html" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=23ebf7ca347ed9703b4ef40824d0ef66" - -SRC_URI = "http://nih.at/libzip/libzip-1.1.1.tar.xz;md5sum=0c86a1a94fbc3ec6724801036726ae1f" - -#SRC_URI = "hg://hg.nih.at/libzip;module=libzip;protocol=http" -#SRCREV = "5895e34af7f9" -#S = "${HGDIR}" - -SECTION = "base" - -DEPENDS = "zlib" - -RDEPENDS_${PN} = "zlib" - -PROVIDES += "${PN}-tools" -RDEPENDS_${PN}-tools = "${PN}" -FILES_${PN}-tools = "${bindir}/zipcmp ${bindir}/zipmerge ${bindir}/ziptool" - -BBCLASSEXTEND = "native nativesdk" - -- cgit 1.2.3-korg From da3478a5d3f5432d07715e8ca463e40adf07d8e9 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 13:26:00 -0500 Subject: meta-agl-bsp: remove weston and wayland-protocols backports Remove weston 6.0.0 and wayland-protocols 1.17 backports, as they are no longer required. oe-core now has weston 7.0.0 and wayland-protocols 1.18. Bug-AGL: SPEC-2932 Change-Id: I351c44616a0f47b128e10371bf05f16b0bfe054f Signed-off-by: Scott Murray --- .../wayland/wayland-protocols_1.17.bb | 24 --- .../wayland/weston/0001-make-error-portable.patch | 78 ---------- ...ch-Provide-a-default-version-that-doesn-t.patch | 173 --------------------- .../recipes-graphics/wayland/weston/weston.desktop | 9 -- .../recipes-graphics/wayland/weston/weston.png | Bin 2383 -> 0 bytes .../wayland/weston/xwayland.weston-start | 7 - .../recipes-graphics/wayland/weston_6.0.0.bb | 111 ------------- 7 files changed, 402 deletions(-) delete mode 100644 meta-agl-bsp/recipes-graphics/wayland/wayland-protocols_1.17.bb delete mode 100644 meta-agl-bsp/recipes-graphics/wayland/weston/0001-make-error-portable.patch delete mode 100644 meta-agl-bsp/recipes-graphics/wayland/weston/0001-weston-launch-Provide-a-default-version-that-doesn-t.patch delete mode 100644 meta-agl-bsp/recipes-graphics/wayland/weston/weston.desktop delete mode 100644 meta-agl-bsp/recipes-graphics/wayland/weston/weston.png delete mode 100644 meta-agl-bsp/recipes-graphics/wayland/weston/xwayland.weston-start delete mode 100644 meta-agl-bsp/recipes-graphics/wayland/weston_6.0.0.bb diff --git a/meta-agl-bsp/recipes-graphics/wayland/wayland-protocols_1.17.bb b/meta-agl-bsp/recipes-graphics/wayland/wayland-protocols_1.17.bb deleted file mode 100644 index ee9e3d43a..000000000 --- a/meta-agl-bsp/recipes-graphics/wayland/wayland-protocols_1.17.bb +++ /dev/null @@ -1,24 +0,0 @@ -SUMMARY = "Collection of additional Wayland protocols" -DESCRIPTION = "Wayland protocols that add functionality not \ -available in the Wayland core protocol. Such protocols either add \ -completely new functionality, or extend the functionality of some other \ -protocol either in Wayland core, or some other protocol in \ -wayland-protocols." -HOMEPAGE = "http://wayland.freedesktop.org" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://COPYING;md5=c7b12b6702da38ca028ace54aae3d484 \ - file://stable/presentation-time/presentation-time.xml;endline=26;md5=4646cd7d9edc9fa55db941f2d3a7dc53" - -SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \ - " -SRC_URI[md5sum] = "e0b523ff162e30bab46be1d65d527683" -SRC_URI[sha256sum] = "6b1485951fdcd36a960c870c46f28b03a3e5121fb46246916333ed07f78c98c5" -SRC_URI[md5sum] = "55ddd5fdb02b73b9de9559aaec267315" -SRC_URI[sha256sum] = "df1319cf9705643aea9fd16f9056f4e5b2471bd10c0cc3713d4a4cdc23d6812f" - -UPSTREAM_CHECK_URI = "https://wayland.freedesktop.org/releases.html" - -inherit allarch autotools pkgconfig - -PACKAGES = "${PN}" -FILES_${PN} += "${datadir}/pkgconfig/wayland-protocols.pc" diff --git a/meta-agl-bsp/recipes-graphics/wayland/weston/0001-make-error-portable.patch b/meta-agl-bsp/recipes-graphics/wayland/weston/0001-make-error-portable.patch deleted file mode 100644 index 0eb3d95a6..000000000 --- a/meta-agl-bsp/recipes-graphics/wayland/weston/0001-make-error-portable.patch +++ /dev/null @@ -1,78 +0,0 @@ -From c4677e155736062e75687f1a655732c8902e912b Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Fri, 29 May 2015 20:56:00 -0700 -Subject: [PATCH] make error() portable - -error() is not posix but gnu extension so may not be available on all -kind of systemsi e.g. musl. - -Upstream-Status: Submitted - -Signed-off-by: Khem Raj - ---- - configure.ac | 2 ++ - libweston/weston-error.h | 20 ++++++++++++++++++++ - libweston/weston-launch.c | 2 +- - 3 files changed, 23 insertions(+), 1 deletion(-) - create mode 100644 libweston/weston-error.h - -diff --git a/configure.ac b/configure.ac -index c05ad01..6da6e04 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -126,6 +126,8 @@ AC_CHECK_DECL(CLOCK_MONOTONIC,[], - [AC_MSG_ERROR("CLOCK_MONOTONIC is needed to compile weston")], - [[#include ]]) - -+AC_CHECK_HEADERS([error.h]) -+ - AC_CHECK_FUNCS([mkostemp strchrnul initgroups posix_fallocate]) - - # check for libdrm as a build-time dependency only -diff --git a/libweston/weston-error.h b/libweston/weston-error.h -new file mode 100644 -index 0000000..2089d02 ---- /dev/null -+++ b/libweston/weston-error.h -@@ -0,0 +1,20 @@ -+#ifndef _WESTON_ERROR_H -+#define _WESTON_ERROR_H -+ -+#if defined(HAVE_ERROR_H) -+#include -+#else -+#include -+#include -+#define _weston_error(S, E, F, ...) do { \ -+ if (E) \ -+ err(S, F ": %s", ##__VA_ARGS__, strerror(E)); \ -+ else \ -+ err(S, F, ##__VA_ARGS__); \ -+} while(0) -+ -+#define error _weston_error -+#endif -+ -+#endif -+ -diff --git a/libweston/weston-launch.c b/libweston/weston-launch.c -index bf73e0d..9064439 100644 ---- a/libweston/weston-launch.c -+++ b/libweston/weston-launch.c -@@ -33,7 +33,6 @@ - #include - #include - --#include - #include - - #include -@@ -59,6 +58,7 @@ - #endif - - #include "weston-launch.h" -+#include "weston-error.h" - - #define DRM_MAJOR 226 - diff --git a/meta-agl-bsp/recipes-graphics/wayland/weston/0001-weston-launch-Provide-a-default-version-that-doesn-t.patch b/meta-agl-bsp/recipes-graphics/wayland/weston/0001-weston-launch-Provide-a-default-version-that-doesn-t.patch deleted file mode 100644 index d648538b8..000000000 --- a/meta-agl-bsp/recipes-graphics/wayland/weston/0001-weston-launch-Provide-a-default-version-that-doesn-t.patch +++ /dev/null @@ -1,173 +0,0 @@ -From b98b9dbda902225cdd972b5bff6a641c36cc7e90 Mon Sep 17 00:00:00 2001 -From: Tom Hochstein -Date: Wed, 22 Feb 2017 15:53:30 +0200 -Subject: [PATCH] weston-launch: Provide a default version that doesn't require PAM - -weston-launch requires PAM for starting weston as a non-root user. - -Since starting weston as root is a valid use case by itself, if -PAM is not available, provide a default version of weston-launch -without non-root-user support. - -Upstream-Status: Pending - -Signed-off-by: Tom Hochstein -Signed-off-by: Jussi Kukkonen -Signed-off-by: Denys Dmytriyenko - ---- - configure.ac | 9 +++++++-- - libweston/weston-launch.c | 20 ++++++++++++++++++++ - 2 files changed, 27 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index dc9c802..48cf5cb 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -451,13 +451,17 @@ AC_ARG_ENABLE(resize-optimization, - AS_IF([test "x$enable_resize_optimization" = "xyes"], - [AC_DEFINE([USE_RESIZE_POOL], [1], [Use resize memory pool as a performance optimization])]) - -+AC_ARG_WITH(pam, -+ AS_HELP_STRING([--with-pam], [Use PAM]), -+ [use_pam=$withval], [use_pam=yes]) - AC_ARG_ENABLE(weston-launch, [ --enable-weston-launch],, enable_weston_launch=yes) - AM_CONDITIONAL(BUILD_WESTON_LAUNCH, test x$enable_weston_launch = xyes) --if test x$enable_weston_launch = xyes; then -+if test x$enable_weston_launch = xyes -a x$use_pam = xyes; then - WESTON_SEARCH_LIBS([PAM], [pam], [pam_open_session], [have_pam=yes], [have_pam=no]) - if test x$have_pam = xno; then -- AC_ERROR([weston-launch requires pam]) -+ AC_ERROR([PAM support is explicitly requested, but libpam couldn't be found]) - fi -+ AC_DEFINE([HAVE_PAM], [1], [Define if PAM is available]) - fi - - AM_CONDITIONAL(HAVE_PANGO, test "x$have_pango" = "xyes") -@@ -702,6 +706,7 @@ AC_MSG_RESULT([ - Enable developer documentation ${enable_devdocs} - - weston-launch utility ${enable_weston_launch} -+ PAM support ${use_pam} - systemd-login support ${have_systemd_login} - systemd notify support ${enable_systemd_notify} - -diff --git a/libweston/weston-launch.c b/libweston/weston-launch.c -index 166bf3b..6fb9232 100644 ---- a/libweston/weston-launch.c -+++ b/libweston/weston-launch.c -@@ -51,7 +51,9 @@ - - #include - #include -+#ifdef HAVE_PAM - #include -+#endif - - #ifdef HAVE_SYSTEMD_LOGIN - #include -@@ -101,8 +103,10 @@ drmSetMaster(int drm_fd) - #endif - - struct weston_launch { -+#ifdef HAVE_PAM - struct pam_conv pc; - pam_handle_t *ph; -+#endif - int tty; - int ttynr; - int sock[2]; -@@ -189,6 +193,7 @@ weston_launch_allowed(struct weston_launch *wl) - return false; - } - -+#ifdef HAVE_PAM - static int - pam_conversation_fn(int msg_count, - const struct pam_message **messages, -@@ -229,6 +234,7 @@ setup_pam(struct weston_launch *wl) - - return 0; - } -+#endif - - static int - setup_launcher_socket(struct weston_launch *wl) -@@ -422,6 +428,7 @@ quit(struct weston_launch *wl, int status) - close(wl->signalfd); - close(wl->sock[0]); - -+#ifdef HAVE_PAM - if (wl->new_user) { - err = pam_close_session(wl->ph, 0); - if (err) -@@ -429,6 +436,7 @@ quit(struct weston_launch *wl, int status) - err, pam_strerror(wl->ph, err)); - pam_end(wl->ph, err); - } -+#endif - - if (ioctl(wl->tty, KDSKBMUTE, 0) && - ioctl(wl->tty, KDSKBMODE, wl->kb_mode)) -@@ -608,6 +616,7 @@ setup_session(struct weston_launch *wl, char **child_argv) - setenv("HOME", wl->pw->pw_dir, 1); - setenv("SHELL", wl->pw->pw_shell, 1); - -+#ifdef HAVE_PAM - env = pam_getenvlist(wl->ph); - if (env) { - for (i = 0; env[i]; ++i) { -@@ -616,6 +625,7 @@ setup_session(struct weston_launch *wl, char **child_argv) - } - free(env); - } -+#endif - - /* - * We open a new session, so it makes sense -@@ -683,8 +693,10 @@ static void - help(const char *name) - { - fprintf(stderr, "Usage: %s [args...] [-- [weston args..]]\n", name); -+#ifdef HAVE_PAM - fprintf(stderr, " -u, --user Start session as specified username,\n" - " e.g. -u joe, requires root.\n"); -+#endif - fprintf(stderr, " -t, --tty Start session on alternative tty,\n" - " e.g. -t /dev/tty4, requires -u option.\n"); - fprintf(stderr, " -v, --verbose Be verbose\n"); -@@ -698,7 +710,9 @@ main(int argc, char *argv[]) - int i, c; - char *tty = NULL; - struct option opts[] = { -+#ifdef HAVE_PAM - { "user", required_argument, NULL, 'u' }, -+#endif - { "tty", required_argument, NULL, 't' }, - { "verbose", no_argument, NULL, 'v' }, - { "help", no_argument, NULL, 'h' }, -@@ -710,9 +724,13 @@ main(int argc, char *argv[]) - while ((c = getopt_long(argc, argv, "u:t:vh", opts, &i)) != -1) { - switch (c) { - case 'u': -+#ifdef HAVE_PAM - wl.new_user = optarg; - if (getuid() != 0) - error(1, 0, "Permission denied. -u allowed for root only"); -+#else -+ error(1, 0, "-u is unsupported in this weston-launch build"); -+#endif - break; - case 't': - tty = optarg; -@@ -753,8 +771,10 @@ main(int argc, char *argv[]) - if (setup_tty(&wl, tty) < 0) - exit(EXIT_FAILURE); - -+#ifdef HAVE_PAM - if (wl.new_user && setup_pam(&wl) < 0) - exit(EXIT_FAILURE); -+#endif - - if (setup_launcher_socket(&wl) < 0) - exit(EXIT_FAILURE); diff --git a/meta-agl-bsp/recipes-graphics/wayland/weston/weston.desktop b/meta-agl-bsp/recipes-graphics/wayland/weston/weston.desktop deleted file mode 100644 index 1086ae8bf..000000000 --- a/meta-agl-bsp/recipes-graphics/wayland/weston/weston.desktop +++ /dev/null @@ -1,9 +0,0 @@ -[Desktop Entry] -Encoding=UTF-8 -Type=Application -Name=Weston -Comment=Wayland Compostitor -Exec=weston -Icon=weston -Terminal=false -Categories=Utility; diff --git a/meta-agl-bsp/recipes-graphics/wayland/weston/weston.png b/meta-agl-bsp/recipes-graphics/wayland/weston/weston.png deleted file mode 100644 index ea8b7e0e2..000000000 Binary files a/meta-agl-bsp/recipes-graphics/wayland/weston/weston.png and /dev/null differ diff --git a/meta-agl-bsp/recipes-graphics/wayland/weston/xwayland.weston-start b/meta-agl-bsp/recipes-graphics/wayland/weston/xwayland.weston-start deleted file mode 100644 index b483c97cf..000000000 --- a/meta-agl-bsp/recipes-graphics/wayland/weston/xwayland.weston-start +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -if type Xwayland >/dev/null 2>/dev/null; then - mkdir -p /tmp/.X11-unix - - add_weston_argument "--modules=xwayland.so" -fi diff --git a/meta-agl-bsp/recipes-graphics/wayland/weston_6.0.0.bb b/meta-agl-bsp/recipes-graphics/wayland/weston_6.0.0.bb deleted file mode 100644 index f1e67e318..000000000 --- a/meta-agl-bsp/recipes-graphics/wayland/weston_6.0.0.bb +++ /dev/null @@ -1,111 +0,0 @@ -SUMMARY = "Weston, a Wayland compositor" -DESCRIPTION = "Weston is the reference implementation of a Wayland compositor" -HOMEPAGE = "http://wayland.freedesktop.org" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://COPYING;md5=d79ee9e66bb0f95d3386a7acae780b70 \ - file://libweston/compositor.c;endline=27;md5=6c53bbbd99273f4f7c4affa855c33c0a" - -SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \ - file://weston.png \ - file://weston.desktop \ - file://0001-make-error-portable.patch \ - file://xwayland.weston-start \ - file://0001-weston-launch-Provide-a-default-version-that-doesn-t.patch \ -" -SRC_URI[md5sum] = "752a04ce3c65af4884cfac4e57231bdb" -SRC_URI[sha256sum] = "15a23423bcfa45e31e1dedc0cd524ba71e2930df174fde9c99b71a537c4e4caf" -SRC_URI[md5sum] = "7c634e262f8a464a076c97fd50ad36b3" -SRC_URI[sha256sum] = "546323a90607b3bd7f48809ea9d76e64cd09718102f2deca6d95aa59a882e612" - -UPSTREAM_CHECK_URI = "https://wayland.freedesktop.org/releases.html" - -inherit autotools pkgconfig useradd distro_features_check -# depends on virtual/egl -REQUIRED_DISTRO_FEATURES = "opengl" - -DEPENDS = "libxkbcommon gdk-pixbuf pixman cairo glib-2.0 jpeg" -DEPENDS += "wayland wayland-protocols libinput virtual/egl pango wayland-native" - -WESTON_MAJOR_VERSION = "${@'.'.join(d.getVar('PV').split('.')[0:1])}" - -EXTRA_OECONF = "--enable-setuid-install \ - --disable-rdp-compositor \ - --enable-autotools \ - " -PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'wayland', 'kms fbdev wayland egl', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'x11 wayland', 'xwayland', '', d)} \ - ${@bb.utils.filter('DISTRO_FEATURES', 'pam systemd x11', d)} \ - clients launch" -# -# Compositor choices -# -# Weston on KMS -PACKAGECONFIG[kms] = "--enable-drm-compositor,--disable-drm-compositor,drm udev virtual/mesa virtual/libgbm mtdev" -# Weston on Wayland (nested Weston) -PACKAGECONFIG[wayland] = "--enable-wayland-compositor,--disable-wayland-compositor,virtual/mesa" -# Weston on X11 -PACKAGECONFIG[x11] = "--enable-x11-compositor,--disable-x11-compositor,virtual/libx11 libxcb libxcb libxcursor cairo" -# Headless Weston -PACKAGECONFIG[headless] = "--enable-headless-compositor,--disable-headless-compositor" -# Weston on framebuffer -PACKAGECONFIG[fbdev] = "--enable-fbdev-compositor,--disable-fbdev-compositor,udev mtdev" -# weston-launch -PACKAGECONFIG[launch] = "--enable-weston-launch,--disable-weston-launch,drm" -# VA-API desktop recorder -PACKAGECONFIG[vaapi] = "--enable-vaapi-recorder,--disable-vaapi-recorder,libva" -# Weston with EGL support -PACKAGECONFIG[egl] = "--enable-egl --enable-simple-egl-clients,--disable-egl --disable-simple-egl-clients,virtual/egl" -# Weston with cairo glesv2 support -PACKAGECONFIG[cairo-glesv2] = "--with-cairo-glesv2,--with-cairo=image,cairo" -# Weston with lcms support -PACKAGECONFIG[lcms] = "--enable-lcms,--disable-lcms,lcms" -# Weston with webp support -PACKAGECONFIG[webp] = "--with-webp,--without-webp,libwebp" -# Weston with systemd-login support -PACKAGECONFIG[systemd] = "--enable-systemd-login,--disable-systemd-login,systemd dbus" -# Weston with Xwayland support (requires X11 and Wayland) -PACKAGECONFIG[xwayland] = "--enable-xwayland,--disable-xwayland" -# colord CMS support -PACKAGECONFIG[colord] = "--enable-colord,--disable-colord,colord" -# Clients support -PACKAGECONFIG[clients] = "--enable-clients --enable-simple-clients --enable-demo-clients-install,--disable-clients --disable-simple-clients" -# Weston with PAM support -PACKAGECONFIG[pam] = "--with-pam,--without-pam,libpam" - -do_install_append() { - # Weston doesn't need the .la files to load modules, so wipe them - rm -f ${D}/${libdir}/libweston-${WESTON_MAJOR_VERSION}/*.la - - # If X11, ship a desktop file to launch it - if [ "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" ]; then - install -d ${D}${datadir}/applications - install ${WORKDIR}/weston.desktop ${D}${datadir}/applications - - install -d ${D}${datadir}/icons/hicolor/48x48/apps - install ${WORKDIR}/weston.png ${D}${datadir}/icons/hicolor/48x48/apps - fi - - if [ "${@bb.utils.contains('PACKAGECONFIG', 'xwayland', 'yes', 'no', d)}" = "yes" ]; then - install -Dm 644 ${WORKDIR}/xwayland.weston-start ${D}${datadir}/weston-start/xwayland - fi -} - -PACKAGES += "${@bb.utils.contains('PACKAGECONFIG', 'xwayland', '${PN}-xwayland', '', d)} \ - libweston-${WESTON_MAJOR_VERSION} ${PN}-examples" - -FILES_${PN} = "${bindir}/weston ${bindir}/weston-terminal ${bindir}/weston-info ${bindir}/weston-launch ${bindir}/wcap-decode ${libexecdir} ${libdir}/${BPN}/*.so ${datadir}" - -FILES_libweston-${WESTON_MAJOR_VERSION} = "${libdir}/lib*${SOLIBS} ${libdir}/libweston-${WESTON_MAJOR_VERSION}/*.so" -SUMMARY_libweston-${WESTON_MAJOR_VERSION} = "Helper library for implementing 'wayland window managers'." - -FILES_${PN}-examples = "${bindir}/*" - -FILES_${PN}-xwayland = "${libdir}/libweston-${WESTON_MAJOR_VERSION}/xwayland.so" -RDEPENDS_${PN}-xwayland += "xserver-xorg-xwayland" - -RDEPENDS_${PN} += "xkeyboard-config" -RRECOMMENDS_${PN} = "weston-conf liberation-fonts" -RRECOMMENDS_${PN}-dev += "wayland-protocols" - -USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "--system weston-launch" -- cgit 1.2.3-korg From e907025aac7e05019236ed33c8c61e22a0e65833 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 13:30:36 -0500 Subject: meta-agl-bsp/meta-intel: remove linux-firmware_git.bbappend Remove empty meta-intel specific linux_firmware_git.bbappend, as there is no _git version of the recipe in zeus for it to apply to. Bug-AGL: SPEC-2932 Change-Id: I7675d024a069e51b8c8b6b8ba34579cbff629158 Signed-off-by: Scott Murray --- .../meta-intel/recipes-kernel/linux-firmware/linux-firmware_git.bbappend | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 meta-agl-bsp/meta-intel/recipes-kernel/linux-firmware/linux-firmware_git.bbappend diff --git a/meta-agl-bsp/meta-intel/recipes-kernel/linux-firmware/linux-firmware_git.bbappend b/meta-agl-bsp/meta-intel/recipes-kernel/linux-firmware/linux-firmware_git.bbappend deleted file mode 100644 index e69de29bb..000000000 -- cgit 1.2.3-korg From 8d55c30c7d8f2f2b66cd9d5f827cc1dd1856b23e Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 13:47:34 -0500 Subject: meta-agl-profile-core: remove old glibc patch Remove patch against glibc since it no longer applies, and is no longer relevant since no AGL platform uses a kernel old enough (< 3.14.3) to require it. Bug-AGL: SPEC-2932 Change-Id: I7fc1ae73b41f69892ea1ac72fbe563de7c9122f7 Signed-off-by: Scott Murray --- .../recipes-core/glibc/.appends.core | 0 .../glibc/glibc/arm/local-arm-futex.diff | 22 ---------------------- .../recipes-core/glibc/glibc_2.2%.bbappend | 3 --- 3 files changed, 25 deletions(-) delete mode 100644 meta-agl-profile-core/recipes-core/glibc/.appends.core delete mode 100644 meta-agl-profile-core/recipes-core/glibc/glibc/arm/local-arm-futex.diff delete mode 100644 meta-agl-profile-core/recipes-core/glibc/glibc_2.2%.bbappend diff --git a/meta-agl-profile-core/recipes-core/glibc/.appends.core b/meta-agl-profile-core/recipes-core/glibc/.appends.core deleted file mode 100644 index e69de29bb..000000000 diff --git a/meta-agl-profile-core/recipes-core/glibc/glibc/arm/local-arm-futex.diff b/meta-agl-profile-core/recipes-core/glibc/glibc/arm/local-arm-futex.diff deleted file mode 100644 index 27d1144d0..000000000 --- a/meta-agl-profile-core/recipes-core/glibc/glibc/arm/local-arm-futex.diff +++ /dev/null @@ -1,22 +0,0 @@ -Description: Lie about futex_atomic_cmpxchg_inatomic kernel support. - In past versions of glibc, we incorrectly assumed all ARM kernels - in all configurations supported futex_atomic_cmpxchg_inatomic. This - was clearly a lie, however it was a lie that we relied on, because - the fallback implementation appears to not play nicely with certain - applications like pulseaudio. Restore the lie for kernels > 2.6.32 - and plug our ears and scream "LA LA LA" about how wrong this is. -Author: Adam Conrad -Bug-Ubuntu: https://launchpad.net/bugs/1436162 -Bug-Debian: https://bugs.debian.org/788799 -Last-Update: 2015-03-25 - ---- a/sysdeps/unix/sysv/linux/arm/kernel-features.h -+++ b/sysdeps/unix/sysv/linux/arm/kernel-features.h -@@ -22,7 +22,7 @@ - /* The ARM kernel before 3.14.3 may or may not support - futex_atomic_cmpxchg_inatomic, depending on kernel - configuration. */ --#if __LINUX_KERNEL_VERSION < 0x030E03 -+#if __LINUX_KERNEL_VERSION < 0x020620 - # undef __ASSUME_SET_ROBUST_LIST - #endif diff --git a/meta-agl-profile-core/recipes-core/glibc/glibc_2.2%.bbappend b/meta-agl-profile-core/recipes-core/glibc/glibc_2.2%.bbappend deleted file mode 100644 index 0868a2c7d..000000000 --- a/meta-agl-profile-core/recipes-core/glibc/glibc_2.2%.bbappend +++ /dev/null @@ -1,3 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - -SRC_URI_append_arm = " file://arm/local-arm-futex.diff " -- cgit 1.2.3-korg From 32521fe5ebaf54a7c78a81647cc0e248a4a03087 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 13:48:13 -0500 Subject: meta-agl-profile-graphical: remove weston 5.0.0 patches Remove weston 5.0.0 patches and associated bbappend since there is no longer a weston 5.0.0 recipe in-tree to apply against. Bug-AGL: SPEC-2932 Change-Id: I033286c4214313b8cb665cdb8e0bf1d388cb696e Signed-off-by: Scott Murray --- ...-rework-goto-labels-to-avoid-memory-leaks.patch | 57 ----- .../weston/0002-ivi-shell-removed-assert.patch | 11 - ...-ivi-shell-introduction-of-IVI_INVALID_ID.patch | 20 -- ...face-added-interface-to-change-surface-id.patch | 73 ------ ...yout-introcuded-configure_desktop_changed.patch | 74 ------ ...t-introcuded-surface_create_and_configure.patch | 117 ---------- ...inked-libweston-desktop-and-added-structs.patch | 74 ------ ...ayout-use-libweston-desktop-api-for-views.patch | 30 --- ...dded-libweston-desktop-api_implementation.patch | 166 -------------- ...ivi-shell-remove-surface_destroy_listener.patch | 24 -- ...l-create-weston-desktop-in_wet_shell_init.patch | 30 --- ...r-register-for-desktop_surface_configured.patch | 133 ----------- ...simple-egl-remove-ivi-application-support.patch | 165 ------------- ...simple-shm-remove-ivi-application-support.patch | 107 --------- ...dow-client-remove-ivi-application-support.patch | 130 ----------- ...mpositor-add-output-type-to-weston_output.patch | 254 --------------------- ...tor-drm-introduce-drm_get_dmafd_from_view.patch | 109 --------- ...-get-stride-from-drm_get_dma_fd_from_view.patch | 59 ----- .../recipes-graphics/wayland/weston_5.0.0.bbappend | 27 --- 19 files changed, 1660 deletions(-) delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-ivi-shell-rework-goto-labels-to-avoid-memory-leaks.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0002-ivi-shell-removed-assert.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0003-ivi-shell-introduction-of-IVI_INVALID_ID.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0004-layout-interface-added-interface-to-change-surface-id.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-ivi-layout-introcuded-configure_desktop_changed.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0006-ivi-layout-introcuded-surface_create_and_configure.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0007-ivi-shell-linked-libweston-desktop-and-added-structs.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0008-ivi-layout-use-libweston-desktop-api-for-views.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0009-ivi-shell-added-libweston-desktop-api_implementation.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0010-ivi-shell-remove-surface_destroy_listener.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0011-ivi-shell-create-weston-desktop-in_wet_shell_init.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0012-hmi-controller-register-for-desktop_surface_configured.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0013-simple-egl-remove-ivi-application-support.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0014-simple-shm-remove-ivi-application-support.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0015-window-client-remove-ivi-application-support.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0016-compositor-add-output-type-to-weston_output.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0017-compositor-drm-introduce-drm_get_dmafd_from_view.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0018-compositor-drm-get-stride-from-drm_get_dma_fd_from_view.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston_5.0.0.bbappend diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-ivi-shell-rework-goto-labels-to-avoid-memory-leaks.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-ivi-shell-rework-goto-labels-to-avoid-memory-leaks.patch deleted file mode 100644 index b1e0b8a59..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-ivi-shell-rework-goto-labels-to-avoid-memory-leaks.patch +++ /dev/null @@ -1,57 +0,0 @@ -diff --git a/ivi-shell/ivi-shell.c b/ivi-shell/ivi-shell.c -index 58f53bc5..34cdce27 100644 ---- a/ivi-shell/ivi-shell.c -+++ b/ivi-shell/ivi-shell.c -@@ -484,13 +484,14 @@ wet_shell_init(struct weston_compositor *compositor, - int *argc, char *argv[]) - { - struct ivi_shell *shell; -- int retval = -1; - - shell = zalloc(sizeof *shell); - if (shell == NULL) -- return -1; -+ goto err_shell; - - init_ivi_shell(compositor, shell); -+ /* TODO deinit_ivi_shell should be implemented, since init_ivi_shell is -+ * initializing multiple lists. */ - - shell->destroy_listener.notify = shell_destroy; - wl_signal_add(&compositor->destroy_signal, &shell->destroy_listener); -@@ -499,22 +500,29 @@ wet_shell_init(struct weston_compositor *compositor, - wl_signal_add(&compositor->wake_signal, &shell->wake_listener); - - if (input_panel_setup(shell) < 0) -- goto out; -+ goto err_shell; - - shell->text_backend = text_backend_init(compositor); - if (!shell->text_backend) -- goto out; -+ goto err_shell; - - if (wl_global_create(compositor->wl_display, - &ivi_application_interface, 1, - shell, bind_ivi_application) == NULL) -- goto out; -+ goto err_text_backend; - - ivi_layout_init_with_compositor(compositor); -+ /* TODO ivi_layout_destroy should be implemented, since multiple lists -+ * and signals are initialized.*/ - shell_add_bindings(compositor, shell); - -- retval = 0; -+ return IVI_SUCCEEDED; - --out: -- return retval; -+err_text_backend: -+ text_backend_destroy(shell->text_backend); -+ -+err_shell: -+ free(shell); -+ -+ return IVI_FAILED; - } diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0002-ivi-shell-removed-assert.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0002-ivi-shell-removed-assert.patch deleted file mode 100644 index 4507e769c..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0002-ivi-shell-removed-assert.patch +++ /dev/null @@ -1,11 +0,0 @@ -index e9ddf9a4..f3156d35 100644 ---- a/ivi-shell/ivi-shell.c -+++ b/ivi-shell/ivi-shell.c -@@ -114,7 +114,6 @@ shell_surface_send_configure(struct weston_surface *surface, - struct ivi_shell_surface *shsurf; - - shsurf = get_ivi_shell_surface(surface); -- assert(shsurf); - if (!shsurf) - return; - diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0003-ivi-shell-introduction-of-IVI_INVALID_ID.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0003-ivi-shell-introduction-of-IVI_INVALID_ID.patch deleted file mode 100644 index 9f696d8a2..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0003-ivi-shell-introduction-of-IVI_INVALID_ID.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --git a/ivi-shell/ivi-layout-export.h b/ivi-shell/ivi-layout-export.h -index 016d8b5c..02bfb2cb 100644 ---- a/ivi-shell/ivi-layout-export.h -+++ b/ivi-shell/ivi-layout-export.h -@@ -56,6 +56,7 @@ extern "C" { - #endif /* __cplusplus */ - - #include -+#include - - #include "stdbool.h" - #include "compositor.h" -@@ -63,6 +64,7 @@ extern "C" { - - #define IVI_SUCCEEDED (0) - #define IVI_FAILED (-1) -+#define IVI_INVALID_ID UINT_MAX - - struct ivi_layout_layer; - struct ivi_layout_screen; diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0004-layout-interface-added-interface-to-change-surface-id.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0004-layout-interface-added-interface-to-change-surface-id.patch deleted file mode 100644 index 6401c5b81..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0004-layout-interface-added-interface-to-change-surface-id.patch +++ /dev/null @@ -1,73 +0,0 @@ -index e1e897ed..5b1f12f0 100644 ---- a/ivi-shell/ivi-layout-export.h -+++ b/ivi-shell/ivi-layout-export.h -@@ -320,6 +320,12 @@ struct ivi_layout_interface { - struct ivi_layout_surface *ivisurf, - uint32_t duration); - -+ /** -+ * \brief set id of ivi_layout_surface -+ */ -+ int32_t (*surface_set_id)(struct ivi_layout_surface *ivisurf, -+ uint32_t id_surface); -+ - /** - * layer controller interface - */ -diff --git a/ivi-shell/ivi-layout.c b/ivi-shell/ivi-layout.c -index 298e18ea..fa8e75f6 100644 ---- a/ivi-shell/ivi-layout.c -+++ b/ivi-shell/ivi-layout.c -@@ -1901,6 +1901,44 @@ ivi_layout_surface_set_transition_duration(struct ivi_layout_surface *ivisurf, - return 0; - } - -+/* -+ * This interface enables e.g. an id agent to set the id of an ivi-layout -+ * surface, that has been created by a desktop application. This can only be -+ * done once as long as the initial surface id equals IVI_INVALID_ID. Afterwards -+ * two events are emitted, namely surface_created and surface_configured. -+ */ -+static int32_t -+ivi_layout_surface_set_id(struct ivi_layout_surface *ivisurf, -+ uint32_t id_surface) -+{ -+ struct ivi_layout *layout = get_instance(); -+ struct ivi_layout_surface *search_ivisurf = NULL; -+ -+ if (!ivisurf) { -+ weston_log("%s: invalid argument\n", __func__); -+ return IVI_FAILED; -+ } -+ -+ if (ivisurf->id_surface != IVI_INVALID_ID) { -+ weston_log("surface id can only be set once\n"); -+ return IVI_FAILED; -+ } -+ -+ search_ivisurf = get_surface(&layout->surface_list, id_surface); -+ if (search_ivisurf) { -+ weston_log("id_surface(%d) is already created\n", id_surface); -+ return IVI_FAILED; -+ } -+ -+ ivisurf->id_surface = id_surface; -+ -+ wl_signal_emit(&layout->surface_notification.created, ivisurf); -+ wl_signal_emit(&layout->surface_notification.configure_changed, -+ ivisurf); -+ -+ return IVI_SUCCEEDED; -+} -+ - static int32_t - ivi_layout_surface_set_transition(struct ivi_layout_surface *ivisurf, - enum ivi_layout_transition_type type, -@@ -2058,6 +2096,7 @@ static struct ivi_layout_interface ivi_layout_interface = { - .surface_get_weston_surface = ivi_layout_surface_get_weston_surface, - .surface_set_transition = ivi_layout_surface_set_transition, - .surface_set_transition_duration = ivi_layout_surface_set_transition_duration, -+ .surface_set_id = ivi_layout_surface_set_id, - - /** - * layer controller interfaces diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-ivi-layout-introcuded-configure_desktop_changed.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-ivi-layout-introcuded-configure_desktop_changed.patch deleted file mode 100644 index ddd949e35..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0005-ivi-layout-introcuded-configure_desktop_changed.patch +++ /dev/null @@ -1,74 +0,0 @@ -index 5b1f12f0..dd0997aa 100644 ---- a/ivi-shell/ivi-layout-export.h -+++ b/ivi-shell/ivi-layout-export.h -@@ -187,6 +187,16 @@ struct ivi_layout_interface { - */ - int32_t (*add_listener_configure_surface)(struct wl_listener *listener); - -+ /** -+ * \brief add a listener for notification when desktop_surface is configured -+ * -+ * When an desktop_surface is configured, a signal is emitted -+ * to the listening controller plugins. -+ * The pointer of the configured desktop_surface is sent as the void *data argument -+ * to the wl_listener::notify callback function of the listener. -+ */ -+ int32_t (*add_listener_configure_desktop_surface)(struct wl_listener *listener); -+ - /** - * \brief Get all ivi_surfaces which are currently registered and managed - * by the services -diff --git a/ivi-shell/ivi-layout-private.h b/ivi-shell/ivi-layout-private.h -index 2b8bd472..fe5be01a 100644 ---- a/ivi-shell/ivi-layout-private.h -+++ b/ivi-shell/ivi-layout-private.h -@@ -104,6 +104,7 @@ struct ivi_layout { - struct wl_signal created; - struct wl_signal removed; - struct wl_signal configure_changed; -+ struct wl_signal configure_desktop_changed; - } surface_notification; - - struct weston_layer layout_layer; -diff --git a/ivi-shell/ivi-layout.c b/ivi-shell/ivi-layout.c -index fa8e75f6..690af742 100644 ---- a/ivi-shell/ivi-layout.c -+++ b/ivi-shell/ivi-layout.c -@@ -1040,6 +1040,21 @@ ivi_layout_add_listener_configure_surface(struct wl_listener *listener) - return IVI_SUCCEEDED; - } - -+static int32_t -+ivi_layout_add_listener_configure_desktop_surface(struct wl_listener *listener) -+{ -+ struct ivi_layout *layout = get_instance(); -+ -+ if (!listener) { -+ weston_log("ivi_layout_add_listener_configure_desktop_surface: invalid argument\n"); -+ return IVI_FAILED; -+ } -+ -+ wl_signal_add(&layout->surface_notification.configure_desktop_changed, listener); -+ -+ return IVI_SUCCEEDED; -+} -+ - uint32_t - ivi_layout_get_id_of_surface(struct ivi_layout_surface *ivisurf) - { -@@ -2057,6 +2072,7 @@ ivi_layout_init_with_compositor(struct weston_compositor *ec) - wl_signal_init(&layout->surface_notification.created); - wl_signal_init(&layout->surface_notification.removed); - wl_signal_init(&layout->surface_notification.configure_changed); -+ wl_signal_init(&layout->surface_notification.configure_desktop_changed); - - /* Add layout_layer at the last of weston_compositor.layer_list */ - weston_layer_init(&layout->layout_layer, ec); -@@ -2081,6 +2097,7 @@ static struct ivi_layout_interface ivi_layout_interface = { - .add_listener_create_surface = ivi_layout_add_listener_create_surface, - .add_listener_remove_surface = ivi_layout_add_listener_remove_surface, - .add_listener_configure_surface = ivi_layout_add_listener_configure_surface, -+ .add_listener_configure_desktop_surface = ivi_layout_add_listener_configure_desktop_surface, - .get_surface = shell_get_ivi_layout_surface, - .get_surfaces = ivi_layout_get_surfaces, - .get_id_of_surface = ivi_layout_get_id_of_surface, diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0006-ivi-layout-introcuded-surface_create_and_configure.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0006-ivi-layout-introcuded-surface_create_and_configure.patch deleted file mode 100644 index 04461a1d4..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0006-ivi-layout-introcuded-surface_create_and_configure.patch +++ /dev/null @@ -1,117 +0,0 @@ -index 68ca68ba..c86cbb11 100644 ---- a/ivi-shell/ivi-layout-shell.h -+++ b/ivi-shell/ivi-layout-shell.h -@@ -39,6 +39,14 @@ struct weston_view; - struct weston_surface; - struct ivi_layout_surface; - -+void -+ivi_layout_desktop_surface_configure(struct ivi_layout_surface *ivisurf, -+ int32_t width, int32_t height); -+ -+struct ivi_layout_surface* -+ivi_layout_desktop_surface_create(struct weston_surface *wl_surface, -+ uint32_t id_surface); -+ - void - ivi_layout_surface_configure(struct ivi_layout_surface *ivisurf, - int32_t width, int32_t height); -diff --git a/ivi-shell/ivi-layout.c b/ivi-shell/ivi-layout.c -index 690af742..086d0fd2 100644 ---- a/ivi-shell/ivi-layout.c -+++ b/ivi-shell/ivi-layout.c -@@ -1995,20 +1995,8 @@ ivi_layout_surface_dump(struct weston_surface *surface, - * methods of interaction between ivi-shell with ivi-layout - */ - --void --ivi_layout_surface_configure(struct ivi_layout_surface *ivisurf, -- int32_t width, int32_t height) --{ -- struct ivi_layout *layout = get_instance(); -- -- /* emit callback which is set by ivi-layout api user */ -- wl_signal_emit(&layout->surface_notification.configure_changed, -- ivisurf); --} -- --struct ivi_layout_surface* --ivi_layout_surface_create(struct weston_surface *wl_surface, -- uint32_t id_surface) -+static struct ivi_layout_surface* -+surface_create(struct weston_surface *wl_surface, uint32_t id_surface) - { - struct ivi_layout *layout = get_instance(); - struct ivi_layout_surface *ivisurf = NULL; -@@ -2018,14 +2006,6 @@ ivi_layout_surface_create(struct weston_surface *wl_surface, - return NULL; - } - -- ivisurf = get_surface(&layout->surface_list, id_surface); -- if (ivisurf != NULL) { -- if (ivisurf->surface != NULL) { -- weston_log("id_surface(%d) is already created\n", id_surface); -- return NULL; -- } -- } -- - ivisurf = calloc(1, sizeof *ivisurf); - if (ivisurf == NULL) { - weston_log("fails to allocate memory\n"); -@@ -2049,7 +2029,55 @@ ivi_layout_surface_create(struct weston_surface *wl_surface, - - wl_list_insert(&layout->surface_list, &ivisurf->link); - -- wl_signal_emit(&layout->surface_notification.created, ivisurf); -+ return ivisurf; -+} -+ -+void -+ivi_layout_desktop_surface_configure(struct ivi_layout_surface *ivisurf, -+ int32_t width, int32_t height) -+{ -+ struct ivi_layout *layout = get_instance(); -+ -+ /* emit callback which is set by ivi-layout api user */ -+ wl_signal_emit(&layout->surface_notification.configure_desktop_changed, -+ ivisurf); -+} -+ -+struct ivi_layout_surface* -+ivi_layout_desktop_surface_create(struct weston_surface *wl_surface, -+ uint32_t id_surface) -+{ -+ return surface_create(wl_surface, id_surface); -+} -+ -+void -+ivi_layout_surface_configure(struct ivi_layout_surface *ivisurf, -+ int32_t width, int32_t height) -+{ -+ struct ivi_layout *layout = get_instance(); -+ -+ /* emit callback which is set by ivi-layout api user */ -+ wl_signal_emit(&layout->surface_notification.configure_changed, -+ ivisurf); -+} -+ -+struct ivi_layout_surface* -+ivi_layout_surface_create(struct weston_surface *wl_surface, -+ uint32_t id_surface) -+{ -+ struct ivi_layout *layout = get_instance(); -+ struct ivi_layout_surface *ivisurf = NULL; -+ -+ ivisurf = get_surface(&layout->surface_list, id_surface); -+ if (ivisurf) { -+ weston_log("id_surface(%d) is already created\n", id_surface); -+ return NULL; -+ } -+ -+ ivisurf = surface_create(wl_surface, id_surface); -+ -+ if (ivisurf) -+ wl_signal_emit(&layout->surface_notification.created, ivisurf); - - return ivisurf; - } diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0007-ivi-shell-linked-libweston-desktop-and-added-structs.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0007-ivi-shell-linked-libweston-desktop-and-added-structs.patch deleted file mode 100644 index 9286ba00b..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0007-ivi-shell-linked-libweston-desktop-and-added-structs.patch +++ /dev/null @@ -1,74 +0,0 @@ -diff --git a/Makefile.am b/Makefile.am -index cdf82ab4..d990d400 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -993,6 +993,7 @@ ivi_shell_la_LDFLAGS = -module -avoid-version - ivi_shell_la_LIBADD = \ - libshared.la \ - libweston-@LIBWESTON_MAJOR@.la \ -+ libweston-desktop-@LIBWESTON_MAJOR@.la \ - $(COMPOSITOR_LIBS) - ivi_shell_la_CFLAGS = $(AM_CFLAGS) $(COMPOSITOR_CFLAGS) - ivi_shell_la_SOURCES = \ -diff --git a/ivi-shell/ivi-layout-private.h b/ivi-shell/ivi-layout-private.h -index fe5be01a..c054130b 100644 ---- a/ivi-shell/ivi-layout-private.h -+++ b/ivi-shell/ivi-layout-private.h -@@ -30,6 +30,7 @@ - - #include "compositor.h" - #include "ivi-layout-export.h" -+#include "libweston-desktop/libweston-desktop.h" - - struct ivi_layout_view { - struct wl_list link; /* ivi_layout::view_list */ -@@ -52,6 +53,7 @@ struct ivi_layout_surface { - - struct ivi_layout *layout; - struct weston_surface *surface; -+ struct weston_desktop_surface *weston_desktop_surface; - - struct ivi_layout_surface_properties prop; - -diff --git a/ivi-shell/ivi-shell.c b/ivi-shell/ivi-shell.c -index f3156d35..84db2c97 100644 ---- a/ivi-shell/ivi-shell.c -+++ b/ivi-shell/ivi-shell.c -@@ -44,7 +44,7 @@ - - #include "ivi-shell.h" - #include "ivi-application-server-protocol.h" --#include "ivi-layout-export.h" -+#include "ivi-layout-private.h" - #include "ivi-layout-shell.h" - #include "shared/helpers.h" - #include "compositor/weston.h" -@@ -271,6 +271,8 @@ application_surface_create(struct wl_client *client, - return; - } - -+ layout_surface->weston_desktop_surface = NULL; -+ - ivisurf = zalloc(sizeof *ivisurf); - if (ivisurf == NULL) { - wl_resource_post_no_memory(resource); -diff --git a/ivi-shell/ivi-shell.h b/ivi-shell/ivi-shell.h -index e35f75f2..be430853 100644 ---- a/ivi-shell/ivi-shell.h -+++ b/ivi-shell/ivi-shell.h -@@ -30,6 +30,7 @@ - #include - - #include "compositor.h" -+#include "libweston-desktop/libweston-desktop.h" - - struct ivi_shell - { -@@ -37,6 +38,7 @@ struct ivi_shell - - struct weston_compositor *compositor; - -+ struct weston_desktop *desktop; - struct wl_list ivi_surface_list; /* struct ivi_shell_surface::link */ - - struct text_backend *text_backend; diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0008-ivi-layout-use-libweston-desktop-api-for-views.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0008-ivi-layout-use-libweston-desktop-api-for-views.patch deleted file mode 100644 index e53a8c458..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0008-ivi-layout-use-libweston-desktop-api-for-views.patch +++ /dev/null @@ -1,30 +0,0 @@ -index 086d0fd2..6b854503 100644 ---- a/ivi-shell/ivi-layout.c -+++ b/ivi-shell/ivi-layout.c -@@ -153,7 +153,10 @@ ivi_view_destroy(struct ivi_layout_view *ivi_view) - wl_list_remove(&ivi_view->pending_link); - wl_list_remove(&ivi_view->order_link); - -- weston_view_destroy(ivi_view->view); -+ if (weston_surface_is_desktop_surface(ivi_view->ivisurf->surface)) -+ weston_desktop_surface_unlink_view(ivi_view->view); -+ else -+ weston_view_destroy(ivi_view->view); - - free(ivi_view); - } -@@ -170,7 +173,13 @@ ivi_view_create(struct ivi_layout_layer *ivilayer, - return NULL; - } - -- ivi_view->view = weston_view_create(ivisurf->surface); -+ if (weston_surface_is_desktop_surface(ivisurf->surface)) { -+ ivi_view->view = weston_desktop_surface_create_view( -+ ivisurf->weston_desktop_surface); -+ } else { -+ ivi_view->view = weston_view_create(ivisurf->surface); -+ } -+ - if (ivi_view->view == NULL) { - weston_log("fails to allocate memory\n"); - free(ivi_view); diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0009-ivi-shell-added-libweston-desktop-api_implementation.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0009-ivi-shell-added-libweston-desktop-api_implementation.patch deleted file mode 100644 index 6a72f15d8..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0009-ivi-shell-added-libweston-desktop-api_implementation.patch +++ /dev/null @@ -1,166 +0,0 @@ -index 84db2c97..e797e4f9 100644 ---- a/ivi-shell/ivi-shell.c -+++ b/ivi-shell/ivi-shell.c -@@ -489,6 +489,162 @@ shell_add_bindings(struct weston_compositor *compositor, - shell); - } - -+/* -+ * libweston-desktop -+ */ -+ -+static void -+desktop_surface_ping_timeout(struct weston_desktop_client *client, -+ void *user_data) -+{ -+ weston_log("ivi-shell: desktop_surface_ping_timeout is not supported\n"); -+} -+ -+static void -+desktop_surface_pong(struct weston_desktop_client *client, -+ void *user_data) -+{ -+ weston_log("ivi-shell: desktop_surface_pong is not supported\n"); -+} -+ -+static void -+desktop_surface_added(struct weston_desktop_surface *surface, -+ void *user_data) -+{ -+ struct ivi_shell *shell = (struct ivi_shell *) user_data; -+ struct ivi_layout_surface *layout_surface; -+ struct ivi_shell_surface *ivisurf; -+ struct weston_surface *weston_surf = -+ weston_desktop_surface_get_surface(surface); -+ -+ layout_surface = ivi_layout_desktop_surface_create(weston_surf, -+ IVI_INVALID_ID); -+ if (!layout_surface) { -+ return; -+ } -+ -+ layout_surface->weston_desktop_surface = surface; -+ -+ ivisurf = zalloc(sizeof *ivisurf); -+ if (!ivisurf) { -+ return; -+ } -+ -+ ivisurf->shell = shell; -+ ivisurf->id_surface = IVI_INVALID_ID; -+ -+ ivisurf->width = 0; -+ ivisurf->height = 0; -+ ivisurf->layout_surface = layout_surface; -+ ivisurf->surface = weston_surf; -+ -+ weston_desktop_surface_set_user_data(surface, ivisurf); -+} -+ -+static void -+desktop_surface_removed(struct weston_desktop_surface *surface, -+ void *user_data) -+{ -+ struct ivi_shell_surface *ivisurf = (struct ivi_shell_surface *) -+ weston_desktop_surface_get_user_data(surface); -+ -+ assert(ivisurf != NULL); -+ -+ if (ivisurf->layout_surface) -+ layout_surface_cleanup(ivisurf); -+} -+ -+static void -+desktop_surface_committed(struct weston_desktop_surface *surface, -+ int32_t sx, int32_t sy, void *user_data) -+{ -+ struct ivi_shell_surface *ivisurf = (struct ivi_shell_surface *) -+ weston_desktop_surface_get_user_data(surface); -+ struct weston_surface *weston_surf = -+ weston_desktop_surface_get_surface(surface); -+ -+ if(!ivisurf) -+ return; -+ -+ if (weston_surf->width == 0 || weston_surf->height == 0) -+ return; -+ -+ if (ivisurf->width != weston_surf->width || -+ ivisurf->height != weston_surf->height) { -+ ivisurf->width = weston_surf->width; -+ ivisurf->height = weston_surf->height; -+ -+ ivi_layout_desktop_surface_configure(ivisurf->layout_surface, -+ weston_surf->width, -+ weston_surf->height); -+ } -+} -+ -+static void -+desktop_surface_move(struct weston_desktop_surface *surface, -+ struct weston_seat *seat, uint32_t serial, void *user_data) -+{ -+ weston_log("ivi-shell: desktop_surface_move is not supported\n"); -+} -+ -+static void -+desktop_surface_resize(struct weston_desktop_surface *surface, -+ struct weston_seat *seat, uint32_t serial, -+ enum weston_desktop_surface_edge edges, void *user_data) -+{ -+ weston_log("ivi-shell: desktop_surface_resize is not supported\n"); -+} -+ -+static void -+desktop_surface_fullscreen_requested(struct weston_desktop_surface *surface, -+ bool fullscreen, -+ struct weston_output *output, -+ void *user_data) -+{ -+ weston_log("ivi-shell: desktop_surface_fullscreen_requested is not supported\n"); -+} -+ -+static void -+desktop_surface_maximized_requested(struct weston_desktop_surface *surface, -+ bool maximized, void *user_data) -+{ -+ weston_log("ivi-shell: desktop_surface_maximized_requested is not supported\n"); -+} -+ -+static void -+desktop_surface_minimized_requested(struct weston_desktop_surface *surface, -+ void *user_data) -+{ -+ weston_log("ivi-shell: desktop_surface_minimized_requested is not supported\n"); -+} -+ -+static void -+desktop_surface_set_xwayland_position(struct weston_desktop_surface *surface, -+ int32_t x, int32_t y, void *user_data) -+{ -+ weston_log("ivi-shell: desktop_surface_set_xwayland_position is not supported\n"); -+} -+ -+static const struct weston_desktop_api shell_desktop_api = { -+ .struct_size = sizeof(struct weston_desktop_api), -+ .ping_timeout = desktop_surface_ping_timeout, -+ .pong = desktop_surface_pong, -+ .surface_added = desktop_surface_added, -+ .surface_removed = desktop_surface_removed, -+ .committed = desktop_surface_committed, -+ -+ .move = desktop_surface_move, -+ .resize = desktop_surface_resize, -+ .fullscreen_requested = desktop_surface_fullscreen_requested, -+ .maximized_requested = desktop_surface_maximized_requested, -+ .minimized_requested = desktop_surface_minimized_requested, -+ .set_xwayland_position = desktop_surface_set_xwayland_position, -+}; -+ -+/* -+ * end of libweston-desktop -+ */ -+ - /* - * Initialization of ivi-shell. - */ diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0010-ivi-shell-remove-surface_destroy_listener.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0010-ivi-shell-remove-surface_destroy_listener.patch deleted file mode 100644 index b76c35d4f..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0010-ivi-shell-remove-surface_destroy_listener.patch +++ /dev/null @@ -1,24 +0,0 @@ -index e797e4f9..5f64e72d 100644 ---- a/ivi-shell/ivi-shell.c -+++ b/ivi-shell/ivi-shell.c -@@ -162,6 +162,10 @@ layout_surface_cleanup(struct ivi_shell_surface *ivisurf) - { - assert(ivisurf->layout_surface != NULL); - -+ /* destroy weston_surface destroy signal. */ -+ if (!ivisurf->layout_surface->weston_desktop_surface) -+ wl_list_remove(&ivisurf->surface_destroy_listener.link); -+ - ivi_layout_surface_destroy(ivisurf->layout_surface); - ivisurf->layout_surface = NULL; - -@@ -169,9 +173,6 @@ layout_surface_cleanup(struct ivi_shell_surface *ivisurf) - ivisurf->surface->committed_private = NULL; - weston_surface_set_label_func(ivisurf->surface, NULL); - ivisurf->surface = NULL; -- -- // destroy weston_surface destroy signal. -- wl_list_remove(&ivisurf->surface_destroy_listener.link); - } - - /* diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0011-ivi-shell-create-weston-desktop-in_wet_shell_init.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0011-ivi-shell-create-weston-desktop-in_wet_shell_init.patch deleted file mode 100644 index f6256f782..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0011-ivi-shell-create-weston-desktop-in_wet_shell_init.patch +++ /dev/null @@ -1,30 +0,0 @@ -diff --git a/ivi-shell/ivi-shell.c b/ivi-shell/ivi-shell.c -index b0a2a2b9..a889afdb 100644 ---- a/ivi-shell/ivi-shell.c -+++ b/ivi-shell/ivi-shell.c -@@ -664,10 +664,14 @@ wet_shell_init(struct weston_compositor *compositor, - if (!shell->text_backend) - goto err_shell; - -+ shell->desktop = weston_desktop_create(compositor, &shell_desktop_api, shell); -+ if (!shell->desktop) -+ goto err_text_backend; -+ - if (wl_global_create(compositor->wl_display, - &ivi_application_interface, 1, - shell, bind_ivi_application) == NULL) -- goto err_text_backend; -+ goto err_desktop; - - ivi_layout_init_with_compositor(compositor); - /* TODO ivi_layout_destroy should be implemented, since multiple lists -@@ -676,6 +680,9 @@ wet_shell_init(struct weston_compositor *compositor, - - return IVI_SUCCEEDED; - -+err_desktop: -+ weston_desktop_destroy(shell->desktop); -+ - err_text_backend: - text_backend_destroy(shell->text_backend); - diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0012-hmi-controller-register-for-desktop_surface_configured.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0012-hmi-controller-register-for-desktop_surface_configured.patch deleted file mode 100644 index 447cff4f8..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0012-hmi-controller-register-for-desktop_surface_configured.patch +++ /dev/null @@ -1,133 +0,0 @@ -diff --git a/ivi-shell/hmi-controller.c b/ivi-shell/hmi-controller.c -index a0e49ba0..340d1915 100644 ---- a/ivi-shell/hmi-controller.c -+++ b/ivi-shell/hmi-controller.c -@@ -129,9 +129,9 @@ struct hmi_controller { - struct weston_compositor *compositor; - struct wl_listener destroy_listener; - -- struct wl_listener surface_created; - struct wl_listener surface_removed; - struct wl_listener surface_configured; -+ struct wl_listener desktop_surface_configured; - - struct wl_client *user_interface; - struct ui_setting ui_setting; -@@ -576,28 +576,6 @@ create_layer(struct weston_output *output, - /** - * Internal set notification - */ --static void --set_notification_create_surface(struct wl_listener *listener, void *data) --{ -- struct hmi_controller *hmi_ctrl = -- wl_container_of(listener, hmi_ctrl, -- surface_created); -- struct ivi_layout_surface *ivisurf = data; -- struct hmi_controller_layer *layer_link = -- wl_container_of(hmi_ctrl->application_layer_list.prev, -- layer_link, -- link); -- struct ivi_layout_layer *application_layer = layer_link->ivilayer; -- int32_t ret = 0; -- -- /* skip ui widgets */ -- if (is_surf_in_ui_widget(hmi_ctrl, ivisurf)) -- return; -- -- ret = hmi_ctrl->interface->layer_add_surface(application_layer, ivisurf); -- assert(!ret); --} -- - static void - set_notification_remove_surface(struct wl_listener *listener, void *data) - { -@@ -665,6 +643,42 @@ set_notification_configure_surface(struct wl_listener *listener, void *data) - switch_mode(hmi_ctrl, hmi_ctrl->layout_mode); - } - -+static void -+set_notification_configure_desktop_surface(struct wl_listener *listener, void *data) -+{ -+ struct hmi_controller *hmi_ctrl = -+ wl_container_of(listener, hmi_ctrl, -+ desktop_surface_configured); -+ struct ivi_layout_surface *ivisurf = data; -+ struct hmi_controller_layer *layer_link = -+ wl_container_of(hmi_ctrl->application_layer_list.prev, -+ layer_link, -+ link); -+ struct ivi_layout_layer *application_layer = layer_link->ivilayer; -+ struct weston_surface *surface; -+ int32_t ret = 0; -+ -+ /* skip ui widgets */ -+ if (is_surf_in_ui_widget(hmi_ctrl, ivisurf)) -+ return; -+ -+ ret = hmi_ctrl->interface->layer_add_surface(application_layer, ivisurf); -+ assert(!ret); -+ -+ /* -+ * if application changes size of wl_buffer. The source rectangle shall be -+ * fit to the size. -+ */ -+ surface = hmi_ctrl->interface->surface_get_weston_surface(ivisurf); -+ if (surface) { -+ hmi_ctrl->interface->surface_set_source_rectangle(ivisurf, 0, -+ 0, surface->width, surface->height); -+ } -+ -+ hmi_ctrl->interface->commit_changes(); -+ switch_mode(hmi_ctrl, hmi_ctrl->layout_mode); -+} -+ - /** - * A hmi_controller used 4 ivi_layers to manage ivi_surfaces. The IDs of - * corresponding ivi_layer are defined in weston.ini. Default scene graph -@@ -868,6 +882,9 @@ hmi_controller_create(struct weston_compositor *ec) - hmi_ctrl->surface_configured.notify = set_notification_configure_surface; - hmi_ctrl->interface->add_listener_configure_surface(&hmi_ctrl->surface_configured); - -+ hmi_ctrl->desktop_surface_configured.notify = set_notification_configure_desktop_surface; -+ hmi_ctrl->interface->add_listener_configure_desktop_surface(&hmi_ctrl->desktop_surface_configured); -+ - hmi_ctrl->destroy_listener.notify = hmi_controller_destroy; - wl_signal_add(&hmi_ctrl->compositor->destroy_signal, - &hmi_ctrl->destroy_listener); -@@ -1289,12 +1306,6 @@ ivi_hmi_controller_UI_ready(struct wl_client *client, - - ivi_hmi_controller_add_launchers(hmi_ctrl, 256); - -- /* Add surface_created listener after the initialization of launchers. -- * Otherwise, surfaces of the launchers will be added to application -- * layer too.*/ -- hmi_ctrl->surface_created.notify = set_notification_create_surface; -- hmi_ctrl->interface->add_listener_create_surface(&hmi_ctrl->surface_created); -- - hmi_ctrl->is_initialized = 1; - } - -diff --git a/ivi-shell/ivi-layout.c b/ivi-shell/ivi-layout.c -index b06bf309..ef354d49 100644 ---- a/ivi-shell/ivi-layout.c -+++ b/ivi-shell/ivi-layout.c -@@ -715,9 +715,15 @@ commit_surface_list(struct ivi_layout *layout) - ivisurf->pending.prop.transition_type = IVI_LAYOUT_TRANSITION_NONE; - - if (configured && !is_surface_transition(ivisurf)) { -- shell_surface_send_configure(ivisurf->surface, -- ivisurf->prop.dest_width, -- ivisurf->prop.dest_height); -+ if (ivisurf->weston_desktop_surface) { -+ weston_desktop_surface_set_size(ivisurf->weston_desktop_surface, -+ ivisurf->prop.dest_width, -+ ivisurf->prop.dest_height); -+ } else { -+ shell_surface_send_configure(ivisurf->surface, -+ ivisurf->prop.dest_width, -+ ivisurf->prop.dest_height); -+ } - } - } else { - configured = 0; diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0013-simple-egl-remove-ivi-application-support.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0013-simple-egl-remove-ivi-application-support.patch deleted file mode 100644 index 036b14cbc..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0013-simple-egl-remove-ivi-application-support.patch +++ /dev/null @@ -1,165 +0,0 @@ -diff --git a/Makefile.am b/Makefile.am -index 17c053e6..e0d3cb78 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -609,9 +609,7 @@ demo_clients += weston-simple-egl - weston_simple_egl_SOURCES = clients/simple-egl.c - nodist_weston_simple_egl_SOURCES = \ - protocol/xdg-shell-unstable-v6-protocol.c \ -- protocol/xdg-shell-unstable-v6-client-protocol.h \ -- protocol/ivi-application-protocol.c \ -- protocol/ivi-application-client-protocol.h -+ protocol/xdg-shell-unstable-v6-client-protocol.h - weston_simple_egl_CFLAGS = $(AM_CFLAGS) $(SIMPLE_EGL_CLIENT_CFLAGS) - weston_simple_egl_LDADD = $(SIMPLE_EGL_CLIENT_LIBS) -lm - endif -diff --git a/clients/simple-egl.c b/clients/simple-egl.c -index a1e57aef..936e015e 100644 ---- a/clients/simple-egl.c -+++ b/clients/simple-egl.c -@@ -45,8 +45,6 @@ - #include "xdg-shell-unstable-v6-client-protocol.h" - #include - #include --#include "ivi-application-client-protocol.h" --#define IVI_SURFACE_ID 9000 - - #include "shared/helpers.h" - #include "shared/platform.h" -@@ -74,7 +72,6 @@ struct display { - EGLConfig conf; - } egl; - struct window *window; -- struct ivi_application *ivi_application; - - PFNEGLSWAPBUFFERSWITHDAMAGEEXTPROC swap_buffers_with_damage; - }; -@@ -97,7 +94,6 @@ struct window { - struct wl_surface *surface; - struct zxdg_surface_v6 *xdg_surface; - struct zxdg_toplevel_v6 *xdg_toplevel; -- struct ivi_surface *ivi_surface; - EGLSurface egl_surface; - struct wl_callback *callback; - int fullscreen, maximized, opaque, buffer_size, frame_sync, delay; -@@ -359,27 +355,22 @@ static const struct zxdg_toplevel_v6_listener xdg_toplevel_listener = { - }; - - static void --handle_ivi_surface_configure(void *data, struct ivi_surface *ivi_surface, -- int32_t width, int32_t height) -+create_surface(struct window *window) - { -- struct window *window = data; -- -- wl_egl_window_resize(window->native, width, height, 0, 0); -- -- window->geometry.width = width; -- window->geometry.height = height; -+ struct display *display = window->display; -+ EGLBoolean ret; - -- if (!window->fullscreen) -- window->window_size = window->geometry; --} -+ window->surface = wl_compositor_create_surface(display->compositor); - --static const struct ivi_surface_listener ivi_surface_listener = { -- handle_ivi_surface_configure, --}; -+ window->native = -+ wl_egl_window_create(window->surface, -+ window->geometry.width, -+ window->geometry.height); -+ window->egl_surface = -+ weston_platform_create_egl_surface(display->egl.dpy, -+ display->egl.conf, -+ window->native, NULL); - --static void --create_xdg_surface(struct window *window, struct display *display) --{ - window->xdg_surface = zxdg_shell_v6_get_xdg_surface(display->shell, - window->surface); - zxdg_surface_v6_add_listener(window->xdg_surface, -@@ -394,50 +385,6 @@ create_xdg_surface(struct window *window, struct display *display) - - window->wait_for_configure = true; - wl_surface_commit(window->surface); --} -- --static void --create_ivi_surface(struct window *window, struct display *display) --{ -- uint32_t id_ivisurf = IVI_SURFACE_ID + (uint32_t)getpid(); -- window->ivi_surface = -- ivi_application_surface_create(display->ivi_application, -- id_ivisurf, window->surface); -- -- if (window->ivi_surface == NULL) { -- fprintf(stderr, "Failed to create ivi_client_surface\n"); -- abort(); -- } -- -- ivi_surface_add_listener(window->ivi_surface, -- &ivi_surface_listener, window); --} -- --static void --create_surface(struct window *window) --{ -- struct display *display = window->display; -- EGLBoolean ret; -- -- window->surface = wl_compositor_create_surface(display->compositor); -- -- window->native = -- wl_egl_window_create(window->surface, -- window->geometry.width, -- window->geometry.height); -- window->egl_surface = -- weston_platform_create_egl_surface(display->egl.dpy, -- display->egl.conf, -- window->native, NULL); -- -- -- if (display->shell) { -- create_xdg_surface(window, display); -- } else if (display->ivi_application ) { -- create_ivi_surface(window, display); -- } else { -- assert(0); -- } - - ret = eglMakeCurrent(window->display->egl.dpy, window->egl_surface, - window->egl_surface, window->display->egl.ctx); -@@ -469,8 +416,6 @@ destroy_surface(struct window *window) - zxdg_toplevel_v6_destroy(window->xdg_toplevel); - if (window->xdg_surface) - zxdg_surface_v6_destroy(window->xdg_surface); -- if (window->display->ivi_application) -- ivi_surface_destroy(window->ivi_surface); - wl_surface_destroy(window->surface); - - if (window->callback) -@@ -825,10 +770,6 @@ registry_handle_global(void *data, struct wl_registry *registry, - fprintf(stderr, "unable to load default left pointer\n"); - // TODO: abort ? - } -- } else if (strcmp(interface, "ivi_application") == 0) { -- d->ivi_application = -- wl_registry_bind(registry, name, -- &ivi_application_interface, 1); - } - } - -@@ -943,9 +884,6 @@ main(int argc, char **argv) - if (display.shell) - zxdg_shell_v6_destroy(display.shell); - -- if (display.ivi_application) -- ivi_application_destroy(display.ivi_application); -- - if (display.compositor) - wl_compositor_destroy(display.compositor); - diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0014-simple-shm-remove-ivi-application-support.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0014-simple-shm-remove-ivi-application-support.patch deleted file mode 100644 index 495e50ca2..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0014-simple-shm-remove-ivi-application-support.patch +++ /dev/null @@ -1,107 +0,0 @@ -index f9c8010b..c37cd00b 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -574,9 +574,7 @@ nodist_weston_simple_shm_SOURCES = \ - protocol/xdg-shell-unstable-v6-protocol.c \ - protocol/xdg-shell-unstable-v6-client-protocol.h \ - protocol/fullscreen-shell-unstable-v1-protocol.c \ -- protocol/fullscreen-shell-unstable-v1-client-protocol.h \ -- protocol/ivi-application-protocol.c \ -- protocol/ivi-application-client-protocol.h -+ protocol/fullscreen-shell-unstable-v1-client-protocol.h - weston_simple_shm_CFLAGS = $(AM_CFLAGS) $(SIMPLE_CLIENT_CFLAGS) - weston_simple_shm_LDADD = $(SIMPLE_CLIENT_LIBS) libshared.la - -diff --git a/clients/simple-shm.c b/clients/simple-shm.c -index 9fa2e214..fc2ef001 100644 ---- a/clients/simple-shm.c -+++ b/clients/simple-shm.c -@@ -40,10 +40,6 @@ - #include "xdg-shell-unstable-v6-client-protocol.h" - #include "fullscreen-shell-unstable-v1-client-protocol.h" - --#include --#include "ivi-application-client-protocol.h" --#define IVI_SURFACE_ID 9000 -- - struct display { - struct wl_display *display; - struct wl_registry *registry; -@@ -52,7 +48,6 @@ struct display { - struct zwp_fullscreen_shell_v1 *fshell; - struct wl_shm *shm; - bool has_xrgb; -- struct ivi_application *ivi_application; - }; - - struct buffer { -@@ -67,7 +62,6 @@ struct window { - struct wl_surface *surface; - struct zxdg_surface_v6 *xdg_surface; - struct zxdg_toplevel_v6 *xdg_toplevel; -- struct ivi_surface *ivi_surface; - struct buffer buffers[2]; - struct buffer *prev_buffer; - struct wl_callback *callback; -@@ -165,17 +159,6 @@ static const struct zxdg_toplevel_v6_listener xdg_toplevel_listener = { - handle_xdg_toplevel_close, - }; - --static void --handle_ivi_surface_configure(void *data, struct ivi_surface *ivi_surface, -- int32_t width, int32_t height) --{ -- /* Simple-shm is resizable */ --} -- --static const struct ivi_surface_listener ivi_surface_listener = { -- handle_ivi_surface_configure, --}; -- - static struct window * - create_window(struct display *display, int width, int height) - { -@@ -213,19 +196,6 @@ create_window(struct display *display, int width, int height) - window->surface, - ZWP_FULLSCREEN_SHELL_V1_PRESENT_METHOD_DEFAULT, - NULL); -- } else if (display->ivi_application ) { -- uint32_t id_ivisurf = IVI_SURFACE_ID + (uint32_t)getpid(); -- window->ivi_surface = -- ivi_application_surface_create(display->ivi_application, -- id_ivisurf, window->surface); -- if (window->ivi_surface == NULL) { -- fprintf(stderr, "Failed to create ivi_client_surface\n"); -- abort(); -- } -- -- ivi_surface_add_listener(window->ivi_surface, -- &ivi_surface_listener, window); -- - } else { - assert(0); - } -@@ -407,11 +377,6 @@ registry_handle_global(void *data, struct wl_registry *registry, - id, &wl_shm_interface, 1); - wl_shm_add_listener(d->shm, &shm_listener, d); - } -- else if (strcmp(interface, "ivi_application") == 0) { -- d->ivi_application = -- wl_registry_bind(registry, id, -- &ivi_application_interface, 1); -- } - } - - static void -@@ -555,11 +520,6 @@ main(int argc, char **argv) - - fprintf(stderr, "simple-shm exiting\n"); - -- if (window->display->ivi_application) { -- ivi_surface_destroy(window->ivi_surface); -- ivi_application_destroy(window->display->ivi_application); -- } -- - destroy_window(window); - destroy_display(display); - diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0015-window-client-remove-ivi-application-support.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0015-window-client-remove-ivi-application-support.patch deleted file mode 100644 index f3d2fe47f..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0015-window-client-remove-ivi-application-support.patch +++ /dev/null @@ -1,130 +0,0 @@ -index c37cd00b..f30ddbe9 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -665,8 +665,6 @@ nodist_libtoytoolkit_la_SOURCES = \ - protocol/viewporter-client-protocol.h \ - protocol/xdg-shell-unstable-v6-protocol.c \ - protocol/xdg-shell-unstable-v6-client-protocol.h \ -- protocol/ivi-application-protocol.c \ -- protocol/ivi-application-client-protocol.h \ - protocol/pointer-constraints-unstable-v1-protocol.c \ - protocol/pointer-constraints-unstable-v1-client-protocol.h \ - protocol/relative-pointer-unstable-v1-protocol.c \ -diff --git a/clients/window.c b/clients/window.c -index 95796d46..aac43abd 100644 ---- a/clients/window.c -+++ b/clients/window.c -@@ -82,10 +82,6 @@ typedef void *EGLContext; - - #include "window.h" - --#include --#include "ivi-application-client-protocol.h" --#define IVI_SURFACE_ID 9000 -- - #define ZWP_RELATIVE_POINTER_MANAGER_V1_VERSION 1 - #define ZWP_POINTER_CONSTRAINTS_V1_VERSION 1 - -@@ -107,7 +103,6 @@ struct display { - struct wl_data_device_manager *data_device_manager; - struct text_cursor_position *text_cursor_position; - struct zxdg_shell_v6 *xdg_shell; -- struct ivi_application *ivi_application; /* ivi style shell */ - struct zwp_relative_pointer_manager_v1 *relative_pointer_manager; - struct zwp_pointer_constraints_v1 *pointer_constraints; - EGLDisplay dpy; -@@ -269,8 +264,6 @@ struct window { - struct window *parent; - struct window *last_parent; - -- struct ivi_surface *ivi_surface; -- - struct window_frame *frame; - - /* struct surface::link, contains also main_surface */ -@@ -1441,19 +1434,6 @@ window_get_display(struct window *window) - return window->display; - } - --static void --handle_ivi_surface_configure(void *data, struct ivi_surface *ivi_surface, -- int32_t width, int32_t height) --{ -- struct window *window = data; -- -- window_schedule_resize(window, width, height); --} -- --static const struct ivi_surface_listener ivi_surface_listener = { -- handle_ivi_surface_configure, --}; -- - static void - surface_create_surface(struct surface *surface, uint32_t flags) - { -@@ -1604,9 +1584,6 @@ window_destroy(struct window *window) - if (window->xdg_surface) - zxdg_surface_v6_destroy(window->xdg_surface); - -- if (window->ivi_surface) -- ivi_surface_destroy(window->ivi_surface); -- - surface_destroy(window->main_surface); - - wl_list_remove(&window->link); -@@ -5200,7 +5177,7 @@ window_create_internal(struct display *display, int custom) - surface = surface_create(window); - window->main_surface = surface; - -- assert(custom || display->xdg_shell || display->ivi_application); -+ assert(custom || display->xdg_shell); - - window->custom = custom; - window->preferred_format = WINDOW_PREFERRED_FORMAT_NONE; -@@ -5220,7 +5197,6 @@ struct window * - window_create(struct display *display) - { - struct window *window; -- uint32_t id_ivisurf; - - window = window_create_internal(display, 0); - -@@ -5243,16 +5219,6 @@ window_create(struct display *display) - window_inhibit_redraw(window); - - wl_surface_commit(window->main_surface->surface); -- } else if (display->ivi_application) { -- /* auto generation of ivi_id based on process id + basement of id */ -- id_ivisurf = IVI_SURFACE_ID + (uint32_t)getpid(); -- window->ivi_surface = -- ivi_application_surface_create(display->ivi_application, -- id_ivisurf, window->main_surface->surface); -- fail_on_null(window->ivi_surface, 0, __FILE__, __LINE__); -- -- ivi_surface_add_listener(window->ivi_surface, -- &ivi_surface_listener, window); - } - - return window; -@@ -6013,11 +5979,6 @@ registry_handle_global(void *data, struct wl_registry *registry, uint32_t id, - wl_registry_bind(registry, id, - &wl_subcompositor_interface, 1); - } -- else if (strcmp(interface, "ivi_application") == 0) { -- d->ivi_application = -- wl_registry_bind(registry, id, -- &ivi_application_interface, 1); -- } - - if (d->global_handler) - d->global_handler(d, id, interface, version, d->user_data); -@@ -6316,9 +6277,6 @@ display_destroy(struct display *display) - if (display->xdg_shell) - zxdg_shell_v6_destroy(display->xdg_shell); - -- if (display->ivi_application) -- ivi_application_destroy(display->ivi_application); -- - if (display->shm) - wl_shm_destroy(display->shm); - diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0016-compositor-add-output-type-to-weston_output.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0016-compositor-add-output-type-to-weston_output.patch deleted file mode 100644 index 6b93b06e8..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0016-compositor-add-output-type-to-weston_output.patch +++ /dev/null @@ -1,254 +0,0 @@ -From 8ea60075d5310101bebedf09c94902e9d41432ac Mon Sep 17 00:00:00 2001 -From: Veeresh Kadasani -Date: Mon, 29 Jul 2019 17:04:12 +0900 -Subject: [PATCH 1/3] compositor: add output type to weston_output - -This enables weston to use multiple types of backend -Each backends have own output structure for each functions -To avoid invalid member access, type identifier is needed - -Signed-off-by: Veeresh Kadasani ---- - libweston/compositor-drm.c | 78 +++++++++++++++++++++++------------------ - libweston/compositor-fbdev.c | 2 +- - libweston/compositor-headless.c | 2 +- - libweston/compositor-rdp.c | 2 +- - libweston/compositor-wayland.c | 2 +- - libweston/compositor-x11.c | 2 +- - libweston/compositor.h | 12 ++++++- - 7 files changed, 60 insertions(+), 40 deletions(-) - -diff --git a/libweston/compositor-drm.c b/libweston/compositor-drm.c -index 3891176..26a480c 100644 ---- a/libweston/compositor-drm.c -+++ b/libweston/compositor-drm.c -@@ -843,8 +843,9 @@ drm_output_find_by_crtc(struct drm_backend *b, uint32_t crtc_id) - struct drm_output *output; - - wl_list_for_each(output, &b->compositor->output_list, base.link) { -- if (output->crtc_id == crtc_id) -- return output; -+ if(output->base.output_type == OUTPUT_DRM) -+ if (output->crtc_id == crtc_id) -+ return output; - } - - return NULL; -@@ -859,7 +860,8 @@ drm_head_find_by_connector(struct drm_backend *backend, uint32_t connector_id) - wl_list_for_each(base, - &backend->compositor->head_list, compositor_link) { - head = to_drm_head(base); -- if (head->connector_id == connector_id) -+ if(base->output->output_type == OUTPUT_DRM) -+ if (head->connector_id == connector_id) - return head; - } - -@@ -5728,6 +5730,7 @@ drm_output_enable(struct weston_output *base) - drmModeRes *resources; - int ret; - -+ output->base.output_type = OUTPUT_DRM; - resources = drmModeGetResources(b->drm.fd); - if (!resources) { - weston_log("drmModeGetResources failed\n"); -@@ -6188,23 +6191,25 @@ drm_backend_update_heads(struct drm_backend *b, struct udev_device *drm_device) - /* Remove connectors that have disappeared. */ - wl_list_for_each_safe(base, next, - &b->compositor->head_list, compositor_link) { -- bool removed = true; -+ if (base->output->output_type == OUTPUT_DRM) { -+ bool removed = true; - -- head = to_drm_head(base); -+ head = to_drm_head(base); - -- for (i = 0; i < resources->count_connectors; i++) { -- if (resources->connectors[i] == head->connector_id) { -- removed = false; -- break; -- } -- } -+ for (i = 0; i < resources->count_connectors; i++) { -+ if (resources->connectors[i] == head->connector_id) { -+ removed = false; -+ break; -+ } -+ } - -- if (!removed) -- continue; -+ if (!removed) -+ continue; - -- weston_log("DRM: head '%s' (connector %d) disappeared.\n", -- head->base.name, head->connector_id); -- drm_head_destroy(head); -+ weston_log("DRM: head '%s' (connector %d) disappeared.\n", -+ head->base.name, head->connector_id); -+ drm_head_destroy(head); -+ } - } - - drm_backend_update_unused_outputs(b, resources); -@@ -6309,23 +6314,26 @@ session_notify(struct wl_listener *listener, void *data) - * pending frame callbacks. */ - - wl_list_for_each(output, &compositor->output_list, base.link) { -- output->base.repaint_needed = false; -- if (output->cursor_plane) -- drmModeSetCursor(b->drm.fd, output->crtc_id, -- 0, 0, 0); -+ if(output->base.output_type == OUTPUT_DRM) { -+ output->base.repaint_needed = false; -+ if (output->cursor_plane) -+ drmModeSetCursor(b->drm.fd, output->crtc_id, -+ 0, 0, 0); -+ } - } -- -- output = container_of(compositor->output_list.next, -- struct drm_output, base.link); -- -- wl_list_for_each(plane, &b->plane_list, link) { -- if (plane->type != WDRM_PLANE_TYPE_OVERLAY) -- continue; -- -- drmModeSetPlane(b->drm.fd, -- plane->plane_id, -- output->crtc_id, 0, 0, -- 0, 0, 0, 0, 0, 0, 0, 0); -+ if(output->base.output_type == OUTPUT_DRM) { -+ output = container_of(compositor->output_list.next, -+ struct drm_output, base.link); -+ -+ wl_list_for_each(plane, &b->plane_list, link) { -+ if (plane->type != WDRM_PLANE_TYPE_OVERLAY) -+ continue; -+ -+ drmModeSetPlane(b->drm.fd, -+ plane->plane_id, -+ output->crtc_id, 0, 0, -+ 0, 0, 0, 0, 0, 0, 0, 0); -+ } - } - } - } -@@ -6649,7 +6657,8 @@ switch_to_gl_renderer(struct drm_backend *b) - } - - wl_list_for_each(output, &b->compositor->output_list, base.link) -- pixman_renderer_output_destroy(&output->base); -+ if(output->base.output_type == OUTPUT_DRM) -+ pixman_renderer_output_destroy(&output->base); - - b->compositor->renderer->destroy(b->compositor); - -@@ -6661,7 +6670,8 @@ switch_to_gl_renderer(struct drm_backend *b) - } - - wl_list_for_each(output, &b->compositor->output_list, base.link) -- drm_output_init_egl(output, b); -+ if(output->base.output_type == OUTPUT_DRM) -+ drm_output_init_egl(output, b); - - b->use_pixman = 0; - -diff --git a/libweston/compositor-fbdev.c b/libweston/compositor-fbdev.c -index a71b7bd..8edb50b 100644 ---- a/libweston/compositor-fbdev.c -+++ b/libweston/compositor-fbdev.c -@@ -501,7 +501,7 @@ fbdev_output_enable(struct weston_output *base) - struct fbdev_head *head; - int fb_fd; - struct wl_event_loop *loop; -- -+ output->base.output_type = OUTPUT_FBDEV; - head = fbdev_output_get_head(output); - - /* Create the frame buffer. */ -diff --git a/libweston/compositor-headless.c b/libweston/compositor-headless.c -index 61a5bd9..f633cd7 100644 ---- a/libweston/compositor-headless.c -+++ b/libweston/compositor-headless.c -@@ -159,7 +159,7 @@ headless_output_enable(struct weston_output *base) - loop = wl_display_get_event_loop(b->compositor->wl_display); - output->finish_frame_timer = - wl_event_loop_add_timer(loop, finish_frame_handler, output); -- -+ output->base.output_type = OUTPUT_HEADLESS; - if (b->use_pixman) { - output->image_buf = malloc(output->base.current_mode->width * - output->base.current_mode->height * 4); -diff --git a/libweston/compositor-rdp.c b/libweston/compositor-rdp.c -index 134e729..429370c 100644 ---- a/libweston/compositor-rdp.c -+++ b/libweston/compositor-rdp.c -@@ -554,7 +554,7 @@ rdp_output_enable(struct weston_output *base) - struct rdp_output *output = to_rdp_output(base); - struct rdp_backend *b = to_rdp_backend(base->compositor); - struct wl_event_loop *loop; -- -+ output->base.output_type = OUTPUT_RDP; - output->shadow_surface = pixman_image_create_bits(PIXMAN_x8r8g8b8, - output->base.current_mode->width, - output->base.current_mode->height, -diff --git a/libweston/compositor-wayland.c b/libweston/compositor-wayland.c -index e80ecc1..808fc8f 100644 ---- a/libweston/compositor-wayland.c -+++ b/libweston/compositor-wayland.c -@@ -1221,7 +1221,7 @@ wayland_output_enable(struct weston_output *base) - struct wayland_backend *b = to_wayland_backend(base->compositor); - enum mode_status mode_status; - int ret = 0; -- -+ output->base.output_type = OUTPUT_WAYLAND; - weston_log("Creating %dx%d wayland output at (%d, %d)\n", - output->base.current_mode->width, - output->base.current_mode->height, -diff --git a/libweston/compositor-x11.c b/libweston/compositor-x11.c -index 4a9d068..afbaa73 100644 ---- a/libweston/compositor-x11.c -+++ b/libweston/compositor-x11.c -@@ -933,7 +933,7 @@ x11_output_enable(struct weston_output *base) - XCB_EVENT_MASK_STRUCTURE_NOTIFY, - 0 - }; -- -+ output->base.output_type = OUTPUT_X11; - if (!b->no_input) - values[0] |= - XCB_EVENT_MASK_KEY_PRESS | -diff --git a/libweston/compositor.h b/libweston/compositor.h -index 8b7a102..60feda3 100644 ---- a/libweston/compositor.h -+++ b/libweston/compositor.h -@@ -169,6 +169,16 @@ enum dpms_enum { - WESTON_DPMS_OFF - }; - -+/* bit compatible with drm definitions. */ -+enum output_type { -+ OUTPUT_DRM, -+ OUTPUT_FBDEV, -+ OUTPUT_HEADLESS, -+ OUTPUT_RDP, -+ OUTPUT_WAYLAND, -+ OUTPUT_X11, -+ OUTPUT_WALTHAM -+}; - /** Represents a monitor - * - * This object represents a monitor (hardware backends like DRM) or a window -@@ -201,7 +211,7 @@ struct weston_head { - struct weston_output { - uint32_t id; - char *name; -- -+ enum output_type output_type; - /** Matches the lifetime from the user perspective */ - struct wl_signal user_destroy_signal; - --- -2.7.4 - diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0017-compositor-drm-introduce-drm_get_dmafd_from_view.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0017-compositor-drm-introduce-drm_get_dmafd_from_view.patch deleted file mode 100644 index 6fb963fb1..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0017-compositor-drm-introduce-drm_get_dmafd_from_view.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 020508b35b2bf6c89d62961eb95e2f81d6381ab5 Mon Sep 17 00:00:00 2001 -From: Veeresh Kadasani -Date: Mon, 29 Jul 2019 17:07:00 +0900 -Subject: [PATCH 2/3] compositor-drm: introduce drm_get_dmafd_from_view - -This API enables to get dmafd from weston_view - -Signed-off-by: Veeresh Kadasani ---- - libweston/compositor-drm.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++ - libweston/compositor-drm.h | 7 ++++++ - 2 files changed, 64 insertions(+) - -diff --git a/libweston/compositor-drm.c b/libweston/compositor-drm.c -index 26a480c..2b99db5 100644 ---- a/libweston/compositor-drm.c -+++ b/libweston/compositor-drm.c -@@ -5420,6 +5420,62 @@ drm_output_set_seat(struct weston_output *base, - } - - static int -+drm_get_dma_fd_from_view(struct weston_output *base, -+ struct weston_view *ev) -+{ -+ struct drm_backend *b = to_drm_backend(base->compositor); -+ struct weston_buffer *buffer = ev->surface->buffer_ref.buffer; -+ struct gbm_bo *bo; -+ struct drm_fb *current; -+ struct linux_dmabuf_buffer *dmabuf; -+ bool is_opaque = drm_view_is_opaque(ev); -+ uint32_t format; -+ int fd, ret; -+ -+ if(!buffer) { -+ weston_log("buffer is NULL\n"); -+ return -1; -+ } -+ -+ if(dmabuf = linux_dmabuf_buffer_get(buffer->resource)) { -+ current = drm_fb_get_from_dmabuf(dmabuf, b, is_opaque); -+ if (!current) -+ { -+ fprintf(stderr, "failed to get drm_fb from dmabuf\n"); -+ return -1; -+ } -+ } -+ else if(ev->surface->buffer_ref.buffer->legacy_buffer) { -+ bo = gbm_bo_import(b->gbm, GBM_BO_IMPORT_WL_BUFFER, -+ buffer->resource, GBM_BO_USE_SCANOUT); -+ if (!bo) { -+ weston_log("failed to get gbm_bo\n"); -+ return -1; -+ } -+ current = drm_fb_get_from_bo(bo, b, is_opaque, BUFFER_CLIENT); -+ -+ if (!current) { -+ weston_log("failed to get drm_fb from bo\n"); -+ return -1; -+ } -+ -+ } -+ else { -+ weston_log("Buffer is not supported\n"); -+ return -1; -+ } -+ -+ ret = drmPrimeHandleToFD(b->drm.fd, current->handles[0], -+ DRM_CLOEXEC, &fd); -+ free(current); -+ if (ret) { -+ weston_log("failed to create prime fd for front buffer\n"); -+ return -1; -+ } -+ -+ return fd; -+} -+static int - drm_output_init_gamma_size(struct drm_output *output) - { - struct drm_backend *backend = to_drm_backend(output->base.compositor); -@@ -6696,6 +6752,7 @@ static const struct weston_drm_output_api api = { - drm_output_set_mode, - drm_output_set_gbm_format, - drm_output_set_seat, -+ drm_get_dma_fd_from_view, - }; - - static struct drm_backend * -diff --git a/libweston/compositor-drm.h b/libweston/compositor-drm.h -index 9c37c15..a82a2a9 100644 ---- a/libweston/compositor-drm.h -+++ b/libweston/compositor-drm.h -@@ -78,6 +78,13 @@ struct weston_drm_output_api { - */ - void (*set_seat)(struct weston_output *output, - const char *seat); -+ -+ /** Get the dma fd from drm view. -+ * -+ * The dma fd is got from weston_view. -+ * Returns fd on success, -1 on failure. -+ */ -+ int (*get_dma_fd_from_view)(struct weston_output *output, struct weston_view *view); - }; - - static inline const struct weston_drm_output_api * --- -2.7.4 - diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0018-compositor-drm-get-stride-from-drm_get_dma_fd_from_view.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0018-compositor-drm-get-stride-from-drm_get_dma_fd_from_view.patch deleted file mode 100644 index e2655d120..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0018-compositor-drm-get-stride-from-drm_get_dma_fd_from_view.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 0dac780379228396a19048544b9e53d5aa407583 Mon Sep 17 00:00:00 2001 -From: Veeresh Kadasani -Date: Mon, 29 Jul 2019 17:08:31 +0900 -Subject: [PATCH 3/3] compositor-drm: get stride from drm_get_dma_fd_from_view - -Modify drm_get_dma_fd_from_view to get buffer stride. - -Signed-off-by: Veeresh Kadasani ---- - libweston/compositor-drm.c | 5 +++-- - libweston/compositor-drm.h | 2 +- - 2 files changed, 4 insertions(+), 3 deletions(-) - -diff --git a/libweston/compositor-drm.c b/libweston/compositor-drm.c -index 2b99db5..ec2765f 100644 ---- a/libweston/compositor-drm.c -+++ b/libweston/compositor-drm.c -@@ -5421,7 +5421,7 @@ drm_output_set_seat(struct weston_output *base, - - static int - drm_get_dma_fd_from_view(struct weston_output *base, -- struct weston_view *ev) -+ struct weston_view *ev, int *buf_stride) - { - struct drm_backend *b = to_drm_backend(base->compositor); - struct weston_buffer *buffer = ev->surface->buffer_ref.buffer; -@@ -5444,6 +5444,7 @@ drm_get_dma_fd_from_view(struct weston_output *base, - fprintf(stderr, "failed to get drm_fb from dmabuf\n"); - return -1; - } -+ *buf_stride=current->strides[0]; - } - else if(ev->surface->buffer_ref.buffer->legacy_buffer) { - bo = gbm_bo_import(b->gbm, GBM_BO_IMPORT_WL_BUFFER, -@@ -5458,7 +5459,7 @@ drm_get_dma_fd_from_view(struct weston_output *base, - weston_log("failed to get drm_fb from bo\n"); - return -1; - } -- -+ *buf_stride=current->strides[0]; - } - else { - weston_log("Buffer is not supported\n"); -diff --git a/libweston/compositor-drm.h b/libweston/compositor-drm.h -index a82a2a9..c2461b3 100644 ---- a/libweston/compositor-drm.h -+++ b/libweston/compositor-drm.h -@@ -84,7 +84,7 @@ struct weston_drm_output_api { - * The dma fd is got from weston_view. - * Returns fd on success, -1 on failure. - */ -- int (*get_dma_fd_from_view)(struct weston_output *output, struct weston_view *view); -+ int (*get_dma_fd_from_view)(struct weston_output *output, struct weston_view *view, int *buf_stride); - }; - - static inline const struct weston_drm_output_api * --- -2.7.4 - diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston_5.0.0.bbappend b/meta-agl-profile-graphical/recipes-graphics/wayland/weston_5.0.0.bbappend deleted file mode 100644 index 108cca83f..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston_5.0.0.bbappend +++ /dev/null @@ -1,27 +0,0 @@ -FILESEXTRAPATHS_append := ":${THISDIR}/${PN}" - -SRC_URI_append = "\ - file://0001-Allow-regular-users-to-launch-Weston_2.0.0.patch \ - file://0001-ivi-shell-rework-goto-labels-to-avoid-memory-leaks.patch \ - file://0002-ivi-shell-removed-assert.patch \ - file://0003-ivi-shell-introduction-of-IVI_INVALID_ID.patch \ - file://0004-layout-interface-added-interface-to-change-surface-id.patch \ - file://0005-ivi-layout-introcuded-configure_desktop_changed.patch \ - file://0006-ivi-layout-introcuded-surface_create_and_configure.patch \ - file://0007-ivi-shell-linked-libweston-desktop-and-added-structs.patch \ - file://0008-ivi-layout-use-libweston-desktop-api-for-views.patch \ - file://0009-ivi-shell-added-libweston-desktop-api_implementation.patch \ - file://0010-ivi-shell-remove-surface_destroy_listener.patch \ - file://0011-ivi-shell-create-weston-desktop-in_wet_shell_init.patch \ - file://0012-hmi-controller-register-for-desktop_surface_configured.patch \ - file://0013-simple-egl-remove-ivi-application-support.patch \ - file://0014-simple-shm-remove-ivi-application-support.patch \ - file://0015-window-client-remove-ivi-application-support.patch \ - file://use-XDG_RUNTIMESHARE_DIR.patch \ - file://0016-compositor-add-output-type-to-weston_output.patch \ - file://0017-compositor-drm-introduce-drm_get_dmafd_from_view.patch \ - file://0018-compositor-drm-get-stride-from-drm_get_dma_fd_from_view.patch \ - " - - -EXTRA_OECONF_append = " --enable-sys-uid" -- cgit 1.2.3-korg From 963f5436ccc40a83ff0d018f7731d13de1bb12bd Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 13:53:21 -0500 Subject: meta-agl-profile-core: remove connman backport Remove backported connman 1.36 recipe, as oe-core has a newer 1.37 recipe. Bug-AGL: SPEC-2932 Change-Id: I7bf60571f687a717f9f7841b7caa62ff21dbce3d Signed-off-by: Scott Murray --- .../recipes-connectivity/connman/connman.inc | 216 ------------ ...us-issues-which-cause-problems-under-musl.patch | 362 --------------------- ...vice-stop-systemd-resolved-when-we-use-co.patch | 29 -- ...ange-visibility-to-default-for-debug-symb.patch | 35 -- ...resolve-musl-does-not-implement-res_ninit.patch | 85 ----- .../recipes-connectivity/connman/connman/connman | 83 ----- .../connman/connman/no-version-scripts.patch | 27 -- .../recipes-connectivity/connman/connman_1.36.bb | 16 - 8 files changed, 853 deletions(-) delete mode 100644 meta-agl-profile-core/recipes-connectivity/connman/connman.inc delete mode 100644 meta-agl-profile-core/recipes-connectivity/connman/connman/0001-Fix-various-issues-which-cause-problems-under-musl.patch delete mode 100644 meta-agl-profile-core/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch delete mode 100644 meta-agl-profile-core/recipes-connectivity/connman/connman/0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch delete mode 100644 meta-agl-profile-core/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch delete mode 100644 meta-agl-profile-core/recipes-connectivity/connman/connman/connman delete mode 100644 meta-agl-profile-core/recipes-connectivity/connman/connman/no-version-scripts.patch delete mode 100644 meta-agl-profile-core/recipes-connectivity/connman/connman_1.36.bb diff --git a/meta-agl-profile-core/recipes-connectivity/connman/connman.inc b/meta-agl-profile-core/recipes-connectivity/connman/connman.inc deleted file mode 100644 index 0a117e44a..000000000 --- a/meta-agl-profile-core/recipes-connectivity/connman/connman.inc +++ /dev/null @@ -1,216 +0,0 @@ -SUMMARY = "A daemon for managing internet connections within embedded devices" -DESCRIPTION = "The ConnMan project provides a daemon for managing \ -internet connections within embedded devices running the Linux \ -operating system. The Connection Manager is designed to be slim and \ -to use as few resources as possible, so it can be easily integrated. \ -It is a fully modular system that can be extended, through plug-ins, \ -to support all kinds of wired or wireless technologies. Also, \ -configuration methods, like DHCP and domain name resolving, are \ -implemented using plug-ins." -HOMEPAGE = "http://connman.net/" -BUGTRACKER = "https://01.org/jira/browse/CM" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ - file://src/main.c;beginline=1;endline=20;md5=486a279a6ab0c8d152bcda3a5b5edc36" - -inherit autotools pkgconfig systemd update-rc.d bluetooth update-alternatives - -DEPENDS = "dbus glib-2.0 ppp readline" - -INC_PR = "r20" - -EXTRA_OECONF += "\ - ac_cv_path_WPASUPPLICANT=${sbindir}/wpa_supplicant \ - ac_cv_path_PPPD=${sbindir}/pppd \ - --enable-debug \ - --enable-loopback \ - --enable-ethernet \ - --enable-tools \ - --disable-polkit \ - --enable-client \ -" - -PACKAGECONFIG ??= "wispr \ - ${@bb.utils.filter('DISTRO_FEATURES', '3g systemd wifi', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \ - iptables \ -" - -# If you want ConnMan to support VPN, add following statement into -# local.conf or distro config -# PACKAGECONFIG_append_pn-connman = " openvpn vpnc l2tp pptp" - -PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/ --with-tmpfilesdir=${sysconfdir}/tmpfiles.d/,--with-systemdunitdir='' --with-tmpfilesdir=''" -PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi, wpa-supplicant, wpa-supplicant" -PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, ${BLUEZ}, ${BLUEZ}" -PACKAGECONFIG[3g] = "--enable-ofono, --disable-ofono, ofono, ofono" -PACKAGECONFIG[tist] = "--enable-tist,--disable-tist," -PACKAGECONFIG[openvpn] = "--enable-openvpn --with-openvpn=${sbindir}/openvpn,--disable-openvpn,,openvpn" -PACKAGECONFIG[vpnc] = "--enable-vpnc --with-vpnc=${sbindir}/vpnc,--disable-vpnc,,vpnc" -PACKAGECONFIG[l2tp] = "--enable-l2tp --with-l2tp=${sbindir}/xl2tpd,--disable-l2tp,,xl2tpd" -PACKAGECONFIG[pptp] = "--enable-pptp --with-pptp=${sbindir}/pptp,--disable-pptp,,pptp-linux" -# WISPr support for logging into hotspots, requires TLS -PACKAGECONFIG[wispr] = "--enable-wispr,--disable-wispr,gnutls," -PACKAGECONFIG[nftables] = "--with-firewall=nftables ,,libmnl libnftnl,,kernel-module-nf-tables-ipv4 kernel-module-nft-chain-nat-ipv4 kernel-module-nft-chain-route-ipv4 kernel-module-nft-meta kernel-module-nft-masq-ipv4 kernel-module-nft-nat" -PACKAGECONFIG[iptables] = "--with-firewall=iptables ,,iptables,iptables" - -INITSCRIPT_NAME = "connman" -INITSCRIPT_PARAMS = "start 05 5 2 3 . stop 22 0 1 6 ." - -python __anonymous () { - systemd_packages = "${PN}" - pkgconfig = d.getVar('PACKAGECONFIG') - if ('openvpn' or 'vpnc' or 'l2tp' or 'pptp') in pkgconfig.split(): - systemd_packages += " ${PN}-vpn" - d.setVar('SYSTEMD_PACKAGES', systemd_packages) -} - -SYSTEMD_SERVICE_${PN} = "connman.service" -SYSTEMD_SERVICE_${PN}-vpn = "connman-vpn.service" -SYSTEMD_SERVICE_${PN}-wait-online = "connman-wait-online.service" - -ALTERNATIVE_PRIORITY = "100" -ALTERNATIVE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','resolv-conf','',d)}" -ALTERNATIVE_TARGET[resolv-conf] = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${sysconfdir}/resolv-conf.connman','',d)}" -ALTERNATIVE_LINK_NAME[resolv-conf] = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${sysconfdir}/resolv.conf','',d)}" - -do_install_append() { - if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/connman ${D}${sysconfdir}/init.d/connman - sed -i s%@DATADIR@%${datadir}% ${D}${sysconfdir}/init.d/connman - fi - - install -d ${D}${bindir} - install -m 0755 ${B}/tools/*-test ${D}${bindir} - if [ -e ${B}/tools/wispr ]; then - install -m 0755 ${B}/tools/wispr ${D}${bindir} - fi - install -m 0755 ${B}/client/connmanctl ${D}${bindir} - - # We don't need to package an empty directory - rmdir --ignore-fail-on-non-empty ${D}${libdir}/connman/scripts - - # Automake 1.12 won't install empty directories, but we need the - # plugins directory to be present for ownership - mkdir -p ${D}${libdir}/connman/plugins - - # For read-only filesystem, do not create links during bootup - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - ln -sf ../run/connman/resolv.conf ${D}${sysconfdir}/resolv-conf.connman - fi -} - -# These used to be plugins, but now they are core -RPROVIDES_${PN} = "\ - connman-plugin-loopback \ - connman-plugin-ethernet \ - ${@bb.utils.contains('PACKAGECONFIG', 'bluetooth','connman-plugin-bluetooth', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'wifi','connman-plugin-wifi', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', '3g','connman-plugin-ofono', '', d)} \ - " - -RDEPENDS_${PN} = "\ - dbus \ - " - -PACKAGES_DYNAMIC += "^${PN}-plugin-.*" - -def add_rdepends(bb, d, file, pkg, depmap, multilib_prefix, add_insane_skip): - plugintype = pkg.split( '-' )[-1] - if plugintype in depmap: - rdepends = map(lambda x: multilib_prefix + x, \ - depmap[plugintype].split()) - d.setVar("RDEPENDS_%s" % pkg, " ".join(rdepends)) - if add_insane_skip: - d.appendVar("INSANE_SKIP_%s" % pkg, "dev-so") - -python populate_packages_prepend() { - depmap = dict(pppd="ppp") - multilib_prefix = (d.getVar("MLPREFIX") or "") - - hook = lambda file,pkg,x,y,z: \ - add_rdepends(bb, d, file, pkg, depmap, multilib_prefix, False) - plugin_dir = d.expand('${libdir}/connman/plugins/') - plugin_name = d.expand('${PN}-plugin-%s') - do_split_packages(d, plugin_dir, r'^(.*).so$', plugin_name, \ - '${PN} plugin for %s', extra_depends='', hook=hook, prepend=True ) - - hook = lambda file,pkg,x,y,z: \ - add_rdepends(bb, d, file, pkg, depmap, multilib_prefix, True) - plugin_dir = d.expand('${libdir}/connman/plugins-vpn/') - plugin_name = d.expand('${PN}-plugin-vpn-%s') - do_split_packages(d, plugin_dir, r'^(.*).so$', plugin_name, \ - '${PN} VPN plugin for %s', extra_depends='', hook=hook, prepend=True ) -} - -PACKAGES =+ "${PN}-tools ${PN}-tests ${PN}-client" - -FILES_${PN}-tools = "${bindir}/wispr" -RDEPENDS_${PN}-tools ="${PN}" - -FILES_${PN}-tests = "${bindir}/*-test" - -FILES_${PN}-client = "${bindir}/connmanctl" -RDEPENDS_${PN}-client ="${PN}" - -FILES_${PN} = "${bindir}/* ${sbindir}/* ${libexecdir}/* ${libdir}/lib*.so.* \ - ${libdir}/connman/plugins \ - ${sysconfdir} ${sharedstatedir} ${localstatedir} ${datadir} \ - ${base_bindir}/* ${base_sbindir}/* ${base_libdir}/*.so* ${datadir}/${PN} \ - ${datadir}/dbus-1/system-services/* \ - ${sysconfdir}/tmpfiles.d/connman_resolvconf.conf" - -FILES_${PN}-dev += "${libdir}/connman/*/*.la" - -PACKAGES =+ "${PN}-vpn ${PN}-wait-online" - -SUMMARY_${PN}-vpn = "A daemon for managing VPN connections within embedded devices" -DESCRIPTION_${PN}-vpn = "The ConnMan VPN provides a daemon for \ -managing VPN connections within embedded devices running the Linux \ -operating system. The connman-vpnd handles all the VPN connections \ -and starts/stops VPN client processes when necessary. The connman-vpnd \ -provides a DBus API for managing VPN connections. All the different \ -VPN technogies are implemented using plug-ins." -FILES_${PN}-vpn += "${sbindir}/connman-vpnd \ - ${sysconfdir}/dbus-1/system.d/connman-vpn-dbus.conf \ - ${datadir}/dbus-1/system-services/net.connman.vpn.service \ - ${systemd_unitdir}/system/connman-vpn.service" - -SUMMARY_${PN}-wait-online = "A program that will return once ConnMan has connected to a network" -DESCRIPTION_${PN}-wait-online = "A service that can be enabled so that \ -the system waits until a network connection is established." -FILES_${PN}-wait-online += "${sbindir}/connmand-wait-online \ - ${systemd_unitdir}/system/connman-wait-online.service" - -SUMMARY_${PN}-plugin-vpn-openvpn = "An OpenVPN plugin for ConnMan VPN" -DESCRIPTION_${PN}-plugin-vpn-openvpn = "The ConnMan OpenVPN plugin uses openvpn client \ -to create a VPN connection to OpenVPN server." -FILES_${PN}-plugin-vpn-openvpn += "${libdir}/connman/scripts/openvpn-script \ - ${libdir}/connman/plugins-vpn/openvpn.so" -RDEPENDS_${PN}-plugin-vpn-openvpn += "${PN}-vpn" -RRECOMMENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG','openvpn','${PN}-plugin-vpn-openvpn', '', d)}" - -SUMMARY_${PN}-plugin-vpn-vpnc = "A vpnc plugin for ConnMan VPN" -DESCRIPTION_${PN}-plugin-vpn-vpnc = "The ConnMan vpnc plugin uses vpnc client \ -to create a VPN connection to Cisco3000 VPN Concentrator." -FILES_${PN}-plugin-vpn-vpnc += "${libdir}/connman/scripts/openconnect-script \ - ${libdir}/connman/plugins-vpn/vpnc.so" -RDEPENDS_${PN}-plugin-vpn-vpnc += "${PN}-vpn" -RRECOMMENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG','vpnc','${PN}-plugin-vpn-vpnc', '', d)}" - -SUMMARY_${PN}-plugin-vpn-l2tp = "A L2TP plugin for ConnMan VPN" -DESCRIPTION_${PN}-plugin-vpn-l2tp = "The ConnMan L2TP plugin uses xl2tpd daemon \ -to create a VPN connection to L2TP server." -FILES_${PN}-plugin-vpn-l2tp += "${libdir}/connman/scripts/libppp-plugin.so* \ - ${libdir}/connman/plugins-vpn/l2tp.so" -RDEPENDS_${PN}-plugin-vpn-l2tp += "${PN}-vpn" -RRECOMMENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG','l2tp','${PN}-plugin-vpn-l2tp', '', d)}" - -SUMMARY_${PN}-plugin-vpn-pptp = "A PPTP plugin for ConnMan VPN" -DESCRIPTION_${PN}-plugin-vpn-pptp = "The ConnMan PPTP plugin uses pptp-linux client \ -to create a VPN connection to PPTP server." -FILES_${PN}-plugin-vpn-pptp += "${libdir}/connman/scripts/libppp-plugin.so* \ - ${libdir}/connman/plugins-vpn/pptp.so" -RDEPENDS_${PN}-plugin-vpn-pptp += "${PN}-vpn" -RRECOMMENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG','pptp','${PN}-plugin-vpn-pptp', '', d)}" diff --git a/meta-agl-profile-core/recipes-connectivity/connman/connman/0001-Fix-various-issues-which-cause-problems-under-musl.patch b/meta-agl-profile-core/recipes-connectivity/connman/connman/0001-Fix-various-issues-which-cause-problems-under-musl.patch deleted file mode 100644 index f344fea10..000000000 --- a/meta-agl-profile-core/recipes-connectivity/connman/connman/0001-Fix-various-issues-which-cause-problems-under-musl.patch +++ /dev/null @@ -1,362 +0,0 @@ -From 181ff3439783c6920f5211730672685a210c318f Mon Sep 17 00:00:00 2001 -From: Ross Burton -Date: Mon, 8 Oct 2018 22:12:56 +0200 -Subject: [PATCH] Fix various issues which cause problems under musl - -Instead of using #define _GNU_SOURCE in some source files which causes -problems when building with musl as more files need the define, simply -use AC_USE_SYSTEM_EXTENSIONS in configure.ac to get it defined globally. - -Signed-off-by: Ross Burton -Upstream-Status: Backport [bd1326ba7d68df38c5ccaafd2403a5fb30bd452b] ---- - configure.ac | 3 +++ - gdhcp/client.c | 1 - - gdhcp/common.h | 5 +++-- - gweb/gresolv.c | 1 + - plugins/tist.c | 1 - - plugins/wifi.c | 3 +-- - src/backtrace.c | 1 - - src/inet.c | 1 - - src/ippool.c | 1 - - src/iptables.c | 2 +- - src/log.c | 1 - - src/ntp.c | 1 - - src/resolver.c | 1 - - src/rfkill.c | 1 - - src/stats.c | 1 - - src/tethering.c | 2 -- - src/timezone.c | 1 - - tools/dhcp-test.c | 1 - - tools/dnsproxy-test.c | 1 + - tools/private-network-test.c | 2 +- - tools/stats-tool.c | 1 - - tools/tap-test.c | 3 +-- - tools/wispr.c | 1 - - vpn/plugins/vpn.c | 1 - - 24 files changed, 12 insertions(+), 25 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 39745f76..984126c2 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -20,6 +20,7 @@ AC_SUBST(abs_top_srcdir) - AC_SUBST(abs_top_builddir) - - AC_LANG_C -+AC_USE_SYSTEM_EXTENSIONS - - AC_PROG_CC - AM_PROG_CC_C_O -@@ -185,6 +186,8 @@ AC_CHECK_LIB(resolv, ns_initparse, dummy=yes, [ - AC_CHECK_HEADERS([execinfo.h]) - AM_CONDITIONAL([BACKTRACE], [test "${ac_cv_header_execinfo_h}" = "yes"]) - -+AC_CHECK_MEMBERS([struct in6_pktinfo.ipi6_addr], [], [], [[#include ]]) -+ - AC_CHECK_FUNC(signalfd, dummy=yes, - AC_MSG_ERROR(signalfd support is required)) - -diff --git a/gdhcp/client.c b/gdhcp/client.c -index 67357782..c7db76f0 100644 ---- a/gdhcp/client.c -+++ b/gdhcp/client.c -@@ -23,7 +23,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/gdhcp/common.h b/gdhcp/common.h -index 75abc183..6899499e 100644 ---- a/gdhcp/common.h -+++ b/gdhcp/common.h -@@ -19,6 +19,7 @@ - * - */ - -+#include - #include - #include - -@@ -170,8 +171,8 @@ static const uint8_t dhcp_option_lengths[] = { - [OPTION_U32] = 4, - }; - --/* already defined within netinet/in.h if using GNU compiler */ --#ifndef __USE_GNU -+/* already defined within netinet/in.h if using glibc or musl */ -+#ifndef HAVE_STRUCT_IN6_PKTINFO_IPI6_ADDR - struct in6_pktinfo { - struct in6_addr ipi6_addr; /* src/dst IPv6 address */ - unsigned int ipi6_ifindex; /* send/recv interface index */ -diff --git a/gweb/gresolv.c b/gweb/gresolv.c -index 81c79b6c..b06f8932 100644 ---- a/gweb/gresolv.c -+++ b/gweb/gresolv.c -@@ -29,6 +29,7 @@ - #include - #include - #include -+#include - #include - #include - #include -diff --git a/plugins/tist.c b/plugins/tist.c -index ad5ef79e..cc2800a1 100644 ---- a/plugins/tist.c -+++ b/plugins/tist.c -@@ -23,7 +23,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/plugins/wifi.c b/plugins/wifi.c -index dc08c6af..46e4cca4 100644 ---- a/plugins/wifi.c -+++ b/plugins/wifi.c -@@ -30,9 +30,8 @@ - #include - #include - #include --#include --#include - #include -+#include - - #ifndef IFF_LOWER_UP - #define IFF_LOWER_UP 0x10000 -diff --git a/src/backtrace.c b/src/backtrace.c -index e8d7f432..bede6698 100644 ---- a/src/backtrace.c -+++ b/src/backtrace.c -@@ -24,7 +24,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/src/inet.c b/src/inet.c -index a31372b5..a58ce7c1 100644 ---- a/src/inet.c -+++ b/src/inet.c -@@ -25,7 +25,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/src/ippool.c b/src/ippool.c -index cea1dccd..8a645da2 100644 ---- a/src/ippool.c -+++ b/src/ippool.c -@@ -28,7 +28,6 @@ - #include - #include - #include --#include - #include - - #include "connman.h" -diff --git a/src/iptables.c b/src/iptables.c -index f3670e77..469effed 100644 ---- a/src/iptables.c -+++ b/src/iptables.c -@@ -28,7 +28,7 @@ - #include - #include - #include --#include -+#include - #include - #include - #include -diff --git a/src/log.c b/src/log.c -index 9bae4a3d..f7e82e5d 100644 ---- a/src/log.c -+++ b/src/log.c -@@ -23,7 +23,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/src/ntp.c b/src/ntp.c -index 51ba9aac..724ca188 100644 ---- a/src/ntp.c -+++ b/src/ntp.c -@@ -23,7 +23,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/src/resolver.c b/src/resolver.c -index 76f0a8e1..10121aa5 100644 ---- a/src/resolver.c -+++ b/src/resolver.c -@@ -23,7 +23,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/src/rfkill.c b/src/rfkill.c -index d9bed4d2..b2514c41 100644 ---- a/src/rfkill.c -+++ b/src/rfkill.c -@@ -23,7 +23,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/src/stats.c b/src/stats.c -index 663bc382..c9ddc2e8 100644 ---- a/src/stats.c -+++ b/src/stats.c -@@ -23,7 +23,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/src/tethering.c b/src/tethering.c -index 4b202369..f3cb36f4 100644 ---- a/src/tethering.c -+++ b/src/tethering.c -@@ -34,8 +34,6 @@ - #include - #include - #include --#include --#include - #include - - #include "connman.h" -diff --git a/src/timezone.c b/src/timezone.c -index e346b11a..8e912670 100644 ---- a/src/timezone.c -+++ b/src/timezone.c -@@ -23,7 +23,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/tools/dhcp-test.c b/tools/dhcp-test.c -index c34e10a8..eae66fc2 100644 ---- a/tools/dhcp-test.c -+++ b/tools/dhcp-test.c -@@ -33,7 +33,6 @@ - #include - #include - #include --#include - - #include - -diff --git a/tools/dnsproxy-test.c b/tools/dnsproxy-test.c -index 551cae91..371e2e23 100644 ---- a/tools/dnsproxy-test.c -+++ b/tools/dnsproxy-test.c -@@ -24,6 +24,7 @@ - #endif - - #include -+#include - #include - #include - #include -diff --git a/tools/private-network-test.c b/tools/private-network-test.c -index 3dd115ba..2828bb30 100644 ---- a/tools/private-network-test.c -+++ b/tools/private-network-test.c -@@ -32,7 +32,7 @@ - #include - #include - #include --#include -+#include - #include - #include - -diff --git a/tools/stats-tool.c b/tools/stats-tool.c -index efa39de2..5695048f 100644 ---- a/tools/stats-tool.c -+++ b/tools/stats-tool.c -@@ -22,7 +22,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/tools/tap-test.c b/tools/tap-test.c -index fdc098aa..cb3ee622 100644 ---- a/tools/tap-test.c -+++ b/tools/tap-test.c -@@ -23,13 +23,12 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include - #include - #include --#include -+#include - #include - - #include -diff --git a/tools/wispr.c b/tools/wispr.c -index d5f9341f..e56dfc16 100644 ---- a/tools/wispr.c -+++ b/tools/wispr.c -@@ -23,7 +23,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include -diff --git a/vpn/plugins/vpn.c b/vpn/plugins/vpn.c -index 10548aaf..6e3f640c 100644 ---- a/vpn/plugins/vpn.c -+++ b/vpn/plugins/vpn.c -@@ -23,7 +23,6 @@ - #include - #endif - --#define _GNU_SOURCE - #include - #include - #include --- -2.17.1 - diff --git a/meta-agl-profile-core/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch b/meta-agl-profile-core/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch deleted file mode 100644 index 8e2e0bd02..000000000 --- a/meta-agl-profile-core/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 9f70b94ebf18f52c115634642652830fa77f27a1 Mon Sep 17 00:00:00 2001 -From: "Maxin B. John" -Date: Mon, 12 Jun 2017 16:52:39 +0300 -Subject: [PATCH] connman.service: stop systemd-resolved when we use connman - -Stop systemd-resolved service when we use connman as network manager. - -Upstream-Status: Inappropriate [configuration] - -Signed-off-by: Maxin B. John ---- - src/connman.service.in | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/connman.service.in b/src/connman.service.in -index 9f5c10f..dab48bc 100644 ---- a/src/connman.service.in -+++ b/src/connman.service.in -@@ -6,6 +6,7 @@ RequiresMountsFor=@localstatedir@/lib/connman - After=dbus.service network-pre.target systemd-sysusers.service - Before=network.target multi-user.target shutdown.target - Wants=network.target -+Conflicts=systemd-resolved.service - - [Service] - Type=dbus --- -2.4.0 - diff --git a/meta-agl-profile-core/recipes-connectivity/connman/connman/0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch b/meta-agl-profile-core/recipes-connectivity/connman/connman/0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch deleted file mode 100644 index e6f03e632..000000000 --- a/meta-agl-profile-core/recipes-connectivity/connman/connman/0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 4ddaf78dad5a9ee4a0658235f71b75132192123e Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Sat, 7 Apr 2012 18:52:12 -0700 -Subject: [PATCH] plugin.h: Change visibility to default for debug symbols - -gold refuses to link in undefined weak symbols which -have hidden visibility - -Signed-off-by: Khem Raj - - -Upstream-Status: Pending ---- - include/plugin.h | 4 ++-- - 1 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/include/plugin.h b/include/plugin.h -index 692a4e5..a9361c3 100644 ---- a/include/plugin.h -+++ b/include/plugin.h -@@ -89,9 +89,9 @@ struct connman_plugin_desc { - #else - #define CONNMAN_PLUGIN_DEFINE(name, description, version, priority, init, exit) \ - extern struct connman_debug_desc __start___debug[] \ -- __attribute__ ((weak, visibility("hidden"))); \ -+ __attribute__ ((weak, visibility("default"))); \ - extern struct connman_debug_desc __stop___debug[] \ -- __attribute__ ((weak, visibility("hidden"))); \ -+ __attribute__ ((weak, visibility("default"))); \ - extern struct connman_plugin_desc connman_plugin_desc \ - __attribute__ ((visibility("default"))); \ - struct connman_plugin_desc connman_plugin_desc = { \ --- -1.7.5.4 - diff --git a/meta-agl-profile-core/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch b/meta-agl-profile-core/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch deleted file mode 100644 index 639ccfa2a..000000000 --- a/meta-agl-profile-core/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 10b0d16d04b811b1ccd1f9b0cfe757bce8d876a1 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Mon, 6 Apr 2015 23:02:21 -0700 -Subject: [PATCH 2/3] resolve: musl does not implement res_ninit - -ported from -http://git.alpinelinux.org/cgit/aports/plain/testing/connman/libresolv.patch - -Upstream-Status: Pending - -Signed-off-by: Khem Raj ---- - gweb/gresolv.c | 33 ++++++++++++--------------------- - 1 file changed, 12 insertions(+), 21 deletions(-) - -diff --git a/gweb/gresolv.c b/gweb/gresolv.c -index 5cf7a9a..3ad8e70 100644 ---- a/gweb/gresolv.c -+++ b/gweb/gresolv.c -@@ -36,6 +36,7 @@ - #include - #include - #include -+#include - - #include "gresolv.h" - -@@ -875,8 +875,6 @@ GResolv *g_resolv_new(int index) - resolv->index = index; - resolv->nameserver_list = NULL; - -- res_ninit(&resolv->res); -- - return resolv; - } - -@@ -916,8 +914,6 @@ void g_resolv_unref(GResolv *resolv) - - flush_nameservers(resolv); - -- res_nclose(&resolv->res); -- - g_free(resolv); - } - -@@ -1020,24 +1016,19 @@ guint g_resolv_lookup_hostname(GResolv *resolv, const char *hostname, - debug(resolv, "hostname %s", hostname); - - if (!resolv->nameserver_list) { -- int i; -- -- for (i = 0; i < resolv->res.nscount; i++) { -- char buf[100]; -- int family = resolv->res.nsaddr_list[i].sin_family; -- void *sa_addr = &resolv->res.nsaddr_list[i].sin_addr; -- -- if (family != AF_INET && -- resolv->res._u._ext.nsaddrs[i]) { -- family = AF_INET6; -- sa_addr = &resolv->res._u._ext.nsaddrs[i]->sin6_addr; -+ FILE *f = fopen("/etc/resolv.conf", "r"); -+ if (f) { -+ char line[256], *s; -+ int i; -+ while (fgets(line, sizeof(line), f)) { -+ if (strncmp(line, "nameserver", 10) || !isspace(line[10])) -+ continue; -+ for (s = &line[11]; isspace(s[0]); s++); -+ for (i = 0; s[i] && !isspace(s[i]); i++); -+ s[i] = 0; -+ g_resolv_add_nameserver(resolv, s, 53, 0); - } -- -- if (family != AF_INET && family != AF_INET6) -- continue; -- -- if (inet_ntop(family, sa_addr, buf, sizeof(buf))) -- g_resolv_add_nameserver(resolv, buf, 53, 0); -+ fclose(f); - } - - if (!resolv->nameserver_list) --- -2.5.1 - diff --git a/meta-agl-profile-core/recipes-connectivity/connman/connman/connman b/meta-agl-profile-core/recipes-connectivity/connman/connman/connman deleted file mode 100644 index c64fa0d71..000000000 --- a/meta-agl-profile-core/recipes-connectivity/connman/connman/connman +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/sh - -DAEMON=/usr/sbin/connmand -PIDFILE=/var/run/connmand.pid -DESC="Connection Manager" - -if [ -f /etc/default/connman ] ; then - . /etc/default/connman -fi - -set -e - -nfsroot=0 - -exec 9<&0 < /proc/mounts -while read dev mtpt fstype rest; do - if test $mtpt = "/" ; then - case $fstype in - nfs | nfs4) - nfsroot=1 - break - ;; - *) - ;; - esac - fi -done - -do_start() { - EXTRA_PARAM="" - if test $nfsroot -eq 1 ; then - NET_DEVS=`cat /proc/net/dev | sed -ne 's/^\([a-zA-Z0-9 ]*\):.*$/\1/p'` - NET_ADDR=`cat /proc/cmdline | sed -ne 's/^.*ip=\([^ :]*\).*$/\1/p'` - - if [ ! -z "$NET_ADDR" ]; then - if [ "$NET_ADDR" = dhcp ]; then - ethn=`ifconfig | grep "^eth" | sed -e "s/\(eth[0-9]\)\(.*\)/\1/"` - if [ ! -z "$ethn" ]; then - EXTRA_PARAM="-I $ethn" - fi - else - for i in $NET_DEVS; do - ADDR=`ifconfig $i | sed 's/addr://g' | sed -ne 's/^.*inet \([0-9.]*\) .*$/\1/p'` - if [ "$NET_ADDR" = "$ADDR" ]; then - EXTRA_PARAM="-I $i" - break - fi - done - fi - fi - fi - if [ -f @DATADIR@/connman/wired-setup ] ; then - . @DATADIR@/connman/wired-setup - fi - $DAEMON $EXTRA_PARAM -} - -do_stop() { - start-stop-daemon --stop --name connmand --quiet -} - -case "$1" in - start) - echo "Starting $DESC" - do_start - ;; - stop) - echo "Stopping $DESC" - do_stop - ;; - restart|force-reload) - echo "Restarting $DESC" - do_stop - sleep 1 - do_start - ;; - *) - echo "Usage: $0 {start|stop|restart|force-reload}" >&2 - exit 1 - ;; -esac - -exit 0 diff --git a/meta-agl-profile-core/recipes-connectivity/connman/connman/no-version-scripts.patch b/meta-agl-profile-core/recipes-connectivity/connman/connman/no-version-scripts.patch deleted file mode 100644 index e96e38bcf..000000000 --- a/meta-agl-profile-core/recipes-connectivity/connman/connman/no-version-scripts.patch +++ /dev/null @@ -1,27 +0,0 @@ -With binutils 2.27 on at least MIPS, connmand will crash on startup. This -appears to be due to the symbol visibilty scripts hiding symbols that stdio -looks up at runtime, resulting in it segfaulting. - -This certainly appears to be a bug in binutils 2.27 although the problem has -been known about for some time: - -https://sourceware.org/bugzilla/show_bug.cgi?id=17908 - -As the version scripts are only used to hide symbols from plugins we can safely -remove the scripts to work around the problem until binutils is fixed. - -Upstream-Status: Inappropriate -Signed-off-by: Ross Burton - -diff --git a/Makefile.am b/Makefile.am -index d70725c..76ae432 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -132,2 +132 @@ src_connmand_LDADD = gdbus/libgdbus-internal.la $(builtin_libadd) \ --src_connmand_LDFLAGS = -Wl,--export-dynamic \ -- -Wl,--version-script=$(srcdir)/src/connman.ver -+src_connmand_LDFLAGS = -Wl,--export-dynamic -@@ -166,2 +165 @@ vpn_connman_vpnd_LDADD = gdbus/libgdbus-internal.la $(builtin_vpn_libadd) \ --vpn_connman_vpnd_LDFLAGS = -Wl,--export-dynamic \ -- -Wl,--version-script=$(srcdir)/vpn/vpn.ver -+vpn_connman_vpnd_LDFLAGS = -Wl,--export-dynamic diff --git a/meta-agl-profile-core/recipes-connectivity/connman/connman_1.36.bb b/meta-agl-profile-core/recipes-connectivity/connman/connman_1.36.bb deleted file mode 100644 index 6e4dbdfda..000000000 --- a/meta-agl-profile-core/recipes-connectivity/connman/connman_1.36.bb +++ /dev/null @@ -1,16 +0,0 @@ -require connman.inc - -SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ - file://0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch \ - file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \ - file://connman \ - file://no-version-scripts.patch \ - file://0001-Fix-various-issues-which-cause-problems-under-musl.patch \ -" - -SRC_URI_append_libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch" - -SRC_URI[md5sum] = "dae77d9c904d2c223ae849e32079d57e" -SRC_URI[sha256sum] = "c789db41cc443fa41e661217ea321492ad59a004bebcd1aa013f3bc10a6e0074" - -RRECOMMENDS_${PN} = "connman-conf" -- cgit 1.2.3-korg From 6b32df85777f5513758cd24b6cf737a3f452824f Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 13:55:02 -0500 Subject: meta-agl-profile-core: remove libnfc recipe Remove libnfc recipe, as oe-core now has a recipe pointing at a newer git commit. Bug-AGL: SPEC-2932 Change-Id: Ib98a9ef5ae65b3aa533a5266ef72466aa73d934c Signed-off-by: Scott Murray --- .../recipes-connectivity/libnfc/libnfc_git.bb | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 meta-agl-profile-core/recipes-connectivity/libnfc/libnfc_git.bb diff --git a/meta-agl-profile-core/recipes-connectivity/libnfc/libnfc_git.bb b/meta-agl-profile-core/recipes-connectivity/libnfc/libnfc_git.bb deleted file mode 100644 index bd216f815..000000000 --- a/meta-agl-profile-core/recipes-connectivity/libnfc/libnfc_git.bb +++ /dev/null @@ -1,18 +0,0 @@ -SUMMARY = "libnfc" -DESCRIPTION = "Platform independent Near Field Communication (NFC) library" -HOMEPAGE = "https://github.com/nfc-tools/libnfc" -SECTION = "apps" - -DEPENDS = "libusb" - -LICENSE = "LGPLv3" -LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=b52f2d57d10c4f7ee67a7eb9615d5d24" - -inherit cmake pkgconfig - -SRC_URI = "git://github.com/nfc-tools/libnfc;protocol=https;branch=master" -SRCREV = "2d4543673e9b76c02679ca8b89259659f1afd932" - -PV = "1.7.1+git${SRCPV}" -S = "${WORKDIR}/git" - -- cgit 1.2.3-korg From 365192c41a826bf6d6522338c497293fa99191e2 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 14:01:07 -0500 Subject: meta-agl-profile-core: remove backported curl and nghttp2 recipes Remove the curl and nghttp2 recipes that were backported from oe-core zeus to get nghttp2 support for the Alexa SDK, since they're present in oe-core now. Bug-AGL: SPEC-2932 Change-Id: I1cc57ecd3113f68a1a980944c5b07b6a335bd622 Signed-off-by: Scott Murray --- .../0001-replace-krb5-config-with-pkg-config.patch | 44 ------------ .../recipes-support/curl/curl_7.66.0.bb | 80 ---------------------- .../recipes-support/nghttp2/nghttp2_1.39.1.bb | 15 ---- 3 files changed, 139 deletions(-) delete mode 100644 meta-agl-profile-core/recipes-support/curl/curl/0001-replace-krb5-config-with-pkg-config.patch delete mode 100644 meta-agl-profile-core/recipes-support/curl/curl_7.66.0.bb delete mode 100644 meta-agl-profile-core/recipes-support/nghttp2/nghttp2_1.39.1.bb diff --git a/meta-agl-profile-core/recipes-support/curl/curl/0001-replace-krb5-config-with-pkg-config.patch b/meta-agl-profile-core/recipes-support/curl/curl/0001-replace-krb5-config-with-pkg-config.patch deleted file mode 100644 index a7db1b3c9..000000000 --- a/meta-agl-profile-core/recipes-support/curl/curl/0001-replace-krb5-config-with-pkg-config.patch +++ /dev/null @@ -1,44 +0,0 @@ -From ed70f0623708b8a6c1f58a5d243d87c5ff45b24d Mon Sep 17 00:00:00 2001 -From: Roy Li -Date: Tue, 26 Apr 2016 13:13:01 +0800 -Subject: [PATCH] replace krb5-config with pkg-config - -Upstream-Status: Pending - -Signed-off-by: Roy Li - ---- - configure.ac | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 5569a26..56b0380 100755 ---- a/configure.ac -+++ b/configure.ac -@@ -1290,7 +1290,7 @@ AC_ARG_WITH(gssapi, - fi - ]) - --: ${KRB5CONFIG:="$GSSAPI_ROOT/bin/krb5-config"} -+KRB5CONFIG=`which pkg-config` - - save_CPPFLAGS="$CPPFLAGS" - AC_MSG_CHECKING([if GSS-API support is requested]) -@@ -1301,7 +1301,7 @@ if test x"$want_gss" = xyes; then - if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then - GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi` - elif test -f "$KRB5CONFIG"; then -- GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi` -+ GSSAPI_INCS=`$KRB5CONFIG --cflags mit-krb5-gssapi` - elif test "$GSSAPI_ROOT" != "yes"; then - GSSAPI_INCS="-I$GSSAPI_ROOT/include" - fi -@@ -1394,7 +1394,7 @@ if test x"$want_gss" = xyes; then - elif test -f "$KRB5CONFIG"; then - dnl krb5-config doesn't have --libs-only-L or similar, put everything - dnl into LIBS -- gss_libs=`$KRB5CONFIG --libs gssapi` -+ gss_libs=`$KRB5CONFIG --libs mit-krb5-gssapi` - LIBS="$gss_libs $LIBS" - else - case $host in diff --git a/meta-agl-profile-core/recipes-support/curl/curl_7.66.0.bb b/meta-agl-profile-core/recipes-support/curl/curl_7.66.0.bb deleted file mode 100644 index d1975f246..000000000 --- a/meta-agl-profile-core/recipes-support/curl/curl_7.66.0.bb +++ /dev/null @@ -1,80 +0,0 @@ -SUMMARY = "Command line tool and library for client-side URL transfers" -HOMEPAGE = "http://curl.haxx.se/" -BUGTRACKER = "http://curl.haxx.se/mail/list.cgi?list=curl-tracker" -SECTION = "console/network" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://COPYING;md5=be5d9e1419c4363f4b32037a2d3b7ffa" - -SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ - file://0001-replace-krb5-config-with-pkg-config.patch \ -" - -SRC_URI[md5sum] = "c238aa394e3aa47ca4fcb0491774149f" -SRC_URI[sha256sum] = "6618234e0235c420a21f4cb4c2dd0badde76e6139668739085a70c4e2fe7a141" - -CVE_PRODUCT = "curl libcurl" -inherit autotools pkgconfig binconfig multilib_header - -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls libidn proxy threaded-resolver verbose zlib" -PACKAGECONFIG_class-native = "ipv6 proxy ssl threaded-resolver verbose zlib" -PACKAGECONFIG_class-nativesdk = "ipv6 proxy ssl threaded-resolver verbose zlib" - -# 'ares' and 'threaded-resolver' are mutually exclusive -PACKAGECONFIG[ares] = "--enable-ares,--disable-ares,c-ares" -PACKAGECONFIG[brotli] = "--with-brotli,--without-brotli,brotli" -PACKAGECONFIG[builtinmanual] = "--enable-manual,--disable-manual" -PACKAGECONFIG[dict] = "--enable-dict,--disable-dict," -PACKAGECONFIG[gnutls] = "--with-gnutls,--without-gnutls,gnutls" -PACKAGECONFIG[gopher] = "--enable-gopher,--disable-gopher," -PACKAGECONFIG[imap] = "--enable-imap,--disable-imap," -PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," -PACKAGECONFIG[krb5] = "--with-gssapi,--without-gssapi,krb5" -PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap," -PACKAGECONFIG[ldaps] = "--enable-ldaps,--disable-ldaps," -PACKAGECONFIG[libidn] = "--with-libidn2,--without-libidn2,libidn2" -PACKAGECONFIG[libssh2] = "--with-libssh2,--without-libssh2,libssh2" -PACKAGECONFIG[mbedtls] = "--with-mbedtls=${STAGING_DIR_TARGET},--without-mbedtls,mbedtls" -PACKAGECONFIG[nghttp2] = "--with-nghttp2,--without-nghttp2,nghttp2" -PACKAGECONFIG[pop3] = "--enable-pop3,--disable-pop3," -PACKAGECONFIG[proxy] = "--enable-proxy,--disable-proxy," -PACKAGECONFIG[rtmpdump] = "--with-librtmp,--without-librtmp,rtmpdump" -PACKAGECONFIG[rtsp] = "--enable-rtsp,--disable-rtsp," -PACKAGECONFIG[smb] = "--enable-smb,--disable-smb," -PACKAGECONFIG[smtp] = "--enable-smtp,--disable-smtp," -PACKAGECONFIG[ssl] = "--with-ssl --with-random=/dev/urandom,--without-ssl,openssl" -PACKAGECONFIG[nss] = "--with-nss,--without-nss,nss" -PACKAGECONFIG[telnet] = "--enable-telnet,--disable-telnet," -PACKAGECONFIG[tftp] = "--enable-tftp,--disable-tftp," -PACKAGECONFIG[threaded-resolver] = "--enable-threaded-resolver,--disable-threaded-resolver" -PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose" -PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib" - -EXTRA_OECONF = " \ - --disable-libcurl-option \ - --disable-ntlm-wb \ - --enable-crypto-auth \ - --with-ca-bundle=${sysconfdir}/ssl/certs/ca-certificates.crt \ - --without-libmetalink \ - --without-libpsl \ -" - -do_install_append_class-target() { - # cleanup buildpaths from curl-config - sed -i \ - -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \ - -e 's,--with-libtool-sysroot=${STAGING_DIR_TARGET},,g' \ - -e 's|${DEBUG_PREFIX_MAP}||g' \ - ${D}${bindir}/curl-config -} - -PACKAGES =+ "lib${BPN}" - -FILES_lib${BPN} = "${libdir}/lib*.so.*" -RRECOMMENDS_lib${BPN} += "ca-certificates" - -FILES_${PN} += "${datadir}/zsh" - -inherit multilib_script -MULTILIB_SCRIPTS = "${PN}-dev:${bindir}/curl-config" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-agl-profile-core/recipes-support/nghttp2/nghttp2_1.39.1.bb b/meta-agl-profile-core/recipes-support/nghttp2/nghttp2_1.39.1.bb deleted file mode 100644 index 6077daf76..000000000 --- a/meta-agl-profile-core/recipes-support/nghttp2/nghttp2_1.39.1.bb +++ /dev/null @@ -1,15 +0,0 @@ -SUMMARY = "HTTP/2 C Library and tools" -HOMEPAGE = "https://nghttp2.org/" -SECTION = "libs" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://COPYING;md5=764abdf30b2eadd37ce47dcbce0ea1ec" - -+UPSTREAM_CHECK_URI = "https://github.com/nghttp2/nghttp2/releases" - -SRC_URI = "https://github.com/nghttp2/nghttp2/releases/download/v${PV}/nghttp2-${PV}.tar.xz" -SRC_URI[md5sum] = "02b015cb178c46f27dd87228e33db35f" -SRC_URI[sha256sum] = "679160766401f474731fd60c3aca095f88451e3cc4709b72306e4c34cf981448" - -DEPENDS = "libxml2 openssl zlib jansson cunit c-ares" - -inherit cmake pythonnative python-dir -- cgit 1.2.3-korg From 852bcd528258ec2dbdbd69cba44ca031a07362c6 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 14:04:35 -0500 Subject: meta-agl-profile-core: remove libmicrohttpd backport Remove backported libmicrohttpd 0.9.63 recipe, as oe-core has a newer 0.9.66 recipe. Bug-AGL: SPEC-2932 Change-Id: I96fccada545452217f28a29a42d4ba04e5a2f393 Signed-off-by: Scott Murray --- .../libmicrohttpd/libmicrohttpd_0.9.63.bb | 28 ---------------------- 1 file changed, 28 deletions(-) delete mode 100644 meta-agl-profile-core/recipes-support/libmicrohttpd/libmicrohttpd_0.9.63.bb diff --git a/meta-agl-profile-core/recipes-support/libmicrohttpd/libmicrohttpd_0.9.63.bb b/meta-agl-profile-core/recipes-support/libmicrohttpd/libmicrohttpd_0.9.63.bb deleted file mode 100644 index ab6f681de..000000000 --- a/meta-agl-profile-core/recipes-support/libmicrohttpd/libmicrohttpd_0.9.63.bb +++ /dev/null @@ -1,28 +0,0 @@ -DESCRIPTION = "A small C library that is supposed to make it easy to run an HTTP server as part of another application" -HOMEPAGE = "http://www.gnu.org/software/libmicrohttpd/" -LICENSE = "LGPL-2.1+" -LIC_FILES_CHKSUM = "file://COPYING;md5=9331186f4f80db7da0e724bdd6554ee5" -SECTION = "net" -DEPENDS = "file" - -SRC_URI = "http://ftp.gnu.org/gnu/libmicrohttpd/${BPN}-${PV}.tar.gz" -SRC_URI[md5sum] = "1c10de049608fca46941cbc790e3ab00" -SRC_URI[sha256sum] = "37c36f1be177f0e37ef181a645cd3baac1000bd322a01c2eff70f3cc8c91749c" - -inherit autotools lib_package pkgconfig gettext - -CFLAGS += "-pthread -D_REENTRANT" - -EXTRA_OECONF += "--disable-static --with-gnutls=${STAGING_LIBDIR}/../" - -PACKAGECONFIG ?= "curl https" -PACKAGECONFIG_append_class-target = "\ - ${@bb.utils.filter('DISTRO_FEATURES', 'largefile', d)} \ -" -PACKAGECONFIG[largefile] = "--enable-largefile,--disable-largefile,," -PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl," -PACKAGECONFIG[https] = "--enable-https,--disable-https,libgcrypt gnutls," - -do_compile_append() { - sed -i s:-L${STAGING_LIBDIR}::g libmicrohttpd.pc -} -- cgit 1.2.3-korg From b18272900ec4ffff9968d7db998841de86abe2a5 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 16:46:21 -0500 Subject: meta-agl-profile-graphical: upgrade to gstreamer 1.16 Rename gstreamer1.0-plugins-bad bbappend and update PREFERRED_VERSION definitions in distro configuration to handle upgrade to gstreamer 1.16 in oe-core. Bug-AGL: SPEC-2932 Change-Id: Ibc7362e6f45512fcda353a9479e2e437e1ee7f0c Signed-off-by: Scott Murray --- meta-agl-distro/conf/distro/poky-agl.conf | 14 +++++++------- .../gstreamer1.0-plugins-bad_1.14.%.bbappend | 2 -- .../gstreamer1.0-plugins-bad_1.16.%.bbappend | 2 ++ 3 files changed, 9 insertions(+), 9 deletions(-) delete mode 100644 meta-agl-profile-graphical/recipes-multimedia/gstreamer1.0-plugins-bad/gstreamer1.0-plugins-bad_1.14.%.bbappend create mode 100644 meta-agl-profile-graphical/recipes-multimedia/gstreamer1.0-plugins-bad/gstreamer1.0-plugins-bad_1.16.%.bbappend diff --git a/meta-agl-distro/conf/distro/poky-agl.conf b/meta-agl-distro/conf/distro/poky-agl.conf index 65119a7aa..d9d703d22 100644 --- a/meta-agl-distro/conf/distro/poky-agl.conf +++ b/meta-agl-distro/conf/distro/poky-agl.conf @@ -95,13 +95,13 @@ DISTRO_FEATURES_remove = "x11" DISTRO_FEATURES_BACKFILL_CONSIDERED = "sysvinit pulseaudio" # Prefer GStreamer 1.14.x by default -PREFERRED_VERSION_gstreamer1.0 ?= "1.14.%" -PREFERRED_VERSION_gstreamer1.0-plugins-bad ?= "1.14.%" -PREFERRED_VERSION_gstreamer1.0-plugins-base ?= "1.14.%" -PREFERRED_VERSION_gstreamer1.0-plugins-good ?= "1.14.%" -PREFERRED_VERSION_gstreamer1.0-plugins-ugly ?= "1.14.%" -PREFERRED_VERSION_gstreamer1.0-libav ?= "1.14.%" -PREFERRED_VERSION_gstreamer1.0-omx ?= "1.14.%" +PREFERRED_VERSION_gstreamer1.0 ?= "1.16.%" +PREFERRED_VERSION_gstreamer1.0-plugins-bad ?= "1.16.%" +PREFERRED_VERSION_gstreamer1.0-plugins-base ?= "1.16.%" +PREFERRED_VERSION_gstreamer1.0-plugins-good ?= "1.16.%" +PREFERRED_VERSION_gstreamer1.0-plugins-ugly ?= "1.16.%" +PREFERRED_VERSION_gstreamer1.0-libav ?= "1.16.%" +PREFERRED_VERSION_gstreamer1.0-omx ?= "1.16.%" # Prefer libjpeg-turbo PREFERRED_PROVIDER_jpeg = "libjpeg-turbo" diff --git a/meta-agl-profile-graphical/recipes-multimedia/gstreamer1.0-plugins-bad/gstreamer1.0-plugins-bad_1.14.%.bbappend b/meta-agl-profile-graphical/recipes-multimedia/gstreamer1.0-plugins-bad/gstreamer1.0-plugins-bad_1.14.%.bbappend deleted file mode 100644 index df13a042d..000000000 --- a/meta-agl-profile-graphical/recipes-multimedia/gstreamer1.0-plugins-bad/gstreamer1.0-plugins-bad_1.14.%.bbappend +++ /dev/null @@ -1,2 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" -SRC_URI_append="${@bb.utils.contains_any("MACHINE", "m3ulcb h3ulcb m3ulcb-nogfx", " "," file://0001-install-wayland.h.patch", d)}" diff --git a/meta-agl-profile-graphical/recipes-multimedia/gstreamer1.0-plugins-bad/gstreamer1.0-plugins-bad_1.16.%.bbappend b/meta-agl-profile-graphical/recipes-multimedia/gstreamer1.0-plugins-bad/gstreamer1.0-plugins-bad_1.16.%.bbappend new file mode 100644 index 000000000..df13a042d --- /dev/null +++ b/meta-agl-profile-graphical/recipes-multimedia/gstreamer1.0-plugins-bad/gstreamer1.0-plugins-bad_1.16.%.bbappend @@ -0,0 +1,2 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" +SRC_URI_append="${@bb.utils.contains_any("MACHINE", "m3ulcb h3ulcb m3ulcb-nogfx", " "," file://0001-install-wayland.h.patch", d)}" -- cgit 1.2.3-korg From 96bca6489f4193e84e74e93b87d0c7a89ca3d200 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 17:00:28 -0500 Subject: meta-security meta-app-framework: handle xmlsec1 upgrade Remove now unneeded meta-security xmlsec1 bbappend, and update the bbappend in meta-app-framework to work with the new xmlsec1 1.2.28 recipe in oe-core. Bug-AGL: SPEC-2932 Change-Id: If57b7c9fa2a4d2b8f9470dd67e95b4579d1210c7 Signed-off-by: Scott Murray --- meta-app-framework/recipes-security/xmlsec1/xmlsec1_1.%.bbappend | 4 ++-- meta-security/recipes-security/xmlsec1/xmlsec1_%.bbappend | 3 --- 2 files changed, 2 insertions(+), 5 deletions(-) delete mode 100644 meta-security/recipes-security/xmlsec1/xmlsec1_%.bbappend diff --git a/meta-app-framework/recipes-security/xmlsec1/xmlsec1_1.%.bbappend b/meta-app-framework/recipes-security/xmlsec1/xmlsec1_1.%.bbappend index 08d2a3dd0..09820be2f 100644 --- a/meta-app-framework/recipes-security/xmlsec1/xmlsec1_1.%.bbappend +++ b/meta-app-framework/recipes-security/xmlsec1/xmlsec1_1.%.bbappend @@ -1,4 +1,4 @@ - -DEPENDS = "libtool libxml2 libxslt openssl gnutls libgcrypt" +# Disable nss to avoid build issues on native +PACKAGECONFIG = "gnutls libgcrypt openssl des" BBCLASSEXTEND = "native nativesdk" diff --git a/meta-security/recipes-security/xmlsec1/xmlsec1_%.bbappend b/meta-security/recipes-security/xmlsec1/xmlsec1_%.bbappend deleted file mode 100644 index 9c6080fcf..000000000 --- a/meta-security/recipes-security/xmlsec1/xmlsec1_%.bbappend +++ /dev/null @@ -1,3 +0,0 @@ -# remove the EXTRA_OECONF from the recipe to -# avoid an build error in >= YP SUMO -EXTRA_OECONF = "" -- cgit 1.2.3-korg From a9bd6c700a81ddad69d2e61b75db392088b6902f Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 17:02:59 -0500 Subject: meta-agl-profile-core: update rtl-sdr recipe for zeus Update pkg-config CFLAGS tweaking in rtl-sdr to avoid failing updated QA check in zeus. Bug-AGL: SPEC-2932 Change-Id: I4a60c16050736f0c92f91f3804342fdaacf713ee Signed-off-by: Scott Murray --- meta-agl-profile-core/recipes-connectivity/rtl-sdr/rtl-sdr_0.5.3.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-agl-profile-core/recipes-connectivity/rtl-sdr/rtl-sdr_0.5.3.bb b/meta-agl-profile-core/recipes-connectivity/rtl-sdr/rtl-sdr_0.5.3.bb index de6da5e84..b442d9f46 100644 --- a/meta-agl-profile-core/recipes-connectivity/rtl-sdr/rtl-sdr_0.5.3.bb +++ b/meta-agl-profile-core/recipes-connectivity/rtl-sdr/rtl-sdr_0.5.3.bb @@ -22,7 +22,7 @@ do_configure_append() { # remove included temporary path from pc file due to pass-through of OE CFLAGS # debug-prefix-map # See: http://lists.openembedded.org/pipermail/openembedded-devel/2016-May/107456.html - sed -i -e "s# -fdebug-prefix-map=.*##g" librtlsdr.pc + sed -i -e "s# -fdebug-prefix-map=.*##g;s# -fmacro-prefix-map=.*##g" librtlsdr.pc } do_install_append() { -- cgit 1.2.3-korg From fc7f233e63feb4c4d9dac698f94cf0daecb63e0a Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 17:30:26 -0500 Subject: meta-agl-bsp meta-agl-profile-core: upgrade to opencv 4.x Rename meta-agl-bsp and meta-agl-profile-core bbappends to handle opencv upgrade from 3.x to 4.x, and update patch in meta-agl-bsp. Bug-AGL: SPEC-2932 Change-Id: I200fed501d0d09cb2ae6953fe95e3dafcc383457 Signed-off-by: Scott Murray --- .../0004-Change-Max-Device-Count-To-16.patch | 25 ++++++---------------- .../recipes-graphics/opencv/opencv_3.%.bbappend | 5 ----- .../recipes-graphics/opencv/opencv_4.%.bbappend | 5 +++++ .../recipes-support/opencv/opencv_3.%.bbappend | 1 - .../recipes-support/opencv/opencv_4.%.bbappend | 1 + 5 files changed, 12 insertions(+), 25 deletions(-) delete mode 100644 meta-agl-bsp/recipes-graphics/opencv/opencv_3.%.bbappend create mode 100644 meta-agl-bsp/recipes-graphics/opencv/opencv_4.%.bbappend delete mode 100644 meta-agl-profile-core/recipes-support/opencv/opencv_3.%.bbappend create mode 100644 meta-agl-profile-core/recipes-support/opencv/opencv_4.%.bbappend diff --git a/meta-agl-bsp/recipes-graphics/opencv/opencv/0004-Change-Max-Device-Count-To-16.patch b/meta-agl-bsp/recipes-graphics/opencv/opencv/0004-Change-Max-Device-Count-To-16.patch index fb574847a..2ad367c8d 100644 --- a/meta-agl-bsp/recipes-graphics/opencv/opencv/0004-Change-Max-Device-Count-To-16.patch +++ b/meta-agl-bsp/recipes-graphics/opencv/opencv/0004-Change-Max-Device-Count-To-16.patch @@ -1,26 +1,13 @@ -diff --git a/modules/videoio/src/cap_libv4l.cpp b/modules/videoio/src/cap_libv4l.cpp -index d82ad43..a3929a6 100644 ---- a/modules/videoio/src/cap_libv4l.cpp -+++ b/modules/videoio/src/cap_libv4l.cpp -@@ -271,7 +271,7 @@ make & enjoy! - #define DEFAULT_V4L_HEIGHT 480 - - #define CHANNEL_NUMBER 1 --#define MAX_CAMERAS 8 -+#define MAX_CAMERAS 16 - - - // default and maximum number of V4L buffers, not including last, 'special' buffer diff --git a/modules/videoio/src/cap_v4l.cpp b/modules/videoio/src/cap_v4l.cpp -index 37d93cd..6b4321c 100644 +index c36a619a56..0040e4574e 100644 --- a/modules/videoio/src/cap_v4l.cpp +++ b/modules/videoio/src/cap_v4l.cpp -@@ -241,7 +241,7 @@ make & enjoy! +@@ -256,7 +256,7 @@ make & enjoy! + #define DEFAULT_V4L_HEIGHT 480 #define DEFAULT_V4L_FPS 30 - - #define CHANNEL_NUMBER 1 + -#define MAX_CAMERAS 8 +#define MAX_CAMERAS 16 - - + // default and maximum number of V4L buffers, not including last, 'special' buffer + #define MAX_V4L_BUFFERS 10 diff --git a/meta-agl-bsp/recipes-graphics/opencv/opencv_3.%.bbappend b/meta-agl-bsp/recipes-graphics/opencv/opencv_3.%.bbappend deleted file mode 100644 index 8a68b0641..000000000 --- a/meta-agl-bsp/recipes-graphics/opencv/opencv_3.%.bbappend +++ /dev/null @@ -1,5 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - -SRC_URI += " \ - file://0004-Change-Max-Device-Count-To-16.patch \ - " diff --git a/meta-agl-bsp/recipes-graphics/opencv/opencv_4.%.bbappend b/meta-agl-bsp/recipes-graphics/opencv/opencv_4.%.bbappend new file mode 100644 index 000000000..8a68b0641 --- /dev/null +++ b/meta-agl-bsp/recipes-graphics/opencv/opencv_4.%.bbappend @@ -0,0 +1,5 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" + +SRC_URI += " \ + file://0004-Change-Max-Device-Count-To-16.patch \ + " diff --git a/meta-agl-profile-core/recipes-support/opencv/opencv_3.%.bbappend b/meta-agl-profile-core/recipes-support/opencv/opencv_3.%.bbappend deleted file mode 100644 index 8656abf09..000000000 --- a/meta-agl-profile-core/recipes-support/opencv/opencv_3.%.bbappend +++ /dev/null @@ -1 +0,0 @@ -PACKAGECONFIG ?= "jpeg png v4l libv4l gstreamer" diff --git a/meta-agl-profile-core/recipes-support/opencv/opencv_4.%.bbappend b/meta-agl-profile-core/recipes-support/opencv/opencv_4.%.bbappend new file mode 100644 index 000000000..8656abf09 --- /dev/null +++ b/meta-agl-profile-core/recipes-support/opencv/opencv_4.%.bbappend @@ -0,0 +1 @@ +PACKAGECONFIG ?= "jpeg png v4l libv4l gstreamer" -- cgit 1.2.3-korg From c4952739d5d811153bacddd57fd1ecd09cbcad7d Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 18:16:17 -0500 Subject: meta-agl-profile-core: handle freetype upgrade Rename and update freetype bbappend in meta-agl-profile-core to work with new 2.10.1 recipe in oe-core. Bug-AGL: SPEC-2932 Change-Id: I71ae6dfde9d9ae36a3f70661fbb84afb575d6786 Signed-off-by: Scott Murray --- .../recipes-test/freetype/freetype_2.%.bbappend | 34 +++++++++++++++++++++ .../recipes-test/freetype/freetype_2.9.1.bbappend | 35 ---------------------- 2 files changed, 34 insertions(+), 35 deletions(-) create mode 100644 meta-agl-profile-core/recipes-test/freetype/freetype_2.%.bbappend delete mode 100644 meta-agl-profile-core/recipes-test/freetype/freetype_2.9.1.bbappend diff --git a/meta-agl-profile-core/recipes-test/freetype/freetype_2.%.bbappend b/meta-agl-profile-core/recipes-test/freetype/freetype_2.%.bbappend new file mode 100644 index 000000000..6aa1eabc2 --- /dev/null +++ b/meta-agl-profile-core/recipes-test/freetype/freetype_2.%.bbappend @@ -0,0 +1,34 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" + +SRC_URI =+ "${SOURCEFORGE_MIRROR}/freetype/freetype-demos/${PV}/ft2demos-${PV}.tar.gz;name=ft2demos \ + file://0001-Makefile-dont-build-gfx-demos.patch;patchdir=../ft2demos-${PV} \ + file://0001-ft2demos-Makefile-Do-not-hardcode-libtool-path.patch;patchdir=../ft2demos-${PV} \ + " +SRC_URI[ft2demos.md5sum] = "c376adf4782bac9b9ac8e427884752d2" +SRC_URI[ft2demos.sha256sum] = "5e9e94a2db9d1a945293a1644a502f6664a2173a454d4a55b19695e2e2f4a0bc" + +PACKAGES =+ "${PN}-demos" + +B = "${S}" + +do_compile_append () { + oe_runmake -C ${WORKDIR}/ft2demos-${PV} TOP_DIR=${WORKDIR}/${BPN}-${PV}/ +} + +do_install_append () { + install -d -m 0755 ${D}/${bindir} + for x in ftbench ftdump ftlint ftvalid ttdebug; do + install -m 0755 ${WORKDIR}/ft2demos-${PV}/bin/.libs/$x ${D}/${bindir} + done +} + +FILES_${PN}-demos = "\ + ${bindir}/ftbench \ + ${bindir}/ftdump \ + ${bindir}/ftlint \ + ${bindir}/ftvalid \ + ${bindir}/ttdebug \ +" + +# enable pixmap/libpng support to allow color emojis +PACKAGECONFIG_append = " pixmap" diff --git a/meta-agl-profile-core/recipes-test/freetype/freetype_2.9.1.bbappend b/meta-agl-profile-core/recipes-test/freetype/freetype_2.9.1.bbappend deleted file mode 100644 index 19499e2bd..000000000 --- a/meta-agl-profile-core/recipes-test/freetype/freetype_2.9.1.bbappend +++ /dev/null @@ -1,35 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/files:" - -SRC_URI =+ "${SOURCEFORGE_MIRROR}/freetype/ft2demos-${PV}.tar.bz2;name=ft2demos \ - file://0001-Makefile-dont-build-gfx-demos.patch;patchdir=../ft2demos-${PV} \ - file://0001-ft2demos-Makefile-Do-not-hardcode-libtool-path.patch;patchdir=../ft2demos-${PV} \ - " -SRC_URI[ft2demos.md5sum] = "178827156d90e07bce8f354c9565d84b" -SRC_URI[ft2demos.sha256sum] = "806eb6363ee5963174a6740f9b7893377912165899c2c1f6372c422aab818c6a" - -PACKAGES =+ "${PN}-demos" - -B = "${S}" - -do_compile_append () { - - oe_runmake -C ${WORKDIR}/ft2demos-${PV} TOP_DIR=${WORKDIR}/${BPN}-${PV}/ -} - -do_install_append () { - install -d -m 0755 ${D}/${bindir} - for x in ftbench ftdump ftlint ftvalid ttdebug; do - install -m 0755 ${WORKDIR}/ft2demos-${PV}/bin/.libs/$x ${D}/${bindir} - done -} - -FILES_${PN}-demos = "\ - ${bindir}/ftbench \ - ${bindir}/ftdump \ - ${bindir}/ftlint \ - ${bindir}/ftvalid \ - ${bindir}/ttdebug \ -" - -# enable pixmap/libpng support to allow color emojis -PACKAGECONFIG_append = " pixmap" -- cgit 1.2.3-korg From 7f2a76887d9cfe5cb1f27efd4f106d04097190eb Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 18:32:31 -0500 Subject: meta-agl-profile-graphical-qt5: handle qtwayland upgrade Drop apparently no longer required qtwayland build fix patch since it does not apply to the newer version in meta-qt5 zeus branch. Bug-AGL: SPEC-2932 Change-Id: I8b218260da649aac9e5075100c271cf85c6a5c12 Signed-off-by: Scott Murray --- meta-agl-profile-graphical-qt5/recipes-qt/qt5/qtwayland_%.bbappend | 2 -- 1 file changed, 2 deletions(-) diff --git a/meta-agl-profile-graphical-qt5/recipes-qt/qt5/qtwayland_%.bbappend b/meta-agl-profile-graphical-qt5/recipes-qt/qt5/qtwayland_%.bbappend index 33874cf44..792a09f15 100644 --- a/meta-agl-profile-graphical-qt5/recipes-qt/qt5/qtwayland_%.bbappend +++ b/meta-agl-profile-graphical-qt5/recipes-qt/qt5/qtwayland_%.bbappend @@ -23,5 +23,3 @@ FILESEXTRAPATHS_append := ":${THISDIR}/${PN}" SRC_URI_append = "\ file://0010-Added-manifest-file-according-to-smack-3-domain-mode.patch \ " - -SRC_URI_append = " file://0099_qtwayland_no_evdev.patch " -- cgit 1.2.3-korg From 9c0f950122472154f3a87cb231b832a6b5d0617f Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 18:36:32 -0500 Subject: meta-security: handle systemd upgrade Rename systemd bbappend to work with newer 243.2 version in oe-core. A wildcard is now used to reduce the need to rename the bbappend on future upgrades, as the additions it makes have not changed recently. Bug-AGL: SPEC-2932 Change-Id: Ie6413710e861b8dbf082bcae3d7592f1009927d5 Signed-off-by: Scott Murray --- .../recipes-core/systemd/systemd_2%.bbappend | 40 ++++++++++++++++++++++ .../recipes-core/systemd/systemd_239.bbappend | 40 ---------------------- 2 files changed, 40 insertions(+), 40 deletions(-) create mode 100644 meta-security/recipes-core/systemd/systemd_2%.bbappend delete mode 100644 meta-security/recipes-core/systemd/systemd_239.bbappend diff --git a/meta-security/recipes-core/systemd/systemd_2%.bbappend b/meta-security/recipes-core/systemd/systemd_2%.bbappend new file mode 100644 index 000000000..789c05f83 --- /dev/null +++ b/meta-security/recipes-core/systemd/systemd_2%.bbappend @@ -0,0 +1,40 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" + +# Ensures systemd runs with label "System" +EXTRA_OEMESON_append_with-lsm-smack = " -Dsmack-run-label=System" + +################################################################################## +# Maintaining trivial, non-upstreamable configuration changes as patches +# is tedious. But in same cases (like early mounting of special directories) +# the configuration has to be in code. We make these changes here directly. +################################################################################## +do_patch[prefuncs] += "patch_systemd" +do_patch[vardeps] += "patch_systemd" +patch_systemd() { + # Handling of /run and /sys/fs/cgroup. Make /run a transmuting directory to + # enable systemd communications with services in the User domain. + # Original patch by Michael Demeter . + # + # We simplify the patching by touching only lines which check the result of + # mac_smack_use(). Those are the ones which are used when Smack is active. + # + # smackfsroot=* on /sys/fs/cgroup may be upstreamable, but smackfstransmute=System::Run + # is too distro specific (depends on Smack rules) and thus has to remain here. + sed -i -e 's;\("/sys/fs/cgroup", *"[^"]*", *"[^"]*\)\(.*mac_smack_use.*\);\1,smackfsroot=*\2;' \ + -e 's;\("/run", *"[^"]*", *"[^"]*\)\(.*mac_smack_use.*\);\1,smackfstransmute=System::Run\2;' \ + ${S}/src/core/mount-setup.c +} + +################################################################################## +# What follows is temporary. +# This is a solution to the Bug-AGL SPEC-539 +# (see https://jira.automotivelinux.org/browse/SPEC-539). +# +# It renames the file "touchscreen.rules" to "55-touchscreen.rules" +# This comes with the recipe systemd_230/234 of poky (meta/recipes-core/systemd) +# It should be removed when poky changes. +################################################################################## +do_install_prepend() { + mv ${WORKDIR}/touchscreen.rules ${WORKDIR}/55-touchscreen.rules || true +} + diff --git a/meta-security/recipes-core/systemd/systemd_239.bbappend b/meta-security/recipes-core/systemd/systemd_239.bbappend deleted file mode 100644 index 789c05f83..000000000 --- a/meta-security/recipes-core/systemd/systemd_239.bbappend +++ /dev/null @@ -1,40 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - -# Ensures systemd runs with label "System" -EXTRA_OEMESON_append_with-lsm-smack = " -Dsmack-run-label=System" - -################################################################################## -# Maintaining trivial, non-upstreamable configuration changes as patches -# is tedious. But in same cases (like early mounting of special directories) -# the configuration has to be in code. We make these changes here directly. -################################################################################## -do_patch[prefuncs] += "patch_systemd" -do_patch[vardeps] += "patch_systemd" -patch_systemd() { - # Handling of /run and /sys/fs/cgroup. Make /run a transmuting directory to - # enable systemd communications with services in the User domain. - # Original patch by Michael Demeter . - # - # We simplify the patching by touching only lines which check the result of - # mac_smack_use(). Those are the ones which are used when Smack is active. - # - # smackfsroot=* on /sys/fs/cgroup may be upstreamable, but smackfstransmute=System::Run - # is too distro specific (depends on Smack rules) and thus has to remain here. - sed -i -e 's;\("/sys/fs/cgroup", *"[^"]*", *"[^"]*\)\(.*mac_smack_use.*\);\1,smackfsroot=*\2;' \ - -e 's;\("/run", *"[^"]*", *"[^"]*\)\(.*mac_smack_use.*\);\1,smackfstransmute=System::Run\2;' \ - ${S}/src/core/mount-setup.c -} - -################################################################################## -# What follows is temporary. -# This is a solution to the Bug-AGL SPEC-539 -# (see https://jira.automotivelinux.org/browse/SPEC-539). -# -# It renames the file "touchscreen.rules" to "55-touchscreen.rules" -# This comes with the recipe systemd_230/234 of poky (meta/recipes-core/systemd) -# It should be removed when poky changes. -################################################################################## -do_install_prepend() { - mv ${WORKDIR}/touchscreen.rules ${WORKDIR}/55-touchscreen.rules || true -} - -- cgit 1.2.3-korg From a5110d6031ecd5343114d74d2b463234342c12a0 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 19:46:20 -0500 Subject: meta-agl-profile-core: switch to udisks2 The udisks recipe was dropped from meta-oe in zeus, rework our bbappend to work with udisks2 which replaces it. Bug-AGL: SPEC-2932 Change-Id: I9ac1a25ee5a816d06874a5c859034f2c2758d117 Signed-off-by: Scott Murray --- .../recipes-support/udisks/files/automount.service | 2 +- .../udisks/files/org.freedesktop.UDisks.conf | 32 ---------------------- .../recipes-support/udisks/files/udisks.service | 11 -------- .../recipes-support/udisks/udisks2_%.bbappend | 22 +++++++++++++++ .../recipes-support/udisks/udisks_1.0.5.bbappend | 28 ------------------- 5 files changed, 23 insertions(+), 72 deletions(-) delete mode 100644 meta-agl-profile-core/recipes-support/udisks/files/org.freedesktop.UDisks.conf delete mode 100644 meta-agl-profile-core/recipes-support/udisks/files/udisks.service create mode 100644 meta-agl-profile-core/recipes-support/udisks/udisks2_%.bbappend delete mode 100644 meta-agl-profile-core/recipes-support/udisks/udisks_1.0.5.bbappend diff --git a/meta-agl-profile-core/recipes-support/udisks/files/automount.service b/meta-agl-profile-core/recipes-support/udisks/files/automount.service index 64c36e76b..b16515196 100644 --- a/meta-agl-profile-core/recipes-support/udisks/files/automount.service +++ b/meta-agl-profile-core/recipes-support/udisks/files/automount.service @@ -1,6 +1,6 @@ [Unit] Description=Automount Disk Manager -After=udisks.service +After=udisks2.service [Service] ExecStart=/usr/libexec/automount.sh diff --git a/meta-agl-profile-core/recipes-support/udisks/files/org.freedesktop.UDisks.conf b/meta-agl-profile-core/recipes-support/udisks/files/org.freedesktop.UDisks.conf deleted file mode 100644 index 0098b94e1..000000000 --- a/meta-agl-profile-core/recipes-support/udisks/files/org.freedesktop.UDisks.conf +++ /dev/null @@ -1,32 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - diff --git a/meta-agl-profile-core/recipes-support/udisks/files/udisks.service b/meta-agl-profile-core/recipes-support/udisks/files/udisks.service deleted file mode 100644 index 4bd558449..000000000 --- a/meta-agl-profile-core/recipes-support/udisks/files/udisks.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Disk Manager (legacy version) -Documentation=man:udisks(7) - -[Service] -Type=dbus -BusName=org.freedesktop.UDisks -ExecStart=/usr/libexec/udisks-daemon --no-debug - -[Install] -WantedBy=multi-user.target diff --git a/meta-agl-profile-core/recipes-support/udisks/udisks2_%.bbappend b/meta-agl-profile-core/recipes-support/udisks/udisks2_%.bbappend new file mode 100644 index 000000000..27cac6592 --- /dev/null +++ b/meta-agl-profile-core/recipes-support/udisks/udisks2_%.bbappend @@ -0,0 +1,22 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" + +SRC_URI += "file://automount.service \ + file://automount.sh \ +" + +SYSTEMD_AUTO_ENABLE = "enable" +SYSTEMD_SERVICE_${PN} += "automount.service" + +do_install_append () { + sed -i 's/^WantedBy=.*/WantedBy=multi-user.target/' ${D}${systemd_unitdir}/system/udisks2.service + + install -d ${D}${base_libdir}/systemd/system + install -m 0644 ${WORKDIR}/automount.service ${D}${systemd_unitdir}/system + + install -d ${D}${libexecdir} + install -m 0755 ${WORKDIR}/automount.sh ${D}${libexecdir}/automount.sh +} + +FILES_${PN} += "${base_libdir}/systemd/system/automount.service \ + ${libexecdir}/automount.sh \ +" diff --git a/meta-agl-profile-core/recipes-support/udisks/udisks_1.0.5.bbappend b/meta-agl-profile-core/recipes-support/udisks/udisks_1.0.5.bbappend deleted file mode 100644 index d55a167a6..000000000 --- a/meta-agl-profile-core/recipes-support/udisks/udisks_1.0.5.bbappend +++ /dev/null @@ -1,28 +0,0 @@ -SRC_URI += "file://org.freedesktop.UDisks.conf \ - file://udisks.service \ - file://automount.service \ - file://automount.sh \ - " -FILESEXTRAPATHS_prepend := "${THISDIR}/files:" - -FILES_${PN} += "${base_libdir}/systemd/system/automount.service \ - ${base_libdir}/systemd/system/udisks.service \ - ${libexecdir}/automount.sh \ - " - -SYSTEMD_AUTO_ENABLE = "enable" -SYSTEMD_SERVICE_${PN} = "udisks.service automount.service" - -do_install_append () { - install -d ${D}${sysconfdir}/dbus-1/system.d - install -m 644 ${WORKDIR}/org.freedesktop.UDisks.conf ${D}${sysconfdir}/dbus-1/system.d/ - - install -d ${D}${base_libdir}/systemd/system - install -m 0644 ${WORKDIR}/udisks.service ${D}${base_libdir}/systemd/system - - install -d ${D}${base_libdir}/systemd/system - install -m 0644 ${WORKDIR}/automount.service ${D}${base_libdir}/systemd/system - - install -d ${D}${libexecdir} - install -m 0755 ${WORKDIR}/automount.sh ${D}${libexecdir}/automount.sh -} -- cgit 1.2.3-korg From 3d1b86d90152cd03ac9df81e189886076c00f14c Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 20:16:24 -0500 Subject: meta-agl-profile-core: update fontconfig bbappend Update fontconfig bbappend to work with the newer fontconfig 2.13.1 in oe-core in zeus. Bug-AGL: SPEC-2932 Change-Id: I7dfbe73def6b461915cdfa0131e1a529e1d3a5fd Signed-off-by: Scott Murray --- .../recipes-test/fontconfig/fontconfig_%.bbappend | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/meta-agl-profile-core/recipes-test/fontconfig/fontconfig_%.bbappend b/meta-agl-profile-core/recipes-test/fontconfig/fontconfig_%.bbappend index c4bebdc1f..e8ce1ab78 100644 --- a/meta-agl-profile-core/recipes-test/fontconfig/fontconfig_%.bbappend +++ b/meta-agl-profile-core/recipes-test/fontconfig/fontconfig_%.bbappend @@ -1,16 +1,17 @@ -PACKAGES =+ "fontconfig-test" - do_install_append() { install -m 755 -d ${D}/${datadir}/fontconfig-test install -m 755 ${S}/test/run-test.sh ${D}/${datadir}/fontconfig-test/ - sed -i -e "s/FCLIST=\.\.\/fc\-list\/fc\-list/FCLIST=\/usr\/bin\/fc\-list/g" -e "s/FCCACHE=\.\.\/fc\-cache\/fc\-cache/FCCACHE=\/usr\/bin\/fc\-cache/g" ${D}/${datadir}/fontconfig-test/run-test.sh + sed -i -e "s#^FCLIST=\.\./fc-list/fc-list#FCLIST=/usr/bin/fc-list#g" -e "s#^FCCACHE=\.\./fc-cache/fc-cache#FCCACHE=/usr/bin/fc-cache#g" ${D}/${datadir}/fontconfig-test/run-test.sh - for x in 4x6.pcf 8x16.pcf out.expected fonts.conf.in; do + install -m 644 ${B}/test/out.expected ${D}/${datadir}/fontconfig-test/ + for x in 4x6.pcf 8x16.pcf fonts.conf.in; do install -m 644 ${S}/test/$x ${D}/${datadir}/fontconfig-test/ done } +PACKAGES =+ "fontconfig-test" + DEBIAN_NOAUTONAME_fontconfig-test = "1" FILES_fontconfig-test = "${datadir}/fontconfig-test/*" -- cgit 1.2.3-korg From cfc505308ebd6ef5cb972ae8a28b8089b168f4d1 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 20:18:04 -0500 Subject: meta-agl-distro: add polkit to DISTRO_FEATURES Add polkit to DISTRO_FEATURES in poky-agl.conf. This is now explicitly required since the OE warrior release to be able to build udisks2. Since the polkit packages were previously being pulled into images by udisks anyways, the effective difference seems to be polkit support being enabled in systemd. Bug-AGL: SPEC-2932 Change-Id: Id87a1c04f5da431f3099d26ef3b78b189ff35b9d Signed-off-by: Scott Murray --- meta-agl-distro/conf/distro/poky-agl.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-agl-distro/conf/distro/poky-agl.conf b/meta-agl-distro/conf/distro/poky-agl.conf index d9d703d22..fb43da826 100644 --- a/meta-agl-distro/conf/distro/poky-agl.conf +++ b/meta-agl-distro/conf/distro/poky-agl.conf @@ -42,7 +42,7 @@ MAINTAINER = "AGL " TARGET_VENDOR = "-agl" # Override these in poky based distros -AGL_DEFAULT_DISTRO_FEATURES = "largefile systemd opengl wayland pam bluetooth bluez5 3g" +AGL_DEFAULT_DISTRO_FEATURES = "largefile systemd opengl wayland pam bluetooth bluez5 3g polkit" POKY_DEFAULT_DISTRO_FEATURES := "${AGL_DEFAULT_DISTRO_FEATURES}" OVERRIDES .= ":${DISTRO_CODENAME}" -- cgit 1.2.3-korg From a1ff5158b4e59e02533454b5582edf084387ba3d Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 22 Jan 2020 20:26:42 -0500 Subject: meta-agl-profile-graphical: update wayland-ivi-extension for weston 7.0.0 Tweak one patch to wayland-ivi-extension to handle switching from weston 6 to 7, and add another to handle the location of the plugin-registry.h header file having changed in weston 7. Bug-AGL: SPEC-2932 Change-Id: I6c861c593bbde24d4b18a88f1a42d87ac0450bfd Signed-off-by: Scott Murray --- .../0002-ivi-id-agent-added-ivi-id-agent.patch | 6 +++--- .../0006-fix-plugin-registry-include.patch | 13 +++++++++++++ .../recipes-graphics/wayland/wayland-ivi-extension_git.bb | 1 + 3 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension/0006-fix-plugin-registry-include.patch diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension/0002-ivi-id-agent-added-ivi-id-agent.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension/0002-ivi-id-agent-added-ivi-id-agent.patch index 7deb01e99..d86e1f22e 100644 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension/0002-ivi-id-agent-added-ivi-id-agent.patch +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension/0002-ivi-id-agent-added-ivi-id-agent.patch @@ -73,7 +73,7 @@ index 0000000..7354a7e +pkg_check_modules(WAYLAND_SERVER wayland-server REQUIRED) +pkg_check_modules(WESTON weston>=5.0.0 REQUIRED) +pkg_check_modules(PIXMAN pixman-1 REQUIRED) -+pkg_check_modules(LIBWESTON_DESKTOP libweston-desktop-6 REQUIRED) ++pkg_check_modules(LIBWESTON_DESKTOP libweston-desktop-7 REQUIRED) + +find_package(Threads REQUIRED) + @@ -149,8 +149,8 @@ index 0000000..9bc115d +#include + +#include -+#include -+#include "config-parser.h" ++#include ++#include "libweston/config-parser.h" +#include + +#ifndef INVALID_ID diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension/0006-fix-plugin-registry-include.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension/0006-fix-plugin-registry-include.patch new file mode 100644 index 000000000..dddbfd370 --- /dev/null +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension/0006-fix-plugin-registry-include.patch @@ -0,0 +1,13 @@ +diff --git a/ivi-input-modules/ivi-input-controller/src/ivi-input-controller.c b/ivi-input-modules/ivi-input-controller/src/ivi-input-controller.c +index a0bfc48..257a1dc 100644 +--- a/ivi-input-modules/ivi-input-controller/src/ivi-input-controller.c ++++ b/ivi-input-modules/ivi-input-controller/src/ivi-input-controller.c +@@ -31,7 +31,7 @@ + #include + #include + +-#include "plugin-registry.h" ++#include + #include "ilm_types.h" + + #include "ivi-input-server-protocol.h" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension_git.bb b/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension_git.bb index 3935929a5..68fc694a8 100644 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension_git.bb +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/wayland-ivi-extension_git.bb @@ -12,6 +12,7 @@ SRC_URI = "git://github.com/GENIVI/${BPN}.git;protocol=http \ file://0002-add-LayerManagerControl-error-status.patch \ file://0004-ivi-ilmcontrol-added-focus-notification.patch \ file://0005-disable-EGLWLMockNavigation-example-build.patch \ + file://0006-fix-plugin-registry-include.patch \ " SRC_URI_append_wandboard = " file://wandboard_fix_build.patch" SRCREV = "736fb654ac81230cf4f9e51a5772d3a02d7639bf" -- cgit 1.2.3-korg From 4bc95c3f87907f918eec3b83c475054a5bdef376 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 12:36:33 -0500 Subject: meta-agl-profile-graphical: update weston and weston-init Update weston and weston-init bbappends to handle weston 6.0.0 to 7.0.0 upgrade and other upstream changes: - weston 6.0.0 bbappend renamed for weston 7.0.0. - Wildcard weston_%.bbappend removed, as none of its changes are required with the latest upstream recipe. - Update weston patches for 7.0.0. Notable changes are that the patch to allow launching weston as a non-root user has been reworked for the switch to meson for weston builds, and the compositor backend patch for Waltham has been disabled until someone more familiar with the code can update it. - weston-init changes and udev rules updated to work with upstream support for running weston as non-root. The major rework is to simplify things such that all AGL configuration is done as an over-ride to the new upstream weston@.service file. The ability to specify which TTY to run weston on has been removed in favor of upstream's hard-coded tty7 as part of this change, to cut down on the amount of extra configuration required. Bug-AGL: SPEC-2932 Change-Id: I6f8b213bacb2de7526aa1a3c01b1482be78becef Signed-off-by: Scott Murray --- .../classes/agl-graphical.bbclass | 5 +-- .../recipes-graphics/wayland/weston-init.bbappend | 37 +++++++--------- .../wayland/weston-init/weston.conf.in | 17 +++----- .../wayland/weston-init/zz-dri.rules.in | 2 +- .../wayland/weston-init/zz-input.rules | 1 - .../wayland/weston-init/zz-input.rules.in | 1 + .../wayland/weston-init/zz-tty.rules.in | 2 +- ...llow-regular-users-to-launch-Weston_2.0.0.patch | 39 ----------------- ...llow-regular-users-to-launch-Weston_7.0.0.patch | 51 ++++++++++++++++++++++ ...shell-Fix-crash-due-no-transmitter-screen.patch | 2 +- .../recipes-graphics/wayland/weston_%.bbappend | 4 -- .../recipes-graphics/wayland/weston_6.0.0.bbappend | 10 ----- .../recipes-graphics/wayland/weston_7.0.0.bbappend | 14 ++++++ 13 files changed, 94 insertions(+), 91 deletions(-) delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-input.rules create mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-input.rules.in delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-Allow-regular-users-to-launch-Weston_2.0.0.patch create mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-Allow-regular-users-to-launch-Weston_7.0.0.patch delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston_%.bbappend delete mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston_6.0.0.bbappend create mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston_7.0.0.bbappend diff --git a/meta-agl-profile-graphical/classes/agl-graphical.bbclass b/meta-agl-profile-graphical/classes/agl-graphical.bbclass index e99a441b7..65106db18 100644 --- a/meta-agl-profile-graphical/classes/agl-graphical.bbclass +++ b/meta-agl-profile-graphical/classes/agl-graphical.bbclass @@ -1,7 +1,6 @@ -WESTONTTY ??= "1" WESTONUSER ??= "display" WESTONGROUP ??= "display" -WESTONARGS ?= "--idle-time=0 --tty=${WESTONTTY}" -WESTONLAUNCHARGS ??= "--tty /dev/tty${WESTONTTY} --user ${WESTONUSER}" +WESTONARGS ?= "--idle-time=0 --tty=7" +WESTONLAUNCHARGS ??= "--tty /dev/tty7 --user ${WESTONUSER}" DISPLAY_XDG_RUNTIME_DIR ??= "/run/platform/${WESTONUSER}" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init.bbappend b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init.bbappend index 247aeeee3..c71402fed 100644 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init.bbappend +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init.bbappend @@ -2,17 +2,14 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" inherit agl-graphical - WESTONSTART ??= "${@bb.utils.contains("DISTRO_FEATURES", "agl-compositor", "/usr/bin/agl-compositor", "/usr/bin/weston",d)} ${WESTONARGS}" WESTONSTART_append = " ${@bb.utils.contains("IMAGE_FEATURES", "debug-tweaks", " --log=${DISPLAY_XDG_RUNTIME_DIR}/weston.log", "",d)}" -DROPIN_NAME = "weston-init" - WIFILES = " \ file://weston.conf.in \ file://tmpfiles.conf.in \ file://zz-dri.rules.in \ - file://zz-input.rules \ + file://zz-input.rules.in \ file://zz-tty.rules.in \ " @@ -23,37 +20,34 @@ WIFILES_append_imx = " \ SRC_URI_append = " ${WIFILES}" do_install_append() { + # Remove upstream weston.ini to avoid conflict with weston-ini-conf package + rm -f ${D}${sysconfdir}/xdg/weston/weston.ini - # files - files=$(echo ${WIFILES} | sed s,file://,,g) + # Remove upstream weston udev rules just to be safe + rm -f ${D}${sysconfdir}/udev/rules.d/71-weston-drm.rules - # process ".in" files + # Process ".in" files + files=$(echo ${WIFILES} | sed s,file://,,g) for f in ${files}; do g=${f%.in} if [ "${f}" != "${g}" ]; then sed -e "s,@WESTONUSER@,${WESTONUSER},g" \ -e "s,@WESTONGROUP@,${WESTONGROUP},g" \ -e "s,@XDG_RUNTIME_DIR@,${DISPLAY_XDG_RUNTIME_DIR},g" \ - -e "s,@WESTONTTY@,${WESTONTTY},g" \ -e "s,@WESTONSTART@,${WESTONSTART},g" \ ${WORKDIR}/${f} > ${WORKDIR}/${g} fi done - # removes any unexpected entry from weston.service - for x in Group User ExecStart PAMName; do - sed -i "/^ *$x *=/d" ${D}${systemd_system_unitdir}/weston.service - done - - # install weston drop-in - install -d ${D}${systemd_system_unitdir}/weston.service.d - install -m644 ${WORKDIR}/weston.conf ${D}/${systemd_system_unitdir}/weston.service.d/${DROPIN_NAME}.conf + # Install weston drop-in + install -d ${D}${systemd_system_unitdir}/weston@.service.d + install -m644 ${WORKDIR}/weston.conf ${D}/${systemd_system_unitdir}/weston@.service.d/weston-init.conf - # install tmpfiles drop-in + # Install tmpfiles drop-in install -d ${D}${libdir}/tmpfiles.d - install -m644 ${WORKDIR}/tmpfiles.conf ${D}${libdir}/tmpfiles.d/${DROPIN_NAME}.conf + install -m644 ${WORKDIR}/tmpfiles.conf ${D}${libdir}/tmpfiles.d/weston-init.conf - # install udev rules + # Install udev rules install -d ${D}${sysconfdir}/udev/rules.d for f in ${files}; do g=${f%.in} @@ -65,8 +59,9 @@ do_install_append() { } FILES_${PN} += " \ - ${libdir}/tmpfiles.d/*.conf \ - ${systemd_system_unitdir}/weston.service.d/${DROPIN_NAME}.conf \ + ${libdir}/tmpfiles.d/ \ + ${systemd_system_unitdir}/weston@.service.d/ \ " +SYSTEMD_AUTO_ENABLE = "enable" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/weston.conf.in b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/weston.conf.in index 89c436695..211136cc9 100644 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/weston.conf.in +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/weston.conf.in @@ -1,17 +1,14 @@ -[Unit] -Conflicts=getty@tty@WESTONTTY@.service [Service] Type=notify -User=@WESTONUSER@ -Group=@WESTONGROUP@ Environment="XDG_RUNTIME_DIR=@XDG_RUNTIME_DIR@" Environment="XDG_RUNTIMESHARE_DIR=@XDG_RUNTIME_DIR@/share" ExecStartPre=/bin/mkdir -p @XDG_RUNTIME_DIR@/share ExecStartPre=+/usr/bin/chsmack -a User::App-Shared -t @XDG_RUNTIME_DIR@/share +# Note that clearing PAMName (thus not having PAMName=login) disables +# logind support for the session, which allows setting XDG_RUNTIME_DIR +# to something other than /run/user/% (as is done above). +# Without systemd-logind support, weston needs to be patched to allow +# its direct launcher to work for non-root users in this scenario. +PAMName= +ExecStart= ExecStart=@WESTONSTART@ -TTYPath=/dev/tty@WESTONTTY@ -StandardInput=tty -TTYReset=yes -TTYVHangup=yes -TTYVTDisallocate=yes -UtmpIdentifier=tty@WESTONTTY@ diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-dri.rules.in b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-dri.rules.in index 707d12e28..51c68c303 100644 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-dri.rules.in +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-dri.rules.in @@ -1 +1 @@ -SUBSYSTEM=="drm", MODE="0660", GROUP="@WESTONGROUP@", SECLABEL{smack}="*", TAG+="systemd", ENV{SYSTEMD_WANTS}="weston.service" +SUBSYSTEM=="drm", MODE="0660", GROUP="@WESTONGROUP@", SECLABEL{smack}="*", TAG+="systemd", ENV{SYSTEMD_WANTS}="weston@@WESTONUSER@.service" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-input.rules b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-input.rules deleted file mode 100644 index c0842135a..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-input.rules +++ /dev/null @@ -1 +0,0 @@ -SUBSYSTEM=="input", MODE="0660", GROUP="input", SECLABEL{smack}="*", TAG+="systemd", ENV{SYSTEMD_WANTS}="weston.service" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-input.rules.in b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-input.rules.in new file mode 100644 index 000000000..fb3e677f4 --- /dev/null +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-input.rules.in @@ -0,0 +1 @@ +SUBSYSTEM=="input", MODE="0660", GROUP="input", SECLABEL{smack}="*", TAG+="systemd", ENV{SYSTEMD_WANTS}="weston@@WESTONUSER@.service" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-tty.rules.in b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-tty.rules.in index bfdf55b81..e5ce4b553 100644 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-tty.rules.in +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-init/zz-tty.rules.in @@ -1 +1 @@ -SUBSYSTEM=="tty", KERNEL=="tty@WESTONTTY@", OWNER="@WESTONUSER@", SECLABEL{smack}="*", TAG+="systemd", ENV{SYSTEMD_WANTS}="weston.service" +SUBSYSTEM=="tty", KERNEL=="tty7", OWNER="@WESTONUSER@", SECLABEL{smack}="*", TAG+="systemd", ENV{SYSTEMD_WANTS}="weston@@WESTONUSER@.service" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-Allow-regular-users-to-launch-Weston_2.0.0.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-Allow-regular-users-to-launch-Weston_2.0.0.patch deleted file mode 100644 index 3a59ba0c8..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-Allow-regular-users-to-launch-Weston_2.0.0.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 6c145cea35f0b77613d6e3f48679c976b9839d7c Mon Sep 17 00:00:00 2001 -From: Ronan Le Martret -Date: Wed, 31 May 2017 22:48:18 +0000 -Subject: [PATCH] Allow regular users to launch Weston - -Signed-off-by: Ronan Le Martret - -diff --git a/configure.ac b/configure.ac -index 50f8e013..2043b9b0 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -156,6 +156,12 @@ PKG_CHECK_MODULES(XKBCOMMON_COMPOSE, [xkbcommon >= 0.5.0], - [AC_DEFINE(HAVE_XKBCOMMON_COMPOSE, 1, - [Define if xkbcommon is 0.5.0 or newer])],true) - -+AC_ARG_ENABLE(sys-uid, [ --enable-sys-uid],, -+ enable_sys_uid=no) -+if test x$enable_sys_uid = xyes; then -+ AC_DEFINE(ENABLE_SYS_UID, [1], [Allow regular users to launch Weston]) -+fi -+ - AC_ARG_ENABLE(setuid-install, [ --enable-setuid-install],, - enable_setuid_install=yes) - AM_CONDITIONAL(ENABLE_SETUID_INSTALL, test x$enable_setuid_install = xyes) -diff --git a/libweston/launcher-direct.c b/libweston/launcher-direct.c -index e0ce6d63..d0db9bb5 100644 ---- a/libweston/launcher-direct.c -+++ b/libweston/launcher-direct.c -@@ -283,8 +283,10 @@ launcher_direct_connect(struct weston_launcher **out, struct weston_compositor * - { - struct launcher_direct *launcher; - -+#ifndef ENABLE_SYS_UID - if (geteuid() != 0) - return -EINVAL; -+#endif - - launcher = zalloc(sizeof(*launcher)); - if (launcher == NULL) diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-Allow-regular-users-to-launch-Weston_7.0.0.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-Allow-regular-users-to-launch-Weston_7.0.0.patch new file mode 100644 index 000000000..362f6b064 --- /dev/null +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-Allow-regular-users-to-launch-Weston_7.0.0.patch @@ -0,0 +1,51 @@ +Allow regular users to launch Weston + +Signed-off-by: Ronan Le Martret +[Reworked for Weston 7.0.0 switch to meson] +Signed-off-by: Scott Murray + +diff --git a/libweston/launcher-direct.c b/libweston/launcher-direct.c +index 9fa329b6..8e218804 100644 +--- a/libweston/launcher-direct.c ++++ b/libweston/launcher-direct.c +@@ -291,8 +291,10 @@ launcher_direct_connect(struct weston_launcher **out, struct weston_compositor * + { + struct launcher_direct *launcher; + ++#ifndef ENABLE_USER_START + if (geteuid() != 0) + return -EINVAL; ++#endif + + launcher = zalloc(sizeof(*launcher)); + if (launcher == NULL) +diff --git a/libweston/meson.build b/libweston/meson.build +index d8d3fc07..0d39ebf1 100644 +--- a/libweston/meson.build ++++ b/libweston/meson.build +@@ -216,6 +216,10 @@ if get_option('weston-launch') + meson.add_install_script('echo', 'REMINDER: You are installing weston-launch, please make it setuid-root.') + endif + ++if get_option('enable-user-start') ++ config_h.set('ENABLE_USER_START', '1') ++endif ++ + subdir('renderer-gl') + subdir('backend-drm') + subdir('backend-fbdev') +diff --git a/meson_options.txt b/meson_options.txt +index d5bf1d54..c93f31d1 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -217,3 +217,10 @@ option( + value: false, + description: 'Generate documentation' + ) ++ ++option( ++ 'enable-user-start', ++ type: 'boolean', ++ value: true, ++ description: 'Tests: enable start as non-root user' ++) diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0002-ivi-shell-Fix-crash-due-no-transmitter-screen.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0002-ivi-shell-Fix-crash-due-no-transmitter-screen.patch index 51779cf45..05ce7de30 100644 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0002-ivi-shell-Fix-crash-due-no-transmitter-screen.patch +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0002-ivi-shell-Fix-crash-due-no-transmitter-screen.patch @@ -40,7 +40,7 @@ index 2c450f3..1fbfeeb 100644 #include "ivi-layout-private.h" #include "ivi-layout-shell.h" - -+#include "plugin-registry.h" ++#include #include "shared/helpers.h" #include "shared/os-compatibility.h" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston_%.bbappend b/meta-agl-profile-graphical/recipes-graphics/wayland/weston_%.bbappend deleted file mode 100644 index bcfe11b17..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston_%.bbappend +++ /dev/null @@ -1,4 +0,0 @@ -PACKAGECONFIG[notify] = "--enable-systemd-notify,--disable-systemd-notify,systemd" -PACKAGECONFIG_append = " notify" - -RRECOMMENDS_${PN}_remove = "weston-conf" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston_6.0.0.bbappend b/meta-agl-profile-graphical/recipes-graphics/wayland/weston_6.0.0.bbappend deleted file mode 100644 index 67442bd6b..000000000 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston_6.0.0.bbappend +++ /dev/null @@ -1,10 +0,0 @@ -FILESEXTRAPATHS_append := ":${THISDIR}/${PN}" - -SRC_URI_append = "\ - file://0001-Allow-regular-users-to-launch-Weston_2.0.0.patch \ - file://use-XDG_RUNTIMESHARE_DIR.patch \ - file://0002-ivi-shell-Fix-crash-due-no-transmitter-screen.patch \ - file://0003-compositor-drm-introduce-drm_get_dmafd_from_view.patch \ - file://0001-config-parser-Export-get_full_path-and-destroy.patch \ - " -EXTRA_OECONF_append = " --enable-sys-uid" diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston_7.0.0.bbappend b/meta-agl-profile-graphical/recipes-graphics/wayland/weston_7.0.0.bbappend new file mode 100644 index 000000000..c2e52798d --- /dev/null +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston_7.0.0.bbappend @@ -0,0 +1,14 @@ +FILESEXTRAPATHS_append := ":${THISDIR}/${PN}" + +# NOTE: +# file://0003-compositor-drm-introduce-drm_get_dmafd_from_view.patch +# has been removed until someone more familiar with weston internals +# and waltham can take a look and update it. +SRC_URI_append = "\ + file://0001-Allow-regular-users-to-launch-Weston_7.0.0.patch \ + file://use-XDG_RUNTIMESHARE_DIR.patch \ + file://0002-ivi-shell-Fix-crash-due-no-transmitter-screen.patch \ + file://0001-config-parser-Export-get_full_path-and-destroy.patch \ + " + +EXTRA_OEMESON_append = " -Denable-user-start=true" -- cgit 1.2.3-korg From 43a93c4a0184e24652638ff79feb1bc4ce415e86 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 13:23:27 -0500 Subject: meta-agl-profile-graphical: don't always build agl-compositor Make agl-compositor inclusion in packagegroup-agl-graphical-weston dependent upon the agl-compositor DISTRO_FEATURE, to avoid build failures due to weston 6.0.0 vs 7.0.0 issues in it. Those will need to be addressed separately from the main zeus upgrade process. Bug-AGL: SPEC-2932 Change-Id: Ibeae03d208eebaa87a210d4dbadd258db75fffae Signed-off-by: Scott Murray --- .../recipes-platform/packagegroups/packagegroup-agl-graphical-weston.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-agl-profile-graphical/recipes-platform/packagegroups/packagegroup-agl-graphical-weston.bb b/meta-agl-profile-graphical/recipes-platform/packagegroups/packagegroup-agl-graphical-weston.bb index a97b6ebe2..35db34df9 100644 --- a/meta-agl-profile-graphical/recipes-platform/packagegroups/packagegroup-agl-graphical-weston.bb +++ b/meta-agl-profile-graphical/recipes-platform/packagegroups/packagegroup-agl-graphical-weston.bb @@ -17,6 +17,6 @@ RDEPENDS_${PN} += " \ weston-ready \ agl-login-manager \ agl-desktop-config \ - agl-compositor \ + ${@bb.utils.contains("DISTRO_FEATURES", "agl-compositor", "agl-compositor", "",d)} \ " -- cgit 1.2.3-korg From 4a9fc7b9d3af5f91a5f67d89685d79b0777f811f Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 13:26:30 -0500 Subject: Update base local.conf.sample Update local.conf.sample to the zeus version. This is required to pick up default qemu configuration changes that are needed to get qemu SDL support enabled. Bug-AGL: SPEC-2932 Change-Id: I7a10ea42931dbb9c7e2c0dc4f2a15666d829f65d Signed-off-by: Scott Murray --- templates/base/local.conf.sample | 63 ++++++++++++++++++++++++++++++---------- 1 file changed, 47 insertions(+), 16 deletions(-) diff --git a/templates/base/local.conf.sample b/templates/base/local.conf.sample index 365b6eb20..2e0bb41e6 100644 --- a/templates/base/local.conf.sample +++ b/templates/base/local.conf.sample @@ -28,14 +28,14 @@ # There are also the following hardware board target machines included for # demonstration purposes: # -#MACHINE ?= "beaglebone" +#MACHINE ?= "beaglebone-yocto" #MACHINE ?= "genericx86" #MACHINE ?= "genericx86-64" #MACHINE ?= "mpc8315e-rdb" #MACHINE ?= "edgerouter" # -# This sets the default machine to be qemux86 if no other machine is selected: -MACHINE ??= "qemux86" +# This sets the default machine to be qemux86-64 if no other machine is selected: +MACHINE ??= "qemux86-64" # # Where to place downloads @@ -124,6 +124,8 @@ PACKAGE_CLASSES ?= "package_rpm" # variable can contain the following options: # "dbg-pkgs" - add -dbg packages for all installed packages # (adds symbol information for debugging/profiling) +# "src-pkgs" - add -src packages for all installed packages +# (adds source code for debugging) # "dev-pkgs" - add -dev packages for all installed packages # (useful if you want to develop against libs in the image) # "ptest-pkgs" - add -ptest packages for all ptest-enabled packages @@ -149,7 +151,6 @@ EXTRA_IMAGE_FEATURES ?= "debug-tweaks" # - 'buildstats' collect build statistics # - 'image-mklibs' to reduce shared library files size for an image # - 'image-prelink' in order to prelink the filesystem image -# - 'image-swab' to perform host system intrusion detection # NOTE: if listing mklibs & prelink both, then make sure mklibs is before prelink # NOTE: mklibs also needs to be explicitly enabled for a given image, see local.conf.extended USER_CLASSES ?= "buildstats image-mklibs image-prelink" @@ -158,10 +159,12 @@ USER_CLASSES ?= "buildstats image-mklibs image-prelink" # Runtime testing of images # # The build system can test booting virtual machine images under qemu (an emulator) -# after any root filesystems are created and run tests against those images. To -# enable this uncomment this line. See classes/testimage(-auto).bbclass for -# further details. -#TEST_IMAGE = "1" +# after any root filesystems are created and run tests against those images. It can also +# run tests against any SDK that are built. To enable this uncomment these lines. +# See classes/test{image,sdk}.bbclass for further details. +#IMAGE_CLASSES += "testimage testsdk" +#TESTIMAGE_AUTO_qemuall = "1" + # # Interactive shell configuration # @@ -191,7 +194,7 @@ PATCHRESOLVE = "noop" # files and damages the build in ways which may not be easily recoverable. # It's necesary to monitor /tmp, if there is no space left the build will fail # with very exotic errors. -BB_DISKMON_DIRS = "\ +BB_DISKMON_DIRS ??= "\ STOPTASKS,${TMPDIR},1G,100K \ STOPTASKS,${DL_DIR},1G,100K \ STOPTASKS,${SSTATE_DIR},1G,100K \ @@ -219,17 +222,45 @@ BB_DISKMON_DIRS = "\ #file://.* http://someserver.tld/share/sstate/PATH;downloadfilename=PATH \n \ #file://.* file:///some/local/dir/sstate/PATH" +# +# Yocto Project SState Mirror +# +# The Yocto Project has prebuilt artefacts available for its releases, you can enable +# use of these by uncommenting the following line. This will mean the build uses +# the network to check for artefacts at the start of builds, which does slow it down +# equally, it will also speed up the builds by not having to build things if they are +# present in the cache. It assumes you can download something faster than you can build it +# which will depend on your network. +# +#SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/2.5/PATH;downloadfilename=PATH" # # Qemu configuration # -# By default qemu will build with a builtin VNC server where graphical output can be -# seen. The two lines below enable the SDL backend too. By default libsdl-native will -# be built, if you want to use your host's libSDL instead of the minimal libsdl built -# by libsdl-native then uncomment the ASSUME_PROVIDED line below. -PACKAGECONFIG_append_pn-qemu-native = " sdl" -PACKAGECONFIG_append_pn-nativesdk-qemu = " sdl" -#ASSUME_PROVIDED += "libsdl-native" +# By default native qemu will build with a builtin VNC server where graphical output can be +# seen. The line below enables the SDL UI frontend too. +PACKAGECONFIG_append_pn-qemu-system-native = " sdl" +# By default libsdl2-native will be built, if you want to use your host's libSDL instead of +# the minimal libsdl built by libsdl2-native then uncomment the ASSUME_PROVIDED line below. +#ASSUME_PROVIDED += "libsdl2-native" + +# You can also enable the Gtk UI frontend, which takes somewhat longer to build, but adds +# a handy set of menus for controlling the emulator. +#PACKAGECONFIG_append_pn-qemu-system-native = " gtk+" + +# +# Hash Equivalence +# +# Enable support for automatically running a local hash equivalence server and +# instruct bitbake to use a hash equivalence aware signature generator. Hash +# equivalence improves reuse of sstate by detecting when a given sstate +# artifact can be reused as equivalent, even if the current task hash doesn't +# match the one that generated the artifact. +# +# A shared hash equivalent server can be set with ":" format +# +#BB_HASHSERVE = "auto" +#BB_SIGNATURE_HANDLER = "OEEquivHash" # CONF_VERSION is increased each time build/conf/ changes incompatibly and is used to # track the version of this file when it was generated. This can safely be ignored if -- cgit 1.2.3-korg From 6aeb440d5e1e5155c866e91c3ec0f978122e8862 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 13:28:41 -0500 Subject: meta-agl-profile-core: update neardal recipe Update neardal recipe to not use a github archive URL in its SRC_URI, as this now triggers a QA warning due to such URLs being unstable. Instead the git repository is used with the corresponding SRCREV for version 0.14. Bug-AGL: SPEC-2932 Change-Id: I56eaf984d573df5314ffb982c517aec66ae2f115 Signed-off-by: Scott Murray --- meta-agl-profile-core/recipes-connectivity/neardal/neardal_0.14.bb | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/meta-agl-profile-core/recipes-connectivity/neardal/neardal_0.14.bb b/meta-agl-profile-core/recipes-connectivity/neardal/neardal_0.14.bb index 8bec79e67..f8634c468 100644 --- a/meta-agl-profile-core/recipes-connectivity/neardal/neardal_0.14.bb +++ b/meta-agl-profile-core/recipes-connectivity/neardal/neardal_0.14.bb @@ -1,9 +1,10 @@ require neardal.inc -SRC_URI = "https://github.com/connectivity/neardal/archive/${PV}.tar.gz \ +SRC_URI = "git://github.com/connectivity/neardal.git;protocol=https \ file://ncl.patch \ file://0001-neardal-ncl-fix-segfault-on-help-page-being-displaye.patch \ file://0002-neardal-lib-fix-memory-corruption.patch \ " -SRC_URI[md5sum] = "3dbda58253ca30ee6a7a7573eaa68f40" -SRC_URI[sha256sum] = "157d320bd831d91a82203d9697d2d2a2cebdb515d6e1c4ce04fe8ef27d1da615" +SRCREV = "fe0fa79c94e9a0f1c2cfa1f58b3acc9bdc7d5e13" + +S = "${WORKDIR}/git" -- cgit 1.2.3-korg From b7fdcead5a738b986d74ba8c00be88fe7a44af74 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 13:31:58 -0500 Subject: meta-agl-profile-core: update most recipe Update SRCREV in MOST driver recipe to pick up: e4dbbaf sound.c: Remove snd_pcm_lib_mmap_vmalloc As well, the following changes have been made to the bbappend: - the kernel version detection logic has been removed - the patch to support kernels older than 4.13 has been removed - the patch that was handling the snd_pcm_lib_mmap_vmalloc issue on kernels >= 4.19 has been reworked to add the required #ifdefs to support kernels < 4.19 for e.g. the rcar3 4.14-ltsi kernel. Bug-AGL: SPEC-2932 Change-Id: I388d186d04ccc017ff10b2024ae35ed22f7a8e36 Signed-off-by: Scott Murray --- ...0001-most-aim-network-backport-Kernel-API.patch | 43 ---------------------- ...1-handle-snd_pcm_lib_mmap_vmalloc-removal.patch | 22 ++++++++--- meta-agl-profile-core/recipes-kernel/most/most.bb | 2 +- .../recipes-kernel/most/most.bbappend | 21 +---------- 4 files changed, 20 insertions(+), 68 deletions(-) delete mode 100644 meta-agl-profile-core/recipes-kernel/most/files/0001-most-aim-network-backport-Kernel-API.patch diff --git a/meta-agl-profile-core/recipes-kernel/most/files/0001-most-aim-network-backport-Kernel-API.patch b/meta-agl-profile-core/recipes-kernel/most/files/0001-most-aim-network-backport-Kernel-API.patch deleted file mode 100644 index d43b132f2..000000000 --- a/meta-agl-profile-core/recipes-kernel/most/files/0001-most-aim-network-backport-Kernel-API.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 383ffadd33f484ab4aaeb14fa109b61143d27d58 Mon Sep 17 00:00:00 2001 -From: Christian Gromm -Date: Thu, 7 Jun 2018 12:15:38 +0200 -Subject: [PATCH] most: aim-network: backport Kernel API - -This patch replaces the function calls skb_put_data with memcpy. It is -needed to have the module compiled for kernels prior to 4.13. - -Signed-off-by: Christian Gromm ---- - aim-network/networking.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/aim-network/networking.c b/aim-network/networking.c -index 936f013..4c259c2 100644 ---- a/aim-network/networking.c -+++ b/aim-network/networking.c -@@ -470,11 +470,11 @@ static int aim_rx_data(struct mbo *mbo) - ether_addr_copy(skb_put(skb, ETH_ALEN), dev->dev_addr); - - /* src */ -- skb_put_data(skb, &zero, 4); -- skb_put_data(skb, buf + 5, 2); -+ memcpy(skb_put(skb, 4), &zero, 4); -+ memcpy(skb_put(skb, 2), buf + 5, 2); - - /* eth type */ -- skb_put_data(skb, buf + 10, 2); -+ memcpy(skb_put(skb, 2), buf + 10, 2); - - buf += MDP_HDR_LEN; - len -= MDP_HDR_LEN; -@@ -483,7 +483,7 @@ static int aim_rx_data(struct mbo *mbo) - len -= MEP_HDR_LEN; - } - -- skb_put_data(skb, buf, len); -+ memcpy(skb_put(skb, len), buf, len); - skb->protocol = eth_type_trans(skb, dev); - skb_len = skb->len; - if (netif_rx(skb) == NET_RX_SUCCESS) { --- -2.11.0 diff --git a/meta-agl-profile-core/recipes-kernel/most/files/0011-handle-snd_pcm_lib_mmap_vmalloc-removal.patch b/meta-agl-profile-core/recipes-kernel/most/files/0011-handle-snd_pcm_lib_mmap_vmalloc-removal.patch index 8f83dbab4..d4383c4f6 100644 --- a/meta-agl-profile-core/recipes-kernel/most/files/0011-handle-snd_pcm_lib_mmap_vmalloc-removal.patch +++ b/meta-agl-profile-core/recipes-kernel/most/files/0011-handle-snd_pcm_lib_mmap_vmalloc-removal.patch @@ -1,18 +1,30 @@ Handle snd_pcm_lib_mmap_vmalloc removal in 4.19 -Upstream-Status: Pending +Add .mmap field back to pcm_ops for kernels older than 4.19. + +Upstream-Status: Inappropriate Signed-off-by: Scott Murray -diff --git a/driver/aim-sound/sound.c b/driver/aim-sound/sound.c -index 6a290ff..4b3329b 100644 +diff --git a/aim-sound/sound.c b/aim-sound/sound.c +index 4b3329b..c0a26be 100644 --- a/aim-sound/sound.c +++ b/aim-sound/sound.c -@@ -463,7 +463,6 @@ static const struct snd_pcm_ops pcm_ops = { +@@ -17,6 +17,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -463,6 +464,9 @@ static const struct snd_pcm_ops pcm_ops = { .trigger = pcm_trigger, .pointer = pcm_pointer, .page = snd_pcm_lib_get_vmalloc_page, -- .mmap = snd_pcm_lib_mmap_vmalloc, ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4,19,0) ++ .mmap = snd_pcm_lib_mmap_vmalloc, ++#endif }; static int split_arg_list(char *buf, char **card_name, u16 *ch_num, diff --git a/meta-agl-profile-core/recipes-kernel/most/most.bb b/meta-agl-profile-core/recipes-kernel/most/most.bb index 4ec7e3c26..48959a6ee 100644 --- a/meta-agl-profile-core/recipes-kernel/most/most.bb +++ b/meta-agl-profile-core/recipes-kernel/most/most.bb @@ -9,6 +9,6 @@ PV = "0.1" SRC_URI = "git://gerrit.automotivelinux.org/gerrit/src/most;protocol=https;branch=${AGL_BRANCH}" S = "${WORKDIR}/git/driver" -SRCREV = "dcc04c5efe2058a5796f45b7a99f1c53082dd2ca" +SRCREV = "e4dbbaf9e7652efaed0df3e0aab4464f5f228573" KERNEL_MODULE_AUTOLOAD += "aim_cdev aim_sound aim_network aim_v4l2 hdm_i2c hdm_dim2 hdm_usb mostcore" diff --git a/meta-agl-profile-core/recipes-kernel/most/most.bbappend b/meta-agl-profile-core/recipes-kernel/most/most.bbappend index 17ad05585..b96625229 100644 --- a/meta-agl-profile-core/recipes-kernel/most/most.bbappend +++ b/meta-agl-profile-core/recipes-kernel/most/most.bbappend @@ -1,21 +1,6 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/files:" -def prep_version (d) : - KV = d.getVar('KERNEL_VERSION', True) - if not KV : - return "4.12" - else: - return KV - -ORIG_KERN_VER = "${@prep_version(d)}" - -VANILLA_KERNEL_VERSION = "${@str(ORIG_KERN_VER.split("-")[0].split(".")[0]+ORIG_KERN_VER.split("-")[0].split(".")[1])}" - -APPLY = "${@str('no' if ${VANILLA_KERNEL_VERSION} > 412 else 'yes')}" -APPLY_419 = "${@str('no' if ${VANILLA_KERNEL_VERSION} < 419 else 'yes')}" - SRC_URI_append = " \ - file://0001-most-aim-network-backport-Kernel-API.patch;apply=${APPLY} \ file://0002-src-most-add-auto-conf-feature.patch \ file://0003-core-remove-kernel-log-for-MBO-status.patch \ file://0004-most-video-set-device_caps.patch \ @@ -25,7 +10,5 @@ SRC_URI_append = " \ file://0008-dim2-read-clock-speed-from-the-device-tree.patch \ file://0009-dim2-use-device-for-coherent-memory-allocation.patch \ file://0010-backport-usb-setup-timer.patch \ - file://0011-handle-snd_pcm_lib_mmap_vmalloc-removal.patch;apply=${APPLY_419} \ - " -# Make sure we can expose KERNEL_VERSION ... -do_patch[depends] += "virtual/kernel:do_populate_sysroot" + file://0011-handle-snd_pcm_lib_mmap_vmalloc-removal.patch \ +" -- cgit 1.2.3-korg From 3de6f6ed81169ca9913563d4b3d531953734545d Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 13:40:55 -0500 Subject: meta-agl-profile-graphical-qt5: enable qt5location services Add bbappend for qt5location to enable the various geoservices providers in its PACKAGECONFIG. They were previously enabled by default, so this is required to yield the same location services support that was present in pre-zeus builds. Bug-AGL: SPEC-2932 Change-Id: Ic797e5d665560f21557b153f95a5d554bca0dc2e Signed-off-by: Scott Murray --- .../recipes-qt/qt5/qtlocation_%.bbappend | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 meta-agl-profile-graphical-qt5/recipes-qt/qt5/qtlocation_%.bbappend diff --git a/meta-agl-profile-graphical-qt5/recipes-qt/qt5/qtlocation_%.bbappend b/meta-agl-profile-graphical-qt5/recipes-qt/qt5/qtlocation_%.bbappend new file mode 100644 index 000000000..115cea131 --- /dev/null +++ b/meta-agl-profile-graphical-qt5/recipes-qt/qt5/qtlocation_%.bbappend @@ -0,0 +1,8 @@ +# Need to explicitly enable the various plugins +PACKAGECONFIG += " \ + geoservices_osm \ + geoservices_here \ + geoservices_itemsoverlay \ + geoservices_mapbox \ + geoservices_mapboxgl \ +" -- cgit 1.2.3-korg From afbc3d65bcf82e1c127036434c23cd28aaec79a6 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 13:47:02 -0500 Subject: meta-agl-distro: prefer linux-yocto 4.19 LTS kernel Set PREFERRED_VERSION_linux-yocto in poky-agl.conf to prefer the 4.19 LTS linux-yocto kernel instead of 5.2.x. This only will affect platforms such as qemux86-64 that use linux-yocto. Bug-AGL: SPEC-2932 Change-Id: I64b90f48e6e32b6a4539c8dd3d2c4b33992d5199 Signed-off-by: Scott Murray --- meta-agl-distro/conf/distro/poky-agl.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-agl-distro/conf/distro/poky-agl.conf b/meta-agl-distro/conf/distro/poky-agl.conf index fb43da826..a382c84dc 100644 --- a/meta-agl-distro/conf/distro/poky-agl.conf +++ b/meta-agl-distro/conf/distro/poky-agl.conf @@ -94,6 +94,9 @@ DISTRO_FEATURES_APPEND = " " DISTRO_FEATURES_remove = "x11" DISTRO_FEATURES_BACKFILL_CONSIDERED = "sysvinit pulseaudio" +# Prefer linux-yocto 4.19 LTS version by default +PREFERRED_VERSION_linux-yocto = "4.19%" + # Prefer GStreamer 1.14.x by default PREFERRED_VERSION_gstreamer1.0 ?= "1.16.%" PREFERRED_VERSION_gstreamer1.0-plugins-bad ?= "1.16.%" -- cgit 1.2.3-korg From bf92856329c2daf31bbbd831032ca57ba594e294 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 14:00:45 -0500 Subject: meta-agl-distro: BBMASK problematic upstream meta-security bbappend Mask upstream meta-security bbappend that interferes with non-linux-yocto kernels due to the bug of having two wildcards, which bitbake does not support. The result is the bbappend applying to all linux-% recipes, breaking e.g. linux-raspberry compilation. Not having it is not an issue, since there is also explicit enabling of required security features done by meta-agl/meta-security. Bug-AGL: SPEC-2932 Change-Id: I60579cf539c0b134dda06af75f98a7960330b147 Signed-off-by: Scott Murray --- meta-agl-distro/conf/distro/poky-agl.conf | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/meta-agl-distro/conf/distro/poky-agl.conf b/meta-agl-distro/conf/distro/poky-agl.conf index a382c84dc..81d2122ed 100644 --- a/meta-agl-distro/conf/distro/poky-agl.conf +++ b/meta-agl-distro/conf/distro/poky-agl.conf @@ -178,3 +178,9 @@ PREFERRED_RPROVIDER_virtual/navigation ?= "ondemandnavi" # Set preferred provider for low-can device mapping configuration PREFERRED_RPROVIDER_virtual/low-can-dev-mapping ?= "dev-mapping" + +# Mask upstream meta-security bbappend that interferes with non-linux-yocto +# kernels due to the bug of having two wildcards, which bitbake does not +# support. Not having it is not an issue, since there is also explicit +# enabling of required security features done by meta-agl/meta-security. +BBMASK += "meta-security/recipes-kernel/linux/linux-%_5.%.bbappend" -- cgit 1.2.3-korg From 8db438e38e573ac00da14197a905d86b43afea9b Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 14:10:56 -0500 Subject: meta-agl-distro: Add inc file for next branch over-rides Add poky-agl-next.inc file to hold temporary next branch over-rides, and include it in poky-agl.conf. For now it just over-rides the AGL_BRANCH value for agl-service-gps to use the next branch. This can be removed once the next branches containing zeus support are merged into master. Bug-AGL: SPEC-2932 Change-Id: Id73597c6f35010e4e5f9b54ac09728c7783b9e2f Signed-off-by: Scott Murray --- meta-agl-distro/conf/distro/poky-agl-next.inc | 1 + meta-agl-distro/conf/distro/poky-agl.conf | 3 +++ 2 files changed, 4 insertions(+) create mode 100644 meta-agl-distro/conf/distro/poky-agl-next.inc diff --git a/meta-agl-distro/conf/distro/poky-agl-next.inc b/meta-agl-distro/conf/distro/poky-agl-next.inc new file mode 100644 index 000000000..c5798aa55 --- /dev/null +++ b/meta-agl-distro/conf/distro/poky-agl-next.inc @@ -0,0 +1 @@ +AGL_BRANCH_pn-agl-service-gps = "next" diff --git a/meta-agl-distro/conf/distro/poky-agl.conf b/meta-agl-distro/conf/distro/poky-agl.conf index 81d2122ed..8ea3ea23b 100644 --- a/meta-agl-distro/conf/distro/poky-agl.conf +++ b/meta-agl-distro/conf/distro/poky-agl.conf @@ -184,3 +184,6 @@ PREFERRED_RPROVIDER_virtual/low-can-dev-mapping ?= "dev-mapping" # support. Not having it is not an issue, since there is also explicit # enabling of required security features done by meta-agl/meta-security. BBMASK += "meta-security/recipes-kernel/linux/linux-%_5.%.bbappend" + +# Temporarily pull in some next branch specific over-rides +include poky-agl-next.inc -- cgit 1.2.3-korg From 4c67a503983f0547a8bcd253122367bec6b20982 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 14:29:49 -0500 Subject: meta-agl-bsp: handle ptest-runner upgrade Rename ptest-runner to handle upgrade from 2.2 to 2.3.2, and update local LAVA support patch. Bug-AGL: SPEC-2932 Change-Id: Ia9edf303de689c42bad80a04522117c27e0977c2 Signed-off-by: Scott Murray --- .../0007-WIP-Initial-LAVA-support.patch | 56 ++++++++++------------ .../ptest-runner/ptest-runner_2.%.bbappend | 4 ++ .../ptest-runner/ptest-runner_2.2.bbappend | 4 -- 3 files changed, 30 insertions(+), 34 deletions(-) create mode 100644 meta-agl-bsp/recipes-support/ptest-runner/ptest-runner_2.%.bbappend delete mode 100644 meta-agl-bsp/recipes-support/ptest-runner/ptest-runner_2.2.bbappend diff --git a/meta-agl-bsp/recipes-support/ptest-runner/ptest-runner/0007-WIP-Initial-LAVA-support.patch b/meta-agl-bsp/recipes-support/ptest-runner/ptest-runner/0007-WIP-Initial-LAVA-support.patch index 28c9c09bf..6232c4fa4 100644 --- a/meta-agl-bsp/recipes-support/ptest-runner/ptest-runner/0007-WIP-Initial-LAVA-support.patch +++ b/meta-agl-bsp/recipes-support/ptest-runner/ptest-runner/0007-WIP-Initial-LAVA-support.patch @@ -18,17 +18,12 @@ emitted to stdout: It is valid to have a measurement without units, but not units without a measurement. Signed-off-by: Tim Orling +[updated for ptest-runner 2.3.2] +Signed-off-by: Scott Murray --- - flags.h | 10 ++++++++++ - main.c | 9 ++++++++- - utils.c | 15 +++++++++++++++ - utils.h | 2 +- - 4 files changed, 34 insertions(+), 2 deletions(-) - create mode 100644 flags.h - diff --git a/flags.h b/flags.h new file mode 100644 -index 000000000000..0dac2234e0b4 +index 0000000..0dac223 --- /dev/null +++ b/flags.h @@ -0,0 +1,10 @@ @@ -43,18 +38,18 @@ index 000000000000..0dac2234e0b4 + +#endif /* __FLAGS_H__ */ diff --git a/main.c b/main.c -index 83600b7d1b31..92ced6926c3d 100644 +index 01d60f7..165370f 100644 --- a/main.c +++ b/main.c -@@ -36,6 +36,7 @@ +@@ -38,6 +38,7 @@ #endif #include "utils.h" +#include "flags.h" + #ifndef DEFAULT_DIRECTORY #define DEFAULT_DIRECTORY "/usr/lib" - #define DEFAULT_TIMEOUT 300 -@@ -70,8 +71,9 @@ main(int argc, char *argv[]) +@@ -74,8 +75,9 @@ main(int argc, char *argv[]) opts.timeout = DEFAULT_TIMEOUT; opts.ptests = NULL; opts.xml_filename = NULL; @@ -65,7 +60,7 @@ index 83600b7d1b31..92ced6926c3d 100644 switch (opt) { case 'd': free(opts.directory); -@@ -118,6 +120,11 @@ main(int argc, char *argv[]) +@@ -122,6 +124,11 @@ main(int argc, char *argv[]) opts.xml_filename = strdup(optarg); CHECK_ALLOCATION(opts.xml_filename, 1, 1); break; @@ -78,10 +73,10 @@ index 83600b7d1b31..92ced6926c3d 100644 print_usage(stdout, argv[0]); exit(1); diff --git a/utils.c b/utils.c -index ed2eff7900c1..0fd1da6aec92 100644 +index a8ba190..19f9efa 100644 --- a/utils.c +++ b/utils.c -@@ -39,6 +39,7 @@ +@@ -47,6 +47,7 @@ #include "ptest_list.h" #include "utils.h" @@ -89,30 +84,34 @@ index ed2eff7900c1..0fd1da6aec92 100644 #define GET_STIME_BUF_SIZE 1024 #define WAIT_CHILD_POLL_TIMEOUT_MS 200 -@@ -358,6 +359,7 @@ run_ptests(struct ptest_list *head, const struct ptest_options opts, +@@ -439,6 +440,7 @@ run_ptests(struct ptest_list *head, const struct ptest_options opts, fprintf(fp, "START: %s\n", progname); - PTEST_LIST_ITERATE_START(head, p); + PTEST_LIST_ITERATE_START(head, p) char *ptest_dir = strdup(p->run_ptest); + char *ptest = strdup(p->ptest); if (ptest_dir == NULL) { rc = -1; break; -@@ -376,6 +378,11 @@ run_ptests(struct ptest_list *head, const struct ptest_options opts, +@@ -480,11 +482,15 @@ run_ptests(struct ptest_list *head, const struct ptest_options opts, + int status; int fds[2]; fds[0] = pipefd_stdout[0]; fds[1] = pipefd_stderr[0]; FILE *fps[2]; fps[0] = fp; fps[1] = fp_stderr; - + char result[5]; // pass\0, fail\0, skip\0 -+ + + if (setpgid(child, pgid) == -1) { + fprintf(fp, "ERROR: setpgid() failed, %s\n", strerror(errno)); + } + + if (opts.flags & LAVA_SIGNAL_ENABLE) { + fprintf(stdout, "\n", ptest); + } - fprintf(fp, "%s\n", get_stime(stime, GET_STIME_BUF_SIZE)); + sttime = time(NULL); + fprintf(fp, "%s\n", get_stime(stime, GET_STIME_BUF_SIZE, sttime)); fprintf(fp, "BEGIN: %s\n", ptest_dir); - -@@ -389,6 +396,14 @@ run_ptests(struct ptest_list *head, const struct ptest_options opts, +@@ -506,6 +512,14 @@ run_ptests(struct ptest_list *head, const struct ptest_options opts, fprintf(fp, "END: %s\n", ptest_dir); - fprintf(fp, "%s\n", get_stime(stime, GET_STIME_BUF_SIZE)); + fprintf(fp, "%s\n", get_stime(stime, GET_STIME_BUF_SIZE, entime)); + if (opts.flags & LAVA_SIGNAL_ENABLE) { + if (status) + sprintf(result, "fail"); @@ -122,13 +121,13 @@ index ed2eff7900c1..0fd1da6aec92 100644 + fprintf(stdout, "\n", ptest, result); + } } - PTEST_LIST_ITERATE_END; + PTEST_LIST_ITERATE_END fprintf(fp, "STOP: %s\n", progname); diff --git a/utils.h b/utils.h -index ee85163ddfff..06d4c100d151 100644 +index aa53707..df11e24 100644 --- a/utils.h +++ b/utils.h -@@ -37,9 +37,9 @@ struct ptest_options { +@@ -39,9 +39,9 @@ struct ptest_options { int timeout; char **ptests; char *xml_filename; @@ -139,6 +138,3 @@ index ee85163ddfff..06d4c100d151 100644 extern void check_allocation1(void *, size_t, char *, int, int); extern struct ptest_list *get_available_ptests(const char *); extern int print_ptests(struct ptest_list *, FILE *); --- -2.11.0 - diff --git a/meta-agl-bsp/recipes-support/ptest-runner/ptest-runner_2.%.bbappend b/meta-agl-bsp/recipes-support/ptest-runner/ptest-runner_2.%.bbappend new file mode 100644 index 000000000..7a1d2a8f8 --- /dev/null +++ b/meta-agl-bsp/recipes-support/ptest-runner/ptest-runner_2.%.bbappend @@ -0,0 +1,4 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" + +SRC_URI += "file://0007-WIP-Initial-LAVA-support.patch" + diff --git a/meta-agl-bsp/recipes-support/ptest-runner/ptest-runner_2.2.bbappend b/meta-agl-bsp/recipes-support/ptest-runner/ptest-runner_2.2.bbappend deleted file mode 100644 index 7a1d2a8f8..000000000 --- a/meta-agl-bsp/recipes-support/ptest-runner/ptest-runner_2.2.bbappend +++ /dev/null @@ -1,4 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - -SRC_URI += "file://0007-WIP-Initial-LAVA-support.patch" - -- cgit 1.2.3-korg From 377512d344dbdfea93060ee5c00f923c69c884b2 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 14:32:18 -0500 Subject: meta-security: disable dbus-cynara patches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Rename meta-security dbus bbappend for new 1.2.16 version, and disable the Cynara support patches until they can be updated by José Bollo. Bug-AGL: SPEC-2932 Change-Id: Ia2211ad8147381898e47392fe857278189b670d3 Signed-off-by: Scott Murray --- .../recipes-core/dbus-cynara/dbus_1.12.10.bbappend | 15 --------------- .../recipes-core/dbus-cynara/dbus_1.12.16.bbappend | 17 +++++++++++++++++ 2 files changed, 17 insertions(+), 15 deletions(-) delete mode 100644 meta-security/recipes-core/dbus-cynara/dbus_1.12.10.bbappend create mode 100644 meta-security/recipes-core/dbus-cynara/dbus_1.12.16.bbappend diff --git a/meta-security/recipes-core/dbus-cynara/dbus_1.12.10.bbappend b/meta-security/recipes-core/dbus-cynara/dbus_1.12.10.bbappend deleted file mode 100644 index 5cbf65ef6..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus_1.12.10.bbappend +++ /dev/null @@ -1,15 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/dbus-cynara:" - -SRC_URI_append_class-target = "\ - file://0001-Integration-of-Cynara-asynchronous-security-checks.patch \ - file://0002-Disable-message-dispatching-when-send-rule-result-is.patch \ - file://0003-Handle-unavailability-of-policy-results-for-broadcas.patch \ - file://0004-Add-own-rule-result-unavailability-handling.patch \ - file://0005-Perform-Cynara-runtime-policy-checks-by-default.patch \ - file://0006-Fix-gcc-8-warnings.patch \ - file://0007-Fix-SIGSEGV-on-disconnections.patch \ -" - -DEPENDS_append_class-target = " cynara smack" -EXTRA_OECONF_append_class-target = " ${@bb.utils.contains('DISTRO_FEATURES','smack','--enable-cynara --disable-selinux','',d)}" - diff --git a/meta-security/recipes-core/dbus-cynara/dbus_1.12.16.bbappend b/meta-security/recipes-core/dbus-cynara/dbus_1.12.16.bbappend new file mode 100644 index 000000000..ce2bd0822 --- /dev/null +++ b/meta-security/recipes-core/dbus-cynara/dbus_1.12.16.bbappend @@ -0,0 +1,17 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/dbus-cynara:" + +#SRC_URI_append_class-target = "\ +# file://0001-Integration-of-Cynara-asynchronous-security-checks.patch \ +# file://0002-Disable-message-dispatching-when-send-rule-result-is.patch \ +# file://0003-Handle-unavailability-of-policy-results-for-broadcas.patch \ +# file://0004-Add-own-rule-result-unavailability-handling.patch \ +# file://0005-Perform-Cynara-runtime-policy-checks-by-default.patch \ +# file://0006-Fix-gcc-8-warnings.patch \ +# file://0007-Fix-SIGSEGV-on-disconnections.patch \ +#" +SRC_URI_append_class-target = "\ +" + +#DEPENDS_append_class-target = " cynara smack" +#EXTRA_OECONF_append_class-target = " ${@bb.utils.contains('DISTRO_FEATURES','smack','--enable-cynara --disable-selinux','',d)}" + -- cgit 1.2.3-korg From a832d1446c416cbc2679ba33404bd9a32540c597 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 14:40:12 -0500 Subject: meta-agl-profile-core: add patch for systemd-udevd SECLABEL crash Add a patch to fix a systemd-udevd crash when parsing SECLABEL tokens in udev rules. The issue was introduced by a rewrite of the rules parser in systemd v243. The patch will be upstreamed to hopefully go into one of the v243.x systemd-stable releases. Bug-AGL: SPEC-2932 Change-Id: I9a8c3cf3c386290b8ede6b5fd7319c590322bc16 Signed-off-by: Scott Murray --- .../systemd/0001-fix-udevd-seclabel-parsing.patch | 34 ++++++++++++++++++++++ .../recipes-core/systemd/systemd_%.bbappend | 1 + 2 files changed, 35 insertions(+) create mode 100644 meta-agl-profile-core/recipes-core/systemd/systemd/0001-fix-udevd-seclabel-parsing.patch diff --git a/meta-agl-profile-core/recipes-core/systemd/systemd/0001-fix-udevd-seclabel-parsing.patch b/meta-agl-profile-core/recipes-core/systemd/systemd/0001-fix-udevd-seclabel-parsing.patch new file mode 100644 index 000000000..29165b58e --- /dev/null +++ b/meta-agl-profile-core/recipes-core/systemd/systemd/0001-fix-udevd-seclabel-parsing.patch @@ -0,0 +1,34 @@ +Fix udevd SECLABEL token parsing + +The udevd rules parsing rewrite in v243 broke SECLABEL parsing, +with the result being that udevd crashes when it parses a line +containing a SECLABEL token. Fix the handling of the attribute +of SECLABEL tokens when parsing, and add a check to prevent +crashes if the attribute is missing. + +Upstream-Status: Pending + +Signed-off-by: Scott Murray + +diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c +index efea16e5c5..3e757ccb06 100644 +--- a/src/udev/udev-rules.c ++++ b/src/udev/udev-rules.c +@@ -918,7 +918,7 @@ static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOp + op = OP_ASSIGN; + } + +- r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, NULL); ++ r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr); + } else if (streq(key, "RUN")) { + if (is_match || op == OP_REMOVE) + return log_token_invalid_op(rules, key); +@@ -1927,6 +1927,8 @@ static int udev_rule_apply_token_to_event( + _cleanup_free_ char *name = NULL, *label = NULL; + char label_str[UTIL_LINE_SIZE] = {}; + ++ if (!token->data) ++ break; + name = strdup((const char*) token->data); + if (!name) + return log_oom(); diff --git a/meta-agl-profile-core/recipes-core/systemd/systemd_%.bbappend b/meta-agl-profile-core/recipes-core/systemd/systemd_%.bbappend index 2d1427366..d77bf7bf1 100644 --- a/meta-agl-profile-core/recipes-core/systemd/systemd_%.bbappend +++ b/meta-agl-profile-core/recipes-core/systemd/systemd_%.bbappend @@ -1,6 +1,7 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" SRC_URI += "\ + file://0001-fix-udevd-seclabel-parsing.patch \ file://e2fsck.conf \ file://canbus-can.network \ ${@bb.utils.contains('VIRTUAL-RUNTIME_net_manager','systemd','file://wired.network','',d)} \ -- cgit 1.2.3-korg From be42744dcbed2026df7807fd051bbb02d41d3c4a Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 27 Jan 2020 14:47:27 -0500 Subject: meta-agl-bsp: meta-raspberrypi: handle zeus upgrade Remove backported u-boot, mesa, userland, and linux-raspberrypi recipes, tweaking local bbappends as required. Note that the linux-raspberrypi bump to 4.19.80 for rpi4 dual screen support is now handled via bbappend. Bug-AGL: SPEC-2932 Change-Id: I019633e86a921b9444bc718ac0557b04f25b27f4 Signed-off-by: Scott Murray --- ...onfigs-rpi4-Add-defconfigs-for-rpi4-32-64.patch | 104 ---- .../0002-ARM-bcm283x-Add-BCM283x_BASE-define.patch | 105 ---- ...-bcm283x-Define-configs-for-RaspberryPi-4.patch | 108 ---- ...-rpi-Add-entry-for-Raspberry-Pi-4-model-B.patch | 33 -- ...-Include-definition-for-additional-emmc-c.patch | 30 - ...2835_sdhci-Add-support-for-bcm2711-device.patch | 53 -- .../0007-rpi-Add-memory-map-for-bcm2838.patch | 62 -- .../recipes-bsp/u-boot/u-boot-common.inc | 15 - .../recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb | 34 -- .../u-boot/u-boot-fw-utils_2019.07.bbappend | 2 - .../recipes-bsp/u-boot/u-boot-rpi4-2019.07.inc | 12 - .../recipes-bsp/u-boot/u-boot-tools_2019.07.bb | 67 --- .../meta-raspberrypi/recipes-bsp/u-boot/u-boot.inc | 333 ----------- .../recipes-bsp/u-boot/u-boot_2019.07.bb | 4 - .../recipes-bsp/u-boot/u-boot_2019.07.bbappend | 3 - ...-check-for-all-linux-host_os-combinations.patch | 42 -- ...2-meson.build-make-TLS-GLX-optional-again.patch | 52 -- ...0003-Allow-enable-DRI-without-DRI-drivers.patch | 46 -- .../recipes-graphics/mesa/libglu_9.0.1.bb | 30 - .../0001-mesa-demos-Add-missing-data-files.patch | 624 --------------------- ...llow-to-disable-demos-which-require-GLEW-.patch | 377 ------------- ...4-Use-DEMOS_DATA_DIR-to-locate-data-files.patch | 234 -------- .../0007-Install-few-more-test-programs.patch | 43 -- ...dd-few-missing-.glsl-.vert-.frag-files-to.patch | 99 ---- ...glsl-perf-Install-.glsl-.vert-.frag-files.patch | 71 --- ...OpenVG-demos-with-single-frame-need-eglSw.patch | 44 -- .../0013-only-build-GLX-demos-if-needed.patch | 62 -- .../recipes-graphics/mesa/mesa-demos_8.4.0.bb | 59 -- .../recipes-graphics/mesa/mesa-gl_19.1.6.bb | 10 - .../recipes-graphics/mesa/mesa.inc | 267 --------- .../recipes-graphics/mesa/mesa_%.bbappend | 2 - .../recipes-graphics/mesa/mesa_19.1.6.bb | 20 - .../recipes-graphics/userland/userland_%.bbappend | 4 - ...55-sdio.txt-Follow-raspbian-change-for-bo.patch | 39 -- .../linux-firmware-rpidistro_%.bbappend | 10 - .../recipes-kernel/linux/files/rpi-kernel-misc.cfg | 1 - .../linux/linux-raspberrypi/disable_kprobes.cfg | 1 - .../recipes-kernel/linux/linux-raspberrypi4.inc | 140 ----- .../linux/linux-raspberrypi_%.bbappend | 3 - .../linux/linux-raspberrypi_4.14%.bbappend | 1 - .../recipes-kernel/linux/linux-raspberrypi_4.19.bb | 16 - .../linux/linux-raspberrypi_4.19.bbappend | 7 + 42 files changed, 7 insertions(+), 3262 deletions(-) delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0001-configs-rpi4-Add-defconfigs-for-rpi4-32-64.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0002-ARM-bcm283x-Add-BCM283x_BASE-define.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0003-arm-mach-bcm283x-Define-configs-for-RaspberryPi-4.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0004-rpi-Add-entry-for-Raspberry-Pi-4-model-B.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0005-arm-bcm283x-Include-definition-for-additional-emmc-c.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0006-mmc-bcm2835_sdhci-Add-support-for-bcm2711-device.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0007-rpi-Add-memory-map-for-bcm2838.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-common.inc delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bbappend delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-rpi4-2019.07.inc delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-tools_2019.07.bb delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot.inc delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot_2019.07.bb delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0001-meson.build-check-for-all-linux-host_os-combinations.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0002-meson.build-make-TLS-GLX-optional-again.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0003-Allow-enable-DRI-without-DRI-drivers.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/libglu_9.0.1.bb delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0001-mesa-demos-Add-missing-data-files.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0003-configure-Allow-to-disable-demos-which-require-GLEW-.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0004-Use-DEMOS_DATA_DIR-to-locate-data-files.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0007-Install-few-more-test-programs.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0008-glsl-perf-Add-few-missing-.glsl-.vert-.frag-files-to.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0009-glsl-perf-Install-.glsl-.vert-.frag-files.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0012-mesa-demos-OpenVG-demos-with-single-frame-need-eglSw.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0013-only-build-GLX-demos-if-needed.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos_8.4.0.bb delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-gl_19.1.6.bb delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa.inc delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa_%.bbappend delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa_19.1.6.bb delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-graphics/userland/userland_%.bbappend delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro/0001-brcmfmac43455-sdio.txt-Follow-raspbian-change-for-bo.patch delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro_%.bbappend delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/files/rpi-kernel-misc.cfg delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi/disable_kprobes.cfg delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi4.inc delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.14%.bbappend delete mode 100644 meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.19.bb diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0001-configs-rpi4-Add-defconfigs-for-rpi4-32-64.patch b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0001-configs-rpi4-Add-defconfigs-for-rpi4-32-64.patch deleted file mode 100644 index 391b26a1c..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0001-configs-rpi4-Add-defconfigs-for-rpi4-32-64.patch +++ /dev/null @@ -1,104 +0,0 @@ -From 5bf85d04b440ce874310e701abded823dc1864bc Mon Sep 17 00:00:00 2001 -From: Andrei Gherzan -Date: Wed, 17 Jul 2019 15:32:11 +0100 -Subject: [PATCH 1/7] configs: rpi4: Add defconfigs for rpi4 (32/64) - -This defines a minimum defconfig for each of the two Raspberry Pi 4 -variants. One notable difference is that we don't have a embedded dt for -this board given that the fw supplies us with one which we can reuse. -Furthermore, the ram size is not queryable through mbox interface as the -maximum reported size is 1G. The fw patches the dt with the right -memory configuration and uboot uses it as it is. We avoid u-boot -touching this configuration by making sure CONFIG_ARCH_FIXUP_FDT_MEMORY -is deactivated. - -Signed-off-by: Andrei Gherzan -Upstream-status: Pending ---- - configs/rpi_4_32b_defconfig | 33 +++++++++++++++++++++++++++++++++ - configs/rpi_4_defconfig | 33 +++++++++++++++++++++++++++++++++ - 2 files changed, 66 insertions(+) - create mode 100644 configs/rpi_4_32b_defconfig - create mode 100644 configs/rpi_4_defconfig - -diff --git a/configs/rpi_4_32b_defconfig b/configs/rpi_4_32b_defconfig -new file mode 100644 -index 0000000000..a31a617a5f ---- /dev/null -+++ b/configs/rpi_4_32b_defconfig -@@ -0,0 +1,33 @@ -+CONFIG_ARM=y -+CONFIG_ARCH_BCM283X=y -+CONFIG_SYS_TEXT_BASE=0x00008000 -+CONFIG_TARGET_RPI_4_32B=y -+CONFIG_SYS_MALLOC_F_LEN=0x2000 -+CONFIG_DISTRO_DEFAULTS=y -+CONFIG_NR_DRAM_BANKS=1 -+# CONFIG_ARCH_FIXUP_FDT_MEMORY is not set -+CONFIG_OF_BOARD=y -+CONFIG_OF_BOARD_SETUP=y -+CONFIG_MISC_INIT_R=y -+# CONFIG_DISPLAY_CPUINFO is not set -+# CONFIG_DISPLAY_BOARDINFO is not set -+CONFIG_SYS_PROMPT="U-Boot> " -+# CONFIG_CMD_FLASH is not set -+CONFIG_CMD_GPIO=y -+CONFIG_CMD_MMC=y -+CONFIG_CMD_FS_UUID=y -+CONFIG_ENV_FAT_INTERFACE="mmc" -+CONFIG_ENV_FAT_DEVICE_AND_PART="0:1" -+CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y -+CONFIG_DM_KEYBOARD=y -+CONFIG_DM_MMC=y -+CONFIG_MMC_SDHCI=y -+CONFIG_MMC_SDHCI_BCM2835=y -+CONFIG_PINCTRL=y -+# CONFIG_PINCTRL_GENERIC is not set -+# CONFIG_REQUIRE_SERIAL_CONSOLE is not set -+CONFIG_DM_VIDEO=y -+CONFIG_SYS_WHITE_ON_BLACK=y -+CONFIG_CONSOLE_SCROLL_LINES=10 -+CONFIG_PHYS_TO_BUS=y -+CONFIG_OF_LIBFDT_OVERLAY=y -diff --git a/configs/rpi_4_defconfig b/configs/rpi_4_defconfig -new file mode 100644 -index 0000000000..da8c960a2a ---- /dev/null -+++ b/configs/rpi_4_defconfig -@@ -0,0 +1,33 @@ -+CONFIG_ARM=y -+CONFIG_ARCH_BCM283X=y -+CONFIG_SYS_TEXT_BASE=0x00080000 -+CONFIG_TARGET_RPI_4=y -+CONFIG_SYS_MALLOC_F_LEN=0x2000 -+CONFIG_DISTRO_DEFAULTS=y -+CONFIG_NR_DRAM_BANKS=1 -+# CONFIG_ARCH_FIXUP_FDT_MEMORY is not set -+CONFIG_OF_BOARD=y -+CONFIG_OF_BOARD_SETUP=y -+CONFIG_MISC_INIT_R=y -+# CONFIG_DISPLAY_CPUINFO is not set -+# CONFIG_DISPLAY_BOARDINFO is not set -+CONFIG_SYS_PROMPT="U-Boot> " -+# CONFIG_CMD_FLASH is not set -+CONFIG_CMD_GPIO=y -+CONFIG_CMD_MMC=y -+CONFIG_CMD_FS_UUID=y -+CONFIG_ENV_FAT_INTERFACE="mmc" -+CONFIG_ENV_FAT_DEVICE_AND_PART="0:1" -+CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y -+CONFIG_DM_KEYBOARD=y -+CONFIG_DM_MMC=y -+CONFIG_MMC_SDHCI=y -+CONFIG_MMC_SDHCI_BCM2835=y -+CONFIG_PINCTRL=y -+# CONFIG_PINCTRL_GENERIC is not set -+# CONFIG_REQUIRE_SERIAL_CONSOLE is not set -+CONFIG_DM_VIDEO=y -+CONFIG_SYS_WHITE_ON_BLACK=y -+CONFIG_CONSOLE_SCROLL_LINES=10 -+CONFIG_PHYS_TO_BUS=y -+CONFIG_OF_LIBFDT_OVERLAY=y --- -2.22.0 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0002-ARM-bcm283x-Add-BCM283x_BASE-define.patch b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0002-ARM-bcm283x-Add-BCM283x_BASE-define.patch deleted file mode 100644 index fcf91a6a7..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0002-ARM-bcm283x-Add-BCM283x_BASE-define.patch +++ /dev/null @@ -1,105 +0,0 @@ -From df2aa4c6be33b468adc09de337a055556d1f37fb Mon Sep 17 00:00:00 2001 -From: Matthias Brugger -Date: Fri, 12 Jul 2019 18:20:53 +0200 -Subject: [PATCH 2/7] ARM: bcm283x: Add BCM283x_BASE define - -Devices of bcm283x have different base address, depending if they are on -bcm2835 or bcm2836/7. Use BCM283x_BASE depending on the SoC you want to -build and only add the offset in the header files. - -Signed-off-by: Matthias Brugger -Signed-off-by: Andrei Gherzan -Upstream-status: Pending ---- - arch/arm/mach-bcm283x/Kconfig | 5 +++++ - arch/arm/mach-bcm283x/include/mach/mbox.h | 6 +----- - arch/arm/mach-bcm283x/include/mach/sdhci.h | 6 +----- - arch/arm/mach-bcm283x/include/mach/timer.h | 6 +----- - arch/arm/mach-bcm283x/include/mach/wdog.h | 6 +----- - 5 files changed, 9 insertions(+), 20 deletions(-) - -diff --git a/arch/arm/mach-bcm283x/Kconfig b/arch/arm/mach-bcm283x/Kconfig -index 3eb5a9a897..8e69914a83 100644 ---- a/arch/arm/mach-bcm283x/Kconfig -+++ b/arch/arm/mach-bcm283x/Kconfig -@@ -141,4 +141,9 @@ config SYS_SOC - config SYS_CONFIG_NAME - default "rpi" - -+config BCM283x_BASE -+ hex -+ default "0x20000000" if BCM2835 -+ default "0x3f000000" if BCM2836 || BCM2837 -+ - endmenu -diff --git a/arch/arm/mach-bcm283x/include/mach/mbox.h b/arch/arm/mach-bcm283x/include/mach/mbox.h -index e3a893e49c..e44c7577da 100644 ---- a/arch/arm/mach-bcm283x/include/mach/mbox.h -+++ b/arch/arm/mach-bcm283x/include/mach/mbox.h -@@ -37,11 +37,7 @@ - - /* Raw mailbox HW */ - --#ifndef CONFIG_BCM2835 --#define BCM2835_MBOX_PHYSADDR 0x3f00b880 --#else --#define BCM2835_MBOX_PHYSADDR 0x2000b880 --#endif -+#define BCM2835_MBOX_PHYSADDR (CONFIG_BCM283x_BASE + 0x0000b880) - - struct bcm2835_mbox_regs { - u32 read; -diff --git a/arch/arm/mach-bcm283x/include/mach/sdhci.h b/arch/arm/mach-bcm283x/include/mach/sdhci.h -index 5cb6ec3340..b443c379d8 100644 ---- a/arch/arm/mach-bcm283x/include/mach/sdhci.h -+++ b/arch/arm/mach-bcm283x/include/mach/sdhci.h -@@ -6,11 +6,7 @@ - #ifndef _BCM2835_SDHCI_H_ - #define _BCM2835_SDHCI_H_ - --#ifndef CONFIG_BCM2835 --#define BCM2835_SDHCI_BASE 0x3f300000 --#else --#define BCM2835_SDHCI_BASE 0x20300000 --#endif -+#define BCM2835_SDHCI_BASE (CONFIG_BCM283x_BASE + 0x00300000) - - int bcm2835_sdhci_init(u32 regbase, u32 emmc_freq); - -diff --git a/arch/arm/mach-bcm283x/include/mach/timer.h b/arch/arm/mach-bcm283x/include/mach/timer.h -index 56b0c356bb..014355e759 100644 ---- a/arch/arm/mach-bcm283x/include/mach/timer.h -+++ b/arch/arm/mach-bcm283x/include/mach/timer.h -@@ -6,11 +6,7 @@ - #ifndef _BCM2835_TIMER_H - #define _BCM2835_TIMER_H - --#ifndef CONFIG_BCM2835 --#define BCM2835_TIMER_PHYSADDR 0x3f003000 --#else --#define BCM2835_TIMER_PHYSADDR 0x20003000 --#endif -+#define BCM2835_TIMER_PHYSADDR (CONFIG_BCM283x_BASE + 0x00003000) - - #define BCM2835_TIMER_CS_M3 (1 << 3) - #define BCM2835_TIMER_CS_M2 (1 << 2) -diff --git a/arch/arm/mach-bcm283x/include/mach/wdog.h b/arch/arm/mach-bcm283x/include/mach/wdog.h -index 99c88e5df7..00b5e06c3a 100644 ---- a/arch/arm/mach-bcm283x/include/mach/wdog.h -+++ b/arch/arm/mach-bcm283x/include/mach/wdog.h -@@ -6,11 +6,7 @@ - #ifndef _BCM2835_WDOG_H - #define _BCM2835_WDOG_H - --#ifndef CONFIG_BCM2835 --#define BCM2835_WDOG_PHYSADDR 0x3f100000 --#else --#define BCM2835_WDOG_PHYSADDR 0x20100000 --#endif -+#define BCM2835_WDOG_PHYSADDR (CONFIG_BCM283x_BASE + 0x00100000) - - struct bcm2835_wdog_regs { - u32 unknown0[7]; --- -2.22.0 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0003-arm-mach-bcm283x-Define-configs-for-RaspberryPi-4.patch b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0003-arm-mach-bcm283x-Define-configs-for-RaspberryPi-4.patch deleted file mode 100644 index 029cac496..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0003-arm-mach-bcm283x-Define-configs-for-RaspberryPi-4.patch +++ /dev/null @@ -1,108 +0,0 @@ -From c03f551cab8fe38de8f0e1781f0e2e339419b003 Mon Sep 17 00:00:00 2001 -From: Andrei Gherzan -Date: Wed, 17 Jul 2019 15:33:01 +0100 -Subject: [PATCH 3/7] arm: mach-bcm283x: Define configs for RaspberryPi 4 - -Define two target configs for Raspberry Pi 4 (32 and 64bit) and the -corresponding BCM2838* configs. - -Be aware of the current limitation in firmware which requires an -explicit configuration to force the arm in 64bit mode when the -respective target is used. - -Signed-off-by: Andrei Gherzan -Signed-off-by: Matthias Brugger -Upstream-status: Pending ---- - arch/arm/mach-bcm283x/Kconfig | 62 +++++++++++++++++++++++++++++++++++ - 1 file changed, 62 insertions(+) - -diff --git a/arch/arm/mach-bcm283x/Kconfig b/arch/arm/mach-bcm283x/Kconfig -index 8e69914a83..09a5b42bbb 100644 ---- a/arch/arm/mach-bcm283x/Kconfig -+++ b/arch/arm/mach-bcm283x/Kconfig -@@ -26,6 +26,23 @@ config BCM2837_64B - select BCM2837 - select ARM64 - -+config BCM2838 -+ bool "Broadcom BCM2838 SoC support" -+ depends on ARCH_BCM283X -+ -+config BCM2838_32B -+ bool "Broadcom BCM2838 SoC 32-bit support" -+ depends on ARCH_BCM283X -+ select BCM2838 -+ select ARMV7_LPAE -+ select CPU_V7A -+ -+config BCM2838_64B -+ bool "Broadcom BCM2838 SoC 64-bit support" -+ depends on ARCH_BCM283X -+ select BCM2838 -+ select ARM64 -+ - menu "Broadcom BCM283X family" - depends on ARCH_BCM283X - -@@ -127,6 +144,50 @@ config TARGET_RPI_3 - This option creates a build targeting the ARMv8/AArch64 ISA. - select BCM2837_64B - -+config TARGET_RPI_4_32B -+ bool "Raspberry Pi 4 32-bit build" -+ help -+ Support for all BCM2838-based Raspberry Pi variants, such as -+ the RPi 4 model B, in AArch32 (32-bit) mode. -+ -+ This option assumes the VideoCore firmware is configured to use the -+ mini UART (rather than PL011) for the serial console. This is the -+ default on the RPi 4. To enable the UART console, the following non- -+ default option must be present in config.txt: enable_uart=1. This is -+ required for U-Boot to operate correctly, even if you only care -+ about the HDMI/usbkbd console. -+ -+ Due to hardware incompatibilities, this can't be used with -+ BCM283/5/6/7. -+ -+ This option creates a build targeting the ARMv7/AArch32 ISA. -+ select BCM2838_32B -+ -+config TARGET_RPI_4 -+ bool "Raspberry Pi 4 64-bit build" -+ help -+ Support for all BCM2838-based Raspberry Pi variants, such as -+ the RPi 4 model B, in AArch64 (64-bit) mode. -+ -+ This option assumes the VideoCore firmware is configured to use the -+ mini UART (rather than PL011) for the serial console. This is the -+ default on the RPi 4. To enable the UART console, the following non- -+ default option must be present in config.txt: enable_uart=1. This is -+ required for U-Boot to operate correctly, even if you only care -+ about the HDMI/usbkbd console. -+ -+ Due to hardware incompatibilities, this can't be used with -+ BCM283/5/6/7. -+ -+ Also, due to a bug in firmware, switching to 64bit mode doesn't -+ happen automatically based on the kernel's image filename. See -+ https://github.com/raspberrypi/firmware/issues/1193 for more details. -+ Until that is resolved, the configuration (config.txt) needs to -+ explicitly set: arm_64bit=1. -+ -+ This option creates a build targeting the ARMv8/AArch64 ISA. -+ select BCM2838_64B -+ - endchoice - - config SYS_BOARD -@@ -145,5 +206,6 @@ config BCM283x_BASE - hex - default "0x20000000" if BCM2835 - default "0x3f000000" if BCM2836 || BCM2837 -+ default "0xfe000000" if BCM2838 - - endmenu --- -2.22.0 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0004-rpi-Add-entry-for-Raspberry-Pi-4-model-B.patch b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0004-rpi-Add-entry-for-Raspberry-Pi-4-model-B.patch deleted file mode 100644 index 7309d2b22..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0004-rpi-Add-entry-for-Raspberry-Pi-4-model-B.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 12fbbd5bc12e225b19d3b4cb193a1bf3d9fa752a Mon Sep 17 00:00:00 2001 -From: Andrei Gherzan -Date: Wed, 17 Jul 2019 15:34:18 +0100 -Subject: [PATCH 4/7] rpi: Add entry for Raspberry Pi 4 model B - -The Raspebrry Pi 4 uses the new revision code scheme as documented by -the foundation. This change adds an entry for this board as well. - -Signed-off-by: Andrei Gherzan -Upstream-status: Pending ---- - board/raspberrypi/rpi/rpi.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/board/raspberrypi/rpi/rpi.c b/board/raspberrypi/rpi/rpi.c -index 617c892dde..92c6534da6 100644 ---- a/board/raspberrypi/rpi/rpi.c -+++ b/board/raspberrypi/rpi/rpi.c -@@ -148,6 +148,11 @@ static const struct rpi_model rpi_models_new_scheme[] = { - DTB_DIR "bcm2837-rpi-cm3.dtb", - false, - }, -+ [0x11] = { -+ "4 Model B", -+ DTB_DIR "bcm2838-rpi-4-b.dtb", -+ true, -+ }, - }; - - static const struct rpi_model rpi_models_old_scheme[] = { --- -2.22.0 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0005-arm-bcm283x-Include-definition-for-additional-emmc-c.patch b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0005-arm-bcm283x-Include-definition-for-additional-emmc-c.patch deleted file mode 100644 index 44847e017..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0005-arm-bcm283x-Include-definition-for-additional-emmc-c.patch +++ /dev/null @@ -1,30 +0,0 @@ -From fd99a249e6faf234066a6b5da2ed34aaead3d6d9 Mon Sep 17 00:00:00 2001 -From: Andrei Gherzan -Date: Fri, 12 Jul 2019 11:26:10 +0100 -Subject: [PATCH 5/7] arm: bcm283x: Include definition for additional emmc - clock - -This clock has a different mbox ID so have this included in the relevant -header file. - -Signed-off-by: Andrei Gherzan -Upstream-status: Pending ---- - arch/arm/mach-bcm283x/include/mach/mbox.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/arch/arm/mach-bcm283x/include/mach/mbox.h b/arch/arm/mach-bcm283x/include/mach/mbox.h -index e44c7577da..f2a98acddd 100644 ---- a/arch/arm/mach-bcm283x/include/mach/mbox.h -+++ b/arch/arm/mach-bcm283x/include/mach/mbox.h -@@ -230,6 +230,7 @@ struct bcm2835_mbox_tag_set_power_state { - #define BCM2835_MBOX_CLOCK_ID_SDRAM 8 - #define BCM2835_MBOX_CLOCK_ID_PIXEL 9 - #define BCM2835_MBOX_CLOCK_ID_PWM 10 -+#define BCM2835_MBOX_CLOCK_ID_EMMC2 12 - - struct bcm2835_mbox_tag_get_clock_rate { - struct bcm2835_mbox_tag_hdr tag_hdr; --- -2.22.0 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0006-mmc-bcm2835_sdhci-Add-support-for-bcm2711-device.patch b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0006-mmc-bcm2835_sdhci-Add-support-for-bcm2711-device.patch deleted file mode 100644 index d9de5c425..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0006-mmc-bcm2835_sdhci-Add-support-for-bcm2711-device.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 1f42758fe69648340cfae6cae98e667b88923cf6 Mon Sep 17 00:00:00 2001 -From: Matthias Brugger -Date: Wed, 10 Jul 2019 13:24:36 +0200 -Subject: [PATCH 6/7] mmc: bcm2835_sdhci: Add support for bcm2711 device - -The bcm2711 has two emmc controller. The difference is the clocks -they use. Add support for the second emmc contoller. - -Signed-off-by: Matthias Brugger -Signed-off-by: Andrei Gherzan -Upstream-status: Pending ---- - drivers/mmc/bcm2835_sdhci.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/drivers/mmc/bcm2835_sdhci.c b/drivers/mmc/bcm2835_sdhci.c -index 08bddd410e..e68dec3be7 100644 ---- a/drivers/mmc/bcm2835_sdhci.c -+++ b/drivers/mmc/bcm2835_sdhci.c -@@ -178,12 +178,13 @@ static int bcm2835_sdhci_probe(struct udevice *dev) - fdt_addr_t base; - int emmc_freq; - int ret; -+ int clock_id = (int)dev_get_driver_data(dev); - - base = devfdt_get_addr(dev); - if (base == FDT_ADDR_T_NONE) - return -EINVAL; - -- ret = bcm2835_get_mmc_clock(BCM2835_MBOX_CLOCK_ID_EMMC); -+ ret = bcm2835_get_mmc_clock(clock_id); - if (ret < 0) { - debug("%s: Failed to set MMC clock (err=%d)\n", __func__, ret); - return ret; -@@ -228,7 +229,14 @@ static int bcm2835_sdhci_probe(struct udevice *dev) - } - - static const struct udevice_id bcm2835_sdhci_match[] = { -- { .compatible = "brcm,bcm2835-sdhci" }, -+ { -+ .compatible = "brcm,bcm2835-sdhci", -+ .data = BCM2835_MBOX_CLOCK_ID_EMMC -+ }, -+ { -+ .compatible = "brcm,bcm2711-emmc2", -+ .data = BCM2835_MBOX_CLOCK_ID_EMMC2 -+ }, - { /* sentinel */ } - }; - --- -2.22.0 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0007-rpi-Add-memory-map-for-bcm2838.patch b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0007-rpi-Add-memory-map-for-bcm2838.patch deleted file mode 100644 index 1d23d9f99..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-2019.07/0007-rpi-Add-memory-map-for-bcm2838.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 76b656349a6786fa81cf69ac7762c31675cd567e Mon Sep 17 00:00:00 2001 -From: Andrei Gherzan -Date: Fri, 12 Jul 2019 14:27:31 +0100 -Subject: [PATCH 7/7] rpi: Add memory map for bcm2838 - -Define the memory map for the BCM2838 based on the dt configuration -available in the Raspberry Pi kernel fork. - -Signed-off-by: Andrei Gherzan -Upstream-status: Pending ---- - board/raspberrypi/rpi/rpi.c | 27 ++++++++++++++++++++++++--- - 1 file changed, 24 insertions(+), 3 deletions(-) - -diff --git a/board/raspberrypi/rpi/rpi.c b/board/raspberrypi/rpi/rpi.c -index 92c6534da6..bddf2a578d 100644 ---- a/board/raspberrypi/rpi/rpi.c -+++ b/board/raspberrypi/rpi/rpi.c -@@ -249,7 +249,8 @@ static uint32_t rev_type; - static const struct rpi_model *model; - - #ifdef CONFIG_ARM64 --static struct mm_region bcm2837_mem_map[] = { -+#ifndef CONFIG_BCM2838 -+static struct mm_region bcm283x_mem_map[] = { - { - .virt = 0x00000000UL, - .phys = 0x00000000UL, -@@ -268,8 +269,28 @@ static struct mm_region bcm2837_mem_map[] = { - 0, - } - }; -- --struct mm_region *mem_map = bcm2837_mem_map; -+#else -+static struct mm_region bcm283x_mem_map[] = { -+ { -+ .virt = 0x00000000UL, -+ .phys = 0x00000000UL, -+ .size = 0xfe000000UL, -+ .attrs = PTE_BLOCK_MEMTYPE(MT_NORMAL) | -+ PTE_BLOCK_INNER_SHARE -+ }, { -+ .virt = 0xfe000000UL, -+ .phys = 0xfe000000UL, -+ .size = 0x01800000UL, -+ .attrs = PTE_BLOCK_MEMTYPE(MT_DEVICE_NGNRNE) | -+ PTE_BLOCK_NON_SHARE | -+ PTE_BLOCK_PXN | PTE_BLOCK_UXN -+ }, { -+ /* List terminator */ -+ 0, -+ } -+}; -+#endif -+struct mm_region *mem_map = bcm283x_mem_map; - #endif - - int dram_init(void) --- -2.22.0 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-common.inc b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-common.inc deleted file mode 100644 index ad043dbcd..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-common.inc +++ /dev/null @@ -1,15 +0,0 @@ -HOMEPAGE = "http://www.denx.de/wiki/U-Boot/WebHome" -SECTION = "bootloaders" -DEPENDS += "flex-native bison-native" - -LICENSE = "GPLv2+" -LIC_FILES_CHKSUM = "file://Licenses/README;md5=30503fd321432fc713238f582193b78e" -PE = "1" - -# We use the revision in order to avoid having to fetch it from the -# repo during parse -SRCREV = "e5aee22e4be75e75a854ab64503fc80598bc2004" - -SRC_URI = "git://git.denx.de/u-boot.git" - -S = "${WORKDIR}/git" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb deleted file mode 100644 index b5ce56847..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb +++ /dev/null @@ -1,34 +0,0 @@ -require u-boot-common.inc - -SUMMARY = "U-Boot bootloader fw_printenv/setenv utilities" -DEPENDS += "mtd-utils" - -INSANE_SKIP_${PN} = "already-stripped" -EXTRA_OEMAKE_class-target = 'CROSS_COMPILE=${TARGET_PREFIX} CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" V=1' -EXTRA_OEMAKE_class-cross = 'HOSTCC="${CC} ${CFLAGS} ${LDFLAGS}" V=1' - -inherit uboot-config - -do_compile () { - oe_runmake ${UBOOT_MACHINE} - oe_runmake envtools -} - -do_install () { - install -d ${D}${base_sbindir} - install -d ${D}${sysconfdir} - install -m 755 ${S}/tools/env/fw_printenv ${D}${base_sbindir}/fw_printenv - install -m 755 ${S}/tools/env/fw_printenv ${D}${base_sbindir}/fw_setenv - install -m 0644 ${S}/tools/env/fw_env.config ${D}${sysconfdir}/fw_env.config -} - -do_install_class-cross () { - install -d ${D}${bindir_cross} - install -m 755 ${S}/tools/env/fw_printenv ${D}${bindir_cross}/fw_printenv - install -m 755 ${S}/tools/env/fw_printenv ${D}${bindir_cross}/fw_setenv -} - -SYSROOT_DIRS_append_class-cross = " ${bindir_cross}" - -PACKAGE_ARCH = "${MACHINE_ARCH}" -BBCLASSEXTEND = "cross" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bbappend b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bbappend deleted file mode 100644 index 3daf157d7..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bbappend +++ /dev/null @@ -1,2 +0,0 @@ -# Apply the same patches for rpi4 as u-boot recipe -require u-boot-rpi4-${PV}.inc diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-rpi4-2019.07.inc b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-rpi4-2019.07.inc deleted file mode 100644 index 2ce55a2b1..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-rpi4-2019.07.inc +++ /dev/null @@ -1,12 +0,0 @@ -FILESEXTRAPATHS_prepend_raspberrypi4 := "${THISDIR}/u-boot-2019.07:" -UBOOT_RPI4_SUPPORT_PATCHES = " \ - file://0001-configs-rpi4-Add-defconfigs-for-rpi4-32-64.patch \ - file://0002-ARM-bcm283x-Add-BCM283x_BASE-define.patch \ - file://0003-arm-mach-bcm283x-Define-configs-for-RaspberryPi-4.patch \ - file://0004-rpi-Add-entry-for-Raspberry-Pi-4-model-B.patch \ - file://0005-arm-bcm283x-Include-definition-for-additional-emmc-c.patch \ - file://0006-mmc-bcm2835_sdhci-Add-support-for-bcm2711-device.patch \ - file://0007-rpi-Add-memory-map-for-bcm2838.patch \ -" - -SRC_URI_append_raspberrypi4 = "${UBOOT_RPI4_SUPPORT_PATCHES}" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-tools_2019.07.bb b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-tools_2019.07.bb deleted file mode 100644 index bede984ef..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot-tools_2019.07.bb +++ /dev/null @@ -1,67 +0,0 @@ -require u-boot-common.inc - -SUMMARY = "U-Boot bootloader tools" -DEPENDS += "openssl" - -PROVIDES = "${MLPREFIX}u-boot-mkimage ${MLPREFIX}u-boot-mkenvimage" -PROVIDES_class-native = "u-boot-mkimage-native u-boot-mkenvimage-native" - -PACKAGES += "${PN}-mkimage ${PN}-mkenvimage" - -# Required for backward compatibility with "u-boot-mkimage-xxx.bb" -RPROVIDES_${PN}-mkimage = "u-boot-mkimage" -RREPLACES_${PN}-mkimage = "u-boot-mkimage" -RCONFLICTS_${PN}-mkimage = "u-boot-mkimage" - -EXTRA_OEMAKE_class-target = 'CROSS_COMPILE="${TARGET_PREFIX}" CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1' -EXTRA_OEMAKE_class-native = 'CC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1' -EXTRA_OEMAKE_class-nativesdk = 'CROSS_COMPILE="${HOST_PREFIX}" CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1' - -SED_CONFIG_EFI = '-e "s/CONFIG_EFI_LOADER=.*/# CONFIG_EFI_LOADER is not set/"' -SED_CONFIG_EFI_x86 = '' -SED_CONFIG_EFI_x86-64 = '' -SED_CONFIG_EFI_arm = '' -SED_CONFIG_EFI_armeb = '' -SED_CONFIG_EFI_aarch64 = '' - -do_compile () { - oe_runmake sandbox_defconfig - - # Disable CONFIG_CMD_LICENSE, license.h is not used by tools and - # generating it requires bin2header tool, which for target build - # is built with target tools and thus cannot be executed on host. - sed -i -e "s/CONFIG_CMD_LICENSE=.*/# CONFIG_CMD_LICENSE is not set/" ${SED_CONFIG_EFI} .config - - oe_runmake cross_tools NO_SDL=1 -} - -do_install () { - install -d ${D}${bindir} - - # mkimage - install -m 0755 tools/mkimage ${D}${bindir}/uboot-mkimage - ln -sf uboot-mkimage ${D}${bindir}/mkimage - - # mkenvimage - install -m 0755 tools/mkenvimage ${D}${bindir}/uboot-mkenvimage - ln -sf uboot-mkenvimage ${D}${bindir}/mkenvimage - - # dumpimage - install -m 0755 tools/dumpimage ${D}${bindir}/uboot-dumpimage - ln -sf uboot-dumpimage ${D}${bindir}/dumpimage - - # fit_check_sign - install -m 0755 tools/fit_check_sign ${D}${bindir}/uboot-fit_check_sign - ln -sf uboot-fit_check_sign ${D}${bindir}/fit_check_sign -} - -ALLOW_EMPTY_${PN} = "1" -FILES_${PN} = "" -FILES_${PN}-mkimage = "${bindir}/uboot-mkimage ${bindir}/mkimage ${bindir}/uboot-dumpimage ${bindir}/dumpimage ${bindir}/uboot-fit_check_sign ${bindir}/fit_check_sign" -FILES_${PN}-mkenvimage = "${bindir}/uboot-mkenvimage ${bindir}/mkenvimage" - -RDEPENDS_${PN}-mkimage += "dtc" -RDEPENDS_${PN} += "${PN}-mkimage ${PN}-mkenvimage" -RDEPENDS_${PN}_class-native = "" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot.inc b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot.inc deleted file mode 100644 index 9a754fd09..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot.inc +++ /dev/null @@ -1,333 +0,0 @@ -SUMMARY = "Universal Boot Loader for embedded devices" -PROVIDES = "virtual/bootloader" - -B = "${WORKDIR}/build" - -PACKAGE_ARCH = "${MACHINE_ARCH}" - -DEPENDS += "kern-tools-native" - -inherit uboot-config uboot-extlinux-config uboot-sign deploy cml1 - -DEPENDS += "swig-native python-native" - -EXTRA_OEMAKE = 'CROSS_COMPILE=${TARGET_PREFIX} CC="${TARGET_PREFIX}gcc ${TOOLCHAIN_OPTIONS}" V=1' -EXTRA_OEMAKE += 'HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}"' -EXTRA_OEMAKE += 'PYTHON2=nativepython STAGING_INCDIR=${STAGING_INCDIR_NATIVE} STAGING_LIBDIR=${STAGING_LIBDIR_NATIVE}' - -PACKAGECONFIG ??= "openssl" -# u-boot will compile its own tools during the build, with specific -# configurations (aka when CONFIG_FIT_SIGNATURE is enabled) openssl is needed as -# a host build dependency. -PACKAGECONFIG[openssl] = ",,openssl-native" - -# Allow setting an additional version string that will be picked up by the -# u-boot build system and appended to the u-boot version. If the .scmversion -# file already exists it will not be overwritten. -UBOOT_LOCALVERSION ?= "" - -# Some versions of u-boot use .bin and others use .img. By default use .bin -# but enable individual recipes to change this value. -UBOOT_SUFFIX ??= "bin" -UBOOT_IMAGE ?= "u-boot-${MACHINE}-${PV}-${PR}.${UBOOT_SUFFIX}" -UBOOT_SYMLINK ?= "u-boot-${MACHINE}.${UBOOT_SUFFIX}" -UBOOT_MAKE_TARGET ?= "all" - -# Output the ELF generated. Some platforms can use the ELF file and directly -# load it (JTAG booting, QEMU) additionally the ELF can be used for debugging -# purposes. -UBOOT_ELF ?= "" -UBOOT_ELF_SUFFIX ?= "elf" -UBOOT_ELF_IMAGE ?= "u-boot-${MACHINE}-${PV}-${PR}.${UBOOT_ELF_SUFFIX}" -UBOOT_ELF_BINARY ?= "u-boot.${UBOOT_ELF_SUFFIX}" -UBOOT_ELF_SYMLINK ?= "u-boot-${MACHINE}.${UBOOT_ELF_SUFFIX}" - -# Some versions of u-boot build an SPL (Second Program Loader) image that -# should be packaged along with the u-boot binary as well as placed in the -# deploy directory. For those versions they can set the following variables -# to allow packaging the SPL. -SPL_BINARY ?= "" -SPL_BINARYNAME ?= "${@os.path.basename(d.getVar("SPL_BINARY"))}" -SPL_IMAGE ?= "${SPL_BINARYNAME}-${MACHINE}-${PV}-${PR}" -SPL_SYMLINK ?= "${SPL_BINARYNAME}-${MACHINE}" - -# Additional environment variables or a script can be installed alongside -# u-boot to be used automatically on boot. This file, typically 'uEnv.txt' -# or 'boot.scr', should be packaged along with u-boot as well as placed in the -# deploy directory. Machine configurations needing one of these files should -# include it in the SRC_URI and set the UBOOT_ENV parameter. -UBOOT_ENV_SUFFIX ?= "txt" -UBOOT_ENV ?= "" -UBOOT_ENV_BINARY ?= "${UBOOT_ENV}.${UBOOT_ENV_SUFFIX}" -UBOOT_ENV_IMAGE ?= "${UBOOT_ENV}-${MACHINE}-${PV}-${PR}.${UBOOT_ENV_SUFFIX}" -UBOOT_ENV_SYMLINK ?= "${UBOOT_ENV}-${MACHINE}.${UBOOT_ENV_SUFFIX}" - -# U-Boot EXTLINUX variables. U-Boot searches for /boot/extlinux/extlinux.conf -# to find EXTLINUX conf file. -UBOOT_EXTLINUX_INSTALL_DIR ?= "/boot/extlinux" -UBOOT_EXTLINUX_CONF_NAME ?= "extlinux.conf" -UBOOT_EXTLINUX_SYMLINK ?= "${UBOOT_EXTLINUX_CONF_NAME}-${MACHINE}-${PR}" - -# returns all the elements from the src uri that are .cfg files -def find_cfgs(d): - sources=src_patches(d, True) - sources_list=[] - for s in sources: - if s.endswith('.cfg'): - sources_list.append(s) - - return sources_list - -do_configure () { - if [ -z "${UBOOT_CONFIG}" ]; then - if [ -n "${UBOOT_MACHINE}" ]; then - oe_runmake -C ${S} O=${B} ${UBOOT_MACHINE} - else - oe_runmake -C ${S} O=${B} oldconfig - fi - merge_config.sh -m .config ${@" ".join(find_cfgs(d))} - cml1_do_configure - fi -} - -do_compile () { - if [ "${@bb.utils.filter('DISTRO_FEATURES', 'ld-is-gold', d)}" ]; then - sed -i 's/$(CROSS_COMPILE)ld$/$(CROSS_COMPILE)ld.bfd/g' ${S}/config.mk - fi - - unset LDFLAGS - unset CFLAGS - unset CPPFLAGS - - if [ ! -e ${B}/.scmversion -a ! -e ${S}/.scmversion ] - then - echo ${UBOOT_LOCALVERSION} > ${B}/.scmversion - echo ${UBOOT_LOCALVERSION} > ${S}/.scmversion - fi - - if [ -n "${UBOOT_CONFIG}" ] - then - unset i j k - for config in ${UBOOT_MACHINE}; do - i=$(expr $i + 1); - for type in ${UBOOT_CONFIG}; do - j=$(expr $j + 1); - if [ $j -eq $i ] - then - oe_runmake -C ${S} O=${B}/${config} ${config} - oe_runmake -C ${S} O=${B}/${config} ${UBOOT_MAKE_TARGET} - for binary in ${UBOOT_BINARIES}; do - k=$(expr $k + 1); - if [ $k -eq $i ]; then - cp ${B}/${config}/${binary} ${B}/${config}/u-boot-${type}.${UBOOT_SUFFIX} - fi - done - unset k - fi - done - unset j - done - unset i - else - oe_runmake -C ${S} O=${B} ${UBOOT_MAKE_TARGET} - fi - -} - -do_install () { - if [ -n "${UBOOT_CONFIG}" ] - then - for config in ${UBOOT_MACHINE}; do - i=$(expr $i + 1); - for type in ${UBOOT_CONFIG}; do - j=$(expr $j + 1); - if [ $j -eq $i ] - then - install -d ${D}/boot - install -m 644 ${B}/${config}/u-boot-${type}.${UBOOT_SUFFIX} ${D}/boot/u-boot-${type}-${PV}-${PR}.${UBOOT_SUFFIX} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARY}-${type} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARY} - fi - done - unset j - done - unset i - else - install -d ${D}/boot - install -m 644 ${B}/${UBOOT_BINARY} ${D}/boot/${UBOOT_IMAGE} - ln -sf ${UBOOT_IMAGE} ${D}/boot/${UBOOT_BINARY} - fi - - if [ -n "${UBOOT_ELF}" ] - then - if [ -n "${UBOOT_CONFIG}" ] - then - for config in ${UBOOT_MACHINE}; do - i=$(expr $i + 1); - for type in ${UBOOT_CONFIG}; do - j=$(expr $j + 1); - if [ $j -eq $i ] - then - install -m 644 ${B}/${config}/${UBOOT_ELF} ${D}/boot/u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${D}/boot/${UBOOT_BINARY}-${type} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${D}/boot/${UBOOT_BINARY} - fi - done - unset j - done - unset i - else - install -m 644 ${B}/${UBOOT_ELF} ${D}/boot/${UBOOT_ELF_IMAGE} - ln -sf ${UBOOT_ELF_IMAGE} ${D}/boot/${UBOOT_ELF_BINARY} - fi - fi - - if [ -e ${WORKDIR}/fw_env.config ] ; then - install -d ${D}${sysconfdir} - install -m 644 ${WORKDIR}/fw_env.config ${D}${sysconfdir}/fw_env.config - fi - - if [ -n "${SPL_BINARY}" ] - then - if [ -n "${UBOOT_CONFIG}" ] - then - for config in ${UBOOT_MACHINE}; do - i=$(expr $i + 1); - for type in ${UBOOT_CONFIG}; do - j=$(expr $j + 1); - if [ $j -eq $i ] - then - install -m 644 ${B}/${config}/${SPL_BINARY} ${D}/boot/${SPL_IMAGE}-${type}-${PV}-${PR} - ln -sf ${SPL_IMAGE}-${type}-${PV}-${PR} ${D}/boot/${SPL_BINARYNAME}-${type} - ln -sf ${SPL_IMAGE}-${type}-${PV}-${PR} ${D}/boot/${SPL_BINARYNAME} - fi - done - unset j - done - unset i - else - install -m 644 ${B}/${SPL_BINARY} ${D}/boot/${SPL_IMAGE} - ln -sf ${SPL_IMAGE} ${D}/boot/${SPL_BINARYNAME} - fi - fi - - if [ -n "${UBOOT_ENV}" ] - then - install -m 644 ${WORKDIR}/${UBOOT_ENV_BINARY} ${D}/boot/${UBOOT_ENV_IMAGE} - ln -sf ${UBOOT_ENV_IMAGE} ${D}/boot/${UBOOT_ENV_BINARY} - fi - - if [ "${UBOOT_EXTLINUX}" = "1" ] - then - install -Dm 0644 ${UBOOT_EXTLINUX_CONFIG} ${D}/${UBOOT_EXTLINUX_INSTALL_DIR}/${UBOOT_EXTLINUX_CONF_NAME} - fi - -} - -FILES_${PN} = "/boot ${sysconfdir} ${datadir}" - -do_deploy () { - if [ -n "${UBOOT_CONFIG}" ] - then - for config in ${UBOOT_MACHINE}; do - i=$(expr $i + 1); - for type in ${UBOOT_CONFIG}; do - j=$(expr $j + 1); - if [ $j -eq $i ] - then - install -d ${DEPLOYDIR} - install -m 644 ${B}/${config}/u-boot-${type}.${UBOOT_SUFFIX} ${DEPLOYDIR}/u-boot-${type}-${PV}-${PR}.${UBOOT_SUFFIX} - cd ${DEPLOYDIR} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${UBOOT_SYMLINK}-${type} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${UBOOT_SYMLINK} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${UBOOT_BINARY}-${type} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${UBOOT_BINARY} - fi - done - unset j - done - unset i - else - install -d ${DEPLOYDIR} - install -m 644 ${B}/${UBOOT_BINARY} ${DEPLOYDIR}/${UBOOT_IMAGE} - cd ${DEPLOYDIR} - rm -f ${UBOOT_BINARY} ${UBOOT_SYMLINK} - ln -sf ${UBOOT_IMAGE} ${UBOOT_SYMLINK} - ln -sf ${UBOOT_IMAGE} ${UBOOT_BINARY} - fi - - if [ -n "${UBOOT_ELF}" ] - then - if [ -n "${UBOOT_CONFIG}" ] - then - for config in ${UBOOT_MACHINE}; do - i=$(expr $i + 1); - for type in ${UBOOT_CONFIG}; do - j=$(expr $j + 1); - if [ $j -eq $i ] - then - install -m 644 ${B}/${config}/${UBOOT_ELF} ${DEPLOYDIR}/u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_BINARY}-${type} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_BINARY} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_SYMLINK}-${type} - ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_SYMLINK} - fi - done - unset j - done - unset i - else - install -m 644 ${B}/${UBOOT_ELF} ${DEPLOYDIR}/${UBOOT_ELF_IMAGE} - ln -sf ${UBOOT_ELF_IMAGE} ${DEPLOYDIR}/${UBOOT_ELF_BINARY} - ln -sf ${UBOOT_ELF_IMAGE} ${DEPLOYDIR}/${UBOOT_ELF_SYMLINK} - fi - fi - - - if [ -n "${SPL_BINARY}" ] - then - if [ -n "${UBOOT_CONFIG}" ] - then - for config in ${UBOOT_MACHINE}; do - i=$(expr $i + 1); - for type in ${UBOOT_CONFIG}; do - j=$(expr $j + 1); - if [ $j -eq $i ] - then - install -m 644 ${B}/${config}/${SPL_BINARY} ${DEPLOYDIR}/${SPL_IMAGE}-${type}-${PV}-${PR} - rm -f ${DEPLOYDIR}/${SPL_BINARYNAME} ${DEPLOYDIR}/${SPL_SYMLINK}-${type} - ln -sf ${SPL_IMAGE}-${type}-${PV}-${PR} ${DEPLOYDIR}/${SPL_BINARYNAME}-${type} - ln -sf ${SPL_IMAGE}-${type}-${PV}-${PR} ${DEPLOYDIR}/${SPL_BINARYNAME} - ln -sf ${SPL_IMAGE}-${type}-${PV}-${PR} ${DEPLOYDIR}/${SPL_SYMLINK}-${type} - ln -sf ${SPL_IMAGE}-${type}-${PV}-${PR} ${DEPLOYDIR}/${SPL_SYMLINK} - fi - done - unset j - done - unset i - else - install -m 644 ${B}/${SPL_BINARY} ${DEPLOYDIR}/${SPL_IMAGE} - rm -f ${DEPLOYDIR}/${SPL_BINARYNAME} ${DEPLOYDIR}/${SPL_SYMLINK} - ln -sf ${SPL_IMAGE} ${DEPLOYDIR}/${SPL_BINARYNAME} - ln -sf ${SPL_IMAGE} ${DEPLOYDIR}/${SPL_SYMLINK} - fi - fi - - - if [ -n "${UBOOT_ENV}" ] - then - install -m 644 ${WORKDIR}/${UBOOT_ENV_BINARY} ${DEPLOYDIR}/${UBOOT_ENV_IMAGE} - rm -f ${DEPLOYDIR}/${UBOOT_ENV_BINARY} ${DEPLOYDIR}/${UBOOT_ENV_SYMLINK} - ln -sf ${UBOOT_ENV_IMAGE} ${DEPLOYDIR}/${UBOOT_ENV_BINARY} - ln -sf ${UBOOT_ENV_IMAGE} ${DEPLOYDIR}/${UBOOT_ENV_SYMLINK} - fi - - if [ "${UBOOT_EXTLINUX}" = "1" ] - then - install -m 644 ${UBOOT_EXTLINUX_CONFIG} ${DEPLOYDIR}/${UBOOT_EXTLINUX_SYMLINK} - ln -sf ${UBOOT_EXTLINUX_SYMLINK} ${DEPLOYDIR}/${UBOOT_EXTLINUX_CONF_NAME}-${MACHINE} - ln -sf ${UBOOT_EXTLINUX_SYMLINK} ${DEPLOYDIR}/${UBOOT_EXTLINUX_CONF_NAME} - fi -} - -addtask deploy before do_build after do_compile diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot_2019.07.bb b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot_2019.07.bb deleted file mode 100644 index 02d67c0db..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot_2019.07.bb +++ /dev/null @@ -1,4 +0,0 @@ -require u-boot-common.inc -require u-boot.inc - -DEPENDS += "bc-native dtc-native" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot_2019.07.bbappend b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot_2019.07.bbappend index 6d89f5cb2..ba2ecb599 100644 --- a/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot_2019.07.bbappend +++ b/meta-agl-bsp/meta-raspberrypi/recipes-bsp/u-boot/u-boot_2019.07.bbappend @@ -1,6 +1,3 @@ -# Apply the same patches for rpi4 as u-boot recipe -require u-boot-rpi4-${PV}.inc - FILESEXTRAPATHS_prepend := "${THISDIR}/files:" # Update the patch for u-boot 2019.07 diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0001-meson.build-check-for-all-linux-host_os-combinations.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0001-meson.build-check-for-all-linux-host_os-combinations.patch deleted file mode 100644 index 9fba5da4b..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0001-meson.build-check-for-all-linux-host_os-combinations.patch +++ /dev/null @@ -1,42 +0,0 @@ -From ea966884e39aae9571c038fab55f3c1663d17850 Mon Sep 17 00:00:00 2001 -From: Fabio Berton -Date: Wed, 12 Jun 2019 13:40:20 -0300 -Subject: [PATCH] meson.build: check for all linux host_os combinations -Organization: O.S. Systems Software LTDA. - -Make sure that we are also looking for our host_os combinations like -linux-musl etc. when assuming support for DRM/KMS. - -Also delete a duplicate line. - -Upstream-Status: Pending - -Signed-off-by: Anuj Mittal -Signed-off-by: Fabio Berton -Signed-off-by: Otavio Salvador ---- - meson.build | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/meson.build b/meson.build -index 567a81afd6f..b33b430aed4 100644 ---- a/meson.build -+++ b/meson.build -@@ -107,7 +107,7 @@ with_any_opengl = with_opengl or with_gles1 or with_gles2 - # Only build shared_glapi if at least one OpenGL API is enabled - with_shared_glapi = get_option('shared-glapi') and with_any_opengl - --system_has_kms_drm = ['openbsd', 'netbsd', 'freebsd', 'gnu/kfreebsd', 'dragonfly', 'linux'].contains(host_machine.system()) -+system_has_kms_drm = ['openbsd', 'netbsd', 'freebsd', 'dragonfly'].contains(host_machine.system()) or host_machine.system().startswith('linux') - - dri_drivers = get_option('dri-drivers') - if dri_drivers.contains('auto') -@@ -845,7 +845,7 @@ if cc.compiles('int foo(void) __attribute__((__noreturn__));', - endif - - # TODO: this is very incomplete --if ['linux', 'cygwin', 'gnu', 'gnu/kfreebsd'].contains(host_machine.system()) -+if ['cygwin', 'gnu', 'gnu/kfreebsd'].contains(host_machine.system()) or host_machine.system().startswith('linux') - pre_args += '-D_GNU_SOURCE' - endif - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0002-meson.build-make-TLS-GLX-optional-again.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0002-meson.build-make-TLS-GLX-optional-again.patch deleted file mode 100644 index 641bacf1d..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0002-meson.build-make-TLS-GLX-optional-again.patch +++ /dev/null @@ -1,52 +0,0 @@ -From cee8e48c5344124e5d84307cb0c48ee0c9b3e684 Mon Sep 17 00:00:00 2001 -From: Fabio Berton -Date: Wed, 12 Jun 2019 14:15:57 -0300 -Subject: [PATCH] meson.build: make TLS GLX optional again -Organization: O.S. Systems Software LTDA. - -This was optional with autotools, and needs to be disabled -when using musl C library, for instance. - -Upstream-Status: Pending - -Signed-off-by: Alexander Kanavin -Signed-off-by: Fabio Berton -Signed-off-by: Otavio Salvador ---- - meson.build | 4 +++- - meson_options.txt | 7 +++++++ - 2 files changed, 10 insertions(+), 1 deletion(-) - -diff --git a/meson.build b/meson.build -index b33b430aed4..0e50bb26c0a 100644 ---- a/meson.build -+++ b/meson.build -@@ -369,7 +369,9 @@ if with_egl and not (with_platform_drm or with_platform_surfaceless or with_plat - endif - endif - --pre_args += '-DGLX_USE_TLS' -+if get_option('glx-tls') -+ pre_args += '-DGLX_USE_TLS' -+endif - if with_glx != 'disabled' - if not (with_platform_x11 and with_any_opengl) - error('Cannot build GLX support without X11 platform support and at least one OpenGL API') -diff --git a/meson_options.txt b/meson_options.txt -index 1f72faabee8..fcd49efea27 100644 ---- a/meson_options.txt -+++ b/meson_options.txt -@@ -339,6 +339,13 @@ option( - value : true, - description : 'Enable direct rendering in GLX and EGL for DRI', - ) -+option( -+ 'glx-tls', -+ type : 'boolean', -+ value : true, -+ description : 'Enable TLS support in GLX', -+) -+ - option( - 'I-love-half-baked-turnips', - type : 'boolean', diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0003-Allow-enable-DRI-without-DRI-drivers.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0003-Allow-enable-DRI-without-DRI-drivers.patch deleted file mode 100644 index 3458c1919..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/files/0003-Allow-enable-DRI-without-DRI-drivers.patch +++ /dev/null @@ -1,46 +0,0 @@ -From f1482e88c2295b9c7288f5b273335a8e18039de8 Mon Sep 17 00:00:00 2001 -From: Fabio Berton -Date: Wed, 12 Jun 2019 14:18:31 -0300 -Subject: [PATCH] Allow enable DRI without DRI drivers -Organization: O.S. Systems Software LTDA. - -Upstream-Status: Pending - -Signed-off-by: Andrei Gherzan -Signed-off-by: Fabio Berton -Signed-off-by: Otavio Salvador ---- - meson.build | 2 +- - meson_options.txt | 6 ++++++ - 2 files changed, 7 insertions(+), 1 deletion(-) - -diff --git a/meson.build b/meson.build -index 0e50bb26c0a..de065c290d6 100644 ---- a/meson.build -+++ b/meson.build -@@ -137,7 +137,7 @@ with_dri_r200 = dri_drivers.contains('r200') - with_dri_nouveau = dri_drivers.contains('nouveau') - with_dri_swrast = dri_drivers.contains('swrast') - --with_dri = dri_drivers.length() != 0 and dri_drivers != [''] -+with_dri = get_option('dri') or (_drivers.length() != 0 and _drivers != ['']) - - gallium_drivers = get_option('gallium-drivers') - if gallium_drivers.contains('auto') -diff --git a/meson_options.txt b/meson_options.txt -index fcd49efea27..0529200b3bb 100644 ---- a/meson_options.txt -+++ b/meson_options.txt -@@ -34,6 +34,12 @@ option( - choices : ['auto', 'true', 'false'], - description : 'enable support for dri3' - ) -+option( -+ 'dri', -+ type : 'boolean', -+ value : false, -+ description : 'enable support for dri' -+) - option( - 'dri-drivers', - type : 'array', diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/libglu_9.0.1.bb b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/libglu_9.0.1.bb deleted file mode 100644 index 068fb19e2..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/libglu_9.0.1.bb +++ /dev/null @@ -1,30 +0,0 @@ -SUMMARY = "The OpenGL utility toolkit" -DESCRIPTION = "GLU is a utility toolkit used with OpenGL implementations" - -HOMEPAGE = "http://mesa3d.org" -BUGTRACKER = "https://bugs.freedesktop.org" -SECTION = "x11" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://include/GL/glu.h;endline=29;md5=6b79c570f644363b356456e7d44471d9 \ - file://src/libtess/tess.c;endline=29;md5=6b79c570f644363b356456e7d44471d9" - -# Epoch as this used to be part of mesa -PE = "2" -PR = "0" - -SRC_URI = "https://mesa.freedesktop.org/archive/glu/glu-${PV}.tar.gz" - -SRC_URI[md5sum] = "5599a0e0a97335e10239d9165aced60d" -SRC_URI[sha256sum] = "f6f484cfcd51e489afe88031afdea1e173aa652697e4c19ddbcb8260579a10f7" - -S = "${WORKDIR}/glu-${PV}" - -DEPENDS = "virtual/libgl" - -inherit autotools pkgconfig distro_features_check - -# Requires libGL.so which is provided by mesa when x11 in DISTRO_FEATURES -REQUIRED_DISTRO_FEATURES = "x11 opengl" - -# Remove the mesa-glu dependency in mesa-glu-dev, as mesa-glu is empty -RDEPENDS_${PN}-dev = "" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0001-mesa-demos-Add-missing-data-files.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0001-mesa-demos-Add-missing-data-files.patch deleted file mode 100644 index 93ee9c286..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0001-mesa-demos-Add-missing-data-files.patch +++ /dev/null @@ -1,624 +0,0 @@ -From b695c3a3fa3f4cd48c13aa26542110de27075518 Mon Sep 17 00:00:00 2001 -From: Drew Moseley -Date: Mon, 12 May 2014 15:22:32 -0400 -Subject: [PATCH 1/9] mesa-demos: Add missing data files. - -Add some data files that are present in the git repository: - http://cgit.freedesktop.org/mesa/demos/tree/?id=mesa-demos-8.1.0 -but not in the release tarball - ftp://ftp.freedesktop.org/pub/mesa/demos/8.1.0/mesa-demos-8.1.0.tar.bz2 - -Upstream-Status: Backport -Signed-off-by: Drew Moseley -Signed-off-by: Martin Jansa ---- - src/fpglsl/depth-read.glsl | 4 + - src/fpglsl/infinite-loop.glsl | 7 + - src/glsl/CH11-bumpmaptex.frag | 47 +++++++ - src/glsl/blinking-teapot.frag | 31 +++++ - src/glsl/blinking-teapot.vert | 16 +++ - src/glsl/convolution.frag | 21 +++ - src/glsl/simplex-noise.glsl | 279 ++++++++++++++++++++++++++++++++++++++++ - src/glsl/skinning.vert | 24 ++++ - src/perf/glslstateschange1.frag | 19 +++ - src/perf/glslstateschange1.vert | 14 ++ - src/perf/glslstateschange2.frag | 17 +++ - src/perf/glslstateschange2.vert | 14 ++ - src/vpglsl/infinite-loop.glsl | 8 ++ - 13 files changed, 501 insertions(+) - create mode 100644 src/fpglsl/depth-read.glsl - create mode 100644 src/fpglsl/infinite-loop.glsl - create mode 100644 src/glsl/CH11-bumpmaptex.frag - create mode 100644 src/glsl/blinking-teapot.frag - create mode 100644 src/glsl/blinking-teapot.vert - create mode 100644 src/glsl/convolution.frag - create mode 100644 src/glsl/simplex-noise.glsl - create mode 100644 src/glsl/skinning.vert - create mode 100644 src/perf/glslstateschange1.frag - create mode 100644 src/perf/glslstateschange1.vert - create mode 100644 src/perf/glslstateschange2.frag - create mode 100644 src/perf/glslstateschange2.vert - create mode 100644 src/vpglsl/infinite-loop.glsl - -diff --git a/src/fpglsl/depth-read.glsl b/src/fpglsl/depth-read.glsl -new file mode 100644 -index 0000000..86d298e ---- /dev/null -+++ b/src/fpglsl/depth-read.glsl -@@ -0,0 +1,4 @@ -+void main() -+{ -+ gl_FragColor = gl_FragCoord.zzzz; -+} -diff --git a/src/fpglsl/infinite-loop.glsl b/src/fpglsl/infinite-loop.glsl -new file mode 100644 -index 0000000..c6dc6ee ---- /dev/null -+++ b/src/fpglsl/infinite-loop.glsl -@@ -0,0 +1,7 @@ -+void main() { -+ vec4 sum = vec4(0); -+ for (int i = 1; i != 2; i += 2) { -+ sum += vec4(0.1, 0.1, 0.1, 0.1); -+ } -+ gl_FragColor = sum; -+} -diff --git a/src/glsl/CH11-bumpmaptex.frag b/src/glsl/CH11-bumpmaptex.frag -new file mode 100644 -index 0000000..b5dabb4 ---- /dev/null -+++ b/src/glsl/CH11-bumpmaptex.frag -@@ -0,0 +1,47 @@ -+// -+// Fragment shader for procedural bumps -+// -+// Authors: John Kessenich, Randi Rost -+// -+// Copyright (c) 2002-2006 3Dlabs Inc. Ltd. -+// -+// See 3Dlabs-License.txt for license information -+// -+// Texture mapping/modulation added by Brian Paul -+// -+ -+varying vec3 LightDir; -+varying vec3 EyeDir; -+ -+uniform float BumpDensity; // = 16.0 -+uniform float BumpSize; // = 0.15 -+uniform float SpecularFactor; // = 0.5 -+ -+uniform sampler2D Tex; -+ -+void main() -+{ -+ vec3 ambient = vec3(0.25); -+ vec3 litColor; -+ vec2 c = BumpDensity * gl_TexCoord[0].st; -+ vec2 p = fract(c) - vec2(0.5); -+ -+ float d, f; -+ d = p.x * p.x + p.y * p.y; -+ f = inversesqrt(d + 1.0); -+ -+ if (d >= BumpSize) -+ { p = vec2(0.0); f = 1.0; } -+ -+ vec3 SurfaceColor = texture2D(Tex, gl_TexCoord[0].st).xyz; -+ -+ vec3 normDelta = vec3(p.x, p.y, 1.0) * f; -+ litColor = SurfaceColor * (ambient + max(dot(normDelta, LightDir), 0.0)); -+ vec3 reflectDir = reflect(LightDir, normDelta); -+ -+ float spec = max(dot(EyeDir, reflectDir), 0.0); -+ spec *= SpecularFactor; -+ litColor = min(litColor + spec, vec3(1.0)); -+ -+ gl_FragColor = vec4(litColor, 1.0); -+} -diff --git a/src/glsl/blinking-teapot.frag b/src/glsl/blinking-teapot.frag -new file mode 100644 -index 0000000..0db060b ---- /dev/null -+++ b/src/glsl/blinking-teapot.frag -@@ -0,0 +1,31 @@ -+#extension GL_ARB_uniform_buffer_object : enable -+ -+layout(std140) uniform colors0 -+{ -+ float DiffuseCool; -+ float DiffuseWarm; -+ vec3 SurfaceColor; -+ vec3 WarmColor; -+ vec3 CoolColor; -+ vec4 some[8]; -+}; -+ -+varying float NdotL; -+varying vec3 ReflectVec; -+varying vec3 ViewVec; -+ -+void main (void) -+{ -+ -+ vec3 kcool = min(CoolColor + DiffuseCool * SurfaceColor, 1.0); -+ vec3 kwarm = min(WarmColor + DiffuseWarm * SurfaceColor, 1.0); -+ vec3 kfinal = mix(kcool, kwarm, NdotL); -+ -+ vec3 nreflect = normalize(ReflectVec); -+ vec3 nview = normalize(ViewVec); -+ -+ float spec = max(dot(nreflect, nview), 0.0); -+ spec = pow(spec, 32.0); -+ -+ gl_FragColor = vec4 (min(kfinal + spec, 1.0), 1.0); -+} -diff --git a/src/glsl/blinking-teapot.vert b/src/glsl/blinking-teapot.vert -new file mode 100644 -index 0000000..397d733 ---- /dev/null -+++ b/src/glsl/blinking-teapot.vert -@@ -0,0 +1,16 @@ -+vec3 LightPosition = vec3(0.0, 10.0, 4.0); -+ -+varying float NdotL; -+varying vec3 ReflectVec; -+varying vec3 ViewVec; -+ -+void main(void) -+{ -+ vec3 ecPos = vec3 (gl_ModelViewMatrix * gl_Vertex); -+ vec3 tnorm = normalize(gl_NormalMatrix * gl_Normal); -+ vec3 lightVec = normalize(LightPosition - ecPos); -+ ReflectVec = normalize(reflect(-lightVec, tnorm)); -+ ViewVec = normalize(-ecPos); -+ NdotL = (dot(lightVec, tnorm) + 1.0) * 0.5; -+ gl_Position = ftransform(); -+} -diff --git a/src/glsl/convolution.frag b/src/glsl/convolution.frag -new file mode 100644 -index 0000000..e49b8ac ---- /dev/null -+++ b/src/glsl/convolution.frag -@@ -0,0 +1,21 @@ -+ -+const int KernelSize = 9; -+ -+//texture offsets -+uniform vec2 Offset[KernelSize]; -+//convolution kernel -+uniform vec4 KernelValue[KernelSize]; -+uniform sampler2D srcTex; -+uniform vec4 ScaleFactor; -+uniform vec4 BaseColor; -+ -+void main(void) -+{ -+ int i; -+ vec4 sum = vec4(0.0); -+ for (i = 0; i < KernelSize; ++i) { -+ vec4 tmp = texture2D(srcTex, gl_TexCoord[0].st + Offset[i]); -+ sum += tmp * KernelValue[i]; -+ } -+ gl_FragColor = sum * ScaleFactor + BaseColor; -+} -diff --git a/src/glsl/simplex-noise.glsl b/src/glsl/simplex-noise.glsl -new file mode 100644 -index 0000000..b6833cb ---- /dev/null -+++ b/src/glsl/simplex-noise.glsl -@@ -0,0 +1,279 @@ -+// -+// Description : Array and textureless GLSL 2D/3D/4D simplex -+// noise functions. -+// Author : Ian McEwan, Ashima Arts. -+// Maintainer : ijm -+// Lastmod : 20110223 -+// License : Copyright (C) 2011 Ashima Arts. All rights reserved. -+// Distributed under the Artistic License 2.0; See LICENCE file. -+// -+ -+#define NORMALIZE_GRADIENTS -+#undef USE_CIRCLE -+#define COLLAPSE_SORTNET -+ -+float permute(float x0,vec3 p) { -+ float x1 = mod(x0 * p.y, p.x); -+ return floor( mod( (x1 + p.z) *x0, p.x )); -+ } -+vec2 permute(vec2 x0,vec3 p) { -+ vec2 x1 = mod(x0 * p.y, p.x); -+ return floor( mod( (x1 + p.z) *x0, p.x )); -+ } -+vec3 permute(vec3 x0,vec3 p) { -+ vec3 x1 = mod(x0 * p.y, p.x); -+ return floor( mod( (x1 + p.z) *x0, p.x )); -+ } -+vec4 permute(vec4 x0,vec3 p) { -+ vec4 x1 = mod(x0 * p.y, p.x); -+ return floor( mod( (x1 + p.z) *x0, p.x )); -+ } -+ -+uniform vec4 pParam; -+// Example -+// const vec4 pParam = vec4( 17.* 17., 34., 1., 7.); -+ -+float taylorInvSqrt(float r) -+ { -+ return ( 0.83666002653408 + 0.7*0.85373472095314 - 0.85373472095314 * r ); -+ } -+ -+float simplexNoise2(vec2 v) -+ { -+ const vec2 C = vec2(0.211324865405187134, // (3.0-sqrt(3.0))/6.; -+ 0.366025403784438597); // 0.5*(sqrt(3.0)-1.); -+ const vec3 D = vec3( 0., 0.5, 2.0) * 3.14159265358979312; -+// First corner -+ vec2 i = floor(v + dot(v, C.yy) ); -+ vec2 x0 = v - i + dot(i, C.xx); -+ -+// Other corners -+ vec2 i1 = (x0.x > x0.y) ? vec2(1.,0.) : vec2(0.,1.) ; -+ -+ // x0 = x0 - 0. + 0. * C -+ vec2 x1 = x0 - i1 + 1. * C.xx ; -+ vec2 x2 = x0 - 1. + 2. * C.xx ; -+ -+// Permutations -+ i = mod(i, pParam.x); -+ vec3 p = permute( permute( -+ i.y + vec3(0., i1.y, 1. ), pParam.xyz) -+ + i.x + vec3(0., i1.x, 1. ), pParam.xyz); -+ -+#ifndef USE_CIRCLE -+// ( N points uniformly over a line, mapped onto a diamond.) -+ vec3 x = fract(p / pParam.w) ; -+ vec3 h = 0.5 - abs(x) ; -+ -+ vec3 sx = vec3(lessThan(x,D.xxx)) *2. -1.; -+ vec3 sh = vec3(lessThan(h,D.xxx)); -+ -+ vec3 a0 = x + sx*sh; -+ vec2 p0 = vec2(a0.x,h.x); -+ vec2 p1 = vec2(a0.y,h.y); -+ vec2 p2 = vec2(a0.z,h.z); -+ -+#ifdef NORMALISE_GRADIENTS -+ p0 *= taylorInvSqrt(dot(p0,p0)); -+ p1 *= taylorInvSqrt(dot(p1,p1)); -+ p2 *= taylorInvSqrt(dot(p2,p2)); -+#endif -+ -+ vec3 g = 2.0 * vec3( dot(p0, x0), dot(p1, x1), dot(p2, x2) ); -+#else -+// N points around a unit circle. -+ vec3 phi = D.z * mod(p,pParam.w) /pParam.w ; -+ vec4 a0 = sin(phi.xxyy+D.xyxy); -+ vec2 a1 = sin(phi.zz +D.xy); -+ vec3 g = vec3( dot(a0.xy, x0), dot(a0.zw, x1), dot(a1.xy, x2) ); -+#endif -+// mix -+ vec3 m = max(0.5 - vec3(dot(x0,x0), dot(x1,x1), dot(x2,x2)), 0.); -+ m = m*m ; -+ return 1.66666* 70.*dot(m*m, g); -+ } -+ -+float simplexNoise3(vec3 v) -+ { -+ const vec2 C = vec2(1./6. , 1./3. ) ; -+ const vec4 D = vec4(0., 0.5, 1.0, 2.0); -+ -+// First corner -+ vec3 i = floor(v + dot(v, C.yyy) ); -+ vec3 x0 = v - i + dot(i, C.xxx) ; -+ -+// Other corners -+#ifdef COLLAPSE_SORTNET -+ vec3 g = vec3( greaterThan( x0.xyz, x0.yzx) ); -+ vec3 l = vec3( lessThanEqual( x0.xyz, x0.yzx) ); -+ -+ vec3 i1 = g.xyz * l.zxy; -+ vec3 i2 = max( g.xyz, l.zxy); -+#else -+// Keeping this clean - let the compiler optimize. -+ vec3 q1; -+ q1.x = max(x0.x, x0.y); -+ q1.y = min(x0.x, x0.y); -+ q1.z = x0.z; -+ -+ vec3 q2; -+ q2.x = max(q1.x,q1.z); -+ q2.z = min(q1.x,q1.z); -+ q2.y = q1.y; -+ -+ vec3 q3; -+ q3.y = max(q2.y, q2.z); -+ q3.z = min(q2.y, q2.z); -+ q3.x = q2.x; -+ -+ vec3 i1 = vec3(equal(q3.xxx, x0)); -+ vec3 i2 = i1 + vec3(equal(q3.yyy, x0)); -+#endif -+ -+ // x0 = x0 - 0. + 0. * C -+ vec3 x1 = x0 - i1 + 1. * C.xxx; -+ vec3 x2 = x0 - i2 + 2. * C.xxx; -+ vec3 x3 = x0 - 1. + 3. * C.xxx; -+ -+// Permutations -+ i = mod(i, pParam.x ); -+ vec4 p = permute( permute( permute( -+ i.z + vec4(0., i1.z, i2.z, 1. ), pParam.xyz) -+ + i.y + vec4(0., i1.y, i2.y, 1. ), pParam.xyz) -+ + i.x + vec4(0., i1.x, i2.x, 1. ), pParam.xyz); -+ -+// Gradients -+// ( N*N points uniformly over a square, mapped onto a octohedron.) -+ float n_ = 1.0/pParam.w ; -+ vec3 ns = n_ * D.wyz - D.xzx ; -+ -+ vec4 j = p - pParam.w*pParam.w*floor(p * ns.z *ns.z); // mod(p,N*N) -+ -+ vec4 x_ = floor(j * ns.z) ; -+ vec4 y_ = floor(j - pParam.w * x_ ) ; // mod(j,N) -+ -+ vec4 x = x_ *ns.x + ns.yyyy; -+ vec4 y = y_ *ns.x + ns.yyyy; -+ vec4 h = 1. - abs(x) - abs(y); -+ -+ vec4 b0 = vec4( x.xy, y.xy ); -+ vec4 b1 = vec4( x.zw, y.zw ); -+ -+ vec4 s0 = vec4(lessThan(b0,D.xxxx)) *2. -1.; -+ vec4 s1 = vec4(lessThan(b1,D.xxxx)) *2. -1.; -+ vec4 sh = vec4(lessThan(h, D.xxxx)); -+ -+ vec4 a0 = b0.xzyw + s0.xzyw*sh.xxyy ; -+ vec4 a1 = b1.xzyw + s1.xzyw*sh.zzww ; -+ -+ vec3 p0 = vec3(a0.xy,h.x); -+ vec3 p1 = vec3(a0.zw,h.y); -+ vec3 p2 = vec3(a1.xy,h.z); -+ vec3 p3 = vec3(a1.zw,h.w); -+ -+#ifdef NORMALISE_GRADIENTS -+ p0 *= taylorInvSqrt(dot(p0,p0)); -+ p1 *= taylorInvSqrt(dot(p1,p1)); -+ p2 *= taylorInvSqrt(dot(p2,p2)); -+ p3 *= taylorInvSqrt(dot(p3,p3)); -+#endif -+ -+// Mix -+ vec4 m = max(0.6 - vec4(dot(x0,x0), dot(x1,x1), dot(x2,x2), dot(x3,x3)), 0.); -+ m = m * m; -+//used to be 64. -+ return 48.0 * dot( m*m, vec4( dot(p0,x0), dot(p1,x1), -+ dot(p2,x2), dot(p3,x3) ) ); -+ } -+ -+vec4 grad4(float j, vec4 ip) -+ { -+ const vec4 ones = vec4(1.,1.,1.,-1.); -+ vec4 p,s; -+ -+ p.xyz = floor( fract (vec3(j) * ip.xyz) *pParam.w) * ip.z -1.0; -+ p.w = 1.5 - dot(abs(p.xyz), ones.xyz); -+ s = vec4(lessThan(p,vec4(0.))); -+ p.xyz = p.xyz + (s.xyz*2.-1.) * s.www; -+ -+ return p; -+ } -+ -+float simplexNoise4(vec4 v) -+ { -+ const vec2 C = vec2( 0.138196601125010504, // (5 - sqrt(5))/20 G4 -+ 0.309016994374947451); // (sqrt(5) - 1)/4 F4 -+// First corner -+ vec4 i = floor(v + dot(v, C.yyyy) ); -+ vec4 x0 = v - i + dot(i, C.xxxx); -+ -+// Other corners -+ -+// Force existance of strict total ordering in sort. -+ vec4 q0 = floor(x0 * 1024.0) + vec4( 0., 1./4., 2./4. , 3./4.); -+ vec4 q1; -+ q1.xy = max(q0.xy,q0.zw); // x:z y:w -+ q1.zw = min(q0.xy,q0.zw); -+ -+ vec4 q2; -+ q2.xz = max(q1.xz,q1.yw); // x:y z:w -+ q2.yw = min(q1.xz,q1.yw); -+ -+ vec4 q3; -+ q3.y = max(q2.y,q2.z); // y:z -+ q3.z = min(q2.y,q2.z); -+ q3.xw = q2.xw; -+ -+ vec4 i1 = vec4(lessThanEqual(q3.xxxx, q0)); -+ vec4 i2 = vec4(lessThanEqual(q3.yyyy, q0)); -+ vec4 i3 = vec4(lessThanEqual(q3.zzzz, q0)); -+ -+ // x0 = x0 - 0. + 0. * C -+ vec4 x1 = x0 - i1 + 1. * C.xxxx; -+ vec4 x2 = x0 - i2 + 2. * C.xxxx; -+ vec4 x3 = x0 - i3 + 3. * C.xxxx; -+ vec4 x4 = x0 - 1. + 4. * C.xxxx; -+ -+// Permutations -+ i = mod(i, pParam.x ); -+ float j0 = permute( permute( permute( permute ( -+ i.w, pParam.xyz) + i.z, pParam.xyz) -+ + i.y, pParam.xyz) + i.x, pParam.xyz); -+ vec4 j1 = permute( permute( permute( permute ( -+ i.w + vec4(i1.w, i2.w, i3.w, 1. ), pParam.xyz) -+ + i.z + vec4(i1.z, i2.z, i3.z, 1. ), pParam.xyz) -+ + i.y + vec4(i1.y, i2.y, i3.y, 1. ), pParam.xyz) -+ + i.x + vec4(i1.x, i2.x, i3.x, 1. ), pParam.xyz); -+// Gradients -+// ( N*N*N points uniformly over a cube, mapped onto a 4-octohedron.) -+ vec4 ip = pParam ; -+ ip.xy *= pParam.w ; -+ ip.x *= pParam.w ; -+ ip = vec4(1.,1.,1.,2.) / ip ; -+ -+ vec4 p0 = grad4(j0, ip); -+ vec4 p1 = grad4(j1.x, ip); -+ vec4 p2 = grad4(j1.y, ip); -+ vec4 p3 = grad4(j1.z, ip); -+ vec4 p4 = grad4(j1.w, ip); -+ -+#ifdef NORMALISE_GRADIENTS -+ p0 *= taylorInvSqrt(dot(p0,p0)); -+ p1 *= taylorInvSqrt(dot(p1,p1)); -+ p2 *= taylorInvSqrt(dot(p2,p2)); -+ p3 *= taylorInvSqrt(dot(p3,p3)); -+ p4 *= taylorInvSqrt(dot(p4,p4)); -+#endif -+ -+// Mix -+ vec3 m0 = max(0.6 - vec3(dot(x0,x0), dot(x1,x1), dot(x2,x2)), 0.); -+ vec2 m1 = max(0.6 - vec2(dot(x3,x3), dot(x4,x4) ), 0.); -+ m0 = m0 * m0; -+ m1 = m1 * m1; -+ return 32. * ( dot(m0*m0, vec3( dot( p0, x0 ), dot( p1, x1 ), dot( p2, x2 ))) -+ + dot(m1*m1, vec2( dot( p3, x3 ), dot( p4, x4 ) ) ) ) ; -+ -+ } -+ -+ -+ -diff --git a/src/glsl/skinning.vert b/src/glsl/skinning.vert -new file mode 100644 -index 0000000..28970ee ---- /dev/null -+++ b/src/glsl/skinning.vert -@@ -0,0 +1,24 @@ -+// Vertex weighting/blendin shader -+// Brian Paul -+// 4 Nov 2008 -+ -+uniform mat4 mat0, mat1; -+attribute float weight; -+ -+void main() -+{ -+ // simple diffuse shading -+ // Note that we should really transform the normal vector along with -+ // the postion below... someday. -+ vec3 lightVec = vec3(0, 0, 1); -+ vec3 norm = gl_NormalMatrix * gl_Normal; -+ float dot = 0.2 + max(0.0, dot(norm, lightVec)); -+ gl_FrontColor = vec4(dot); -+ -+ // compute sum of weighted transformations -+ vec4 pos0 = mat0 * gl_Vertex; -+ vec4 pos1 = mat1 * gl_Vertex; -+ vec4 pos = mix(pos0, pos1, weight); -+ -+ gl_Position = gl_ModelViewProjectionMatrix * pos; -+} -diff --git a/src/perf/glslstateschange1.frag b/src/perf/glslstateschange1.frag -new file mode 100644 -index 0000000..0839436 ---- /dev/null -+++ b/src/perf/glslstateschange1.frag -@@ -0,0 +1,19 @@ -+// Multi-texture fragment shader -+// Brian Paul -+ -+// Composite second texture over first. -+// We're assuming the 2nd texture has a meaningful alpha channel. -+ -+uniform sampler2D tex1; -+uniform sampler2D tex2; -+uniform vec4 UniV1; -+uniform vec4 UniV2; -+ -+void main() -+{ -+ vec4 t3; -+ vec4 t1 = texture2D(tex1, gl_TexCoord[0].xy); -+ vec4 t2 = texture2D(tex2, gl_TexCoord[1].xy); -+ t3 = mix(t1, t2, t2.w); -+ gl_FragColor = t3 + UniV1 + UniV2; -+} -diff --git a/src/perf/glslstateschange1.vert b/src/perf/glslstateschange1.vert -new file mode 100644 -index 0000000..cef50db ---- /dev/null -+++ b/src/perf/glslstateschange1.vert -@@ -0,0 +1,14 @@ -+// Multi-texture vertex shader -+// Brian Paul -+ -+ -+attribute vec4 TexCoord0, TexCoord1; -+attribute vec4 VertCoord; -+ -+void main() -+{ -+ gl_TexCoord[0] = TexCoord0; -+ gl_TexCoord[1] = TexCoord1; -+ // note: may use gl_Vertex or VertCoord here for testing: -+ gl_Position = gl_ModelViewProjectionMatrix * gl_Vertex; -+} -diff --git a/src/perf/glslstateschange2.frag b/src/perf/glslstateschange2.frag -new file mode 100644 -index 0000000..0df0319 ---- /dev/null -+++ b/src/perf/glslstateschange2.frag -@@ -0,0 +1,17 @@ -+// Multi-texture fragment shader -+// Brian Paul -+ -+// Composite second texture over first. -+// We're assuming the 2nd texture has a meaningful alpha channel. -+ -+uniform sampler2D tex1; -+uniform sampler2D tex2; -+uniform vec4 UniV1; -+uniform vec4 UniV2; -+ -+void main() -+{ -+ vec4 t1 = texture2D(tex1, gl_TexCoord[0].xy); -+ vec4 t2 = texture2D(tex2, gl_TexCoord[1].xy); -+ gl_FragColor = t1 + t2 + UniV1 + UniV2; -+} -diff --git a/src/perf/glslstateschange2.vert b/src/perf/glslstateschange2.vert -new file mode 100644 -index 0000000..cef50db ---- /dev/null -+++ b/src/perf/glslstateschange2.vert -@@ -0,0 +1,14 @@ -+// Multi-texture vertex shader -+// Brian Paul -+ -+ -+attribute vec4 TexCoord0, TexCoord1; -+attribute vec4 VertCoord; -+ -+void main() -+{ -+ gl_TexCoord[0] = TexCoord0; -+ gl_TexCoord[1] = TexCoord1; -+ // note: may use gl_Vertex or VertCoord here for testing: -+ gl_Position = gl_ModelViewProjectionMatrix * gl_Vertex; -+} -diff --git a/src/vpglsl/infinite-loop.glsl b/src/vpglsl/infinite-loop.glsl -new file mode 100644 -index 0000000..bc7ae4b ---- /dev/null -+++ b/src/vpglsl/infinite-loop.glsl -@@ -0,0 +1,8 @@ -+void main() { -+ gl_Position = gl_Vertex; -+ vec4 sum = vec4(0); -+ for (int i = 1; i != 2; i += 2) { -+ sum += vec4(0.1, 0.1, 0.1, 0.1); -+ } -+ gl_FrontColor = sum; -+} --- -2.0.0 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0003-configure-Allow-to-disable-demos-which-require-GLEW-.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0003-configure-Allow-to-disable-demos-which-require-GLEW-.patch deleted file mode 100644 index f6b59a11f..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0003-configure-Allow-to-disable-demos-which-require-GLEW-.patch +++ /dev/null @@ -1,377 +0,0 @@ -From 779438770bedf3d53e6ad8f7cd6889b7f50daf3b Mon Sep 17 00:00:00 2001 -From: Martin Jansa -Date: Wed, 9 Jul 2014 14:23:41 +0200 -Subject: [PATCH] configure: Allow to disable demos which require GLEW or GLU - -* in some systems without X11 support we don't have GLEW, but - mesa-demos are still useful - -Upstream-Status: Pending - -Signed-off-by: Martin Jansa - -Port to 8.3.0 -Signed-off-by: Jussi Kukkonen ---- - configure.ac | 49 ++++++++++++++++++++--------- - src/Makefile.am | 18 ++++++++--- - src/demos/Makefile.am | 73 ++++++++++++++++++++++++------------------- - src/egl/Makefile.am | 8 +++-- - src/egl/opengles1/Makefile.am | 10 ++++-- - src/egl/opengles2/Makefile.am | 29 ++++++++--------- - 6 files changed, 117 insertions(+), 70 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 0525b09..28834cd 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -93,25 +93,44 @@ AC_EGREP_HEADER([glutInitContextProfile], - [AC_DEFINE(HAVE_FREEGLUT)], - []) - --dnl Check for GLEW --PKG_CHECK_MODULES(GLEW, [glew >= 1.5.4]) --DEMO_CFLAGS="$DEMO_CFLAGS $GLEW_CFLAGS" --DEMO_LIBS="$DEMO_LIBS $GLEW_LIBS" -+AC_ARG_ENABLE([glew], -+ [AS_HELP_STRING([--enable-glew], -+ [build demos which require glew @<:@default=yes@:>@])], -+ [enable_glew="$enableval"], -+ [enable_glew=yes] -+) -+ -+if test "x$enable_glew" = xyes; then -+ dnl Check for GLEW -+ PKG_CHECK_MODULES(GLEW, [glew >= 1.5.4], [glew_enabled=yes], [glew_enabled=no]) -+ DEMO_CFLAGS="$DEMO_CFLAGS $GLEW_CFLAGS" -+ DEMO_LIBS="$DEMO_LIBS $GLEW_LIBS" -+fi - - # LIBS was set by AC_CHECK_LIB above - LIBS="" - --PKG_CHECK_MODULES(GLU, [glu], [], -- [AC_CHECK_HEADER([GL/glu.h], -- [], -- AC_MSG_ERROR([GLU not found])) -- AC_CHECK_LIB([GLU], -- [gluBeginCurve], -- [GLU_LIBS=-lGLU], -- AC_MSG_ERROR([GLU required])) ]) -+AC_ARG_ENABLE([glu], -+ [AS_HELP_STRING([--enable-glu], -+ [build demos which require glu @<:@default=yes@:>@])], -+ [enable_glu="$enableval"], -+ [enable_glu=yes] -+) - --DEMO_CFLAGS="$DEMO_CFLAGS $GLU_CFLAGS" --DEMO_LIBS="$DEMO_LIBS $GLU_LIBS" -+if test "x$enable_glu" = xyes; then -+ PKG_CHECK_MODULES(GLU, [glu], [glu_enabled=yes], -+ [AC_CHECK_HEADER([GL/glu.h], -+ [], -+ AC_MSG_ERROR([GLU not found])) -+ AC_CHECK_LIB([GLU], -+ [gluBeginCurve], -+ [GLU_LIBS=-lGLU -+ glu_enabled=yes], -+ AC_MSG_ERROR([GLU required])) ]) -+ -+ DEMO_CFLAGS="$DEMO_CFLAGS $GLU_CFLAGS" -+ DEMO_LIBS="$DEMO_LIBS $GLU_LIBS" -+fi - - AC_ARG_ENABLE([egl], - [AS_HELP_STRING([--enable-egl], -@@ -304,6 +323,8 @@ AC_SUBST([WAYLAND_CFLAGS]) - AC_SUBST([WAYLAND_LIBS]) - - -+AM_CONDITIONAL(HAVE_GLU, test "x$glu_enabled" = "xyes") -+AM_CONDITIONAL(HAVE_GLEW, test "x$glew_enabled" = "xyes") - AM_CONDITIONAL(HAVE_EGL, test "x$egl_enabled" = "xyes") - AM_CONDITIONAL(HAVE_GLESV1, test "x$glesv1_enabled" = "xyes") - AM_CONDITIONAL(HAVE_GLESV2, test "x$glesv2_enabled" = "xyes") -diff --git a/src/Makefile.am b/src/Makefile.am -index 1647d64..8b89dee 100644 ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -22,15 +22,19 @@ - # Authors: - # Eric Anholt - -+if HAVE_GLEW -+UTIL = util -+endif -+ - SUBDIRS = \ -- util \ -+ $(UTIL) \ - data \ - demos \ - egl \ - fp \ - fpglsl \ - glsl \ -- gs \ -+ gs \ - objviewer \ - osdemos \ - perf \ -@@ -40,8 +44,12 @@ SUBDIRS = \ - slang \ - tests \ - tools \ -- trivial \ -- vp \ -- vpglsl \ - wgl \ - xdemos -+ -+if HAVE_GLEW -+SUBDIRS += \ -+ vp \ -+ vpglsl \ -+ trivial -+endif -diff --git a/src/demos/Makefile.am b/src/demos/Makefile.am -index 41603fa..ab1e3ab 100644 ---- a/src/demos/Makefile.am -+++ b/src/demos/Makefile.am -@@ -30,91 +30,100 @@ AM_LDFLAGS = \ - $(DEMO_LIBS) \ - $(GLUT_LIBS) - -+bin_PROGRAMS = -+ - if HAVE_GLUT --bin_PROGRAMS = \ -+if HAVE_GLEW -+bin_PROGRAMS += \ - arbfplight \ - arbfslight \ - arbocclude \ - arbocclude2 \ -- bounce \ -- clearspd \ - copypix \ - cubemap \ - cuberender \ - dinoshade \ -- dissolve \ -- drawpix \ - engine \ - fbo_firecube \ - fbotexture \ -- fire \ - fogcoord \ - fplight \ - fslight \ -+ gloss \ -+ isosurf \ -+ multiarb \ -+ paltex \ -+ pointblast \ -+ projtex \ -+ shadowtex \ -+ spriteblast \ -+ stex3d \ -+ textures \ -+ vao_demo \ -+ winpos -+ -+copypix_LDADD = ../util/libutil.la -+cubemap_LDADD = ../util/libutil.la -+cuberender_LDADD = ../util/libutil.la -+engine_LDADD = ../util/libutil.la -+fbo_firecube_LDADD = ../util/libutil.la -+gloss_LDADD = ../util/libutil.la -+isosurf_LDADD = ../util/libutil.la -+multiarb_LDADD = ../util/libutil.la -+projtex_LDADD = ../util/libutil.la -+textures_LDADD = ../util/libutil.la -+winpos_LDADD = ../util/libutil.la -+endif -+ -+if HAVE_GLU -+bin_PROGRAMS += \ -+ bounce \ -+ clearspd \ -+ dissolve \ -+ drawpix \ -+ fire \ - gamma \ - gearbox \ - gears \ - geartrain \ - glinfo \ -- gloss \ - gltestperf \ - ipers \ -- isosurf \ - lodbias \ - morph3d \ -- multiarb \ -- paltex \ - pixeltest \ -- pointblast \ -- projtex \ - ray \ - readpix \ - reflect \ - renormal \ -- shadowtex \ - singlebuffer \ - spectex \ -- spriteblast \ -- stex3d \ - teapot \ - terrain \ - tessdemo \ - texcyl \ - texenv \ -- textures \ - trispd \ - tunnel2 \ -- tunnel \ -- vao_demo \ -- winpos --endif -+ tunnel - - tunnel_SOURCES = \ - tunnel.c \ - tunneldat.h - --copypix_LDADD = ../util/libutil.la --cubemap_LDADD = ../util/libutil.la --cuberender_LDADD = ../util/libutil.la --drawpix_LDADD = ../util/libutil.la - dissolve_LDADD = ../util/libutil.la --engine_LDADD = ../util/libutil.la --fbo_firecube_LDADD = ../util/libutil.la -+drawpix_LDADD = ../util/libutil.la - fire_LDADD = ../util/libutil.la --gloss_LDADD = ../util/libutil.la - ipers_LDADD = ../util/libutil.la --isosurf_LDADD = ../util/libutil.la - lodbias_LDADD = ../util/libutil.la --multiarb_LDADD = ../util/libutil.la --projtex_LDADD = ../util/libutil.la - readpix_LDADD = ../util/libutil.la - reflect_LDADD = ../util/libutil.la - teapot_LDADD = ../util/libutil.la - texcyl_LDADD = ../util/libutil.la --textures_LDADD = ../util/libutil.la - tunnel_LDADD = ../util/libutil.la - tunnel2_LDADD = ../util/libutil.la --winpos_LDADD = ../util/libutil.la -+endif -+endif - - EXTRA_DIST = \ - README -diff --git a/src/egl/Makefile.am b/src/egl/Makefile.am -index d64a49e..4fe1ca8 100644 ---- a/src/egl/Makefile.am -+++ b/src/egl/Makefile.am -@@ -24,8 +24,12 @@ - - SUBDIRS = \ - eglut \ -- opengl \ -- openvg \ - opengles1 \ - opengles2 \ - oes_vg -+ -+if HAVE_GLU -+SUBDIRS += \ -+ opengl \ -+ openvg -+endif -diff --git a/src/egl/opengles1/Makefile.am b/src/egl/opengles1/Makefile.am -index fa397c2..21853e8 100644 ---- a/src/egl/opengles1/Makefile.am -+++ b/src/egl/opengles1/Makefile.am -@@ -36,9 +36,12 @@ AM_LDFLAGS = \ - $(EGL_LIBS) \ - -lm - -+noinst_PROGRAMS = -+ - if HAVE_EGL - if HAVE_GLESV1 --noinst_PROGRAMS = \ -+if HAVE_X11 -+bin_PROGRAMS = \ - bindtex \ - clear \ - drawtex_x11 \ -@@ -52,8 +55,6 @@ noinst_PROGRAMS = \ - torus_x11 \ - tri_x11 \ - two_win --endif --endif - - bindtex_LDADD = $(X11_LIBS) - es1_info_LDADD = $(X11_LIBS) -@@ -76,3 +77,6 @@ drawtex_x11_LDADD = ../eglut/libeglut_x11.la - gears_x11_LDADD = ../eglut/libeglut_x11.la - torus_x11_LDADD = ../eglut/libeglut_x11.la - tri_x11_LDADD = ../eglut/libeglut_x11.la -+endif -+endif -+endif -diff --git a/src/egl/opengles2/Makefile.am b/src/egl/opengles2/Makefile.am -index b80ba50..17f8d49 100644 ---- a/src/egl/opengles2/Makefile.am -+++ b/src/egl/opengles2/Makefile.am -@@ -33,27 +33,28 @@ AM_LDFLAGS = \ - $(EGL_LIBS) \ - -lm - -+bin_PROGRAMS = -+ - if HAVE_EGL - if HAVE_GLESV2 --bin_PROGRAMS = --if HAVE_X11 --bin_PROGRAMS += \ -- es2_info \ -- es2gears_x11 \ -- es2tri --endif - if HAVE_WAYLAND - bin_PROGRAMS += es2gears_wayland --endif --endif -+ -+es2gears_wayland_SOURCES = es2gears.c -+es2gears_wayland_LDADD = ../eglut/libeglut_wayland.la - endif - --es2_info_LDADD = $(X11_LIBS) --es2tri_LDADD = $(X11_LIBS) -+if HAVE_X11 -+bin_PROGRAMS += \ -+ es2tri \ -+ es2_info \ -+ es2gears_x11 - -+es2_info_LDADD = $(X11_LIBS) - es2gears_x11_SOURCES = es2gears.c -- - es2gears_x11_LDADD = ../eglut/libeglut_x11.la -+es2tri_LDADD = $(X11_LIBS) -+endif -+endif -+endif - --es2gears_wayland_SOURCES = es2gears.c --es2gears_wayland_LDADD = ../eglut/libeglut_wayland.la --- -2.1.4 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0004-Use-DEMOS_DATA_DIR-to-locate-data-files.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0004-Use-DEMOS_DATA_DIR-to-locate-data-files.patch deleted file mode 100644 index f77b97f3e..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0004-Use-DEMOS_DATA_DIR-to-locate-data-files.patch +++ /dev/null @@ -1,234 +0,0 @@ -From 5e10108d76a59abac21c7e540bcfd2ddaccca2cb Mon Sep 17 00:00:00 2001 -From: Drew Moseley -Date: Fri, 9 May 2014 11:50:24 -0400 -Subject: [PATCH 4/9] Use DEMOS_DATA_DIR to locate data files - -Upstream-Status: Submitted [https://bugs.freedesktop.org/show_bug.cgi?id=78496] -Signed-off-by: Drew Moseley ---- - src/glsl/bezier.c | 2 +- - src/glsl/blinking-teapot.c | 4 ++-- - src/glsl/brick.c | 4 ++-- - src/glsl/bump.c | 6 +++--- - src/glsl/convolutions.c | 2 +- - src/glsl/mandelbrot.c | 4 ++-- - src/glsl/multitex.c | 4 ++-- - src/glsl/simplex-noise.c | 2 +- - src/glsl/skinning.c | 4 ++-- - src/glsl/texdemo1.c | 8 ++++---- - src/glsl/toyball.c | 4 ++-- - src/objviewer/objview.c | 12 ++++++------ - src/perf/glslstateschange.c | 8 ++++---- - 13 files changed, 32 insertions(+), 32 deletions(-) - -diff --git a/src/glsl/bezier.c b/src/glsl/bezier.c -index 0b56bc1..e01603d 100644 ---- a/src/glsl/bezier.c -+++ b/src/glsl/bezier.c -@@ -13,7 +13,7 @@ - #include "glut_wrap.h" - #include "shaderutil.h" - --static const char *filename = "bezier.geom"; -+static const char *filename = DEMOS_DATA_DIR "bezier.geom"; - - static GLuint fragShader; - static GLuint vertShader; -diff --git a/src/glsl/blinking-teapot.c b/src/glsl/blinking-teapot.c -index e3bf24d..7662b1f 100644 ---- a/src/glsl/blinking-teapot.c -+++ b/src/glsl/blinking-teapot.c -@@ -63,8 +63,8 @@ init_opengl (void) - exit(1); - } - -- vshad_id = CompileShaderFile (GL_VERTEX_SHADER, "blinking-teapot.vert"); -- fshad_id = CompileShaderFile (GL_FRAGMENT_SHADER, "blinking-teapot.frag"); -+ vshad_id = CompileShaderFile (GL_VERTEX_SHADER, DEMOS_DATA_DIR "blinking-teapot.vert"); -+ fshad_id = CompileShaderFile (GL_FRAGMENT_SHADER, DEMOS_DATA_DIR "blinking-teapot.frag"); - prog_id = LinkShaders (vshad_id, fshad_id); - - UseProgram (prog_id); -diff --git a/src/glsl/brick.c b/src/glsl/brick.c -index 3021856..fe5f190 100644 ---- a/src/glsl/brick.c -+++ b/src/glsl/brick.c -@@ -14,8 +14,8 @@ - #include "shaderutil.h" - - --static char *FragProgFile = "CH06-brick.frag"; --static char *VertProgFile = "CH06-brick.vert"; -+static char *FragProgFile = DEMOS_DATA_DIR "CH06-brick.frag"; -+static char *VertProgFile = DEMOS_DATA_DIR "CH06-brick.vert"; - - /* program/shader objects */ - static GLuint fragShader; -diff --git a/src/glsl/bump.c b/src/glsl/bump.c -index 59f62cd..3a1b20a 100644 ---- a/src/glsl/bump.c -+++ b/src/glsl/bump.c -@@ -15,9 +15,9 @@ - #include "readtex.h" - - --static char *FragProgFile = "CH11-bumpmap.frag"; --static char *FragTexProgFile = "CH11-bumpmaptex.frag"; --static char *VertProgFile = "CH11-bumpmap.vert"; -+static char *FragProgFile = DEMOS_DATA_DIR "CH11-bumpmap.frag"; -+static char *FragTexProgFile = DEMOS_DATA_DIR "CH11-bumpmaptex.frag"; -+static char *VertProgFile = DEMOS_DATA_DIR "CH11-bumpmap.vert"; - static char *TextureFile = DEMOS_DATA_DIR "tile.rgb"; - - /* program/shader objects */ -diff --git a/src/glsl/convolutions.c b/src/glsl/convolutions.c -index a120cfe..9312f00 100644 ---- a/src/glsl/convolutions.c -+++ b/src/glsl/convolutions.c -@@ -340,7 +340,7 @@ static void init(void) - - menuInit(); - readTexture(textureLocation); -- createProgram("convolution.vert", "convolution.frag"); -+ createProgram(DEMOS_DATA_DIR "convolution.vert", DEMOS_DATA_DIR "convolution.frag"); - - glEnable(GL_TEXTURE_2D); - glClearColor(1.0, 1.0, 1.0, 1.0); -diff --git a/src/glsl/mandelbrot.c b/src/glsl/mandelbrot.c -index 31ede1d..ab34a0f 100644 ---- a/src/glsl/mandelbrot.c -+++ b/src/glsl/mandelbrot.c -@@ -14,8 +14,8 @@ - #include "shaderutil.h" - - --static char *FragProgFile = "CH18-mandel.frag"; --static char *VertProgFile = "CH18-mandel.vert"; -+static char *FragProgFile = DEMOS_DATA_DIR "CH18-mandel.frag"; -+static char *VertProgFile = DEMOS_DATA_DIR "CH18-mandel.vert"; - - /* program/shader objects */ - static GLuint fragShader; -diff --git a/src/glsl/multitex.c b/src/glsl/multitex.c -index 262ea50..546bd27 100644 ---- a/src/glsl/multitex.c -+++ b/src/glsl/multitex.c -@@ -35,8 +35,8 @@ - - static const char *Demo = "multitex"; - --static const char *VertFile = "multitex.vert"; --static const char *FragFile = "multitex.frag"; -+static const char *VertFile = DEMOS_DATA_DIR "multitex.vert"; -+static const char *FragFile = DEMOS_DATA_DIR "multitex.frag"; - - static const char *TexFiles[2] = - { -diff --git a/src/glsl/simplex-noise.c b/src/glsl/simplex-noise.c -index 13fdd5d..885f01e 100644 ---- a/src/glsl/simplex-noise.c -+++ b/src/glsl/simplex-noise.c -@@ -169,7 +169,7 @@ SpecialKey(int key, int x, int y) - static void - Init(void) - { -- const char *filename = "simplex-noise.glsl"; -+ const char *filename = DEMOS_DATA_DIR "simplex-noise.glsl"; - char noiseText[10000]; - FILE *f; - int len; -diff --git a/src/glsl/skinning.c b/src/glsl/skinning.c -index bf38d77..536d475 100644 ---- a/src/glsl/skinning.c -+++ b/src/glsl/skinning.c -@@ -20,8 +20,8 @@ - #define M_PI 3.1415926535 - #endif - --static char *FragProgFile = "skinning.frag"; --static char *VertProgFile = "skinning.vert"; -+static char *FragProgFile = DEMOS_DATA_DIR "skinning.frag"; -+static char *VertProgFile = DEMOS_DATA_DIR "skinning.vert"; - - /* program/shader objects */ - static GLuint fragShader; -diff --git a/src/glsl/texdemo1.c b/src/glsl/texdemo1.c -index 6cde239..a082342 100644 ---- a/src/glsl/texdemo1.c -+++ b/src/glsl/texdemo1.c -@@ -35,11 +35,11 @@ - - static const char *Demo = "texdemo1"; - --static const char *ReflectVertFile = "reflect.vert"; --static const char *CubeFragFile = "cubemap.frag"; -+static const char *ReflectVertFile = DEMOS_DATA_DIR "reflect.vert"; -+static const char *CubeFragFile = DEMOS_DATA_DIR "cubemap.frag"; - --static const char *SimpleVertFile = "simple.vert"; --static const char *SimpleTexFragFile = "shadowtex.frag"; -+static const char *SimpleVertFile = DEMOS_DATA_DIR "simple.vert"; -+static const char *SimpleTexFragFile = DEMOS_DATA_DIR "shadowtex.frag"; - - static const char *GroundImage = DEMOS_DATA_DIR "tile.rgb"; - -diff --git a/src/glsl/toyball.c b/src/glsl/toyball.c -index 5f27951..4e7e832 100644 ---- a/src/glsl/toyball.c -+++ b/src/glsl/toyball.c -@@ -14,8 +14,8 @@ - #include "shaderutil.h" - - --static char *FragProgFile = "CH11-toyball.frag"; --static char *VertProgFile = "CH11-toyball.vert"; -+static char *FragProgFile = DEMOS_DATA_DIR "CH11-toyball.frag"; -+static char *VertProgFile = DEMOS_DATA_DIR "CH11-toyball.vert"; - - /* program/shader objects */ - static GLuint fragShader; -diff --git a/src/objviewer/objview.c b/src/objviewer/objview.c -index 6def726..78a6acf 100644 ---- a/src/objviewer/objview.c -+++ b/src/objviewer/objview.c -@@ -162,12 +162,12 @@ init_model(void) - static void - init_skybox(void) - { -- SkyboxTex = LoadSkyBoxCubeTexture("alpine_east.rgb", -- "alpine_west.rgb", -- "alpine_up.rgb", -- "alpine_down.rgb", -- "alpine_south.rgb", -- "alpine_north.rgb"); -+ SkyboxTex = LoadSkyBoxCubeTexture(DEMOS_DATA_DIR "alpine_east.rgb", -+ DEMOS_DATA_DIR "alpine_west.rgb", -+ DEMOS_DATA_DIR "alpine_up.rgb", -+ DEMOS_DATA_DIR "alpine_down.rgb", -+ DEMOS_DATA_DIR "alpine_south.rgb", -+ DEMOS_DATA_DIR "alpine_north.rgb"); - glmSpecularTexture(Model, SkyboxTex); - } - -diff --git a/src/perf/glslstateschange.c b/src/perf/glslstateschange.c -index 7422b78..dbf8332 100644 ---- a/src/perf/glslstateschange.c -+++ b/src/perf/glslstateschange.c -@@ -33,10 +33,10 @@ - #include "glmain.h" - #include "common.h" - --static const char *VertFile1 = "glslstateschange1.vert"; --static const char *FragFile1 = "glslstateschange1.frag"; --static const char *VertFile2 = "glslstateschange2.vert"; --static const char *FragFile2 = "glslstateschange2.frag"; -+static const char *VertFile1 = DEMOS_DATA_DIR "glslstateschange1.vert"; -+static const char *FragFile1 = DEMOS_DATA_DIR "glslstateschange1.frag"; -+static const char *VertFile2 = DEMOS_DATA_DIR "glslstateschange2.vert"; -+static const char *FragFile2 = DEMOS_DATA_DIR "glslstateschange2.frag"; - static struct uniform_info Uniforms1[] = { - { "tex1", 1, GL_SAMPLER_2D, { 0, 0, 0, 0 }, -1 }, - { "tex2", 1, GL_SAMPLER_2D, { 1, 0, 0, 0 }, -1 }, --- -2.0.0 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0007-Install-few-more-test-programs.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0007-Install-few-more-test-programs.patch deleted file mode 100644 index b27d9eafa..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0007-Install-few-more-test-programs.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 2e0367a941445a862ab99c54ec85d1357d0f73c0 Mon Sep 17 00:00:00 2001 -From: Martin Jansa -Date: Thu, 10 Jul 2014 14:30:52 +0200 -Subject: [PATCH] Install few more test programs - -Upstream-Status: Pending - -Signed-off-by: Martin Jansa - -Signed-off-by: Jussi Kukkonen - ---- - src/egl/opengl/Makefile.am | 3 +-- - src/egl/openvg/Makefile.am | 2 +- - 2 files changed, 2 insertions(+), 3 deletions(-) - -diff --git a/src/egl/opengl/Makefile.am b/src/egl/opengl/Makefile.am -index 6d184ff6..ab09d028 100644 ---- a/src/egl/opengl/Makefile.am -+++ b/src/egl/opengl/Makefile.am -@@ -57,8 +57,7 @@ endif - - if HAVE_EGL - bin_PROGRAMS = \ -- eglinfo --noinst_PROGRAMS = \ -+ eglinfo \ - peglgears \ - $(EGL_DRM_DEMOS) \ - $(EGL_X11_DEMOS) \ -diff --git a/src/egl/openvg/Makefile.am b/src/egl/openvg/Makefile.am -index b0f1212f..5fd1cf83 100644 ---- a/src/egl/openvg/Makefile.am -+++ b/src/egl/openvg/Makefile.am -@@ -49,7 +49,7 @@ endif - - if HAVE_EGL - if HAVE_VG --noinst_PROGRAMS = \ -+bin_PROGRAMS = \ - $(EGL_X11_DEMOS) - endif - endif diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0008-glsl-perf-Add-few-missing-.glsl-.vert-.frag-files-to.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0008-glsl-perf-Add-few-missing-.glsl-.vert-.frag-files-to.patch deleted file mode 100644 index a6d168175..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0008-glsl-perf-Add-few-missing-.glsl-.vert-.frag-files-to.patch +++ /dev/null @@ -1,99 +0,0 @@ -From 894add34c2b5e6b4ccc78996bf681d7ec7bc9e36 Mon Sep 17 00:00:00 2001 -From: Martin Jansa -Date: Thu, 10 Jul 2014 14:29:27 +0200 -Subject: [PATCH] glsl, perf: Add few missing .glsl, .vert, .frag files to - EXTRA_DATA - -Upstream-Status: Pending - -Signed-off-by: Martin Jansa - ---- - src/fpglsl/Makefile.am | 2 ++ - src/glsl/Makefile.am | 10 ++++++++-- - src/perf/Makefile.am | 6 ++++++ - src/vpglsl/Makefile.am | 1 + - 4 files changed, 17 insertions(+), 2 deletions(-) - -diff --git a/src/fpglsl/Makefile.am b/src/fpglsl/Makefile.am -index 47c1039f..fd43c919 100644 ---- a/src/fpglsl/Makefile.am -+++ b/src/fpglsl/Makefile.am -@@ -39,10 +39,12 @@ noinst_PROGRAMS = \ - endif - - EXTRA_DIST = \ -+ depth-read.glsl \ - dowhile2.glsl \ - dowhile.glsl \ - forbreak.glsl \ - for.glsl \ -+ infinite-loop.glsl \ - mov.glsl \ - mov-imm.glsl \ - simpleif.glsl \ -diff --git a/src/glsl/Makefile.am b/src/glsl/Makefile.am -index 4faa8dbf..079a29d8 100644 ---- a/src/glsl/Makefile.am -+++ b/src/glsl/Makefile.am -@@ -37,7 +37,7 @@ AM_LDFLAGS = \ - if HAVE_GLUT - bin_PROGRAMS = \ - array \ -- bezier \ -+ bezier \ - bitmap \ - brick \ - bump \ -@@ -123,12 +123,16 @@ EXTRA_DIST = \ - CH06-brick.vert \ - CH11-bumpmap.frag \ - CH11-bumpmap.vert \ -+ CH11-bumpmaptex.frag \ - CH11-toyball.frag \ - CH11-toyball.vert \ - CH18-mandel.frag \ - CH18-mandel.vert \ -- bezier.geom \ -+ bezier.geom \ - brick.shtest \ -+ blinking-teapot.frag \ -+ blinking-teapot.vert \ -+ convolution.frag \ - convolution.vert \ - cubemap.frag \ - mandelbrot.shtest \ -@@ -138,5 +142,7 @@ EXTRA_DIST = \ - reflect.vert \ - shadowtex.frag \ - simple.vert \ -+ simplex-noise.glsl \ - skinning.frag \ -+ skinning.vert \ - toyball.shtest -diff --git a/src/perf/Makefile.am b/src/perf/Makefile.am -index f0031fea..60069396 100644 ---- a/src/perf/Makefile.am -+++ b/src/perf/Makefile.am -@@ -59,3 +59,9 @@ endif - - glslstateschange_LDADD = libperf.la ../util/libutil.la - glsl_compile_time_LDADD = ../util/libutil.la -+ -+EXTRA_DIST = \ -+ glslstateschange1.frag \ -+ glslstateschange1.vert \ -+ glslstateschange2.frag \ -+ glslstateschange2.vert -diff --git a/src/vpglsl/Makefile.am b/src/vpglsl/Makefile.am -index 4a85ed40..48b08f48 100644 ---- a/src/vpglsl/Makefile.am -+++ b/src/vpglsl/Makefile.am -@@ -44,6 +44,7 @@ EXTRA_DIST = \ - func2.glsl \ - ifelse.glsl \ - if.glsl \ -+ infinite-loop.glsl \ - mov.glsl \ - nestedifs.glsl \ - nestedswizzle.glsl \ diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0009-glsl-perf-Install-.glsl-.vert-.frag-files.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0009-glsl-perf-Install-.glsl-.vert-.frag-files.patch deleted file mode 100644 index 8a98ba60d..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0009-glsl-perf-Install-.glsl-.vert-.frag-files.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 477ab6d90a17d8e4d3935be6ce8b8e154db0e3e5 Mon Sep 17 00:00:00 2001 -From: Martin Jansa -Date: Thu, 10 Jul 2014 14:48:12 +0200 -Subject: [PATCH] glsl, perf: Install .glsl, .vert, .frag files - -Upstream-Status: Pending -Signed-off-by: Martin Jansa - ---- - src/fpglsl/Makefile.am | 3 ++- - src/glsl/Makefile.am | 3 ++- - src/perf/Makefile.am | 3 ++- - src/vpglsl/Makefile.am | 3 ++- - 4 files changed, 8 insertions(+), 4 deletions(-) - -diff --git a/src/fpglsl/Makefile.am b/src/fpglsl/Makefile.am -index fd43c919..2bf51de4 100644 ---- a/src/fpglsl/Makefile.am -+++ b/src/fpglsl/Makefile.am -@@ -38,7 +38,8 @@ noinst_PROGRAMS = \ - fp-tri - endif - --EXTRA_DIST = \ -+demosdatadir=$(datadir)/$(PACKAGE)/ -+dist_demosdata_DATA= \ - depth-read.glsl \ - dowhile2.glsl \ - dowhile.glsl \ -diff --git a/src/glsl/Makefile.am b/src/glsl/Makefile.am -index 079a29d8..f66ec299 100644 ---- a/src/glsl/Makefile.am -+++ b/src/glsl/Makefile.am -@@ -118,7 +118,8 @@ vert_or_frag_only_LDADD = ../util/libutil.la - vert_tex_LDADD = ../util/libutil.la - vsraytrace_LDADD = ../util/libutil.la - --EXTRA_DIST = \ -+demosdatadir=$(datadir)/$(PACKAGE)/ -+dist_demosdata_DATA= \ - CH06-brick.frag \ - CH06-brick.vert \ - CH11-bumpmap.frag \ -diff --git a/src/perf/Makefile.am b/src/perf/Makefile.am -index 60069396..469bdf45 100644 ---- a/src/perf/Makefile.am -+++ b/src/perf/Makefile.am -@@ -60,7 +60,8 @@ endif - glslstateschange_LDADD = libperf.la ../util/libutil.la - glsl_compile_time_LDADD = ../util/libutil.la - --EXTRA_DIST = \ -+demosdatadir=$(datadir)/$(PACKAGE)/ -+dist_demosdata_DATA= \ - glslstateschange1.frag \ - glslstateschange1.vert \ - glslstateschange2.frag \ -diff --git a/src/vpglsl/Makefile.am b/src/vpglsl/Makefile.am -index 48b08f48..55268675 100644 ---- a/src/vpglsl/Makefile.am -+++ b/src/vpglsl/Makefile.am -@@ -38,7 +38,8 @@ noinst_PROGRAMS = \ - vp-tris - endif - --EXTRA_DIST = \ -+demosdatadir=$(datadir)/$(PACKAGE)/ -+dist_demosdata_DATA= \ - for.glsl \ - func.glsl \ - func2.glsl \ diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0012-mesa-demos-OpenVG-demos-with-single-frame-need-eglSw.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0012-mesa-demos-OpenVG-demos-with-single-frame-need-eglSw.patch deleted file mode 100644 index c68764740..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0012-mesa-demos-OpenVG-demos-with-single-frame-need-eglSw.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 3aa84c47e88a4c38446ce1323abf6f2c77389104 Mon Sep 17 00:00:00 2001 -From: Prabhu -Date: Mon, 16 Nov 2015 17:09:32 -0600 -Subject: [PATCH] mesa-demos: OpenVG demos with single frame need eglSwapBuffer - -sp and text demos rendering single frame. to display the -single frame rendered needed a eglSwapBuffer to diplay to window. -Hence added eglutPostRedisplay to display the frame - -Upstream-Status: Pending - -Signed-off-by: Prabhu ---- - src/egl/openvg/sp.c | 1 + - src/egl/openvg/text.c | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/src/egl/openvg/sp.c b/src/egl/openvg/sp.c -index a20c0a3..468e91e 100644 ---- a/src/egl/openvg/sp.c -+++ b/src/egl/openvg/sp.c -@@ -500,6 +500,7 @@ draw(void) - } - - vgFlush(); -+ eglutPostRedisplay(); - } - - -diff --git a/src/egl/openvg/text.c b/src/egl/openvg/text.c -index f5c6de8..492581c 100644 ---- a/src/egl/openvg/text.c -+++ b/src/egl/openvg/text.c -@@ -360,6 +360,7 @@ display(void) - { - vgClear(0, 0, width, height); - glyph_string_draw(10.0, 10.0); -+ eglutPostRedisplay(); - } - - --- -2.5.1 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0013-only-build-GLX-demos-if-needed.patch b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0013-only-build-GLX-demos-if-needed.patch deleted file mode 100644 index e7be4dfbe..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos/0013-only-build-GLX-demos-if-needed.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 322af294390a7f4e1524c5a79312be6cbebce988 Mon Sep 17 00:00:00 2001 -From: Awais Belal -Date: Wed, 11 Nov 2015 17:22:12 +0500 -Subject: [PATCH] only build GLX demos if needed - -There are platforms that default to EGL only configurations -in which case the GLX applications are not required -at all. Allow the user to control generation of these -demos as needed through a configure switch. - -Signed-off-by: Awais Belal -Upstream-Status: Pending ---- - configure.ac | 9 +++++++++ - src/Makefile.am | 6 +++++- - 2 files changed, 14 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index f8ec7e3..1a4d96d 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -132,6 +132,11 @@ if test "x$enable_glu" = xyes; then - DEMO_LIBS="$DEMO_LIBS $GLU_LIBS" - fi - -+AC_ARG_ENABLE([glx-demos], -+ [AS_HELP_STRING([--enable-glx-demos], -+ [enable GLX demos @<:@default=auto@:>@])], -+ [glx_demos_enabled="$enableval"], -+ [glx_demos_enabled=yes]) - AC_ARG_ENABLE([egl], - [AS_HELP_STRING([--enable-egl], - [enable EGL library @<:@default=auto@:>@])], -@@ -325,6 +333,7 @@ AC_SUBST([WAYLAND_LIBS]) - - AM_CONDITIONAL(HAVE_GLU, test "x$glu_enabled" = "xyes") - AM_CONDITIONAL(HAVE_GLEW, test "x$glew_enabled" = "xyes") -+AM_CONDITIONAL(HAVE_GLX, test "x$glx_demos_enabled" = "xyes") - AM_CONDITIONAL(HAVE_EGL, test "x$egl_enabled" = "xyes") - AM_CONDITIONAL(HAVE_GLESV1, test "x$glesv1_enabled" = "xyes") - AM_CONDITIONAL(HAVE_GLESV2, test "x$glesv2_enabled" = "xyes") -diff --git a/src/Makefile.am b/src/Makefile.am -index 8b89dee..a4d7e8f 100644 ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -44,8 +44,12 @@ SUBDIRS = \ - slang \ - tests \ - tools \ -- wgl \ -+ wgl -+ -+if HAVE_GLX -+SUBDIRS += \ - xdemos -+endif - - if HAVE_GLEW - SUBDIRS += \ --- -1.9.1 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos_8.4.0.bb b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos_8.4.0.bb deleted file mode 100644 index 129a47df4..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-demos_8.4.0.bb +++ /dev/null @@ -1,59 +0,0 @@ -SUMMARY = "Mesa demo applications" -DESCRIPTION = "This package includes the demonstration application, such as glxgears. \ -These applications can be used for Mesa validation and benchmarking." -HOMEPAGE = "http://mesa3d.org" -BUGTRACKER = "https://bugs.freedesktop.org" -SECTION = "x11" - -LICENSE = "MIT & PD" -LIC_FILES_CHKSUM = "file://src/xdemos/glxgears.c;beginline=1;endline=20;md5=914225785450eff644a86c871d3ae00e \ - file://src/xdemos/glxdemo.c;beginline=1;endline=8;md5=b01d5ab1aee94d35b7efaa2ef48e1a06" - -SRC_URI = "https://mesa.freedesktop.org/archive/demos/${BPN}-${PV}.tar.bz2 \ - file://0001-mesa-demos-Add-missing-data-files.patch \ - file://0003-configure-Allow-to-disable-demos-which-require-GLEW-.patch \ - file://0004-Use-DEMOS_DATA_DIR-to-locate-data-files.patch \ - file://0007-Install-few-more-test-programs.patch \ - file://0008-glsl-perf-Add-few-missing-.glsl-.vert-.frag-files-to.patch \ - file://0009-glsl-perf-Install-.glsl-.vert-.frag-files.patch \ - file://0012-mesa-demos-OpenVG-demos-with-single-frame-need-eglSw.patch \ - file://0013-only-build-GLX-demos-if-needed.patch \ - " -SRC_URI[md5sum] = "6b65a02622765522176d00f553086fa3" -SRC_URI[sha256sum] = "01e99c94a0184e63e796728af89bfac559795fb2a0d6f506fa900455ca5fff7d" - -inherit autotools pkgconfig distro_features_check -# depends on virtual/egl, virtual/libgl ... -REQUIRED_DISTRO_FEATURES = "opengl x11" - -PACKAGECONFIG ?= "drm osmesa freetype2 gbm egl gles1 gles2 \ - x11 glew glu glx" - -# The Wayland code doesn't work with Wayland 1.0, so disable it for now -#${@bb.utils.filter('DISTRO_FEATURES', 'wayland', d)}" - -EXTRA_OECONF = "--with-system-data-files" - -PACKAGECONFIG[drm] = "--enable-libdrm,--disable-libdrm,libdrm" -PACKAGECONFIG[egl] = "--enable-egl,--disable-egl,virtual/egl" -PACKAGECONFIG[freetype2] = "--enable-freetype2,--disable-freetype2,freetype" -PACKAGECONFIG[gbm] = "--enable-gbm,--disable-gbm,virtual/libgl" -PACKAGECONFIG[gles1] = "--enable-gles1,--disable-gles1,virtual/libgles1" -PACKAGECONFIG[gles2] = "--enable-gles2,--disable-gles2,virtual/libgles2" -PACKAGECONFIG[glut] = "--with-glut=${STAGING_EXECPREFIXDIR},--without-glut,freeglut" -PACKAGECONFIG[osmesa] = "--enable-osmesa,--disable-osmesa," -PACKAGECONFIG[vg] = "--enable-vg,--disable-vg,virtual/libopenvg" -PACKAGECONFIG[wayland] = "--enable-wayland,--disable-wayland,virtual/libgl wayland" -PACKAGECONFIG[x11] = "--enable-x11,--disable-x11,virtual/libx11" -PACKAGECONFIG[glew] = "--enable-glew,--disable-glew,glew" -PACKAGECONFIG[glu] = "--enable-glu,--disable-glu,virtual/libgl" -PACKAGECONFIG[glx] = "--enable-glx-demos,--disable-glx-demos" - -do_install_append() { - # it can be completely empty when all PACKAGECONFIG options are disabled - rmdir --ignore-fail-on-non-empty ${D}${bindir} - - if [ -f ${D}${bindir}/clear ]; then - mv ${D}${bindir}/clear ${D}${bindir}/clear.mesa-demos - fi -} diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-gl_19.1.6.bb b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-gl_19.1.6.bb deleted file mode 100644 index d4b1c1c45..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa-gl_19.1.6.bb +++ /dev/null @@ -1,10 +0,0 @@ -require mesa_${PV}.bb - -SUMMARY += " (OpenGL only, no EGL/GLES)" - -PROVIDES = "virtual/libgl virtual/mesa" - -S = "${WORKDIR}/mesa-${PV}" - -PACKAGECONFIG ??= "opengl dri ${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" -PACKAGECONFIG_class-target = "opengl dri ${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa.inc b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa.inc deleted file mode 100644 index 54b7618f8..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa.inc +++ /dev/null @@ -1,267 +0,0 @@ -SUMMARY = "A free implementation of the OpenGL API" -DESCRIPTION = "Mesa is an open-source implementation of the OpenGL specification - \ -a system for rendering interactive 3D graphics. \ -A variety of device drivers allows Mesa to be used in many different environments \ -ranging from software emulation to complete hardware acceleration for modern GPUs. \ -Mesa is used as part of the overall Direct Rendering Infrastructure and X.org \ -environment." - -HOMEPAGE = "http://mesa3d.org" -BUGTRACKER = "https://bugs.freedesktop.org" -SECTION = "x11" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://docs/license.html;md5=725f991a1cc322aa7a0cd3a2016621c4" - -PE = "2" - -DEPENDS = "expat makedepend-native flex-native bison-native libxml2-native zlib chrpath-replacement-native python3-mako-native gettext-native" -EXTRANATIVEPATH += "chrpath-native" -PROVIDES = " \ - ${@bb.utils.contains('PACKAGECONFIG', 'opengl', 'virtual/libgl', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'gles', 'virtual/libgles1 virtual/libgles2', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'egl', 'virtual/egl', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'gbm', 'virtual/libgbm', '', d)} \ - virtual/mesa \ - " - -inherit meson pkgconfig python3native gettext distro_features_check - -# Unset these to stop python trying to report the target Python setup -_PYTHON_SYSCONFIGDATA_NAME[unexport] = "1" -STAGING_INCDIR[unexport] = "1" -STAGING_LIBDIR[unexport] = "1" - -BBCLASSEXTEND = "native nativesdk" - -ANY_OF_DISTRO_FEATURES_class-target = "opengl vulkan" - -PLATFORMS ??= "${@bb.utils.filter('PACKAGECONFIG', 'x11 wayland', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'gbm', 'drm', '', d)} \ - surfaceless" - -export YOCTO_ALTERNATE_EXE_PATH = "${STAGING_LIBDIR}/llvm${MESA_LLVM_RELEASE}/llvm-config" -export YOCTO_ALTERNATE_MULTILIB_NAME = "${base_libdir}" -export LLVM_CONFIG = "${STAGING_BINDIR_NATIVE}/llvm-config${MESA_LLVM_RELEASE}" -export WANT_LLVM_RELEASE = "${MESA_LLVM_RELEASE}" - -MESA_LLVM_RELEASE ?= "${LLVMVERSION}" - -EXTRA_OEMESON = " \ - -Dshared-glapi=true \ - -Dgallium-opencl=disabled \ - -Dglx-read-only-text=true \ - -Dplatforms='${@",".join("${PLATFORMS}".split())}' \ -" - -PACKAGECONFIG_class-target ??= "${@bb.utils.filter('DISTRO_FEATURES', 'wayland vulkan', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'opengl egl gles gbm dri gallium', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'x11 opengl', 'x11 dri3', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'x11 vulkan', 'dri3', '', d)} \ - glx-tls \ - " -PACKAGECONFIG_class-native ?= "gbm dri egl opengl glx-tls" -PACKAGECONFIG_class-nativesdk ?= "gbm dri egl opengl glx-tls" - -PACKAGECONFIG_remove_libc-musl = "glx-tls" - -# "gbm" requires "dri", "opengl" -PACKAGECONFIG[gbm] = "-Dgbm=true,-Dgbm=false" - -X11_DEPS = "xorgproto virtual/libx11 libxext libxxf86vm libxdamage libxfixes xrandr" -# "x11" requires "opengl" -PACKAGECONFIG[x11] = ",-Dglx=disabled,${X11_DEPS}" -PACKAGECONFIG[glx-tls] = "-Dglx-tls=true, -Dglx-tls=false" -PACKAGECONFIG[xvmc] = "-Dgallium-xvmc=true,-Dgallium-xvmc=false,libxvmc" -PACKAGECONFIG[wayland] = ",,wayland-native wayland libdrm wayland-protocols" - -DRIDRIVERS_class-native = "swrast" -DRIDRIVERS_class-nativesdk = "swrast" -DRIDRIVERS_append_x86_class-target = ",r100,r200,nouveau,i965,i915" -DRIDRIVERS_append_x86-64_class-target = ",r100,r200,nouveau,i965,i915" -# "dri" requires "opengl" -PACKAGECONFIG[dri] = "-Ddri=true -Ddri-drivers=${DRIDRIVERS}, -Ddri=false -Ddri-drivers='', xorgproto libdrm" -PACKAGECONFIG[dri3] = "-Ddri3=true, -Ddri3=false, xorgproto libxshmfence" - -# Vulkan drivers need dri3 enabled -# radeon could be enabled as well but requires gallium-llvm with llvm >= 3.9 -VULKAN_DRIVERS = "" -VULKAN_DRIVERS_append_x86_class-target = ",intel" -VULKAN_DRIVERS_append_x86-64_class-target = ",intel" -PACKAGECONFIG[vulkan] = "-Dvulkan-drivers=${VULKAN_DRIVERS}, -Dvulkan-drivers=''," - -PACKAGECONFIG[opengl] = "-Dopengl=true, -Dopengl=false" - -# "gles" requires "opengl" -PACKAGECONFIG[gles] = "-Dgles1=true -Dgles2=true, -Dgles1=false -Dgles2=false" - -# "egl" requires "dri", "opengl" -PACKAGECONFIG[egl] = "-Degl=true, -Degl=false" - -PACKAGECONFIG[etnaviv] = "" -PACKAGECONFIG[kmsro] = "" -PACKAGECONFIG[vc4] = "" -PACKAGECONFIG[v3d] = "" - -GALLIUMDRIVERS = "swrast" -# gallium swrast was found to crash Xorg on startup in x32 qemu -GALLIUMDRIVERS_x86-x32 = "" - -GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'etnaviv', ',etnaviv', '', d)}" -GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'kmsro', ',kmsro', '', d)}" -GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'vc4', ',vc4', '', d)}" -GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'v3d', ',v3d', '', d)}" - -# radeonsi requires LLVM -GALLIUMDRIVERS_LLVM33 = "${@bb.utils.contains('PACKAGECONFIG', 'r600', ',radeonsi', '', d)}" -GALLIUMDRIVERS_LLVM33_ENABLED = "${@oe.utils.version_less_or_equal('MESA_LLVM_RELEASE', '3.2', False, len('${GALLIUMDRIVERS_LLVM33}') > 0, d)}" -GALLIUMDRIVERS_LLVM = "r300,svga,nouveau${@',${GALLIUMDRIVERS_LLVM33}' if ${GALLIUMDRIVERS_LLVM33_ENABLED} else ''}" - -PACKAGECONFIG[r600] = "" - -GALLIUMDRIVERS_append = "${@bb.utils.contains('PACKAGECONFIG', 'gallium-llvm', ',${GALLIUMDRIVERS_LLVM}', '', d)}" -GALLIUMDRIVERS_append = "${@bb.utils.contains('PACKAGECONFIG', 'r600', ',r600', '', d)}" -GALLIUMDRIVERS_append = ",virgl" - -PACKAGECONFIG[gallium] = "-Dgallium-drivers=${GALLIUMDRIVERS}, -Dgallium-drivers=''" -PACKAGECONFIG[gallium-llvm] = "-Dllvm=true -Dshared-llvm=true, -Dllvm=false, llvm${MESA_LLVM_RELEASE} llvm-native \ - ${@'elfutils' if ${GALLIUMDRIVERS_LLVM33_ENABLED} else ''}" -PACKAGECONFIG[xa] = "-Dgallium-xa=true, -Dgallium-xa=false" - -PACKAGECONFIG[lima] = "" -GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'lima', ',lima', '', d)}" - -PACKAGECONFIG[panfrost] = "" -GALLIUMDRIVERS_append ="${@bb.utils.contains('PACKAGECONFIG', 'panfrost', ',panfrost', '', d)}" - -OSMESA = "${@bb.utils.contains('PACKAGECONFIG', 'gallium', 'gallium', 'classic', d)}" -PACKAGECONFIG[osmesa] = "-Dosmesa=${OSMESA},-Dosmesa=none" - -PACKAGECONFIG[unwind] = "-Dlibunwind=true,-Dlibunwind=false,libunwind" - -# mesa tries to run cross-built gen_matypes on build machine to get struct size information -EXTRA_OEMESON_append = " -Dasm=false" - -# llvmpipe is slow if compiled with -fomit-frame-pointer (e.g. -O2) -FULL_OPTIMIZATION_append = " -fno-omit-frame-pointer" - -CFLAGS_append_armv5 = " -DMISSING_64BIT_ATOMICS" - -# Remove the mesa dependency on mesa-dev, as mesa is empty -RDEPENDS_${PN}-dev = "" - -# Add dependency so that GLES3 header don't need to be added manually -RDEPENDS_libgles2-mesa-dev += "libgles3-mesa-dev" - -PACKAGES =+ "libegl-mesa libegl-mesa-dev \ - libosmesa libosmesa-dev \ - libgl-mesa libgl-mesa-dev \ - libglapi libglapi-dev \ - libgbm libgbm-dev \ - libgles1-mesa libgles1-mesa-dev \ - libgles2-mesa libgles2-mesa-dev \ - libgles3-mesa libgles3-mesa-dev \ - libxatracker libxatracker-dev \ - mesa-megadriver mesa-vulkan-drivers \ - " - -do_install_append () { - # Drivers never need libtool .la files - rm -f ${D}${libdir}/dri/*.la - rm -f ${D}${libdir}/egl/*.la - rm -f ${D}${libdir}/gallium-pipe/*.la - rm -f ${D}${libdir}/gbm/*.la - - # it was packaged in libdricore9.1.3-1 and preventing upgrades when debian.bbclass was used - chrpath --delete ${D}${libdir}/dri/*_dri.so || true - - # libwayland-egl has been moved to wayland 1.15+ - rm -f ${D}${libdir}/libwayland-egl* - rm -f ${D}${libdir}/pkgconfig/wayland-egl.pc -} - -# For the packages that make up the OpenGL interfaces, inject variables so that -# they don't get Debian-renamed (which would remove the -mesa suffix), and -# RPROVIDEs/RCONFLICTs on the generic libgl name. -python __anonymous() { - pkgconfig = (d.getVar('PACKAGECONFIG') or "").split() - for p in (("egl", "libegl", "libegl1"), - ("dri", "libgl", "libgl1"), - ("gles", "libgles1", "libglesv1-cm1"), - ("gles", "libgles2", "libglesv2-2"), - ("gles", "libgles3",)): - if not p[0] in pkgconfig: - continue - fullp = p[1] + "-mesa" - pkgs = " ".join(p[1:]) - d.setVar("DEBIAN_NOAUTONAME_" + fullp, "1") - d.appendVar("RREPLACES_" + fullp, pkgs) - d.appendVar("RPROVIDES_" + fullp, pkgs) - d.appendVar("RCONFLICTS_" + fullp, pkgs) - - d.appendVar("RRECOMMENDS_" + fullp, " mesa-megadriver") - - # For -dev, the first element is both the Debian and original name - fullp += "-dev" - pkgs = p[1] + "-dev" - d.setVar("DEBIAN_NOAUTONAME_" + fullp, "1") - d.appendVar("RREPLACES_" + fullp, pkgs) - d.appendVar("RPROVIDES_" + fullp, pkgs) - d.appendVar("RCONFLICTS_" + fullp, pkgs) -} - -python mesa_populate_packages() { - pkgs = ['mesa', 'mesa-dev', 'mesa-dbg'] - for pkg in pkgs: - d.setVar("RPROVIDES_%s" % pkg, pkg.replace("mesa", "mesa-dri", 1)) - d.setVar("RCONFLICTS_%s" % pkg, pkg.replace("mesa", "mesa-dri", 1)) - d.setVar("RREPLACES_%s" % pkg, pkg.replace("mesa", "mesa-dri", 1)) - - import re - dri_drivers_root = oe.path.join(d.getVar('PKGD'), d.getVar('libdir'), "dri") - if os.path.isdir(dri_drivers_root): - dri_pkgs = os.listdir(dri_drivers_root) - lib_name = d.expand("${MLPREFIX}mesa-megadriver") - for p in dri_pkgs: - m = re.match(r'^(.*)_dri\.so$', p) - if m: - pkg_name = " ${MLPREFIX}mesa-driver-%s" % legitimize_package_name(m.group(1)) - d.appendVar("RPROVIDES_%s" % lib_name, pkg_name) - d.appendVar("RCONFLICTS_%s" % lib_name, pkg_name) - d.appendVar("RREPLACES_%s" % lib_name, pkg_name) - - pipe_drivers_root = os.path.join(d.getVar('libdir'), "gallium-pipe") - do_split_packages(d, pipe_drivers_root, r'^pipe_(.*)\.so$', 'mesa-driver-pipe-%s', 'Mesa %s pipe driver', extra_depends='') -} - -PACKAGESPLITFUNCS_prepend = "mesa_populate_packages " - -PACKAGES_DYNAMIC += "^mesa-driver-.*" - -FILES_mesa-megadriver = "${libdir}/dri/* ${datadir}/drirc.d/00-mesa-defaults.conf" -FILES_mesa-vulkan-drivers = "${libdir}/libvulkan_*.so ${datadir}/vulkan" -FILES_libegl-mesa = "${libdir}/libEGL.so.*" -FILES_libgbm = "${libdir}/libgbm.so.*" -FILES_libgles1-mesa = "${libdir}/libGLESv1*.so.*" -FILES_libgles2-mesa = "${libdir}/libGLESv2.so.*" -FILES_libgl-mesa = "${libdir}/libGL.so.*" -FILES_libglapi = "${libdir}/libglapi.so.*" -FILES_libosmesa = "${libdir}/libOSMesa.so.*" -FILES_libxatracker = "${libdir}/libxatracker.so.*" - -FILES_${PN}-dev = "${libdir}/pkgconfig/dri.pc ${includedir}/vulkan" -FILES_libegl-mesa-dev = "${libdir}/libEGL.* ${includedir}/EGL ${includedir}/KHR ${libdir}/pkgconfig/egl.pc" -FILES_libgbm-dev = "${libdir}/libgbm.* ${libdir}/pkgconfig/gbm.pc ${includedir}/gbm.h" -FILES_libgl-mesa-dev = "${libdir}/libGL.* ${includedir}/GL ${libdir}/pkgconfig/gl.pc" -FILES_libglapi-dev = "${libdir}/libglapi.*" -FILES_libgles1-mesa-dev = "${libdir}/libGLESv1*.* ${includedir}/GLES ${libdir}/pkgconfig/glesv1*.pc" -FILES_libgles2-mesa-dev = "${libdir}/libGLESv2.* ${includedir}/GLES2 ${libdir}/pkgconfig/glesv2.pc" -FILES_libgles3-mesa-dev = "${includedir}/GLES3" -FILES_libosmesa-dev = "${libdir}/libOSMesa.* ${includedir}/GL/osmesa.h ${libdir}/pkgconfig/osmesa.pc" -FILES_libxatracker-dev = "${libdir}/libxatracker.so ${libdir}/libxatracker.la \ - ${includedir}/xa_tracker.h ${includedir}/xa_composite.h ${includedir}/xa_context.h \ - ${libdir}/pkgconfig/xatracker.pc" - -# Fix upgrade path from mesa to mesa-megadriver -RREPLACES_mesa-megadriver = "mesa" -RCONFLICTS_mesa-megadriver = "mesa" -RPROVIDES_mesa-megadriver = "mesa" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa_%.bbappend b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa_%.bbappend deleted file mode 100644 index 58aea6c05..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa_%.bbappend +++ /dev/null @@ -1,2 +0,0 @@ -# enable ludicrous speed for GFX on rpi4 -PACKAGECONFIG_append_class-target = " v3d kmsro" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa_19.1.6.bb b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa_19.1.6.bb deleted file mode 100644 index 19221e9e2..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/mesa/mesa_19.1.6.bb +++ /dev/null @@ -1,20 +0,0 @@ -require ${BPN}.inc - -SRC_URI = "https://mesa.freedesktop.org/archive/mesa-${PV}.tar.xz \ - file://0001-meson.build-check-for-all-linux-host_os-combinations.patch \ - file://0002-meson.build-make-TLS-GLX-optional-again.patch \ - file://0003-Allow-enable-DRI-without-DRI-drivers.patch \ - " - -SRC_URI[md5sum] = "7dbb40b8d10e89bee0a5bfc85350647b" -SRC_URI[sha256sum] = "2a369b7b48545c6486e7e44913ad022daca097c8bd937bf30dcf3f17a94d3496" - -UPSTREAM_CHECK_GITTAGREGEX = "mesa-(?P\d+(\.\d+)+)" - -#because we cannot rely on the fact that all apps will use pkgconfig, -#make eglplatform.h independent of MESA_EGL_NO_X11_HEADER -do_install_append() { - if ${@bb.utils.contains('PACKAGECONFIG', 'egl', 'true', 'false', d)}; then - sed -i -e 's/^#if defined(MESA_EGL_NO_X11_HEADERS)$/#if defined(MESA_EGL_NO_X11_HEADERS) || ${@bb.utils.contains('PACKAGECONFIG', 'x11', '0', '1', d)}/' ${D}${includedir}/EGL/eglplatform.h - fi -} diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/userland/userland_%.bbappend b/meta-agl-bsp/meta-raspberrypi/recipes-graphics/userland/userland_%.bbappend deleted file mode 100644 index d4c74ef48..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-graphics/userland/userland_%.bbappend +++ /dev/null @@ -1,4 +0,0 @@ -# FIXME: Temporary fix that can be removed once commit 752db52 gets backported -# from master to thud branch of meta-raspberrypi -RDEPENDS_${PN}_remove = "libegl1" -RDEPENDS_${PN} += "${@bb.utils.contains("MACHINE_FEATURES", "vc4graphics", "libegl-mesa", "", d)}" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro/0001-brcmfmac43455-sdio.txt-Follow-raspbian-change-for-bo.patch b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro/0001-brcmfmac43455-sdio.txt-Follow-raspbian-change-for-bo.patch deleted file mode 100644 index 1ad0fd1b2..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro/0001-brcmfmac43455-sdio.txt-Follow-raspbian-change-for-bo.patch +++ /dev/null @@ -1,39 +0,0 @@ -From c9d4f263131cb8e62597e0a296968b5cdbfe0019 Mon Sep 17 00:00:00 2001 -From: Andrei Gherzan -Date: Thu, 27 Jun 2019 20:49:10 +0100 -Subject: [PATCH] brcmfmac43455-sdio.txt: Follow raspbian change for - boardflags3 - -Without this change the WiFi interface on RPi4 never comes up. Also the -upstream repository doesn't include this change. It is only (as far as I -know) part of the raspberrypi deb repository with the following -changelog: - -firmware-nonfree (1:20190114-1+rpt2) buster; urgency=medium - * Update brcmfmac43455-sdio.txt - - Update boardflags3 - -- Serge Schneider Thu, 18 Apr 2019 14:35:34 -+0100 - -Upstream-status: Pending -Signed-off-by: Andrei Gherzan ---- - brcm/brcmfmac43455-sdio.txt | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/brcm/brcmfmac43455-sdio.txt b/brcm/brcmfmac43455-sdio.txt -index 54d9321..6801286 100644 ---- a/brcm/brcmfmac43455-sdio.txt -+++ b/brcm/brcmfmac43455-sdio.txt -@@ -21,7 +21,7 @@ btc_mode=1 - # bit1 for btcoex - boardflags=0x00480201 - boardflags2=0x40800000 --boardflags3=0x48200100 -+boardflags3=0x44200100 - phycal_tempdelta=15 - rxchain=1 - txchain=1 --- -2.17.1 - diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro_%.bbappend b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro_%.bbappend deleted file mode 100644 index 30c18fb0b..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro_%.bbappend +++ /dev/null @@ -1,10 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - -SRC_URI += "file://0001-brcmfmac43455-sdio.txt-Follow-raspbian-change-for-bo.patch" - -do_unpack_append() { - bb.build.exec_func('do_clean_pc', d) -} -do_clean_pc() { - rm -rf ${S}/.pc -} diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/files/rpi-kernel-misc.cfg b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/files/rpi-kernel-misc.cfg deleted file mode 100644 index 07b14371b..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/files/rpi-kernel-misc.cfg +++ /dev/null @@ -1 +0,0 @@ -CONFIG_SENSORS_RPI_POE_FAN=m diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi/disable_kprobes.cfg b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi/disable_kprobes.cfg deleted file mode 100644 index 4a67a7e6b..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi/disable_kprobes.cfg +++ /dev/null @@ -1 +0,0 @@ -CONFIG_KPROBES=n diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi4.inc b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi4.inc deleted file mode 100644 index ea7f77837..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi4.inc +++ /dev/null @@ -1,140 +0,0 @@ -DESCRIPTION = "Linux Kernel for Raspberry Pi" -SECTION = "kernel" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=d7810fab7487fb0aad327b76f1be7cd7" - -COMPATIBLE_MACHINE = "^rpi$" - -PE = "1" -PV = "${LINUX_VERSION}+git${SRCPV}" - -inherit kernel siteinfo -require recipes-kernel/linux/linux-yocto.inc - -SRC_URI += "file://rpi-kernel-misc.cfg" - -KCONFIG_MODE = "--alldefconfig" -KBUILD_DEFCONFIG_raspberrypi0-wifi ?= "bcmrpi_defconfig" -KBUILD_DEFCONFIG_raspberrypi ?= "bcmrpi_defconfig" -KBUILD_DEFCONFIG_raspberrypi2 ?= "bcm2709_defconfig" -KBUILD_DEFCONFIG_raspberrypi3 ?= "bcm2709_defconfig" -KBUILD_DEFCONFIG_raspberrypi3-64 ?= "bcmrpi3_defconfig" -KBUILD_DEFCONFIG_raspberrypi4 ?= "bcm2711_defconfig" -KBUILD_DEFCONFIG_raspberrypi4-64 ?= "bcm2711_defconfig" - -# CMDLINE for raspberrypi -SERIAL = "${@oe.utils.conditional("ENABLE_UART", "1", "console=serial0,115200", "", d)}" -CMDLINE ?= "dwc_otg.lpm_enable=0 ${SERIAL} root=/dev/mmcblk0p2 rootfstype=ext4 rootwait" - -# Add the kernel debugger over console kernel command line option if enabled -CMDLINE_append = ' ${@oe.utils.conditional("ENABLE_KGDB", "1", "kgdboc=serial0,115200", "", d)}' - -# Disable rpi logo on boot -CMDLINE_append += ' ${@oe.utils.conditional("DISABLE_RPI_BOOT_LOGO", "1", "logo.nologo", "", d)}' - -# You can define CMDLINE_DEBUG as "debug" in your local.conf or distro.conf -# to enable kernel debugging. -CMDLINE_DEBUG ?= "" -CMDLINE_append = " ${CMDLINE_DEBUG}" - -KERNEL_MODULE_AUTOLOAD += "${@bb.utils.contains("MACHINE_FEATURES", "pitft28r", "stmpe-ts", "", d)}" - -# A LOADADDR is needed when building a uImage format kernel. This value is not -# set by default in rpi-4.8.y and later branches so we need to provide it -# manually. This value unused if KERNEL_IMAGETYPE is not uImage. -KERNEL_EXTRA_ARGS += "LOADADDR=0x00008000" - -# Set a variable in .configure -# $1 - Configure variable to be set -# $2 - value [n/y/value] -kernel_configure_variable() { - # Remove the config - CONF_SED_SCRIPT="$CONF_SED_SCRIPT /CONFIG_$1[ =]/d;" - if test "$2" = "n" - then - echo "# CONFIG_$1 is not set" >> ${B}/.config - else - echo "CONFIG_$1=$2" >> ${B}/.config - fi -} - -config_setup() { - # From kernel.bbclass. Unfortunately, this is needed to support builds that - # use devtool. The reason is as follows: - # - # - In devtool builds, externalsrc.bbclass gets inherited and sets a list of - # SRCTREECOVEREDTASKS, which don't get run because they affect the source - # tree and, when using devtool, we want the developer's changes to be the - # single source of truth. kernel-yocto.bbclass adds do_kernel_configme to - # SRCTREECOVEREDTASKS, so it doesn't run in a devtool build., In a normal - # non-devtool build, do_kernel_configme creates ${B}.config. - # - # - Normally (e.g. in linux-yocto), it would be OK that do_kernel_configme - # doesn't run, because the first few lines of do_configure in kernel.bbclass - # populate ${B}.config from either ${S}.config (if it exists) for custom - # developer changes, or otherwise from ${WORDIR}/defconfig. - # - # - In linux-raspberrypi, we add do_configure_prepend, which tweaks - # ${B}.config. Since this runs *before* the kernel.bbclass do_configure, - # ${B}.config doesn't yet exist and we hit an error. Thus we need to move - # the logic from do_configure up to before our do_configure_prepend. Because - # we are copying only a portion of do_configure and not the whole thing, - # there is no clean way to do it using OE functionality, so we just - # copy-and-paste. - if [ "${S}" != "${B}" ] && [ -f "${S}/.config" ] && [ ! -f "${B}/.config" ]; then - mv "${S}/.config" "${B}/.config" - fi - - # Copy defconfig to .config if .config does not exist. This allows - # recipes to manage the .config themselves in do_configure_prepend(). - if [ -f "${WORKDIR}/defconfig" ] && [ ! -f "${B}/.config" ]; then - cp "${WORKDIR}/defconfig" "${B}/.config" - fi -} - -do_configure_prepend() { - config_setup - - mv -f ${B}/.config ${B}/.config.patched - CONF_SED_SCRIPT="" - - # Localversion - kernel_configure_variable LOCALVERSION "\"\"" - - if [ "${INITRAMFS_IMAGE_BUNDLE}" = "1" ]; then - kernel_configure_variable OVERLAY_FS y - kernel_configure_variable SQUASHFS y - kernel_configure_variable UBIFS_FS y - fi - - # Activate the configuration options for VC4 - VC4GRAPHICS="${@bb.utils.contains("MACHINE_FEATURES", "vc4graphics", "1", "0", d)}" - if [ "${VC4GRAPHICS}" = "1" ]; then - kernel_configure_variable I2C_BCM2835 y - kernel_configure_variable DRM y - kernel_configure_variable DRM_FBDEV_EMULATION y - kernel_configure_variable DRM_VC4 y - fi - - # Keep this the last line - # Remove all modified configs and add the rest to .config - sed -e "${CONF_SED_SCRIPT}" < '${B}/.config.patched' >> '${B}/.config' - rm -f ${B}/.config.patched -} - -do_compile_append() { - if [ "${SITEINFO_BITS}" = "64" ]; then - cc_extra=$(get_cc_option) - oe_runmake dtbs CC="${KERNEL_CC} $cc_extra " LD="${KERNEL_LD}" ${KERNEL_EXTRA_ARGS} - fi -} - -do_deploy_append() { - # Deploy cmdline.txt - install -d ${DEPLOYDIR}/bcm2835-bootfiles - PITFT="${@bb.utils.contains("MACHINE_FEATURES", "pitft", "1", "0", d)}" - if [ ${PITFT} = "1" ]; then - PITFT_PARAMS="fbcon=map:10 fbcon=font:VGA8x8" - fi - echo "${CMDLINE}${PITFT_PARAMS}" > ${DEPLOYDIR}/bcm2835-bootfiles/cmdline.txt -} diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_%.bbappend b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_%.bbappend index c12cd6c51..ff17b2532 100644 --- a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_%.bbappend +++ b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_%.bbappend @@ -2,11 +2,8 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:" require recipes-kernel/linux/linux-agl.inc -# NOTE: Kprobes need to be disabled until linux-raspberrypi gets updated -# to newer than 4.14.104 to avoid lttng-modules failing to build. SRC_URI_append = "\ ${@oe.utils.conditional('USE_FAYTECH_MONITOR', '1', 'file://0002-faytech-fix-rpi.patch', '', d)} \ - file://disable_kprobes.cfg \ " CMDLINE_DEBUG = "" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.14%.bbappend b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.14%.bbappend deleted file mode 100644 index ba11890b9..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.14%.bbappend +++ /dev/null @@ -1 +0,0 @@ -require recipes-kernel/linux/linux-agl-4.14.inc diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.19.bb b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.19.bb deleted file mode 100644 index c1df22747..000000000 --- a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.19.bb +++ /dev/null @@ -1,16 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/linux-raspberrypi:" - -LINUX_VERSION ?= "4.19.80" -LINUX_RPI_BRANCH ?= "rpi-4.19.y" - -SRCREV = "3492a1b003494535eb1b17aa7f258469036b1de7" -SRC_URI = " \ - git://github.com/raspberrypi/linux.git;protocol=git;branch=${LINUX_RPI_BRANCH} \ - " -SRC_URI_append_raspberrypi4-64 = " file://rpi4-64-kernel-misc.cfg" - -require linux-raspberrypi4.inc - -LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" - -KERNEL_EXTRA_ARGS_append_rpi = " DTC_FLAGS='-@ -H epapr'" diff --git a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.19.bbappend b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.19.bbappend index 35a09b021..cc9bcadcd 100644 --- a/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.19.bbappend +++ b/meta-agl-bsp/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi_4.19.bbappend @@ -1,2 +1,9 @@ +# Update Linux kernel for Raspberry Pi to 4.19.80. This version +# allows to run firmware KMS to support output through HDMI and +# DSI for the official 7" Raspberry Pi touch screen display. +# Bug-AGL: SPEC-2465 +LINUX_VERSION = "4.19.80" +SRCREV = "3492a1b003494535eb1b17aa7f258469036b1de7" + ENABLE_UART_raspberrypi4 = "1" -- cgit 1.2.3-korg From 01582dd6c3f39ac5f38ef38eb2a7555e3d4c18af Mon Sep 17 00:00:00 2001 From: Ronan Le Martret Date: Thu, 30 Jan 2020 11:51:43 +0100 Subject: Fix nss-localuser post install -post install script need to have ${sysconfdir}/nsswitch.conf available. This file is provides by base-files. Change-Id: I4767341c442ab8242afa9fb7ed75c2ad8c6a6cc0 Signed-off-by: Ronan Le Martret --- meta-app-framework/recipes-core/nss-localuser/nss-localuser_0.1.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-app-framework/recipes-core/nss-localuser/nss-localuser_0.1.bb b/meta-app-framework/recipes-core/nss-localuser/nss-localuser_0.1.bb index 62e163f97..38f37f14c 100644 --- a/meta-app-framework/recipes-core/nss-localuser/nss-localuser_0.1.bb +++ b/meta-app-framework/recipes-core/nss-localuser/nss-localuser_0.1.bb @@ -13,6 +13,8 @@ SRC_URI = "git://gerrit.automotivelinux.org/gerrit/src/nss-localuser;protocol=ht SRCREV = "66803c6fdb609ed83a78b9194ecb23e9c1b773e7" PV = "${AGL_BRANCH}+git${SRCPV}" +RDEPENDS_${PN} = "base-files" + S = "${WORKDIR}/git" do_compile() { -- cgit 1.2.3-korg From 1cc1c0729c92d93d2dacb64868a33e98580e8e61 Mon Sep 17 00:00:00 2001 From: Ronan Le Martret Date: Thu, 30 Jan 2020 20:25:36 +0100 Subject: [RCAR] Split ADSP path for ulcb and ulcb-kf - If we want to build AGL for ulcb board without the meta-rcar (kingficher board support), we need to split the patch. Change-Id: I145887d4619a7132e46f98f30e1fc0dd3de6b29a Signed-off-by: Ronan Le Martret --- ...ble-and-add-sound-hardware-abstraction_kf.patch | 58 ++++++++++++++++++++++ .../recipes-kernel/linux/linux-renesas_%.bbappend | 1 + ...enable-and-add-sound-hardware-abstraction.patch | 44 ---------------- 3 files changed, 59 insertions(+), 44 deletions(-) create mode 100644 meta-agl-bsp/meta-rcar-gen3-adas/recipes-kernel/linux/linux-renesas/0004-ADSP-enable-and-add-sound-hardware-abstraction_kf.patch diff --git a/meta-agl-bsp/meta-rcar-gen3-adas/recipes-kernel/linux/linux-renesas/0004-ADSP-enable-and-add-sound-hardware-abstraction_kf.patch b/meta-agl-bsp/meta-rcar-gen3-adas/recipes-kernel/linux/linux-renesas/0004-ADSP-enable-and-add-sound-hardware-abstraction_kf.patch new file mode 100644 index 000000000..92f5af88c --- /dev/null +++ b/meta-agl-bsp/meta-rcar-gen3-adas/recipes-kernel/linux/linux-renesas/0004-ADSP-enable-and-add-sound-hardware-abstraction_kf.patch @@ -0,0 +1,58 @@ +The ADSP on Renesas SoCs required a reserved memory area to become +enabled, and this needs to be done manually. + +This patch adds sound hardware abstraction information for the m3ulcb +and m3ulcb-kf (kingfisher) device trees. This is helpful on-board the +ADSP for dynamically determining sound hardware at runtime, allowing +single binaries to be used between the two boards. + +Future work will incorporate the h3ulcb and Salvator boards into the +abstraction. + +Signed-off-by: Ronan Le Martret +Signed-off-by: Mark Farrugia +--- +diff --git a/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb-kf.dts b/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb-kf.dts +index de2390f009e7..4ccfa8315d17 100644 +--- a/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb-kf.dts ++++ b/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb-kf.dts +@@ -15,6 +15,39 @@ + "renesas,r8a7796"; + }; + ++ ++&adsp { ++ ++ /* ADSP playback setting for pcm3168 */ ++ adsp_playback0: adsp,playback { ++ mode = "tdm"; ++ clock-mode = "master"; ++ bus-width = <24>; ++ ssi = <3>; ++ bus-if = <0>; ++ channels = <8>; ++ pin-share-ssi = <4>; ++ }; ++ ++ /* ADSP capture setting for pcm3168 */ ++ adsp_capture0: adsp,capture { ++ mode = "tdm"; ++ clock-mode = "slave"; ++ bus-width = <24>; ++ ssi = <4>; ++ bus-if = <0>; ++ channels = <8>; ++ pin-share-ssi = <3>; ++ }; ++ ++ adsp,ports { ++ port@0 { ++ playback = <&adsp_playback0>; ++ capture = <&adsp_capture0>; ++ }; ++ }; ++}; ++ + &du { + ports { + port@0 { diff --git a/meta-agl-bsp/meta-rcar-gen3-adas/recipes-kernel/linux/linux-renesas_%.bbappend b/meta-agl-bsp/meta-rcar-gen3-adas/recipes-kernel/linux/linux-renesas_%.bbappend index 72a4a78ef..1ed92af03 100644 --- a/meta-agl-bsp/meta-rcar-gen3-adas/recipes-kernel/linux/linux-renesas_%.bbappend +++ b/meta-agl-bsp/meta-rcar-gen3-adas/recipes-kernel/linux/linux-renesas_%.bbappend @@ -3,6 +3,7 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" SRC_URI_append_ulcb = " \ file://0001-arm64-dts-renesas-preserve-drm-HDMI-connector-naming.patch \ file://disable_most.cfg \ + file://0004-ADSP-enable-and-add-sound-hardware-abstraction_kf.patch \ " SRC_URI_remove_ulcb = " \ diff --git a/meta-agl-bsp/meta-rcar-gen3/recipes-kernel/linux/files/0004-ADSP-enable-and-add-sound-hardware-abstraction.patch b/meta-agl-bsp/meta-rcar-gen3/recipes-kernel/linux/files/0004-ADSP-enable-and-add-sound-hardware-abstraction.patch index 966b006a2..e8ea125e9 100644 --- a/meta-agl-bsp/meta-rcar-gen3/recipes-kernel/linux/files/0004-ADSP-enable-and-add-sound-hardware-abstraction.patch +++ b/meta-agl-bsp/meta-rcar-gen3/recipes-kernel/linux/files/0004-ADSP-enable-and-add-sound-hardware-abstraction.patch @@ -12,50 +12,6 @@ abstraction. Signed-off-by: Ronan Le Martret Signed-off-by: Mark Farrugia --- -diff --git a/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb-kf.dts b/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb-kf.dts -index de2390f009e7..4ccfa8315d17 100644 ---- a/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb-kf.dts -+++ b/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb-kf.dts -@@ -15,6 +15,39 @@ - "renesas,r8a7796"; - }; - -+ -+&adsp { -+ -+ /* ADSP playback setting for pcm3168 */ -+ adsp_playback0: adsp,playback { -+ mode = "tdm"; -+ clock-mode = "master"; -+ bus-width = <24>; -+ ssi = <3>; -+ bus-if = <0>; -+ channels = <8>; -+ pin-share-ssi = <4>; -+ }; -+ -+ /* ADSP capture setting for pcm3168 */ -+ adsp_capture0: adsp,capture { -+ mode = "tdm"; -+ clock-mode = "slave"; -+ bus-width = <24>; -+ ssi = <4>; -+ bus-if = <0>; -+ channels = <8>; -+ pin-share-ssi = <3>; -+ }; -+ -+ adsp,ports { -+ port@0 { -+ playback = <&adsp_playback0>; -+ capture = <&adsp_capture0>; -+ }; -+ }; -+}; -+ - &du { - ports { - port@0 { diff --git a/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb.dts b/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb.dts index 1cd64c1b3b31..71e59da3528d 100644 --- a/arch/arm64/boot/dts/renesas/r8a7796-m3ulcb.dts -- cgit 1.2.3-korg From c3cc2a3c6c06e97f09c93b976e2eb89ba1891f64 Mon Sep 17 00:00:00 2001 From: Ronan Le Martret Date: Tue, 4 Feb 2020 10:06:13 +0100 Subject: [RCAR] Update rcar driver weston 7 bsp 3.21.0 Change-Id: I052e4d0a27c1e0f6e6ab74c518d67dbf72e39b15 Signed-off-by: Ronan Le Martret --- meta-agl-bsp/meta-rcar-gen3/scripts/setup_mm_packages.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-agl-bsp/meta-rcar-gen3/scripts/setup_mm_packages.sh b/meta-agl-bsp/meta-rcar-gen3/scripts/setup_mm_packages.sh index 2fc3d9f1b..adf8a9d00 100644 --- a/meta-agl-bsp/meta-rcar-gen3/scripts/setup_mm_packages.sh +++ b/meta-agl-bsp/meta-rcar-gen3/scripts/setup_mm_packages.sh @@ -1,7 +1,7 @@ #!/bin/bash -ZIP_1="R-Car_Gen3_Series_Evaluation_Software_Package_for_Linux-weston5-20190802.zip" -ZIP_2="R-Car_Gen3_Series_Evaluation_Software_Package_of_Linux_Drivers-weston5-20191021.zip" +ZIP_1="R-Car_Gen3_Series_Evaluation_Software_Package_for_Linux-weston7-20191206.zip" +ZIP_2="R-Car_Gen3_Series_Evaluation_Software_Package_of_Linux_Drivers-weston7-20190802.zip" COPY_SCRIPT="$METADIR/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/docs/sample/copyscript/copy_evaproprietary_softwares.sh" -- cgit 1.2.3-korg From dadfe6cb9aa0a06175d3bd59ac59b51824d6f76f Mon Sep 17 00:00:00 2001 From: Ronan Le Martret Date: Fri, 7 Feb 2020 11:46:53 +0100 Subject: [RCAR] Update rcar driver weston 7 bsp 3.21.0 - update new rcar driver (Linux_Drivers-weston7 20191021). Bug-AGL: SPEC-2932 Change-Id: I231301ac5096715e52f2fbb2e35c159a323f8b71 Signed-off-by: Ronan Le Martret --- meta-agl-bsp/meta-rcar-gen3/scripts/setup_mm_packages.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-agl-bsp/meta-rcar-gen3/scripts/setup_mm_packages.sh b/meta-agl-bsp/meta-rcar-gen3/scripts/setup_mm_packages.sh index adf8a9d00..38b448a9d 100644 --- a/meta-agl-bsp/meta-rcar-gen3/scripts/setup_mm_packages.sh +++ b/meta-agl-bsp/meta-rcar-gen3/scripts/setup_mm_packages.sh @@ -1,7 +1,7 @@ #!/bin/bash ZIP_1="R-Car_Gen3_Series_Evaluation_Software_Package_for_Linux-weston7-20191206.zip" -ZIP_2="R-Car_Gen3_Series_Evaluation_Software_Package_of_Linux_Drivers-weston7-20190802.zip" +ZIP_2="R-Car_Gen3_Series_Evaluation_Software_Package_of_Linux_Drivers-weston7-20191021.zip" COPY_SCRIPT="$METADIR/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/docs/sample/copyscript/copy_evaproprietary_softwares.sh" -- cgit 1.2.3-korg From 5e3de49a057a7b65ee214552f4584421af29e792 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Thu, 6 Feb 2020 16:09:39 -0500 Subject: meta-agl-bsp/meta-arago: update weston bbappend Update weston bbappend orginally from meta-arago/meta-arago-distro to work with zeus. The new weston_7.0.0.bbappend is based on the version from meta-arago's zeus branch as of commit 9646a5e, with some edits to remove unneeded patches after discussion with the meta-ti / meta-arago maintainer. Bug-AGL: SPEC-2932 Change-Id: Ia0a719b1fc7ed2f31c40a2b491cfc5e4b0f71cd0 Signed-off-by: Scott Murray --- ...eston-clients-typo-in-simple-dmabuf-egl.c.patch | 29 -------- ...v-seat-restrict-udev-enumeration-to-card0.patch | 37 ---------- .../0002-Weston-Allow-visual_id-to-be-0.patch | 31 --------- ...virtual-keyboard-display-issue-for-QT5-ap.patch | 39 ----------- ...virtual-keyboard-display-issue-for-QT5-ap.patch | 41 +++++++++++ .../0004-Weston-Fix-touch-screen-crash-issue.patch | 36 ---------- .../0004-weston-Fix-touch-screen-crash-issue.patch | 39 +++++++++++ .../0005-weston-drm-fix-dual-display-issue.patch | 79 ++++++++++++++++++++++ .../meta-ti/recipes-arago/weston/weston_%.bbappend | 25 ------- .../recipes-arago/weston/weston_7.0.0.bbappend | 13 ++++ 10 files changed, 172 insertions(+), 197 deletions(-) delete mode 100644 meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0001-FIX-weston-clients-typo-in-simple-dmabuf-egl.c.patch delete mode 100644 meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0001-udev-seat-restrict-udev-enumeration-to-card0.patch delete mode 100644 meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0002-Weston-Allow-visual_id-to-be-0.patch delete mode 100644 meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0003-Weston-Fix-virtual-keyboard-display-issue-for-QT5-ap.patch create mode 100644 meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0003-weston-Fix-virtual-keyboard-display-issue-for-QT5-ap.patch delete mode 100644 meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0004-Weston-Fix-touch-screen-crash-issue.patch create mode 100644 meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0004-weston-Fix-touch-screen-crash-issue.patch create mode 100644 meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0005-weston-drm-fix-dual-display-issue.patch delete mode 100644 meta-agl-bsp/meta-ti/recipes-arago/weston/weston_%.bbappend create mode 100644 meta-agl-bsp/meta-ti/recipes-arago/weston/weston_7.0.0.bbappend diff --git a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0001-FIX-weston-clients-typo-in-simple-dmabuf-egl.c.patch b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0001-FIX-weston-clients-typo-in-simple-dmabuf-egl.c.patch deleted file mode 100644 index 7801bdd57..000000000 --- a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0001-FIX-weston-clients-typo-in-simple-dmabuf-egl.c.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 53d7c243ba0baa052081735b8effff4e2679ce65 Mon Sep 17 00:00:00 2001 -From: Kamal Pandey -Date: Thu, 4 Apr 2019 19:45:45 +0530 -Subject: [PATCH] FIX: weston: clients: typo in simple-dmabuf-egl.c - -Fix variable EGL_NO_IMAGE to EGL_NO_IMAGE_KHR in -clients/simple-dmabuf-egl.c - -Signed-off-by: Kamal Pandey ---- - clients/simple-dmabuf-egl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/clients/simple-dmabuf-egl.c b/clients/simple-dmabuf-egl.c -index 75d880e08..2d99c4709 100644 ---- a/clients/simple-dmabuf-egl.c -+++ b/clients/simple-dmabuf-egl.c -@@ -293,7 +293,7 @@ create_fbo_for_buffer(struct display *display, struct buffer *buffer) - EGL_NO_CONTEXT, - EGL_LINUX_DMA_BUF_EXT, - NULL, attribs); -- if (buffer->egl_image == EGL_NO_IMAGE) { -+ if (buffer->egl_image == EGL_NO_IMAGE_KHR) { - fprintf(stderr, "EGLImageKHR creation failed\n"); - return false; - } --- -2.21.0 - diff --git a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0001-udev-seat-restrict-udev-enumeration-to-card0.patch b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0001-udev-seat-restrict-udev-enumeration-to-card0.patch deleted file mode 100644 index 45d4ec7d6..000000000 --- a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0001-udev-seat-restrict-udev-enumeration-to-card0.patch +++ /dev/null @@ -1,37 +0,0 @@ -From e8e7a9f7dfa164a75fdbdca87622a2e13334478a Mon Sep 17 00:00:00 2001 -From: Anand Balagopalakrishnan -Date: Sat, 23 Jan 2016 22:48:07 +0530 -Subject: [PATCH 1/1] udev-seat: restrict udev enumeration to card0 - -In case of separate GPU and Display devices as found in embedded systems, we -could have modeset node and render node controlled by different drivers. -There is a distinct possibility that udev enumeration returns the DRM device -corresponding to render node as the primary DRM device. - -Obviously, modeset operations cannot be done on the GPU DRM device. - -Restrict the udev enumeration to card0 and ensure that DRM device corresponding -to display is returned as the primary DRM device. - -Upstream-Status: Pending - -Signed-off-by: Anand Balagopalakrishnan ---- - libweston/compositor-drm.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/libweston/compositor-drm.c b/libweston/compositor-drm.c -index 6777bf8..59c2cc5 100644 ---- a/libweston/compositor-drm.c -+++ b/libweston/compositor-drm.c -@@ -2827,7 +2827,7 @@ find_primary_gpu(struct drm_backend *b, const char *seat) - - e = udev_enumerate_new(b->udev); - udev_enumerate_add_match_subsystem(e, "drm"); -- udev_enumerate_add_match_sysname(e, "card[0-9]*"); -+ udev_enumerate_add_match_sysname(e, "card0"); - - udev_enumerate_scan_devices(e); - drm_device = NULL; --- -1.7.9.5 diff --git a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0002-Weston-Allow-visual_id-to-be-0.patch b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0002-Weston-Allow-visual_id-to-be-0.patch deleted file mode 100644 index b7f467b45..000000000 --- a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0002-Weston-Allow-visual_id-to-be-0.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 5b5de6a814b43ca023a92b85b407b3d061dbc64f Mon Sep 17 00:00:00 2001 -From: Eric Ruei -Date: Thu, 9 Mar 2017 14:32:24 -0500 -Subject: [PATCH 2/4] Weston: Allow visual_id to be 0 - -The inquiry of visual id from egl API eglGetConfigAttrib(EGL_NATIVE_VISUAL_ID) -is an optional feature. The visual id will be set to 0 if this feature is -not supported. Therefore, the return condition @function match_config_to_visual() -should be (id == visual_id || id == 0) instead of (id == visual_id) - -Signed-off-by: Eric Ruei ---- - libweston/gl-renderer.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/libweston/gl-renderer.c b/libweston/gl-renderer.c -index 23c0cd7..4c1f170 100644 ---- a/libweston/gl-renderer.c -+++ b/libweston/gl-renderer.c -@@ -2462,7 +2462,7 @@ match_config_to_visual(EGLDisplay egl_display, - &id)) - continue; - -- if (id == visual_id) -+ if (id == visual_id || id == 0) - return i; - } - --- -1.9.1 - diff --git a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0003-Weston-Fix-virtual-keyboard-display-issue-for-QT5-ap.patch b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0003-Weston-Fix-virtual-keyboard-display-issue-for-QT5-ap.patch deleted file mode 100644 index 126d4ed33..000000000 --- a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0003-Weston-Fix-virtual-keyboard-display-issue-for-QT5-ap.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 0d15218ced5bf2e6f3d05758f0f5f21c2a0303f2 Mon Sep 17 00:00:00 2001 -From: Eric Ruei -Date: Thu, 9 Mar 2017 14:33:08 -0500 -Subject: [PATCH 3/4] Weston: Fix virtual keyboard display issue for QT5 - application - -The virtual keyboard does pop up as expected, however, it will never hide -even when the application is terminated. This problem is due to the order -of the text APIs( text_input_activate and test_input_show_input_panel) are -invoked in QT5 and a potential bug of the API implementation. The virtual -keyboard works as expected if the test_input_show_input_panel() is invoked -prior to the test_input_activate() as most of the weston sample applications -do. However, the problem will show up if that order is reversed and the reason -why is that the current_panel is not set in this case and hence this panel -cannot be hidden. - -It is required to set the current_panel to the text_input when the input_panel -becomes visible at the first time. - -Updated for weston 5.0.0 by Scott Murray . - -Signed-off-by: Eric Ruei -Signed-off-by: Scott Murray ---- - compositor/text-backend.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/compositor/text-backend.c b/compositor/text-backend.c -index 664c36f7..b610dfb1 100644 ---- a/compositor/text-backend.c -+++ b/compositor/text-backend.c -@@ -349,6 +349,7 @@ text_input_show_input_panel(struct wl_client *client, - text_input->surface); - wl_signal_emit(&ec->update_input_panel_signal, - &text_input->cursor_rectangle); -+ text_input->manager->current_text_input = text_input; - } - } - diff --git a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0003-weston-Fix-virtual-keyboard-display-issue-for-QT5-ap.patch b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0003-weston-Fix-virtual-keyboard-display-issue-for-QT5-ap.patch new file mode 100644 index 000000000..32901db99 --- /dev/null +++ b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0003-weston-Fix-virtual-keyboard-display-issue-for-QT5-ap.patch @@ -0,0 +1,41 @@ +From 8034bc1862bbebb332e91917c6458ef8efb5b54e Mon Sep 17 00:00:00 2001 +From: Eric Ruei +Date: Fri, 8 Mar 2019 18:49:07 -0500 +Subject: [PATCH] weston: Fix virtual keyboard display issue for QT5 + application + +The virtual keyboard does pop up as expected, however, it will never hide +even when the application is terminated. This problem is due to the order +of the text APIs( text_input_activate and test_input_show_input_panel) are +invoked in QT5 and a potential bug of the API implementation. The virtual +keyboard works as expected if the test_input_show_input_panel() is invoked +prior to the test_input_activate() as most of the weston sample applications +do. However, the problem will show up if that order is reversed and the reason +why is that the current_panel is not set in this case and hence this panel +cannot be hidden. + +It is required to set the current_panel to the text_input when the input_panel +becomes visible at the first time. + +Upstream status: Pending + +Signed-off-by: Eric Ruei +--- + compositor/text-backend.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/compositor/text-backend.c b/compositor/text-backend.c +index 664c36f..b610dfb 100644 +--- a/compositor/text-backend.c ++++ b/compositor/text-backend.c +@@ -349,6 +349,7 @@ text_input_show_input_panel(struct wl_client *client, + text_input->surface); + wl_signal_emit(&ec->update_input_panel_signal, + &text_input->cursor_rectangle); ++ text_input->manager->current_text_input = text_input; + } + } + +-- +1.9.1 + diff --git a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0004-Weston-Fix-touch-screen-crash-issue.patch b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0004-Weston-Fix-touch-screen-crash-issue.patch deleted file mode 100644 index ba20551e1..000000000 --- a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0004-Weston-Fix-touch-screen-crash-issue.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 8958bf21960a475d2933e688d0da9a0d2186d509 Mon Sep 17 00:00:00 2001 -From: Eric Ruei -Date: Thu, 9 Mar 2017 14:34:18 -0500 -Subject: [PATCH 4/4] Weston: Fix touch screen crash issue - -Touch screen operation causes the weston to crash with segment fault sometimes. -The crash occurs when the coordinate (x,y) passed to the weston input module -is outside the view window, hence the weston compositor is not able to pick -up a display view and there is no code to detect this condition at function -notify_touch(). - -Signed-off-by: Eric Ruei ---- - libweston/input.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/libweston/input.c b/libweston/input.c -index 8fe898c..0f72d23 100644 ---- a/libweston/input.c -+++ b/libweston/input.c -@@ -1848,6 +1848,12 @@ notify_touch(struct weston_seat *seat, uint32_t time, int touch_id, - * until all touch points are up again. */ - if (touch->num_tp == 1) { - ev = weston_compositor_pick_view(ec, x, y, &sx, &sy); -+ if (!ev) -+ { -+ weston_log("notify_touch: weston_compositor_pick_view(%d, %d) failed to find a view!\n", -+ wl_fixed_to_int(x), wl_fixed_to_int(y)); -+ return; -+ } - weston_touch_set_focus(touch, ev); - } else if (!touch->focus) { - /* Unexpected condition: We have non-initial touch but --- -1.9.1 - diff --git a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0004-weston-Fix-touch-screen-crash-issue.patch b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0004-weston-Fix-touch-screen-crash-issue.patch new file mode 100644 index 000000000..4849d5b64 --- /dev/null +++ b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0004-weston-Fix-touch-screen-crash-issue.patch @@ -0,0 +1,39 @@ +From 60250e9dc57fe56148c8a24bba107bce8a873fb4 Mon Sep 17 00:00:00 2001 +From: Karthik Ramanan +Date: Mon, 12 Mar 2018 10:56:28 +0530 +Subject: [PATCH 4/4] weston: Fix touch screen crash issue + +Touch screen operation causes the weston to crash with segment fault sometimes. +The crash occurs when the coordinate (x,y) passed to the weston input module +is outside the view window, hence the weston compositor is not able to pick +up a display view and there is no code to detect this condition at function +notify_touch(). + +Upstream status: pending + +Signed-off-by: Eric Ruei +Signed-off-by: Karthik Ramanan +--- + libweston/input.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/libweston/input.c b/libweston/input.c +index 4fedc55..bcb2f28 100644 +--- a/libweston/input.c ++++ b/libweston/input.c +@@ -2185,6 +2185,12 @@ notify_touch(struct weston_seat *seat, uint32_t time, int touch_id, + * until all touch points are up again. */ + if (touch->num_tp == 1) { + ev = weston_compositor_pick_view(ec, x, y, &sx, &sy); ++ if (!ev) ++ { ++ weston_log("notify_touch: weston_compositor_pick_view(%d, %d) failed to find a view!\n", ++ wl_fixed_to_int(x), wl_fixed_to_int(y)); ++ return; ++ } + weston_touch_set_focus(touch, ev); + } else if (!touch->focus) { + /* Unexpected condition: We have non-initial touch but +-- +1.9.1 + diff --git a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0005-weston-drm-fix-dual-display-issue.patch b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0005-weston-drm-fix-dual-display-issue.patch new file mode 100644 index 000000000..9b06b81b3 --- /dev/null +++ b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston/0005-weston-drm-fix-dual-display-issue.patch @@ -0,0 +1,79 @@ +From db6f5ce008d9b8a4cc7db71659ce1d21d3d7f97f Mon Sep 17 00:00:00 2001 +From: Eric Ruei +Date: Tue, 26 Mar 2019 13:32:31 -0400 +Subject: [PATCH 3/3] weston: drm: fix dual display issue + +This patch fixes the dual display issue by enhancing the primary plane +search algorithm to keep the plane which is connected to the crtc of +the output because the direct switching of active planes is not allowed. + +Upstream status: Pending + +Signed-off-by: Eric Ruei +--- + libweston/compositor-drm.c | 17 ++++++++++++++++- + 1 file changed, 16 insertions(+), 1 deletion(-) + +diff --git a/libweston/compositor-drm.c b/libweston/compositor-drm.c +index 3891176..fa694c3 100644 +--- a/libweston/compositor-drm.c ++++ b/libweston/compositor-drm.c +@@ -428,6 +428,7 @@ struct drm_plane { + + uint32_t possible_crtcs; + uint32_t plane_id; ++ uint32_t crtc_id; + uint32_t count_formats; + + struct drm_property_info props[WDRM_PLANE__COUNT]; +@@ -4073,6 +4074,7 @@ drm_plane_create(struct drm_backend *b, const drmModePlane *kplane, + if (kplane) { + plane->possible_crtcs = kplane->possible_crtcs; + plane->plane_id = kplane->plane_id; ++ plane->crtc_id = kplane->crtc_id; + + props = drmModeObjectGetProperties(b->drm.fd, kplane->plane_id, + DRM_MODE_OBJECT_PLANE); +@@ -4097,6 +4099,7 @@ drm_plane_create(struct drm_backend *b, const drmModePlane *kplane, + else { + plane->possible_crtcs = (1 << output->pipe); + plane->plane_id = 0; ++ plane->crtc_id = 0; + plane->count_formats = 1; + plane->formats[0].format = format; + plane->type = type; +@@ -4157,6 +4160,7 @@ drm_output_find_special_plane(struct drm_backend *b, struct drm_output *output, + enum wdrm_plane_type type) + { + struct drm_plane *plane; ++ struct drm_plane *plane2 = NULL; /* secondary plane */ + + if (!b->universal_planes) { + uint32_t format; +@@ -4204,11 +4208,22 @@ drm_output_find_special_plane(struct drm_backend *b, struct drm_output *output, + if (found_elsewhere) + continue; + ++ /* The output should keep the primary plane connected to its ++ * crtc since the direct switching of active plane is not ++ * allowed. */ ++ if ((type == WDRM_PLANE_TYPE_PRIMARY) && ++ (plane->crtc_id != output->crtc_id)) { ++ if (plane->crtc_id == 0) { ++ plane->possible_crtcs = (1 << output->pipe); ++ plane2 = plane; ++ } ++ continue; ++ } + plane->possible_crtcs = (1 << output->pipe); + return plane; + } + +- return NULL; ++ return plane2; + } + + /** +-- +1.9.1 + diff --git a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston_%.bbappend b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston_%.bbappend deleted file mode 100644 index 718d6f86a..000000000 --- a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston_%.bbappend +++ /dev/null @@ -1,25 +0,0 @@ -# When configured for fbdev compositor, make it the default -PACKAGECONFIG[fbdev] = "--enable-fbdev-compositor WESTON_NATIVE_BACKEND="fbdev-backend.so",--disable-fbdev-compositor,udev mtdev" -PACKAGECONFIG[kms] = "--enable-drm-compositor,--disable-drm-compositor,drm udev virtual/libgbm mtdev" - -PR_append = ".agl_arago_23" - -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - -RDEPENDS_${PN} += "weston-conf" - -####################### F I X M E ########################## -DISABLED_SRC_URI += " \ - file://0001-Add-soc-performance-monitor-utilites.patch \ -" -####################### F I X M E ########################## - -SRC_URI += " \ - file://0001-FIX-weston-clients-typo-in-simple-dmabuf-egl.c.patch \ - file://0002-Weston-Allow-visual_id-to-be-0.patch \ - file://0003-Weston-Fix-virtual-keyboard-display-issue-for-QT5-ap.patch \ - file://0004-Weston-Fix-touch-screen-crash-issue.patch \ -" - - -RDEPENDS_${PN}_remove = "weston-conf" diff --git a/meta-agl-bsp/meta-ti/recipes-arago/weston/weston_7.0.0.bbappend b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston_7.0.0.bbappend new file mode 100644 index 000000000..21c912a66 --- /dev/null +++ b/meta-agl-bsp/meta-ti/recipes-arago/weston/weston_7.0.0.bbappend @@ -0,0 +1,13 @@ +PACKAGECONFIG[kms] = "-Dbackend-drm=true,-Dbackend-drm=false,drm udev virtual/libgbm mtdev" + +PR_append = ".arago2" + +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" + +# file://0005-weston-drm-fix-dual-display-issue.patch +SRC_URI += " \ + file://0003-weston-Fix-virtual-keyboard-display-issue-for-QT5-ap.patch \ + file://0004-weston-Fix-touch-screen-crash-issue.patch \ +" + +INHIBIT_PACKAGE_STRIP = "1" -- cgit 1.2.3-korg From e32b0ddf6130dc5b62f86f1f588e6d1fa3b2d07a Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Tue, 11 Feb 2020 16:44:22 -0500 Subject: meta-agl-profile-core: tweak udisks2 configuration for AGL Per discussion on Arch wiki at: https://wiki.archlinux.org/index.php/Udisks#Mount_to_/media_(udisks2) add a udev rules file to tweak the UDISKS_FILESYSTEM_SHARED environment variable to configure udisks2 to use /media as used to be the default with the older udisks. This restores behavior to what is expected by the AGL configuration for lightmediascanner. Bug-AGL: SPEC-2932 Change-Id: I66fda10f71dea889f3cd06341d9daa809bec2aa5 Signed-off-by: Scott Murray --- meta-agl-profile-core/recipes-support/udisks/files/99-udisks2.rules | 5 +++++ meta-agl-profile-core/recipes-support/udisks/udisks2_%.bbappend | 4 ++++ 2 files changed, 9 insertions(+) create mode 100644 meta-agl-profile-core/recipes-support/udisks/files/99-udisks2.rules diff --git a/meta-agl-profile-core/recipes-support/udisks/files/99-udisks2.rules b/meta-agl-profile-core/recipes-support/udisks/files/99-udisks2.rules new file mode 100644 index 000000000..996e43439 --- /dev/null +++ b/meta-agl-profile-core/recipes-support/udisks/files/99-udisks2.rules @@ -0,0 +1,5 @@ +# UDISKS_FILESYSTEM_SHARED +# ==1: mount filesystem to a shared directory (/media/VolumeName) +# ==0: mount filesystem to a private directory (/run/media/$USER/VolumeName) +# See udisks(8) +ENV{ID_FS_USAGE}=="filesystem|other|crypto", ENV{UDISKS_FILESYSTEM_SHARED}="1" diff --git a/meta-agl-profile-core/recipes-support/udisks/udisks2_%.bbappend b/meta-agl-profile-core/recipes-support/udisks/udisks2_%.bbappend index 27cac6592..34756f480 100644 --- a/meta-agl-profile-core/recipes-support/udisks/udisks2_%.bbappend +++ b/meta-agl-profile-core/recipes-support/udisks/udisks2_%.bbappend @@ -2,6 +2,7 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/files:" SRC_URI += "file://automount.service \ file://automount.sh \ + file://99-udisks2.rules \ " SYSTEMD_AUTO_ENABLE = "enable" @@ -15,6 +16,9 @@ do_install_append () { install -d ${D}${libexecdir} install -m 0755 ${WORKDIR}/automount.sh ${D}${libexecdir}/automount.sh + + install -d ${D}${sysconfdir}/udev/rules.d + install -m 0644 ${WORKDIR}/99-udisks2.rules ${D}${sysconfdir}/udev/rules.d } FILES_${PN} += "${base_libdir}/systemd/system/automount.service \ -- cgit 1.2.3-korg From 8787f82ce32a5fe42c56513ce32e8d1d94ce3e3e Mon Sep 17 00:00:00 2001 From: Marius Vlad Date: Wed, 12 Feb 2020 14:08:51 +0200 Subject: recipes-graphics/wayland/weston: Expose weston_output_damage() Seems that we can damage all the outputs, but not individual and output so patch libweston to include that declaration. The symbol's already exported. Bug-AGL: SPEC-3179 Change-Id: I6f765304c61d4ef288ebf015a131d9e138d50e97 Signed-off-by: Marius Vlad --- ...-Expose-weston_output_damage-in-libweston.patch | 30 ++++++++++++++++++++++ .../recipes-graphics/wayland/weston_7.0.0.bbappend | 1 + 2 files changed, 31 insertions(+) create mode 100644 meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-libweston-Expose-weston_output_damage-in-libweston.patch diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-libweston-Expose-weston_output_damage-in-libweston.patch b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-libweston-Expose-weston_output_damage-in-libweston.patch new file mode 100644 index 000000000..32755c4b3 --- /dev/null +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston/0001-libweston-Expose-weston_output_damage-in-libweston.patch @@ -0,0 +1,30 @@ +From 7e5fb58591a29d60657158262a0772796bfd3461 Mon Sep 17 00:00:00 2001 +From: Marius Vlad +Date: Wed, 12 Feb 2020 13:18:19 +0200 +Subject: [PATCH] libweston: Expose weston_output_damage() in libweston + +We have weston_compositor_damage_all() exported and declared but users +might need weston_output_damage() to refer to an individual output. The +symbol already exported so just declare it. + +Signed-off-by: Marius Vlad +--- + include/libweston/libweston.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/include/libweston/libweston.h b/include/libweston/libweston.h +index 1439775e..9fac5be0 100644 +--- a/include/libweston/libweston.h ++++ b/include/libweston/libweston.h +@@ -1604,6 +1604,8 @@ weston_compositor_schedule_repaint(struct weston_compositor *compositor); + void + weston_compositor_damage_all(struct weston_compositor *compositor); + void ++weston_output_damage(struct weston_output *woutput); ++void + weston_compositor_wake(struct weston_compositor *compositor); + void + weston_compositor_sleep(struct weston_compositor *compositor); +-- +2.20.1 + diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston_7.0.0.bbappend b/meta-agl-profile-graphical/recipes-graphics/wayland/weston_7.0.0.bbappend index c2e52798d..67ce0ba5e 100644 --- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston_7.0.0.bbappend +++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston_7.0.0.bbappend @@ -9,6 +9,7 @@ SRC_URI_append = "\ file://use-XDG_RUNTIMESHARE_DIR.patch \ file://0002-ivi-shell-Fix-crash-due-no-transmitter-screen.patch \ file://0001-config-parser-Export-get_full_path-and-destroy.patch \ + file://0001-libweston-Expose-weston_output_damage-in-libweston.patch \ " EXTRA_OEMESON_append = " -Denable-user-start=true" -- cgit 1.2.3-korg From ffe584b58889bad79004f3916f858299d8b7b385 Mon Sep 17 00:00:00 2001 From: José Bollo Date: Tue, 4 Feb 2020 18:02:26 +0100 Subject: meta-security: activates dbus-cynagora MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: Ia82ef9c5693c5eb4ba147bb7ead54f2608cb5dd4 Signed-off-by: José Bollo --- ...on-of-Cynara-asynchronous-security-checks.patch | 2309 ++++++++++++++++++++ ...sage-dispatching-when-send-rule-result-is.patch | 967 ++++++++ ...ailability-of-policy-results-for-broadcas.patch | 1095 ++++++++++ ...d-own-rule-result-unavailability-handling.patch | 1505 +++++++++++++ ...m-Cynara-runtime-policy-checks-by-default.patch | 180 ++ .../0006-Fix-SIGSEGV-on-disconnections.patch | 109 + .../0007-Switch-from-cynara-to-cynagora.patch | 1048 +++++++++ .../dbus-cynagora/dbus_1.12.16.bbappend | 15 + ...on-of-Cynara-asynchronous-security-checks.patch | 2232 ------------------- ...sage-dispatching-when-send-rule-result-is.patch | 949 -------- ...ailability-of-policy-results-for-broadcas.patch | 1082 --------- ...d-own-rule-result-unavailability-handling.patch | 1493 ------------- ...m-Cynara-runtime-policy-checks-by-default.patch | 175 -- .../dbus-cynara/0006-Fix-gcc-8-warnings.patch | 134 -- .../0007-Fix-SIGSEGV-on-disconnections.patch | 109 - .../recipes-core/dbus-cynara/dbus_1.12.16.bbappend | 17 - 16 files changed, 7228 insertions(+), 6191 deletions(-) create mode 100644 meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0001-Integration-of-Cynara-asynchronous-security-checks.patch create mode 100644 meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0002-Disable-message-dispatching-when-send-rule-result-is.patch create mode 100644 meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0003-Handle-unavailability-of-policy-results-for-broadcas.patch create mode 100644 meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0004-Add-own-rule-result-unavailability-handling.patch create mode 100644 meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0005-Perform-Cynara-runtime-policy-checks-by-default.patch create mode 100644 meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0006-Fix-SIGSEGV-on-disconnections.patch create mode 100644 meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0007-Switch-from-cynara-to-cynagora.patch create mode 100644 meta-security/recipes-core/dbus-cynagora/dbus_1.12.16.bbappend delete mode 100644 meta-security/recipes-core/dbus-cynara/dbus-cynara/0001-Integration-of-Cynara-asynchronous-security-checks.patch delete mode 100644 meta-security/recipes-core/dbus-cynara/dbus-cynara/0002-Disable-message-dispatching-when-send-rule-result-is.patch delete mode 100644 meta-security/recipes-core/dbus-cynara/dbus-cynara/0003-Handle-unavailability-of-policy-results-for-broadcas.patch delete mode 100644 meta-security/recipes-core/dbus-cynara/dbus-cynara/0004-Add-own-rule-result-unavailability-handling.patch delete mode 100644 meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch delete mode 100644 meta-security/recipes-core/dbus-cynara/dbus-cynara/0006-Fix-gcc-8-warnings.patch delete mode 100644 meta-security/recipes-core/dbus-cynara/dbus-cynara/0007-Fix-SIGSEGV-on-disconnections.patch delete mode 100644 meta-security/recipes-core/dbus-cynara/dbus_1.12.16.bbappend diff --git a/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0001-Integration-of-Cynara-asynchronous-security-checks.patch b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0001-Integration-of-Cynara-asynchronous-security-checks.patch new file mode 100644 index 000000000..55cedb9c7 --- /dev/null +++ b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0001-Integration-of-Cynara-asynchronous-security-checks.patch @@ -0,0 +1,2309 @@ +From ea4b650366261e4257e4b0fb95e7f48e30ef36f0 Mon Sep 17 00:00:00 2001 +From: Jacek Bukarewicz +Date: Thu, 27 Nov 2014 18:11:05 +0100 +Subject: [PATCH 1/8] Integration of Cynara asynchronous security checks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This commit introduces basic framework for asynchronous policy +checks and Cynara integration code. Functions for checking security +policy can now return third value - BUS_RESULT_LATER denoting check +result unavailability. Whenever policy checker cannot decide on the +result of the check it is supposed to allocate DeferredMessage structure +that will be passed to the upper layers which can decide what should be +done in such situation. +Proper handling of such case will be implemented in subsequent commits. +Currently such return value results in message denial. + +Cherry picked from 4dcfb02f17247ff9de966b62182cd2e08f301238 +by José Bollo. + +Updated for dbus 1.10.20 by Scott Murray and José Bollo +Updated for dbus 1.12.16 by José Bollo + +Change-Id: I9bcbce34577e5dc2a3cecf6233a0a2b0e43e1108 +Signed-off-by: José Bollo +Signed-off-by: Scott Murray +--- + bus/Makefile.am | 6 + + bus/activation.c | 5 +- + bus/bus.c | 124 ++++-- + bus/bus.h | 22 +- + bus/check.c | 217 ++++++++++ + bus/check.h | 68 ++++ + bus/config-parser-common.c | 6 + + bus/config-parser-common.h | 1 + + bus/config-parser-trivial.c | 2 + + bus/config-parser.c | 72 +++- + bus/connection.c | 57 ++- + bus/connection.h | 4 + + bus/cynara.c | 374 ++++++++++++++++++ + bus/cynara.h | 37 ++ + bus/dispatch.c | 46 ++- + bus/driver.h | 2 + + bus/policy.c | 195 ++++++--- + bus/policy.h | 29 +- + configure.ac | 12 + + test/Makefile.am | 1 + + .../data/invalid-config-files/badcheck-1.conf | 9 + + .../data/invalid-config-files/badcheck-2.conf | 9 + + test/data/valid-config-files/check-1.conf | 9 + + .../debug-check-some.conf.in | 18 + + 24 files changed, 1181 insertions(+), 144 deletions(-) + create mode 100644 bus/check.c + create mode 100644 bus/check.h + create mode 100644 bus/cynara.c + create mode 100644 bus/cynara.h + create mode 100644 test/data/invalid-config-files/badcheck-1.conf + create mode 100644 test/data/invalid-config-files/badcheck-2.conf + create mode 100644 test/data/valid-config-files/check-1.conf + create mode 100644 test/data/valid-config-files/debug-check-some.conf.in + +diff --git a/bus/Makefile.am b/bus/Makefile.am +index c917063..2a8a72c 100644 +--- a/bus/Makefile.am ++++ b/bus/Makefile.am +@@ -13,6 +13,7 @@ DBUS_BUS_LIBS = \ + $(THREAD_LIBS) \ + $(ADT_LIBS) \ + $(NETWORK_libs) \ ++ $(CYNARA_LIBS) \ + $(NULL) + + DBUS_LAUNCHER_LIBS = \ +@@ -30,6 +31,7 @@ AM_CPPFLAGS = \ + $(APPARMOR_CFLAGS) \ + -DDBUS_SYSTEM_CONFIG_FILE=\""$(dbusdatadir)/system.conf"\" \ + -DDBUS_COMPILATION \ ++ $(CYNARA_CFLAGS) \ + $(NULL) + + # if assertions are enabled, improve backtraces +@@ -90,6 +92,8 @@ BUS_SOURCES= \ + audit.h \ + bus.c \ + bus.h \ ++ check.c \ ++ check.h \ + config-loader-expat.c \ + config-parser.c \ + config-parser.h \ +@@ -97,6 +101,8 @@ BUS_SOURCES= \ + config-parser-common.h \ + connection.c \ + connection.h \ ++ cynara.c \ ++ cynara.h \ + desktop-file.c \ + desktop-file.h \ + $(DIR_WATCH_SOURCE) \ +diff --git a/bus/activation.c b/bus/activation.c +index 99404b9..f9c6c62 100644 +--- a/bus/activation.c ++++ b/bus/activation.c +@@ -1789,14 +1789,15 @@ bus_activation_activate_service (BusActivation *activation, + + if (auto_activation && + entry != NULL && +- !bus_context_check_security_policy (activation->context, ++ BUS_RESULT_TRUE != bus_context_check_security_policy (activation->context, + transaction, + connection, /* sender */ + NULL, /* addressed recipient */ + NULL, /* proposed recipient */ + activation_message, + entry, +- error)) ++ error, ++ NULL)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); + _dbus_verbose ("activation not authorized: %s: %s\n", +diff --git a/bus/bus.c b/bus/bus.c +index 2ad8e78..6fc45d0 100644 +--- a/bus/bus.c ++++ b/bus/bus.c +@@ -38,6 +38,7 @@ + #include "apparmor.h" + #include "audit.h" + #include "dir-watch.h" ++#include "check.h" + #include + #include + #include +@@ -67,6 +68,7 @@ struct BusContext + BusRegistry *registry; + BusPolicy *policy; + BusMatchmaker *matchmaker; ++ BusCheck *check; + BusLimits limits; + DBusRLimit *initial_fd_limit; + unsigned int fork : 1; +@@ -1003,6 +1005,10 @@ bus_context_new (const DBusString *config_file, + parser = NULL; + } + ++ context->check = bus_check_new(context, error); ++ if (context->check == NULL) ++ goto failed; ++ + dbus_server_free_data_slot (&server_data_slot); + + return context; +@@ -1127,6 +1133,12 @@ bus_context_unref (BusContext *context) + + bus_context_shutdown (context); + ++ if (context->check) ++ { ++ bus_check_unref(context->check); ++ context->check = NULL; ++ } ++ + if (context->connections) + { + bus_connections_unref (context->connections); +@@ -1256,6 +1268,12 @@ bus_context_get_loop (BusContext *context) + return context->loop; + } + ++BusCheck* ++bus_context_get_check (BusContext *context) ++{ ++ return context->check; ++} ++ + dbus_bool_t + bus_context_allow_unix_user (BusContext *context, + unsigned long uid) +@@ -1451,6 +1469,7 @@ complain_about_message (BusContext *context, + DBusConnection *proposed_recipient, + dbus_bool_t requested_reply, + dbus_bool_t log, ++ const char *privilege, + DBusError *error) + { + DBusError stack_error = DBUS_ERROR_INIT; +@@ -1480,7 +1499,8 @@ complain_about_message (BusContext *context, + dbus_set_error (&stack_error, error_name, + "%s, %d matched rules; type=\"%s\", sender=\"%s\" (%s) " + "interface=\"%s\" member=\"%s\" error name=\"%s\" " +- "requested_reply=\"%d\" destination=\"%s\" (%s)", ++ "requested_reply=\"%d\" destination=\"%s\" (%s) " ++ "privilege=\"%s\"", + complaint, + matched_rules, + dbus_message_type_to_string (dbus_message_get_type (message)), +@@ -1491,7 +1511,8 @@ complain_about_message (BusContext *context, + nonnull (dbus_message_get_error_name (message), "(unset)"), + requested_reply, + nonnull (dbus_message_get_destination (message), DBUS_SERVICE_DBUS), +- proposed_recipient_loginfo); ++ proposed_recipient_loginfo, ++ nonnull (privilege, "(n/a)")); + + /* If we hit OOM while setting the error, this will syslog "out of memory" + * which is itself an indication that something is seriously wrong */ +@@ -1519,7 +1540,7 @@ complain_about_message (BusContext *context, + * NULL for addressed_recipient may mean the bus driver, or may mean + * no destination was specified in the message (e.g. a signal). + */ +-dbus_bool_t ++BusResult + bus_context_check_security_policy (BusContext *context, + BusTransaction *transaction, + DBusConnection *sender, +@@ -1527,7 +1548,8 @@ bus_context_check_security_policy (BusContext *context, + DBusConnection *proposed_recipient, + DBusMessage *message, + BusActivationEntry *activation_entry, +- DBusError *error) ++ DBusError *error, ++ BusDeferredMessage **deferred_message) + { + const char *src, *dest; + BusClientPolicy *sender_policy; +@@ -1536,6 +1558,7 @@ bus_context_check_security_policy (BusContext *context, + dbus_bool_t log; + int type; + dbus_bool_t requested_reply; ++ const char *privilege; + + type = dbus_message_get_type (message); + src = dbus_message_get_sender (message); +@@ -1565,7 +1588,7 @@ bus_context_check_security_policy (BusContext *context, + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, + "Message bus will not accept messages of unknown type\n"); + +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + requested_reply = FALSE; +@@ -1595,7 +1618,7 @@ bus_context_check_security_policy (BusContext *context, + if (dbus_error_is_set (&error2)) + { + dbus_move_error (&error2, error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + } + } +@@ -1624,11 +1647,11 @@ bus_context_check_security_policy (BusContext *context, + complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, + "An SELinux policy prevents this sender from sending this " + "message to this recipient", +- 0, message, sender, proposed_recipient, FALSE, FALSE, error); ++ 0, message, sender, proposed_recipient, FALSE, FALSE, NULL, error); + _dbus_verbose ("SELinux security check denying send to service\n"); + } + +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + /* next verify AppArmor access controls. If allowed then +@@ -1646,7 +1669,7 @@ bus_context_check_security_policy (BusContext *context, + src ? src : DBUS_SERVICE_DBUS, + activation_entry, + error)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + if (!bus_connection_is_active (sender)) + { +@@ -1660,7 +1683,7 @@ bus_context_check_security_policy (BusContext *context, + { + _dbus_verbose ("security check allowing %s message\n", + "Hello"); +- return TRUE; ++ return BUS_RESULT_TRUE; + } + else + { +@@ -1671,7 +1694,7 @@ bus_context_check_security_policy (BusContext *context, + "Client tried to send a message other than %s without being registered", + "Hello"); + +- return FALSE; ++ return BUS_RESULT_FALSE; + } + } + } +@@ -1720,20 +1743,29 @@ bus_context_check_security_policy (BusContext *context, + (proposed_recipient == NULL && recipient_policy == NULL)); + + log = FALSE; +- if (sender_policy && +- !bus_client_policy_check_can_send (sender_policy, +- context->registry, +- requested_reply, +- proposed_recipient, +- message, &toggles, &log)) +- { +- complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, +- "Rejected send message", toggles, +- message, sender, proposed_recipient, requested_reply, +- (addressed_recipient == proposed_recipient), error); +- _dbus_verbose ("security policy disallowing message due to sender policy\n"); +- return FALSE; +- } ++ if (sender_policy) ++ { ++ BusResult res = bus_client_policy_check_can_send (sender, ++ sender_policy, ++ context->registry, ++ requested_reply, ++ addressed_recipient, ++ proposed_recipient, ++ message, &toggles, &log, &privilege, ++ deferred_message); ++ if (res == BUS_RESULT_FALSE) ++ { ++ complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, ++ "Rejected send message", toggles, ++ message, sender, proposed_recipient, requested_reply, ++ (addressed_recipient == proposed_recipient), privilege, ++ error); ++ _dbus_verbose ("security policy disallowing message due to sender policy\n"); ++ return BUS_RESULT_FALSE; ++ } ++ else if (res == BUS_RESULT_LATER) ++ return BUS_RESULT_LATER; ++ } + + if (log) + { +@@ -1742,23 +1774,29 @@ bus_context_check_security_policy (BusContext *context, + complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, + "Would reject message", toggles, + message, sender, proposed_recipient, requested_reply, +- TRUE, NULL); ++ TRUE, privilege, NULL); + } + +- if (recipient_policy && +- !bus_client_policy_check_can_receive (recipient_policy, +- context->registry, +- requested_reply, +- sender, +- addressed_recipient, proposed_recipient, +- message, &toggles)) ++ if (recipient_policy) + { +- complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, +- "Rejected receive message", toggles, +- message, sender, proposed_recipient, requested_reply, +- (addressed_recipient == proposed_recipient), error); +- _dbus_verbose ("security policy disallowing message due to recipient policy\n"); +- return FALSE; ++ BusResult res; ++ res = bus_client_policy_check_can_receive (recipient_policy, ++ context->registry, ++ requested_reply, ++ sender, ++ addressed_recipient, proposed_recipient, ++ message, &toggles, &privilege, deferred_message); ++ if (res == BUS_RESULT_FALSE) ++ { ++ complain_about_message(context, DBUS_ERROR_ACCESS_DENIED, "Rejected receive message", ++ toggles, message, sender, proposed_recipient, requested_reply, ++ (addressed_recipient == proposed_recipient), privilege, error); ++ _dbus_verbose( ++ "security policy disallowing message due to recipient policy\n"); ++ return BUS_RESULT_FALSE; ++ } ++ else if (res == BUS_RESULT_LATER) ++ return BUS_RESULT_LATER; + } + + /* See if limits on size have been exceeded */ +@@ -1768,10 +1806,10 @@ bus_context_check_security_policy (BusContext *context, + { + complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED, + "Rejected: destination has a full message queue", +- 0, message, sender, proposed_recipient, requested_reply, TRUE, ++ 0, message, sender, proposed_recipient, requested_reply, TRUE, NULL, + error); + _dbus_verbose ("security policy disallowing message due to full message queue\n"); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + /* Record that we will allow a reply here in the future (don't +@@ -1792,11 +1830,11 @@ bus_context_check_security_policy (BusContext *context, + message, error)) + { + _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n"); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + _dbus_verbose ("security policy allowing message\n"); +- return TRUE; ++ return BUS_RESULT_TRUE; + } + + void +diff --git a/bus/bus.h b/bus/bus.h +index 2e0de82..82c32c8 100644 +--- a/bus/bus.h ++++ b/bus/bus.h +@@ -45,6 +45,22 @@ typedef struct BusTransaction BusTransaction; + typedef struct BusMatchmaker BusMatchmaker; + typedef struct BusMatchRule BusMatchRule; + typedef struct BusActivationEntry BusActivationEntry; ++typedef struct BusCheck BusCheck; ++typedef struct BusDeferredMessage BusDeferredMessage; ++typedef struct BusCynara BusCynara; ++ ++/** ++ * BusResult is defined as a pointer to a dummy structure to allow detection of type mismatches. ++ * The disadvantage of such solution is that now BusResult variables cannot be used in switch ++ * statement. ++ * Additionally, BUS_RESULT_TRUE is defined as 0 instead of 1 to help detect type mismatches ++ * at runtime. ++ */ ++typedef const struct BusResultStruct { int dummy; } *BusResult; ++ ++static const BusResult BUS_RESULT_TRUE = (BusResult)0x0; ++static const BusResult BUS_RESULT_FALSE = (BusResult)0x1; ++static const BusResult BUS_RESULT_LATER = (BusResult)0x2; + + typedef struct + { +@@ -101,6 +117,7 @@ BusConnections* bus_context_get_connections (BusContext + BusActivation* bus_context_get_activation (BusContext *context); + BusMatchmaker* bus_context_get_matchmaker (BusContext *context); + DBusLoop* bus_context_get_loop (BusContext *context); ++BusCheck * bus_context_get_check (BusContext *context); + dbus_bool_t bus_context_allow_unix_user (BusContext *context, + unsigned long uid); + dbus_bool_t bus_context_allow_windows_user (BusContext *context, +@@ -136,14 +153,15 @@ void bus_context_log_and_set_error (BusContext + const char *name, + const char *msg, + ...) _DBUS_GNUC_PRINTF (5, 6); +-dbus_bool_t bus_context_check_security_policy (BusContext *context, ++BusResult bus_context_check_security_policy (BusContext *context, + BusTransaction *transaction, + DBusConnection *sender, + DBusConnection *addressed_recipient, + DBusConnection *proposed_recipient, + DBusMessage *message, + BusActivationEntry *activation_entry, +- DBusError *error); ++ DBusError *error, ++ BusDeferredMessage **deferred_message); + void bus_context_check_all_watches (BusContext *context); + + #endif /* BUS_BUS_H */ +diff --git a/bus/check.c b/bus/check.c +new file mode 100644 +index 0000000..5b72d31 +--- /dev/null ++++ b/bus/check.c +@@ -0,0 +1,217 @@ ++/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ ++/* check.c Bus security policy runtime check ++ * ++ * Copyright (C) 2014 Intel, Inc. ++ * Copyright (c) 2014 Samsung Electronics, Ltd. ++ * ++ * Licensed under the Academic Free License version 2.1 ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ */ ++ ++#include ++#include "check.h" ++#include "connection.h" ++#include "dispatch.h" ++#include "cynara.h" ++#include "utils.h" ++#include ++#include ++#include ++ ++ ++typedef struct BusCheck ++{ ++ int refcount; ++ ++ BusContext *context; ++ BusCynara *cynara; ++} BusCheck; ++ ++typedef struct BusDeferredMessage ++{ ++ int refcount; ++ ++ DBusMessage *message; ++ DBusConnection *sender; ++ DBusConnection *proposed_recipient; ++ DBusConnection *addressed_recipient; ++ dbus_bool_t full_dispatch; ++ BusDeferredMessageStatus status; ++ BusResult response; ++ BusCheckResponseFunc response_callback; ++} BusDeferredMessage; ++ ++BusCheck * ++bus_check_new (BusContext *context, DBusError *error) ++{ ++ BusCheck *check; ++ ++ check = dbus_new(BusCheck, 1); ++ if (check == NULL) ++ { ++ BUS_SET_OOM(error); ++ return NULL; ++ } ++ ++ check->refcount = 1; ++ check->context = context; ++ check->cynara = bus_cynara_new(check, error); ++ if (dbus_error_is_set(error)) ++ { ++ dbus_free(check); ++ return NULL; ++ } ++ ++ return check; ++} ++ ++BusCheck * ++bus_check_ref (BusCheck *check) ++{ ++ _dbus_assert (check->refcount > 0); ++ check->refcount += 1; ++ ++ return check; ++} ++ ++void ++bus_check_unref (BusCheck *check) ++{ ++ _dbus_assert (check->refcount > 0); ++ ++ check->refcount -= 1; ++ ++ if (check->refcount == 0) ++ { ++ bus_cynara_unref(check->cynara); ++ dbus_free(check); ++ } ++} ++ ++BusContext * ++bus_check_get_context (BusCheck *check) ++{ ++ return check->context; ++} ++ ++BusCynara * ++bus_check_get_cynara (BusCheck *check) ++{ ++ return check->cynara; ++} ++ ++BusResult ++bus_check_privilege (BusCheck *check, ++ DBusMessage *message, ++ DBusConnection *sender, ++ DBusConnection *addressed_recipient, ++ DBusConnection *proposed_recipient, ++ const char *privilege, ++ BusDeferredMessageStatus check_type, ++ BusDeferredMessage **deferred_message) ++{ ++ BusResult result = BUS_RESULT_FALSE; ++#ifdef DBUS_ENABLE_CYNARA ++ BusCynara *cynara; ++#endif ++ DBusConnection *connection; ++ ++ connection = check_type == BUS_DEFERRED_MESSAGE_CHECK_RECEIVE ? proposed_recipient : sender; ++ ++ if (!dbus_connection_get_is_connected(connection)) ++ { ++ return BUS_RESULT_FALSE; ++ } ++ ++ /* ask policy checkers */ ++#ifdef DBUS_ENABLE_CYNARA ++ cynara = bus_check_get_cynara(check); ++ result = bus_cynara_check_privilege(cynara, message, sender, addressed_recipient, ++ proposed_recipient, privilege, check_type, deferred_message); ++#endif ++ ++ if (result == BUS_RESULT_LATER && deferred_message != NULL) ++ { ++ (*deferred_message)->status |= check_type; ++ } ++ return result; ++} ++ ++BusDeferredMessage *bus_deferred_message_new (DBusMessage *message, ++ DBusConnection *sender, ++ DBusConnection *addressed_recipient, ++ DBusConnection *proposed_recipient, ++ BusResult response) ++{ ++ BusDeferredMessage *deferred_message; ++ ++ deferred_message = dbus_new(BusDeferredMessage, 1); ++ if (deferred_message == NULL) ++ { ++ return NULL; ++ } ++ ++ deferred_message->refcount = 1; ++ deferred_message->sender = sender != NULL ? dbus_connection_ref(sender) : NULL; ++ deferred_message->addressed_recipient = addressed_recipient != NULL ? dbus_connection_ref(addressed_recipient) : NULL; ++ deferred_message->proposed_recipient = proposed_recipient != NULL ? dbus_connection_ref(proposed_recipient) : NULL; ++ deferred_message->message = dbus_message_ref(message); ++ deferred_message->response = response; ++ deferred_message->status = 0; ++ deferred_message->full_dispatch = FALSE; ++ deferred_message->response_callback = NULL; ++ ++ return deferred_message; ++} ++ ++BusDeferredMessage * ++bus_deferred_message_ref (BusDeferredMessage *deferred_message) ++{ ++ _dbus_assert (deferred_message->refcount > 0); ++ deferred_message->refcount += 1; ++ return deferred_message; ++} ++ ++void ++bus_deferred_message_unref (BusDeferredMessage *deferred_message) ++{ ++ _dbus_assert (deferred_message->refcount > 0); ++ ++ deferred_message->refcount -= 1; ++ ++ if (deferred_message->refcount == 0) ++ { ++ dbus_message_unref(deferred_message->message); ++ if (deferred_message->sender != NULL) ++ dbus_connection_unref(deferred_message->sender); ++ if (deferred_message->addressed_recipient != NULL) ++ dbus_connection_unref(deferred_message->addressed_recipient); ++ if (deferred_message->proposed_recipient != NULL) ++ dbus_connection_unref(deferred_message->proposed_recipient); ++ dbus_free(deferred_message); ++ } ++} ++ ++void ++bus_deferred_message_response_received (BusDeferredMessage *deferred_message, ++ BusResult result) ++{ ++ if (deferred_message->response_callback != NULL) ++ { ++ deferred_message->response_callback(deferred_message, result); ++ } ++} +diff --git a/bus/check.h b/bus/check.h +new file mode 100644 +index 0000000..c3fcaf9 +--- /dev/null ++++ b/bus/check.h +@@ -0,0 +1,68 @@ ++/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ ++/* check.h Bus security policy runtime check ++ * ++ * Copyright (C) 2014 Intel, Inc. ++ * Copyright (c) 2014 Samsung Electronics, Ltd. ++ * ++ * Licensed under the Academic Free License version 2.1 ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ */ ++ ++#ifndef BUS_CHECK_H ++#define BUS_CHECK_H ++ ++#include "bus.h" ++#include "policy.h" ++ ++ ++typedef void (*BusCheckResponseFunc) (BusDeferredMessage *message, ++ BusResult result); ++ ++typedef enum { ++ BUS_DEFERRED_MESSAGE_CHECK_SEND = 1 << 0, ++ BUS_DEFERRED_MESSAGE_CHECK_RECEIVE = 1 << 1, ++ BUS_DEFERRED_MESSAGE_CHECK_OWN = 1 << 2, ++} BusDeferredMessageStatus; ++ ++ ++BusCheck *bus_check_new (BusContext *context, ++ DBusError *error); ++BusCheck *bus_check_ref (BusCheck *check); ++void bus_check_unref (BusCheck *check); ++ ++BusContext *bus_check_get_context (BusCheck *check); ++BusCynara *bus_check_get_cynara (BusCheck *check); ++BusResult bus_check_privilege (BusCheck *check, ++ DBusMessage *message, ++ DBusConnection *sender, ++ DBusConnection *addressed_recipient, ++ DBusConnection *proposed_recipient, ++ const char *privilege, ++ BusDeferredMessageStatus check_type, ++ BusDeferredMessage **deferred_message); ++ ++BusDeferredMessage *bus_deferred_message_new (DBusMessage *message, ++ DBusConnection *sender, ++ DBusConnection *addressed_recipient, ++ DBusConnection *proposed_recipient, ++ BusResult response); ++ ++BusDeferredMessage *bus_deferred_message_ref (BusDeferredMessage *deferred_message); ++void bus_deferred_message_unref (BusDeferredMessage *deferred_message); ++void bus_deferred_message_response_received (BusDeferredMessage *deferred_message, ++ BusResult result); ++#endif /* BUS_CHECK_H */ +diff --git a/bus/config-parser-common.c b/bus/config-parser-common.c +index c1c4191..e2f253d 100644 +--- a/bus/config-parser-common.c ++++ b/bus/config-parser-common.c +@@ -75,6 +75,10 @@ bus_config_parser_element_name_to_type (const char *name) + { + return ELEMENT_DENY; + } ++ else if (strcmp (name, "check") == 0) ++ { ++ return ELEMENT_CHECK; ++ } + else if (strcmp (name, "servicehelper") == 0) + { + return ELEMENT_SERVICEHELPER; +@@ -159,6 +163,8 @@ bus_config_parser_element_type_to_name (ElementType type) + return "allow"; + case ELEMENT_DENY: + return "deny"; ++ case ELEMENT_CHECK: ++ return "check"; + case ELEMENT_FORK: + return "fork"; + case ELEMENT_PIDFILE: +diff --git a/bus/config-parser-common.h b/bus/config-parser-common.h +index 382a014..9e026d1 100644 +--- a/bus/config-parser-common.h ++++ b/bus/config-parser-common.h +@@ -36,6 +36,7 @@ typedef enum + ELEMENT_LIMIT, + ELEMENT_ALLOW, + ELEMENT_DENY, ++ ELEMENT_CHECK, + ELEMENT_FORK, + ELEMENT_PIDFILE, + ELEMENT_SERVICEDIR, +diff --git a/bus/config-parser-trivial.c b/bus/config-parser-trivial.c +index dd65c6d..23dedb4 100644 +--- a/bus/config-parser-trivial.c ++++ b/bus/config-parser-trivial.c +@@ -194,6 +194,7 @@ bus_config_parser_start_element (BusConfigParser *parser, + case ELEMENT_POLICY: + case ELEMENT_LIMIT: + case ELEMENT_ALLOW: ++ case ELEMENT_CHECK: + case ELEMENT_DENY: + case ELEMENT_FORK: + case ELEMENT_PIDFILE: +@@ -316,6 +317,7 @@ bus_config_parser_content (BusConfigParser *parser, + case ELEMENT_POLICY: + case ELEMENT_LIMIT: + case ELEMENT_ALLOW: ++ case ELEMENT_CHECK: + case ELEMENT_DENY: + case ELEMENT_FORK: + case ELEMENT_PIDFILE: +diff --git a/bus/config-parser.c b/bus/config-parser.c +index be27d38..7f91469 100644 +--- a/bus/config-parser.c ++++ b/bus/config-parser.c +@@ -1318,7 +1318,7 @@ append_rule_from_element (BusConfigParser *parser, + const char *element_name, + const char **attribute_names, + const char **attribute_values, +- dbus_bool_t allow, ++ BusPolicyRuleAccess access, + DBusError *error) + { + const char *log; +@@ -1360,6 +1360,7 @@ append_rule_from_element (BusConfigParser *parser, + const char *own_prefix; + const char *user; + const char *group; ++ const char *privilege; + + BusPolicyRule *rule; + +@@ -1390,6 +1391,7 @@ append_rule_from_element (BusConfigParser *parser, + "user", &user, + "group", &group, + "log", &log, ++ "privilege", &privilege, + NULL)) + return FALSE; + +@@ -1422,6 +1424,7 @@ append_rule_from_element (BusConfigParser *parser, + + if (!(any_send_attribute || + any_receive_attribute || ++ privilege || + own || own_prefix || user || group)) + { + dbus_set_error (error, DBUS_ERROR_FAILED, +@@ -1438,7 +1441,30 @@ append_rule_from_element (BusConfigParser *parser, + element_name); + return FALSE; + } +- ++ ++ if (access == BUS_POLICY_RULE_ACCESS_CHECK) ++ { ++ if (privilege == NULL || !*privilege) ++ { ++ dbus_set_error (error, DBUS_ERROR_FAILED, ++ "On element <%s>, you must specify the privilege to be checked.", ++ element_name); ++ return FALSE; ++ } ++ } ++ else ++ { ++ if (privilege != NULL && *privilege) ++ { ++ dbus_set_error (error, DBUS_ERROR_FAILED, ++ "On element <%s>, privilege %s is used outside of a check rule.", ++ element_name, privilege); ++ return FALSE; ++ } ++ else ++ privilege = NULL; /* replace (potentially) empty string with NULL pointer, it wouldn't be used anyway */ ++ } ++ + /* Allowed combinations of elements are: + * + * base, must be all send or all receive: +@@ -1589,7 +1615,7 @@ append_rule_from_element (BusConfigParser *parser, + error)) + return FALSE; + +- rule = bus_policy_rule_new (BUS_POLICY_RULE_SEND, allow); ++ rule = bus_policy_rule_new (BUS_POLICY_RULE_SEND, access); + if (rule == NULL) + goto nomem; + +@@ -1694,7 +1720,7 @@ append_rule_from_element (BusConfigParser *parser, + error)) + return FALSE; + +- rule = bus_policy_rule_new (BUS_POLICY_RULE_RECEIVE, allow); ++ rule = bus_policy_rule_new (BUS_POLICY_RULE_RECEIVE, access); + if (rule == NULL) + goto nomem; + +@@ -1726,7 +1752,7 @@ append_rule_from_element (BusConfigParser *parser, + } + else if (own || own_prefix) + { +- rule = bus_policy_rule_new (BUS_POLICY_RULE_OWN, allow); ++ rule = bus_policy_rule_new (BUS_POLICY_RULE_OWN, access); + if (rule == NULL) + goto nomem; + +@@ -1752,7 +1778,7 @@ append_rule_from_element (BusConfigParser *parser, + { + if (IS_WILDCARD (user)) + { +- rule = bus_policy_rule_new (BUS_POLICY_RULE_USER, allow); ++ rule = bus_policy_rule_new (BUS_POLICY_RULE_USER, access); + if (rule == NULL) + goto nomem; + +@@ -1767,7 +1793,7 @@ append_rule_from_element (BusConfigParser *parser, + + if (_dbus_parse_unix_user_from_config (&username, &uid)) + { +- rule = bus_policy_rule_new (BUS_POLICY_RULE_USER, allow); ++ rule = bus_policy_rule_new (BUS_POLICY_RULE_USER, access); + if (rule == NULL) + goto nomem; + +@@ -1784,7 +1810,7 @@ append_rule_from_element (BusConfigParser *parser, + { + if (IS_WILDCARD (group)) + { +- rule = bus_policy_rule_new (BUS_POLICY_RULE_GROUP, allow); ++ rule = bus_policy_rule_new (BUS_POLICY_RULE_GROUP, access); + if (rule == NULL) + goto nomem; + +@@ -1799,7 +1825,7 @@ append_rule_from_element (BusConfigParser *parser, + + if (_dbus_parse_unix_group_from_config (&groupname, &gid)) + { +- rule = bus_policy_rule_new (BUS_POLICY_RULE_GROUP, allow); ++ rule = bus_policy_rule_new (BUS_POLICY_RULE_GROUP, access); + if (rule == NULL) + goto nomem; + +@@ -1823,6 +1849,10 @@ append_rule_from_element (BusConfigParser *parser, + _dbus_assert (pe != NULL); + _dbus_assert (pe->type == ELEMENT_POLICY); + ++ rule->privilege = _dbus_strdup (privilege); ++ if (privilege && !rule->privilege) ++ goto nomem; ++ + switch (pe->d.policy.type) + { + case POLICY_IGNORED: +@@ -1898,7 +1928,7 @@ start_policy_child (BusConfigParser *parser, + { + if (!append_rule_from_element (parser, element_name, + attribute_names, attribute_values, +- TRUE, error)) ++ BUS_POLICY_RULE_ACCESS_ALLOW, error)) + return FALSE; + + if (push_element (parser, ELEMENT_ALLOW) == NULL) +@@ -1913,7 +1943,7 @@ start_policy_child (BusConfigParser *parser, + { + if (!append_rule_from_element (parser, element_name, + attribute_names, attribute_values, +- FALSE, error)) ++ BUS_POLICY_RULE_ACCESS_DENY, error)) + return FALSE; + + if (push_element (parser, ELEMENT_DENY) == NULL) +@@ -1922,6 +1952,21 @@ start_policy_child (BusConfigParser *parser, + return FALSE; + } + ++ return TRUE; ++ } ++ else if (strcmp (element_name, "check") == 0) ++ { ++ if (!append_rule_from_element (parser, element_name, ++ attribute_names, attribute_values, ++ BUS_POLICY_RULE_ACCESS_CHECK, error)) ++ return FALSE; ++ ++ if (push_element (parser, ELEMENT_CHECK) == NULL) ++ { ++ BUS_SET_OOM (error); ++ return FALSE; ++ } ++ + return TRUE; + } + else +@@ -2284,6 +2329,7 @@ bus_config_parser_end_element (BusConfigParser *parser, + case ELEMENT_POLICY: + case ELEMENT_ALLOW: + case ELEMENT_DENY: ++ case ELEMENT_CHECK: + case ELEMENT_FORK: + case ELEMENT_SYSLOG: + case ELEMENT_KEEP_UMASK: +@@ -2600,6 +2646,7 @@ bus_config_parser_content (BusConfigParser *parser, + case ELEMENT_POLICY: + case ELEMENT_ALLOW: + case ELEMENT_DENY: ++ case ELEMENT_CHECK: + case ELEMENT_FORK: + case ELEMENT_SYSLOG: + case ELEMENT_KEEP_UMASK: +@@ -3127,6 +3174,8 @@ do_load (const DBusString *full_path, + dbus_error_init (&error); + + parser = bus_config_load (full_path, TRUE, NULL, &error); ++ if (dbus_error_is_set (&error)) ++ _dbus_verbose ("Failed to load file: %s\n", error.message); + if (parser == NULL) + { + _DBUS_ASSERT_ERROR_IS_SET (&error); +@@ -3359,6 +3408,7 @@ elements_equal (const Element *a, + case ELEMENT_LISTEN: + case ELEMENT_AUTH: + case ELEMENT_ALLOW: ++ case ELEMENT_CHECK: + case ELEMENT_DENY: + case ELEMENT_FORK: + case ELEMENT_PIDFILE: +diff --git a/bus/connection.c b/bus/connection.c +index 53605fa..b348d42 100644 +--- a/bus/connection.c ++++ b/bus/connection.c +@@ -36,6 +36,10 @@ + #include + #include + #include ++#ifdef DBUS_ENABLE_CYNARA ++#include ++#include ++#endif + + /* Trim executed commands to this length; we want to keep logs readable */ + #define MAX_LOG_COMMAND_LEN 50 +@@ -116,6 +120,9 @@ typedef struct + + /** non-NULL if and only if this is a monitor */ + DBusList *link_in_monitors; ++#ifdef DBUS_ENABLE_CYNARA ++ char *cynara_session_id; ++#endif + } BusConnectionData; + + static dbus_bool_t bus_pending_reply_expired (BusExpireList *list, +@@ -129,8 +136,8 @@ static dbus_bool_t expire_incomplete_timeout (void *data); + + #define BUS_CONNECTION_DATA(connection) (dbus_connection_get_data ((connection), connection_data_slot)) + +-static DBusLoop* +-connection_get_loop (DBusConnection *connection) ++DBusLoop* ++bus_connection_get_loop (DBusConnection *connection) + { + BusConnectionData *d; + +@@ -354,7 +361,7 @@ add_connection_watch (DBusWatch *watch, + { + DBusConnection *connection = data; + +- return _dbus_loop_add_watch (connection_get_loop (connection), watch); ++ return _dbus_loop_add_watch (bus_connection_get_loop (connection), watch); + } + + static void +@@ -363,7 +370,7 @@ remove_connection_watch (DBusWatch *watch, + { + DBusConnection *connection = data; + +- _dbus_loop_remove_watch (connection_get_loop (connection), watch); ++ _dbus_loop_remove_watch (bus_connection_get_loop (connection), watch); + } + + static void +@@ -372,7 +379,7 @@ toggle_connection_watch (DBusWatch *watch, + { + DBusConnection *connection = data; + +- _dbus_loop_toggle_watch (connection_get_loop (connection), watch); ++ _dbus_loop_toggle_watch (bus_connection_get_loop (connection), watch); + } + + static dbus_bool_t +@@ -381,7 +388,7 @@ add_connection_timeout (DBusTimeout *timeout, + { + DBusConnection *connection = data; + +- return _dbus_loop_add_timeout (connection_get_loop (connection), timeout); ++ return _dbus_loop_add_timeout (bus_connection_get_loop (connection), timeout); + } + + static void +@@ -390,7 +397,7 @@ remove_connection_timeout (DBusTimeout *timeout, + { + DBusConnection *connection = data; + +- _dbus_loop_remove_timeout (connection_get_loop (connection), timeout); ++ _dbus_loop_remove_timeout (bus_connection_get_loop (connection), timeout); + } + + static void +@@ -448,6 +455,10 @@ free_connection_data (void *data) + + dbus_free (d->name); + ++#ifdef DBUS_ENABLE_CYNARA ++ free (d->cynara_session_id); ++#endif ++ + dbus_free (d); + } + +@@ -1078,6 +1089,22 @@ bus_connection_get_policy (DBusConnection *connection) + return d->policy; + } + ++#ifdef DBUS_ENABLE_CYNARA ++const char *bus_connection_get_cynara_session_id (DBusConnection *connection) ++{ ++ BusConnectionData *d = BUS_CONNECTION_DATA (connection); ++ _dbus_assert (d != NULL); ++ ++ if (d->cynara_session_id == NULL) ++ { ++ unsigned long pid; ++ if (dbus_connection_get_unix_process_id(connection, &pid)) ++ d->cynara_session_id = cynara_session_from_pid(pid); ++ } ++ return d->cynara_session_id; ++} ++#endif ++ + static dbus_bool_t + foreach_active (BusConnections *connections, + BusConnectionForeachFunction function, +@@ -2333,6 +2360,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction, + DBusMessage *message) + { + DBusError error = DBUS_ERROR_INIT; ++ BusResult res; + + /* We have to set the sender to the driver, and have + * to check security policy since it was not done in +@@ -2370,10 +2398,11 @@ bus_transaction_send_from_driver (BusTransaction *transaction, + * if we're actively capturing messages, it's nice to log that we + * tried to send it and did not allow ourselves to do so. + */ +- if (!bus_context_check_security_policy (bus_transaction_get_context (transaction), +- transaction, +- NULL, connection, connection, +- message, NULL, &error)) ++ res = bus_context_check_security_policy (bus_transaction_get_context (transaction), ++ transaction, ++ NULL, connection, connection, message, NULL, ++ &error, NULL); ++ if (res == BUS_RESULT_FALSE) + { + if (!bus_transaction_capture_error_reply (transaction, connection, + &error, message)) +@@ -2388,6 +2417,12 @@ bus_transaction_send_from_driver (BusTransaction *transaction, + dbus_error_free (&error); + return TRUE; + } ++ else if (res == BUS_RESULT_LATER) ++ { ++ _dbus_verbose ("Cannot delay sending message from bus driver, dropping it\n"); ++ dbus_error_free (&error); ++ return TRUE; ++ } + + return bus_transaction_send (transaction, connection, message); + } +diff --git a/bus/connection.h b/bus/connection.h +index 9e253ae..71078ea 100644 +--- a/bus/connection.h ++++ b/bus/connection.h +@@ -31,6 +31,7 @@ + typedef dbus_bool_t (* BusConnectionForeachFunction) (DBusConnection *connection, + void *data); + ++DBusLoop* bus_connection_get_loop (DBusConnection *connection); + + BusConnections* bus_connections_new (BusContext *context); + BusConnections* bus_connections_ref (BusConnections *connections); +@@ -124,6 +125,9 @@ dbus_bool_t bus_connection_be_monitor (DBusConnection *connection, + BusTransaction *transaction, + DBusList **rules, + DBusError *error); ++#ifdef DBUS_ENABLE_CYNARA ++const char *bus_connection_get_cynara_session_id (DBusConnection *connection); ++#endif + + /* transaction API so we can send or not send a block of messages as a whole */ + +diff --git a/bus/cynara.c b/bus/cynara.c +new file mode 100644 +index 0000000..57a4c45 +--- /dev/null ++++ b/bus/cynara.c +@@ -0,0 +1,374 @@ ++/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ ++/* cynara.c Cynara runtime privilege checking ++ * ++ * Copyright (c) 2014 Samsung Electronics, Ltd. ++ * ++ * Licensed under the Academic Free License version 2.1 ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ */ ++ ++#include ++#include "cynara.h" ++#include "check.h" ++#include "utils.h" ++ ++#include ++ ++#include ++#include ++#include ++#include ++#ifdef DBUS_ENABLE_CYNARA ++#include ++#endif ++ ++ ++#ifdef DBUS_ENABLE_CYNARA ++typedef struct BusCynara ++{ ++ int refcount; ++ ++ BusContext *context; ++ BusCheck *check; ++ cynara_async *cynara; ++ DBusWatch *cynara_watch; ++} BusCynara; ++ ++#define USE_CYNARA_CACHE 1 ++#ifdef USE_CYNARA_CACHE ++#define CYNARA_CACHE_SIZE 1000 ++#endif ++ ++static dbus_bool_t bus_cynara_watch_callback(DBusWatch *watch, ++ unsigned int flags, ++ void *data); ++ ++static void status_callback(int old_fd, ++ int new_fd, ++ cynara_async_status status, ++ void *user_status_data); ++static void bus_cynara_check_response_callback (cynara_check_id check_id, ++ cynara_async_call_cause cause, ++ int response, ++ void *user_response_data); ++#endif ++ ++ ++BusCynara * ++bus_cynara_new(BusCheck *check, DBusError *error) ++{ ++#ifdef DBUS_ENABLE_CYNARA ++ BusContext *context; ++ BusCynara *cynara; ++ cynara_async_configuration *conf = NULL; ++ int ret; ++ ++ cynara = dbus_new(BusCynara, 1); ++ if (cynara == NULL) ++ { ++ BUS_SET_OOM(error); ++ return NULL; ++ } ++ ++ context = bus_check_get_context(check); ++ ++ cynara->refcount = 1; ++ cynara->check = check; ++ cynara->context = context; ++ cynara->cynara_watch = NULL; ++ ++ ret = cynara_async_configuration_create(&conf); ++ if (ret != CYNARA_API_SUCCESS) ++ { ++ dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to create Cynara configuration"); ++ goto out; ++ } ++ ++#ifdef CYNARA_CACHE_SIZE ++ ret = cynara_async_configuration_set_cache_size(conf, CYNARA_CACHE_SIZE); ++ if (ret != CYNARA_API_SUCCESS) ++ { ++ dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to Cynara cache size"); ++ goto out; ++ } ++#endif ++ ++ ret = cynara_async_initialize(&cynara->cynara, conf, &status_callback, cynara); ++ if (ret != CYNARA_API_SUCCESS) ++ { ++ dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to initialize Cynara client"); ++ goto out; ++ } ++ ++out: ++ cynara_async_configuration_destroy(conf); ++ if (ret != CYNARA_API_SUCCESS) ++ { ++ dbus_free(cynara); ++ return NULL; ++ } ++ ++ return cynara; ++#else ++ return NULL; ++#endif ++} ++ ++BusCynara * ++bus_cynara_ref (BusCynara *cynara) ++{ ++#ifdef DBUS_ENABLE_CYNARA ++ _dbus_assert (cynara->refcount > 0); ++ cynara->refcount += 1; ++ ++ return cynara; ++#else ++ return NULL; ++#endif ++} ++ ++void ++bus_cynara_unref (BusCynara *cynara) ++{ ++#ifdef DBUS_ENABLE_CYNARA ++ _dbus_assert (cynara->refcount > 0); ++ ++ cynara->refcount -= 1; ++ ++ if (cynara->refcount == 0) ++ { ++ cynara_async_finish(cynara->cynara); ++ dbus_free(cynara); ++ } ++#endif ++} ++ ++BusResult ++bus_cynara_check_privilege (BusCynara *cynara, ++ DBusMessage *message, ++ DBusConnection *sender, ++ DBusConnection *addressed_recipient, ++ DBusConnection *proposed_recipient, ++ const char *privilege, ++ BusDeferredMessageStatus check_type, ++ BusDeferredMessage **deferred_message_param) ++{ ++#ifdef DBUS_ENABLE_CYNARA ++ int result; ++ unsigned long uid; ++ char *label; ++ const char *session_id; ++ char user[32]; ++ cynara_check_id check_id; ++ DBusConnection *connection = check_type == BUS_DEFERRED_MESSAGE_CHECK_RECEIVE ? proposed_recipient : sender; ++ BusDeferredMessage *deferred_message; ++ BusResult ret; ++ ++ _dbus_assert(connection != NULL); ++ ++ if (dbus_connection_get_unix_user(connection, &uid) == FALSE) ++ return BUS_RESULT_FALSE; ++ ++ if (_dbus_connection_get_linux_security_label(connection, &label) == FALSE || label == NULL) ++ { ++ _dbus_warn("Failed to obtain security label for connection\n"); ++ return BUS_RESULT_FALSE; ++ } ++ ++ session_id = bus_connection_get_cynara_session_id (connection); ++ if (session_id == NULL) ++ { ++ ret = BUS_RESULT_FALSE; ++ goto out; ++ } ++ ++ snprintf(user, sizeof(user), "%lu", uid); ++ ++#if USE_CYNARA_CACHE ++ result = cynara_async_check_cache(cynara->cynara, label, session_id, user, privilege); ++#else ++ result = CYNARA_API_CACHE_MISS; ++#endif ++ ++ switch (result) ++ { ++ case CYNARA_API_ACCESS_ALLOWED: ++ _dbus_verbose("Cynara: got ALLOWED answer from cache (client=%s session_id=%s user=%s privilege=%s)\n", ++ label, session_id, user, privilege); ++ ret = BUS_RESULT_TRUE; ++ break; ++ ++ case CYNARA_API_ACCESS_DENIED: ++ _dbus_verbose("Cynara: got DENIED answer from cache (client=%s session_id=%s user=%s privilege=%s)\n", ++ label, session_id, user, privilege); ++ ret = BUS_RESULT_FALSE; ++ break; ++ ++ case CYNARA_API_CACHE_MISS: ++ deferred_message = bus_deferred_message_new(message, sender, addressed_recipient, ++ proposed_recipient, BUS_RESULT_LATER); ++ if (deferred_message == NULL) ++ { ++ _dbus_verbose("Failed to allocate memory for deferred message\n"); ++ ret = BUS_RESULT_FALSE; ++ goto out; ++ } ++ ++ /* callback is supposed to unref deferred_message*/ ++ result = cynara_async_create_request(cynara->cynara, label, session_id, user, privilege, &check_id, ++ &bus_cynara_check_response_callback, deferred_message); ++ if (result == CYNARA_API_SUCCESS) ++ { ++ _dbus_verbose("Created Cynara request: client=%s session_id=%s user=%s privilege=%s check_id=%u " ++ "deferred_message=%p\n", label, session_id, user, privilege, (unsigned int)check_id, deferred_message); ++ if (deferred_message_param != NULL) ++ *deferred_message_param = deferred_message; ++ ret = BUS_RESULT_LATER; ++ } ++ else ++ { ++ _dbus_verbose("Error on cynara request create: %i\n", result); ++ bus_deferred_message_unref(deferred_message); ++ ret = BUS_RESULT_FALSE; ++ } ++ break; ++ default: ++ _dbus_verbose("Error when accessing Cynara cache: %i\n", result); ++ ret = BUS_RESULT_FALSE; ++ } ++out: ++ dbus_free(label); ++ return ret; ++ ++#else ++ return BUS_RESULT_FALSE; ++#endif ++} ++ ++ ++ ++#ifdef DBUS_ENABLE_CYNARA ++static void ++status_callback(int old_fd, int new_fd, cynara_async_status status, ++ void *user_status_data) ++{ ++ BusCynara *cynara = (BusCynara *)user_status_data; ++ DBusLoop *loop = bus_context_get_loop(cynara->context); ++ ++ if (cynara->cynara_watch != NULL) ++ { ++ _dbus_loop_remove_watch(loop, cynara->cynara_watch); ++ _dbus_watch_invalidate(cynara->cynara_watch); ++ _dbus_watch_unref(cynara->cynara_watch); ++ cynara->cynara_watch = NULL; ++ } ++ ++ if (new_fd != -1) ++ { ++ unsigned int flags; ++ DBusWatch *watch; ++ ++ switch (status) ++ { ++ case CYNARA_STATUS_FOR_READ: ++ flags = DBUS_WATCH_READABLE; ++ break; ++ case CYNARA_STATUS_FOR_RW: ++ flags = DBUS_WATCH_READABLE | DBUS_WATCH_WRITABLE; ++ break; ++ default: ++ /* Cynara passed unknown status - warn and add RW watch */ ++ _dbus_verbose("Cynara passed unknown status value: 0x%08X\n", (unsigned int)status); ++ flags = DBUS_WATCH_READABLE | DBUS_WATCH_WRITABLE; ++ break; ++ } ++ ++ watch = _dbus_watch_new(new_fd, flags, TRUE, &bus_cynara_watch_callback, cynara, NULL); ++ if (watch != NULL) ++ { ++ if (_dbus_loop_add_watch(loop, watch) == TRUE) ++ { ++ cynara->cynara_watch = watch; ++ return; ++ } ++ ++ _dbus_watch_invalidate(watch); ++ _dbus_watch_unref(watch); ++ } ++ ++ /* It seems like not much can be done at this point. Cynara events won't be processed ++ * until next Cynara function call triggering status callback */ ++ _dbus_verbose("Failed to add dbus watch\n"); ++ } ++} ++ ++static dbus_bool_t ++bus_cynara_watch_callback(DBusWatch *watch, ++ unsigned int flags, ++ void *data) ++{ ++ BusCynara *cynara = (BusCynara *)data; ++ int result = cynara_async_process(cynara->cynara); ++ if (result != CYNARA_API_SUCCESS) ++ _dbus_verbose("cynara_async_process returned %d\n", result); ++ ++ return result != CYNARA_API_OUT_OF_MEMORY ? TRUE : FALSE; ++} ++ ++static inline const char * ++call_cause_to_string(cynara_async_call_cause cause) ++{ ++ switch (cause) ++ { ++ case CYNARA_CALL_CAUSE_ANSWER: ++ return "ANSWER"; ++ case CYNARA_CALL_CAUSE_CANCEL: ++ return "CANCEL"; ++ case CYNARA_CALL_CAUSE_FINISH: ++ return "FINSIH"; ++ case CYNARA_CALL_CAUSE_SERVICE_NOT_AVAILABLE: ++ return "SERVICE NOT AVAILABLE"; ++ default: ++ return "INVALID"; ++ } ++} ++ ++static void ++bus_cynara_check_response_callback (cynara_check_id check_id, ++ cynara_async_call_cause cause, ++ int response, ++ void *user_response_data) ++{ ++ BusDeferredMessage *deferred_message = user_response_data; ++ BusResult result; ++ ++ _dbus_verbose("Cynara callback: check_id=%u, cause=%s response=%i response_data=%p\n", ++ (unsigned int)check_id, call_cause_to_string(cause), response, user_response_data); ++ ++ if (deferred_message == NULL) ++ return; ++ ++ if (cause == CYNARA_CALL_CAUSE_ANSWER && response == CYNARA_API_ACCESS_ALLOWED) ++ result = BUS_RESULT_TRUE; ++ else ++ result = BUS_RESULT_FALSE; ++ ++ bus_deferred_message_response_received(deferred_message, result); ++ bus_deferred_message_unref(deferred_message); ++} ++ ++#endif /* DBUS_ENABLE_CYNARA */ +diff --git a/bus/cynara.h b/bus/cynara.h +new file mode 100644 +index 0000000..c4728bb +--- /dev/null ++++ b/bus/cynara.h +@@ -0,0 +1,37 @@ ++/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ ++/* cynara.h Cynara runtime privilege checking ++ * ++ * Copyright (c) 2014 Samsung Electronics, Ltd. ++ * ++ * Licensed under the Academic Free License version 2.1 ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ */ ++ ++#include "bus.h" ++#include "check.h" ++ ++BusCynara *bus_cynara_new (BusCheck *check, DBusError *error); ++BusCynara *bus_cynara_ref (BusCynara *cynara); ++void bus_cynara_unref (BusCynara *cynara); ++BusResult bus_cynara_check_privilege (BusCynara *cynara, ++ DBusMessage *message, ++ DBusConnection *sender, ++ DBusConnection *addressed_recipient, ++ DBusConnection *proposed_recipient, ++ const char *privilege, ++ BusDeferredMessageStatus check_type, ++ BusDeferredMessage **deferred_message); +diff --git a/bus/dispatch.c b/bus/dispatch.c +index 19228be..d3867f7 100644 +--- a/bus/dispatch.c ++++ b/bus/dispatch.c +@@ -25,6 +25,7 @@ + + #include + #include "dispatch.h" ++#include "check.h" + #include "connection.h" + #include "driver.h" + #include "services.h" +@@ -64,14 +65,18 @@ send_one_message (DBusConnection *connection, + DBusError *error) + { + DBusError stack_error = DBUS_ERROR_INIT; ++ BusDeferredMessage *deferred_message; ++ BusResult result; + +- if (!bus_context_check_security_policy (context, transaction, ++ result = bus_context_check_security_policy (context, transaction, + sender, + addressed_recipient, + connection, + message, + NULL, +- &stack_error)) ++ &stack_error, ++ &deferred_message); ++ if (result != BUS_RESULT_TRUE) + { + if (!bus_transaction_capture_error_reply (transaction, sender, + &stack_error, message)) +@@ -130,6 +135,8 @@ bus_dispatch_matches (BusTransaction *transaction, + BusMatchmaker *matchmaker; + DBusList *link; + BusContext *context; ++ BusDeferredMessage *deferred_message; ++ BusResult res; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + +@@ -145,11 +152,20 @@ bus_dispatch_matches (BusTransaction *transaction, + /* First, send the message to the addressed_recipient, if there is one. */ + if (addressed_recipient != NULL) + { +- if (!bus_context_check_security_policy (context, transaction, +- sender, addressed_recipient, +- addressed_recipient, +- message, NULL, error)) ++ res = bus_context_check_security_policy (context, transaction, ++ sender, addressed_recipient, ++ addressed_recipient, ++ message, NULL, error, ++ &deferred_message); ++ if (res == BUS_RESULT_FALSE) + return FALSE; ++ else if (res == BUS_RESULT_LATER) ++ { ++ dbus_set_error (error, ++ DBUS_ERROR_ACCESS_DENIED, ++ "Rejecting message because time is needed to check security policy"); ++ return FALSE; ++ } + + if (dbus_message_contains_unix_fds (message) && + !dbus_connection_can_send_type (addressed_recipient, +@@ -374,19 +390,31 @@ bus_dispatch (DBusConnection *connection, + if (service_name && + strcmp (service_name, DBUS_SERVICE_DBUS) == 0) /* to bus driver */ + { ++ BusDeferredMessage *deferred_message; ++ BusResult res; ++ + if (!bus_transaction_capture (transaction, connection, NULL, message)) + { + BUS_SET_OOM (&error); + goto out; + } + +- if (!bus_context_check_security_policy (context, transaction, +- connection, NULL, NULL, message, +- NULL, &error)) ++ res = bus_context_check_security_policy (context, transaction, ++ connection, NULL, NULL, message, NULL, ++ &error, &deferred_message); ++ if (res == BUS_RESULT_FALSE) + { + _dbus_verbose ("Security policy rejected message\n"); + goto out; + } ++ else if (res == BUS_RESULT_LATER) ++ { ++ dbus_set_error (&error, ++ DBUS_ERROR_ACCESS_DENIED, ++ "Rejecting message because time is needed to check security policy"); ++ _dbus_verbose ("Security policy needs time to check policy. Dropping message\n"); ++ goto out; ++ } + + _dbus_verbose ("Giving message to %s\n", DBUS_SERVICE_DBUS); + if (!bus_driver_handle_message (connection, transaction, message, &error)) +diff --git a/bus/driver.h b/bus/driver.h +index ac1289d..a7297ad 100644 +--- a/bus/driver.h ++++ b/bus/driver.h +@@ -66,5 +66,7 @@ dbus_bool_t bus_driver_send_ack_reply (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); ++dbus_bool_t bus_driver_check_message_is_for_us (DBusMessage *message, ++ DBusError *error); + + #endif /* BUS_DRIVER_H */ +diff --git a/bus/policy.c b/bus/policy.c +index a37be80..7de92c6 100644 +--- a/bus/policy.c ++++ b/bus/policy.c +@@ -22,6 +22,7 @@ + */ + + #include ++#include "check.h" + #include "policy.h" + #include "services.h" + #include "test.h" +@@ -33,7 +34,7 @@ + + BusPolicyRule* + bus_policy_rule_new (BusPolicyRuleType type, +- dbus_bool_t allow) ++ BusPolicyRuleAccess access) + { + BusPolicyRule *rule; + +@@ -43,7 +44,7 @@ bus_policy_rule_new (BusPolicyRuleType type, + + rule->type = type; + rule->refcount = 1; +- rule->allow = allow; ++ rule->access = access; + + switch (rule->type) + { +@@ -55,18 +56,19 @@ bus_policy_rule_new (BusPolicyRuleType type, + break; + case BUS_POLICY_RULE_SEND: + rule->d.send.message_type = DBUS_MESSAGE_TYPE_INVALID; +- + /* allow rules default to TRUE (only requested replies allowed) ++ * check rules default to TRUE (only requested replies are checked) + * deny rules default to FALSE (only unrequested replies denied) + */ +- rule->d.send.requested_reply = rule->allow; ++ rule->d.send.requested_reply = rule->access != BUS_POLICY_RULE_ACCESS_DENY; + break; + case BUS_POLICY_RULE_RECEIVE: + rule->d.receive.message_type = DBUS_MESSAGE_TYPE_INVALID; + /* allow rules default to TRUE (only requested replies allowed) ++ * check rules default to TRUE (only requested replies are checked) + * deny rules default to FALSE (only unrequested replies denied) + */ +- rule->d.receive.requested_reply = rule->allow; ++ rule->d.receive.requested_reply = rule->access != BUS_POLICY_RULE_ACCESS_DENY; + break; + case BUS_POLICY_RULE_OWN: + break; +@@ -122,7 +124,8 @@ bus_policy_rule_unref (BusPolicyRule *rule) + default: + _dbus_assert_not_reached ("invalid rule"); + } +- ++ ++ dbus_free (rule->privilege); + dbus_free (rule); + } + } +@@ -435,7 +438,10 @@ list_allows_user (dbus_bool_t def, + else + continue; + +- allowed = rule->allow; ++ /* We don't intend to support and ++ rules. They are treated like deny. ++ */ ++ allowed = rule->access == BUS_POLICY_RULE_ACCESS_ALLOW; + } + + return allowed; +@@ -873,18 +879,23 @@ bus_client_policy_append_rule (BusClientPolicy *policy, + return TRUE; + } + +-dbus_bool_t +-bus_client_policy_check_can_send (BusClientPolicy *policy, +- BusRegistry *registry, +- dbus_bool_t requested_reply, +- DBusConnection *receiver, +- DBusMessage *message, +- dbus_int32_t *toggles, +- dbus_bool_t *log) ++BusResult ++bus_client_policy_check_can_send (DBusConnection *sender, ++ BusClientPolicy *policy, ++ BusRegistry *registry, ++ dbus_bool_t requested_reply, ++ DBusConnection *addressed_recipient, ++ DBusConnection *receiver, ++ DBusMessage *message, ++ dbus_int32_t *toggles, ++ dbus_bool_t *log, ++ const char **privilege_param, ++ BusDeferredMessage **deferred_message) + { + DBusList *link; +- dbus_bool_t allowed; +- ++ BusResult result; ++ const char *privilege; ++ + /* policy->rules is in the order the rules appeared + * in the config file, i.e. last rule that applies wins + */ +@@ -892,7 +903,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, + _dbus_verbose (" (policy) checking send rules\n"); + *toggles = 0; + +- allowed = FALSE; ++ result = BUS_RESULT_FALSE; + link = _dbus_list_get_first_link (&policy->rules); + while (link != NULL) + { +@@ -923,13 +934,14 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, + /* If it's a reply, the requested_reply flag kicks in */ + if (dbus_message_get_reply_serial (message) != 0) + { +- /* for allow, requested_reply=true means the rule applies +- * only when reply was requested. requested_reply=false means +- * always allow. ++ /* for allow or check requested_reply=true means the rule applies ++ * only when reply was requested. requested_reply=false means the ++ * rule always applies + */ +- if (!requested_reply && rule->allow && rule->d.send.requested_reply && !rule->d.send.eavesdrop) ++ if (!requested_reply && rule->access != BUS_POLICY_RULE_ACCESS_DENY && rule->d.send.requested_reply && !rule->d.send.eavesdrop) + { +- _dbus_verbose (" (policy) skipping allow rule since it only applies to requested replies and does not allow eavesdropping\n"); ++ _dbus_verbose (" (policy) skipping %s rule since it only applies to requested replies and does not allow eavesdropping\n", ++ rule->access == BUS_POLICY_RULE_ACCESS_ALLOW ? "allow" : "check"); + continue; + } + +@@ -937,7 +949,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, + * when the reply was not requested. requested_reply=true means the + * rule always applies. + */ +- if (requested_reply && !rule->allow && !rule->d.send.requested_reply) ++ if (requested_reply && rule->access == BUS_POLICY_RULE_ACCESS_DENY && !rule->d.send.requested_reply) + { + _dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n"); + continue; +@@ -960,13 +972,15 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, + /* The interface is optional in messages. For allow rules, if the message + * has no interface we want to skip the rule (and thus not allow); + * for deny rules, if the message has no interface we want to use the +- * rule (and thus deny). ++ * rule (and thus deny). Check rules are meant to be used like allow ++ * rules (they can grant access, but not remove it), so we treat it like ++ * allow here. + */ + dbus_bool_t no_interface; + + no_interface = dbus_message_get_interface (message) == NULL; + +- if ((no_interface && rule->allow) || ++ if ((no_interface && rule->access != BUS_POLICY_RULE_ACCESS_DENY) || + (!no_interface && + strcmp (dbus_message_get_interface (message), + rule->d.send.interface) != 0)) +@@ -1079,33 +1093,64 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, + } + + /* Use this rule */ +- allowed = rule->allow; ++ switch (rule->access) ++ { ++ case BUS_POLICY_RULE_ACCESS_ALLOW: ++ result = BUS_RESULT_TRUE; ++ break; ++ case BUS_POLICY_RULE_ACCESS_DENY: ++ default: ++ result = BUS_RESULT_FALSE; ++ break; ++ case BUS_POLICY_RULE_ACCESS_CHECK: ++ result = BUS_RESULT_LATER; ++ privilege = rule->privilege; ++ break; ++ } ++ + *log = rule->d.send.log; + (*toggles)++; + +- _dbus_verbose (" (policy) used rule, allow now = %d\n", +- allowed); ++ _dbus_verbose (" (policy) used rule, result now = %d\n", ++ (int)(intptr_t)result); + } + +- return allowed; ++ if (result == BUS_RESULT_LATER) ++ { ++ BusContext *context = bus_connection_get_context(sender); ++ BusCheck *check = bus_context_get_check(context); ++ ++ result = bus_check_privilege(check, message, sender, addressed_recipient, receiver, ++ privilege, BUS_DEFERRED_MESSAGE_CHECK_SEND, deferred_message); ++ } ++ else ++ privilege = NULL; ++ ++ if (privilege_param != NULL) ++ *privilege_param = privilege; ++ ++ return result; + } + + /* See docs on what the args mean on bus_context_check_security_policy() + * comment + */ +-dbus_bool_t +-bus_client_policy_check_can_receive (BusClientPolicy *policy, +- BusRegistry *registry, +- dbus_bool_t requested_reply, +- DBusConnection *sender, +- DBusConnection *addressed_recipient, +- DBusConnection *proposed_recipient, +- DBusMessage *message, +- dbus_int32_t *toggles) ++BusResult ++bus_client_policy_check_can_receive (BusClientPolicy *policy, ++ BusRegistry *registry, ++ dbus_bool_t requested_reply, ++ DBusConnection *sender, ++ DBusConnection *addressed_recipient, ++ DBusConnection *proposed_recipient, ++ DBusMessage *message, ++ dbus_int32_t *toggles, ++ const char **privilege_param, ++ BusDeferredMessage **deferred_message) + { + DBusList *link; +- dbus_bool_t allowed; + dbus_bool_t eavesdropping; ++ BusResult result; ++ const char *privilege; + + eavesdropping = + addressed_recipient != proposed_recipient && +@@ -1118,7 +1163,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, + _dbus_verbose (" (policy) checking receive rules, eavesdropping = %d\n", eavesdropping); + *toggles = 0; + +- allowed = FALSE; ++ result = BUS_RESULT_FALSE; + link = _dbus_list_get_first_link (&policy->rules); + while (link != NULL) + { +@@ -1141,19 +1186,21 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, + } + } + +- /* for allow, eavesdrop=false means the rule doesn't apply when +- * eavesdropping. eavesdrop=true means always allow. ++ ++ /* for allow or check, eavesdrop=false means the rule doesn't apply when ++ * eavesdropping. eavesdrop=true means the rule always applies + */ +- if (eavesdropping && rule->allow && !rule->d.receive.eavesdrop) ++ if (eavesdropping && rule->access != BUS_POLICY_RULE_ACCESS_DENY && !rule->d.receive.eavesdrop) + { +- _dbus_verbose (" (policy) skipping allow rule since it doesn't apply to eavesdropping\n"); ++ _dbus_verbose (" (policy) skipping %s rule since it doesn't apply to eavesdropping\n", ++ rule->access == BUS_POLICY_RULE_ACCESS_ALLOW ? "allow" : "check"); + continue; + } + + /* for deny, eavesdrop=true means the rule applies only when + * eavesdropping; eavesdrop=false means always deny. + */ +- if (!eavesdropping && !rule->allow && rule->d.receive.eavesdrop) ++ if (!eavesdropping && rule->access == BUS_POLICY_RULE_ACCESS_DENY && rule->d.receive.eavesdrop) + { + _dbus_verbose (" (policy) skipping deny rule since it only applies to eavesdropping\n"); + continue; +@@ -1162,13 +1209,14 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, + /* If it's a reply, the requested_reply flag kicks in */ + if (dbus_message_get_reply_serial (message) != 0) + { +- /* for allow, requested_reply=true means the rule applies +- * only when reply was requested. requested_reply=false means +- * always allow. ++ /* for allow or check requested_reply=true means the rule applies ++ * only when reply was requested. requested_reply=false means the ++ * rule always applies + */ +- if (!requested_reply && rule->allow && rule->d.receive.requested_reply && !rule->d.receive.eavesdrop) ++ if (!requested_reply && rule->access != BUS_POLICY_RULE_ACCESS_DENY && rule->d.send.requested_reply && !rule->d.send.eavesdrop) + { +- _dbus_verbose (" (policy) skipping allow rule since it only applies to requested replies and does not allow eavesdropping\n"); ++ _dbus_verbose (" (policy) skipping %s rule since it only applies to requested replies and does not allow eavesdropping\n", ++ rule->access == BUS_POLICY_RULE_ACCESS_DENY ? "allow" : "deny"); + continue; + } + +@@ -1176,7 +1224,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, + * when the reply was not requested. requested_reply=true means the + * rule always applies. + */ +- if (requested_reply && !rule->allow && !rule->d.receive.requested_reply) ++ if (requested_reply && rule->access == BUS_POLICY_RULE_ACCESS_DENY && !rule->d.receive.requested_reply) + { + _dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n"); + continue; +@@ -1199,13 +1247,13 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, + /* The interface is optional in messages. For allow rules, if the message + * has no interface we want to skip the rule (and thus not allow); + * for deny rules, if the message has no interface we want to use the +- * rule (and thus deny). ++ * rule (and thus deny). Check rules are treated like allow rules. + */ + dbus_bool_t no_interface; + + no_interface = dbus_message_get_interface (message) == NULL; + +- if ((no_interface && rule->allow) || ++ if ((no_interface && rule->access != BUS_POLICY_RULE_ACCESS_DENY) || + (!no_interface && + strcmp (dbus_message_get_interface (message), + rule->d.receive.interface) != 0)) +@@ -1295,14 +1343,43 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, + } + + /* Use this rule */ +- allowed = rule->allow; ++ switch (rule->access) ++ { ++ case BUS_POLICY_RULE_ACCESS_ALLOW: ++ result = BUS_RESULT_TRUE; ++ break; ++ case BUS_POLICY_RULE_ACCESS_DENY: ++ default: ++ result = BUS_RESULT_FALSE; ++ break; ++ case BUS_POLICY_RULE_ACCESS_CHECK: ++ result = BUS_RESULT_LATER; ++ privilege = rule->privilege; ++ break; ++ } ++ + (*toggles)++; + +- _dbus_verbose (" (policy) used rule, allow now = %d\n", +- allowed); ++ _dbus_verbose (" (policy) used rule, result now = %d\n", ++ (int)(intptr_t)result); + } + +- return allowed; ++ ++ if (result == BUS_RESULT_LATER) ++ { ++ BusContext *context = bus_connection_get_context(proposed_recipient); ++ BusCheck *check = bus_context_get_check(context); ++ ++ result = bus_check_privilege(check, message, sender, addressed_recipient, proposed_recipient, ++ privilege, BUS_DEFERRED_MESSAGE_CHECK_RECEIVE, deferred_message); ++ } ++ else ++ privilege = NULL; ++ ++ if (privilege_param != NULL) ++ *privilege_param = privilege; ++ ++ return result; + } + + +@@ -1354,7 +1431,7 @@ bus_rules_check_can_own (DBusList *rules, + } + + /* Use this rule */ +- allowed = rule->allow; ++ allowed = rule->access == BUS_POLICY_RULE_ACCESS_ALLOW; + } + + return allowed; +diff --git a/bus/policy.h b/bus/policy.h +index ec43ffa..f839d23 100644 +--- a/bus/policy.h ++++ b/bus/policy.h +@@ -46,6 +46,14 @@ typedef enum + BUS_POLICY_TRISTATE_TRUE + } BusPolicyTristate; + ++typedef enum ++{ ++ BUS_POLICY_RULE_ACCESS_DENY, ++ BUS_POLICY_RULE_ACCESS_ALLOW, ++ /** runtime check resulting in allow or deny */ ++ BUS_POLICY_RULE_ACCESS_CHECK ++} BusPolicyRuleAccess; ++ + /** determines whether the rule affects a connection, or some global item */ + #define BUS_POLICY_RULE_IS_PER_CLIENT(rule) (!((rule)->type == BUS_POLICY_RULE_USER || \ + (rule)->type == BUS_POLICY_RULE_GROUP)) +@@ -56,8 +64,9 @@ struct BusPolicyRule + + BusPolicyRuleType type; + +- unsigned int allow : 1; /**< #TRUE if this allows, #FALSE if it denies */ +- ++ unsigned int access : 2; /**< BusPolicyRuleAccess */ ++ char *privilege; /**< for BUS_POLICY_RULE_ACCESS_CHECK */ ++ + union + { + struct +@@ -118,7 +127,7 @@ struct BusPolicyRule + }; + + BusPolicyRule* bus_policy_rule_new (BusPolicyRuleType type, +- dbus_bool_t allow); ++ BusPolicyRuleAccess access); + BusPolicyRule* bus_policy_rule_ref (BusPolicyRule *rule); + void bus_policy_rule_unref (BusPolicyRule *rule); + +@@ -152,21 +161,27 @@ dbus_bool_t bus_policy_merge (BusPolicy *policy, + BusClientPolicy* bus_client_policy_new (void); + BusClientPolicy* bus_client_policy_ref (BusClientPolicy *policy); + void bus_client_policy_unref (BusClientPolicy *policy); +-dbus_bool_t bus_client_policy_check_can_send (BusClientPolicy *policy, ++BusResult bus_client_policy_check_can_send (DBusConnection *sender, ++ BusClientPolicy *policy, + BusRegistry *registry, + dbus_bool_t requested_reply, ++ DBusConnection *addressed_recipient, + DBusConnection *receiver, + DBusMessage *message, + dbus_int32_t *toggles, +- dbus_bool_t *log); +-dbus_bool_t bus_client_policy_check_can_receive (BusClientPolicy *policy, ++ dbus_bool_t *log, ++ const char **privilege_param, ++ BusDeferredMessage **deferred_message); ++BusResult bus_client_policy_check_can_receive (BusClientPolicy *policy, + BusRegistry *registry, + dbus_bool_t requested_reply, + DBusConnection *sender, + DBusConnection *addressed_recipient, + DBusConnection *proposed_recipient, + DBusMessage *message, +- dbus_int32_t *toggles); ++ dbus_int32_t *toggles, ++ const char **privilege_param, ++ BusDeferredMessage **deferred_message); + dbus_bool_t bus_client_policy_check_can_own (BusClientPolicy *policy, + const DBusString *service_name); + dbus_bool_t bus_client_policy_append_rule (BusClientPolicy *policy, +diff --git a/configure.ac b/configure.ac +index d1e3a29..11b5ffd 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1742,6 +1742,17 @@ AC_ARG_ENABLE([user-session], + AM_CONDITIONAL([DBUS_ENABLE_USER_SESSION], + [test "x$enable_user_session" = xyes]) + ++#enable cynara integration ++AC_ARG_ENABLE([cynara], [AS_HELP_STRING([--enable-cynara], [enable Cynara integration])], [], [enable_cynara=no]) ++if test "x$enable_cynara" = xyes; then ++ PKG_CHECK_MODULES([CYNARA], [cynara-client-async >= 0.6.0 cynara-session >= 0.6.0], ++ [AC_DEFINE([DBUS_ENABLE_CYNARA], [1], [Define to enable Cynara privilege checks in dbus-daemon])], ++ [AC_MSG_ERROR([libcynara-client-async and cynara-session are required to enable Cynara integration])]) ++fi ++ ++AC_SUBST([CYNARA_CFLAGS]) ++AC_SUBST([CYNARA_LIBS]) ++ + AC_CONFIG_FILES([ + Doxyfile + dbus/Version +@@ -1824,6 +1835,7 @@ echo " + Building bus stats API: ${enable_stats} + Building SELinux support: ${have_selinux} + Building AppArmor support: ${have_apparmor} ++ Building Cynara support: ${enable_cynara} + Building inotify support: ${have_inotify} + Building kqueue support: ${have_kqueue} + Building systemd support: ${have_systemd} +diff --git a/test/Makefile.am b/test/Makefile.am +index af1e13b..e6f50e1 100644 +--- a/test/Makefile.am ++++ b/test/Makefile.am +@@ -439,6 +439,7 @@ in_data = \ + data/valid-config-files/debug-allow-all.conf.in \ + data/valid-config-files/finite-timeout.conf.in \ + data/valid-config-files/forbidding.conf.in \ ++ data/valid-config-files/debug-check-some.conf.in \ + data/valid-config-files/incoming-limit.conf.in \ + data/valid-config-files/max-completed-connections.conf.in \ + data/valid-config-files/max-connections-per-user.conf.in \ +diff --git a/test/data/invalid-config-files/badcheck-1.conf b/test/data/invalid-config-files/badcheck-1.conf +new file mode 100644 +index 0000000..fad9f50 +--- /dev/null ++++ b/test/data/invalid-config-files/badcheck-1.conf +@@ -0,0 +1,9 @@ ++ ++ ++ mybususer ++ unix:path=/foo/bar ++ ++ ++ ++ +diff --git a/test/data/invalid-config-files/badcheck-2.conf b/test/data/invalid-config-files/badcheck-2.conf +new file mode 100644 +index 0000000..63c7ef2 +--- /dev/null ++++ b/test/data/invalid-config-files/badcheck-2.conf +@@ -0,0 +1,9 @@ ++ ++ ++ mybususer ++ unix:path=/foo/bar ++ ++ ++ ++ +diff --git a/test/data/valid-config-files/check-1.conf b/test/data/valid-config-files/check-1.conf +new file mode 100644 +index 0000000..ad71473 +--- /dev/null ++++ b/test/data/valid-config-files/check-1.conf +@@ -0,0 +1,9 @@ ++ ++ ++ mybususer ++ unix:path=/foo/bar ++ ++ ++ ++ +diff --git a/test/data/valid-config-files/debug-check-some.conf.in b/test/data/valid-config-files/debug-check-some.conf.in +new file mode 100644 +index 0000000..47ee854 +--- /dev/null ++++ b/test/data/valid-config-files/debug-check-some.conf.in +@@ -0,0 +1,18 @@ ++ ++ ++ ++ ++ debug-pipe:name=test-server ++ @TEST_LISTEN@ ++ @DBUS_TEST_DATA@/valid-service-files ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ +-- +2.21.1 + diff --git a/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0002-Disable-message-dispatching-when-send-rule-result-is.patch b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0002-Disable-message-dispatching-when-send-rule-result-is.patch new file mode 100644 index 000000000..bac8cf97f --- /dev/null +++ b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0002-Disable-message-dispatching-when-send-rule-result-is.patch @@ -0,0 +1,967 @@ +From c2f4ba585c777b731df6b6b8a165b6cc4dc5d639 Mon Sep 17 00:00:00 2001 +From: Jacek Bukarewicz +Date: Fri, 28 Nov 2014 12:07:39 +0100 +Subject: [PATCH 2/8] Disable message dispatching when send rule result is not + known +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When unicast message is sent to addressed recipient and policy result +is not available message dispatch from the sender is disabled. +This also means that any further messages from the given connection are +put into the incoming queue without being processed. If response is received +message dispatching is resumed. This time answer is attached to the message +which is now processed synchronously. +Receive rule result unavailability is not yet handled - such messages are +rejected. Also, if message is sent to non-addressed recipient and policy result +is unknown, message is silently dropped. + +Cherry-picked from b1b87ad9f20b2052c28431b48e81073078a745ce +by Jose Bollo. + +Updated for dbus 1.10.20 by Scott Murray and José Bollo + +Signed-off-by: José Bollo +Signed-off-by: Scott Murray +--- + bus/activation.c | 76 +++++++++++-- + bus/check.c | 109 +++++++++++++++++-- + bus/check.h | 10 ++ + bus/cynara.c | 1 - + bus/dispatch.c | 184 ++++++++++++++++++++++++++++---- + bus/dispatch.h | 2 +- + bus/driver.c | 12 ++- + dbus/dbus-connection-internal.h | 15 +++ + dbus/dbus-connection.c | 125 +++++++++++++++++++++- + dbus/dbus-list.c | 29 +++++ + dbus/dbus-list.h | 3 + + dbus/dbus-shared.h | 3 +- + 12 files changed, 528 insertions(+), 41 deletions(-) + +diff --git a/bus/activation.c b/bus/activation.c +index f9c6c62..8301b59 100644 +--- a/bus/activation.c ++++ b/bus/activation.c +@@ -32,6 +32,7 @@ + #include "services.h" + #include "test.h" + #include "utils.h" ++#include + #include + #include + #include +@@ -94,6 +95,8 @@ struct BusPendingActivationEntry + DBusConnection *connection; + + dbus_bool_t auto_activation; ++ ++ dbus_bool_t is_put_back; + }; + + typedef struct +@@ -1241,20 +1244,23 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation + BusPendingActivationEntry *entry = link->data; + DBusList *next = _dbus_list_get_next_link (&pending_activation->entries, link); + +- if (entry->auto_activation && (entry->connection == NULL || dbus_connection_get_is_connected (entry->connection))) ++ if (entry->auto_activation && !entry->is_put_back && ++ (entry->connection == NULL || dbus_connection_get_is_connected (entry->connection))) + { + DBusConnection *addressed_recipient; + DBusError error; ++ BusResult res; + + dbus_error_init (&error); + + addressed_recipient = bus_service_get_primary_owners_connection (service); + + /* Resume dispatching where we left off in bus_dispatch() */ +- if (!bus_dispatch_matches (transaction, +- entry->connection, +- addressed_recipient, +- entry->activation_message, &error)) ++ res = bus_dispatch_matches (transaction, ++ entry->connection, ++ addressed_recipient, ++ entry->activation_message, &error); ++ if (res == BUS_RESULT_FALSE) + { + /* If permission is denied, we just want to return the error + * to the original method invoker; in particular, we don't +@@ -1266,11 +1272,44 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation + bus_connection_send_oom_error (entry->connection, + entry->activation_message); + } +- + dbus_error_free (&error); + link = next; + continue; + } ++ else if (res == BUS_RESULT_LATER) ++ { ++ DBusList *putback_message_link = link; ++ DBusMessage *last_inserted_message = NULL; ++ ++ /* NULL entry->connection implies sending pending ActivationRequest message to systemd */ ++ if (entry->connection == NULL) ++ { ++ _dbus_assert_not_reached ("bus_dispatch_matches returned BUS_RESULT_LATER unexpectedly when sender is NULL"); ++ link = next; ++ continue; ++ } ++ ++ /** ++ * Getting here means that policy check result is not yet available and dispatching ++ * messages from entry->connection has been disabled. ++ * Let's put back all messages for the given connection in the incoming queue and mark ++ * this entry as put back so they are not handled twice. ++ */ ++ while (putback_message_link != NULL) ++ { ++ BusPendingActivationEntry *putback_message = putback_message_link->data; ++ if (putback_message->connection == entry->connection) ++ { ++ if (!_dbus_connection_putback_message (putback_message->connection, last_inserted_message, ++ putback_message->activation_message, &error)) ++ goto error; ++ last_inserted_message = putback_message->activation_message; ++ putback_message->is_put_back = TRUE; ++ } ++ ++ putback_message_link = _dbus_list_get_next_link(&pending_activation->entries, putback_message_link); ++ } ++ } + } + + link = next; +@@ -1287,6 +1326,19 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation + return TRUE; + + error: ++ /* remove all messages that have been put to connections' incoming queues */ ++ link = _dbus_list_get_first_link (&pending_activation->entries); ++ while (link != NULL) ++ { ++ BusPendingActivationEntry *entry = link->data; ++ if (entry->is_put_back) ++ { ++ _dbus_connection_remove_message(entry->connection, entry->activation_message); ++ entry->is_put_back = FALSE; ++ } ++ link = _dbus_list_get_next_link(&pending_activation->entries, link); ++ } ++ + return FALSE; + } + +@@ -2079,6 +2131,7 @@ bus_activation_activate_service (BusActivation *activation, + + if (service != NULL) + { ++ BusResult res; + bus_context_log (activation->context, + DBUS_SYSTEM_LOG_INFO, "Activating via systemd: service name='%s' unit='%s' requested by '%s' (%s)", + service_name, +@@ -2086,8 +2139,17 @@ bus_activation_activate_service (BusActivation *activation, + bus_connection_get_name (connection), + bus_connection_get_loginfo (connection)); + /* Wonderful, systemd is connected, let's just send the msg */ +- retval = bus_dispatch_matches (activation_transaction, NULL, ++ res = bus_dispatch_matches (activation_transaction, NULL, + systemd, message, error); ++ ++ if (res == BUS_RESULT_TRUE) ++ retval = TRUE; ++ else ++ { ++ retval = FALSE; ++ if (res == BUS_RESULT_LATER) ++ _dbus_verbose("Unexpectedly need time to check message from bus driver to systemd - dropping the message.\n"); ++ } + } + else + { +diff --git a/bus/check.c b/bus/check.c +index 5b72d31..4b8a699 100644 +--- a/bus/check.c ++++ b/bus/check.c +@@ -55,6 +55,8 @@ typedef struct BusDeferredMessage + BusCheckResponseFunc response_callback; + } BusDeferredMessage; + ++static dbus_int32_t deferred_message_data_slot = -1; ++ + BusCheck * + bus_check_new (BusContext *context, DBusError *error) + { +@@ -67,11 +69,19 @@ bus_check_new (BusContext *context, DBusError *error) + return NULL; + } + ++ if (!dbus_message_allocate_data_slot(&deferred_message_data_slot)) ++ { ++ dbus_free(check); ++ BUS_SET_OOM(error); ++ return NULL; ++ } ++ + check->refcount = 1; + check->context = context; + check->cynara = bus_cynara_new(check, error); + if (dbus_error_is_set(error)) + { ++ dbus_message_free_data_slot(&deferred_message_data_slot); + dbus_free(check); + return NULL; + } +@@ -98,6 +108,7 @@ bus_check_unref (BusCheck *check) + if (check->refcount == 0) + { + bus_cynara_unref(check->cynara); ++ dbus_message_free_data_slot(&deferred_message_data_slot); + dbus_free(check); + } + } +@@ -114,6 +125,45 @@ bus_check_get_cynara (BusCheck *check) + return check->cynara; + } + ++static void ++bus_check_enable_dispatch_callback (BusDeferredMessage *deferred_message, ++ BusResult result) ++{ ++ _dbus_verbose("bus_check_enable_dispatch_callback called deferred_message=%p\n", deferred_message); ++ ++ deferred_message->response = result; ++ _dbus_connection_enable_dispatch(deferred_message->sender); ++} ++ ++static void ++deferred_message_free_function(void *data) ++{ ++ BusDeferredMessage *deferred_message = (BusDeferredMessage *)data; ++ bus_deferred_message_unref(deferred_message); ++} ++ ++void ++bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message) ++{ ++ _dbus_assert(deferred_message != NULL); ++ _dbus_assert(deferred_message->sender != NULL); ++ ++ if (dbus_message_get_data(deferred_message->message, deferred_message_data_slot) == NULL) ++ { ++ if (dbus_message_set_data(deferred_message->message, deferred_message_data_slot, deferred_message, ++ deferred_message_free_function)) ++ bus_deferred_message_ref(deferred_message); ++ } ++ ++ _dbus_connection_disable_dispatch(deferred_message->sender); ++ deferred_message->response_callback = bus_check_enable_dispatch_callback; ++} ++ ++#ifdef DBUS_ENABLE_EMBEDDED_TESTS ++BusResult (*bus_check_test_override) (DBusConnection *connection, ++ const char *privilege); ++#endif ++ + BusResult + bus_check_privilege (BusCheck *check, + DBusMessage *message, +@@ -124,6 +174,7 @@ bus_check_privilege (BusCheck *check, + BusDeferredMessageStatus check_type, + BusDeferredMessage **deferred_message) + { ++ BusDeferredMessage *previous_deferred_message; + BusResult result = BUS_RESULT_FALSE; + #ifdef DBUS_ENABLE_CYNARA + BusCynara *cynara; +@@ -137,16 +188,54 @@ bus_check_privilege (BusCheck *check, + return BUS_RESULT_FALSE; + } + +- /* ask policy checkers */ +-#ifdef DBUS_ENABLE_CYNARA +- cynara = bus_check_get_cynara(check); +- result = bus_cynara_check_privilege(cynara, message, sender, addressed_recipient, +- proposed_recipient, privilege, check_type, deferred_message); ++#ifdef DBUS_ENABLE_EMBEDDED_TESTS ++ if (bus_check_test_override) ++ return bus_check_test_override (connection, privilege); + #endif + +- if (result == BUS_RESULT_LATER && deferred_message != NULL) ++ previous_deferred_message = dbus_message_get_data(message, deferred_message_data_slot); ++ /* check if message blocked at sender's queue is being processed */ ++ if (previous_deferred_message != NULL) ++ { ++ if ((check_type & BUS_DEFERRED_MESSAGE_CHECK_SEND) && ++ !(previous_deferred_message->status & BUS_DEFERRED_MESSAGE_CHECK_SEND)) ++ { ++ /** ++ * Message has been deferred due to receive or own rule which means that sending this message ++ * is allowed - it must have been checked previously. ++ * This might happen when client calls RequestName method which depending on security ++ * policy might result in both "can_send" and "can_own" Cynara checks. ++ */ ++ result = BUS_RESULT_TRUE; ++ } ++ else ++ { ++ result = previous_deferred_message->response; ++ if (result == BUS_RESULT_LATER) ++ { ++ /* result is still not known - reuse deferred message object */ ++ if (deferred_message != NULL) ++ *deferred_message = previous_deferred_message; ++ } ++ else ++ { ++ /* result is available - we can remove deferred message from the processed message */ ++ dbus_message_set_data(message, deferred_message_data_slot, NULL, NULL); ++ } ++ } ++ } ++ else + { +- (*deferred_message)->status |= check_type; ++ /* ask policy checkers */ ++#ifdef DBUS_ENABLE_CYNARA ++ cynara = bus_check_get_cynara(check); ++ result = bus_cynara_check_privilege(cynara, message, sender, addressed_recipient, ++ proposed_recipient, privilege, check_type, deferred_message); ++#endif ++ if (result == BUS_RESULT_LATER && deferred_message != NULL) ++ { ++ (*deferred_message)->status |= check_type; ++ } + } + return result; + } +@@ -206,6 +295,12 @@ bus_deferred_message_unref (BusDeferredMessage *deferred_message) + } + } + ++BusDeferredMessageStatus ++bus_deferred_message_get_status (BusDeferredMessage *deferred_message) ++{ ++ return deferred_message->status; ++} ++ + void + bus_deferred_message_response_received (BusDeferredMessage *deferred_message, + BusResult result) +diff --git a/bus/check.h b/bus/check.h +index c3fcaf9..d177549 100644 +--- a/bus/check.h ++++ b/bus/check.h +@@ -55,6 +55,7 @@ BusResult bus_check_privilege (BusCheck *check, + BusDeferredMessageStatus check_type, + BusDeferredMessage **deferred_message); + ++ + BusDeferredMessage *bus_deferred_message_new (DBusMessage *message, + DBusConnection *sender, + DBusConnection *addressed_recipient, +@@ -65,4 +66,13 @@ BusDeferredMessage *bus_deferred_message_ref (BusDeferredMessage + void bus_deferred_message_unref (BusDeferredMessage *deferred_message); + void bus_deferred_message_response_received (BusDeferredMessage *deferred_message, + BusResult result); ++void bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message); ++ ++BusDeferredMessageStatus bus_deferred_message_get_status (BusDeferredMessage *deferred_message); ++ ++#ifdef DBUS_ENABLE_EMBEDDED_TESTS ++extern BusResult (*bus_check_test_override) (DBusConnection *connection, ++ const char *privilege); ++#endif ++ + #endif /* BUS_CHECK_H */ +diff --git a/bus/cynara.c b/bus/cynara.c +index 57a4c45..77aed62 100644 +--- a/bus/cynara.c ++++ b/bus/cynara.c +@@ -36,7 +36,6 @@ + #include + #endif + +- + #ifdef DBUS_ENABLE_CYNARA + typedef struct BusCynara + { +diff --git a/bus/dispatch.c b/bus/dispatch.c +index d3867f7..50a22a3 100644 +--- a/bus/dispatch.c ++++ b/bus/dispatch.c +@@ -35,6 +35,7 @@ + #include "signals.h" + #include "test.h" + #include ++#include + #include + #include + +@@ -122,7 +123,7 @@ send_one_message (DBusConnection *connection, + return TRUE; + } + +-dbus_bool_t ++BusResult + bus_dispatch_matches (BusTransaction *transaction, + DBusConnection *sender, + DBusConnection *addressed_recipient, +@@ -158,13 +159,29 @@ bus_dispatch_matches (BusTransaction *transaction, + message, NULL, error, + &deferred_message); + if (res == BUS_RESULT_FALSE) +- return FALSE; ++ return BUS_RESULT_FALSE; + else if (res == BUS_RESULT_LATER) + { +- dbus_set_error (error, +- DBUS_ERROR_ACCESS_DENIED, +- "Rejecting message because time is needed to check security policy"); +- return FALSE; ++ BusDeferredMessageStatus status; ++ status = bus_deferred_message_get_status(deferred_message); ++ ++ if (status & BUS_DEFERRED_MESSAGE_CHECK_SEND) ++ { ++ /* send rule result not available - disable dispatching messages from the sender */ ++ bus_deferred_message_disable_sender(deferred_message); ++ return BUS_RESULT_LATER; ++ } ++ else if (status & BUS_DEFERRED_MESSAGE_CHECK_RECEIVE) ++ { ++ dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, ++ "Rejecting message because time is needed to check security policy"); ++ return BUS_RESULT_FALSE; ++ } ++ else ++ { ++ _dbus_verbose("deferred message has no status field set to send or receive unexpectedly\n"); ++ return BUS_RESULT_FALSE; ++ } + } + + if (dbus_message_contains_unix_fds (message) && +@@ -175,14 +192,14 @@ bus_dispatch_matches (BusTransaction *transaction, + DBUS_ERROR_NOT_SUPPORTED, + "Tried to send message with Unix file descriptors" + "to a client that doesn't support that."); +- return FALSE; +- } ++ return BUS_RESULT_FALSE; ++ } + + /* Dispatch the message */ + if (!bus_transaction_send (transaction, addressed_recipient, message)) + { + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + } + +@@ -197,7 +214,7 @@ bus_dispatch_matches (BusTransaction *transaction, + &recipients)) + { + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + link = _dbus_list_get_first_link (&recipients); +@@ -219,10 +236,10 @@ bus_dispatch_matches (BusTransaction *transaction, + if (dbus_error_is_set (&tmp_error)) + { + dbus_move_error (&tmp_error, error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + else +- return TRUE; ++ return BUS_RESULT_TRUE; + } + + static DBusHandlerResult +@@ -409,10 +426,12 @@ bus_dispatch (DBusConnection *connection, + } + else if (res == BUS_RESULT_LATER) + { +- dbus_set_error (&error, +- DBUS_ERROR_ACCESS_DENIED, +- "Rejecting message because time is needed to check security policy"); +- _dbus_verbose ("Security policy needs time to check policy. Dropping message\n"); ++ /* Disable dispatching messages from the sender, ++ * roll back and dispatch the message once the policy result is available */ ++ bus_deferred_message_disable_sender(deferred_message); ++ bus_transaction_cancel_and_free (transaction); ++ transaction = NULL; ++ result = DBUS_HANDLER_RESULT_LATER; + goto out; + } + +@@ -514,8 +533,14 @@ bus_dispatch (DBusConnection *connection, + * addressed_recipient == NULL), and match it against other connections' + * match rules. + */ +- if (!bus_dispatch_matches (transaction, connection, addressed_recipient, message, &error)) +- goto out; ++ if (BUS_RESULT_LATER == bus_dispatch_matches (transaction, connection, addressed_recipient, ++ message, &error)) ++ { ++ /* Roll back and dispatch the message once the policy result is available */ ++ bus_transaction_cancel_and_free (transaction); ++ transaction = NULL; ++ result = DBUS_HANDLER_RESULT_LATER; ++ } + + out: + if (dbus_error_is_set (&error)) +@@ -5060,9 +5085,132 @@ bus_dispatch_test_conf_fail (const DBusString *test_data_dir, + } + #endif + ++typedef struct { ++ DBusTimeout *timeout; ++ DBusConnection *connection; ++ dbus_bool_t timedout; ++ int check_counter; ++} BusTestCheckData; ++ ++static BusTestCheckData *cdata; ++ ++static dbus_bool_t ++bus_dispatch_test_check_timeout (void *data) ++{ ++ _dbus_verbose ("timeout triggered - pretend that privilege check result is available\n"); ++ ++ /* should only happen once during the test */ ++ _dbus_assert (!cdata->timedout); ++ cdata->timedout = TRUE; ++ _dbus_connection_enable_dispatch (cdata->connection); ++ ++ /* don't call this again */ ++ _dbus_loop_remove_timeout (bus_connection_get_loop (cdata->connection), ++ cdata->timeout); ++ dbus_connection_unref (cdata->connection); ++ cdata->connection = NULL; ++ return TRUE; ++} ++ ++static BusResult ++bus_dispatch_test_check_override (DBusConnection *connection, ++ const char *privilege) ++{ ++ _dbus_verbose ("overriding privilege check %s #%d\n", privilege, cdata->check_counter); ++ cdata->check_counter++; ++ if (!cdata->timedout) ++ { ++ dbus_bool_t added; ++ ++ /* Should be the first privilege check for the "Echo" method. */ ++ _dbus_assert (cdata->check_counter == 1); ++ cdata->timeout = _dbus_timeout_new (1, bus_dispatch_test_check_timeout, ++ NULL, NULL); ++ _dbus_assert (cdata->timeout); ++ added = _dbus_loop_add_timeout (bus_connection_get_loop (connection), ++ cdata->timeout); ++ _dbus_assert (added); ++ cdata->connection = connection; ++ dbus_connection_ref (connection); ++ _dbus_connection_disable_dispatch (connection); ++ return BUS_RESULT_LATER; ++ } ++ else ++ { ++ /* Should only be checked one more time, and this time succeeds. */ ++ _dbus_assert (cdata->check_counter == 2); ++ return BUS_RESULT_TRUE; ++ } ++} ++ ++static dbus_bool_t ++bus_dispatch_test_check (const DBusString *test_data_dir) ++{ ++ const char *filename = "valid-config-files/debug-check-some.conf"; ++ BusContext *context; ++ DBusConnection *foo; ++ DBusError error; ++ dbus_bool_t result = TRUE; ++ BusTestCheckData data; ++ ++ /* save the config name for the activation helper */ ++ if (!setenv_TEST_LAUNCH_HELPER_CONFIG (test_data_dir, filename)) ++ _dbus_assert_not_reached ("no memory setting TEST_LAUNCH_HELPER_CONFIG"); ++ ++ dbus_error_init (&error); ++ ++ context = bus_context_new_test (test_data_dir, filename); ++ if (context == NULL) ++ return FALSE; ++ ++ foo = dbus_connection_open_private (TEST_DEBUG_PIPE, &error); ++ if (foo == NULL) ++ _dbus_assert_not_reached ("could not alloc connection"); ++ ++ if (!bus_setup_debug_client (foo)) ++ _dbus_assert_not_reached ("could not set up connection"); ++ ++ spin_connection_until_authenticated (context, foo); ++ ++ if (!check_hello_message (context, foo)) ++ _dbus_assert_not_reached ("hello message failed"); ++ ++ if (!check_double_hello_message (context, foo)) ++ _dbus_assert_not_reached ("double hello message failed"); ++ ++ if (!check_add_match (context, foo, "")) ++ _dbus_assert_not_reached ("AddMatch message failed"); ++ ++ /* ++ * Cause bus_check_send_privilege() to return BUS_RESULT_LATER in the ++ * first call, then BUS_RESULT_TRUE. ++ */ ++ cdata = &data; ++ memset (cdata, 0, sizeof(*cdata)); ++ bus_check_test_override = bus_dispatch_test_check_override; ++ ++ result = check_existent_service_auto_start (context, foo); ++ ++ _dbus_assert (cdata->check_counter == 2); ++ _dbus_assert (cdata->timedout); ++ _dbus_assert (cdata->timeout); ++ _dbus_assert (!cdata->connection); ++ _dbus_timeout_unref (cdata->timeout); ++ ++ kill_client_connection_unchecked (foo); ++ ++ bus_context_unref (context); ++ ++ return result; ++} ++ + dbus_bool_t + bus_dispatch_test (const DBusString *test_data_dir) + { ++ _dbus_verbose (" tests\n"); ++ if (!bus_dispatch_test_check (test_data_dir)) ++ return FALSE; ++ + /* run normal activation tests */ + _dbus_verbose ("Normal activation tests\n"); + if (!bus_dispatch_test_conf (test_data_dir, +diff --git a/bus/dispatch.h b/bus/dispatch.h +index fb5ba7a..afba6a2 100644 +--- a/bus/dispatch.h ++++ b/bus/dispatch.h +@@ -29,7 +29,7 @@ + + dbus_bool_t bus_dispatch_add_connection (DBusConnection *connection); + void bus_dispatch_remove_connection (DBusConnection *connection); +-dbus_bool_t bus_dispatch_matches (BusTransaction *transaction, ++BusResult bus_dispatch_matches (BusTransaction *transaction, + DBusConnection *sender, + DBusConnection *recipient, + DBusMessage *message, +diff --git a/bus/driver.c b/bus/driver.c +index cd0a714..f414f64 100644 +--- a/bus/driver.c ++++ b/bus/driver.c +@@ -218,6 +218,7 @@ bus_driver_send_service_owner_changed (const char *service_name, + { + DBusMessage *message; + dbus_bool_t retval; ++ BusResult res; + const char *null_service; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -253,7 +254,16 @@ bus_driver_send_service_owner_changed (const char *service_name, + if (!bus_transaction_capture (transaction, NULL, NULL, message)) + goto oom; + +- retval = bus_dispatch_matches (transaction, NULL, NULL, message, error); ++ res = bus_dispatch_matches (transaction, NULL, NULL, message, error); ++ if (res == BUS_RESULT_TRUE) ++ retval = TRUE; ++ else ++ { ++ retval = FALSE; ++ if (res == BUS_RESULT_LATER) ++ /* should never happen */ ++ _dbus_assert_not_reached ("bus_dispatch_matches returned BUS_RESULT_LATER unexpectedly"); ++ } + dbus_message_unref (message); + + return retval; +diff --git a/dbus/dbus-connection-internal.h b/dbus/dbus-connection-internal.h +index 4835732..94b1c95 100644 +--- a/dbus/dbus-connection-internal.h ++++ b/dbus/dbus-connection-internal.h +@@ -118,6 +118,21 @@ DBUS_PRIVATE_EXPORT + dbus_bool_t _dbus_connection_get_linux_security_label (DBusConnection *connection, + char **label_p); + ++DBUS_PRIVATE_EXPORT ++void _dbus_connection_enable_dispatch (DBusConnection *connection); ++DBUS_PRIVATE_EXPORT ++void _dbus_connection_disable_dispatch (DBusConnection *connection); ++ ++DBUS_PRIVATE_EXPORT ++dbus_bool_t _dbus_connection_putback_message (DBusConnection *connection, ++ DBusMessage *after_message, ++ DBusMessage *message, ++ DBusError *error); ++ ++DBUS_PRIVATE_EXPORT ++dbus_bool_t _dbus_connection_remove_message (DBusConnection *connection, ++ DBusMessage *message); ++ + /* if DBUS_ENABLE_STATS */ + DBUS_PRIVATE_EXPORT + void _dbus_connection_get_stats (DBusConnection *connection, +diff --git a/dbus/dbus-connection.c b/dbus/dbus-connection.c +index c525b6d..958968c 100644 +--- a/dbus/dbus-connection.c ++++ b/dbus/dbus-connection.c +@@ -311,7 +311,8 @@ struct DBusConnection + */ + dbus_bool_t dispatch_acquired; /**< Someone has dispatch path (can drain incoming queue) */ + dbus_bool_t io_path_acquired; /**< Someone has transport io path (can use the transport to read/write messages) */ +- ++ ++ unsigned int dispatch_disabled : 1; /**< if true, then dispatching incoming messages is stopped until enabled again */ + unsigned int shareable : 1; /**< #TRUE if libdbus owns a reference to the connection and can return it from dbus_connection_open() more than once */ + + unsigned int exit_on_disconnect : 1; /**< If #TRUE, exit after handling disconnect signal */ +@@ -439,6 +440,39 @@ _dbus_connection_wakeup_mainloop (DBusConnection *connection) + (*connection->wakeup_main_function) (connection->wakeup_main_data); + } + ++static void ++_dbus_connection_set_dispatch(DBusConnection *connection, ++ dbus_bool_t disabled) ++{ ++ CONNECTION_LOCK (connection); ++ if (connection->dispatch_disabled != disabled) ++ { ++ DBusDispatchStatus status; ++ ++ connection->dispatch_disabled = disabled; ++ status = _dbus_connection_get_dispatch_status_unlocked (connection); ++ _dbus_connection_update_dispatch_status_and_unlock (connection, status); ++ } ++ else ++ { ++ CONNECTION_UNLOCK (connection); ++ } ++} ++ ++ ++void ++_dbus_connection_enable_dispatch (DBusConnection *connection) ++{ ++ _dbus_connection_set_dispatch (connection, FALSE); ++} ++ ++void ++ _dbus_connection_disable_dispatch (DBusConnection *connection) ++{ ++ _dbus_connection_set_dispatch (connection, TRUE); ++} ++ ++ + #ifdef DBUS_ENABLE_EMBEDDED_TESTS + /** + * Gets the locks so we can examine them +@@ -4069,6 +4103,82 @@ _dbus_connection_putback_message_link_unlocked (DBusConnection *connection, + "_dbus_connection_putback_message_link_unlocked"); + } + ++dbus_bool_t ++_dbus_connection_putback_message (DBusConnection *connection, ++ DBusMessage *after_message, ++ DBusMessage *message, ++ DBusError *error) ++{ ++ DBusDispatchStatus status; ++ DBusList *message_link = _dbus_list_alloc_link (message); ++ DBusList *after_link; ++ if (message_link == NULL) ++ { ++ _DBUS_SET_OOM (error); ++ return FALSE; ++ } ++ dbus_message_ref (message); ++ ++ CONNECTION_LOCK (connection); ++ _dbus_connection_acquire_dispatch (connection); ++ HAVE_LOCK_CHECK (connection); ++ ++ after_link = _dbus_list_find_first(&connection->incoming_messages, after_message); ++ _dbus_list_insert_after_link (&connection->incoming_messages, after_link, message_link); ++ connection->n_incoming += 1; ++ ++ _dbus_verbose ("Message %p (%s %s %s '%s') put back into queue %p, %d incoming\n", ++ message_link->data, ++ dbus_message_type_to_string (dbus_message_get_type (message_link->data)), ++ dbus_message_get_interface (message_link->data) ? ++ dbus_message_get_interface (message_link->data) : ++ "no interface", ++ dbus_message_get_member (message_link->data) ? ++ dbus_message_get_member (message_link->data) : ++ "no member", ++ dbus_message_get_signature (message_link->data), ++ connection, connection->n_incoming); ++ ++ _dbus_message_trace_ref (message_link->data, -1, -1, ++ "_dbus_connection_putback_message"); ++ ++ _dbus_connection_release_dispatch (connection); ++ ++ status = _dbus_connection_get_dispatch_status_unlocked (connection); ++ _dbus_connection_update_dispatch_status_and_unlock (connection, status); ++ ++ return TRUE; ++} ++ ++dbus_bool_t ++_dbus_connection_remove_message (DBusConnection *connection, ++ DBusMessage *message) ++{ ++ DBusDispatchStatus status; ++ dbus_bool_t removed; ++ ++ CONNECTION_LOCK (connection); ++ _dbus_connection_acquire_dispatch (connection); ++ HAVE_LOCK_CHECK (connection); ++ ++ removed = _dbus_list_remove(&connection->incoming_messages, message); ++ ++ if (removed) ++ { ++ connection->n_incoming -= 1; ++ dbus_message_unref(message); ++ _dbus_verbose ("Message %p removed from incoming queue\n", message); ++ } ++ else ++ _dbus_verbose ("Message %p not found in the incoming queue\n", message); ++ ++ _dbus_connection_release_dispatch (connection); ++ ++ status = _dbus_connection_get_dispatch_status_unlocked (connection); ++ _dbus_connection_update_dispatch_status_and_unlock (connection, status); ++ return removed; ++} ++ + /** + * Returns the first-received message from the incoming message queue, + * removing it from the queue. The caller owns a reference to the +@@ -4252,8 +4362,9 @@ static DBusDispatchStatus + _dbus_connection_get_dispatch_status_unlocked (DBusConnection *connection) + { + HAVE_LOCK_CHECK (connection); +- +- if (connection->n_incoming > 0) ++ if (connection->dispatch_disabled && _dbus_connection_get_is_connected_unlocked(connection)) ++ return DBUS_DISPATCH_COMPLETE; ++ else if (connection->n_incoming > 0) + return DBUS_DISPATCH_DATA_REMAINS; + else if (!_dbus_transport_queue_messages (connection->transport)) + return DBUS_DISPATCH_NEED_MEMORY; +@@ -4716,6 +4827,8 @@ dbus_connection_dispatch (DBusConnection *connection) + + CONNECTION_LOCK (connection); + ++ if (result == DBUS_HANDLER_RESULT_LATER) ++ goto out; + if (result == DBUS_HANDLER_RESULT_NEED_MEMORY) + { + _dbus_verbose ("No memory\n"); +@@ -4838,9 +4951,11 @@ dbus_connection_dispatch (DBusConnection *connection) + connection); + + out: +- if (result == DBUS_HANDLER_RESULT_NEED_MEMORY) ++ if (result == DBUS_HANDLER_RESULT_LATER || ++ result == DBUS_HANDLER_RESULT_NEED_MEMORY) + { +- _dbus_verbose ("out of memory\n"); ++ if (result == DBUS_HANDLER_RESULT_NEED_MEMORY) ++ _dbus_verbose ("out of memory\n"); + + /* Put message back, and we'll start over. + * Yes this means handlers must be idempotent if they +diff --git a/dbus/dbus-list.c b/dbus/dbus-list.c +index 8e713c0..32ea871 100644 +--- a/dbus/dbus-list.c ++++ b/dbus/dbus-list.c +@@ -458,6 +458,35 @@ _dbus_list_remove_last (DBusList **list, + return FALSE; + } + ++/** ++ * Finds a value in the list. Returns the first link ++ * with value equal to the given data pointer. ++ * This is a linear-time operation. ++ * Returns #NULL if no value found that matches. ++ * ++ * @param list address of the list head. ++ * @param data the value to find. ++ * @returns the link if found ++ */ ++DBusList* ++_dbus_list_find_first (DBusList **list, ++ void *data) ++{ ++ DBusList *link; ++ ++ link = _dbus_list_get_first_link (list); ++ ++ while (link != NULL) ++ { ++ if (link->data == data) ++ return link; ++ ++ link = _dbus_list_get_next_link (list, link); ++ } ++ ++ return NULL; ++} ++ + /** + * Finds a value in the list. Returns the last link + * with value equal to the given data pointer. +diff --git a/dbus/dbus-list.h b/dbus/dbus-list.h +index 9350a0d..fee9f1b 100644 +--- a/dbus/dbus-list.h ++++ b/dbus/dbus-list.h +@@ -68,6 +68,9 @@ DBUS_PRIVATE_EXPORT + void _dbus_list_remove_link (DBusList **list, + DBusList *link); + DBUS_PRIVATE_EXPORT ++DBusList* _dbus_list_find_first (DBusList **list, ++ void *data); ++DBUS_PRIVATE_EXPORT + DBusList* _dbus_list_find_last (DBusList **list, + void *data); + DBUS_PRIVATE_EXPORT +diff --git a/dbus/dbus-shared.h b/dbus/dbus-shared.h +index 7ab9103..e5bfbed 100644 +--- a/dbus/dbus-shared.h ++++ b/dbus/dbus-shared.h +@@ -67,7 +67,8 @@ typedef enum + { + DBUS_HANDLER_RESULT_HANDLED, /**< Message has had its effect - no need to run more handlers. */ + DBUS_HANDLER_RESULT_NOT_YET_HANDLED, /**< Message has not had any effect - see if other handlers want it. */ +- DBUS_HANDLER_RESULT_NEED_MEMORY /**< Need more memory in order to return #DBUS_HANDLER_RESULT_HANDLED or #DBUS_HANDLER_RESULT_NOT_YET_HANDLED. Please try again later with more memory. */ ++ DBUS_HANDLER_RESULT_NEED_MEMORY, /**< Need more memory in order to return #DBUS_HANDLER_RESULT_HANDLED or #DBUS_HANDLER_RESULT_NOT_YET_HANDLED. Please try again later with more memory. */ ++ DBUS_HANDLER_RESULT_LATER /**< Message dispatch deferred due to pending policy check */ + } DBusHandlerResult; + + /* Bus names */ +-- +2.21.1 + diff --git a/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0003-Handle-unavailability-of-policy-results-for-broadcas.patch b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0003-Handle-unavailability-of-policy-results-for-broadcas.patch new file mode 100644 index 000000000..7d89a7496 --- /dev/null +++ b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0003-Handle-unavailability-of-policy-results-for-broadcas.patch @@ -0,0 +1,1095 @@ +From 9d39aa9dd55680529d721a0389ce9ef579bb669a Mon Sep 17 00:00:00 2001 +From: Jacek Bukarewicz +Date: Fri, 28 Nov 2014 12:39:33 +0100 +Subject: [PATCH 3/8] Handle unavailability of policy results for broadcasts + and receive rules +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When message is sent to the addressed recipient and receive rule +result is unavailable we don't want to block the sender +as it most likely will be the privileged service, so instead we queue +it at the recipient. Any further messages sent to it will be queued to +maintain message order. Once the answer from Cynara arrives messages are +dispatched from the recipient queue. In such case full dispatch is +performed - messages are sent to addressed recipient and other +interested connections. +Messages sent to non-addressed recipients (eavesdroppers or broadcast +message recipients) are handled in a similar way. The difference is +that it is not full dispatch meaning message is sent to a single recipient. + +Cherry picked from 1e231194610892dd4360224998d91336097b05a1 by Jose Bollo + +Updated for dbus 1.10.20 by Scott Murray and José Bollo + +Signed-off-by: José Bollo +Signed-off-by: Scott Murray +--- + bus/activation.c | 4 +- + bus/bus.c | 50 ++++++-- + bus/bus.h | 19 +++ + bus/check.c | 307 +++++++++++++++++++++++++++++++++++++++++++++++ + bus/check.h | 25 ++++ + bus/connection.c | 168 ++++++++++++++++++++++++-- + bus/connection.h | 19 ++- + bus/dispatch.c | 115 +++++++++++++++--- + bus/dispatch.h | 11 +- + bus/driver.c | 2 +- + bus/policy.c | 6 + + 11 files changed, 683 insertions(+), 43 deletions(-) + +diff --git a/bus/activation.c b/bus/activation.c +index 8301b59..d4b597c 100644 +--- a/bus/activation.c ++++ b/bus/activation.c +@@ -1259,7 +1259,7 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation + res = bus_dispatch_matches (transaction, + entry->connection, + addressed_recipient, +- entry->activation_message, &error); ++ entry->activation_message, NULL, &error); + if (res == BUS_RESULT_FALSE) + { + /* If permission is denied, we just want to return the error +@@ -2140,7 +2140,7 @@ bus_activation_activate_service (BusActivation *activation, + bus_connection_get_loginfo (connection)); + /* Wonderful, systemd is connected, let's just send the msg */ + res = bus_dispatch_matches (activation_transaction, NULL, +- systemd, message, error); ++ systemd, message, NULL, error); + + if (res == BUS_RESULT_TRUE) + retval = TRUE; +diff --git a/bus/bus.c b/bus/bus.c +index 6fc45d0..0aa700b 100644 +--- a/bus/bus.c ++++ b/bus/bus.c +@@ -1800,17 +1800,9 @@ bus_context_check_security_policy (BusContext *context, + } + + /* See if limits on size have been exceeded */ +- if (proposed_recipient && +- ((dbus_connection_get_outgoing_size (proposed_recipient) > context->limits.max_outgoing_bytes) || +- (dbus_connection_get_outgoing_unix_fds (proposed_recipient) > context->limits.max_outgoing_unix_fds))) +- { +- complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED, +- "Rejected: destination has a full message queue", +- 0, message, sender, proposed_recipient, requested_reply, TRUE, NULL, +- error); +- _dbus_verbose ("security policy disallowing message due to full message queue\n"); ++ if (!bus_context_check_recipient_message_limits(context, proposed_recipient, sender, message, ++ requested_reply, error)) + return BUS_RESULT_FALSE; +- } + + /* Record that we will allow a reply here in the future (don't + * bother if the recipient is the bus or this is an eavesdropping +@@ -1869,3 +1861,41 @@ bus_context_check_all_watches (BusContext *context) + _dbus_server_toggle_all_watches (server, enabled); + } + } ++ ++void ++bus_context_complain_about_message (BusContext *context, ++ const char *error_name, ++ const char *complaint, ++ int matched_rules, ++ DBusMessage *message, ++ DBusConnection *sender, ++ DBusConnection *proposed_recipient, ++ dbus_bool_t requested_reply, ++ dbus_bool_t log, ++ const char *privilege, ++ DBusError *error) ++{ ++ complain_about_message(context, error_name, complaint, matched_rules, message, sender, ++ proposed_recipient, requested_reply, log, privilege, error); ++} ++ ++dbus_bool_t bus_context_check_recipient_message_limits (BusContext *context, ++ DBusConnection *recipient, ++ DBusConnection *sender, ++ DBusMessage *message, ++ dbus_bool_t requested_reply, ++ DBusError *error) ++{ ++ if (recipient && ++ ((dbus_connection_get_outgoing_size (recipient) > context->limits.max_outgoing_bytes) || ++ (dbus_connection_get_outgoing_unix_fds (recipient) > context->limits.max_outgoing_unix_fds))) ++ { ++ complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED, ++ "Rejected: destination has a full message queue", ++ 0, message, sender, recipient, requested_reply, TRUE, NULL, ++ error); ++ _dbus_verbose ("security policy disallowing message due to full message queue\n"); ++ return FALSE; ++ } ++ return TRUE; ++} +diff --git a/bus/bus.h b/bus/bus.h +index 82c32c8..1b08f7c 100644 +--- a/bus/bus.h ++++ b/bus/bus.h +@@ -164,4 +164,23 @@ BusResult bus_context_check_security_policy (BusContext + BusDeferredMessage **deferred_message); + void bus_context_check_all_watches (BusContext *context); + ++dbus_bool_t bus_context_check_recipient_message_limits (BusContext *context, ++ DBusConnection *recipient, ++ DBusConnection *sender, ++ DBusMessage *message, ++ dbus_bool_t requested_reply, ++ DBusError *error); ++void bus_context_complain_about_message (BusContext *context, ++ const char *error_name, ++ const char *complaint, ++ int matched_rules, ++ DBusMessage *message, ++ DBusConnection *sender, ++ DBusConnection *proposed_recipient, ++ dbus_bool_t requested_reply, ++ dbus_bool_t log, ++ const char *privilege, ++ DBusError *error); ++ ++ + #endif /* BUS_BUS_H */ +diff --git a/bus/check.c b/bus/check.c +index 4b8a699..f3d283f 100644 +--- a/bus/check.c ++++ b/bus/check.c +@@ -49,6 +49,9 @@ typedef struct BusDeferredMessage + DBusConnection *sender; + DBusConnection *proposed_recipient; + DBusConnection *addressed_recipient; ++ dbus_bool_t requested_reply; ++ int matched_rules; ++ const char *privilege; + dbus_bool_t full_dispatch; + BusDeferredMessageStatus status; + BusResult response; +@@ -135,6 +138,89 @@ bus_check_enable_dispatch_callback (BusDeferredMessage *deferred_message, + _dbus_connection_enable_dispatch(deferred_message->sender); + } + ++static void ++bus_check_queued_message_reply_callback (BusDeferredMessage *deferred_message, ++ BusResult result) ++{ ++ int status; ++ ++ _dbus_verbose("bus_check_queued_message_reply_callback called message=%p\n", deferred_message); ++ ++ if (!bus_connection_is_active(deferred_message->proposed_recipient)) ++ return; ++ ++ status = deferred_message->status; ++ ++ deferred_message->status = 0; /* mark message as not waiting for response */ ++ deferred_message->response = result; ++ ++ /* ++ * If send rule allows us to send message we still need to check receive rules. ++ */ ++ if ((status & BUS_DEFERRED_MESSAGE_CHECK_SEND) && (result == BUS_RESULT_TRUE)) ++ { ++ int toggles; ++ BusContext *context; ++ BusRegistry *registry; ++ BusClientPolicy *recipient_policy; ++ BusDeferredMessage *deferred_message_receive; ++ ++ context = bus_connection_get_context(deferred_message->proposed_recipient); ++ registry = bus_context_get_registry(context); ++ recipient_policy = bus_connection_get_policy(deferred_message->proposed_recipient); ++ ++ deferred_message->response = bus_client_policy_check_can_receive(recipient_policy, registry, ++ deferred_message->requested_reply, deferred_message->sender, ++ deferred_message->addressed_recipient, deferred_message->proposed_recipient, deferred_message->message, ++ &toggles, NULL, &deferred_message_receive); ++ if (deferred_message->response == BUS_RESULT_LATER) ++ { ++ /* replace deferred message associated with send check with the one associated with ++ * receive check */ ++ if (!bus_deferred_message_replace(deferred_message, deferred_message_receive)) ++ { ++ /* failed to replace deferred message (due to oom). Set it to rejected */ ++ deferred_message->response = BUS_RESULT_FALSE; ++ } ++ } ++ } ++ ++ bus_connection_dispatch_deferred(deferred_message->proposed_recipient); ++} ++ ++static void ++queue_deferred_message_cancel_transaction_hook (void *data) ++{ ++ BusDeferredMessage *deferred_message = (BusDeferredMessage *)data; ++ bus_connection_remove_deferred_message(deferred_message->proposed_recipient, deferred_message); ++} ++ ++ ++dbus_bool_t ++bus_deferred_message_queue_at_recipient (BusDeferredMessage *deferred_message, ++ BusTransaction *transaction, ++ dbus_bool_t full_dispatch, ++ dbus_bool_t prepend) ++{ ++ _dbus_assert(deferred_message != NULL); ++ _dbus_assert(deferred_message->proposed_recipient != NULL); ++ ++ if (!bus_connection_queue_deferred_message(deferred_message->proposed_recipient, ++ deferred_message, prepend)) ++ return FALSE; ++ ++ if (!bus_transaction_add_cancel_hook(transaction, queue_deferred_message_cancel_transaction_hook, ++ deferred_message, NULL)) ++ { ++ bus_connection_remove_deferred_message(deferred_message->proposed_recipient, deferred_message); ++ return FALSE; ++ } ++ deferred_message->response_callback = bus_check_queued_message_reply_callback; ++ deferred_message->full_dispatch = full_dispatch; ++ ++ return TRUE; ++} ++ + static void + deferred_message_free_function(void *data) + { +@@ -159,6 +245,20 @@ bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message) + deferred_message->response_callback = bus_check_enable_dispatch_callback; + } + ++void ++bus_deferred_message_set_policy_check_info (BusDeferredMessage *deferred_message, ++ dbus_bool_t requested_reply, ++ int matched_rules, ++ const char *privilege) ++{ ++ _dbus_assert(deferred_message != NULL); ++ ++ deferred_message->requested_reply = requested_reply; ++ deferred_message->matched_rules = matched_rules; ++ deferred_message->privilege = privilege; ++} ++ ++ + #ifdef DBUS_ENABLE_EMBEDDED_TESTS + BusResult (*bus_check_test_override) (DBusConnection *connection, + const char *privilege); +@@ -259,6 +359,9 @@ BusDeferredMessage *bus_deferred_message_new (DBusMessage *message, + deferred_message->addressed_recipient = addressed_recipient != NULL ? dbus_connection_ref(addressed_recipient) : NULL; + deferred_message->proposed_recipient = proposed_recipient != NULL ? dbus_connection_ref(proposed_recipient) : NULL; + deferred_message->message = dbus_message_ref(message); ++ deferred_message->requested_reply = FALSE; ++ deferred_message->matched_rules = 0; ++ deferred_message->privilege = NULL; + deferred_message->response = response; + deferred_message->status = 0; + deferred_message->full_dispatch = FALSE; +@@ -295,12 +398,215 @@ bus_deferred_message_unref (BusDeferredMessage *deferred_message) + } + } + ++dbus_bool_t ++bus_deferred_message_check_message_limits (BusDeferredMessage *deferred_message, DBusError *error) ++{ ++ BusContext *context = bus_connection_get_context(deferred_message->proposed_recipient); ++ ++ return bus_context_check_recipient_message_limits(context, deferred_message->proposed_recipient, ++ deferred_message->sender, deferred_message->message, deferred_message->requested_reply, ++ error); ++} ++ ++dbus_bool_t ++bus_deferred_message_expect_method_reply(BusDeferredMessage *deferred_message, BusTransaction *transaction, DBusError *error) ++{ ++ int type = dbus_message_get_type(deferred_message->message); ++ if (type == DBUS_MESSAGE_TYPE_METHOD_CALL && ++ deferred_message->sender && ++ deferred_message->addressed_recipient && ++ deferred_message->addressed_recipient == deferred_message->proposed_recipient && /* not eavesdropping */ ++ !bus_connections_expect_reply (bus_connection_get_connections (deferred_message->sender), ++ transaction, ++ deferred_message->sender, deferred_message->addressed_recipient, ++ deferred_message->message, error)) ++ { ++ _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n"); ++ return FALSE; ++ } ++ return TRUE; ++} ++ ++void ++bus_deferred_message_create_error(BusDeferredMessage *deferred_message, ++ const char *error_message, DBusError *error) ++{ ++ BusContext *context; ++ _dbus_assert (deferred_message->status == 0 && deferred_message->response == BUS_RESULT_FALSE); ++ ++ if (deferred_message->sender == NULL) ++ return; /* error won't be sent to bus driver anyway */ ++ ++ context = bus_connection_get_context(deferred_message->sender); ++ bus_context_complain_about_message(context, DBUS_ERROR_ACCESS_DENIED, "Rejected message", ++ deferred_message->matched_rules, deferred_message->message, deferred_message->sender, ++ deferred_message->proposed_recipient, deferred_message->requested_reply, FALSE, ++ deferred_message->privilege, error); ++} ++ ++BusResult ++bus_deferred_message_dispatch (BusDeferredMessage *deferred_message) ++{ ++ BusContext *context = bus_connection_get_context (deferred_message->proposed_recipient); ++ BusTransaction *transaction = bus_transaction_new (context); ++ BusResult result = BUS_RESULT_TRUE; ++ DBusError error; ++ ++ if (transaction == NULL) ++ { ++ return BUS_RESULT_FALSE; ++ } ++ ++ dbus_error_init(&error); ++ ++ if (!deferred_message->full_dispatch) ++ { ++ result = deferred_message->response; ++ if (result == BUS_RESULT_TRUE) ++ { ++ if (!bus_context_check_recipient_message_limits(context, deferred_message->proposed_recipient, ++ deferred_message->sender, deferred_message->message, deferred_message->requested_reply, &error)) ++ result = BUS_RESULT_FALSE; ++ } ++ else if (result == BUS_RESULT_LATER) ++ { ++ BusDeferredMessage *deferred_message2; ++ result = bus_context_check_security_policy (context, transaction, ++ deferred_message->sender, ++ deferred_message->addressed_recipient, ++ deferred_message->proposed_recipient, ++ deferred_message->message, NULL, NULL, ++ &deferred_message2); ++ ++ if (result == BUS_RESULT_LATER) ++ { ++ /* prepend at recipient */ ++ if (!bus_deferred_message_queue_at_recipient(deferred_message2, transaction, ++ FALSE, TRUE)) ++ result = BUS_RESULT_FALSE; ++ } ++ } ++ ++ /* silently drop messages on access denial */ ++ if (result == BUS_RESULT_TRUE) ++ { ++ if (!bus_transaction_send (transaction, deferred_message->proposed_recipient, deferred_message->message, TRUE)) ++ result = BUS_RESULT_FALSE; ++ } ++ ++ bus_transaction_execute_and_free(transaction); ++ ++ goto out; ++ } ++ ++ /* do not attempt to send message if sender has disconnected */ ++ if (deferred_message->sender != NULL && !bus_connection_is_active(deferred_message->sender)) ++ { ++ bus_transaction_cancel_and_free(transaction); ++ result = BUS_RESULT_FALSE; ++ goto out; ++ } ++ ++ result = bus_dispatch_matches(transaction, deferred_message->sender, ++ deferred_message->addressed_recipient, deferred_message->message, deferred_message, &error); ++ ++ if (result == BUS_RESULT_LATER) ++ { ++ /* Message deferring was already done in bus_dispatch_matches */ ++ bus_transaction_cancel_and_free(transaction); ++ goto out; ++ } ++ ++ /* this part is a copy & paste from bus_dispatch function. Probably can be moved to a function */ ++ if (dbus_error_is_set (&error)) ++ { ++ if (!dbus_connection_get_is_connected (deferred_message->sender)) ++ { ++ /* If we disconnected it, we won't bother to send it any error ++ * messages. ++ */ ++ _dbus_verbose ("Not sending error to connection we disconnected\n"); ++ } ++ else if (dbus_error_has_name (&error, DBUS_ERROR_NO_MEMORY)) ++ { ++ bus_connection_send_oom_error (deferred_message->sender, deferred_message->message); ++ ++ /* cancel transaction due to OOM */ ++ if (transaction != NULL) ++ { ++ bus_transaction_cancel_and_free (transaction); ++ transaction = NULL; ++ } ++ } ++ else ++ { ++ /* Try to send the real error, if no mem to do that, send ++ * the OOM error ++ */ ++ _dbus_assert (transaction != NULL); ++ if (!bus_transaction_send_error_reply (transaction, deferred_message->sender, ++ &error, deferred_message->message)) ++ { ++ bus_connection_send_oom_error (deferred_message->sender, deferred_message->message); ++ ++ /* cancel transaction due to OOM */ ++ if (transaction != NULL) ++ { ++ bus_transaction_cancel_and_free (transaction); ++ transaction = NULL; ++ } ++ } ++ } ++ } ++ ++ if (transaction != NULL) ++ { ++ bus_transaction_execute_and_free (transaction); ++ } ++ ++out: ++ dbus_error_free(&error); ++ ++ return result; ++} ++ ++dbus_bool_t ++bus_deferred_message_replace (BusDeferredMessage *old_message, BusDeferredMessage *new_message) ++{ ++ if (bus_connection_replace_deferred_message(old_message->proposed_recipient, ++ old_message, new_message)) ++ { ++ new_message->response_callback = old_message->response_callback; ++ new_message->full_dispatch = old_message->full_dispatch; ++ return TRUE; ++ } ++ return FALSE; ++} ++ ++dbus_bool_t ++bus_deferred_message_waits_for_check(BusDeferredMessage *deferred_message) ++{ ++ return deferred_message->status != 0; ++} ++ ++DBusConnection * ++bus_deferred_message_get_recipient(BusDeferredMessage *deferred_message) ++{ ++ return deferred_message->proposed_recipient; ++} ++ + BusDeferredMessageStatus + bus_deferred_message_get_status (BusDeferredMessage *deferred_message) + { + return deferred_message->status; + } + ++BusResult ++bus_deferred_message_get_response (BusDeferredMessage *deferred_message) ++{ ++ return deferred_message->response; ++} ++ + void + bus_deferred_message_response_received (BusDeferredMessage *deferred_message, + BusResult result) +@@ -310,3 +616,4 @@ bus_deferred_message_response_received (BusDeferredMessage *deferred_message, + deferred_message->response_callback(deferred_message, result); + } + } ++ +diff --git a/bus/check.h b/bus/check.h +index d177549..9c13c18 100644 +--- a/bus/check.h ++++ b/bus/check.h +@@ -64,12 +64,37 @@ BusDeferredMessage *bus_deferred_message_new (DBusMessage *messag + + BusDeferredMessage *bus_deferred_message_ref (BusDeferredMessage *deferred_message); + void bus_deferred_message_unref (BusDeferredMessage *deferred_message); ++BusResult bus_deferred_message_dispatch (BusDeferredMessage *deferred_message); ++dbus_bool_t bus_deferred_message_waits_for_check (BusDeferredMessage *deferred_message); ++DBusConnection *bus_deferred_message_get_recipient (BusDeferredMessage *deferred_message); + void bus_deferred_message_response_received (BusDeferredMessage *deferred_message, + BusResult result); ++dbus_bool_t bus_deferred_message_queue_at_recipient (BusDeferredMessage *deferred_message, ++ BusTransaction *transaction, ++ dbus_bool_t full_dispatch, ++ dbus_bool_t prepend); ++dbus_bool_t bus_deferred_message_replace (BusDeferredMessage *old_message, ++ BusDeferredMessage *new_message); + void bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message); ++BusResult bus_deferred_message_get_response (BusDeferredMessage *deferred_message); + + BusDeferredMessageStatus bus_deferred_message_get_status (BusDeferredMessage *deferred_message); + ++ ++dbus_bool_t bus_deferred_message_expect_method_reply (BusDeferredMessage *deferred_message, ++ BusTransaction *transaction, ++ DBusError *error); ++void bus_deferred_message_create_error (BusDeferredMessage *deferred_message, ++ const char *error_message, ++ DBusError *error); ++void bus_deferred_message_set_policy_check_info (BusDeferredMessage *deferred_message, ++ dbus_bool_t requested_reply, ++ int matched_rules, ++ const char *privilege); ++dbus_bool_t bus_deferred_message_check_message_limits (BusDeferredMessage *deferred_message, ++ DBusError *error); ++ ++ + #ifdef DBUS_ENABLE_EMBEDDED_TESTS + extern BusResult (*bus_check_test_override) (DBusConnection *connection, + const char *privilege); +diff --git a/bus/connection.c b/bus/connection.c +index b348d42..ee93384 100644 +--- a/bus/connection.c ++++ b/bus/connection.c +@@ -31,11 +31,13 @@ + #include "expirelist.h" + #include "selinux.h" + #include "apparmor.h" ++#include "check.h" + #include + #include + #include + #include + #include ++#include + #ifdef DBUS_ENABLE_CYNARA + #include + #include +@@ -102,6 +104,7 @@ typedef struct + DBusMessage *oom_message; + DBusPreallocatedSend *oom_preallocated; + BusClientPolicy *policy; ++ DBusList *deferred_messages; /**< Queue of messages deferred due to pending policy check */ + + char *cached_loginfo_string; + BusSELinuxID *selinux_id; +@@ -268,6 +271,8 @@ bus_connection_disconnected (DBusConnection *connection) + bus_transaction_execute_and_free (transaction); + } + ++ bus_connection_clear_deferred_messages(connection); ++ + bus_dispatch_remove_connection (connection); + + /* no more watching */ +@@ -2307,7 +2312,7 @@ bus_transaction_capture (BusTransaction *transaction, + { + DBusConnection *recipient = link->data; + +- if (!bus_transaction_send (transaction, recipient, message)) ++ if (!bus_transaction_send (transaction, recipient, message, FALSE)) + goto out; + } + +@@ -2361,6 +2366,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction, + { + DBusError error = DBUS_ERROR_INIT; + BusResult res; ++ BusDeferredMessage *deferred_message; + + /* We have to set the sender to the driver, and have + * to check security policy since it was not done in +@@ -2401,7 +2407,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction, + res = bus_context_check_security_policy (bus_transaction_get_context (transaction), + transaction, + NULL, connection, connection, message, NULL, +- &error, NULL); ++ &error, &deferred_message); + if (res == BUS_RESULT_FALSE) + { + if (!bus_transaction_capture_error_reply (transaction, connection, +@@ -2419,18 +2425,20 @@ bus_transaction_send_from_driver (BusTransaction *transaction, + } + else if (res == BUS_RESULT_LATER) + { +- _dbus_verbose ("Cannot delay sending message from bus driver, dropping it\n"); + dbus_error_free (&error); +- return TRUE; ++ if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, FALSE, FALSE)) ++ return FALSE; ++ return TRUE; /* pretend to have sent it */ + } + +- return bus_transaction_send (transaction, connection, message); ++ return bus_transaction_send (transaction, connection, message, FALSE); + } + + dbus_bool_t + bus_transaction_send (BusTransaction *transaction, + DBusConnection *connection, +- DBusMessage *message) ++ DBusMessage *message, ++ dbus_bool_t deferred_dispatch) + { + MessageToSend *to_send; + BusConnectionData *d; +@@ -2456,7 +2464,28 @@ bus_transaction_send (BusTransaction *transaction, + + d = BUS_CONNECTION_DATA (connection); + _dbus_assert (d != NULL); +- ++ ++ if (!deferred_dispatch && d->deferred_messages != NULL) ++ { ++ BusDeferredMessage *deferred_message; ++ dbus_bool_t success; ++ /* sender and addressed recipient are not required at this point as we only need to send message ++ * to a single recipient without performing policy check. */ ++ deferred_message = bus_deferred_message_new (message, ++ NULL, ++ NULL, ++ connection, ++ BUS_RESULT_TRUE); ++ if (deferred_message == NULL) ++ return FALSE; ++ ++ success = bus_deferred_message_queue_at_recipient(deferred_message, transaction, ++ FALSE, FALSE); ++ bus_deferred_message_unref(deferred_message); ++ ++ return success; ++ } ++ + to_send = dbus_new (MessageToSend, 1); + if (to_send == NULL) + { +@@ -2708,6 +2737,131 @@ bus_transaction_add_cancel_hook (BusTransaction *transaction, + return TRUE; + } + ++void ++bus_connection_dispatch_deferred (DBusConnection *connection) ++{ ++ BusDeferredMessage *message; ++ ++ _dbus_return_if_fail (connection != NULL); ++ ++ while ((message = bus_connection_pop_deferred_message(connection)) != NULL) ++ { ++ bus_deferred_message_dispatch(message); ++ bus_deferred_message_unref(message); ++ } ++} ++ ++dbus_bool_t ++bus_connection_has_deferred_messages (DBusConnection *connection) ++{ ++ BusConnectionData *d = BUS_CONNECTION_DATA(connection); ++ return d->deferred_messages != NULL ? TRUE : FALSE; ++} ++ ++dbus_bool_t ++bus_connection_queue_deferred_message (DBusConnection *connection, ++ BusDeferredMessage *message, ++ dbus_bool_t prepend) ++{ ++ BusConnectionData *d = BUS_CONNECTION_DATA(connection); ++ dbus_bool_t success; ++ if (prepend) ++ success = _dbus_list_prepend(&d->deferred_messages, message); ++ else ++ success = _dbus_list_append(&d->deferred_messages, message); ++ ++ if (success) ++ { ++ bus_deferred_message_ref(message); ++ return TRUE; ++ } ++ ++ return FALSE; ++} ++ ++dbus_bool_t ++bus_connection_replace_deferred_message (DBusConnection *connection, ++ BusDeferredMessage *oldMessage, ++ BusDeferredMessage *newMessage) ++{ ++ DBusList *link; ++ BusConnectionData *d = BUS_CONNECTION_DATA(connection); ++ ++ link = _dbus_list_find_first(&d->deferred_messages, oldMessage); ++ if (link == NULL) ++ return FALSE; ++ ++ if (!_dbus_list_insert_after(&d->deferred_messages, link, newMessage)) ++ return FALSE; ++ ++ bus_deferred_message_ref(newMessage); ++ _dbus_list_remove_link(&d->deferred_messages, link); ++ bus_deferred_message_unref(oldMessage); ++ return TRUE; ++} ++ ++BusDeferredMessage * ++bus_connection_pop_deferred_message (DBusConnection *connection) ++{ ++ DBusList *link; ++ BusDeferredMessage *message; ++ BusConnectionData *d = BUS_CONNECTION_DATA(connection); ++ ++ link =_dbus_list_get_first_link(&d->deferred_messages); ++ if (link != NULL) ++ { ++ message = link->data; ++ if (!bus_deferred_message_waits_for_check(message)) ++ { ++ _dbus_list_remove_link(&d->deferred_messages, link); ++ return message; ++ } ++ } ++ ++ return NULL; ++} ++ ++dbus_bool_t ++bus_connection_putback_deferred_message (DBusConnection *connection, BusDeferredMessage *message) ++{ ++ BusConnectionData *d = BUS_CONNECTION_DATA(connection); ++ if (_dbus_list_prepend(&d->deferred_messages, message)) ++ { ++ return TRUE; ++ } ++ return FALSE; ++} ++ ++void ++bus_connection_clear_deferred_messages (DBusConnection *connection) ++{ ++ BusConnectionData *d = BUS_CONNECTION_DATA(connection); ++ DBusList *link; ++ DBusList *next; ++ BusDeferredMessage *message; ++ ++ link =_dbus_list_get_first_link(&d->deferred_messages); ++ while (link != NULL) ++ { ++ next = _dbus_list_get_next_link (&d->deferred_messages, link); ++ message = link->data; ++ ++ bus_deferred_message_unref(message); ++ _dbus_list_remove_link(&d->deferred_messages, link); ++ ++ link = next; ++ } ++} ++ ++void ++bus_connection_remove_deferred_message (DBusConnection *connection, ++ BusDeferredMessage *message) ++{ ++ BusConnectionData *d = BUS_CONNECTION_DATA(connection); ++ if (_dbus_list_remove(&d->deferred_messages, message)) ++ bus_deferred_message_unref(message); ++} ++ + int + bus_connections_get_n_active (BusConnections *connections) + { +diff --git a/bus/connection.h b/bus/connection.h +index 71078ea..97dae96 100644 +--- a/bus/connection.h ++++ b/bus/connection.h +@@ -85,6 +85,22 @@ dbus_bool_t bus_connection_preallocate_oom_error (DBusConnection *connection); + void bus_connection_send_oom_error (DBusConnection *connection, + DBusMessage *in_reply_to); + ++dbus_bool_t bus_connection_has_deferred_messages (DBusConnection *connection); ++dbus_bool_t bus_connection_queue_deferred_message (DBusConnection *connection, ++ BusDeferredMessage *message, ++ dbus_bool_t prepend); ++BusDeferredMessage *bus_connection_pop_deferred_message (DBusConnection *connection); ++dbus_bool_t bus_connection_putback_deferred_message (DBusConnection *connection, ++ BusDeferredMessage *message); ++void bus_connection_remove_deferred_message (DBusConnection *connection, ++ BusDeferredMessage *message); ++dbus_bool_t bus_connection_replace_deferred_message (DBusConnection *connection, ++ BusDeferredMessage *oldMessage, ++ BusDeferredMessage *newMessage); ++void bus_connection_dispatch_deferred (DBusConnection *connection); ++void bus_connection_clear_deferred_messages (DBusConnection *connection); ++ ++ + /* called by signals.c */ + dbus_bool_t bus_connection_add_match_rule (DBusConnection *connection, + BusMatchRule *rule); +@@ -137,7 +153,8 @@ BusTransaction* bus_transaction_new (BusContext * + BusContext* bus_transaction_get_context (BusTransaction *transaction); + dbus_bool_t bus_transaction_send (BusTransaction *transaction, + DBusConnection *connection, +- DBusMessage *message); ++ DBusMessage *message, ++ dbus_bool_t deferred_dispatch); + dbus_bool_t bus_transaction_capture (BusTransaction *transaction, + DBusConnection *connection, + DBusConnection *addressed_recipient, +diff --git a/bus/dispatch.c b/bus/dispatch.c +index 50a22a3..7d30ce4 100644 +--- a/bus/dispatch.c ++++ b/bus/dispatch.c +@@ -33,6 +33,7 @@ + #include "utils.h" + #include "bus.h" + #include "signals.h" ++#include "dispatch.h" + #include "test.h" + #include + #include +@@ -77,7 +78,7 @@ send_one_message (DBusConnection *connection, + NULL, + &stack_error, + &deferred_message); +- if (result != BUS_RESULT_TRUE) ++ if (result == BUS_RESULT_FALSE) + { + if (!bus_transaction_capture_error_reply (transaction, sender, + &stack_error, message)) +@@ -112,9 +113,19 @@ send_one_message (DBusConnection *connection, + return TRUE; /* don't send it but don't return an error either */ + } + ++ if (result == BUS_RESULT_LATER) ++ { ++ if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, FALSE, FALSE)) ++ { ++ BUS_SET_OOM (error); ++ return FALSE; ++ } ++ return TRUE; /* pretend to have sent it */ ++ } ++ + if (!bus_transaction_send (transaction, + connection, +- message)) ++ message, FALSE)) + { + BUS_SET_OOM (error); + return FALSE; +@@ -124,11 +135,12 @@ send_one_message (DBusConnection *connection, + } + + BusResult +-bus_dispatch_matches (BusTransaction *transaction, +- DBusConnection *sender, +- DBusConnection *addressed_recipient, +- DBusMessage *message, +- DBusError *error) ++bus_dispatch_matches (BusTransaction *transaction, ++ DBusConnection *sender, ++ DBusConnection *addressed_recipient, ++ DBusMessage *message, ++ BusDeferredMessage *dispatched_deferred_message, ++ DBusError *error) + { + DBusError tmp_error; + BusConnections *connections; +@@ -137,7 +149,6 @@ bus_dispatch_matches (BusTransaction *transaction, + DBusList *link; + BusContext *context; + BusDeferredMessage *deferred_message; +- BusResult res; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + +@@ -153,16 +164,80 @@ bus_dispatch_matches (BusTransaction *transaction, + /* First, send the message to the addressed_recipient, if there is one. */ + if (addressed_recipient != NULL) + { +- res = bus_context_check_security_policy (context, transaction, ++ BusResult result; ++ /* To maintain message order message needs to be appended at the recipient if there are already ++ * deferred messages and we are not doing deferred dispatch ++ */ ++ if (dispatched_deferred_message == NULL && bus_connection_has_deferred_messages(addressed_recipient)) ++ { ++ deferred_message = bus_deferred_message_new(message, sender, ++ addressed_recipient, addressed_recipient, BUS_RESULT_LATER); ++ ++ if (deferred_message == NULL) ++ { ++ BUS_SET_OOM(error); ++ return BUS_RESULT_FALSE; ++ } ++ ++ if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, TRUE, FALSE)) ++ { ++ bus_deferred_message_unref(deferred_message); ++ BUS_SET_OOM(error); ++ return BUS_RESULT_FALSE; ++ } ++ ++ bus_deferred_message_unref(deferred_message); ++ return BUS_RESULT_TRUE; /* pretend to have sent it */ ++ } ++ ++ if (dispatched_deferred_message != NULL) ++ { ++ result = bus_deferred_message_get_response(dispatched_deferred_message); ++ if (result == BUS_RESULT_TRUE) ++ { ++ /* if we know the result of policy check we still need to check if message limits ++ * are not exceeded. It is also required to add entry in expected replies list if ++ * this is a method call ++ */ ++ if (!bus_deferred_message_check_message_limits(dispatched_deferred_message, error)) ++ return BUS_RESULT_FALSE; ++ ++ if (!bus_deferred_message_expect_method_reply(dispatched_deferred_message, transaction, error)) ++ return BUS_RESULT_FALSE; ++ } ++ else if (result == BUS_RESULT_FALSE) ++ { ++ bus_deferred_message_create_error(dispatched_deferred_message, "Rejected message", error); ++ return BUS_RESULT_FALSE; ++ } ++ } ++ else ++ result = BUS_RESULT_LATER; ++ ++ if (result == BUS_RESULT_LATER) ++ result = bus_context_check_security_policy (context, transaction, + sender, addressed_recipient, + addressed_recipient, + message, NULL, error, + &deferred_message); +- if (res == BUS_RESULT_FALSE) ++ ++ if (result == BUS_RESULT_FALSE) + return BUS_RESULT_FALSE; +- else if (res == BUS_RESULT_LATER) ++ else if (result == BUS_RESULT_LATER) + { + BusDeferredMessageStatus status; ++ ++ if (dispatched_deferred_message != NULL) ++ { ++ /* for deferred dispatch prepend message at the recipient */ ++ if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, TRUE, TRUE)) ++ { ++ BUS_SET_OOM(error); ++ return BUS_RESULT_FALSE; ++ } ++ return BUS_RESULT_TRUE; /* pretend to have sent it */ ++ } ++ + status = bus_deferred_message_get_status(deferred_message); + + if (status & BUS_DEFERRED_MESSAGE_CHECK_SEND) +@@ -173,13 +248,18 @@ bus_dispatch_matches (BusTransaction *transaction, + } + else if (status & BUS_DEFERRED_MESSAGE_CHECK_RECEIVE) + { +- dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, +- "Rejecting message because time is needed to check security policy"); +- return BUS_RESULT_FALSE; ++ /* receive rule result not available - queue message at the recipient */ ++ if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, TRUE, FALSE)) ++ { ++ BUS_SET_OOM(error); ++ return BUS_RESULT_FALSE; ++ } ++ ++ return BUS_RESULT_TRUE; /* pretend to have sent it */ + } + else + { +- _dbus_verbose("deferred message has no status field set to send or receive unexpectedly\n"); ++ _dbus_verbose("deferred message has no status field set unexpectedly\n"); + return BUS_RESULT_FALSE; + } + } +@@ -196,7 +276,8 @@ bus_dispatch_matches (BusTransaction *transaction, + } + + /* Dispatch the message */ +- if (!bus_transaction_send (transaction, addressed_recipient, message)) ++ if (!bus_transaction_send(transaction, addressed_recipient, message, ++ dispatched_deferred_message != NULL ? TRUE : FALSE)) + { + BUS_SET_OOM (error); + return BUS_RESULT_FALSE; +@@ -534,7 +615,7 @@ bus_dispatch (DBusConnection *connection, + * match rules. + */ + if (BUS_RESULT_LATER == bus_dispatch_matches (transaction, connection, addressed_recipient, +- message, &error)) ++ message, NULL, &error)) + { + /* Roll back and dispatch the message once the policy result is available */ + bus_transaction_cancel_and_free (transaction); +diff --git a/bus/dispatch.h b/bus/dispatch.h +index afba6a2..f6102e8 100644 +--- a/bus/dispatch.h ++++ b/bus/dispatch.h +@@ -29,10 +29,11 @@ + + dbus_bool_t bus_dispatch_add_connection (DBusConnection *connection); + void bus_dispatch_remove_connection (DBusConnection *connection); +-BusResult bus_dispatch_matches (BusTransaction *transaction, +- DBusConnection *sender, +- DBusConnection *recipient, +- DBusMessage *message, +- DBusError *error); ++BusResult bus_dispatch_matches (BusTransaction *transaction, ++ DBusConnection *sender, ++ DBusConnection *recipient, ++ DBusMessage *message, ++ BusDeferredMessage *dispatched_deferred_message, ++ DBusError *error); + + #endif /* BUS_DISPATCH_H */ +diff --git a/bus/driver.c b/bus/driver.c +index f414f64..d89a658 100644 +--- a/bus/driver.c ++++ b/bus/driver.c +@@ -254,7 +254,7 @@ bus_driver_send_service_owner_changed (const char *service_name, + if (!bus_transaction_capture (transaction, NULL, NULL, message)) + goto oom; + +- res = bus_dispatch_matches (transaction, NULL, NULL, message, error); ++ res = bus_dispatch_matches (transaction, NULL, NULL, message, NULL, error); + if (res == BUS_RESULT_TRUE) + retval = TRUE; + else +diff --git a/bus/policy.c b/bus/policy.c +index 7de92c6..483cc97 100644 +--- a/bus/policy.c ++++ b/bus/policy.c +@@ -1122,6 +1122,9 @@ bus_client_policy_check_can_send (DBusConnection *sender, + + result = bus_check_privilege(check, message, sender, addressed_recipient, receiver, + privilege, BUS_DEFERRED_MESSAGE_CHECK_SEND, deferred_message); ++ if (result == BUS_RESULT_LATER && deferred_message != NULL) ++ bus_deferred_message_set_policy_check_info(*deferred_message, requested_reply, ++ *toggles, privilege); + } + else + privilege = NULL; +@@ -1372,6 +1375,9 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, + + result = bus_check_privilege(check, message, sender, addressed_recipient, proposed_recipient, + privilege, BUS_DEFERRED_MESSAGE_CHECK_RECEIVE, deferred_message); ++ if (result == BUS_RESULT_LATER && deferred_message != NULL) ++ bus_deferred_message_set_policy_check_info(*deferred_message, requested_reply, ++ *toggles, privilege); + } + else + privilege = NULL; +-- +2.21.1 + diff --git a/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0004-Add-own-rule-result-unavailability-handling.patch b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0004-Add-own-rule-result-unavailability-handling.patch new file mode 100644 index 000000000..9953dcaac --- /dev/null +++ b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0004-Add-own-rule-result-unavailability-handling.patch @@ -0,0 +1,1505 @@ +From 28ada62c98d74285dc22b66650b09b6c8f2c28c4 Mon Sep 17 00:00:00 2001 +From: Jacek Bukarewicz +Date: Thu, 27 Nov 2014 11:26:21 +0100 +Subject: [PATCH 4/8] Add own rule result unavailability handling +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Own rule result unavailability is handled like send rules - dispatching +messages from the sender is blocked and resumed when result becomes +available. + +Handler of "RequestName" method needs to return BUS_RESULT_LATER when +policy result is not known therefore its return type is modified. +Since bus message handlers are put into function pointer array other +message handler function singatures are also affected. + +Cherry-picked from 35ef89cd6777ea2430077fc621d21bd01df92349 by Jose.bollo + +Updated for dbus 1.10.20 by Scott Murray and José Bollo + +Signed-off-by: José Bollo +Signed-off-by: Scott Murray +--- + bus/dispatch.c | 11 +- + bus/driver.c | 334 ++++++++++++++++++++++++++++--------------------- + bus/driver.h | 2 +- + bus/policy.c | 52 ++++++-- + bus/policy.h | 6 +- + bus/services.c | 26 ++-- + bus/services.h | 3 +- + bus/stats.c | 23 ++-- + bus/stats.h | 6 +- + 9 files changed, 283 insertions(+), 180 deletions(-) + +diff --git a/bus/dispatch.c b/bus/dispatch.c +index 7d30ce4..4b84c21 100644 +--- a/bus/dispatch.c ++++ b/bus/dispatch.c +@@ -517,8 +517,17 @@ bus_dispatch (DBusConnection *connection, + } + + _dbus_verbose ("Giving message to %s\n", DBUS_SERVICE_DBUS); +- if (!bus_driver_handle_message (connection, transaction, message, &error)) ++ res = bus_driver_handle_message (connection, transaction, message, &error); ++ if (res == BUS_RESULT_FALSE) + goto out; ++ else if (res == BUS_RESULT_LATER) ++ { ++ /* connection has been disabled in message handler */ ++ bus_transaction_cancel_and_free (transaction); ++ transaction = NULL; ++ result = DBUS_HANDLER_RESULT_LATER; ++ goto out; ++ } + } + else if (!bus_connection_is_active (connection)) /* clients must talk to bus driver first */ + { +diff --git a/bus/driver.c b/bus/driver.c +index d89a658..aaeb3b2 100644 +--- a/bus/driver.c ++++ b/bus/driver.c +@@ -420,7 +420,7 @@ create_unique_client_name (BusRegistry *registry, + return TRUE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_hello (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -428,7 +428,7 @@ bus_driver_handle_hello (DBusConnection *connection, + { + DBusString unique_name; + BusService *service; +- dbus_bool_t retval; ++ BusResult retval; + BusRegistry *registry; + BusConnections *connections; + DBusError tmp_error; +@@ -442,7 +442,7 @@ bus_driver_handle_hello (DBusConnection *connection, + /* We already handled an Hello message for this connection. */ + dbus_set_error (error, DBUS_ERROR_FAILED, + "Already handled an Hello message"); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + /* Note that when these limits are exceeded we don't disconnect the +@@ -464,16 +464,16 @@ bus_driver_handle_hello (DBusConnection *connection, + bus_context_log (context, DBUS_SYSTEM_LOG_WARNING, "%s (%s=%d)", + tmp_error.message, limit_name, limit); + dbus_move_error (&tmp_error, error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + if (!_dbus_string_init (&unique_name)) + { + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +- retval = FALSE; ++ retval = BUS_RESULT_FALSE; + + registry = bus_connection_get_registry (connection); + +@@ -506,7 +506,7 @@ bus_driver_handle_hello (DBusConnection *connection, + goto out_0; + + _dbus_assert (bus_connection_is_active (connection)); +- retval = TRUE; ++ retval = BUS_RESULT_TRUE; + + out_0: + _dbus_string_free (&unique_name); +@@ -558,7 +558,7 @@ bus_driver_send_welcome_message (DBusConnection *connection, + } + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_list_services (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -580,14 +580,14 @@ bus_driver_handle_list_services (DBusConnection *connection, + if (reply == NULL) + { + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + if (!bus_registry_list_services (registry, &services, &len)) + { + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + dbus_message_iter_init_append (reply, &iter); +@@ -599,7 +599,7 @@ bus_driver_handle_list_services (DBusConnection *connection, + dbus_free_string_array (services); + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + { +@@ -611,7 +611,7 @@ bus_driver_handle_list_services (DBusConnection *connection, + dbus_free_string_array (services); + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + } + +@@ -624,7 +624,7 @@ bus_driver_handle_list_services (DBusConnection *connection, + dbus_free_string_array (services); + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + ++i; + } +@@ -635,23 +635,23 @@ bus_driver_handle_list_services (DBusConnection *connection, + { + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + if (!bus_transaction_send_from_driver (transaction, connection, reply)) + { + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + else + { + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + } + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_list_activatable_services (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -673,14 +673,14 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, + if (reply == NULL) + { + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + if (!bus_activation_list_services (activation, &services, &len)) + { + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + dbus_message_iter_init_append (reply, &iter); +@@ -692,7 +692,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, + dbus_free_string_array (services); + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + { +@@ -704,7 +704,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, + dbus_free_string_array (services); + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + } + +@@ -717,7 +717,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, + dbus_free_string_array (services); + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + ++i; + } +@@ -728,23 +728,23 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, + { + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + if (!bus_transaction_send_from_driver (transaction, connection, reply)) + { + dbus_message_unref (reply); + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + else + { + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + } + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_acquire_service (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -755,7 +755,8 @@ bus_driver_handle_acquire_service (DBusConnection *connection, + const char *name; + dbus_uint32_t service_reply; + dbus_uint32_t flags; +- dbus_bool_t retval; ++ BusResult retval; ++ BusResult res; + BusRegistry *registry; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -766,20 +767,24 @@ bus_driver_handle_acquire_service (DBusConnection *connection, + DBUS_TYPE_STRING, &name, + DBUS_TYPE_UINT32, &flags, + DBUS_TYPE_INVALID)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + _dbus_verbose ("Trying to own name %s with flags 0x%x\n", name, flags); + +- retval = FALSE; ++ retval = BUS_RESULT_FALSE; + reply = NULL; + + _dbus_string_init_const (&service_name, name); + +- if (!bus_registry_acquire_service (registry, connection, +- &service_name, flags, +- &service_reply, transaction, +- error)) +- goto out; ++ res = bus_registry_acquire_service (registry, connection, message, ++ &service_name, flags, ++ &service_reply, transaction, ++ error); ++ if (res != BUS_RESULT_TRUE) ++ { ++ retval = res; ++ goto out; ++ } + + reply = dbus_message_new_method_return (message); + if (reply == NULL) +@@ -800,7 +805,7 @@ bus_driver_handle_acquire_service (DBusConnection *connection, + goto out; + } + +- retval = TRUE; ++ retval = BUS_RESULT_TRUE; + + out: + if (reply) +@@ -808,7 +813,7 @@ bus_driver_handle_acquire_service (DBusConnection *connection, + return retval; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_release_service (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -818,7 +823,7 @@ bus_driver_handle_release_service (DBusConnection *connection, + DBusString service_name; + const char *name; + dbus_uint32_t service_reply; +- dbus_bool_t retval; ++ BusResult retval; + BusRegistry *registry; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -828,11 +833,11 @@ bus_driver_handle_release_service (DBusConnection *connection, + if (!dbus_message_get_args (message, error, + DBUS_TYPE_STRING, &name, + DBUS_TYPE_INVALID)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + _dbus_verbose ("Trying to release name %s\n", name); + +- retval = FALSE; ++ retval = BUS_RESULT_FALSE; + reply = NULL; + + _dbus_string_init_const (&service_name, name); +@@ -861,7 +866,7 @@ bus_driver_handle_release_service (DBusConnection *connection, + goto out; + } + +- retval = TRUE; ++ retval = BUS_RESULT_TRUE; + + out: + if (reply) +@@ -869,7 +874,7 @@ bus_driver_handle_release_service (DBusConnection *connection, + return retval; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_service_exists (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -880,7 +885,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, + BusService *service; + dbus_bool_t service_exists; + const char *name; +- dbus_bool_t retval; ++ BusResult retval; + BusRegistry *registry; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -890,9 +895,9 @@ bus_driver_handle_service_exists (DBusConnection *connection, + if (!dbus_message_get_args (message, error, + DBUS_TYPE_STRING, &name, + DBUS_TYPE_INVALID)) +- return FALSE; ++ return BUS_RESULT_FALSE; + +- retval = FALSE; ++ retval = BUS_RESULT_FALSE; + + if (strcmp (name, DBUS_SERVICE_DBUS) == 0) + { +@@ -926,7 +931,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, + goto out; + } + +- retval = TRUE; ++ retval = BUS_RESULT_TRUE; + + out: + if (reply) +@@ -935,7 +940,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, + return retval; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_activate_service (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -943,7 +948,7 @@ bus_driver_handle_activate_service (DBusConnection *connection, + { + dbus_uint32_t flags; + const char *name; +- dbus_bool_t retval; ++ BusResult retval; + BusActivation *activation; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -957,10 +962,10 @@ bus_driver_handle_activate_service (DBusConnection *connection, + { + _DBUS_ASSERT_ERROR_IS_SET (error); + _dbus_verbose ("No memory to get arguments to StartServiceByName\n"); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +- retval = FALSE; ++ retval = BUS_RESULT_FALSE; + + if (!bus_activation_activate_service (activation, connection, transaction, FALSE, + message, name, error)) +@@ -970,7 +975,7 @@ bus_driver_handle_activate_service (DBusConnection *connection, + goto out; + } + +- retval = TRUE; ++ retval = BUS_RESULT_TRUE; + + out: + return retval; +@@ -1072,13 +1077,13 @@ bus_driver_send_or_activate (BusTransaction *transaction, + return TRUE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_update_activation_environment (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error) + { +- dbus_bool_t retval; ++ BusResult retval; + BusActivation *activation; + BusContext *context; + DBusMessageIter iter; +@@ -1100,7 +1105,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, + "Cannot change activation environment " + "on a system bus."); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + activation = bus_connection_get_activation (connection); +@@ -1114,7 +1119,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, + + dbus_message_iter_recurse (&iter, &dict_iter); + +- retval = FALSE; ++ retval = BUS_RESULT_FALSE; + systemd_message = NULL; + + /* Then loop through the sent dictionary, add the location of +@@ -1279,7 +1284,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, + if (!bus_driver_send_ack_reply (connection, transaction, message, error)) + goto out; + +- retval = TRUE; ++ retval = BUS_RESULT_TRUE; + + out: + if (systemd_message != NULL) +@@ -1289,7 +1294,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, + return retval; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_add_match (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -1371,16 +1376,16 @@ bus_driver_handle_add_match (DBusConnection *connection, + + bus_match_rule_unref (rule); + +- return TRUE; ++ return BUS_RESULT_TRUE; + + failed: + _DBUS_ASSERT_ERROR_IS_SET (error); + if (rule) + bus_match_rule_unref (rule); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_remove_match (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -1423,16 +1428,16 @@ bus_driver_handle_remove_match (DBusConnection *connection, + + bus_match_rule_unref (rule); + +- return TRUE; ++ return BUS_RESULT_TRUE; + + failed: + _DBUS_ASSERT_ERROR_IS_SET (error); + if (rule) + bus_match_rule_unref (rule); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_get_service_owner (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -1502,7 +1507,7 @@ bus_driver_handle_get_service_owner (DBusConnection *connection, + + dbus_message_unref (reply); + +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + BUS_SET_OOM (error); +@@ -1511,10 +1516,10 @@ bus_driver_handle_get_service_owner (DBusConnection *connection, + _DBUS_ASSERT_ERROR_IS_SET (error); + if (reply) + dbus_message_unref (reply); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_list_queued_owners (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -1606,7 +1611,7 @@ bus_driver_handle_list_queued_owners (DBusConnection *connection, + + dbus_message_unref (reply); + +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + BUS_SET_OOM (error); +@@ -1619,10 +1624,10 @@ bus_driver_handle_list_queued_owners (DBusConnection *connection, + if (base_names) + _dbus_list_clear (&base_names); + +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_get_connection_unix_user (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -1679,7 +1684,7 @@ bus_driver_handle_get_connection_unix_user (DBusConnection *connection, + + dbus_message_unref (reply); + +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + BUS_SET_OOM (error); +@@ -1688,10 +1693,10 @@ bus_driver_handle_get_connection_unix_user (DBusConnection *connection, + _DBUS_ASSERT_ERROR_IS_SET (error); + if (reply) + dbus_message_unref (reply); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -1748,7 +1753,7 @@ bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, + + dbus_message_unref (reply); + +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + BUS_SET_OOM (error); +@@ -1757,10 +1762,10 @@ bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, + _DBUS_ASSERT_ERROR_IS_SET (error); + if (reply) + dbus_message_unref (reply); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -1811,7 +1816,7 @@ bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, + + dbus_message_unref (reply); + +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + BUS_SET_OOM (error); +@@ -1820,10 +1825,10 @@ bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, + _DBUS_ASSERT_ERROR_IS_SET (error); + if (reply) + dbus_message_unref (reply); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_get_connection_selinux_security_context (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -1872,7 +1877,7 @@ bus_driver_handle_get_connection_selinux_security_context (DBusConnection *conne + + dbus_message_unref (reply); + +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + BUS_SET_OOM (error); +@@ -1881,10 +1886,10 @@ bus_driver_handle_get_connection_selinux_security_context (DBusConnection *conne + _DBUS_ASSERT_ERROR_IS_SET (error); + if (reply) + dbus_message_unref (reply); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_get_connection_credentials (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -1998,7 +2003,7 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, + + dbus_message_unref (reply); + +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + BUS_SET_OOM (error); +@@ -2012,10 +2017,10 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, + dbus_message_unref (reply); + } + +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_reload_config (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2040,7 +2045,7 @@ bus_driver_handle_reload_config (DBusConnection *connection, + goto oom; + + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + BUS_SET_OOM (error); +@@ -2049,11 +2054,11 @@ bus_driver_handle_reload_config (DBusConnection *connection, + _DBUS_ASSERT_ERROR_IS_SET (error); + if (reply) + dbus_message_unref (reply); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + #ifdef DBUS_ENABLE_VERBOSE_MODE +-static dbus_bool_t ++static BusResult + bus_driver_handle_enable_verbose (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2073,7 +2078,7 @@ bus_driver_handle_enable_verbose (DBusConnection *connection, + _dbus_set_verbose(TRUE); + + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -2082,10 +2087,10 @@ bus_driver_handle_enable_verbose (DBusConnection *connection, + + if (reply) + dbus_message_unref (reply); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_disable_verbose (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2105,7 +2110,7 @@ bus_driver_handle_disable_verbose (DBusConnection *connection, + _dbus_set_verbose(FALSE); + + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -2114,11 +2119,11 @@ bus_driver_handle_disable_verbose (DBusConnection *connection, + + if (reply) + dbus_message_unref (reply); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + #endif + +-static dbus_bool_t ++static BusResult + bus_driver_handle_get_id (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2134,7 +2139,7 @@ bus_driver_handle_get_id (DBusConnection *connection, + if (!_dbus_string_init (&uuid)) + { + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + reply = NULL; +@@ -2160,7 +2165,7 @@ bus_driver_handle_get_id (DBusConnection *connection, + + _dbus_string_free (&uuid); + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -2170,10 +2175,10 @@ bus_driver_handle_get_id (DBusConnection *connection, + if (reply) + dbus_message_unref (reply); + _dbus_string_free (&uuid); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_become_monitor (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2189,7 +2194,7 @@ bus_driver_handle_become_monitor (DBusConnection *connection, + int i; + int n_match_rules; + dbus_uint32_t flags; +- dbus_bool_t ret = FALSE; ++ BusResult ret = BUS_RESULT_FALSE; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + +@@ -2262,10 +2267,10 @@ bus_driver_handle_become_monitor (DBusConnection *connection, + if (!bus_connection_be_monitor (connection, transaction, &rules, error)) + goto out; + +- ret = TRUE; ++ ret = BUS_RESULT_TRUE; + + out: +- if (ret) ++ if (ret == BUS_RESULT_TRUE) + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + else + _DBUS_ASSERT_ERROR_IS_SET (error); +@@ -2281,7 +2286,7 @@ out: + return ret; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_get_machine_id (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2296,7 +2301,7 @@ bus_driver_handle_get_machine_id (DBusConnection *connection, + if (!_dbus_string_init (&uuid)) + { + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + if (!_dbus_get_local_machine_uuid_encoded (&uuid, error)) +@@ -2321,7 +2326,7 @@ bus_driver_handle_get_machine_id (DBusConnection *connection, + + _dbus_string_free (&uuid); + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -2335,29 +2340,30 @@ fail: + dbus_message_unref (reply); + + _dbus_string_free (&uuid); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_ping (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error) + { +- return bus_driver_send_ack_reply (connection, transaction, message, error); ++ return bus_driver_send_ack_reply (connection, transaction, message, error) == TRUE ++ ? BUS_RESULT_TRUE : BUS_RESULT_FALSE; + } + +-static dbus_bool_t bus_driver_handle_get (DBusConnection *connection, ++static BusResult bus_driver_handle_get (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); + +-static dbus_bool_t bus_driver_handle_get_all (DBusConnection *connection, ++static BusResult bus_driver_handle_get_all (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); + +-static dbus_bool_t bus_driver_handle_set (DBusConnection *connection, ++static BusResult bus_driver_handle_set (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); +@@ -2389,10 +2395,10 @@ typedef struct + const char *name; + const char *in_args; + const char *out_args; +- dbus_bool_t (* handler) (DBusConnection *connection, +- BusTransaction *transaction, +- DBusMessage *message, +- DBusError *error); ++ BusResult (* handler) (DBusConnection *connection, ++ BusTransaction *transaction, ++ DBusMessage *message, ++ DBusError *error); + MethodFlags flags; + } MessageHandler; + +@@ -2511,7 +2517,7 @@ static const PropertyHandler dbus_property_handlers[] = { + { NULL, NULL, NULL } + }; + +-static dbus_bool_t bus_driver_handle_introspect (DBusConnection *, ++static BusResult bus_driver_handle_introspect (DBusConnection *, + BusTransaction *, DBusMessage *, DBusError *); + + static const MessageHandler properties_message_handlers[] = { +@@ -2763,7 +2769,7 @@ bus_driver_generate_introspect_string (DBusString *xml, + return TRUE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_introspect (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2784,13 +2790,13 @@ bus_driver_handle_introspect (DBusConnection *connection, + DBUS_TYPE_INVALID)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + if (!_dbus_string_init (&xml)) + { + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + is_canonical_path = dbus_message_has_path (message, DBUS_PATH_DBUS); +@@ -2815,7 +2821,7 @@ bus_driver_handle_introspect (DBusConnection *connection, + dbus_message_unref (reply); + _dbus_string_free (&xml); + +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + BUS_SET_OOM (error); +@@ -2825,10 +2831,42 @@ bus_driver_handle_introspect (DBusConnection *connection, + + _dbus_string_free (&xml); + +- return FALSE; ++ return BUS_RESULT_FALSE; + } + ++/* ++ * Set @error and return FALSE if the message is not directed to the ++ * dbus-daemon by its canonical object path. This is hardening against ++ * system services with poorly-written security policy files, which ++ * might allow sending dangerously broad equivalence classes of messages ++ * such as "anything with this assumed-to-be-safe object path". ++ * ++ * dbus-daemon is unusual in that it normally ignores the object path ++ * of incoming messages; we need to keep that behaviour for the "read" ++ * read-only method calls like GetConnectionUnixUser for backwards ++ * compatibility, but it seems safer to be more restrictive for things ++ * intended to be root-only or privileged-developers-only. ++ * ++ * It is possible that there are other system services with the same ++ * quirk as dbus-daemon. ++ */ + dbus_bool_t ++bus_driver_check_message_is_for_us (DBusMessage *message, ++ DBusError *error) ++{ ++ if (!dbus_message_has_path (message, DBUS_PATH_DBUS)) ++ { ++ dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, ++ "Method '%s' is only available at the canonical object path '%s'", ++ dbus_message_get_member (message), DBUS_PATH_DBUS); ++ ++ return FALSE; ++ } ++ ++ return TRUE; ++} ++ ++BusResult + bus_driver_handle_message (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2839,6 +2877,7 @@ bus_driver_handle_message (DBusConnection *connection, + const MessageHandler *mh; + dbus_bool_t found_interface = FALSE; + dbus_bool_t is_canonical_path; ++ BusResult res; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + +@@ -2854,7 +2893,7 @@ bus_driver_handle_message (DBusConnection *connection, + transaction, + message, + error)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + context = bus_connection_get_context (connection); + systemd = bus_driver_get_owner_of_name (connection, +@@ -2871,7 +2910,7 @@ bus_driver_handle_message (DBusConnection *connection, + attacker ? attacker : "(unauthenticated)", + bus_connection_get_loginfo (connection)); + /* ignore it */ +- return TRUE; ++ return BUS_RESULT_TRUE; + } + + if (!bus_context_get_systemd_activation (context)) +@@ -2879,16 +2918,16 @@ bus_driver_handle_message (DBusConnection *connection, + bus_context_log (context, DBUS_SYSTEM_LOG_WARNING, + "Ignoring unexpected ActivationFailure message " + "while not using systemd activation"); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +- return dbus_activation_systemd_failure(bus_context_get_activation(context), message); ++ return dbus_activation_systemd_failure(bus_context_get_activation(context), message) == TRUE ? BUS_RESULT_TRUE : BUS_RESULT_FALSE; + } + + if (dbus_message_get_type (message) != DBUS_MESSAGE_TYPE_METHOD_CALL) + { + _dbus_verbose ("Driver got a non-method-call message, ignoring\n"); +- return TRUE; /* we just ignore this */ ++ return BUS_RESULT_TRUE; /* we just ignore this */ + } + + /* may be NULL, which means "any interface will do" */ +@@ -2953,20 +2992,27 @@ bus_driver_handle_message (DBusConnection *connection, + name, dbus_message_get_signature (message), + mh->in_args); + _DBUS_ASSERT_ERROR_IS_SET (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +- if ((* mh->handler) (connection, transaction, message, error)) ++ res = (* mh->handler) (connection, transaction, message, error); ++ if (res == BUS_RESULT_TRUE) + { + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + _dbus_verbose ("Driver handler succeeded\n"); +- return TRUE; ++ return BUS_RESULT_TRUE; + } +- else ++ else if (res == BUS_RESULT_FALSE) + { + _DBUS_ASSERT_ERROR_IS_SET (error); + _dbus_verbose ("Driver handler returned failure\n"); +- return FALSE; ++ return BUS_RESULT_FALSE; ++ } ++ else if (res == BUS_RESULT_LATER) ++ { ++ _DBUS_ASSERT_ERROR_IS_CLEAR (error); ++ _dbus_verbose ("Driver handler delayed message processing due to policy check\n"); ++ return BUS_RESULT_LATER; + } + } + } +@@ -2978,7 +3024,7 @@ bus_driver_handle_message (DBusConnection *connection, + "%s does not understand message %s", + DBUS_SERVICE_DBUS, name); + +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + void +@@ -3099,7 +3145,7 @@ interface_handler_find_property (const InterfaceHandler *ih, + return NULL; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_get (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -3120,18 +3166,18 @@ bus_driver_handle_get (DBusConnection *connection, + DBUS_TYPE_STRING, &iface, + DBUS_TYPE_STRING, &prop, + DBUS_TYPE_INVALID)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + /* We only implement Properties on /org/freedesktop/DBus so far. */ + ih = bus_driver_find_interface (iface, TRUE, error); + + if (ih == NULL) +- return FALSE; ++ return BUS_RESULT_FALSE; + + handler = interface_handler_find_property (ih, prop, error); + + if (handler == NULL) +- return FALSE; ++ return BUS_RESULT_FALSE; + + context = bus_transaction_get_context (transaction); + +@@ -3159,17 +3205,17 @@ bus_driver_handle_get (DBusConnection *connection, + goto oom; + + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + if (reply != NULL) + dbus_message_unref (reply); + + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_get_all (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -3188,13 +3234,13 @@ bus_driver_handle_get_all (DBusConnection *connection, + if (!dbus_message_get_args (message, error, + DBUS_TYPE_STRING, &iface, + DBUS_TYPE_INVALID)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + /* We only implement Properties on /org/freedesktop/DBus so far. */ + ih = bus_driver_find_interface (iface, TRUE, error); + + if (ih == NULL) +- return FALSE; ++ return BUS_RESULT_FALSE; + + context = bus_transaction_get_context (transaction); + +@@ -3229,7 +3275,7 @@ bus_driver_handle_get_all (DBusConnection *connection, + goto oom; + + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom_abandon_message: + _dbus_asv_abandon (&reply_iter, &array_iter); +@@ -3239,10 +3285,10 @@ oom: + dbus_message_unref (reply); + + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_set (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -3271,15 +3317,15 @@ bus_driver_handle_set (DBusConnection *connection, + ih = bus_driver_find_interface (iface, TRUE, error); + + if (ih == NULL) +- return FALSE; ++ return BUS_RESULT_FALSE; + + handler = interface_handler_find_property (ih, prop, error); + + if (handler == NULL) +- return FALSE; ++ return BUS_RESULT_FALSE; + + /* We don't implement any properties that can be set yet. */ + dbus_set_error (error, DBUS_ERROR_PROPERTY_READ_ONLY, + "Property '%s.%s' cannot be set", iface, prop); +- return FALSE; ++ return BUS_RESULT_FALSE; + } +diff --git a/bus/driver.h b/bus/driver.h +index a7297ad..05e9886 100644 +--- a/bus/driver.h ++++ b/bus/driver.h +@@ -35,7 +35,7 @@ typedef enum + } BusDriverFound; + + void bus_driver_remove_connection (DBusConnection *connection); +-dbus_bool_t bus_driver_handle_message (DBusConnection *connection, ++BusResult bus_driver_handle_message (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); +diff --git a/bus/policy.c b/bus/policy.c +index 483cc97..f6f4d85 100644 +--- a/bus/policy.c ++++ b/bus/policy.c +@@ -1390,18 +1390,21 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, + + + +-static dbus_bool_t ++static BusResult + bus_rules_check_can_own (DBusList *rules, +- const DBusString *service_name) ++ const DBusString *service_name, ++ DBusConnection *connection, ++ DBusMessage *message) + { + DBusList *link; +- dbus_bool_t allowed; ++ BusResult result; ++ const char *privilege; + + /* rules is in the order the rules appeared + * in the config file, i.e. last rule that applies wins + */ + +- allowed = FALSE; ++ result = BUS_RESULT_FALSE; + link = _dbus_list_get_first_link (&rules); + while (link != NULL) + { +@@ -1437,17 +1440,46 @@ bus_rules_check_can_own (DBusList *rules, + } + + /* Use this rule */ +- allowed = rule->access == BUS_POLICY_RULE_ACCESS_ALLOW; ++ switch (rule->access) ++ { ++ case BUS_POLICY_RULE_ACCESS_ALLOW: ++ result = BUS_RESULT_TRUE; ++ break; ++ default: ++ case BUS_POLICY_RULE_ACCESS_DENY: ++ result = BUS_RESULT_FALSE; ++ break; ++ case BUS_POLICY_RULE_ACCESS_CHECK: ++ result = BUS_RESULT_LATER; ++ privilege = rule->privilege; ++ break; ++ } + } + +- return allowed; ++ if (result == BUS_RESULT_LATER) ++ { ++ BusContext *context = bus_connection_get_context(connection); ++ BusCheck *check = bus_context_get_check(context); ++ BusDeferredMessage *deferred_message; ++ ++ result = bus_check_privilege(check, message, connection, NULL, NULL, ++ privilege, BUS_DEFERRED_MESSAGE_CHECK_OWN, &deferred_message); ++ if (result == BUS_RESULT_LATER) ++ { ++ bus_deferred_message_disable_sender(deferred_message); ++ } ++ } ++ ++ return result; + } + +-dbus_bool_t ++BusResult + bus_client_policy_check_can_own (BusClientPolicy *policy, +- const DBusString *service_name) ++ const DBusString *service_name, ++ DBusConnection *connection, ++ DBusMessage *message) + { +- return bus_rules_check_can_own (policy->rules, service_name); ++ return bus_rules_check_can_own (policy->rules, service_name, connection, message); + } + + #ifdef DBUS_ENABLE_EMBEDDED_TESTS +@@ -1455,7 +1487,7 @@ dbus_bool_t + bus_policy_check_can_own (BusPolicy *policy, + const DBusString *service_name) + { +- return bus_rules_check_can_own (policy->default_rules, service_name); ++ return bus_rules_check_can_own (policy->default_rules, service_name, NULL, NULL) == BUS_RESULT_TRUE; + } + #endif /* DBUS_ENABLE_EMBEDDED_TESTS */ + +diff --git a/bus/policy.h b/bus/policy.h +index f839d23..28ce8f2 100644 +--- a/bus/policy.h ++++ b/bus/policy.h +@@ -182,8 +182,10 @@ BusResult bus_client_policy_check_can_receive (BusClientPolicy *policy, + dbus_int32_t *toggles, + const char **privilege_param, + BusDeferredMessage **deferred_message); +-dbus_bool_t bus_client_policy_check_can_own (BusClientPolicy *policy, +- const DBusString *service_name); ++BusResult bus_client_policy_check_can_own (BusClientPolicy *policy, ++ const DBusString *service_name, ++ DBusConnection *connection, ++ DBusMessage *message); + dbus_bool_t bus_client_policy_append_rule (BusClientPolicy *policy, + BusPolicyRule *rule); + void bus_client_policy_optimize (BusClientPolicy *policy); +diff --git a/bus/services.c b/bus/services.c +index 127edda..586af18 100644 +--- a/bus/services.c ++++ b/bus/services.c +@@ -376,16 +376,17 @@ bus_registry_list_services (BusRegistry *registry, + return FALSE; + } + +-dbus_bool_t ++BusResult + bus_registry_acquire_service (BusRegistry *registry, + DBusConnection *connection, ++ DBusMessage *message, + const DBusString *service_name, + dbus_uint32_t flags, + dbus_uint32_t *result, + BusTransaction *transaction, + DBusError *error) + { +- dbus_bool_t retval; ++ BusResult retval; + DBusConnection *old_owner_conn; + BusClientPolicy *policy; + BusService *service; +@@ -393,8 +394,9 @@ bus_registry_acquire_service (BusRegistry *registry, + BusSELinuxID *sid; + BusOwner *primary_owner; + int limit; ++ BusResult res; + +- retval = FALSE; ++ retval = BUS_RESULT_FALSE; + + if (!_dbus_validate_bus_name (service_name, 0, + _dbus_string_get_length (service_name))) +@@ -467,7 +469,8 @@ bus_registry_acquire_service (BusRegistry *registry, + _dbus_string_get_const_data (service_name), error)) + goto out; + +- if (!bus_client_policy_check_can_own (policy, service_name)) ++ res = bus_client_policy_check_can_own (policy, service_name, connection, message); ++ if (res == BUS_RESULT_FALSE) + { + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, + "Connection \"%s\" is not allowed to own the service \"%s\" due " +@@ -478,6 +481,11 @@ bus_registry_acquire_service (BusRegistry *registry, + _dbus_string_get_const_data (service_name)); + goto out; + } ++ else if (res == BUS_RESULT_LATER) ++ { ++ retval = BUS_RESULT_LATER; ++ goto out; ++ } + + limit = bus_context_get_max_services_per_connection (registry->context); + +@@ -603,11 +611,13 @@ bus_registry_acquire_service (BusRegistry *registry, + } + + activation = bus_context_get_activation (registry->context); +- retval = bus_activation_send_pending_auto_activation_messages (activation, ++ ++ if (bus_activation_send_pending_auto_activation_messages (activation, + service, +- transaction); +- if (!retval) +- BUS_SET_OOM (error); ++ transaction)) ++ retval = BUS_RESULT_TRUE; ++ else ++ BUS_SET_OOM (error); + + out: + return retval; +diff --git a/bus/services.h b/bus/services.h +index 056dd9f..3df3dd7 100644 +--- a/bus/services.h ++++ b/bus/services.h +@@ -50,8 +50,9 @@ void bus_registry_foreach (BusRegistry *registry + dbus_bool_t bus_registry_list_services (BusRegistry *registry, + char ***listp, + int *array_len); +-dbus_bool_t bus_registry_acquire_service (BusRegistry *registry, ++BusResult bus_registry_acquire_service (BusRegistry *registry, + DBusConnection *connection, ++ DBusMessage *message, + const DBusString *service_name, + dbus_uint32_t flags, + dbus_uint32_t *result, +diff --git a/bus/stats.c b/bus/stats.c +index 1582255..c25be98 100644 +--- a/bus/stats.c ++++ b/bus/stats.c +@@ -36,7 +36,7 @@ + + #ifdef DBUS_ENABLE_STATS + +-dbus_bool_t ++BusResult + bus_stats_handle_get_stats (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -51,6 +51,9 @@ bus_stats_handle_get_stats (DBusConnection *connection, + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + ++ if (!bus_driver_check_message_is_for_us (message, error)) ++ return BUS_RESULT_FALSE; ++ + context = bus_transaction_get_context (transaction); + connections = bus_context_get_connections (context); + +@@ -104,17 +107,17 @@ bus_stats_handle_get_stats (DBusConnection *connection, + goto oom; + + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + if (reply != NULL) + dbus_message_unref (reply); + + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-dbus_bool_t ++BusResult + bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -209,7 +212,7 @@ bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, + goto oom; + + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + BUS_SET_OOM (error); +@@ -218,11 +221,11 @@ failed: + if (reply != NULL) + dbus_message_unref (reply); + +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + +-dbus_bool_t ++BusResult + bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -246,7 +249,7 @@ bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, + matchmaker = bus_context_get_matchmaker (context); + + if (!bus_registry_list_services (registry, &services, &services_len)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + reply = dbus_message_new_method_return (message); + if (reply == NULL) +@@ -325,7 +328,7 @@ bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, + + dbus_message_unref (reply); + dbus_free_string_array (services); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + if (reply != NULL) +@@ -334,7 +337,7 @@ oom: + dbus_free_string_array (services); + + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + #endif +diff --git a/bus/stats.h b/bus/stats.h +index dcb022c..683fa17 100644 +--- a/bus/stats.h ++++ b/bus/stats.h +@@ -25,17 +25,17 @@ + + #define BUS_INTERFACE_STATS "org.freedesktop.DBus.Debug.Stats" + +-dbus_bool_t bus_stats_handle_get_stats (DBusConnection *connection, ++BusResult bus_stats_handle_get_stats (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); + +-dbus_bool_t bus_stats_handle_get_connection_stats (DBusConnection *connection, ++BusResult bus_stats_handle_get_connection_stats (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); + +-dbus_bool_t bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, ++BusResult bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); +-- +2.21.1 + diff --git a/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0005-Perform-Cynara-runtime-policy-checks-by-default.patch b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0005-Perform-Cynara-runtime-policy-checks-by-default.patch new file mode 100644 index 000000000..5f7e96a3b --- /dev/null +++ b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0005-Perform-Cynara-runtime-policy-checks-by-default.patch @@ -0,0 +1,180 @@ +From 1f7ba56c9ced669951061d13b06e31d96a170e37 Mon Sep 17 00:00:00 2001 +From: Jacek Bukarewicz +Date: Tue, 23 Jun 2015 11:08:48 +0200 +Subject: [PATCH 5/8] Perform Cynara runtime policy checks by default +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This change introduces http://tizen.org/privilege/internal/dbus privilege +which is supposed to be available only to trusted system resources. +Checks for this privilege are used in place of certain allow rules to +make security policy more strict. + +For system bus sending and receiving signals now requires +http://tizen.org/privilege/internal/dbus privilege. Requesting name +ownership and sending methods is still denied by default. + +For session bus http://tizen.org/privilege/internal/dbus privilege +is now required for requesting name, calling methods, sending and receiving +signals. + +Services are supposed to override these default settings to implement their +own security policy. + +Cherry picked from e8610297cf7031e94eb314a2e8c11246f4405403 by Jose Bollo + +Updated for dbus 1.10.20 by Scott Murray and José Bollo + +Signed-off-by: Jacek Bukarewicz +Signed-off-by: José Bollo +Signed-off-by: Scott Murray +--- + bus/activation.c | 42 ++++++++++++++++++++++++++---------------- + bus/session.conf.in | 32 ++++++++++++++++++++++++++------ + bus/system.conf.in | 19 +++++++++++++++---- + 3 files changed, 67 insertions(+), 26 deletions(-) + +diff --git a/bus/activation.c b/bus/activation.c +index d4b597c..8aabeaa 100644 +--- a/bus/activation.c ++++ b/bus/activation.c +@@ -1840,22 +1840,32 @@ bus_activation_activate_service (BusActivation *activation, + } + + if (auto_activation && +- entry != NULL && +- BUS_RESULT_TRUE != bus_context_check_security_policy (activation->context, +- transaction, +- connection, /* sender */ +- NULL, /* addressed recipient */ +- NULL, /* proposed recipient */ +- activation_message, +- entry, +- error, +- NULL)) +- { +- _DBUS_ASSERT_ERROR_IS_SET (error); +- _dbus_verbose ("activation not authorized: %s: %s\n", +- error != NULL ? error->name : "(error ignored)", +- error != NULL ? error->message : "(error ignored)"); +- return FALSE; ++ entry != NULL) ++ { ++ BusResult result; ++ ++ result = bus_context_check_security_policy (activation->context, ++ transaction, ++ connection, /* sender */ ++ NULL, /* addressed recipient */ ++ NULL, /* proposed recipient */ ++ activation_message, ++ entry, ++ error, ++ NULL); ++ if (result == BUS_RESULT_FALSE) ++ { ++ _DBUS_ASSERT_ERROR_IS_SET (error); ++ _dbus_verbose ("activation not authorized: %s: %s\n", ++ error != NULL ? error->name : "(error ignored)", ++ error != NULL ? error->message : "(error ignored)"); ++ return FALSE; ++ } ++ if (result == BUS_RESULT_LATER) ++ { ++ /* TODO */ ++ _dbus_verbose ("ALERT FIX ME!!!!!!!!!!!!!!!"); ++ } + } + + /* Bypass the registry lookup if we're auto-activating, bus_dispatch would not +diff --git a/bus/session.conf.in b/bus/session.conf.in +index affa7f1..157dfb4 100644 +--- a/bus/session.conf.in ++++ b/bus/session.conf.in +@@ -27,12 +27,32 @@ + + + +- +- +- +- +- +- ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +diff --git a/bus/system.conf.in b/bus/system.conf.in +index f139b55..19d0c04 100644 +--- a/bus/system.conf.in ++++ b/bus/system.conf.in +@@ -50,17 +50,20 @@ + + + +- ++ ++ ++ ++ +- + + + +- ++ + + + +- + + + + ++ ++ ++ + + +Date: Fri, 16 Aug 2019 13:29:23 +0200 +Subject: [PATCH 6/8] Fix SIGSEGV on disconnections +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Sometime, at start of the system, dbus-daemon was crashing +because a pending authorisation were reactivating a closed +connection. + +Also, clean unused function. + +Signed-off-by: José Bollo +--- + bus/check.c | 5 +++++ + bus/check.h | 1 + + bus/connection.c | 14 +++----------- + bus/connection.h | 3 --- + 4 files changed, 9 insertions(+), 14 deletions(-) + +diff --git a/bus/check.c b/bus/check.c +index f3d283f..b73d08b 100644 +--- a/bus/check.c ++++ b/bus/check.c +@@ -617,3 +617,8 @@ bus_deferred_message_response_received (BusDeferredMessage *deferred_message, + } + } + ++void ++bus_deferred_message_abort (BusDeferredMessage *deferred_message) ++{ ++ deferred_message->response_callback = NULL; ++} +diff --git a/bus/check.h b/bus/check.h +index 9c13c18..d718a69 100644 +--- a/bus/check.h ++++ b/bus/check.h +@@ -93,6 +93,7 @@ void bus_deferred_message_set_policy_check_info (BusDeferredMessa + const char *privilege); + dbus_bool_t bus_deferred_message_check_message_limits (BusDeferredMessage *deferred_message, + DBusError *error); ++void bus_deferred_message_abort (BusDeferredMessage *deferred_message); + + + #ifdef DBUS_ENABLE_EMBEDDED_TESTS +diff --git a/bus/connection.c b/bus/connection.c +index ee93384..b520d57 100644 +--- a/bus/connection.c ++++ b/bus/connection.c +@@ -47,6 +47,7 @@ + #define MAX_LOG_COMMAND_LEN 50 + + static void bus_connection_remove_transactions (DBusConnection *connection); ++static void bus_connection_clear_deferred_messages (DBusConnection *connection); + + typedef struct + { +@@ -2821,17 +2822,7 @@ bus_connection_pop_deferred_message (DBusConnection *connection) + return NULL; + } + +-dbus_bool_t +-bus_connection_putback_deferred_message (DBusConnection *connection, BusDeferredMessage *message) +-{ +- BusConnectionData *d = BUS_CONNECTION_DATA(connection); +- if (_dbus_list_prepend(&d->deferred_messages, message)) +- { +- return TRUE; +- } +- return FALSE; +-} +- ++static + void + bus_connection_clear_deferred_messages (DBusConnection *connection) + { +@@ -2846,6 +2837,7 @@ bus_connection_clear_deferred_messages (DBusConnection *connection) + next = _dbus_list_get_next_link (&d->deferred_messages, link); + message = link->data; + ++ bus_deferred_message_abort(message); + bus_deferred_message_unref(message); + _dbus_list_remove_link(&d->deferred_messages, link); + +diff --git a/bus/connection.h b/bus/connection.h +index 97dae96..6af7bf1 100644 +--- a/bus/connection.h ++++ b/bus/connection.h +@@ -90,15 +90,12 @@ dbus_bool_t bus_connection_queue_deferred_message (DBusConnection *con + BusDeferredMessage *message, + dbus_bool_t prepend); + BusDeferredMessage *bus_connection_pop_deferred_message (DBusConnection *connection); +-dbus_bool_t bus_connection_putback_deferred_message (DBusConnection *connection, +- BusDeferredMessage *message); + void bus_connection_remove_deferred_message (DBusConnection *connection, + BusDeferredMessage *message); + dbus_bool_t bus_connection_replace_deferred_message (DBusConnection *connection, + BusDeferredMessage *oldMessage, + BusDeferredMessage *newMessage); + void bus_connection_dispatch_deferred (DBusConnection *connection); +-void bus_connection_clear_deferred_messages (DBusConnection *connection); + + + /* called by signals.c */ +-- +2.21.1 + diff --git a/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0007-Switch-from-cynara-to-cynagora.patch b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0007-Switch-from-cynara-to-cynagora.patch new file mode 100644 index 000000000..7a69efcd2 --- /dev/null +++ b/meta-security/recipes-core/dbus-cynagora/dbus-cynagora/0007-Switch-from-cynara-to-cynagora.patch @@ -0,0 +1,1048 @@ +From 43cc361a5c32c81c0f93451bdb0ef781cd19a1cb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jos=C3=A9=20Bollo?= +Date: Tue, 4 Feb 2020 12:23:36 +0100 +Subject: [PATCH 7/8] Switch from cynara to cynagora +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: José Bollo +--- + bus/Makefile.am | 8 +- + bus/bus.h | 2 +- + bus/check.c | 26 +- + bus/check.h | 2 +- + bus/connection.c | 27 --- + bus/connection.h | 3 - + bus/cynagora-check.c | 330 +++++++++++++++++++++++++ + bus/{cynara.h => cynagora-check.h} | 10 +- + bus/cynara.c | 373 ----------------------------- + bus/system.conf.in | 6 +- + configure.ac | 18 +- + 11 files changed, 366 insertions(+), 439 deletions(-) + create mode 100644 bus/cynagora-check.c + rename bus/{cynara.h => cynagora-check.h} (81%) + delete mode 100644 bus/cynara.c + +diff --git a/bus/Makefile.am b/bus/Makefile.am +index 2a8a72c..1720048 100644 +--- a/bus/Makefile.am ++++ b/bus/Makefile.am +@@ -13,7 +13,7 @@ DBUS_BUS_LIBS = \ + $(THREAD_LIBS) \ + $(ADT_LIBS) \ + $(NETWORK_libs) \ +- $(CYNARA_LIBS) \ ++ $(CYNAGORA_LIBS) \ + $(NULL) + + DBUS_LAUNCHER_LIBS = \ +@@ -31,7 +31,7 @@ AM_CPPFLAGS = \ + $(APPARMOR_CFLAGS) \ + -DDBUS_SYSTEM_CONFIG_FILE=\""$(dbusdatadir)/system.conf"\" \ + -DDBUS_COMPILATION \ +- $(CYNARA_CFLAGS) \ ++ $(CYNAGORA_CFLAGS) \ + $(NULL) + + # if assertions are enabled, improve backtraces +@@ -101,8 +101,8 @@ BUS_SOURCES= \ + config-parser-common.h \ + connection.c \ + connection.h \ +- cynara.c \ +- cynara.h \ ++ cynagora-check.c \ ++ cynagora-check.h \ + desktop-file.c \ + desktop-file.h \ + $(DIR_WATCH_SOURCE) \ +diff --git a/bus/bus.h b/bus/bus.h +index 1b08f7c..e167d9e 100644 +--- a/bus/bus.h ++++ b/bus/bus.h +@@ -47,7 +47,7 @@ typedef struct BusMatchRule BusMatchRule; + typedef struct BusActivationEntry BusActivationEntry; + typedef struct BusCheck BusCheck; + typedef struct BusDeferredMessage BusDeferredMessage; +-typedef struct BusCynara BusCynara; ++typedef struct BusCynagora BusCynagora; + + /** + * BusResult is defined as a pointer to a dummy structure to allow detection of type mismatches. +diff --git a/bus/check.c b/bus/check.c +index b73d08b..ec30770 100644 +--- a/bus/check.c ++++ b/bus/check.c +@@ -26,7 +26,7 @@ + #include "check.h" + #include "connection.h" + #include "dispatch.h" +-#include "cynara.h" ++#include "cynagora-check.h" + #include "utils.h" + #include + #include +@@ -38,7 +38,7 @@ typedef struct BusCheck + int refcount; + + BusContext *context; +- BusCynara *cynara; ++ BusCynagora *cynagora; + } BusCheck; + + typedef struct BusDeferredMessage +@@ -81,7 +81,7 @@ bus_check_new (BusContext *context, DBusError *error) + + check->refcount = 1; + check->context = context; +- check->cynara = bus_cynara_new(check, error); ++ check->cynagora = bus_cynagora_new(check, error); + if (dbus_error_is_set(error)) + { + dbus_message_free_data_slot(&deferred_message_data_slot); +@@ -110,7 +110,7 @@ bus_check_unref (BusCheck *check) + + if (check->refcount == 0) + { +- bus_cynara_unref(check->cynara); ++ bus_cynagora_unref(check->cynagora); + dbus_message_free_data_slot(&deferred_message_data_slot); + dbus_free(check); + } +@@ -122,10 +122,10 @@ bus_check_get_context (BusCheck *check) + return check->context; + } + +-BusCynara * +-bus_check_get_cynara (BusCheck *check) ++BusCynagora * ++bus_check_get_cynagora (BusCheck *check) + { +- return check->cynara; ++ return check->cynagora; + } + + static void +@@ -276,8 +276,8 @@ bus_check_privilege (BusCheck *check, + { + BusDeferredMessage *previous_deferred_message; + BusResult result = BUS_RESULT_FALSE; +-#ifdef DBUS_ENABLE_CYNARA +- BusCynara *cynara; ++#ifdef DBUS_ENABLE_CYNAGORA ++ BusCynagora *cynagora; + #endif + DBusConnection *connection; + +@@ -304,7 +304,7 @@ bus_check_privilege (BusCheck *check, + * Message has been deferred due to receive or own rule which means that sending this message + * is allowed - it must have been checked previously. + * This might happen when client calls RequestName method which depending on security +- * policy might result in both "can_send" and "can_own" Cynara checks. ++ * policy might result in both "can_send" and "can_own" Cynagora checks. + */ + result = BUS_RESULT_TRUE; + } +@@ -327,9 +327,9 @@ bus_check_privilege (BusCheck *check, + else + { + /* ask policy checkers */ +-#ifdef DBUS_ENABLE_CYNARA +- cynara = bus_check_get_cynara(check); +- result = bus_cynara_check_privilege(cynara, message, sender, addressed_recipient, ++#ifdef DBUS_ENABLE_CYNAGORA ++ cynagora = bus_check_get_cynagora(check); ++ result = bus_cynagora_check_privilege(cynagora, message, sender, addressed_recipient, + proposed_recipient, privilege, check_type, deferred_message); + #endif + if (result == BUS_RESULT_LATER && deferred_message != NULL) +diff --git a/bus/check.h b/bus/check.h +index d718a69..ab63c18 100644 +--- a/bus/check.h ++++ b/bus/check.h +@@ -45,7 +45,7 @@ BusCheck *bus_check_ref (BusCheck *check); + void bus_check_unref (BusCheck *check); + + BusContext *bus_check_get_context (BusCheck *check); +-BusCynara *bus_check_get_cynara (BusCheck *check); ++BusCynagora *bus_check_get_cynagora (BusCheck *check); + BusResult bus_check_privilege (BusCheck *check, + DBusMessage *message, + DBusConnection *sender, +diff --git a/bus/connection.c b/bus/connection.c +index b520d57..48910e0 100644 +--- a/bus/connection.c ++++ b/bus/connection.c +@@ -38,10 +38,6 @@ + #include + #include + #include +-#ifdef DBUS_ENABLE_CYNARA +-#include +-#include +-#endif + + /* Trim executed commands to this length; we want to keep logs readable */ + #define MAX_LOG_COMMAND_LEN 50 +@@ -124,9 +120,6 @@ typedef struct + + /** non-NULL if and only if this is a monitor */ + DBusList *link_in_monitors; +-#ifdef DBUS_ENABLE_CYNARA +- char *cynara_session_id; +-#endif + } BusConnectionData; + + static dbus_bool_t bus_pending_reply_expired (BusExpireList *list, +@@ -461,10 +454,6 @@ free_connection_data (void *data) + + dbus_free (d->name); + +-#ifdef DBUS_ENABLE_CYNARA +- free (d->cynara_session_id); +-#endif +- + dbus_free (d); + } + +@@ -1095,22 +1084,6 @@ bus_connection_get_policy (DBusConnection *connection) + return d->policy; + } + +-#ifdef DBUS_ENABLE_CYNARA +-const char *bus_connection_get_cynara_session_id (DBusConnection *connection) +-{ +- BusConnectionData *d = BUS_CONNECTION_DATA (connection); +- _dbus_assert (d != NULL); +- +- if (d->cynara_session_id == NULL) +- { +- unsigned long pid; +- if (dbus_connection_get_unix_process_id(connection, &pid)) +- d->cynara_session_id = cynara_session_from_pid(pid); +- } +- return d->cynara_session_id; +-} +-#endif +- + static dbus_bool_t + foreach_active (BusConnections *connections, + BusConnectionForeachFunction function, +diff --git a/bus/connection.h b/bus/connection.h +index 6af7bf1..3116bcf 100644 +--- a/bus/connection.h ++++ b/bus/connection.h +@@ -138,9 +138,6 @@ dbus_bool_t bus_connection_be_monitor (DBusConnection *connection, + BusTransaction *transaction, + DBusList **rules, + DBusError *error); +-#ifdef DBUS_ENABLE_CYNARA +-const char *bus_connection_get_cynara_session_id (DBusConnection *connection); +-#endif + + /* transaction API so we can send or not send a block of messages as a whole */ + +diff --git a/bus/cynagora-check.c b/bus/cynagora-check.c +new file mode 100644 +index 0000000..6c0c635 +--- /dev/null ++++ b/bus/cynagora-check.c +@@ -0,0 +1,330 @@ ++/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ ++/* cynagora.c Cynagora runtime privilege checking ++ * ++ * Copyright (c) 2014 Samsung Electronics, Ltd. ++ * ++ * Licensed under the Academic Free License version 2.1 ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ */ ++ ++#include ++#include "cynagora-check.h" ++#include "check.h" ++#include "utils.h" ++ ++#include ++#include ++#include ++ ++#include ++#include ++#include ++#include ++ ++#ifndef DBUS_ENABLE_CYNAGORA ++ ++BusCynagora * ++bus_cynagora_new(BusCheck *check, DBusError *error) ++{ ++ return NULL; ++} ++ ++BusCynagora * ++bus_cynagora_ref (BusCynagora *cynagora) ++{ ++ return NULL; ++} ++ ++void ++bus_cynagora_unref (BusCynagora *cynagora) ++{ ++} ++ ++BusResult ++bus_cynagora_check_privilege (BusCynagora *cynagora, ++ DBusMessage *message, ++ DBusConnection *sender, ++ DBusConnection *addressed_recipient, ++ DBusConnection *proposed_recipient, ++ const char *privilege, ++ BusDeferredMessageStatus check_type, ++ BusDeferredMessage **deferred_message_param) ++{ ++ return BUS_RESULT_FALSE; ++} ++ ++#endif ++ ++#ifdef DBUS_ENABLE_CYNAGORA ++ ++#include ++#include ++ ++#include ++ ++#ifndef CYNAGORA_CACHE_SIZE ++#define CYNAGORA_CACHE_SIZE 8000 ++#endif ++ ++typedef struct BusCynagora ++{ ++ int refcount; ++ ++ BusContext *context; ++ BusCheck *check; ++ cynagora_t *cynagora; ++ DBusWatch *cynagora_watch; ++} BusCynagora; ++ ++static int async_callback(void *closure, ++ int op, ++ int fd, ++ uint32_t events); ++ ++BusCynagora * ++bus_cynagora_new(BusCheck *check, DBusError *error) ++{ ++ BusContext *context; ++ BusCynagora *cynagora; ++ int ret; ++ ++ cynagora = dbus_new(BusCynagora, 1); ++ if (cynagora == NULL) ++ { ++ BUS_SET_OOM(error); ++ return NULL; ++ } ++ ++ context = bus_check_get_context(check); ++ ++ cynagora->refcount = 1; ++ cynagora->check = check; ++ cynagora->context = context; ++ cynagora->cynagora_watch = NULL; ++ ++ ret = cynagora_create(&cynagora->cynagora, cynagora_Check, CYNAGORA_CACHE_SIZE, NULL); ++ if (ret < 0) ++ { ++ dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to create Cynagora configuration"); ++ } ++ else ++ { ++ ret = cynagora_async_setup(cynagora->cynagora, async_callback, cynagora); ++ if (ret < 0) ++ { ++ dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to initialize Cynagora client"); ++ } ++ else ++ { ++ return cynagora; ++ } ++ cynagora_destroy(cynagora->cynagora); ++ } ++ ++ dbus_free(cynagora); ++ return NULL; ++} ++ ++BusCynagora * ++bus_cynagora_ref (BusCynagora *cynagora) ++{ ++ _dbus_assert (cynagora->refcount > 0); ++ cynagora->refcount += 1; ++ ++ return cynagora; ++} ++ ++void ++bus_cynagora_unref (BusCynagora *cynagora) ++{ ++ _dbus_assert (cynagora->refcount > 0); ++ ++ cynagora->refcount -= 1; ++ ++ if (cynagora->refcount == 0) ++ { ++ cynagora_destroy(cynagora->cynagora); ++ dbus_free(cynagora); ++ } ++} ++ ++static void ++async_check_callback (void *closure, int status) ++{ ++ BusDeferredMessage *deferred_message = closure; ++ BusResult result; ++ ++ if (deferred_message == NULL) ++ return; ++ ++ if (status == 1) ++ result = BUS_RESULT_TRUE; ++ else ++ result = BUS_RESULT_FALSE; ++ ++ bus_deferred_message_response_received(deferred_message, result); ++ bus_deferred_message_unref(deferred_message); ++} ++ ++BusResult ++bus_cynagora_check_privilege (BusCynagora *cynagora, ++ DBusMessage *message, ++ DBusConnection *sender, ++ DBusConnection *addressed_recipient, ++ DBusConnection *proposed_recipient, ++ const char *permission, ++ BusDeferredMessageStatus check_type, ++ BusDeferredMessage **deferred_message_param) ++{ ++ int result; ++ unsigned long uid; ++ unsigned long pid; ++ char *label; ++ char user[32]; ++ char session[32]; ++ DBusConnection *connection = check_type == BUS_DEFERRED_MESSAGE_CHECK_RECEIVE ? proposed_recipient : sender; ++ BusDeferredMessage *deferred_message; ++ BusResult ret; ++ cynagora_key_t key; ++ ++ _dbus_assert(connection != NULL); ++ ++ if (dbus_connection_get_unix_user(connection, &uid) == FALSE) ++ return BUS_RESULT_FALSE; ++ ++ if (dbus_connection_get_unix_process_id(connection, &pid) == FALSE) ++ return BUS_RESULT_FALSE; ++ ++ if (_dbus_connection_get_linux_security_label(connection, &label) == FALSE || label == NULL) ++ { ++ _dbus_warn("Failed to obtain security label for connection\n"); ++ return BUS_RESULT_FALSE; ++ } ++ ++ snprintf(user, sizeof(user), "%lu", uid); ++ snprintf(session, sizeof(session), "%lu", pid); ++ ++ key.client = label; ++ key.session = session; ++ key.user = user; ++ key.permission = permission; ++ ++ result = cynagora_cache_check(cynagora->cynagora, &key); ++ switch (result) ++ { ++ case 1: ++ _dbus_verbose("Cynagora: got ALLOWED answer from cache (client=%s session_id=%s user=%s permission=%s)\n", ++ label, session_id, user, permission); ++ ret = BUS_RESULT_TRUE; ++ break; ++ ++ case 0: ++ _dbus_verbose("Cynagora: got DENIED answer from cache (client=%s session_id=%s user=%s permission=%s)\n", ++ label, session_id, user, permission); ++ ret = BUS_RESULT_FALSE; ++ break; ++ ++ default: ++ deferred_message = bus_deferred_message_new(message, sender, addressed_recipient, ++ proposed_recipient, BUS_RESULT_LATER); ++ if (deferred_message == NULL) ++ { ++ _dbus_verbose("Failed to allocate memory for deferred message\n"); ++ ret = BUS_RESULT_FALSE; ++ goto out; ++ } ++ ++ /* callback is supposed to unref deferred_message*/ ++ result = cynagora_async_check(cynagora->cynagora, &key, 1, 0, async_check_callback, deferred_message); ++ if (result == 0) ++ { ++ _dbus_verbose("Created Cynagora request: client=%s session_id=%s user=%s permission=%s " ++ "deferred_message=%p\n", label, session_id, user, permission, deferred_message); ++ if (deferred_message_param != NULL) ++ *deferred_message_param = deferred_message; ++ ret = BUS_RESULT_LATER; ++ } ++ else ++ { ++ _dbus_verbose("Error on cynagora request create: %i\n", result); ++ bus_deferred_message_unref(deferred_message); ++ ret = BUS_RESULT_FALSE; ++ } ++ break; ++ } ++out: ++ dbus_free(label); ++ return ret; ++} ++ ++static dbus_bool_t ++watch_handler_callback(DBusWatch *watch, ++ unsigned int flags, ++ void *data) ++{ ++ BusCynagora *cynagora = (BusCynagora *)data; ++ int result = cynagora_async_process(cynagora->cynagora); ++ if (result < 0) ++ _dbus_verbose("cynagora_async_process returned %d\n", result); ++ ++ return result != -ENOMEM ? TRUE : FALSE; ++} ++ ++static int ++async_callback(void *closure, int op, int fd, uint32_t events) ++{ ++ BusCynagora *cynagora = (BusCynagora *)closure; ++ DBusLoop *loop = bus_context_get_loop(cynagora->context); ++ unsigned int flags; ++ DBusWatch *watch; ++ ++ /* compute flags */ ++ flags = 0; ++ if (events & EPOLLIN) ++ flags |= DBUS_WATCH_READABLE; ++ if (events & EPOLLOUT) ++ flags |= DBUS_WATCH_WRITABLE; ++ ++ /* remove the watch if needed */ ++ watch = cynagora->cynagora_watch; ++ if (watch != NULL) ++ { ++ cynagora->cynagora_watch = NULL; ++ _dbus_loop_remove_watch(loop, watch); ++ _dbus_watch_invalidate(watch); ++ _dbus_watch_unref(watch); ++ } ++ ++ /* create the watch if needed */ ++ watch = cynagora->cynagora_watch; ++ if (op != EPOLL_CTL_DEL) ++ { ++ watch = _dbus_watch_new(fd, flags, TRUE, watch_handler_callback, cynagora, NULL); ++ if (watch == NULL) ++ return -ENOMEM; ++ if (_dbus_loop_add_watch(loop, watch) != TRUE) ++ { ++ _dbus_watch_invalidate(watch); ++ _dbus_watch_unref(watch); ++ return -ENOMEM; ++ } ++ cynagora->cynagora_watch = watch; ++ } ++ return 0; ++} ++ ++#endif /* DBUS_ENABLE_CYNAGORA */ +diff --git a/bus/cynara.h b/bus/cynagora-check.h +similarity index 81% +rename from bus/cynara.h +rename to bus/cynagora-check.h +index c4728bb..c0892c3 100644 +--- a/bus/cynara.h ++++ b/bus/cynagora-check.h +@@ -1,5 +1,5 @@ + /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ +-/* cynara.h Cynara runtime privilege checking ++/* cynagora.h Cynagora runtime privilege checking + * + * Copyright (c) 2014 Samsung Electronics, Ltd. + * +@@ -24,10 +24,10 @@ + #include "bus.h" + #include "check.h" + +-BusCynara *bus_cynara_new (BusCheck *check, DBusError *error); +-BusCynara *bus_cynara_ref (BusCynara *cynara); +-void bus_cynara_unref (BusCynara *cynara); +-BusResult bus_cynara_check_privilege (BusCynara *cynara, ++BusCynagora *bus_cynagora_new (BusCheck *check, DBusError *error); ++BusCynagora *bus_cynagora_ref (BusCynagora *cynagora); ++void bus_cynagora_unref (BusCynagora *cynagora); ++BusResult bus_cynagora_check_privilege (BusCynagora *cynagora, + DBusMessage *message, + DBusConnection *sender, + DBusConnection *addressed_recipient, +diff --git a/bus/cynara.c b/bus/cynara.c +deleted file mode 100644 +index 77aed62..0000000 +--- a/bus/cynara.c ++++ /dev/null +@@ -1,373 +0,0 @@ +-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ +-/* cynara.c Cynara runtime privilege checking +- * +- * Copyright (c) 2014 Samsung Electronics, Ltd. +- * +- * Licensed under the Academic Free License version 2.1 +- * +- * This program is free software; you can redistribute it and/or modify +- * it under the terms of the GNU General Public License as published by +- * the Free Software Foundation; either version 2 of the License, or +- * (at your option) any later version. +- * +- * This program is distributed in the hope that it will be useful, +- * but WITHOUT ANY WARRANTY; without even the implied warranty of +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +- * GNU General Public License for more details. +- * +- * You should have received a copy of the GNU General Public License +- * along with this program; if not, write to the Free Software +- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +- * +- */ +- +-#include +-#include "cynara.h" +-#include "check.h" +-#include "utils.h" +- +-#include +- +-#include +-#include +-#include +-#include +-#ifdef DBUS_ENABLE_CYNARA +-#include +-#endif +- +-#ifdef DBUS_ENABLE_CYNARA +-typedef struct BusCynara +-{ +- int refcount; +- +- BusContext *context; +- BusCheck *check; +- cynara_async *cynara; +- DBusWatch *cynara_watch; +-} BusCynara; +- +-#define USE_CYNARA_CACHE 1 +-#ifdef USE_CYNARA_CACHE +-#define CYNARA_CACHE_SIZE 1000 +-#endif +- +-static dbus_bool_t bus_cynara_watch_callback(DBusWatch *watch, +- unsigned int flags, +- void *data); +- +-static void status_callback(int old_fd, +- int new_fd, +- cynara_async_status status, +- void *user_status_data); +-static void bus_cynara_check_response_callback (cynara_check_id check_id, +- cynara_async_call_cause cause, +- int response, +- void *user_response_data); +-#endif +- +- +-BusCynara * +-bus_cynara_new(BusCheck *check, DBusError *error) +-{ +-#ifdef DBUS_ENABLE_CYNARA +- BusContext *context; +- BusCynara *cynara; +- cynara_async_configuration *conf = NULL; +- int ret; +- +- cynara = dbus_new(BusCynara, 1); +- if (cynara == NULL) +- { +- BUS_SET_OOM(error); +- return NULL; +- } +- +- context = bus_check_get_context(check); +- +- cynara->refcount = 1; +- cynara->check = check; +- cynara->context = context; +- cynara->cynara_watch = NULL; +- +- ret = cynara_async_configuration_create(&conf); +- if (ret != CYNARA_API_SUCCESS) +- { +- dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to create Cynara configuration"); +- goto out; +- } +- +-#ifdef CYNARA_CACHE_SIZE +- ret = cynara_async_configuration_set_cache_size(conf, CYNARA_CACHE_SIZE); +- if (ret != CYNARA_API_SUCCESS) +- { +- dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to Cynara cache size"); +- goto out; +- } +-#endif +- +- ret = cynara_async_initialize(&cynara->cynara, conf, &status_callback, cynara); +- if (ret != CYNARA_API_SUCCESS) +- { +- dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to initialize Cynara client"); +- goto out; +- } +- +-out: +- cynara_async_configuration_destroy(conf); +- if (ret != CYNARA_API_SUCCESS) +- { +- dbus_free(cynara); +- return NULL; +- } +- +- return cynara; +-#else +- return NULL; +-#endif +-} +- +-BusCynara * +-bus_cynara_ref (BusCynara *cynara) +-{ +-#ifdef DBUS_ENABLE_CYNARA +- _dbus_assert (cynara->refcount > 0); +- cynara->refcount += 1; +- +- return cynara; +-#else +- return NULL; +-#endif +-} +- +-void +-bus_cynara_unref (BusCynara *cynara) +-{ +-#ifdef DBUS_ENABLE_CYNARA +- _dbus_assert (cynara->refcount > 0); +- +- cynara->refcount -= 1; +- +- if (cynara->refcount == 0) +- { +- cynara_async_finish(cynara->cynara); +- dbus_free(cynara); +- } +-#endif +-} +- +-BusResult +-bus_cynara_check_privilege (BusCynara *cynara, +- DBusMessage *message, +- DBusConnection *sender, +- DBusConnection *addressed_recipient, +- DBusConnection *proposed_recipient, +- const char *privilege, +- BusDeferredMessageStatus check_type, +- BusDeferredMessage **deferred_message_param) +-{ +-#ifdef DBUS_ENABLE_CYNARA +- int result; +- unsigned long uid; +- char *label; +- const char *session_id; +- char user[32]; +- cynara_check_id check_id; +- DBusConnection *connection = check_type == BUS_DEFERRED_MESSAGE_CHECK_RECEIVE ? proposed_recipient : sender; +- BusDeferredMessage *deferred_message; +- BusResult ret; +- +- _dbus_assert(connection != NULL); +- +- if (dbus_connection_get_unix_user(connection, &uid) == FALSE) +- return BUS_RESULT_FALSE; +- +- if (_dbus_connection_get_linux_security_label(connection, &label) == FALSE || label == NULL) +- { +- _dbus_warn("Failed to obtain security label for connection\n"); +- return BUS_RESULT_FALSE; +- } +- +- session_id = bus_connection_get_cynara_session_id (connection); +- if (session_id == NULL) +- { +- ret = BUS_RESULT_FALSE; +- goto out; +- } +- +- snprintf(user, sizeof(user), "%lu", uid); +- +-#if USE_CYNARA_CACHE +- result = cynara_async_check_cache(cynara->cynara, label, session_id, user, privilege); +-#else +- result = CYNARA_API_CACHE_MISS; +-#endif +- +- switch (result) +- { +- case CYNARA_API_ACCESS_ALLOWED: +- _dbus_verbose("Cynara: got ALLOWED answer from cache (client=%s session_id=%s user=%s privilege=%s)\n", +- label, session_id, user, privilege); +- ret = BUS_RESULT_TRUE; +- break; +- +- case CYNARA_API_ACCESS_DENIED: +- _dbus_verbose("Cynara: got DENIED answer from cache (client=%s session_id=%s user=%s privilege=%s)\n", +- label, session_id, user, privilege); +- ret = BUS_RESULT_FALSE; +- break; +- +- case CYNARA_API_CACHE_MISS: +- deferred_message = bus_deferred_message_new(message, sender, addressed_recipient, +- proposed_recipient, BUS_RESULT_LATER); +- if (deferred_message == NULL) +- { +- _dbus_verbose("Failed to allocate memory for deferred message\n"); +- ret = BUS_RESULT_FALSE; +- goto out; +- } +- +- /* callback is supposed to unref deferred_message*/ +- result = cynara_async_create_request(cynara->cynara, label, session_id, user, privilege, &check_id, +- &bus_cynara_check_response_callback, deferred_message); +- if (result == CYNARA_API_SUCCESS) +- { +- _dbus_verbose("Created Cynara request: client=%s session_id=%s user=%s privilege=%s check_id=%u " +- "deferred_message=%p\n", label, session_id, user, privilege, (unsigned int)check_id, deferred_message); +- if (deferred_message_param != NULL) +- *deferred_message_param = deferred_message; +- ret = BUS_RESULT_LATER; +- } +- else +- { +- _dbus_verbose("Error on cynara request create: %i\n", result); +- bus_deferred_message_unref(deferred_message); +- ret = BUS_RESULT_FALSE; +- } +- break; +- default: +- _dbus_verbose("Error when accessing Cynara cache: %i\n", result); +- ret = BUS_RESULT_FALSE; +- } +-out: +- dbus_free(label); +- return ret; +- +-#else +- return BUS_RESULT_FALSE; +-#endif +-} +- +- +- +-#ifdef DBUS_ENABLE_CYNARA +-static void +-status_callback(int old_fd, int new_fd, cynara_async_status status, +- void *user_status_data) +-{ +- BusCynara *cynara = (BusCynara *)user_status_data; +- DBusLoop *loop = bus_context_get_loop(cynara->context); +- +- if (cynara->cynara_watch != NULL) +- { +- _dbus_loop_remove_watch(loop, cynara->cynara_watch); +- _dbus_watch_invalidate(cynara->cynara_watch); +- _dbus_watch_unref(cynara->cynara_watch); +- cynara->cynara_watch = NULL; +- } +- +- if (new_fd != -1) +- { +- unsigned int flags; +- DBusWatch *watch; +- +- switch (status) +- { +- case CYNARA_STATUS_FOR_READ: +- flags = DBUS_WATCH_READABLE; +- break; +- case CYNARA_STATUS_FOR_RW: +- flags = DBUS_WATCH_READABLE | DBUS_WATCH_WRITABLE; +- break; +- default: +- /* Cynara passed unknown status - warn and add RW watch */ +- _dbus_verbose("Cynara passed unknown status value: 0x%08X\n", (unsigned int)status); +- flags = DBUS_WATCH_READABLE | DBUS_WATCH_WRITABLE; +- break; +- } +- +- watch = _dbus_watch_new(new_fd, flags, TRUE, &bus_cynara_watch_callback, cynara, NULL); +- if (watch != NULL) +- { +- if (_dbus_loop_add_watch(loop, watch) == TRUE) +- { +- cynara->cynara_watch = watch; +- return; +- } +- +- _dbus_watch_invalidate(watch); +- _dbus_watch_unref(watch); +- } +- +- /* It seems like not much can be done at this point. Cynara events won't be processed +- * until next Cynara function call triggering status callback */ +- _dbus_verbose("Failed to add dbus watch\n"); +- } +-} +- +-static dbus_bool_t +-bus_cynara_watch_callback(DBusWatch *watch, +- unsigned int flags, +- void *data) +-{ +- BusCynara *cynara = (BusCynara *)data; +- int result = cynara_async_process(cynara->cynara); +- if (result != CYNARA_API_SUCCESS) +- _dbus_verbose("cynara_async_process returned %d\n", result); +- +- return result != CYNARA_API_OUT_OF_MEMORY ? TRUE : FALSE; +-} +- +-static inline const char * +-call_cause_to_string(cynara_async_call_cause cause) +-{ +- switch (cause) +- { +- case CYNARA_CALL_CAUSE_ANSWER: +- return "ANSWER"; +- case CYNARA_CALL_CAUSE_CANCEL: +- return "CANCEL"; +- case CYNARA_CALL_CAUSE_FINISH: +- return "FINSIH"; +- case CYNARA_CALL_CAUSE_SERVICE_NOT_AVAILABLE: +- return "SERVICE NOT AVAILABLE"; +- default: +- return "INVALID"; +- } +-} +- +-static void +-bus_cynara_check_response_callback (cynara_check_id check_id, +- cynara_async_call_cause cause, +- int response, +- void *user_response_data) +-{ +- BusDeferredMessage *deferred_message = user_response_data; +- BusResult result; +- +- _dbus_verbose("Cynara callback: check_id=%u, cause=%s response=%i response_data=%p\n", +- (unsigned int)check_id, call_cause_to_string(cause), response, user_response_data); +- +- if (deferred_message == NULL) +- return; +- +- if (cause == CYNARA_CALL_CAUSE_ANSWER && response == CYNARA_API_ACCESS_ALLOWED) +- result = BUS_RESULT_TRUE; +- else +- result = BUS_RESULT_FALSE; +- +- bus_deferred_message_response_received(deferred_message, result); +- bus_deferred_message_unref(deferred_message); +-} +- +-#endif /* DBUS_ENABLE_CYNARA */ +diff --git a/bus/system.conf.in b/bus/system.conf.in +index 19d0c04..81c39c8 100644 +--- a/bus/system.conf.in ++++ b/bus/system.conf.in +@@ -72,10 +72,10 @@ + send_interface="org.freedesktop.DBus.Introspectable"/> + +- + +diff --git a/configure.ac b/configure.ac +index 11b5ffd..df9341c 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1742,16 +1742,16 @@ AC_ARG_ENABLE([user-session], + AM_CONDITIONAL([DBUS_ENABLE_USER_SESSION], + [test "x$enable_user_session" = xyes]) + +-#enable cynara integration +-AC_ARG_ENABLE([cynara], [AS_HELP_STRING([--enable-cynara], [enable Cynara integration])], [], [enable_cynara=no]) +-if test "x$enable_cynara" = xyes; then +- PKG_CHECK_MODULES([CYNARA], [cynara-client-async >= 0.6.0 cynara-session >= 0.6.0], +- [AC_DEFINE([DBUS_ENABLE_CYNARA], [1], [Define to enable Cynara privilege checks in dbus-daemon])], +- [AC_MSG_ERROR([libcynara-client-async and cynara-session are required to enable Cynara integration])]) ++#enable cynagora integration ++AC_ARG_ENABLE([cynagora], [AS_HELP_STRING([--enable-cynagora], [enable Cynagora integration])], [], [enable_cynagora=no]) ++if test "x$enable_cynagora" = xyes; then ++ PKG_CHECK_MODULES([CYNAGORA], [cynagora], ++ [AC_DEFINE([DBUS_ENABLE_CYNAGORA], [1], [Define to enable Cynagora privilege checks in dbus-daemon])], ++ [AC_MSG_ERROR([libcynagora is required to enable Cynagora integration])]) + fi + +-AC_SUBST([CYNARA_CFLAGS]) +-AC_SUBST([CYNARA_LIBS]) ++AC_SUBST([CYNAGORA_CFLAGS]) ++AC_SUBST([CYNAGORA_LIBS]) + + AC_CONFIG_FILES([ + Doxyfile +@@ -1835,7 +1835,7 @@ echo " + Building bus stats API: ${enable_stats} + Building SELinux support: ${have_selinux} + Building AppArmor support: ${have_apparmor} +- Building Cynara support: ${enable_cynara} ++ Building Cynagora support: ${enable_cynagora} + Building inotify support: ${have_inotify} + Building kqueue support: ${have_kqueue} + Building systemd support: ${have_systemd} +-- +2.21.1 + diff --git a/meta-security/recipes-core/dbus-cynagora/dbus_1.12.16.bbappend b/meta-security/recipes-core/dbus-cynagora/dbus_1.12.16.bbappend new file mode 100644 index 000000000..177a117b8 --- /dev/null +++ b/meta-security/recipes-core/dbus-cynagora/dbus_1.12.16.bbappend @@ -0,0 +1,15 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/dbus-cynagora:" + +SRC_URI_append_class-target = "\ + file://0001-Integration-of-Cynara-asynchronous-security-checks.patch \ + file://0002-Disable-message-dispatching-when-send-rule-result-is.patch \ + file://0003-Handle-unavailability-of-policy-results-for-broadcas.patch \ + file://0004-Add-own-rule-result-unavailability-handling.patch \ + file://0005-Perform-Cynara-runtime-policy-checks-by-default.patch \ + file://0006-Fix-SIGSEGV-on-disconnections.patch \ + file://0007-Switch-from-cynara-to-cynagora.patch \ +" + +DEPENDS_append_class-target = " cynagora smack" +EXTRA_OECONF_append_class-target = " ${@bb.utils.contains('DISTRO_FEATURES','smack','--enable-cynagora --disable-selinux','',d)}" + diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0001-Integration-of-Cynara-asynchronous-security-checks.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0001-Integration-of-Cynara-asynchronous-security-checks.patch deleted file mode 100644 index 69d13ac35..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0001-Integration-of-Cynara-asynchronous-security-checks.patch +++ /dev/null @@ -1,2232 +0,0 @@ -From 6c498a9b0f4122d1ac49d603f9968b6d85830cdb Mon Sep 17 00:00:00 2001 -From: Jacek Bukarewicz -Date: Thu, 27 Nov 2014 18:11:05 +0100 -Subject: Integration of Cynara asynchronous security checks -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This commit introduces basic framework for asynchronous policy -checks and Cynara integration code. Functions for checking security -policy can now return third value - BUS_RESULT_LATER denoting check -result unavailability. Whenever policy checker cannot decide on the -result of the check it is supposed to allocate DeferredMessage structure -that will be passed to the upper layers which can decide what should be -done in such situation. -Proper handling of such case will be implemented in subsequent commits. -Currently such return value results in message denial. - -Cherry picked from 4dcfb02f17247ff9de966b62182cd2e08f301238 -by José Bollo. - -Updated for dbus 1.10.20 by Scott Murray and José Bollo - -Change-Id: I9bcbce34577e5dc2a3cecf6233a0a2b0e43e1108 -Signed-off-by: José Bollo -Signed-off-by: Scott Murray - -diff --git a/bus/Makefile.am b/bus/Makefile.am -index 9ae3071..46afb31 100644 ---- a/bus/Makefile.am -+++ b/bus/Makefile.am -@@ -13,6 +13,7 @@ DBUS_BUS_LIBS = \ - $(THREAD_LIBS) \ - $(ADT_LIBS) \ - $(NETWORK_libs) \ -+ $(CYNARA_LIBS) \ - $(NULL) - - DBUS_LAUNCHER_LIBS = \ -@@ -30,6 +31,7 @@ AM_CPPFLAGS = \ - $(APPARMOR_CFLAGS) \ - -DDBUS_SYSTEM_CONFIG_FILE=\""$(dbusdatadir)/system.conf"\" \ - -DDBUS_COMPILATION \ -+ $(CYNARA_CFLAGS) \ - $(NULL) - - # if assertions are enabled, improve backtraces -@@ -90,6 +92,8 @@ BUS_SOURCES= \ - audit.h \ - bus.c \ - bus.h \ -+ check.c \ -+ check.h \ - config-loader-expat.c \ - config-parser.c \ - config-parser.h \ -@@ -97,6 +101,8 @@ BUS_SOURCES= \ - config-parser-common.h \ - connection.c \ - connection.h \ -+ cynara.c \ -+ cynara.h \ - desktop-file.c \ - desktop-file.h \ - $(DIR_WATCH_SOURCE) \ -diff --git a/bus/activation.c b/bus/activation.c -index 6f009f5..f8a02eb 100644 ---- a/bus/activation.c -+++ b/bus/activation.c -@@ -1788,14 +1788,15 @@ bus_activation_activate_service (BusActivation *activation, - - if (auto_activation && - entry != NULL && -- !bus_context_check_security_policy (activation->context, -+ BUS_RESULT_TRUE != bus_context_check_security_policy (activation->context, - transaction, - connection, /* sender */ - NULL, /* addressed recipient */ - NULL, /* proposed recipient */ - activation_message, - entry, -- error)) -+ error, -+ NULL)) - { - _DBUS_ASSERT_ERROR_IS_SET (error); - _dbus_verbose ("activation not authorized: %s: %s\n", -diff --git a/bus/bus.c b/bus/bus.c -index 30ce4e1..237efe3 100644 ---- a/bus/bus.c -+++ b/bus/bus.c -@@ -38,6 +38,7 @@ - #include "apparmor.h" - #include "audit.h" - #include "dir-watch.h" -+#include "check.h" - #include - #include - #include -@@ -67,6 +68,7 @@ struct BusContext - BusRegistry *registry; - BusPolicy *policy; - BusMatchmaker *matchmaker; -+ BusCheck *check; - BusLimits limits; - DBusRLimit *initial_fd_limit; - unsigned int fork : 1; -@@ -1003,6 +1005,10 @@ bus_context_new (const DBusString *config_file, - parser = NULL; - } - -+ context->check = bus_check_new(context, error); -+ if (context->check == NULL) -+ goto failed; -+ - dbus_server_free_data_slot (&server_data_slot); - - return context; -@@ -1127,6 +1133,12 @@ bus_context_unref (BusContext *context) - - bus_context_shutdown (context); - -+ if (context->check) -+ { -+ bus_check_unref(context->check); -+ context->check = NULL; -+ } -+ - if (context->connections) - { - bus_connections_unref (context->connections); -@@ -1256,6 +1268,12 @@ bus_context_get_loop (BusContext *context) - return context->loop; - } - -+BusCheck* -+bus_context_get_check (BusContext *context) -+{ -+ return context->check; -+} -+ - dbus_bool_t - bus_context_allow_unix_user (BusContext *context, - unsigned long uid) -@@ -1451,6 +1469,7 @@ complain_about_message (BusContext *context, - DBusConnection *proposed_recipient, - dbus_bool_t requested_reply, - dbus_bool_t log, -+ const char *privilege, - DBusError *error) - { - DBusError stack_error = DBUS_ERROR_INIT; -@@ -1480,7 +1499,8 @@ complain_about_message (BusContext *context, - dbus_set_error (&stack_error, error_name, - "%s, %d matched rules; type=\"%s\", sender=\"%s\" (%s) " - "interface=\"%s\" member=\"%s\" error name=\"%s\" " -- "requested_reply=\"%d\" destination=\"%s\" (%s)", -+ "requested_reply=\"%d\" destination=\"%s\" (%s) " -+ "privilege=\"%s\"", - complaint, - matched_rules, - dbus_message_type_to_string (dbus_message_get_type (message)), -@@ -1491,7 +1511,8 @@ complain_about_message (BusContext *context, - nonnull (dbus_message_get_error_name (message), "(unset)"), - requested_reply, - nonnull (dbus_message_get_destination (message), DBUS_SERVICE_DBUS), -- proposed_recipient_loginfo); -+ proposed_recipient_loginfo, -+ nonnull (privilege, "(n/a)")); - - /* If we hit OOM while setting the error, this will syslog "out of memory" - * which is itself an indication that something is seriously wrong */ -@@ -1519,7 +1540,7 @@ complain_about_message (BusContext *context, - * NULL for addressed_recipient may mean the bus driver, or may mean - * no destination was specified in the message (e.g. a signal). - */ --dbus_bool_t -+BusResult - bus_context_check_security_policy (BusContext *context, - BusTransaction *transaction, - DBusConnection *sender, -@@ -1527,7 +1548,8 @@ bus_context_check_security_policy (BusContext *context, - DBusConnection *proposed_recipient, - DBusMessage *message, - BusActivationEntry *activation_entry, -- DBusError *error) -+ DBusError *error, -+ BusDeferredMessage **deferred_message) - { - const char *src, *dest; - BusClientPolicy *sender_policy; -@@ -1536,6 +1558,7 @@ bus_context_check_security_policy (BusContext *context, - dbus_bool_t log; - int type; - dbus_bool_t requested_reply; -+ const char *privilege; - - type = dbus_message_get_type (message); - src = dbus_message_get_sender (message); -@@ -1565,7 +1588,7 @@ bus_context_check_security_policy (BusContext *context, - dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, - "Message bus will not accept messages of unknown type\n"); - -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - requested_reply = FALSE; -@@ -1595,7 +1618,7 @@ bus_context_check_security_policy (BusContext *context, - if (dbus_error_is_set (&error2)) - { - dbus_move_error (&error2, error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - } - } -@@ -1624,11 +1647,11 @@ bus_context_check_security_policy (BusContext *context, - complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, - "An SELinux policy prevents this sender from sending this " - "message to this recipient", -- 0, message, sender, proposed_recipient, FALSE, FALSE, error); -+ 0, message, sender, proposed_recipient, FALSE, FALSE, NULL, error); - _dbus_verbose ("SELinux security check denying send to service\n"); - } - -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - /* next verify AppArmor access controls. If allowed then -@@ -1646,7 +1669,7 @@ bus_context_check_security_policy (BusContext *context, - src ? src : DBUS_SERVICE_DBUS, - activation_entry, - error)) -- return FALSE; -+ return BUS_RESULT_FALSE; - - if (!bus_connection_is_active (sender)) - { -@@ -1660,7 +1683,7 @@ bus_context_check_security_policy (BusContext *context, - { - _dbus_verbose ("security check allowing %s message\n", - "Hello"); -- return TRUE; -+ return BUS_RESULT_TRUE; - } - else - { -@@ -1671,7 +1694,7 @@ bus_context_check_security_policy (BusContext *context, - "Client tried to send a message other than %s without being registered", - "Hello"); - -- return FALSE; -+ return BUS_RESULT_FALSE; - } - } - } -@@ -1720,20 +1743,29 @@ bus_context_check_security_policy (BusContext *context, - (proposed_recipient == NULL && recipient_policy == NULL)); - - log = FALSE; -- if (sender_policy && -- !bus_client_policy_check_can_send (sender_policy, -- context->registry, -- requested_reply, -- proposed_recipient, -- message, &toggles, &log)) -- { -- complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, -- "Rejected send message", toggles, -- message, sender, proposed_recipient, requested_reply, -- (addressed_recipient == proposed_recipient), error); -- _dbus_verbose ("security policy disallowing message due to sender policy\n"); -- return FALSE; -- } -+ if (sender_policy) -+ { -+ BusResult res = bus_client_policy_check_can_send (sender, -+ sender_policy, -+ context->registry, -+ requested_reply, -+ addressed_recipient, -+ proposed_recipient, -+ message, &toggles, &log, &privilege, -+ deferred_message); -+ if (res == BUS_RESULT_FALSE) -+ { -+ complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, -+ "Rejected send message", toggles, -+ message, sender, proposed_recipient, requested_reply, -+ (addressed_recipient == proposed_recipient), privilege, -+ error); -+ _dbus_verbose ("security policy disallowing message due to sender policy\n"); -+ return BUS_RESULT_FALSE; -+ } -+ else if (res == BUS_RESULT_LATER) -+ return BUS_RESULT_LATER; -+ } - - if (log) - { -@@ -1742,23 +1774,29 @@ bus_context_check_security_policy (BusContext *context, - complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, - "Would reject message", toggles, - message, sender, proposed_recipient, requested_reply, -- TRUE, NULL); -+ TRUE, privilege, NULL); - } - -- if (recipient_policy && -- !bus_client_policy_check_can_receive (recipient_policy, -- context->registry, -- requested_reply, -- sender, -- addressed_recipient, proposed_recipient, -- message, &toggles)) -+ if (recipient_policy) - { -- complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, -- "Rejected receive message", toggles, -- message, sender, proposed_recipient, requested_reply, -- (addressed_recipient == proposed_recipient), error); -- _dbus_verbose ("security policy disallowing message due to recipient policy\n"); -- return FALSE; -+ BusResult res; -+ res = bus_client_policy_check_can_receive (recipient_policy, -+ context->registry, -+ requested_reply, -+ sender, -+ addressed_recipient, proposed_recipient, -+ message, &toggles, &privilege, deferred_message); -+ if (res == BUS_RESULT_FALSE) -+ { -+ complain_about_message(context, DBUS_ERROR_ACCESS_DENIED, "Rejected receive message", -+ toggles, message, sender, proposed_recipient, requested_reply, -+ (addressed_recipient == proposed_recipient), privilege, error); -+ _dbus_verbose( -+ "security policy disallowing message due to recipient policy\n"); -+ return BUS_RESULT_FALSE; -+ } -+ else if (res == BUS_RESULT_LATER) -+ return BUS_RESULT_LATER; - } - - /* See if limits on size have been exceeded */ -@@ -1768,10 +1806,10 @@ bus_context_check_security_policy (BusContext *context, - { - complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED, - "Rejected: destination has a full message queue", -- 0, message, sender, proposed_recipient, requested_reply, TRUE, -+ 0, message, sender, proposed_recipient, requested_reply, TRUE, NULL, - error); - _dbus_verbose ("security policy disallowing message due to full message queue\n"); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - /* Record that we will allow a reply here in the future (don't -@@ -1792,11 +1830,11 @@ bus_context_check_security_policy (BusContext *context, - message, error)) - { - _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n"); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - _dbus_verbose ("security policy allowing message\n"); -- return TRUE; -+ return BUS_RESULT_TRUE; - } - - void -diff --git a/bus/bus.h b/bus/bus.h -index 2e0de82..82c32c8 100644 ---- a/bus/bus.h -+++ b/bus/bus.h -@@ -45,6 +45,22 @@ typedef struct BusTransaction BusTransaction; - typedef struct BusMatchmaker BusMatchmaker; - typedef struct BusMatchRule BusMatchRule; - typedef struct BusActivationEntry BusActivationEntry; -+typedef struct BusCheck BusCheck; -+typedef struct BusDeferredMessage BusDeferredMessage; -+typedef struct BusCynara BusCynara; -+ -+/** -+ * BusResult is defined as a pointer to a dummy structure to allow detection of type mismatches. -+ * The disadvantage of such solution is that now BusResult variables cannot be used in switch -+ * statement. -+ * Additionally, BUS_RESULT_TRUE is defined as 0 instead of 1 to help detect type mismatches -+ * at runtime. -+ */ -+typedef const struct BusResultStruct { int dummy; } *BusResult; -+ -+static const BusResult BUS_RESULT_TRUE = (BusResult)0x0; -+static const BusResult BUS_RESULT_FALSE = (BusResult)0x1; -+static const BusResult BUS_RESULT_LATER = (BusResult)0x2; - - typedef struct - { -@@ -101,6 +117,7 @@ BusConnections* bus_context_get_connections (BusContext - BusActivation* bus_context_get_activation (BusContext *context); - BusMatchmaker* bus_context_get_matchmaker (BusContext *context); - DBusLoop* bus_context_get_loop (BusContext *context); -+BusCheck * bus_context_get_check (BusContext *context); - dbus_bool_t bus_context_allow_unix_user (BusContext *context, - unsigned long uid); - dbus_bool_t bus_context_allow_windows_user (BusContext *context, -@@ -136,14 +153,15 @@ void bus_context_log_and_set_error (BusContext - const char *name, - const char *msg, - ...) _DBUS_GNUC_PRINTF (5, 6); --dbus_bool_t bus_context_check_security_policy (BusContext *context, -+BusResult bus_context_check_security_policy (BusContext *context, - BusTransaction *transaction, - DBusConnection *sender, - DBusConnection *addressed_recipient, - DBusConnection *proposed_recipient, - DBusMessage *message, - BusActivationEntry *activation_entry, -- DBusError *error); -+ DBusError *error, -+ BusDeferredMessage **deferred_message); - void bus_context_check_all_watches (BusContext *context); - - #endif /* BUS_BUS_H */ -diff --git a/bus/check.c b/bus/check.c -new file mode 100644 -index 0000000..5b72d31 ---- /dev/null -+++ b/bus/check.c -@@ -0,0 +1,217 @@ -+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ -+/* check.c Bus security policy runtime check -+ * -+ * Copyright (C) 2014 Intel, Inc. -+ * Copyright (c) 2014 Samsung Electronics, Ltd. -+ * -+ * Licensed under the Academic Free License version 2.1 -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -+ * -+ */ -+ -+#include -+#include "check.h" -+#include "connection.h" -+#include "dispatch.h" -+#include "cynara.h" -+#include "utils.h" -+#include -+#include -+#include -+ -+ -+typedef struct BusCheck -+{ -+ int refcount; -+ -+ BusContext *context; -+ BusCynara *cynara; -+} BusCheck; -+ -+typedef struct BusDeferredMessage -+{ -+ int refcount; -+ -+ DBusMessage *message; -+ DBusConnection *sender; -+ DBusConnection *proposed_recipient; -+ DBusConnection *addressed_recipient; -+ dbus_bool_t full_dispatch; -+ BusDeferredMessageStatus status; -+ BusResult response; -+ BusCheckResponseFunc response_callback; -+} BusDeferredMessage; -+ -+BusCheck * -+bus_check_new (BusContext *context, DBusError *error) -+{ -+ BusCheck *check; -+ -+ check = dbus_new(BusCheck, 1); -+ if (check == NULL) -+ { -+ BUS_SET_OOM(error); -+ return NULL; -+ } -+ -+ check->refcount = 1; -+ check->context = context; -+ check->cynara = bus_cynara_new(check, error); -+ if (dbus_error_is_set(error)) -+ { -+ dbus_free(check); -+ return NULL; -+ } -+ -+ return check; -+} -+ -+BusCheck * -+bus_check_ref (BusCheck *check) -+{ -+ _dbus_assert (check->refcount > 0); -+ check->refcount += 1; -+ -+ return check; -+} -+ -+void -+bus_check_unref (BusCheck *check) -+{ -+ _dbus_assert (check->refcount > 0); -+ -+ check->refcount -= 1; -+ -+ if (check->refcount == 0) -+ { -+ bus_cynara_unref(check->cynara); -+ dbus_free(check); -+ } -+} -+ -+BusContext * -+bus_check_get_context (BusCheck *check) -+{ -+ return check->context; -+} -+ -+BusCynara * -+bus_check_get_cynara (BusCheck *check) -+{ -+ return check->cynara; -+} -+ -+BusResult -+bus_check_privilege (BusCheck *check, -+ DBusMessage *message, -+ DBusConnection *sender, -+ DBusConnection *addressed_recipient, -+ DBusConnection *proposed_recipient, -+ const char *privilege, -+ BusDeferredMessageStatus check_type, -+ BusDeferredMessage **deferred_message) -+{ -+ BusResult result = BUS_RESULT_FALSE; -+#ifdef DBUS_ENABLE_CYNARA -+ BusCynara *cynara; -+#endif -+ DBusConnection *connection; -+ -+ connection = check_type == BUS_DEFERRED_MESSAGE_CHECK_RECEIVE ? proposed_recipient : sender; -+ -+ if (!dbus_connection_get_is_connected(connection)) -+ { -+ return BUS_RESULT_FALSE; -+ } -+ -+ /* ask policy checkers */ -+#ifdef DBUS_ENABLE_CYNARA -+ cynara = bus_check_get_cynara(check); -+ result = bus_cynara_check_privilege(cynara, message, sender, addressed_recipient, -+ proposed_recipient, privilege, check_type, deferred_message); -+#endif -+ -+ if (result == BUS_RESULT_LATER && deferred_message != NULL) -+ { -+ (*deferred_message)->status |= check_type; -+ } -+ return result; -+} -+ -+BusDeferredMessage *bus_deferred_message_new (DBusMessage *message, -+ DBusConnection *sender, -+ DBusConnection *addressed_recipient, -+ DBusConnection *proposed_recipient, -+ BusResult response) -+{ -+ BusDeferredMessage *deferred_message; -+ -+ deferred_message = dbus_new(BusDeferredMessage, 1); -+ if (deferred_message == NULL) -+ { -+ return NULL; -+ } -+ -+ deferred_message->refcount = 1; -+ deferred_message->sender = sender != NULL ? dbus_connection_ref(sender) : NULL; -+ deferred_message->addressed_recipient = addressed_recipient != NULL ? dbus_connection_ref(addressed_recipient) : NULL; -+ deferred_message->proposed_recipient = proposed_recipient != NULL ? dbus_connection_ref(proposed_recipient) : NULL; -+ deferred_message->message = dbus_message_ref(message); -+ deferred_message->response = response; -+ deferred_message->status = 0; -+ deferred_message->full_dispatch = FALSE; -+ deferred_message->response_callback = NULL; -+ -+ return deferred_message; -+} -+ -+BusDeferredMessage * -+bus_deferred_message_ref (BusDeferredMessage *deferred_message) -+{ -+ _dbus_assert (deferred_message->refcount > 0); -+ deferred_message->refcount += 1; -+ return deferred_message; -+} -+ -+void -+bus_deferred_message_unref (BusDeferredMessage *deferred_message) -+{ -+ _dbus_assert (deferred_message->refcount > 0); -+ -+ deferred_message->refcount -= 1; -+ -+ if (deferred_message->refcount == 0) -+ { -+ dbus_message_unref(deferred_message->message); -+ if (deferred_message->sender != NULL) -+ dbus_connection_unref(deferred_message->sender); -+ if (deferred_message->addressed_recipient != NULL) -+ dbus_connection_unref(deferred_message->addressed_recipient); -+ if (deferred_message->proposed_recipient != NULL) -+ dbus_connection_unref(deferred_message->proposed_recipient); -+ dbus_free(deferred_message); -+ } -+} -+ -+void -+bus_deferred_message_response_received (BusDeferredMessage *deferred_message, -+ BusResult result) -+{ -+ if (deferred_message->response_callback != NULL) -+ { -+ deferred_message->response_callback(deferred_message, result); -+ } -+} -diff --git a/bus/check.h b/bus/check.h -new file mode 100644 -index 0000000..c3fcaf9 ---- /dev/null -+++ b/bus/check.h -@@ -0,0 +1,68 @@ -+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ -+/* check.h Bus security policy runtime check -+ * -+ * Copyright (C) 2014 Intel, Inc. -+ * Copyright (c) 2014 Samsung Electronics, Ltd. -+ * -+ * Licensed under the Academic Free License version 2.1 -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -+ * -+ */ -+ -+#ifndef BUS_CHECK_H -+#define BUS_CHECK_H -+ -+#include "bus.h" -+#include "policy.h" -+ -+ -+typedef void (*BusCheckResponseFunc) (BusDeferredMessage *message, -+ BusResult result); -+ -+typedef enum { -+ BUS_DEFERRED_MESSAGE_CHECK_SEND = 1 << 0, -+ BUS_DEFERRED_MESSAGE_CHECK_RECEIVE = 1 << 1, -+ BUS_DEFERRED_MESSAGE_CHECK_OWN = 1 << 2, -+} BusDeferredMessageStatus; -+ -+ -+BusCheck *bus_check_new (BusContext *context, -+ DBusError *error); -+BusCheck *bus_check_ref (BusCheck *check); -+void bus_check_unref (BusCheck *check); -+ -+BusContext *bus_check_get_context (BusCheck *check); -+BusCynara *bus_check_get_cynara (BusCheck *check); -+BusResult bus_check_privilege (BusCheck *check, -+ DBusMessage *message, -+ DBusConnection *sender, -+ DBusConnection *addressed_recipient, -+ DBusConnection *proposed_recipient, -+ const char *privilege, -+ BusDeferredMessageStatus check_type, -+ BusDeferredMessage **deferred_message); -+ -+BusDeferredMessage *bus_deferred_message_new (DBusMessage *message, -+ DBusConnection *sender, -+ DBusConnection *addressed_recipient, -+ DBusConnection *proposed_recipient, -+ BusResult response); -+ -+BusDeferredMessage *bus_deferred_message_ref (BusDeferredMessage *deferred_message); -+void bus_deferred_message_unref (BusDeferredMessage *deferred_message); -+void bus_deferred_message_response_received (BusDeferredMessage *deferred_message, -+ BusResult result); -+#endif /* BUS_CHECK_H */ -diff --git a/bus/config-parser-common.c b/bus/config-parser-common.c -index c1c4191..e2f253d 100644 ---- a/bus/config-parser-common.c -+++ b/bus/config-parser-common.c -@@ -75,6 +75,10 @@ bus_config_parser_element_name_to_type (const char *name) - { - return ELEMENT_DENY; - } -+ else if (strcmp (name, "check") == 0) -+ { -+ return ELEMENT_CHECK; -+ } - else if (strcmp (name, "servicehelper") == 0) - { - return ELEMENT_SERVICEHELPER; -@@ -159,6 +163,8 @@ bus_config_parser_element_type_to_name (ElementType type) - return "allow"; - case ELEMENT_DENY: - return "deny"; -+ case ELEMENT_CHECK: -+ return "check"; - case ELEMENT_FORK: - return "fork"; - case ELEMENT_PIDFILE: -diff --git a/bus/config-parser-common.h b/bus/config-parser-common.h -index 382a014..9e026d1 100644 ---- a/bus/config-parser-common.h -+++ b/bus/config-parser-common.h -@@ -36,6 +36,7 @@ typedef enum - ELEMENT_LIMIT, - ELEMENT_ALLOW, - ELEMENT_DENY, -+ ELEMENT_CHECK, - ELEMENT_FORK, - ELEMENT_PIDFILE, - ELEMENT_SERVICEDIR, -diff --git a/bus/config-parser.c b/bus/config-parser.c -index be27d38..b5f1dd1 100644 ---- a/bus/config-parser.c -+++ b/bus/config-parser.c -@@ -1318,7 +1318,7 @@ append_rule_from_element (BusConfigParser *parser, - const char *element_name, - const char **attribute_names, - const char **attribute_values, -- dbus_bool_t allow, -+ BusPolicyRuleAccess access, - DBusError *error) - { - const char *log; -@@ -1360,6 +1360,7 @@ append_rule_from_element (BusConfigParser *parser, - const char *own_prefix; - const char *user; - const char *group; -+ const char *privilege; - - BusPolicyRule *rule; - -@@ -1390,6 +1391,7 @@ append_rule_from_element (BusConfigParser *parser, - "user", &user, - "group", &group, - "log", &log, -+ "privilege", &privilege, - NULL)) - return FALSE; - -@@ -1422,6 +1424,7 @@ append_rule_from_element (BusConfigParser *parser, - - if (!(any_send_attribute || - any_receive_attribute || -+ privilege || - own || own_prefix || user || group)) - { - dbus_set_error (error, DBUS_ERROR_FAILED, -@@ -1438,7 +1441,30 @@ append_rule_from_element (BusConfigParser *parser, - element_name); - return FALSE; - } -- -+ -+ if (access == BUS_POLICY_RULE_ACCESS_CHECK) -+ { -+ if (privilege == NULL || !*privilege) -+ { -+ dbus_set_error (error, DBUS_ERROR_FAILED, -+ "On element <%s>, you must specify the privilege to be checked.", -+ element_name); -+ return FALSE; -+ } -+ } -+ else -+ { -+ if (privilege != NULL && *privilege) -+ { -+ dbus_set_error (error, DBUS_ERROR_FAILED, -+ "On element <%s>, privilege %s is used outside of a check rule.", -+ element_name, privilege); -+ return FALSE; -+ } -+ else -+ privilege = NULL; /* replace (potentially) empty string with NULL pointer, it wouldn't be used anyway */ -+ } -+ - /* Allowed combinations of elements are: - * - * base, must be all send or all receive: -@@ -1589,7 +1615,7 @@ append_rule_from_element (BusConfigParser *parser, - error)) - return FALSE; - -- rule = bus_policy_rule_new (BUS_POLICY_RULE_SEND, allow); -+ rule = bus_policy_rule_new (BUS_POLICY_RULE_SEND, access); - if (rule == NULL) - goto nomem; - -@@ -1694,7 +1720,7 @@ append_rule_from_element (BusConfigParser *parser, - error)) - return FALSE; - -- rule = bus_policy_rule_new (BUS_POLICY_RULE_RECEIVE, allow); -+ rule = bus_policy_rule_new (BUS_POLICY_RULE_RECEIVE, access); - if (rule == NULL) - goto nomem; - -@@ -1726,7 +1752,7 @@ append_rule_from_element (BusConfigParser *parser, - } - else if (own || own_prefix) - { -- rule = bus_policy_rule_new (BUS_POLICY_RULE_OWN, allow); -+ rule = bus_policy_rule_new (BUS_POLICY_RULE_OWN, access); - if (rule == NULL) - goto nomem; - -@@ -1752,7 +1778,7 @@ append_rule_from_element (BusConfigParser *parser, - { - if (IS_WILDCARD (user)) - { -- rule = bus_policy_rule_new (BUS_POLICY_RULE_USER, allow); -+ rule = bus_policy_rule_new (BUS_POLICY_RULE_USER, access); - if (rule == NULL) - goto nomem; - -@@ -1767,7 +1793,7 @@ append_rule_from_element (BusConfigParser *parser, - - if (_dbus_parse_unix_user_from_config (&username, &uid)) - { -- rule = bus_policy_rule_new (BUS_POLICY_RULE_USER, allow); -+ rule = bus_policy_rule_new (BUS_POLICY_RULE_USER, access); - if (rule == NULL) - goto nomem; - -@@ -1784,7 +1810,7 @@ append_rule_from_element (BusConfigParser *parser, - { - if (IS_WILDCARD (group)) - { -- rule = bus_policy_rule_new (BUS_POLICY_RULE_GROUP, allow); -+ rule = bus_policy_rule_new (BUS_POLICY_RULE_GROUP, access); - if (rule == NULL) - goto nomem; - -@@ -1799,7 +1825,7 @@ append_rule_from_element (BusConfigParser *parser, - - if (_dbus_parse_unix_group_from_config (&groupname, &gid)) - { -- rule = bus_policy_rule_new (BUS_POLICY_RULE_GROUP, allow); -+ rule = bus_policy_rule_new (BUS_POLICY_RULE_GROUP, access); - if (rule == NULL) - goto nomem; - -@@ -1823,6 +1849,10 @@ append_rule_from_element (BusConfigParser *parser, - _dbus_assert (pe != NULL); - _dbus_assert (pe->type == ELEMENT_POLICY); - -+ rule->privilege = _dbus_strdup (privilege); -+ if (privilege && !rule->privilege) -+ goto nomem; -+ - switch (pe->d.policy.type) - { - case POLICY_IGNORED: -@@ -1898,7 +1928,7 @@ start_policy_child (BusConfigParser *parser, - { - if (!append_rule_from_element (parser, element_name, - attribute_names, attribute_values, -- TRUE, error)) -+ BUS_POLICY_RULE_ACCESS_ALLOW, error)) - return FALSE; - - if (push_element (parser, ELEMENT_ALLOW) == NULL) -@@ -1913,7 +1943,7 @@ start_policy_child (BusConfigParser *parser, - { - if (!append_rule_from_element (parser, element_name, - attribute_names, attribute_values, -- FALSE, error)) -+ BUS_POLICY_RULE_ACCESS_DENY, error)) - return FALSE; - - if (push_element (parser, ELEMENT_DENY) == NULL) -@@ -1922,6 +1952,21 @@ start_policy_child (BusConfigParser *parser, - return FALSE; - } - -+ return TRUE; -+ } -+ else if (strcmp (element_name, "check") == 0) -+ { -+ if (!append_rule_from_element (parser, element_name, -+ attribute_names, attribute_values, -+ BUS_POLICY_RULE_ACCESS_CHECK, error)) -+ return FALSE; -+ -+ if (push_element (parser, ELEMENT_CHECK) == NULL) -+ { -+ BUS_SET_OOM (error); -+ return FALSE; -+ } -+ - return TRUE; - } - else -@@ -2284,6 +2329,7 @@ bus_config_parser_end_element (BusConfigParser *parser, - case ELEMENT_POLICY: - case ELEMENT_ALLOW: - case ELEMENT_DENY: -+ case ELEMENT_CHECK: - case ELEMENT_FORK: - case ELEMENT_SYSLOG: - case ELEMENT_KEEP_UMASK: -@@ -2600,6 +2646,7 @@ bus_config_parser_content (BusConfigParser *parser, - case ELEMENT_POLICY: - case ELEMENT_ALLOW: - case ELEMENT_DENY: -+ case ELEMENT_CHECK: - case ELEMENT_FORK: - case ELEMENT_SYSLOG: - case ELEMENT_KEEP_UMASK: -@@ -3127,6 +3174,8 @@ do_load (const DBusString *full_path, - dbus_error_init (&error); - - parser = bus_config_load (full_path, TRUE, NULL, &error); -+ if (dbus_error_is_set (&error)) -+ _dbus_verbose ("Failed to load file: %s\n", error.message); - if (parser == NULL) - { - _DBUS_ASSERT_ERROR_IS_SET (&error); -diff --git a/bus/connection.c b/bus/connection.c -index 53605fa..b348d42 100644 ---- a/bus/connection.c -+++ b/bus/connection.c -@@ -36,6 +36,10 @@ - #include - #include - #include -+#ifdef DBUS_ENABLE_CYNARA -+#include -+#include -+#endif - - /* Trim executed commands to this length; we want to keep logs readable */ - #define MAX_LOG_COMMAND_LEN 50 -@@ -116,6 +120,9 @@ typedef struct - - /** non-NULL if and only if this is a monitor */ - DBusList *link_in_monitors; -+#ifdef DBUS_ENABLE_CYNARA -+ char *cynara_session_id; -+#endif - } BusConnectionData; - - static dbus_bool_t bus_pending_reply_expired (BusExpireList *list, -@@ -129,8 +136,8 @@ static dbus_bool_t expire_incomplete_timeout (void *data); - - #define BUS_CONNECTION_DATA(connection) (dbus_connection_get_data ((connection), connection_data_slot)) - --static DBusLoop* --connection_get_loop (DBusConnection *connection) -+DBusLoop* -+bus_connection_get_loop (DBusConnection *connection) - { - BusConnectionData *d; - -@@ -354,7 +361,7 @@ add_connection_watch (DBusWatch *watch, - { - DBusConnection *connection = data; - -- return _dbus_loop_add_watch (connection_get_loop (connection), watch); -+ return _dbus_loop_add_watch (bus_connection_get_loop (connection), watch); - } - - static void -@@ -363,7 +370,7 @@ remove_connection_watch (DBusWatch *watch, - { - DBusConnection *connection = data; - -- _dbus_loop_remove_watch (connection_get_loop (connection), watch); -+ _dbus_loop_remove_watch (bus_connection_get_loop (connection), watch); - } - - static void -@@ -372,7 +379,7 @@ toggle_connection_watch (DBusWatch *watch, - { - DBusConnection *connection = data; - -- _dbus_loop_toggle_watch (connection_get_loop (connection), watch); -+ _dbus_loop_toggle_watch (bus_connection_get_loop (connection), watch); - } - - static dbus_bool_t -@@ -381,7 +388,7 @@ add_connection_timeout (DBusTimeout *timeout, - { - DBusConnection *connection = data; - -- return _dbus_loop_add_timeout (connection_get_loop (connection), timeout); -+ return _dbus_loop_add_timeout (bus_connection_get_loop (connection), timeout); - } - - static void -@@ -390,7 +397,7 @@ remove_connection_timeout (DBusTimeout *timeout, - { - DBusConnection *connection = data; - -- _dbus_loop_remove_timeout (connection_get_loop (connection), timeout); -+ _dbus_loop_remove_timeout (bus_connection_get_loop (connection), timeout); - } - - static void -@@ -448,6 +455,10 @@ free_connection_data (void *data) - - dbus_free (d->name); - -+#ifdef DBUS_ENABLE_CYNARA -+ free (d->cynara_session_id); -+#endif -+ - dbus_free (d); - } - -@@ -1078,6 +1089,22 @@ bus_connection_get_policy (DBusConnection *connection) - return d->policy; - } - -+#ifdef DBUS_ENABLE_CYNARA -+const char *bus_connection_get_cynara_session_id (DBusConnection *connection) -+{ -+ BusConnectionData *d = BUS_CONNECTION_DATA (connection); -+ _dbus_assert (d != NULL); -+ -+ if (d->cynara_session_id == NULL) -+ { -+ unsigned long pid; -+ if (dbus_connection_get_unix_process_id(connection, &pid)) -+ d->cynara_session_id = cynara_session_from_pid(pid); -+ } -+ return d->cynara_session_id; -+} -+#endif -+ - static dbus_bool_t - foreach_active (BusConnections *connections, - BusConnectionForeachFunction function, -@@ -2333,6 +2360,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction, - DBusMessage *message) - { - DBusError error = DBUS_ERROR_INIT; -+ BusResult res; - - /* We have to set the sender to the driver, and have - * to check security policy since it was not done in -@@ -2370,10 +2398,11 @@ bus_transaction_send_from_driver (BusTransaction *transaction, - * if we're actively capturing messages, it's nice to log that we - * tried to send it and did not allow ourselves to do so. - */ -- if (!bus_context_check_security_policy (bus_transaction_get_context (transaction), -- transaction, -- NULL, connection, connection, -- message, NULL, &error)) -+ res = bus_context_check_security_policy (bus_transaction_get_context (transaction), -+ transaction, -+ NULL, connection, connection, message, NULL, -+ &error, NULL); -+ if (res == BUS_RESULT_FALSE) - { - if (!bus_transaction_capture_error_reply (transaction, connection, - &error, message)) -@@ -2388,6 +2417,12 @@ bus_transaction_send_from_driver (BusTransaction *transaction, - dbus_error_free (&error); - return TRUE; - } -+ else if (res == BUS_RESULT_LATER) -+ { -+ _dbus_verbose ("Cannot delay sending message from bus driver, dropping it\n"); -+ dbus_error_free (&error); -+ return TRUE; -+ } - - return bus_transaction_send (transaction, connection, message); - } -diff --git a/bus/connection.h b/bus/connection.h -index 9e253ae..71078ea 100644 ---- a/bus/connection.h -+++ b/bus/connection.h -@@ -31,6 +31,7 @@ - typedef dbus_bool_t (* BusConnectionForeachFunction) (DBusConnection *connection, - void *data); - -+DBusLoop* bus_connection_get_loop (DBusConnection *connection); - - BusConnections* bus_connections_new (BusContext *context); - BusConnections* bus_connections_ref (BusConnections *connections); -@@ -124,6 +125,9 @@ dbus_bool_t bus_connection_be_monitor (DBusConnection *connection, - BusTransaction *transaction, - DBusList **rules, - DBusError *error); -+#ifdef DBUS_ENABLE_CYNARA -+const char *bus_connection_get_cynara_session_id (DBusConnection *connection); -+#endif - - /* transaction API so we can send or not send a block of messages as a whole */ - -diff --git a/bus/cynara.c b/bus/cynara.c -new file mode 100644 -index 0000000..57a4c45 ---- /dev/null -+++ b/bus/cynara.c -@@ -0,0 +1,374 @@ -+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ -+/* cynara.c Cynara runtime privilege checking -+ * -+ * Copyright (c) 2014 Samsung Electronics, Ltd. -+ * -+ * Licensed under the Academic Free License version 2.1 -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -+ * -+ */ -+ -+#include -+#include "cynara.h" -+#include "check.h" -+#include "utils.h" -+ -+#include -+ -+#include -+#include -+#include -+#include -+#ifdef DBUS_ENABLE_CYNARA -+#include -+#endif -+ -+ -+#ifdef DBUS_ENABLE_CYNARA -+typedef struct BusCynara -+{ -+ int refcount; -+ -+ BusContext *context; -+ BusCheck *check; -+ cynara_async *cynara; -+ DBusWatch *cynara_watch; -+} BusCynara; -+ -+#define USE_CYNARA_CACHE 1 -+#ifdef USE_CYNARA_CACHE -+#define CYNARA_CACHE_SIZE 7000 -+#endif -+ -+static dbus_bool_t bus_cynara_watch_callback(DBusWatch *watch, -+ unsigned int flags, -+ void *data); -+ -+static void status_callback(int old_fd, -+ int new_fd, -+ cynara_async_status status, -+ void *user_status_data); -+static void bus_cynara_check_response_callback (cynara_check_id check_id, -+ cynara_async_call_cause cause, -+ int response, -+ void *user_response_data); -+#endif -+ -+ -+BusCynara * -+bus_cynara_new(BusCheck *check, DBusError *error) -+{ -+#ifdef DBUS_ENABLE_CYNARA -+ BusContext *context; -+ BusCynara *cynara; -+ cynara_async_configuration *conf = NULL; -+ int ret; -+ -+ cynara = dbus_new(BusCynara, 1); -+ if (cynara == NULL) -+ { -+ BUS_SET_OOM(error); -+ return NULL; -+ } -+ -+ context = bus_check_get_context(check); -+ -+ cynara->refcount = 1; -+ cynara->check = check; -+ cynara->context = context; -+ cynara->cynara_watch = NULL; -+ -+ ret = cynara_async_configuration_create(&conf); -+ if (ret != CYNARA_API_SUCCESS) -+ { -+ dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to create Cynara configuration"); -+ goto out; -+ } -+ -+#ifdef CYNARA_CACHE_SIZE -+ ret = cynara_async_configuration_set_cache_size(conf, CYNARA_CACHE_SIZE); -+ if (ret != CYNARA_API_SUCCESS) -+ { -+ dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to Cynara cache size"); -+ goto out; -+ } -+#endif -+ -+ ret = cynara_async_initialize(&cynara->cynara, conf, &status_callback, cynara); -+ if (ret != CYNARA_API_SUCCESS) -+ { -+ dbus_set_error (error, DBUS_ERROR_FAILED, "Failed to initialize Cynara client"); -+ goto out; -+ } -+ -+out: -+ cynara_async_configuration_destroy(conf); -+ if (ret != CYNARA_API_SUCCESS) -+ { -+ dbus_free(cynara); -+ return NULL; -+ } -+ -+ return cynara; -+#else -+ return NULL; -+#endif -+} -+ -+BusCynara * -+bus_cynara_ref (BusCynara *cynara) -+{ -+#ifdef DBUS_ENABLE_CYNARA -+ _dbus_assert (cynara->refcount > 0); -+ cynara->refcount += 1; -+ -+ return cynara; -+#else -+ return NULL; -+#endif -+} -+ -+void -+bus_cynara_unref (BusCynara *cynara) -+{ -+#ifdef DBUS_ENABLE_CYNARA -+ _dbus_assert (cynara->refcount > 0); -+ -+ cynara->refcount -= 1; -+ -+ if (cynara->refcount == 0) -+ { -+ cynara_async_finish(cynara->cynara); -+ dbus_free(cynara); -+ } -+#endif -+} -+ -+BusResult -+bus_cynara_check_privilege (BusCynara *cynara, -+ DBusMessage *message, -+ DBusConnection *sender, -+ DBusConnection *addressed_recipient, -+ DBusConnection *proposed_recipient, -+ const char *privilege, -+ BusDeferredMessageStatus check_type, -+ BusDeferredMessage **deferred_message_param) -+{ -+#ifdef DBUS_ENABLE_CYNARA -+ int result; -+ unsigned long uid; -+ char *label; -+ const char *session_id; -+ char user[32]; -+ cynara_check_id check_id; -+ DBusConnection *connection = check_type == BUS_DEFERRED_MESSAGE_CHECK_RECEIVE ? proposed_recipient : sender; -+ BusDeferredMessage *deferred_message; -+ BusResult ret; -+ -+ _dbus_assert(connection != NULL); -+ -+ if (dbus_connection_get_unix_user(connection, &uid) == FALSE) -+ return BUS_RESULT_FALSE; -+ -+ if (_dbus_connection_get_linux_security_label(connection, &label) == FALSE || label == NULL) -+ { -+ _dbus_warn("Failed to obtain security label for connection\n"); -+ return BUS_RESULT_FALSE; -+ } -+ -+ session_id = bus_connection_get_cynara_session_id (connection); -+ if (session_id == NULL) -+ { -+ ret = BUS_RESULT_FALSE; -+ goto out; -+ } -+ -+ snprintf(user, sizeof(user), "%lu", uid); -+ -+#if USE_CYNARA_CACHE -+ result = cynara_async_check_cache(cynara->cynara, label, session_id, user, privilege); -+#else -+ result = CYNARA_API_CACHE_MISS; -+#endif -+ -+ switch (result) -+ { -+ case CYNARA_API_ACCESS_ALLOWED: -+ _dbus_verbose("Cynara: got ALLOWED answer from cache (client=%s session_id=%s user=%s privilege=%s)\n", -+ label, session_id, user, privilege); -+ ret = BUS_RESULT_TRUE; -+ break; -+ -+ case CYNARA_API_ACCESS_DENIED: -+ _dbus_verbose("Cynara: got DENIED answer from cache (client=%s session_id=%s user=%s privilege=%s)\n", -+ label, session_id, user, privilege); -+ ret = BUS_RESULT_FALSE; -+ break; -+ -+ case CYNARA_API_CACHE_MISS: -+ deferred_message = bus_deferred_message_new(message, sender, addressed_recipient, -+ proposed_recipient, BUS_RESULT_LATER); -+ if (deferred_message == NULL) -+ { -+ _dbus_verbose("Failed to allocate memory for deferred message\n"); -+ ret = BUS_RESULT_FALSE; -+ goto out; -+ } -+ -+ /* callback is supposed to unref deferred_message*/ -+ result = cynara_async_create_request(cynara->cynara, label, session_id, user, privilege, &check_id, -+ &bus_cynara_check_response_callback, deferred_message); -+ if (result == CYNARA_API_SUCCESS) -+ { -+ _dbus_verbose("Created Cynara request: client=%s session_id=%s user=%s privilege=%s check_id=%u " -+ "deferred_message=%p\n", label, session_id, user, privilege, (unsigned int)check_id, deferred_message); -+ if (deferred_message_param != NULL) -+ *deferred_message_param = deferred_message; -+ ret = BUS_RESULT_LATER; -+ } -+ else -+ { -+ _dbus_verbose("Error on cynara request create: %i\n", result); -+ bus_deferred_message_unref(deferred_message); -+ ret = BUS_RESULT_FALSE; -+ } -+ break; -+ default: -+ _dbus_verbose("Error when accessing Cynara cache: %i\n", result); -+ ret = BUS_RESULT_FALSE; -+ } -+out: -+ dbus_free(label); -+ return ret; -+ -+#else -+ return BUS_RESULT_FALSE; -+#endif -+} -+ -+ -+ -+#ifdef DBUS_ENABLE_CYNARA -+static void -+status_callback(int old_fd, int new_fd, cynara_async_status status, -+ void *user_status_data) -+{ -+ BusCynara *cynara = (BusCynara *)user_status_data; -+ DBusLoop *loop = bus_context_get_loop(cynara->context); -+ -+ if (cynara->cynara_watch != NULL) -+ { -+ _dbus_loop_remove_watch(loop, cynara->cynara_watch); -+ _dbus_watch_invalidate(cynara->cynara_watch); -+ _dbus_watch_unref(cynara->cynara_watch); -+ cynara->cynara_watch = NULL; -+ } -+ -+ if (new_fd != -1) -+ { -+ unsigned int flags; -+ DBusWatch *watch; -+ -+ switch (status) -+ { -+ case CYNARA_STATUS_FOR_READ: -+ flags = DBUS_WATCH_READABLE; -+ break; -+ case CYNARA_STATUS_FOR_RW: -+ flags = DBUS_WATCH_READABLE | DBUS_WATCH_WRITABLE; -+ break; -+ default: -+ /* Cynara passed unknown status - warn and add RW watch */ -+ _dbus_verbose("Cynara passed unknown status value: 0x%08X\n", (unsigned int)status); -+ flags = DBUS_WATCH_READABLE | DBUS_WATCH_WRITABLE; -+ break; -+ } -+ -+ watch = _dbus_watch_new(new_fd, flags, TRUE, &bus_cynara_watch_callback, cynara, NULL); -+ if (watch != NULL) -+ { -+ if (_dbus_loop_add_watch(loop, watch) == TRUE) -+ { -+ cynara->cynara_watch = watch; -+ return; -+ } -+ -+ _dbus_watch_invalidate(watch); -+ _dbus_watch_unref(watch); -+ } -+ -+ /* It seems like not much can be done at this point. Cynara events won't be processed -+ * until next Cynara function call triggering status callback */ -+ _dbus_verbose("Failed to add dbus watch\n"); -+ } -+} -+ -+static dbus_bool_t -+bus_cynara_watch_callback(DBusWatch *watch, -+ unsigned int flags, -+ void *data) -+{ -+ BusCynara *cynara = (BusCynara *)data; -+ int result = cynara_async_process(cynara->cynara); -+ if (result != CYNARA_API_SUCCESS) -+ _dbus_verbose("cynara_async_process returned %d\n", result); -+ -+ return result != CYNARA_API_OUT_OF_MEMORY ? TRUE : FALSE; -+} -+ -+static inline const char * -+call_cause_to_string(cynara_async_call_cause cause) -+{ -+ switch (cause) -+ { -+ case CYNARA_CALL_CAUSE_ANSWER: -+ return "ANSWER"; -+ case CYNARA_CALL_CAUSE_CANCEL: -+ return "CANCEL"; -+ case CYNARA_CALL_CAUSE_FINISH: -+ return "FINSIH"; -+ case CYNARA_CALL_CAUSE_SERVICE_NOT_AVAILABLE: -+ return "SERVICE NOT AVAILABLE"; -+ default: -+ return "INVALID"; -+ } -+} -+ -+static void -+bus_cynara_check_response_callback (cynara_check_id check_id, -+ cynara_async_call_cause cause, -+ int response, -+ void *user_response_data) -+{ -+ BusDeferredMessage *deferred_message = user_response_data; -+ BusResult result; -+ -+ _dbus_verbose("Cynara callback: check_id=%u, cause=%s response=%i response_data=%p\n", -+ (unsigned int)check_id, call_cause_to_string(cause), response, user_response_data); -+ -+ if (deferred_message == NULL) -+ return; -+ -+ if (cause == CYNARA_CALL_CAUSE_ANSWER && response == CYNARA_API_ACCESS_ALLOWED) -+ result = BUS_RESULT_TRUE; -+ else -+ result = BUS_RESULT_FALSE; -+ -+ bus_deferred_message_response_received(deferred_message, result); -+ bus_deferred_message_unref(deferred_message); -+} -+ -+#endif /* DBUS_ENABLE_CYNARA */ -diff --git a/bus/cynara.h b/bus/cynara.h -new file mode 100644 -index 0000000..c4728bb ---- /dev/null -+++ b/bus/cynara.h -@@ -0,0 +1,37 @@ -+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ -+/* cynara.h Cynara runtime privilege checking -+ * -+ * Copyright (c) 2014 Samsung Electronics, Ltd. -+ * -+ * Licensed under the Academic Free License version 2.1 -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -+ * -+ */ -+ -+#include "bus.h" -+#include "check.h" -+ -+BusCynara *bus_cynara_new (BusCheck *check, DBusError *error); -+BusCynara *bus_cynara_ref (BusCynara *cynara); -+void bus_cynara_unref (BusCynara *cynara); -+BusResult bus_cynara_check_privilege (BusCynara *cynara, -+ DBusMessage *message, -+ DBusConnection *sender, -+ DBusConnection *addressed_recipient, -+ DBusConnection *proposed_recipient, -+ const char *privilege, -+ BusDeferredMessageStatus check_type, -+ BusDeferredMessage **deferred_message); -diff --git a/bus/dispatch.c b/bus/dispatch.c -index 19228be..d3867f7 100644 ---- a/bus/dispatch.c -+++ b/bus/dispatch.c -@@ -25,6 +25,7 @@ - - #include - #include "dispatch.h" -+#include "check.h" - #include "connection.h" - #include "driver.h" - #include "services.h" -@@ -64,14 +65,18 @@ send_one_message (DBusConnection *connection, - DBusError *error) - { - DBusError stack_error = DBUS_ERROR_INIT; -+ BusDeferredMessage *deferred_message; -+ BusResult result; - -- if (!bus_context_check_security_policy (context, transaction, -+ result = bus_context_check_security_policy (context, transaction, - sender, - addressed_recipient, - connection, - message, - NULL, -- &stack_error)) -+ &stack_error, -+ &deferred_message); -+ if (result != BUS_RESULT_TRUE) - { - if (!bus_transaction_capture_error_reply (transaction, sender, - &stack_error, message)) -@@ -130,6 +135,8 @@ bus_dispatch_matches (BusTransaction *transaction, - BusMatchmaker *matchmaker; - DBusList *link; - BusContext *context; -+ BusDeferredMessage *deferred_message; -+ BusResult res; - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); - -@@ -145,11 +152,20 @@ bus_dispatch_matches (BusTransaction *transaction, - /* First, send the message to the addressed_recipient, if there is one. */ - if (addressed_recipient != NULL) - { -- if (!bus_context_check_security_policy (context, transaction, -- sender, addressed_recipient, -- addressed_recipient, -- message, NULL, error)) -+ res = bus_context_check_security_policy (context, transaction, -+ sender, addressed_recipient, -+ addressed_recipient, -+ message, NULL, error, -+ &deferred_message); -+ if (res == BUS_RESULT_FALSE) - return FALSE; -+ else if (res == BUS_RESULT_LATER) -+ { -+ dbus_set_error (error, -+ DBUS_ERROR_ACCESS_DENIED, -+ "Rejecting message because time is needed to check security policy"); -+ return FALSE; -+ } - - if (dbus_message_contains_unix_fds (message) && - !dbus_connection_can_send_type (addressed_recipient, -@@ -374,19 +390,31 @@ bus_dispatch (DBusConnection *connection, - if (service_name && - strcmp (service_name, DBUS_SERVICE_DBUS) == 0) /* to bus driver */ - { -+ BusDeferredMessage *deferred_message; -+ BusResult res; -+ - if (!bus_transaction_capture (transaction, connection, NULL, message)) - { - BUS_SET_OOM (&error); - goto out; - } - -- if (!bus_context_check_security_policy (context, transaction, -- connection, NULL, NULL, message, -- NULL, &error)) -+ res = bus_context_check_security_policy (context, transaction, -+ connection, NULL, NULL, message, NULL, -+ &error, &deferred_message); -+ if (res == BUS_RESULT_FALSE) - { - _dbus_verbose ("Security policy rejected message\n"); - goto out; - } -+ else if (res == BUS_RESULT_LATER) -+ { -+ dbus_set_error (&error, -+ DBUS_ERROR_ACCESS_DENIED, -+ "Rejecting message because time is needed to check security policy"); -+ _dbus_verbose ("Security policy needs time to check policy. Dropping message\n"); -+ goto out; -+ } - - _dbus_verbose ("Giving message to %s\n", DBUS_SERVICE_DBUS); - if (!bus_driver_handle_message (connection, transaction, message, &error)) -diff --git a/bus/policy.c b/bus/policy.c -index a37be80..7ee1ce5 100644 ---- a/bus/policy.c -+++ b/bus/policy.c -@@ -22,6 +22,7 @@ - */ - - #include -+#include "check.h" - #include "policy.h" - #include "services.h" - #include "test.h" -@@ -33,7 +34,7 @@ - - BusPolicyRule* - bus_policy_rule_new (BusPolicyRuleType type, -- dbus_bool_t allow) -+ BusPolicyRuleAccess access) - { - BusPolicyRule *rule; - -@@ -43,7 +44,7 @@ bus_policy_rule_new (BusPolicyRuleType type, - - rule->type = type; - rule->refcount = 1; -- rule->allow = allow; -+ rule->access = access; - - switch (rule->type) - { -@@ -55,18 +56,19 @@ bus_policy_rule_new (BusPolicyRuleType type, - break; - case BUS_POLICY_RULE_SEND: - rule->d.send.message_type = DBUS_MESSAGE_TYPE_INVALID; -- - /* allow rules default to TRUE (only requested replies allowed) -+ * check rules default to TRUE (only requested replies are checked) - * deny rules default to FALSE (only unrequested replies denied) - */ -- rule->d.send.requested_reply = rule->allow; -+ rule->d.send.requested_reply = rule->access != BUS_POLICY_RULE_ACCESS_DENY; - break; - case BUS_POLICY_RULE_RECEIVE: - rule->d.receive.message_type = DBUS_MESSAGE_TYPE_INVALID; - /* allow rules default to TRUE (only requested replies allowed) -+ * check rules default to TRUE (only requested replies are checked) - * deny rules default to FALSE (only unrequested replies denied) - */ -- rule->d.receive.requested_reply = rule->allow; -+ rule->d.receive.requested_reply = rule->access != BUS_POLICY_RULE_ACCESS_DENY; - break; - case BUS_POLICY_RULE_OWN: - break; -@@ -122,7 +124,8 @@ bus_policy_rule_unref (BusPolicyRule *rule) - default: - _dbus_assert_not_reached ("invalid rule"); - } -- -+ -+ dbus_free (rule->privilege); - dbus_free (rule); - } - } -@@ -435,7 +438,10 @@ list_allows_user (dbus_bool_t def, - else - continue; - -- allowed = rule->allow; -+ /* We don't intend to support and -+ rules. They are treated like deny. -+ */ -+ allowed = rule->access == BUS_POLICY_RULE_ACCESS_ALLOW; - } - - return allowed; -@@ -873,18 +879,23 @@ bus_client_policy_append_rule (BusClientPolicy *policy, - return TRUE; - } - --dbus_bool_t --bus_client_policy_check_can_send (BusClientPolicy *policy, -- BusRegistry *registry, -- dbus_bool_t requested_reply, -- DBusConnection *receiver, -- DBusMessage *message, -- dbus_int32_t *toggles, -- dbus_bool_t *log) -+BusResult -+bus_client_policy_check_can_send (DBusConnection *sender, -+ BusClientPolicy *policy, -+ BusRegistry *registry, -+ dbus_bool_t requested_reply, -+ DBusConnection *addressed_recipient, -+ DBusConnection *receiver, -+ DBusMessage *message, -+ dbus_int32_t *toggles, -+ dbus_bool_t *log, -+ const char **privilege_param, -+ BusDeferredMessage **deferred_message) - { - DBusList *link; -- dbus_bool_t allowed; -- -+ BusResult result; -+ const char *privilege; -+ - /* policy->rules is in the order the rules appeared - * in the config file, i.e. last rule that applies wins - */ -@@ -892,7 +903,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, - _dbus_verbose (" (policy) checking send rules\n"); - *toggles = 0; - -- allowed = FALSE; -+ result = BUS_RESULT_FALSE; - link = _dbus_list_get_first_link (&policy->rules); - while (link != NULL) - { -@@ -923,13 +934,14 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, - /* If it's a reply, the requested_reply flag kicks in */ - if (dbus_message_get_reply_serial (message) != 0) - { -- /* for allow, requested_reply=true means the rule applies -- * only when reply was requested. requested_reply=false means -- * always allow. -+ /* for allow or check requested_reply=true means the rule applies -+ * only when reply was requested. requested_reply=false means the -+ * rule always applies - */ -- if (!requested_reply && rule->allow && rule->d.send.requested_reply && !rule->d.send.eavesdrop) -+ if (!requested_reply && rule->access != BUS_POLICY_RULE_ACCESS_DENY && rule->d.send.requested_reply && !rule->d.send.eavesdrop) - { -- _dbus_verbose (" (policy) skipping allow rule since it only applies to requested replies and does not allow eavesdropping\n"); -+ _dbus_verbose (" (policy) skipping %s rule since it only applies to requested replies and does not allow eavesdropping\n", -+ rule->access == BUS_POLICY_RULE_ACCESS_ALLOW ? "allow" : "check"); - continue; - } - -@@ -937,7 +949,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, - * when the reply was not requested. requested_reply=true means the - * rule always applies. - */ -- if (requested_reply && !rule->allow && !rule->d.send.requested_reply) -+ if (requested_reply && rule->access == BUS_POLICY_RULE_ACCESS_DENY && !rule->d.send.requested_reply) - { - _dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n"); - continue; -@@ -960,13 +972,15 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, - /* The interface is optional in messages. For allow rules, if the message - * has no interface we want to skip the rule (and thus not allow); - * for deny rules, if the message has no interface we want to use the -- * rule (and thus deny). -+ * rule (and thus deny). Check rules are meant to be used like allow -+ * rules (they can grant access, but not remove it), so we treat it like -+ * allow here. - */ - dbus_bool_t no_interface; - - no_interface = dbus_message_get_interface (message) == NULL; - -- if ((no_interface && rule->allow) || -+ if ((no_interface && rule->access != BUS_POLICY_RULE_ACCESS_DENY) || - (!no_interface && - strcmp (dbus_message_get_interface (message), - rule->d.send.interface) != 0)) -@@ -1079,33 +1093,63 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, - } - - /* Use this rule */ -- allowed = rule->allow; -+ switch (rule->access) -+ { -+ case BUS_POLICY_RULE_ACCESS_ALLOW: -+ result = BUS_RESULT_TRUE; -+ break; -+ case BUS_POLICY_RULE_ACCESS_DENY: -+ result = BUS_RESULT_FALSE; -+ break; -+ case BUS_POLICY_RULE_ACCESS_CHECK: -+ result = BUS_RESULT_LATER; -+ privilege = rule->privilege; -+ break; -+ } -+ - *log = rule->d.send.log; - (*toggles)++; - -- _dbus_verbose (" (policy) used rule, allow now = %d\n", -- allowed); -+ _dbus_verbose (" (policy) used rule, result now = %d\n", -+ (int)(intptr_t)result); - } - -- return allowed; -+ if (result == BUS_RESULT_LATER) -+ { -+ BusContext *context = bus_connection_get_context(sender); -+ BusCheck *check = bus_context_get_check(context); -+ -+ result = bus_check_privilege(check, message, sender, addressed_recipient, receiver, -+ privilege, BUS_DEFERRED_MESSAGE_CHECK_SEND, deferred_message); -+ } -+ else -+ privilege = NULL; -+ -+ if (privilege_param != NULL) -+ *privilege_param = privilege; -+ -+ return result; - } - - /* See docs on what the args mean on bus_context_check_security_policy() - * comment - */ --dbus_bool_t --bus_client_policy_check_can_receive (BusClientPolicy *policy, -- BusRegistry *registry, -- dbus_bool_t requested_reply, -- DBusConnection *sender, -- DBusConnection *addressed_recipient, -- DBusConnection *proposed_recipient, -- DBusMessage *message, -- dbus_int32_t *toggles) -+BusResult -+bus_client_policy_check_can_receive (BusClientPolicy *policy, -+ BusRegistry *registry, -+ dbus_bool_t requested_reply, -+ DBusConnection *sender, -+ DBusConnection *addressed_recipient, -+ DBusConnection *proposed_recipient, -+ DBusMessage *message, -+ dbus_int32_t *toggles, -+ const char **privilege_param, -+ BusDeferredMessage **deferred_message) - { - DBusList *link; -- dbus_bool_t allowed; - dbus_bool_t eavesdropping; -+ BusResult result; -+ const char *privilege; - - eavesdropping = - addressed_recipient != proposed_recipient && -@@ -1118,7 +1162,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, - _dbus_verbose (" (policy) checking receive rules, eavesdropping = %d\n", eavesdropping); - *toggles = 0; - -- allowed = FALSE; -+ result = BUS_RESULT_FALSE; - link = _dbus_list_get_first_link (&policy->rules); - while (link != NULL) - { -@@ -1141,19 +1185,21 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, - } - } - -- /* for allow, eavesdrop=false means the rule doesn't apply when -- * eavesdropping. eavesdrop=true means always allow. -+ -+ /* for allow or check, eavesdrop=false means the rule doesn't apply when -+ * eavesdropping. eavesdrop=true means the rule always applies - */ -- if (eavesdropping && rule->allow && !rule->d.receive.eavesdrop) -+ if (eavesdropping && rule->access != BUS_POLICY_RULE_ACCESS_DENY && !rule->d.receive.eavesdrop) - { -- _dbus_verbose (" (policy) skipping allow rule since it doesn't apply to eavesdropping\n"); -+ _dbus_verbose (" (policy) skipping %s rule since it doesn't apply to eavesdropping\n", -+ rule->access == BUS_POLICY_RULE_ACCESS_ALLOW ? "allow" : "check"); - continue; - } - - /* for deny, eavesdrop=true means the rule applies only when - * eavesdropping; eavesdrop=false means always deny. - */ -- if (!eavesdropping && !rule->allow && rule->d.receive.eavesdrop) -+ if (!eavesdropping && rule->access == BUS_POLICY_RULE_ACCESS_DENY && rule->d.receive.eavesdrop) - { - _dbus_verbose (" (policy) skipping deny rule since it only applies to eavesdropping\n"); - continue; -@@ -1162,13 +1208,14 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, - /* If it's a reply, the requested_reply flag kicks in */ - if (dbus_message_get_reply_serial (message) != 0) - { -- /* for allow, requested_reply=true means the rule applies -- * only when reply was requested. requested_reply=false means -- * always allow. -+ /* for allow or check requested_reply=true means the rule applies -+ * only when reply was requested. requested_reply=false means the -+ * rule always applies - */ -- if (!requested_reply && rule->allow && rule->d.receive.requested_reply && !rule->d.receive.eavesdrop) -+ if (!requested_reply && rule->access != BUS_POLICY_RULE_ACCESS_DENY && rule->d.send.requested_reply && !rule->d.send.eavesdrop) - { -- _dbus_verbose (" (policy) skipping allow rule since it only applies to requested replies and does not allow eavesdropping\n"); -+ _dbus_verbose (" (policy) skipping %s rule since it only applies to requested replies and does not allow eavesdropping\n", -+ rule->access == BUS_POLICY_RULE_ACCESS_DENY ? "allow" : "deny"); - continue; - } - -@@ -1176,7 +1223,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, - * when the reply was not requested. requested_reply=true means the - * rule always applies. - */ -- if (requested_reply && !rule->allow && !rule->d.receive.requested_reply) -+ if (requested_reply && rule->access == BUS_POLICY_RULE_ACCESS_DENY && !rule->d.receive.requested_reply) - { - _dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n"); - continue; -@@ -1199,13 +1246,13 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, - /* The interface is optional in messages. For allow rules, if the message - * has no interface we want to skip the rule (and thus not allow); - * for deny rules, if the message has no interface we want to use the -- * rule (and thus deny). -+ * rule (and thus deny). Check rules are treated like allow rules. - */ - dbus_bool_t no_interface; - - no_interface = dbus_message_get_interface (message) == NULL; - -- if ((no_interface && rule->allow) || -+ if ((no_interface && rule->access != BUS_POLICY_RULE_ACCESS_DENY) || - (!no_interface && - strcmp (dbus_message_get_interface (message), - rule->d.receive.interface) != 0)) -@@ -1295,14 +1342,42 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, - } - - /* Use this rule */ -- allowed = rule->allow; -+ switch (rule->access) -+ { -+ case BUS_POLICY_RULE_ACCESS_ALLOW: -+ result = BUS_RESULT_TRUE; -+ break; -+ case BUS_POLICY_RULE_ACCESS_DENY: -+ result = BUS_RESULT_FALSE; -+ break; -+ case BUS_POLICY_RULE_ACCESS_CHECK: -+ result = BUS_RESULT_LATER; -+ privilege = rule->privilege; -+ break; -+ } -+ - (*toggles)++; - -- _dbus_verbose (" (policy) used rule, allow now = %d\n", -- allowed); -+ _dbus_verbose (" (policy) used rule, result now = %d\n", -+ (int)(intptr_t)result); - } - -- return allowed; -+ -+ if (result == BUS_RESULT_LATER) -+ { -+ BusContext *context = bus_connection_get_context(proposed_recipient); -+ BusCheck *check = bus_context_get_check(context); -+ -+ result = bus_check_privilege(check, message, sender, addressed_recipient, proposed_recipient, -+ privilege, BUS_DEFERRED_MESSAGE_CHECK_RECEIVE, deferred_message); -+ } -+ else -+ privilege = NULL; -+ -+ if (privilege_param != NULL) -+ *privilege_param = privilege; -+ -+ return result; - } - - -@@ -1354,7 +1429,7 @@ bus_rules_check_can_own (DBusList *rules, - } - - /* Use this rule */ -- allowed = rule->allow; -+ allowed = rule->access == BUS_POLICY_RULE_ACCESS_ALLOW; - } - - return allowed; -diff --git a/bus/policy.h b/bus/policy.h -index ec43ffa..f839d23 100644 ---- a/bus/policy.h -+++ b/bus/policy.h -@@ -46,6 +46,14 @@ typedef enum - BUS_POLICY_TRISTATE_TRUE - } BusPolicyTristate; - -+typedef enum -+{ -+ BUS_POLICY_RULE_ACCESS_DENY, -+ BUS_POLICY_RULE_ACCESS_ALLOW, -+ /** runtime check resulting in allow or deny */ -+ BUS_POLICY_RULE_ACCESS_CHECK -+} BusPolicyRuleAccess; -+ - /** determines whether the rule affects a connection, or some global item */ - #define BUS_POLICY_RULE_IS_PER_CLIENT(rule) (!((rule)->type == BUS_POLICY_RULE_USER || \ - (rule)->type == BUS_POLICY_RULE_GROUP)) -@@ -56,8 +64,9 @@ struct BusPolicyRule - - BusPolicyRuleType type; - -- unsigned int allow : 1; /**< #TRUE if this allows, #FALSE if it denies */ -- -+ unsigned int access : 2; /**< BusPolicyRuleAccess */ -+ char *privilege; /**< for BUS_POLICY_RULE_ACCESS_CHECK */ -+ - union - { - struct -@@ -118,7 +127,7 @@ struct BusPolicyRule - }; - - BusPolicyRule* bus_policy_rule_new (BusPolicyRuleType type, -- dbus_bool_t allow); -+ BusPolicyRuleAccess access); - BusPolicyRule* bus_policy_rule_ref (BusPolicyRule *rule); - void bus_policy_rule_unref (BusPolicyRule *rule); - -@@ -152,21 +161,27 @@ dbus_bool_t bus_policy_merge (BusPolicy *policy, - BusClientPolicy* bus_client_policy_new (void); - BusClientPolicy* bus_client_policy_ref (BusClientPolicy *policy); - void bus_client_policy_unref (BusClientPolicy *policy); --dbus_bool_t bus_client_policy_check_can_send (BusClientPolicy *policy, -+BusResult bus_client_policy_check_can_send (DBusConnection *sender, -+ BusClientPolicy *policy, - BusRegistry *registry, - dbus_bool_t requested_reply, -+ DBusConnection *addressed_recipient, - DBusConnection *receiver, - DBusMessage *message, - dbus_int32_t *toggles, -- dbus_bool_t *log); --dbus_bool_t bus_client_policy_check_can_receive (BusClientPolicy *policy, -+ dbus_bool_t *log, -+ const char **privilege_param, -+ BusDeferredMessage **deferred_message); -+BusResult bus_client_policy_check_can_receive (BusClientPolicy *policy, - BusRegistry *registry, - dbus_bool_t requested_reply, - DBusConnection *sender, - DBusConnection *addressed_recipient, - DBusConnection *proposed_recipient, - DBusMessage *message, -- dbus_int32_t *toggles); -+ dbus_int32_t *toggles, -+ const char **privilege_param, -+ BusDeferredMessage **deferred_message); - dbus_bool_t bus_client_policy_check_can_own (BusClientPolicy *policy, - const DBusString *service_name); - dbus_bool_t bus_client_policy_append_rule (BusClientPolicy *policy, -diff --git a/configure.ac b/configure.ac -index 81028ba..f21d1b2 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1770,6 +1770,17 @@ AC_ARG_ENABLE([user-session], - AM_CONDITIONAL([DBUS_ENABLE_USER_SESSION], - [test "x$enable_user_session" = xyes]) - -+#enable cynara integration -+AC_ARG_ENABLE([cynara], [AS_HELP_STRING([--enable-cynara], [enable Cynara integration])], [], [enable_cynara=no]) -+if test "x$enable_cynara" = xyes; then -+ PKG_CHECK_MODULES([CYNARA], [cynara-client-async >= 0.6.0 cynara-session >= 0.6.0], -+ [AC_DEFINE([DBUS_ENABLE_CYNARA], [1], [Define to enable Cynara privilege checks in dbus-daemon])], -+ [AC_MSG_ERROR([libcynara-client-async and cynara-session are required to enable Cynara integration])]) -+fi -+ -+AC_SUBST([CYNARA_CFLAGS]) -+AC_SUBST([CYNARA_LIBS]) -+ - AC_CONFIG_FILES([ - Doxyfile - dbus/Version -@@ -1852,6 +1863,7 @@ echo " - Building bus stats API: ${enable_stats} - Building SELinux support: ${have_selinux} - Building AppArmor support: ${have_apparmor} -+ Building Cynara support: ${enable_cynara} - Building inotify support: ${have_inotify} - Building kqueue support: ${have_kqueue} - Building systemd support: ${have_systemd} -diff --git a/test/Makefile.am b/test/Makefile.am -index 6a6e1a3..ce84dbc 100644 ---- a/test/Makefile.am -+++ b/test/Makefile.am -@@ -439,6 +439,7 @@ in_data = \ - data/valid-config-files/debug-allow-all.conf.in \ - data/valid-config-files/finite-timeout.conf.in \ - data/valid-config-files/forbidding.conf.in \ -+ data/valid-config-files/debug-check-some.conf.in \ - data/valid-config-files/incoming-limit.conf.in \ - data/valid-config-files/max-completed-connections.conf.in \ - data/valid-config-files/max-connections-per-user.conf.in \ -diff --git a/test/data/invalid-config-files/badcheck-1.conf b/test/data/invalid-config-files/badcheck-1.conf -new file mode 100644 -index 0000000..fad9f50 ---- /dev/null -+++ b/test/data/invalid-config-files/badcheck-1.conf -@@ -0,0 +1,9 @@ -+ -+ -+ mybususer -+ unix:path=/foo/bar -+ -+ -+ -+ -diff --git a/test/data/invalid-config-files/badcheck-2.conf b/test/data/invalid-config-files/badcheck-2.conf -new file mode 100644 -index 0000000..63c7ef2 ---- /dev/null -+++ b/test/data/invalid-config-files/badcheck-2.conf -@@ -0,0 +1,9 @@ -+ -+ -+ mybususer -+ unix:path=/foo/bar -+ -+ -+ -+ -diff --git a/test/data/valid-config-files/check-1.conf b/test/data/valid-config-files/check-1.conf -new file mode 100644 -index 0000000..ad71473 ---- /dev/null -+++ b/test/data/valid-config-files/check-1.conf -@@ -0,0 +1,9 @@ -+ -+ -+ mybususer -+ unix:path=/foo/bar -+ -+ -+ -+ -diff --git a/test/data/valid-config-files/debug-check-some.conf.in b/test/data/valid-config-files/debug-check-some.conf.in -new file mode 100644 -index 0000000..47ee854 ---- /dev/null -+++ b/test/data/valid-config-files/debug-check-some.conf.in -@@ -0,0 +1,18 @@ -+ -+ -+ -+ -+ debug-pipe:name=test-server -+ @TEST_LISTEN@ -+ @DBUS_TEST_DATA@/valid-service-files -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ --- -2.17.2 - diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0002-Disable-message-dispatching-when-send-rule-result-is.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0002-Disable-message-dispatching-when-send-rule-result-is.patch deleted file mode 100644 index ebbd531ff..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0002-Disable-message-dispatching-when-send-rule-result-is.patch +++ /dev/null @@ -1,949 +0,0 @@ -From aae977a0c4bb1c25640c7056166fbc4e76ef1db6 Mon Sep 17 00:00:00 2001 -From: Jacek Bukarewicz -Date: Fri, 28 Nov 2014 12:07:39 +0100 -Subject: Disable message dispatching when send rule result is not known -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -When unicast message is sent to addressed recipient and policy result -is not available message dispatch from the sender is disabled. -This also means that any further messages from the given connection are -put into the incoming queue without being processed. If response is received -message dispatching is resumed. This time answer is attached to the message -which is now processed synchronously. -Receive rule result unavailability is not yet handled - such messages are -rejected. Also, if message is sent to non-addressed recipient and policy result -is unknown, message is silently dropped. - -Cherry-picked from b1b87ad9f20b2052c28431b48e81073078a745ce -by Jose Bollo. - -Updated for dbus 1.10.20 by Scott Murray and José Bollo - -Signed-off-by: José Bollo -Signed-off-by: Scott Murray - -diff --git a/bus/activation.c b/bus/activation.c -index f8a02eb..005047f 100644 ---- a/bus/activation.c -+++ b/bus/activation.c -@@ -32,6 +32,7 @@ - #include "services.h" - #include "test.h" - #include "utils.h" -+#include - #include - #include - #include -@@ -94,6 +95,8 @@ struct BusPendingActivationEntry - DBusConnection *connection; - - dbus_bool_t auto_activation; -+ -+ dbus_bool_t is_put_back; - }; - - typedef struct -@@ -1241,20 +1244,23 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation - BusPendingActivationEntry *entry = link->data; - DBusList *next = _dbus_list_get_next_link (&pending_activation->entries, link); - -- if (entry->auto_activation && (entry->connection == NULL || dbus_connection_get_is_connected (entry->connection))) -+ if (entry->auto_activation && !entry->is_put_back && -+ (entry->connection == NULL || dbus_connection_get_is_connected (entry->connection))) - { - DBusConnection *addressed_recipient; - DBusError error; -+ BusResult res; - - dbus_error_init (&error); - - addressed_recipient = bus_service_get_primary_owners_connection (service); - - /* Resume dispatching where we left off in bus_dispatch() */ -- if (!bus_dispatch_matches (transaction, -- entry->connection, -- addressed_recipient, -- entry->activation_message, &error)) -+ res = bus_dispatch_matches (transaction, -+ entry->connection, -+ addressed_recipient, -+ entry->activation_message, &error); -+ if (res == BUS_RESULT_FALSE) - { - /* If permission is denied, we just want to return the error - * to the original method invoker; in particular, we don't -@@ -1266,9 +1272,40 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation - bus_connection_send_oom_error (entry->connection, - entry->activation_message); - } -+ } -+ else if (res == BUS_RESULT_LATER) -+ { -+ DBusList *putback_message_link = link; -+ DBusMessage *last_inserted_message = NULL; -+ -+ /* NULL entry->connection implies sending pending ActivationRequest message to systemd */ -+ if (entry->connection == NULL) -+ { -+ _dbus_assert_not_reached ("bus_dispatch_matches returned BUS_RESULT_LATER unexpectedly when sender is NULL"); -+ link = next; -+ continue; -+ } - -- link = next; -- continue; -+ /** -+ * Getting here means that policy check result is not yet available and dispatching -+ * messages from entry->connection has been disabled. -+ * Let's put back all messages for the given connection in the incoming queue and mark -+ * this entry as put back so they are not handled twice. -+ */ -+ while (putback_message_link != NULL) -+ { -+ BusPendingActivationEntry *putback_message = putback_message_link->data; -+ if (putback_message->connection == entry->connection) -+ { -+ if (!_dbus_connection_putback_message (putback_message->connection, last_inserted_message, -+ putback_message->activation_message, &error)) -+ goto error; -+ last_inserted_message = putback_message->activation_message; -+ putback_message->is_put_back = TRUE; -+ } -+ -+ putback_message_link = _dbus_list_get_next_link(&pending_activation->entries, putback_message_link); -+ } - } - } - -@@ -1286,6 +1323,19 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation - return TRUE; - - error: -+ /* remove all messages that have been put to connections' incoming queues */ -+ link = _dbus_list_get_first_link (&pending_activation->entries); -+ while (link != NULL) -+ { -+ BusPendingActivationEntry *entry = link->data; -+ if (entry->is_put_back) -+ { -+ _dbus_connection_remove_message(entry->connection, entry->activation_message); -+ entry->is_put_back = FALSE; -+ } -+ link = _dbus_list_get_next_link(&pending_activation->entries, link); -+ } -+ - return FALSE; - } - -@@ -2078,6 +2128,7 @@ bus_activation_activate_service (BusActivation *activation, - - if (service != NULL) - { -+ BusResult res; - bus_context_log (activation->context, - DBUS_SYSTEM_LOG_INFO, "Activating via systemd: service name='%s' unit='%s' requested by '%s' (%s)", - service_name, -@@ -2085,8 +2136,17 @@ bus_activation_activate_service (BusActivation *activation, - bus_connection_get_name (connection), - bus_connection_get_loginfo (connection)); - /* Wonderful, systemd is connected, let's just send the msg */ -- retval = bus_dispatch_matches (activation_transaction, NULL, -+ res = bus_dispatch_matches (activation_transaction, NULL, - systemd, message, error); -+ -+ if (res == BUS_RESULT_TRUE) -+ retval = TRUE; -+ else -+ { -+ retval = FALSE; -+ if (res == BUS_RESULT_LATER) -+ _dbus_verbose("Unexpectedly need time to check message from bus driver to systemd - dropping the message.\n"); -+ } - } - else - { -diff --git a/bus/check.c b/bus/check.c -index 5b72d31..4b8a699 100644 ---- a/bus/check.c -+++ b/bus/check.c -@@ -55,6 +55,8 @@ typedef struct BusDeferredMessage - BusCheckResponseFunc response_callback; - } BusDeferredMessage; - -+static dbus_int32_t deferred_message_data_slot = -1; -+ - BusCheck * - bus_check_new (BusContext *context, DBusError *error) - { -@@ -67,11 +69,19 @@ bus_check_new (BusContext *context, DBusError *error) - return NULL; - } - -+ if (!dbus_message_allocate_data_slot(&deferred_message_data_slot)) -+ { -+ dbus_free(check); -+ BUS_SET_OOM(error); -+ return NULL; -+ } -+ - check->refcount = 1; - check->context = context; - check->cynara = bus_cynara_new(check, error); - if (dbus_error_is_set(error)) - { -+ dbus_message_free_data_slot(&deferred_message_data_slot); - dbus_free(check); - return NULL; - } -@@ -98,6 +108,7 @@ bus_check_unref (BusCheck *check) - if (check->refcount == 0) - { - bus_cynara_unref(check->cynara); -+ dbus_message_free_data_slot(&deferred_message_data_slot); - dbus_free(check); - } - } -@@ -114,6 +125,45 @@ bus_check_get_cynara (BusCheck *check) - return check->cynara; - } - -+static void -+bus_check_enable_dispatch_callback (BusDeferredMessage *deferred_message, -+ BusResult result) -+{ -+ _dbus_verbose("bus_check_enable_dispatch_callback called deferred_message=%p\n", deferred_message); -+ -+ deferred_message->response = result; -+ _dbus_connection_enable_dispatch(deferred_message->sender); -+} -+ -+static void -+deferred_message_free_function(void *data) -+{ -+ BusDeferredMessage *deferred_message = (BusDeferredMessage *)data; -+ bus_deferred_message_unref(deferred_message); -+} -+ -+void -+bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message) -+{ -+ _dbus_assert(deferred_message != NULL); -+ _dbus_assert(deferred_message->sender != NULL); -+ -+ if (dbus_message_get_data(deferred_message->message, deferred_message_data_slot) == NULL) -+ { -+ if (dbus_message_set_data(deferred_message->message, deferred_message_data_slot, deferred_message, -+ deferred_message_free_function)) -+ bus_deferred_message_ref(deferred_message); -+ } -+ -+ _dbus_connection_disable_dispatch(deferred_message->sender); -+ deferred_message->response_callback = bus_check_enable_dispatch_callback; -+} -+ -+#ifdef DBUS_ENABLE_EMBEDDED_TESTS -+BusResult (*bus_check_test_override) (DBusConnection *connection, -+ const char *privilege); -+#endif -+ - BusResult - bus_check_privilege (BusCheck *check, - DBusMessage *message, -@@ -124,6 +174,7 @@ bus_check_privilege (BusCheck *check, - BusDeferredMessageStatus check_type, - BusDeferredMessage **deferred_message) - { -+ BusDeferredMessage *previous_deferred_message; - BusResult result = BUS_RESULT_FALSE; - #ifdef DBUS_ENABLE_CYNARA - BusCynara *cynara; -@@ -137,16 +188,54 @@ bus_check_privilege (BusCheck *check, - return BUS_RESULT_FALSE; - } - -- /* ask policy checkers */ --#ifdef DBUS_ENABLE_CYNARA -- cynara = bus_check_get_cynara(check); -- result = bus_cynara_check_privilege(cynara, message, sender, addressed_recipient, -- proposed_recipient, privilege, check_type, deferred_message); -+#ifdef DBUS_ENABLE_EMBEDDED_TESTS -+ if (bus_check_test_override) -+ return bus_check_test_override (connection, privilege); - #endif - -- if (result == BUS_RESULT_LATER && deferred_message != NULL) -+ previous_deferred_message = dbus_message_get_data(message, deferred_message_data_slot); -+ /* check if message blocked at sender's queue is being processed */ -+ if (previous_deferred_message != NULL) -+ { -+ if ((check_type & BUS_DEFERRED_MESSAGE_CHECK_SEND) && -+ !(previous_deferred_message->status & BUS_DEFERRED_MESSAGE_CHECK_SEND)) -+ { -+ /** -+ * Message has been deferred due to receive or own rule which means that sending this message -+ * is allowed - it must have been checked previously. -+ * This might happen when client calls RequestName method which depending on security -+ * policy might result in both "can_send" and "can_own" Cynara checks. -+ */ -+ result = BUS_RESULT_TRUE; -+ } -+ else -+ { -+ result = previous_deferred_message->response; -+ if (result == BUS_RESULT_LATER) -+ { -+ /* result is still not known - reuse deferred message object */ -+ if (deferred_message != NULL) -+ *deferred_message = previous_deferred_message; -+ } -+ else -+ { -+ /* result is available - we can remove deferred message from the processed message */ -+ dbus_message_set_data(message, deferred_message_data_slot, NULL, NULL); -+ } -+ } -+ } -+ else - { -- (*deferred_message)->status |= check_type; -+ /* ask policy checkers */ -+#ifdef DBUS_ENABLE_CYNARA -+ cynara = bus_check_get_cynara(check); -+ result = bus_cynara_check_privilege(cynara, message, sender, addressed_recipient, -+ proposed_recipient, privilege, check_type, deferred_message); -+#endif -+ if (result == BUS_RESULT_LATER && deferred_message != NULL) -+ { -+ (*deferred_message)->status |= check_type; -+ } - } - return result; - } -@@ -206,6 +295,12 @@ bus_deferred_message_unref (BusDeferredMessage *deferred_message) - } - } - -+BusDeferredMessageStatus -+bus_deferred_message_get_status (BusDeferredMessage *deferred_message) -+{ -+ return deferred_message->status; -+} -+ - void - bus_deferred_message_response_received (BusDeferredMessage *deferred_message, - BusResult result) -diff --git a/bus/check.h b/bus/check.h -index c3fcaf9..d177549 100644 ---- a/bus/check.h -+++ b/bus/check.h -@@ -55,6 +55,7 @@ BusResult bus_check_privilege (BusCheck *check, - BusDeferredMessageStatus check_type, - BusDeferredMessage **deferred_message); - -+ - BusDeferredMessage *bus_deferred_message_new (DBusMessage *message, - DBusConnection *sender, - DBusConnection *addressed_recipient, -@@ -65,4 +66,13 @@ BusDeferredMessage *bus_deferred_message_ref (BusDeferredMessage - void bus_deferred_message_unref (BusDeferredMessage *deferred_message); - void bus_deferred_message_response_received (BusDeferredMessage *deferred_message, - BusResult result); -+void bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message); -+ -+BusDeferredMessageStatus bus_deferred_message_get_status (BusDeferredMessage *deferred_message); -+ -+#ifdef DBUS_ENABLE_EMBEDDED_TESTS -+extern BusResult (*bus_check_test_override) (DBusConnection *connection, -+ const char *privilege); -+#endif -+ - #endif /* BUS_CHECK_H */ -diff --git a/bus/cynara.c b/bus/cynara.c -index 57a4c45..77aed62 100644 ---- a/bus/cynara.c -+++ b/bus/cynara.c -@@ -36,7 +36,6 @@ - #include - #endif - -- - #ifdef DBUS_ENABLE_CYNARA - typedef struct BusCynara - { -diff --git a/bus/dispatch.c b/bus/dispatch.c -index d3867f7..50a22a3 100644 ---- a/bus/dispatch.c -+++ b/bus/dispatch.c -@@ -35,6 +35,7 @@ - #include "signals.h" - #include "test.h" - #include -+#include - #include - #include - -@@ -122,7 +123,7 @@ send_one_message (DBusConnection *connection, - return TRUE; - } - --dbus_bool_t -+BusResult - bus_dispatch_matches (BusTransaction *transaction, - DBusConnection *sender, - DBusConnection *addressed_recipient, -@@ -158,13 +159,29 @@ bus_dispatch_matches (BusTransaction *transaction, - message, NULL, error, - &deferred_message); - if (res == BUS_RESULT_FALSE) -- return FALSE; -+ return BUS_RESULT_FALSE; - else if (res == BUS_RESULT_LATER) - { -- dbus_set_error (error, -- DBUS_ERROR_ACCESS_DENIED, -- "Rejecting message because time is needed to check security policy"); -- return FALSE; -+ BusDeferredMessageStatus status; -+ status = bus_deferred_message_get_status(deferred_message); -+ -+ if (status & BUS_DEFERRED_MESSAGE_CHECK_SEND) -+ { -+ /* send rule result not available - disable dispatching messages from the sender */ -+ bus_deferred_message_disable_sender(deferred_message); -+ return BUS_RESULT_LATER; -+ } -+ else if (status & BUS_DEFERRED_MESSAGE_CHECK_RECEIVE) -+ { -+ dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, -+ "Rejecting message because time is needed to check security policy"); -+ return BUS_RESULT_FALSE; -+ } -+ else -+ { -+ _dbus_verbose("deferred message has no status field set to send or receive unexpectedly\n"); -+ return BUS_RESULT_FALSE; -+ } - } - - if (dbus_message_contains_unix_fds (message) && -@@ -175,14 +192,14 @@ bus_dispatch_matches (BusTransaction *transaction, - DBUS_ERROR_NOT_SUPPORTED, - "Tried to send message with Unix file descriptors" - "to a client that doesn't support that."); -- return FALSE; -- } -+ return BUS_RESULT_FALSE; -+ } - - /* Dispatch the message */ - if (!bus_transaction_send (transaction, addressed_recipient, message)) - { - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - } - -@@ -197,7 +214,7 @@ bus_dispatch_matches (BusTransaction *transaction, - &recipients)) - { - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - link = _dbus_list_get_first_link (&recipients); -@@ -219,10 +236,10 @@ bus_dispatch_matches (BusTransaction *transaction, - if (dbus_error_is_set (&tmp_error)) - { - dbus_move_error (&tmp_error, error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - else -- return TRUE; -+ return BUS_RESULT_TRUE; - } - - static DBusHandlerResult -@@ -409,10 +426,12 @@ bus_dispatch (DBusConnection *connection, - } - else if (res == BUS_RESULT_LATER) - { -- dbus_set_error (&error, -- DBUS_ERROR_ACCESS_DENIED, -- "Rejecting message because time is needed to check security policy"); -- _dbus_verbose ("Security policy needs time to check policy. Dropping message\n"); -+ /* Disable dispatching messages from the sender, -+ * roll back and dispatch the message once the policy result is available */ -+ bus_deferred_message_disable_sender(deferred_message); -+ bus_transaction_cancel_and_free (transaction); -+ transaction = NULL; -+ result = DBUS_HANDLER_RESULT_LATER; - goto out; - } - -@@ -514,8 +533,14 @@ bus_dispatch (DBusConnection *connection, - * addressed_recipient == NULL), and match it against other connections' - * match rules. - */ -- if (!bus_dispatch_matches (transaction, connection, addressed_recipient, message, &error)) -- goto out; -+ if (BUS_RESULT_LATER == bus_dispatch_matches (transaction, connection, addressed_recipient, -+ message, &error)) -+ { -+ /* Roll back and dispatch the message once the policy result is available */ -+ bus_transaction_cancel_and_free (transaction); -+ transaction = NULL; -+ result = DBUS_HANDLER_RESULT_LATER; -+ } - - out: - if (dbus_error_is_set (&error)) -@@ -5060,9 +5085,132 @@ bus_dispatch_test_conf_fail (const DBusString *test_data_dir, - } - #endif - -+typedef struct { -+ DBusTimeout *timeout; -+ DBusConnection *connection; -+ dbus_bool_t timedout; -+ int check_counter; -+} BusTestCheckData; -+ -+static BusTestCheckData *cdata; -+ -+static dbus_bool_t -+bus_dispatch_test_check_timeout (void *data) -+{ -+ _dbus_verbose ("timeout triggered - pretend that privilege check result is available\n"); -+ -+ /* should only happen once during the test */ -+ _dbus_assert (!cdata->timedout); -+ cdata->timedout = TRUE; -+ _dbus_connection_enable_dispatch (cdata->connection); -+ -+ /* don't call this again */ -+ _dbus_loop_remove_timeout (bus_connection_get_loop (cdata->connection), -+ cdata->timeout); -+ dbus_connection_unref (cdata->connection); -+ cdata->connection = NULL; -+ return TRUE; -+} -+ -+static BusResult -+bus_dispatch_test_check_override (DBusConnection *connection, -+ const char *privilege) -+{ -+ _dbus_verbose ("overriding privilege check %s #%d\n", privilege, cdata->check_counter); -+ cdata->check_counter++; -+ if (!cdata->timedout) -+ { -+ dbus_bool_t added; -+ -+ /* Should be the first privilege check for the "Echo" method. */ -+ _dbus_assert (cdata->check_counter == 1); -+ cdata->timeout = _dbus_timeout_new (1, bus_dispatch_test_check_timeout, -+ NULL, NULL); -+ _dbus_assert (cdata->timeout); -+ added = _dbus_loop_add_timeout (bus_connection_get_loop (connection), -+ cdata->timeout); -+ _dbus_assert (added); -+ cdata->connection = connection; -+ dbus_connection_ref (connection); -+ _dbus_connection_disable_dispatch (connection); -+ return BUS_RESULT_LATER; -+ } -+ else -+ { -+ /* Should only be checked one more time, and this time succeeds. */ -+ _dbus_assert (cdata->check_counter == 2); -+ return BUS_RESULT_TRUE; -+ } -+} -+ -+static dbus_bool_t -+bus_dispatch_test_check (const DBusString *test_data_dir) -+{ -+ const char *filename = "valid-config-files/debug-check-some.conf"; -+ BusContext *context; -+ DBusConnection *foo; -+ DBusError error; -+ dbus_bool_t result = TRUE; -+ BusTestCheckData data; -+ -+ /* save the config name for the activation helper */ -+ if (!setenv_TEST_LAUNCH_HELPER_CONFIG (test_data_dir, filename)) -+ _dbus_assert_not_reached ("no memory setting TEST_LAUNCH_HELPER_CONFIG"); -+ -+ dbus_error_init (&error); -+ -+ context = bus_context_new_test (test_data_dir, filename); -+ if (context == NULL) -+ return FALSE; -+ -+ foo = dbus_connection_open_private (TEST_DEBUG_PIPE, &error); -+ if (foo == NULL) -+ _dbus_assert_not_reached ("could not alloc connection"); -+ -+ if (!bus_setup_debug_client (foo)) -+ _dbus_assert_not_reached ("could not set up connection"); -+ -+ spin_connection_until_authenticated (context, foo); -+ -+ if (!check_hello_message (context, foo)) -+ _dbus_assert_not_reached ("hello message failed"); -+ -+ if (!check_double_hello_message (context, foo)) -+ _dbus_assert_not_reached ("double hello message failed"); -+ -+ if (!check_add_match (context, foo, "")) -+ _dbus_assert_not_reached ("AddMatch message failed"); -+ -+ /* -+ * Cause bus_check_send_privilege() to return BUS_RESULT_LATER in the -+ * first call, then BUS_RESULT_TRUE. -+ */ -+ cdata = &data; -+ memset (cdata, 0, sizeof(*cdata)); -+ bus_check_test_override = bus_dispatch_test_check_override; -+ -+ result = check_existent_service_auto_start (context, foo); -+ -+ _dbus_assert (cdata->check_counter == 2); -+ _dbus_assert (cdata->timedout); -+ _dbus_assert (cdata->timeout); -+ _dbus_assert (!cdata->connection); -+ _dbus_timeout_unref (cdata->timeout); -+ -+ kill_client_connection_unchecked (foo); -+ -+ bus_context_unref (context); -+ -+ return result; -+} -+ - dbus_bool_t - bus_dispatch_test (const DBusString *test_data_dir) - { -+ _dbus_verbose (" tests\n"); -+ if (!bus_dispatch_test_check (test_data_dir)) -+ return FALSE; -+ - /* run normal activation tests */ - _dbus_verbose ("Normal activation tests\n"); - if (!bus_dispatch_test_conf (test_data_dir, -diff --git a/bus/dispatch.h b/bus/dispatch.h -index fb5ba7a..afba6a2 100644 ---- a/bus/dispatch.h -+++ b/bus/dispatch.h -@@ -29,7 +29,7 @@ - - dbus_bool_t bus_dispatch_add_connection (DBusConnection *connection); - void bus_dispatch_remove_connection (DBusConnection *connection); --dbus_bool_t bus_dispatch_matches (BusTransaction *transaction, -+BusResult bus_dispatch_matches (BusTransaction *transaction, - DBusConnection *sender, - DBusConnection *recipient, - DBusMessage *message, -diff --git a/bus/driver.c b/bus/driver.c -index cd0a714..f414f64 100644 ---- a/bus/driver.c -+++ b/bus/driver.c -@@ -218,6 +218,7 @@ bus_driver_send_service_owner_changed (const char *service_name, - { - DBusMessage *message; - dbus_bool_t retval; -+ BusResult res; - const char *null_service; - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -253,7 +254,16 @@ bus_driver_send_service_owner_changed (const char *service_name, - if (!bus_transaction_capture (transaction, NULL, NULL, message)) - goto oom; - -- retval = bus_dispatch_matches (transaction, NULL, NULL, message, error); -+ res = bus_dispatch_matches (transaction, NULL, NULL, message, error); -+ if (res == BUS_RESULT_TRUE) -+ retval = TRUE; -+ else -+ { -+ retval = FALSE; -+ if (res == BUS_RESULT_LATER) -+ /* should never happen */ -+ _dbus_assert_not_reached ("bus_dispatch_matches returned BUS_RESULT_LATER unexpectedly"); -+ } - dbus_message_unref (message); - - return retval; -diff --git a/dbus/dbus-connection-internal.h b/dbus/dbus-connection-internal.h -index 4835732..94b1c95 100644 ---- a/dbus/dbus-connection-internal.h -+++ b/dbus/dbus-connection-internal.h -@@ -118,6 +118,21 @@ DBUS_PRIVATE_EXPORT - dbus_bool_t _dbus_connection_get_linux_security_label (DBusConnection *connection, - char **label_p); - -+DBUS_PRIVATE_EXPORT -+void _dbus_connection_enable_dispatch (DBusConnection *connection); -+DBUS_PRIVATE_EXPORT -+void _dbus_connection_disable_dispatch (DBusConnection *connection); -+ -+DBUS_PRIVATE_EXPORT -+dbus_bool_t _dbus_connection_putback_message (DBusConnection *connection, -+ DBusMessage *after_message, -+ DBusMessage *message, -+ DBusError *error); -+ -+DBUS_PRIVATE_EXPORT -+dbus_bool_t _dbus_connection_remove_message (DBusConnection *connection, -+ DBusMessage *message); -+ - /* if DBUS_ENABLE_STATS */ - DBUS_PRIVATE_EXPORT - void _dbus_connection_get_stats (DBusConnection *connection, -diff --git a/dbus/dbus-connection.c b/dbus/dbus-connection.c -index c525b6d..958968c 100644 ---- a/dbus/dbus-connection.c -+++ b/dbus/dbus-connection.c -@@ -311,7 +311,8 @@ struct DBusConnection - */ - dbus_bool_t dispatch_acquired; /**< Someone has dispatch path (can drain incoming queue) */ - dbus_bool_t io_path_acquired; /**< Someone has transport io path (can use the transport to read/write messages) */ -- -+ -+ unsigned int dispatch_disabled : 1; /**< if true, then dispatching incoming messages is stopped until enabled again */ - unsigned int shareable : 1; /**< #TRUE if libdbus owns a reference to the connection and can return it from dbus_connection_open() more than once */ - - unsigned int exit_on_disconnect : 1; /**< If #TRUE, exit after handling disconnect signal */ -@@ -439,6 +440,39 @@ _dbus_connection_wakeup_mainloop (DBusConnection *connection) - (*connection->wakeup_main_function) (connection->wakeup_main_data); - } - -+static void -+_dbus_connection_set_dispatch(DBusConnection *connection, -+ dbus_bool_t disabled) -+{ -+ CONNECTION_LOCK (connection); -+ if (connection->dispatch_disabled != disabled) -+ { -+ DBusDispatchStatus status; -+ -+ connection->dispatch_disabled = disabled; -+ status = _dbus_connection_get_dispatch_status_unlocked (connection); -+ _dbus_connection_update_dispatch_status_and_unlock (connection, status); -+ } -+ else -+ { -+ CONNECTION_UNLOCK (connection); -+ } -+} -+ -+ -+void -+_dbus_connection_enable_dispatch (DBusConnection *connection) -+{ -+ _dbus_connection_set_dispatch (connection, FALSE); -+} -+ -+void -+ _dbus_connection_disable_dispatch (DBusConnection *connection) -+{ -+ _dbus_connection_set_dispatch (connection, TRUE); -+} -+ -+ - #ifdef DBUS_ENABLE_EMBEDDED_TESTS - /** - * Gets the locks so we can examine them -@@ -4069,6 +4103,82 @@ _dbus_connection_putback_message_link_unlocked (DBusConnection *connection, - "_dbus_connection_putback_message_link_unlocked"); - } - -+dbus_bool_t -+_dbus_connection_putback_message (DBusConnection *connection, -+ DBusMessage *after_message, -+ DBusMessage *message, -+ DBusError *error) -+{ -+ DBusDispatchStatus status; -+ DBusList *message_link = _dbus_list_alloc_link (message); -+ DBusList *after_link; -+ if (message_link == NULL) -+ { -+ _DBUS_SET_OOM (error); -+ return FALSE; -+ } -+ dbus_message_ref (message); -+ -+ CONNECTION_LOCK (connection); -+ _dbus_connection_acquire_dispatch (connection); -+ HAVE_LOCK_CHECK (connection); -+ -+ after_link = _dbus_list_find_first(&connection->incoming_messages, after_message); -+ _dbus_list_insert_after_link (&connection->incoming_messages, after_link, message_link); -+ connection->n_incoming += 1; -+ -+ _dbus_verbose ("Message %p (%s %s %s '%s') put back into queue %p, %d incoming\n", -+ message_link->data, -+ dbus_message_type_to_string (dbus_message_get_type (message_link->data)), -+ dbus_message_get_interface (message_link->data) ? -+ dbus_message_get_interface (message_link->data) : -+ "no interface", -+ dbus_message_get_member (message_link->data) ? -+ dbus_message_get_member (message_link->data) : -+ "no member", -+ dbus_message_get_signature (message_link->data), -+ connection, connection->n_incoming); -+ -+ _dbus_message_trace_ref (message_link->data, -1, -1, -+ "_dbus_connection_putback_message"); -+ -+ _dbus_connection_release_dispatch (connection); -+ -+ status = _dbus_connection_get_dispatch_status_unlocked (connection); -+ _dbus_connection_update_dispatch_status_and_unlock (connection, status); -+ -+ return TRUE; -+} -+ -+dbus_bool_t -+_dbus_connection_remove_message (DBusConnection *connection, -+ DBusMessage *message) -+{ -+ DBusDispatchStatus status; -+ dbus_bool_t removed; -+ -+ CONNECTION_LOCK (connection); -+ _dbus_connection_acquire_dispatch (connection); -+ HAVE_LOCK_CHECK (connection); -+ -+ removed = _dbus_list_remove(&connection->incoming_messages, message); -+ -+ if (removed) -+ { -+ connection->n_incoming -= 1; -+ dbus_message_unref(message); -+ _dbus_verbose ("Message %p removed from incoming queue\n", message); -+ } -+ else -+ _dbus_verbose ("Message %p not found in the incoming queue\n", message); -+ -+ _dbus_connection_release_dispatch (connection); -+ -+ status = _dbus_connection_get_dispatch_status_unlocked (connection); -+ _dbus_connection_update_dispatch_status_and_unlock (connection, status); -+ return removed; -+} -+ - /** - * Returns the first-received message from the incoming message queue, - * removing it from the queue. The caller owns a reference to the -@@ -4252,8 +4362,9 @@ static DBusDispatchStatus - _dbus_connection_get_dispatch_status_unlocked (DBusConnection *connection) - { - HAVE_LOCK_CHECK (connection); -- -- if (connection->n_incoming > 0) -+ if (connection->dispatch_disabled && _dbus_connection_get_is_connected_unlocked(connection)) -+ return DBUS_DISPATCH_COMPLETE; -+ else if (connection->n_incoming > 0) - return DBUS_DISPATCH_DATA_REMAINS; - else if (!_dbus_transport_queue_messages (connection->transport)) - return DBUS_DISPATCH_NEED_MEMORY; -@@ -4716,6 +4827,8 @@ dbus_connection_dispatch (DBusConnection *connection) - - CONNECTION_LOCK (connection); - -+ if (result == DBUS_HANDLER_RESULT_LATER) -+ goto out; - if (result == DBUS_HANDLER_RESULT_NEED_MEMORY) - { - _dbus_verbose ("No memory\n"); -@@ -4838,9 +4951,11 @@ dbus_connection_dispatch (DBusConnection *connection) - connection); - - out: -- if (result == DBUS_HANDLER_RESULT_NEED_MEMORY) -+ if (result == DBUS_HANDLER_RESULT_LATER || -+ result == DBUS_HANDLER_RESULT_NEED_MEMORY) - { -- _dbus_verbose ("out of memory\n"); -+ if (result == DBUS_HANDLER_RESULT_NEED_MEMORY) -+ _dbus_verbose ("out of memory\n"); - - /* Put message back, and we'll start over. - * Yes this means handlers must be idempotent if they -diff --git a/dbus/dbus-list.c b/dbus/dbus-list.c -index 8e713c0..32ea871 100644 ---- a/dbus/dbus-list.c -+++ b/dbus/dbus-list.c -@@ -458,6 +458,35 @@ _dbus_list_remove_last (DBusList **list, - return FALSE; - } - -+/** -+ * Finds a value in the list. Returns the first link -+ * with value equal to the given data pointer. -+ * This is a linear-time operation. -+ * Returns #NULL if no value found that matches. -+ * -+ * @param list address of the list head. -+ * @param data the value to find. -+ * @returns the link if found -+ */ -+DBusList* -+_dbus_list_find_first (DBusList **list, -+ void *data) -+{ -+ DBusList *link; -+ -+ link = _dbus_list_get_first_link (list); -+ -+ while (link != NULL) -+ { -+ if (link->data == data) -+ return link; -+ -+ link = _dbus_list_get_next_link (list, link); -+ } -+ -+ return NULL; -+} -+ - /** - * Finds a value in the list. Returns the last link - * with value equal to the given data pointer. -diff --git a/dbus/dbus-list.h b/dbus/dbus-list.h -index 9350a0d..fee9f1b 100644 ---- a/dbus/dbus-list.h -+++ b/dbus/dbus-list.h -@@ -68,6 +68,9 @@ DBUS_PRIVATE_EXPORT - void _dbus_list_remove_link (DBusList **list, - DBusList *link); - DBUS_PRIVATE_EXPORT -+DBusList* _dbus_list_find_first (DBusList **list, -+ void *data); -+DBUS_PRIVATE_EXPORT - DBusList* _dbus_list_find_last (DBusList **list, - void *data); - DBUS_PRIVATE_EXPORT -diff --git a/dbus/dbus-shared.h b/dbus/dbus-shared.h -index 7ab9103..e5bfbed 100644 ---- a/dbus/dbus-shared.h -+++ b/dbus/dbus-shared.h -@@ -67,7 +67,8 @@ typedef enum - { - DBUS_HANDLER_RESULT_HANDLED, /**< Message has had its effect - no need to run more handlers. */ - DBUS_HANDLER_RESULT_NOT_YET_HANDLED, /**< Message has not had any effect - see if other handlers want it. */ -- DBUS_HANDLER_RESULT_NEED_MEMORY /**< Need more memory in order to return #DBUS_HANDLER_RESULT_HANDLED or #DBUS_HANDLER_RESULT_NOT_YET_HANDLED. Please try again later with more memory. */ -+ DBUS_HANDLER_RESULT_NEED_MEMORY, /**< Need more memory in order to return #DBUS_HANDLER_RESULT_HANDLED or #DBUS_HANDLER_RESULT_NOT_YET_HANDLED. Please try again later with more memory. */ -+ DBUS_HANDLER_RESULT_LATER /**< Message dispatch deferred due to pending policy check */ - } DBusHandlerResult; - - /* Bus names */ --- -2.17.2 - diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0003-Handle-unavailability-of-policy-results-for-broadcas.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0003-Handle-unavailability-of-policy-results-for-broadcas.patch deleted file mode 100644 index 1c2ab2bcb..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0003-Handle-unavailability-of-policy-results-for-broadcas.patch +++ /dev/null @@ -1,1082 +0,0 @@ -From fdc3d7086c8f7a623e3da80e559708545b9201fc Mon Sep 17 00:00:00 2001 -From: Jacek Bukarewicz -Date: Fri, 28 Nov 2014 12:39:33 +0100 -Subject: Handle unavailability of policy results for broadcasts and receive - rules -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -When message is sent to the addressed recipient and receive rule -result is unavailable we don't want to block the sender -as it most likely will be the privileged service, so instead we queue -it at the recipient. Any further messages sent to it will be queued to -maintain message order. Once the answer from Cynara arrives messages are -dispatched from the recipient queue. In such case full dispatch is -performed - messages are sent to addressed recipient and other -interested connections. -Messages sent to non-addressed recipients (eavesdroppers or broadcast -message recipients) are handled in a similar way. The difference is -that it is not full dispatch meaning message is sent to a single recipient. - -Cherry picked from 1e231194610892dd4360224998d91336097b05a1 by Jose Bollo - -Updated for dbus 1.10.20 by Scott Murray and José Bollo - -Signed-off-by: José Bollo -Signed-off-by: Scott Murray - -diff --git a/bus/activation.c b/bus/activation.c -index 005047f..ffdc6fc 100644 ---- a/bus/activation.c -+++ b/bus/activation.c -@@ -1259,7 +1259,7 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation - res = bus_dispatch_matches (transaction, - entry->connection, - addressed_recipient, -- entry->activation_message, &error); -+ entry->activation_message, NULL, &error); - if (res == BUS_RESULT_FALSE) - { - /* If permission is denied, we just want to return the error -@@ -2137,7 +2137,7 @@ bus_activation_activate_service (BusActivation *activation, - bus_connection_get_loginfo (connection)); - /* Wonderful, systemd is connected, let's just send the msg */ - res = bus_dispatch_matches (activation_transaction, NULL, -- systemd, message, error); -+ systemd, message, NULL, error); - - if (res == BUS_RESULT_TRUE) - retval = TRUE; -diff --git a/bus/bus.c b/bus/bus.c -index 237efe3..5bb5637 100644 ---- a/bus/bus.c -+++ b/bus/bus.c -@@ -1800,17 +1800,9 @@ bus_context_check_security_policy (BusContext *context, - } - - /* See if limits on size have been exceeded */ -- if (proposed_recipient && -- ((dbus_connection_get_outgoing_size (proposed_recipient) > context->limits.max_outgoing_bytes) || -- (dbus_connection_get_outgoing_unix_fds (proposed_recipient) > context->limits.max_outgoing_unix_fds))) -- { -- complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED, -- "Rejected: destination has a full message queue", -- 0, message, sender, proposed_recipient, requested_reply, TRUE, NULL, -- error); -- _dbus_verbose ("security policy disallowing message due to full message queue\n"); -+ if (!bus_context_check_recipient_message_limits(context, proposed_recipient, sender, message, -+ requested_reply, error)) - return BUS_RESULT_FALSE; -- } - - /* Record that we will allow a reply here in the future (don't - * bother if the recipient is the bus or this is an eavesdropping -@@ -1869,3 +1861,41 @@ bus_context_check_all_watches (BusContext *context) - _dbus_server_toggle_all_watches (server, enabled); - } - } -+ -+void -+bus_context_complain_about_message (BusContext *context, -+ const char *error_name, -+ const char *complaint, -+ int matched_rules, -+ DBusMessage *message, -+ DBusConnection *sender, -+ DBusConnection *proposed_recipient, -+ dbus_bool_t requested_reply, -+ dbus_bool_t log, -+ const char *privilege, -+ DBusError *error) -+{ -+ complain_about_message(context, error_name, complaint, matched_rules, message, sender, -+ proposed_recipient, requested_reply, log, privilege, error); -+} -+ -+dbus_bool_t bus_context_check_recipient_message_limits (BusContext *context, -+ DBusConnection *recipient, -+ DBusConnection *sender, -+ DBusMessage *message, -+ dbus_bool_t requested_reply, -+ DBusError *error) -+{ -+ if (recipient && -+ ((dbus_connection_get_outgoing_size (recipient) > context->limits.max_outgoing_bytes) || -+ (dbus_connection_get_outgoing_unix_fds (recipient) > context->limits.max_outgoing_unix_fds))) -+ { -+ complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED, -+ "Rejected: destination has a full message queue", -+ 0, message, sender, recipient, requested_reply, TRUE, NULL, -+ error); -+ _dbus_verbose ("security policy disallowing message due to full message queue\n"); -+ return FALSE; -+ } -+ return TRUE; -+} -diff --git a/bus/bus.h b/bus/bus.h -index 82c32c8..1b08f7c 100644 ---- a/bus/bus.h -+++ b/bus/bus.h -@@ -164,4 +164,23 @@ BusResult bus_context_check_security_policy (BusContext - BusDeferredMessage **deferred_message); - void bus_context_check_all_watches (BusContext *context); - -+dbus_bool_t bus_context_check_recipient_message_limits (BusContext *context, -+ DBusConnection *recipient, -+ DBusConnection *sender, -+ DBusMessage *message, -+ dbus_bool_t requested_reply, -+ DBusError *error); -+void bus_context_complain_about_message (BusContext *context, -+ const char *error_name, -+ const char *complaint, -+ int matched_rules, -+ DBusMessage *message, -+ DBusConnection *sender, -+ DBusConnection *proposed_recipient, -+ dbus_bool_t requested_reply, -+ dbus_bool_t log, -+ const char *privilege, -+ DBusError *error); -+ -+ - #endif /* BUS_BUS_H */ -diff --git a/bus/check.c b/bus/check.c -index 4b8a699..f3d283f 100644 ---- a/bus/check.c -+++ b/bus/check.c -@@ -49,6 +49,9 @@ typedef struct BusDeferredMessage - DBusConnection *sender; - DBusConnection *proposed_recipient; - DBusConnection *addressed_recipient; -+ dbus_bool_t requested_reply; -+ int matched_rules; -+ const char *privilege; - dbus_bool_t full_dispatch; - BusDeferredMessageStatus status; - BusResult response; -@@ -135,6 +138,89 @@ bus_check_enable_dispatch_callback (BusDeferredMessage *deferred_message, - _dbus_connection_enable_dispatch(deferred_message->sender); - } - -+static void -+bus_check_queued_message_reply_callback (BusDeferredMessage *deferred_message, -+ BusResult result) -+{ -+ int status; -+ -+ _dbus_verbose("bus_check_queued_message_reply_callback called message=%p\n", deferred_message); -+ -+ if (!bus_connection_is_active(deferred_message->proposed_recipient)) -+ return; -+ -+ status = deferred_message->status; -+ -+ deferred_message->status = 0; /* mark message as not waiting for response */ -+ deferred_message->response = result; -+ -+ /* -+ * If send rule allows us to send message we still need to check receive rules. -+ */ -+ if ((status & BUS_DEFERRED_MESSAGE_CHECK_SEND) && (result == BUS_RESULT_TRUE)) -+ { -+ int toggles; -+ BusContext *context; -+ BusRegistry *registry; -+ BusClientPolicy *recipient_policy; -+ BusDeferredMessage *deferred_message_receive; -+ -+ context = bus_connection_get_context(deferred_message->proposed_recipient); -+ registry = bus_context_get_registry(context); -+ recipient_policy = bus_connection_get_policy(deferred_message->proposed_recipient); -+ -+ deferred_message->response = bus_client_policy_check_can_receive(recipient_policy, registry, -+ deferred_message->requested_reply, deferred_message->sender, -+ deferred_message->addressed_recipient, deferred_message->proposed_recipient, deferred_message->message, -+ &toggles, NULL, &deferred_message_receive); -+ if (deferred_message->response == BUS_RESULT_LATER) -+ { -+ /* replace deferred message associated with send check with the one associated with -+ * receive check */ -+ if (!bus_deferred_message_replace(deferred_message, deferred_message_receive)) -+ { -+ /* failed to replace deferred message (due to oom). Set it to rejected */ -+ deferred_message->response = BUS_RESULT_FALSE; -+ } -+ } -+ } -+ -+ bus_connection_dispatch_deferred(deferred_message->proposed_recipient); -+} -+ -+static void -+queue_deferred_message_cancel_transaction_hook (void *data) -+{ -+ BusDeferredMessage *deferred_message = (BusDeferredMessage *)data; -+ bus_connection_remove_deferred_message(deferred_message->proposed_recipient, deferred_message); -+} -+ -+ -+dbus_bool_t -+bus_deferred_message_queue_at_recipient (BusDeferredMessage *deferred_message, -+ BusTransaction *transaction, -+ dbus_bool_t full_dispatch, -+ dbus_bool_t prepend) -+{ -+ _dbus_assert(deferred_message != NULL); -+ _dbus_assert(deferred_message->proposed_recipient != NULL); -+ -+ if (!bus_connection_queue_deferred_message(deferred_message->proposed_recipient, -+ deferred_message, prepend)) -+ return FALSE; -+ -+ if (!bus_transaction_add_cancel_hook(transaction, queue_deferred_message_cancel_transaction_hook, -+ deferred_message, NULL)) -+ { -+ bus_connection_remove_deferred_message(deferred_message->proposed_recipient, deferred_message); -+ return FALSE; -+ } -+ deferred_message->response_callback = bus_check_queued_message_reply_callback; -+ deferred_message->full_dispatch = full_dispatch; -+ -+ return TRUE; -+} -+ - static void - deferred_message_free_function(void *data) - { -@@ -159,6 +245,20 @@ bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message) - deferred_message->response_callback = bus_check_enable_dispatch_callback; - } - -+void -+bus_deferred_message_set_policy_check_info (BusDeferredMessage *deferred_message, -+ dbus_bool_t requested_reply, -+ int matched_rules, -+ const char *privilege) -+{ -+ _dbus_assert(deferred_message != NULL); -+ -+ deferred_message->requested_reply = requested_reply; -+ deferred_message->matched_rules = matched_rules; -+ deferred_message->privilege = privilege; -+} -+ -+ - #ifdef DBUS_ENABLE_EMBEDDED_TESTS - BusResult (*bus_check_test_override) (DBusConnection *connection, - const char *privilege); -@@ -259,6 +359,9 @@ BusDeferredMessage *bus_deferred_message_new (DBusMessage *message, - deferred_message->addressed_recipient = addressed_recipient != NULL ? dbus_connection_ref(addressed_recipient) : NULL; - deferred_message->proposed_recipient = proposed_recipient != NULL ? dbus_connection_ref(proposed_recipient) : NULL; - deferred_message->message = dbus_message_ref(message); -+ deferred_message->requested_reply = FALSE; -+ deferred_message->matched_rules = 0; -+ deferred_message->privilege = NULL; - deferred_message->response = response; - deferred_message->status = 0; - deferred_message->full_dispatch = FALSE; -@@ -295,12 +398,215 @@ bus_deferred_message_unref (BusDeferredMessage *deferred_message) - } - } - -+dbus_bool_t -+bus_deferred_message_check_message_limits (BusDeferredMessage *deferred_message, DBusError *error) -+{ -+ BusContext *context = bus_connection_get_context(deferred_message->proposed_recipient); -+ -+ return bus_context_check_recipient_message_limits(context, deferred_message->proposed_recipient, -+ deferred_message->sender, deferred_message->message, deferred_message->requested_reply, -+ error); -+} -+ -+dbus_bool_t -+bus_deferred_message_expect_method_reply(BusDeferredMessage *deferred_message, BusTransaction *transaction, DBusError *error) -+{ -+ int type = dbus_message_get_type(deferred_message->message); -+ if (type == DBUS_MESSAGE_TYPE_METHOD_CALL && -+ deferred_message->sender && -+ deferred_message->addressed_recipient && -+ deferred_message->addressed_recipient == deferred_message->proposed_recipient && /* not eavesdropping */ -+ !bus_connections_expect_reply (bus_connection_get_connections (deferred_message->sender), -+ transaction, -+ deferred_message->sender, deferred_message->addressed_recipient, -+ deferred_message->message, error)) -+ { -+ _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n"); -+ return FALSE; -+ } -+ return TRUE; -+} -+ -+void -+bus_deferred_message_create_error(BusDeferredMessage *deferred_message, -+ const char *error_message, DBusError *error) -+{ -+ BusContext *context; -+ _dbus_assert (deferred_message->status == 0 && deferred_message->response == BUS_RESULT_FALSE); -+ -+ if (deferred_message->sender == NULL) -+ return; /* error won't be sent to bus driver anyway */ -+ -+ context = bus_connection_get_context(deferred_message->sender); -+ bus_context_complain_about_message(context, DBUS_ERROR_ACCESS_DENIED, "Rejected message", -+ deferred_message->matched_rules, deferred_message->message, deferred_message->sender, -+ deferred_message->proposed_recipient, deferred_message->requested_reply, FALSE, -+ deferred_message->privilege, error); -+} -+ -+BusResult -+bus_deferred_message_dispatch (BusDeferredMessage *deferred_message) -+{ -+ BusContext *context = bus_connection_get_context (deferred_message->proposed_recipient); -+ BusTransaction *transaction = bus_transaction_new (context); -+ BusResult result = BUS_RESULT_TRUE; -+ DBusError error; -+ -+ if (transaction == NULL) -+ { -+ return BUS_RESULT_FALSE; -+ } -+ -+ dbus_error_init(&error); -+ -+ if (!deferred_message->full_dispatch) -+ { -+ result = deferred_message->response; -+ if (result == BUS_RESULT_TRUE) -+ { -+ if (!bus_context_check_recipient_message_limits(context, deferred_message->proposed_recipient, -+ deferred_message->sender, deferred_message->message, deferred_message->requested_reply, &error)) -+ result = BUS_RESULT_FALSE; -+ } -+ else if (result == BUS_RESULT_LATER) -+ { -+ BusDeferredMessage *deferred_message2; -+ result = bus_context_check_security_policy (context, transaction, -+ deferred_message->sender, -+ deferred_message->addressed_recipient, -+ deferred_message->proposed_recipient, -+ deferred_message->message, NULL, NULL, -+ &deferred_message2); -+ -+ if (result == BUS_RESULT_LATER) -+ { -+ /* prepend at recipient */ -+ if (!bus_deferred_message_queue_at_recipient(deferred_message2, transaction, -+ FALSE, TRUE)) -+ result = BUS_RESULT_FALSE; -+ } -+ } -+ -+ /* silently drop messages on access denial */ -+ if (result == BUS_RESULT_TRUE) -+ { -+ if (!bus_transaction_send (transaction, deferred_message->proposed_recipient, deferred_message->message, TRUE)) -+ result = BUS_RESULT_FALSE; -+ } -+ -+ bus_transaction_execute_and_free(transaction); -+ -+ goto out; -+ } -+ -+ /* do not attempt to send message if sender has disconnected */ -+ if (deferred_message->sender != NULL && !bus_connection_is_active(deferred_message->sender)) -+ { -+ bus_transaction_cancel_and_free(transaction); -+ result = BUS_RESULT_FALSE; -+ goto out; -+ } -+ -+ result = bus_dispatch_matches(transaction, deferred_message->sender, -+ deferred_message->addressed_recipient, deferred_message->message, deferred_message, &error); -+ -+ if (result == BUS_RESULT_LATER) -+ { -+ /* Message deferring was already done in bus_dispatch_matches */ -+ bus_transaction_cancel_and_free(transaction); -+ goto out; -+ } -+ -+ /* this part is a copy & paste from bus_dispatch function. Probably can be moved to a function */ -+ if (dbus_error_is_set (&error)) -+ { -+ if (!dbus_connection_get_is_connected (deferred_message->sender)) -+ { -+ /* If we disconnected it, we won't bother to send it any error -+ * messages. -+ */ -+ _dbus_verbose ("Not sending error to connection we disconnected\n"); -+ } -+ else if (dbus_error_has_name (&error, DBUS_ERROR_NO_MEMORY)) -+ { -+ bus_connection_send_oom_error (deferred_message->sender, deferred_message->message); -+ -+ /* cancel transaction due to OOM */ -+ if (transaction != NULL) -+ { -+ bus_transaction_cancel_and_free (transaction); -+ transaction = NULL; -+ } -+ } -+ else -+ { -+ /* Try to send the real error, if no mem to do that, send -+ * the OOM error -+ */ -+ _dbus_assert (transaction != NULL); -+ if (!bus_transaction_send_error_reply (transaction, deferred_message->sender, -+ &error, deferred_message->message)) -+ { -+ bus_connection_send_oom_error (deferred_message->sender, deferred_message->message); -+ -+ /* cancel transaction due to OOM */ -+ if (transaction != NULL) -+ { -+ bus_transaction_cancel_and_free (transaction); -+ transaction = NULL; -+ } -+ } -+ } -+ } -+ -+ if (transaction != NULL) -+ { -+ bus_transaction_execute_and_free (transaction); -+ } -+ -+out: -+ dbus_error_free(&error); -+ -+ return result; -+} -+ -+dbus_bool_t -+bus_deferred_message_replace (BusDeferredMessage *old_message, BusDeferredMessage *new_message) -+{ -+ if (bus_connection_replace_deferred_message(old_message->proposed_recipient, -+ old_message, new_message)) -+ { -+ new_message->response_callback = old_message->response_callback; -+ new_message->full_dispatch = old_message->full_dispatch; -+ return TRUE; -+ } -+ return FALSE; -+} -+ -+dbus_bool_t -+bus_deferred_message_waits_for_check(BusDeferredMessage *deferred_message) -+{ -+ return deferred_message->status != 0; -+} -+ -+DBusConnection * -+bus_deferred_message_get_recipient(BusDeferredMessage *deferred_message) -+{ -+ return deferred_message->proposed_recipient; -+} -+ - BusDeferredMessageStatus - bus_deferred_message_get_status (BusDeferredMessage *deferred_message) - { - return deferred_message->status; - } - -+BusResult -+bus_deferred_message_get_response (BusDeferredMessage *deferred_message) -+{ -+ return deferred_message->response; -+} -+ - void - bus_deferred_message_response_received (BusDeferredMessage *deferred_message, - BusResult result) -@@ -310,3 +616,4 @@ bus_deferred_message_response_received (BusDeferredMessage *deferred_message, - deferred_message->response_callback(deferred_message, result); - } - } -+ -diff --git a/bus/check.h b/bus/check.h -index d177549..9c13c18 100644 ---- a/bus/check.h -+++ b/bus/check.h -@@ -64,12 +64,37 @@ BusDeferredMessage *bus_deferred_message_new (DBusMessage *messag - - BusDeferredMessage *bus_deferred_message_ref (BusDeferredMessage *deferred_message); - void bus_deferred_message_unref (BusDeferredMessage *deferred_message); -+BusResult bus_deferred_message_dispatch (BusDeferredMessage *deferred_message); -+dbus_bool_t bus_deferred_message_waits_for_check (BusDeferredMessage *deferred_message); -+DBusConnection *bus_deferred_message_get_recipient (BusDeferredMessage *deferred_message); - void bus_deferred_message_response_received (BusDeferredMessage *deferred_message, - BusResult result); -+dbus_bool_t bus_deferred_message_queue_at_recipient (BusDeferredMessage *deferred_message, -+ BusTransaction *transaction, -+ dbus_bool_t full_dispatch, -+ dbus_bool_t prepend); -+dbus_bool_t bus_deferred_message_replace (BusDeferredMessage *old_message, -+ BusDeferredMessage *new_message); - void bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message); -+BusResult bus_deferred_message_get_response (BusDeferredMessage *deferred_message); - - BusDeferredMessageStatus bus_deferred_message_get_status (BusDeferredMessage *deferred_message); - -+ -+dbus_bool_t bus_deferred_message_expect_method_reply (BusDeferredMessage *deferred_message, -+ BusTransaction *transaction, -+ DBusError *error); -+void bus_deferred_message_create_error (BusDeferredMessage *deferred_message, -+ const char *error_message, -+ DBusError *error); -+void bus_deferred_message_set_policy_check_info (BusDeferredMessage *deferred_message, -+ dbus_bool_t requested_reply, -+ int matched_rules, -+ const char *privilege); -+dbus_bool_t bus_deferred_message_check_message_limits (BusDeferredMessage *deferred_message, -+ DBusError *error); -+ -+ - #ifdef DBUS_ENABLE_EMBEDDED_TESTS - extern BusResult (*bus_check_test_override) (DBusConnection *connection, - const char *privilege); -diff --git a/bus/connection.c b/bus/connection.c -index b348d42..ee93384 100644 ---- a/bus/connection.c -+++ b/bus/connection.c -@@ -31,11 +31,13 @@ - #include "expirelist.h" - #include "selinux.h" - #include "apparmor.h" -+#include "check.h" - #include - #include - #include - #include - #include -+#include - #ifdef DBUS_ENABLE_CYNARA - #include - #include -@@ -102,6 +104,7 @@ typedef struct - DBusMessage *oom_message; - DBusPreallocatedSend *oom_preallocated; - BusClientPolicy *policy; -+ DBusList *deferred_messages; /**< Queue of messages deferred due to pending policy check */ - - char *cached_loginfo_string; - BusSELinuxID *selinux_id; -@@ -268,6 +271,8 @@ bus_connection_disconnected (DBusConnection *connection) - bus_transaction_execute_and_free (transaction); - } - -+ bus_connection_clear_deferred_messages(connection); -+ - bus_dispatch_remove_connection (connection); - - /* no more watching */ -@@ -2307,7 +2312,7 @@ bus_transaction_capture (BusTransaction *transaction, - { - DBusConnection *recipient = link->data; - -- if (!bus_transaction_send (transaction, recipient, message)) -+ if (!bus_transaction_send (transaction, recipient, message, FALSE)) - goto out; - } - -@@ -2361,6 +2366,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction, - { - DBusError error = DBUS_ERROR_INIT; - BusResult res; -+ BusDeferredMessage *deferred_message; - - /* We have to set the sender to the driver, and have - * to check security policy since it was not done in -@@ -2401,7 +2407,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction, - res = bus_context_check_security_policy (bus_transaction_get_context (transaction), - transaction, - NULL, connection, connection, message, NULL, -- &error, NULL); -+ &error, &deferred_message); - if (res == BUS_RESULT_FALSE) - { - if (!bus_transaction_capture_error_reply (transaction, connection, -@@ -2419,18 +2425,20 @@ bus_transaction_send_from_driver (BusTransaction *transaction, - } - else if (res == BUS_RESULT_LATER) - { -- _dbus_verbose ("Cannot delay sending message from bus driver, dropping it\n"); - dbus_error_free (&error); -- return TRUE; -+ if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, FALSE, FALSE)) -+ return FALSE; -+ return TRUE; /* pretend to have sent it */ - } - -- return bus_transaction_send (transaction, connection, message); -+ return bus_transaction_send (transaction, connection, message, FALSE); - } - - dbus_bool_t - bus_transaction_send (BusTransaction *transaction, - DBusConnection *connection, -- DBusMessage *message) -+ DBusMessage *message, -+ dbus_bool_t deferred_dispatch) - { - MessageToSend *to_send; - BusConnectionData *d; -@@ -2456,7 +2464,28 @@ bus_transaction_send (BusTransaction *transaction, - - d = BUS_CONNECTION_DATA (connection); - _dbus_assert (d != NULL); -- -+ -+ if (!deferred_dispatch && d->deferred_messages != NULL) -+ { -+ BusDeferredMessage *deferred_message; -+ dbus_bool_t success; -+ /* sender and addressed recipient are not required at this point as we only need to send message -+ * to a single recipient without performing policy check. */ -+ deferred_message = bus_deferred_message_new (message, -+ NULL, -+ NULL, -+ connection, -+ BUS_RESULT_TRUE); -+ if (deferred_message == NULL) -+ return FALSE; -+ -+ success = bus_deferred_message_queue_at_recipient(deferred_message, transaction, -+ FALSE, FALSE); -+ bus_deferred_message_unref(deferred_message); -+ -+ return success; -+ } -+ - to_send = dbus_new (MessageToSend, 1); - if (to_send == NULL) - { -@@ -2708,6 +2737,131 @@ bus_transaction_add_cancel_hook (BusTransaction *transaction, - return TRUE; - } - -+void -+bus_connection_dispatch_deferred (DBusConnection *connection) -+{ -+ BusDeferredMessage *message; -+ -+ _dbus_return_if_fail (connection != NULL); -+ -+ while ((message = bus_connection_pop_deferred_message(connection)) != NULL) -+ { -+ bus_deferred_message_dispatch(message); -+ bus_deferred_message_unref(message); -+ } -+} -+ -+dbus_bool_t -+bus_connection_has_deferred_messages (DBusConnection *connection) -+{ -+ BusConnectionData *d = BUS_CONNECTION_DATA(connection); -+ return d->deferred_messages != NULL ? TRUE : FALSE; -+} -+ -+dbus_bool_t -+bus_connection_queue_deferred_message (DBusConnection *connection, -+ BusDeferredMessage *message, -+ dbus_bool_t prepend) -+{ -+ BusConnectionData *d = BUS_CONNECTION_DATA(connection); -+ dbus_bool_t success; -+ if (prepend) -+ success = _dbus_list_prepend(&d->deferred_messages, message); -+ else -+ success = _dbus_list_append(&d->deferred_messages, message); -+ -+ if (success) -+ { -+ bus_deferred_message_ref(message); -+ return TRUE; -+ } -+ -+ return FALSE; -+} -+ -+dbus_bool_t -+bus_connection_replace_deferred_message (DBusConnection *connection, -+ BusDeferredMessage *oldMessage, -+ BusDeferredMessage *newMessage) -+{ -+ DBusList *link; -+ BusConnectionData *d = BUS_CONNECTION_DATA(connection); -+ -+ link = _dbus_list_find_first(&d->deferred_messages, oldMessage); -+ if (link == NULL) -+ return FALSE; -+ -+ if (!_dbus_list_insert_after(&d->deferred_messages, link, newMessage)) -+ return FALSE; -+ -+ bus_deferred_message_ref(newMessage); -+ _dbus_list_remove_link(&d->deferred_messages, link); -+ bus_deferred_message_unref(oldMessage); -+ return TRUE; -+} -+ -+BusDeferredMessage * -+bus_connection_pop_deferred_message (DBusConnection *connection) -+{ -+ DBusList *link; -+ BusDeferredMessage *message; -+ BusConnectionData *d = BUS_CONNECTION_DATA(connection); -+ -+ link =_dbus_list_get_first_link(&d->deferred_messages); -+ if (link != NULL) -+ { -+ message = link->data; -+ if (!bus_deferred_message_waits_for_check(message)) -+ { -+ _dbus_list_remove_link(&d->deferred_messages, link); -+ return message; -+ } -+ } -+ -+ return NULL; -+} -+ -+dbus_bool_t -+bus_connection_putback_deferred_message (DBusConnection *connection, BusDeferredMessage *message) -+{ -+ BusConnectionData *d = BUS_CONNECTION_DATA(connection); -+ if (_dbus_list_prepend(&d->deferred_messages, message)) -+ { -+ return TRUE; -+ } -+ return FALSE; -+} -+ -+void -+bus_connection_clear_deferred_messages (DBusConnection *connection) -+{ -+ BusConnectionData *d = BUS_CONNECTION_DATA(connection); -+ DBusList *link; -+ DBusList *next; -+ BusDeferredMessage *message; -+ -+ link =_dbus_list_get_first_link(&d->deferred_messages); -+ while (link != NULL) -+ { -+ next = _dbus_list_get_next_link (&d->deferred_messages, link); -+ message = link->data; -+ -+ bus_deferred_message_unref(message); -+ _dbus_list_remove_link(&d->deferred_messages, link); -+ -+ link = next; -+ } -+} -+ -+void -+bus_connection_remove_deferred_message (DBusConnection *connection, -+ BusDeferredMessage *message) -+{ -+ BusConnectionData *d = BUS_CONNECTION_DATA(connection); -+ if (_dbus_list_remove(&d->deferred_messages, message)) -+ bus_deferred_message_unref(message); -+} -+ - int - bus_connections_get_n_active (BusConnections *connections) - { -diff --git a/bus/connection.h b/bus/connection.h -index 71078ea..97dae96 100644 ---- a/bus/connection.h -+++ b/bus/connection.h -@@ -85,6 +85,22 @@ dbus_bool_t bus_connection_preallocate_oom_error (DBusConnection *connection); - void bus_connection_send_oom_error (DBusConnection *connection, - DBusMessage *in_reply_to); - -+dbus_bool_t bus_connection_has_deferred_messages (DBusConnection *connection); -+dbus_bool_t bus_connection_queue_deferred_message (DBusConnection *connection, -+ BusDeferredMessage *message, -+ dbus_bool_t prepend); -+BusDeferredMessage *bus_connection_pop_deferred_message (DBusConnection *connection); -+dbus_bool_t bus_connection_putback_deferred_message (DBusConnection *connection, -+ BusDeferredMessage *message); -+void bus_connection_remove_deferred_message (DBusConnection *connection, -+ BusDeferredMessage *message); -+dbus_bool_t bus_connection_replace_deferred_message (DBusConnection *connection, -+ BusDeferredMessage *oldMessage, -+ BusDeferredMessage *newMessage); -+void bus_connection_dispatch_deferred (DBusConnection *connection); -+void bus_connection_clear_deferred_messages (DBusConnection *connection); -+ -+ - /* called by signals.c */ - dbus_bool_t bus_connection_add_match_rule (DBusConnection *connection, - BusMatchRule *rule); -@@ -137,7 +153,8 @@ BusTransaction* bus_transaction_new (BusContext * - BusContext* bus_transaction_get_context (BusTransaction *transaction); - dbus_bool_t bus_transaction_send (BusTransaction *transaction, - DBusConnection *connection, -- DBusMessage *message); -+ DBusMessage *message, -+ dbus_bool_t deferred_dispatch); - dbus_bool_t bus_transaction_capture (BusTransaction *transaction, - DBusConnection *connection, - DBusConnection *addressed_recipient, -diff --git a/bus/dispatch.c b/bus/dispatch.c -index 50a22a3..7d30ce4 100644 ---- a/bus/dispatch.c -+++ b/bus/dispatch.c -@@ -33,6 +33,7 @@ - #include "utils.h" - #include "bus.h" - #include "signals.h" -+#include "dispatch.h" - #include "test.h" - #include - #include -@@ -77,7 +78,7 @@ send_one_message (DBusConnection *connection, - NULL, - &stack_error, - &deferred_message); -- if (result != BUS_RESULT_TRUE) -+ if (result == BUS_RESULT_FALSE) - { - if (!bus_transaction_capture_error_reply (transaction, sender, - &stack_error, message)) -@@ -112,9 +113,19 @@ send_one_message (DBusConnection *connection, - return TRUE; /* don't send it but don't return an error either */ - } - -+ if (result == BUS_RESULT_LATER) -+ { -+ if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, FALSE, FALSE)) -+ { -+ BUS_SET_OOM (error); -+ return FALSE; -+ } -+ return TRUE; /* pretend to have sent it */ -+ } -+ - if (!bus_transaction_send (transaction, - connection, -- message)) -+ message, FALSE)) - { - BUS_SET_OOM (error); - return FALSE; -@@ -124,11 +135,12 @@ send_one_message (DBusConnection *connection, - } - - BusResult --bus_dispatch_matches (BusTransaction *transaction, -- DBusConnection *sender, -- DBusConnection *addressed_recipient, -- DBusMessage *message, -- DBusError *error) -+bus_dispatch_matches (BusTransaction *transaction, -+ DBusConnection *sender, -+ DBusConnection *addressed_recipient, -+ DBusMessage *message, -+ BusDeferredMessage *dispatched_deferred_message, -+ DBusError *error) - { - DBusError tmp_error; - BusConnections *connections; -@@ -137,7 +149,6 @@ bus_dispatch_matches (BusTransaction *transaction, - DBusList *link; - BusContext *context; - BusDeferredMessage *deferred_message; -- BusResult res; - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); - -@@ -153,16 +164,80 @@ bus_dispatch_matches (BusTransaction *transaction, - /* First, send the message to the addressed_recipient, if there is one. */ - if (addressed_recipient != NULL) - { -- res = bus_context_check_security_policy (context, transaction, -+ BusResult result; -+ /* To maintain message order message needs to be appended at the recipient if there are already -+ * deferred messages and we are not doing deferred dispatch -+ */ -+ if (dispatched_deferred_message == NULL && bus_connection_has_deferred_messages(addressed_recipient)) -+ { -+ deferred_message = bus_deferred_message_new(message, sender, -+ addressed_recipient, addressed_recipient, BUS_RESULT_LATER); -+ -+ if (deferred_message == NULL) -+ { -+ BUS_SET_OOM(error); -+ return BUS_RESULT_FALSE; -+ } -+ -+ if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, TRUE, FALSE)) -+ { -+ bus_deferred_message_unref(deferred_message); -+ BUS_SET_OOM(error); -+ return BUS_RESULT_FALSE; -+ } -+ -+ bus_deferred_message_unref(deferred_message); -+ return BUS_RESULT_TRUE; /* pretend to have sent it */ -+ } -+ -+ if (dispatched_deferred_message != NULL) -+ { -+ result = bus_deferred_message_get_response(dispatched_deferred_message); -+ if (result == BUS_RESULT_TRUE) -+ { -+ /* if we know the result of policy check we still need to check if message limits -+ * are not exceeded. It is also required to add entry in expected replies list if -+ * this is a method call -+ */ -+ if (!bus_deferred_message_check_message_limits(dispatched_deferred_message, error)) -+ return BUS_RESULT_FALSE; -+ -+ if (!bus_deferred_message_expect_method_reply(dispatched_deferred_message, transaction, error)) -+ return BUS_RESULT_FALSE; -+ } -+ else if (result == BUS_RESULT_FALSE) -+ { -+ bus_deferred_message_create_error(dispatched_deferred_message, "Rejected message", error); -+ return BUS_RESULT_FALSE; -+ } -+ } -+ else -+ result = BUS_RESULT_LATER; -+ -+ if (result == BUS_RESULT_LATER) -+ result = bus_context_check_security_policy (context, transaction, - sender, addressed_recipient, - addressed_recipient, - message, NULL, error, - &deferred_message); -- if (res == BUS_RESULT_FALSE) -+ -+ if (result == BUS_RESULT_FALSE) - return BUS_RESULT_FALSE; -- else if (res == BUS_RESULT_LATER) -+ else if (result == BUS_RESULT_LATER) - { - BusDeferredMessageStatus status; -+ -+ if (dispatched_deferred_message != NULL) -+ { -+ /* for deferred dispatch prepend message at the recipient */ -+ if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, TRUE, TRUE)) -+ { -+ BUS_SET_OOM(error); -+ return BUS_RESULT_FALSE; -+ } -+ return BUS_RESULT_TRUE; /* pretend to have sent it */ -+ } -+ - status = bus_deferred_message_get_status(deferred_message); - - if (status & BUS_DEFERRED_MESSAGE_CHECK_SEND) -@@ -173,13 +248,18 @@ bus_dispatch_matches (BusTransaction *transaction, - } - else if (status & BUS_DEFERRED_MESSAGE_CHECK_RECEIVE) - { -- dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, -- "Rejecting message because time is needed to check security policy"); -- return BUS_RESULT_FALSE; -+ /* receive rule result not available - queue message at the recipient */ -+ if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, TRUE, FALSE)) -+ { -+ BUS_SET_OOM(error); -+ return BUS_RESULT_FALSE; -+ } -+ -+ return BUS_RESULT_TRUE; /* pretend to have sent it */ - } - else - { -- _dbus_verbose("deferred message has no status field set to send or receive unexpectedly\n"); -+ _dbus_verbose("deferred message has no status field set unexpectedly\n"); - return BUS_RESULT_FALSE; - } - } -@@ -196,7 +276,8 @@ bus_dispatch_matches (BusTransaction *transaction, - } - - /* Dispatch the message */ -- if (!bus_transaction_send (transaction, addressed_recipient, message)) -+ if (!bus_transaction_send(transaction, addressed_recipient, message, -+ dispatched_deferred_message != NULL ? TRUE : FALSE)) - { - BUS_SET_OOM (error); - return BUS_RESULT_FALSE; -@@ -534,7 +615,7 @@ bus_dispatch (DBusConnection *connection, - * match rules. - */ - if (BUS_RESULT_LATER == bus_dispatch_matches (transaction, connection, addressed_recipient, -- message, &error)) -+ message, NULL, &error)) - { - /* Roll back and dispatch the message once the policy result is available */ - bus_transaction_cancel_and_free (transaction); -diff --git a/bus/dispatch.h b/bus/dispatch.h -index afba6a2..f6102e8 100644 ---- a/bus/dispatch.h -+++ b/bus/dispatch.h -@@ -29,10 +29,11 @@ - - dbus_bool_t bus_dispatch_add_connection (DBusConnection *connection); - void bus_dispatch_remove_connection (DBusConnection *connection); --BusResult bus_dispatch_matches (BusTransaction *transaction, -- DBusConnection *sender, -- DBusConnection *recipient, -- DBusMessage *message, -- DBusError *error); -+BusResult bus_dispatch_matches (BusTransaction *transaction, -+ DBusConnection *sender, -+ DBusConnection *recipient, -+ DBusMessage *message, -+ BusDeferredMessage *dispatched_deferred_message, -+ DBusError *error); - - #endif /* BUS_DISPATCH_H */ -diff --git a/bus/driver.c b/bus/driver.c -index f414f64..d89a658 100644 ---- a/bus/driver.c -+++ b/bus/driver.c -@@ -254,7 +254,7 @@ bus_driver_send_service_owner_changed (const char *service_name, - if (!bus_transaction_capture (transaction, NULL, NULL, message)) - goto oom; - -- res = bus_dispatch_matches (transaction, NULL, NULL, message, error); -+ res = bus_dispatch_matches (transaction, NULL, NULL, message, NULL, error); - if (res == BUS_RESULT_TRUE) - retval = TRUE; - else -diff --git a/bus/policy.c b/bus/policy.c -index 7ee1ce5..b1fab0d 100644 ---- a/bus/policy.c -+++ b/bus/policy.c -@@ -1121,6 +1121,9 @@ bus_client_policy_check_can_send (DBusConnection *sender, - - result = bus_check_privilege(check, message, sender, addressed_recipient, receiver, - privilege, BUS_DEFERRED_MESSAGE_CHECK_SEND, deferred_message); -+ if (result == BUS_RESULT_LATER && deferred_message != NULL) -+ bus_deferred_message_set_policy_check_info(*deferred_message, requested_reply, -+ *toggles, privilege); - } - else - privilege = NULL; -@@ -1370,6 +1373,9 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, - - result = bus_check_privilege(check, message, sender, addressed_recipient, proposed_recipient, - privilege, BUS_DEFERRED_MESSAGE_CHECK_RECEIVE, deferred_message); -+ if (result == BUS_RESULT_LATER && deferred_message != NULL) -+ bus_deferred_message_set_policy_check_info(*deferred_message, requested_reply, -+ *toggles, privilege); - } - else - privilege = NULL; --- -2.17.2 - diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0004-Add-own-rule-result-unavailability-handling.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0004-Add-own-rule-result-unavailability-handling.patch deleted file mode 100644 index 9cb744def..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0004-Add-own-rule-result-unavailability-handling.patch +++ /dev/null @@ -1,1493 +0,0 @@ -From e7ae85429aa3e6d80df13b3a5a492d9ccbf42518 Mon Sep 17 00:00:00 2001 -From: Jacek Bukarewicz -Date: Thu, 27 Nov 2014 11:26:21 +0100 -Subject: Add own rule result unavailability handling -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Own rule result unavailability is handled like send rules - dispatching -messages from the sender is blocked and resumed when result becomes -available. - -Handler of "RequestName" method needs to return BUS_RESULT_LATER when -policy result is not known therefore its return type is modified. -Since bus message handlers are put into function pointer array other -message handler function singatures are also affected. - -Cherry-picked from 35ef89cd6777ea2430077fc621d21bd01df92349 by Jose.bollo - -Updated for dbus 1.10.20 by Scott Murray and José Bollo - -Signed-off-by: José Bollo -Signed-off-by: Scott Murray - -diff --git a/bus/dispatch.c b/bus/dispatch.c -index 7d30ce4..4b84c21 100644 ---- a/bus/dispatch.c -+++ b/bus/dispatch.c -@@ -517,8 +517,17 @@ bus_dispatch (DBusConnection *connection, - } - - _dbus_verbose ("Giving message to %s\n", DBUS_SERVICE_DBUS); -- if (!bus_driver_handle_message (connection, transaction, message, &error)) -+ res = bus_driver_handle_message (connection, transaction, message, &error); -+ if (res == BUS_RESULT_FALSE) - goto out; -+ else if (res == BUS_RESULT_LATER) -+ { -+ /* connection has been disabled in message handler */ -+ bus_transaction_cancel_and_free (transaction); -+ transaction = NULL; -+ result = DBUS_HANDLER_RESULT_LATER; -+ goto out; -+ } - } - else if (!bus_connection_is_active (connection)) /* clients must talk to bus driver first */ - { -diff --git a/bus/driver.c b/bus/driver.c -index d89a658..aaeb3b2 100644 ---- a/bus/driver.c -+++ b/bus/driver.c -@@ -420,7 +420,7 @@ create_unique_client_name (BusRegistry *registry, - return TRUE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_hello (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -428,7 +428,7 @@ bus_driver_handle_hello (DBusConnection *connection, - { - DBusString unique_name; - BusService *service; -- dbus_bool_t retval; -+ BusResult retval; - BusRegistry *registry; - BusConnections *connections; - DBusError tmp_error; -@@ -442,7 +442,7 @@ bus_driver_handle_hello (DBusConnection *connection, - /* We already handled an Hello message for this connection. */ - dbus_set_error (error, DBUS_ERROR_FAILED, - "Already handled an Hello message"); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - /* Note that when these limits are exceeded we don't disconnect the -@@ -464,16 +464,16 @@ bus_driver_handle_hello (DBusConnection *connection, - bus_context_log (context, DBUS_SYSTEM_LOG_WARNING, "%s (%s=%d)", - tmp_error.message, limit_name, limit); - dbus_move_error (&tmp_error, error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - if (!_dbus_string_init (&unique_name)) - { - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - -- retval = FALSE; -+ retval = BUS_RESULT_FALSE; - - registry = bus_connection_get_registry (connection); - -@@ -506,7 +506,7 @@ bus_driver_handle_hello (DBusConnection *connection, - goto out_0; - - _dbus_assert (bus_connection_is_active (connection)); -- retval = TRUE; -+ retval = BUS_RESULT_TRUE; - - out_0: - _dbus_string_free (&unique_name); -@@ -558,7 +558,7 @@ bus_driver_send_welcome_message (DBusConnection *connection, - } - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_list_services (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -580,14 +580,14 @@ bus_driver_handle_list_services (DBusConnection *connection, - if (reply == NULL) - { - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - if (!bus_registry_list_services (registry, &services, &len)) - { - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - dbus_message_iter_init_append (reply, &iter); -@@ -599,7 +599,7 @@ bus_driver_handle_list_services (DBusConnection *connection, - dbus_free_string_array (services); - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - { -@@ -611,7 +611,7 @@ bus_driver_handle_list_services (DBusConnection *connection, - dbus_free_string_array (services); - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - } - -@@ -624,7 +624,7 @@ bus_driver_handle_list_services (DBusConnection *connection, - dbus_free_string_array (services); - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - ++i; - } -@@ -635,23 +635,23 @@ bus_driver_handle_list_services (DBusConnection *connection, - { - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - if (!bus_transaction_send_from_driver (transaction, connection, reply)) - { - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - else - { - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - } - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_list_activatable_services (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -673,14 +673,14 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, - if (reply == NULL) - { - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - if (!bus_activation_list_services (activation, &services, &len)) - { - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - dbus_message_iter_init_append (reply, &iter); -@@ -692,7 +692,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, - dbus_free_string_array (services); - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - { -@@ -704,7 +704,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, - dbus_free_string_array (services); - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - } - -@@ -717,7 +717,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, - dbus_free_string_array (services); - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - ++i; - } -@@ -728,23 +728,23 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, - { - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - if (!bus_transaction_send_from_driver (transaction, connection, reply)) - { - dbus_message_unref (reply); - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - else - { - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - } - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_acquire_service (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -755,7 +755,8 @@ bus_driver_handle_acquire_service (DBusConnection *connection, - const char *name; - dbus_uint32_t service_reply; - dbus_uint32_t flags; -- dbus_bool_t retval; -+ BusResult retval; -+ BusResult res; - BusRegistry *registry; - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -766,20 +767,24 @@ bus_driver_handle_acquire_service (DBusConnection *connection, - DBUS_TYPE_STRING, &name, - DBUS_TYPE_UINT32, &flags, - DBUS_TYPE_INVALID)) -- return FALSE; -+ return BUS_RESULT_FALSE; - - _dbus_verbose ("Trying to own name %s with flags 0x%x\n", name, flags); - -- retval = FALSE; -+ retval = BUS_RESULT_FALSE; - reply = NULL; - - _dbus_string_init_const (&service_name, name); - -- if (!bus_registry_acquire_service (registry, connection, -- &service_name, flags, -- &service_reply, transaction, -- error)) -- goto out; -+ res = bus_registry_acquire_service (registry, connection, message, -+ &service_name, flags, -+ &service_reply, transaction, -+ error); -+ if (res != BUS_RESULT_TRUE) -+ { -+ retval = res; -+ goto out; -+ } - - reply = dbus_message_new_method_return (message); - if (reply == NULL) -@@ -800,7 +805,7 @@ bus_driver_handle_acquire_service (DBusConnection *connection, - goto out; - } - -- retval = TRUE; -+ retval = BUS_RESULT_TRUE; - - out: - if (reply) -@@ -808,7 +813,7 @@ bus_driver_handle_acquire_service (DBusConnection *connection, - return retval; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_release_service (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -818,7 +823,7 @@ bus_driver_handle_release_service (DBusConnection *connection, - DBusString service_name; - const char *name; - dbus_uint32_t service_reply; -- dbus_bool_t retval; -+ BusResult retval; - BusRegistry *registry; - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -828,11 +833,11 @@ bus_driver_handle_release_service (DBusConnection *connection, - if (!dbus_message_get_args (message, error, - DBUS_TYPE_STRING, &name, - DBUS_TYPE_INVALID)) -- return FALSE; -+ return BUS_RESULT_FALSE; - - _dbus_verbose ("Trying to release name %s\n", name); - -- retval = FALSE; -+ retval = BUS_RESULT_FALSE; - reply = NULL; - - _dbus_string_init_const (&service_name, name); -@@ -861,7 +866,7 @@ bus_driver_handle_release_service (DBusConnection *connection, - goto out; - } - -- retval = TRUE; -+ retval = BUS_RESULT_TRUE; - - out: - if (reply) -@@ -869,7 +874,7 @@ bus_driver_handle_release_service (DBusConnection *connection, - return retval; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_service_exists (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -880,7 +885,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, - BusService *service; - dbus_bool_t service_exists; - const char *name; -- dbus_bool_t retval; -+ BusResult retval; - BusRegistry *registry; - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -890,9 +895,9 @@ bus_driver_handle_service_exists (DBusConnection *connection, - if (!dbus_message_get_args (message, error, - DBUS_TYPE_STRING, &name, - DBUS_TYPE_INVALID)) -- return FALSE; -+ return BUS_RESULT_FALSE; - -- retval = FALSE; -+ retval = BUS_RESULT_FALSE; - - if (strcmp (name, DBUS_SERVICE_DBUS) == 0) - { -@@ -926,7 +931,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, - goto out; - } - -- retval = TRUE; -+ retval = BUS_RESULT_TRUE; - - out: - if (reply) -@@ -935,7 +940,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, - return retval; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_activate_service (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -943,7 +948,7 @@ bus_driver_handle_activate_service (DBusConnection *connection, - { - dbus_uint32_t flags; - const char *name; -- dbus_bool_t retval; -+ BusResult retval; - BusActivation *activation; - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -957,10 +962,10 @@ bus_driver_handle_activate_service (DBusConnection *connection, - { - _DBUS_ASSERT_ERROR_IS_SET (error); - _dbus_verbose ("No memory to get arguments to StartServiceByName\n"); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - -- retval = FALSE; -+ retval = BUS_RESULT_FALSE; - - if (!bus_activation_activate_service (activation, connection, transaction, FALSE, - message, name, error)) -@@ -970,7 +975,7 @@ bus_driver_handle_activate_service (DBusConnection *connection, - goto out; - } - -- retval = TRUE; -+ retval = BUS_RESULT_TRUE; - - out: - return retval; -@@ -1072,13 +1077,13 @@ bus_driver_send_or_activate (BusTransaction *transaction, - return TRUE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_update_activation_environment (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error) - { -- dbus_bool_t retval; -+ BusResult retval; - BusActivation *activation; - BusContext *context; - DBusMessageIter iter; -@@ -1100,7 +1105,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, - dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, - "Cannot change activation environment " - "on a system bus."); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - activation = bus_connection_get_activation (connection); -@@ -1114,7 +1119,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, - - dbus_message_iter_recurse (&iter, &dict_iter); - -- retval = FALSE; -+ retval = BUS_RESULT_FALSE; - systemd_message = NULL; - - /* Then loop through the sent dictionary, add the location of -@@ -1279,7 +1284,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, - if (!bus_driver_send_ack_reply (connection, transaction, message, error)) - goto out; - -- retval = TRUE; -+ retval = BUS_RESULT_TRUE; - - out: - if (systemd_message != NULL) -@@ -1289,7 +1294,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, - return retval; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_add_match (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -1371,16 +1376,16 @@ bus_driver_handle_add_match (DBusConnection *connection, - - bus_match_rule_unref (rule); - -- return TRUE; -+ return BUS_RESULT_TRUE; - - failed: - _DBUS_ASSERT_ERROR_IS_SET (error); - if (rule) - bus_match_rule_unref (rule); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_remove_match (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -1423,16 +1428,16 @@ bus_driver_handle_remove_match (DBusConnection *connection, - - bus_match_rule_unref (rule); - -- return TRUE; -+ return BUS_RESULT_TRUE; - - failed: - _DBUS_ASSERT_ERROR_IS_SET (error); - if (rule) - bus_match_rule_unref (rule); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_get_service_owner (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -1502,7 +1507,7 @@ bus_driver_handle_get_service_owner (DBusConnection *connection, - - dbus_message_unref (reply); - -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - BUS_SET_OOM (error); -@@ -1511,10 +1516,10 @@ bus_driver_handle_get_service_owner (DBusConnection *connection, - _DBUS_ASSERT_ERROR_IS_SET (error); - if (reply) - dbus_message_unref (reply); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_list_queued_owners (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -1606,7 +1611,7 @@ bus_driver_handle_list_queued_owners (DBusConnection *connection, - - dbus_message_unref (reply); - -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - BUS_SET_OOM (error); -@@ -1619,10 +1624,10 @@ bus_driver_handle_list_queued_owners (DBusConnection *connection, - if (base_names) - _dbus_list_clear (&base_names); - -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_get_connection_unix_user (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -1679,7 +1684,7 @@ bus_driver_handle_get_connection_unix_user (DBusConnection *connection, - - dbus_message_unref (reply); - -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - BUS_SET_OOM (error); -@@ -1688,10 +1693,10 @@ bus_driver_handle_get_connection_unix_user (DBusConnection *connection, - _DBUS_ASSERT_ERROR_IS_SET (error); - if (reply) - dbus_message_unref (reply); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -1748,7 +1753,7 @@ bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, - - dbus_message_unref (reply); - -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - BUS_SET_OOM (error); -@@ -1757,10 +1762,10 @@ bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, - _DBUS_ASSERT_ERROR_IS_SET (error); - if (reply) - dbus_message_unref (reply); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -1811,7 +1816,7 @@ bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, - - dbus_message_unref (reply); - -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - BUS_SET_OOM (error); -@@ -1820,10 +1825,10 @@ bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, - _DBUS_ASSERT_ERROR_IS_SET (error); - if (reply) - dbus_message_unref (reply); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_get_connection_selinux_security_context (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -1872,7 +1877,7 @@ bus_driver_handle_get_connection_selinux_security_context (DBusConnection *conne - - dbus_message_unref (reply); - -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - BUS_SET_OOM (error); -@@ -1881,10 +1886,10 @@ bus_driver_handle_get_connection_selinux_security_context (DBusConnection *conne - _DBUS_ASSERT_ERROR_IS_SET (error); - if (reply) - dbus_message_unref (reply); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_get_connection_credentials (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -1998,7 +2003,7 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, - - dbus_message_unref (reply); - -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - BUS_SET_OOM (error); -@@ -2012,10 +2017,10 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, - dbus_message_unref (reply); - } - -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_reload_config (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -2040,7 +2045,7 @@ bus_driver_handle_reload_config (DBusConnection *connection, - goto oom; - - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - BUS_SET_OOM (error); -@@ -2049,11 +2054,11 @@ bus_driver_handle_reload_config (DBusConnection *connection, - _DBUS_ASSERT_ERROR_IS_SET (error); - if (reply) - dbus_message_unref (reply); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - #ifdef DBUS_ENABLE_VERBOSE_MODE --static dbus_bool_t -+static BusResult - bus_driver_handle_enable_verbose (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -2073,7 +2078,7 @@ bus_driver_handle_enable_verbose (DBusConnection *connection, - _dbus_set_verbose(TRUE); - - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -2082,10 +2087,10 @@ bus_driver_handle_enable_verbose (DBusConnection *connection, - - if (reply) - dbus_message_unref (reply); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_disable_verbose (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -2105,7 +2110,7 @@ bus_driver_handle_disable_verbose (DBusConnection *connection, - _dbus_set_verbose(FALSE); - - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -2114,11 +2119,11 @@ bus_driver_handle_disable_verbose (DBusConnection *connection, - - if (reply) - dbus_message_unref (reply); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - #endif - --static dbus_bool_t -+static BusResult - bus_driver_handle_get_id (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -2134,7 +2139,7 @@ bus_driver_handle_get_id (DBusConnection *connection, - if (!_dbus_string_init (&uuid)) - { - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - reply = NULL; -@@ -2160,7 +2165,7 @@ bus_driver_handle_get_id (DBusConnection *connection, - - _dbus_string_free (&uuid); - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -2170,10 +2175,10 @@ bus_driver_handle_get_id (DBusConnection *connection, - if (reply) - dbus_message_unref (reply); - _dbus_string_free (&uuid); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_become_monitor (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -2189,7 +2194,7 @@ bus_driver_handle_become_monitor (DBusConnection *connection, - int i; - int n_match_rules; - dbus_uint32_t flags; -- dbus_bool_t ret = FALSE; -+ BusResult ret = BUS_RESULT_FALSE; - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); - -@@ -2262,10 +2267,10 @@ bus_driver_handle_become_monitor (DBusConnection *connection, - if (!bus_connection_be_monitor (connection, transaction, &rules, error)) - goto out; - -- ret = TRUE; -+ ret = BUS_RESULT_TRUE; - - out: -- if (ret) -+ if (ret == BUS_RESULT_TRUE) - _DBUS_ASSERT_ERROR_IS_CLEAR (error); - else - _DBUS_ASSERT_ERROR_IS_SET (error); -@@ -2281,7 +2286,7 @@ out: - return ret; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_get_machine_id (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -2296,7 +2301,7 @@ bus_driver_handle_get_machine_id (DBusConnection *connection, - if (!_dbus_string_init (&uuid)) - { - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - if (!_dbus_get_local_machine_uuid_encoded (&uuid, error)) -@@ -2321,7 +2326,7 @@ bus_driver_handle_get_machine_id (DBusConnection *connection, - - _dbus_string_free (&uuid); - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -2335,29 +2340,30 @@ fail: - dbus_message_unref (reply); - - _dbus_string_free (&uuid); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_ping (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error) - { -- return bus_driver_send_ack_reply (connection, transaction, message, error); -+ return bus_driver_send_ack_reply (connection, transaction, message, error) == TRUE -+ ? BUS_RESULT_TRUE : BUS_RESULT_FALSE; - } - --static dbus_bool_t bus_driver_handle_get (DBusConnection *connection, -+static BusResult bus_driver_handle_get (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error); - --static dbus_bool_t bus_driver_handle_get_all (DBusConnection *connection, -+static BusResult bus_driver_handle_get_all (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error); - --static dbus_bool_t bus_driver_handle_set (DBusConnection *connection, -+static BusResult bus_driver_handle_set (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error); -@@ -2389,10 +2395,10 @@ typedef struct - const char *name; - const char *in_args; - const char *out_args; -- dbus_bool_t (* handler) (DBusConnection *connection, -- BusTransaction *transaction, -- DBusMessage *message, -- DBusError *error); -+ BusResult (* handler) (DBusConnection *connection, -+ BusTransaction *transaction, -+ DBusMessage *message, -+ DBusError *error); - MethodFlags flags; - } MessageHandler; - -@@ -2511,7 +2517,7 @@ static const PropertyHandler dbus_property_handlers[] = { - { NULL, NULL, NULL } - }; - --static dbus_bool_t bus_driver_handle_introspect (DBusConnection *, -+static BusResult bus_driver_handle_introspect (DBusConnection *, - BusTransaction *, DBusMessage *, DBusError *); - - static const MessageHandler properties_message_handlers[] = { -@@ -2763,7 +2769,7 @@ bus_driver_generate_introspect_string (DBusString *xml, - return TRUE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_introspect (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -2784,13 +2790,13 @@ bus_driver_handle_introspect (DBusConnection *connection, - DBUS_TYPE_INVALID)) - { - _DBUS_ASSERT_ERROR_IS_SET (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - if (!_dbus_string_init (&xml)) - { - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - is_canonical_path = dbus_message_has_path (message, DBUS_PATH_DBUS); -@@ -2815,7 +2821,7 @@ bus_driver_handle_introspect (DBusConnection *connection, - dbus_message_unref (reply); - _dbus_string_free (&xml); - -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - BUS_SET_OOM (error); -@@ -2825,10 +2831,42 @@ bus_driver_handle_introspect (DBusConnection *connection, - - _dbus_string_free (&xml); - -- return FALSE; -+ return BUS_RESULT_FALSE; - } - -+/* -+ * Set @error and return FALSE if the message is not directed to the -+ * dbus-daemon by its canonical object path. This is hardening against -+ * system services with poorly-written security policy files, which -+ * might allow sending dangerously broad equivalence classes of messages -+ * such as "anything with this assumed-to-be-safe object path". -+ * -+ * dbus-daemon is unusual in that it normally ignores the object path -+ * of incoming messages; we need to keep that behaviour for the "read" -+ * read-only method calls like GetConnectionUnixUser for backwards -+ * compatibility, but it seems safer to be more restrictive for things -+ * intended to be root-only or privileged-developers-only. -+ * -+ * It is possible that there are other system services with the same -+ * quirk as dbus-daemon. -+ */ - dbus_bool_t -+bus_driver_check_message_is_for_us (DBusMessage *message, -+ DBusError *error) -+{ -+ if (!dbus_message_has_path (message, DBUS_PATH_DBUS)) -+ { -+ dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, -+ "Method '%s' is only available at the canonical object path '%s'", -+ dbus_message_get_member (message), DBUS_PATH_DBUS); -+ -+ return FALSE; -+ } -+ -+ return TRUE; -+} -+ -+BusResult - bus_driver_handle_message (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -2839,6 +2877,7 @@ bus_driver_handle_message (DBusConnection *connection, - const MessageHandler *mh; - dbus_bool_t found_interface = FALSE; - dbus_bool_t is_canonical_path; -+ BusResult res; - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); - -@@ -2854,7 +2893,7 @@ bus_driver_handle_message (DBusConnection *connection, - transaction, - message, - error)) -- return FALSE; -+ return BUS_RESULT_FALSE; - - context = bus_connection_get_context (connection); - systemd = bus_driver_get_owner_of_name (connection, -@@ -2871,7 +2910,7 @@ bus_driver_handle_message (DBusConnection *connection, - attacker ? attacker : "(unauthenticated)", - bus_connection_get_loginfo (connection)); - /* ignore it */ -- return TRUE; -+ return BUS_RESULT_TRUE; - } - - if (!bus_context_get_systemd_activation (context)) -@@ -2879,16 +2918,16 @@ bus_driver_handle_message (DBusConnection *connection, - bus_context_log (context, DBUS_SYSTEM_LOG_WARNING, - "Ignoring unexpected ActivationFailure message " - "while not using systemd activation"); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - -- return dbus_activation_systemd_failure(bus_context_get_activation(context), message); -+ return dbus_activation_systemd_failure(bus_context_get_activation(context), message) == TRUE ? BUS_RESULT_TRUE : BUS_RESULT_FALSE; - } - - if (dbus_message_get_type (message) != DBUS_MESSAGE_TYPE_METHOD_CALL) - { - _dbus_verbose ("Driver got a non-method-call message, ignoring\n"); -- return TRUE; /* we just ignore this */ -+ return BUS_RESULT_TRUE; /* we just ignore this */ - } - - /* may be NULL, which means "any interface will do" */ -@@ -2953,20 +2992,27 @@ bus_driver_handle_message (DBusConnection *connection, - name, dbus_message_get_signature (message), - mh->in_args); - _DBUS_ASSERT_ERROR_IS_SET (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - -- if ((* mh->handler) (connection, transaction, message, error)) -+ res = (* mh->handler) (connection, transaction, message, error); -+ if (res == BUS_RESULT_TRUE) - { - _DBUS_ASSERT_ERROR_IS_CLEAR (error); - _dbus_verbose ("Driver handler succeeded\n"); -- return TRUE; -+ return BUS_RESULT_TRUE; - } -- else -+ else if (res == BUS_RESULT_FALSE) - { - _DBUS_ASSERT_ERROR_IS_SET (error); - _dbus_verbose ("Driver handler returned failure\n"); -- return FALSE; -+ return BUS_RESULT_FALSE; -+ } -+ else if (res == BUS_RESULT_LATER) -+ { -+ _DBUS_ASSERT_ERROR_IS_CLEAR (error); -+ _dbus_verbose ("Driver handler delayed message processing due to policy check\n"); -+ return BUS_RESULT_LATER; - } - } - } -@@ -2978,7 +3024,7 @@ bus_driver_handle_message (DBusConnection *connection, - "%s does not understand message %s", - DBUS_SERVICE_DBUS, name); - -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - void -@@ -3099,7 +3145,7 @@ interface_handler_find_property (const InterfaceHandler *ih, - return NULL; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_get (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -3120,18 +3166,18 @@ bus_driver_handle_get (DBusConnection *connection, - DBUS_TYPE_STRING, &iface, - DBUS_TYPE_STRING, &prop, - DBUS_TYPE_INVALID)) -- return FALSE; -+ return BUS_RESULT_FALSE; - - /* We only implement Properties on /org/freedesktop/DBus so far. */ - ih = bus_driver_find_interface (iface, TRUE, error); - - if (ih == NULL) -- return FALSE; -+ return BUS_RESULT_FALSE; - - handler = interface_handler_find_property (ih, prop, error); - - if (handler == NULL) -- return FALSE; -+ return BUS_RESULT_FALSE; - - context = bus_transaction_get_context (transaction); - -@@ -3159,17 +3205,17 @@ bus_driver_handle_get (DBusConnection *connection, - goto oom; - - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - if (reply != NULL) - dbus_message_unref (reply); - - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_get_all (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -3188,13 +3234,13 @@ bus_driver_handle_get_all (DBusConnection *connection, - if (!dbus_message_get_args (message, error, - DBUS_TYPE_STRING, &iface, - DBUS_TYPE_INVALID)) -- return FALSE; -+ return BUS_RESULT_FALSE; - - /* We only implement Properties on /org/freedesktop/DBus so far. */ - ih = bus_driver_find_interface (iface, TRUE, error); - - if (ih == NULL) -- return FALSE; -+ return BUS_RESULT_FALSE; - - context = bus_transaction_get_context (transaction); - -@@ -3229,7 +3275,7 @@ bus_driver_handle_get_all (DBusConnection *connection, - goto oom; - - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom_abandon_message: - _dbus_asv_abandon (&reply_iter, &array_iter); -@@ -3239,10 +3285,10 @@ oom: - dbus_message_unref (reply); - - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --static dbus_bool_t -+static BusResult - bus_driver_handle_set (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -3271,15 +3317,15 @@ bus_driver_handle_set (DBusConnection *connection, - ih = bus_driver_find_interface (iface, TRUE, error); - - if (ih == NULL) -- return FALSE; -+ return BUS_RESULT_FALSE; - - handler = interface_handler_find_property (ih, prop, error); - - if (handler == NULL) -- return FALSE; -+ return BUS_RESULT_FALSE; - - /* We don't implement any properties that can be set yet. */ - dbus_set_error (error, DBUS_ERROR_PROPERTY_READ_ONLY, - "Property '%s.%s' cannot be set", iface, prop); -- return FALSE; -+ return BUS_RESULT_FALSE; - } -diff --git a/bus/driver.h b/bus/driver.h -index ac1289d..183c28b 100644 ---- a/bus/driver.h -+++ b/bus/driver.h -@@ -35,7 +35,7 @@ typedef enum - } BusDriverFound; - - void bus_driver_remove_connection (DBusConnection *connection); --dbus_bool_t bus_driver_handle_message (DBusConnection *connection, -+BusResult bus_driver_handle_message (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error); -diff --git a/bus/policy.c b/bus/policy.c -index b1fab0d..27b66d1 100644 ---- a/bus/policy.c -+++ b/bus/policy.c -@@ -1388,18 +1388,21 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, - - - --static dbus_bool_t -+static BusResult - bus_rules_check_can_own (DBusList *rules, -- const DBusString *service_name) -+ const DBusString *service_name, -+ DBusConnection *connection, -+ DBusMessage *message) - { - DBusList *link; -- dbus_bool_t allowed; -+ BusResult result; -+ const char *privilege; - - /* rules is in the order the rules appeared - * in the config file, i.e. last rule that applies wins - */ - -- allowed = FALSE; -+ result = BUS_RESULT_FALSE; - link = _dbus_list_get_first_link (&rules); - while (link != NULL) - { -@@ -1435,17 +1438,45 @@ bus_rules_check_can_own (DBusList *rules, - } - - /* Use this rule */ -- allowed = rule->access == BUS_POLICY_RULE_ACCESS_ALLOW; -+ switch (rule->access) -+ { -+ case BUS_POLICY_RULE_ACCESS_ALLOW: -+ result = BUS_RESULT_TRUE; -+ break; -+ case BUS_POLICY_RULE_ACCESS_DENY: -+ result = BUS_RESULT_FALSE; -+ break; -+ case BUS_POLICY_RULE_ACCESS_CHECK: -+ result = BUS_RESULT_LATER; -+ privilege = rule->privilege; -+ break; -+ } - } - -- return allowed; -+ if (result == BUS_RESULT_LATER) -+ { -+ BusContext *context = bus_connection_get_context(connection); -+ BusCheck *check = bus_context_get_check(context); -+ BusDeferredMessage *deferred_message; -+ -+ result = bus_check_privilege(check, message, connection, NULL, NULL, -+ privilege, BUS_DEFERRED_MESSAGE_CHECK_OWN, &deferred_message); -+ if (result == BUS_RESULT_LATER) -+ { -+ bus_deferred_message_disable_sender(deferred_message); -+ } -+ } -+ -+ return result; - } - --dbus_bool_t -+BusResult - bus_client_policy_check_can_own (BusClientPolicy *policy, -- const DBusString *service_name) -+ const DBusString *service_name, -+ DBusConnection *connection, -+ DBusMessage *message) - { -- return bus_rules_check_can_own (policy->rules, service_name); -+ return bus_rules_check_can_own (policy->rules, service_name, connection, message); - } - - #ifdef DBUS_ENABLE_EMBEDDED_TESTS -@@ -1453,7 +1484,7 @@ dbus_bool_t - bus_policy_check_can_own (BusPolicy *policy, - const DBusString *service_name) - { -- return bus_rules_check_can_own (policy->default_rules, service_name); -+ return bus_rules_check_can_own (policy->default_rules, service_name, NULL, NULL) == BUS_RESULT_TRUE; - } - #endif /* DBUS_ENABLE_EMBEDDED_TESTS */ - -diff --git a/bus/policy.h b/bus/policy.h -index f839d23..28ce8f2 100644 ---- a/bus/policy.h -+++ b/bus/policy.h -@@ -182,8 +182,10 @@ BusResult bus_client_policy_check_can_receive (BusClientPolicy *policy, - dbus_int32_t *toggles, - const char **privilege_param, - BusDeferredMessage **deferred_message); --dbus_bool_t bus_client_policy_check_can_own (BusClientPolicy *policy, -- const DBusString *service_name); -+BusResult bus_client_policy_check_can_own (BusClientPolicy *policy, -+ const DBusString *service_name, -+ DBusConnection *connection, -+ DBusMessage *message); - dbus_bool_t bus_client_policy_append_rule (BusClientPolicy *policy, - BusPolicyRule *rule); - void bus_client_policy_optimize (BusClientPolicy *policy); -diff --git a/bus/services.c b/bus/services.c -index 127edda..586af18 100644 ---- a/bus/services.c -+++ b/bus/services.c -@@ -376,16 +376,17 @@ bus_registry_list_services (BusRegistry *registry, - return FALSE; - } - --dbus_bool_t -+BusResult - bus_registry_acquire_service (BusRegistry *registry, - DBusConnection *connection, -+ DBusMessage *message, - const DBusString *service_name, - dbus_uint32_t flags, - dbus_uint32_t *result, - BusTransaction *transaction, - DBusError *error) - { -- dbus_bool_t retval; -+ BusResult retval; - DBusConnection *old_owner_conn; - BusClientPolicy *policy; - BusService *service; -@@ -393,8 +394,9 @@ bus_registry_acquire_service (BusRegistry *registry, - BusSELinuxID *sid; - BusOwner *primary_owner; - int limit; -+ BusResult res; - -- retval = FALSE; -+ retval = BUS_RESULT_FALSE; - - if (!_dbus_validate_bus_name (service_name, 0, - _dbus_string_get_length (service_name))) -@@ -467,7 +469,8 @@ bus_registry_acquire_service (BusRegistry *registry, - _dbus_string_get_const_data (service_name), error)) - goto out; - -- if (!bus_client_policy_check_can_own (policy, service_name)) -+ res = bus_client_policy_check_can_own (policy, service_name, connection, message); -+ if (res == BUS_RESULT_FALSE) - { - dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, - "Connection \"%s\" is not allowed to own the service \"%s\" due " -@@ -478,6 +481,11 @@ bus_registry_acquire_service (BusRegistry *registry, - _dbus_string_get_const_data (service_name)); - goto out; - } -+ else if (res == BUS_RESULT_LATER) -+ { -+ retval = BUS_RESULT_LATER; -+ goto out; -+ } - - limit = bus_context_get_max_services_per_connection (registry->context); - -@@ -603,11 +611,13 @@ bus_registry_acquire_service (BusRegistry *registry, - } - - activation = bus_context_get_activation (registry->context); -- retval = bus_activation_send_pending_auto_activation_messages (activation, -+ -+ if (bus_activation_send_pending_auto_activation_messages (activation, - service, -- transaction); -- if (!retval) -- BUS_SET_OOM (error); -+ transaction)) -+ retval = BUS_RESULT_TRUE; -+ else -+ BUS_SET_OOM (error); - - out: - return retval; -diff --git a/bus/services.h b/bus/services.h -index 056dd9f..3df3dd7 100644 ---- a/bus/services.h -+++ b/bus/services.h -@@ -50,8 +50,9 @@ void bus_registry_foreach (BusRegistry *registry - dbus_bool_t bus_registry_list_services (BusRegistry *registry, - char ***listp, - int *array_len); --dbus_bool_t bus_registry_acquire_service (BusRegistry *registry, -+BusResult bus_registry_acquire_service (BusRegistry *registry, - DBusConnection *connection, -+ DBusMessage *message, - const DBusString *service_name, - dbus_uint32_t flags, - dbus_uint32_t *result, -diff --git a/bus/stats.c b/bus/stats.c -index 1582255..c25be98 100644 ---- a/bus/stats.c -+++ b/bus/stats.c -@@ -36,7 +36,7 @@ - - #ifdef DBUS_ENABLE_STATS - --dbus_bool_t -+BusResult - bus_stats_handle_get_stats (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -51,6 +51,9 @@ bus_stats_handle_get_stats (DBusConnection *connection, - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); - -+ if (!bus_driver_check_message_is_for_us (message, error)) -+ return BUS_RESULT_FALSE; -+ - context = bus_transaction_get_context (transaction); - connections = bus_context_get_connections (context); - -@@ -104,17 +107,17 @@ bus_stats_handle_get_stats (DBusConnection *connection, - goto oom; - - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - if (reply != NULL) - dbus_message_unref (reply); - - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - --dbus_bool_t -+BusResult - bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -209,7 +212,7 @@ bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, - goto oom; - - dbus_message_unref (reply); -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - BUS_SET_OOM (error); -@@ -218,11 +221,11 @@ failed: - if (reply != NULL) - dbus_message_unref (reply); - -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - --dbus_bool_t -+BusResult - bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, - BusTransaction *transaction, - DBusMessage *message, -@@ -246,7 +249,7 @@ bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, - matchmaker = bus_context_get_matchmaker (context); - - if (!bus_registry_list_services (registry, &services, &services_len)) -- return FALSE; -+ return BUS_RESULT_FALSE; - - reply = dbus_message_new_method_return (message); - if (reply == NULL) -@@ -325,7 +328,7 @@ bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, - - dbus_message_unref (reply); - dbus_free_string_array (services); -- return TRUE; -+ return BUS_RESULT_TRUE; - - oom: - if (reply != NULL) -@@ -334,7 +337,7 @@ oom: - dbus_free_string_array (services); - - BUS_SET_OOM (error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - - #endif -diff --git a/bus/stats.h b/bus/stats.h -index dcb022c..683fa17 100644 ---- a/bus/stats.h -+++ b/bus/stats.h -@@ -25,17 +25,17 @@ - - #define BUS_INTERFACE_STATS "org.freedesktop.DBus.Debug.Stats" - --dbus_bool_t bus_stats_handle_get_stats (DBusConnection *connection, -+BusResult bus_stats_handle_get_stats (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error); - --dbus_bool_t bus_stats_handle_get_connection_stats (DBusConnection *connection, -+BusResult bus_stats_handle_get_connection_stats (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error); - --dbus_bool_t bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, -+BusResult bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error); --- -2.17.2 - diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch deleted file mode 100644 index 8ce441b05..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch +++ /dev/null @@ -1,175 +0,0 @@ -From 69ba571e0daa0a7a9aa6c6b5be5d3338a89d144a Mon Sep 17 00:00:00 2001 -From: Jacek Bukarewicz -Date: Tue, 23 Jun 2015 11:08:48 +0200 -Subject: Perform Cynara runtime policy checks by default -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This change introduces http://tizen.org/privilege/internal/dbus privilege -which is supposed to be available only to trusted system resources. -Checks for this privilege are used in place of certain allow rules to -make security policy more strict. - -For system bus sending and receiving signals now requires -http://tizen.org/privilege/internal/dbus privilege. Requesting name -ownership and sending methods is still denied by default. - -For session bus http://tizen.org/privilege/internal/dbus privilege -is now required for requesting name, calling methods, sending and receiving -signals. - -Services are supposed to override these default settings to implement their -own security policy. - -Cherry picked from e8610297cf7031e94eb314a2e8c11246f4405403 by Jose Bollo - -Updated for dbus 1.10.20 by Scott Murray and José Bollo - -Signed-off-by: Jacek Bukarewicz -Signed-off-by: José Bollo -Signed-off-by: Scott Murray - -diff --git a/bus/activation.c b/bus/activation.c -index ffdc6fc..6a95b95 100644 ---- a/bus/activation.c -+++ b/bus/activation.c -@@ -1837,22 +1837,32 @@ bus_activation_activate_service (BusActivation *activation, - } - - if (auto_activation && -- entry != NULL && -- BUS_RESULT_TRUE != bus_context_check_security_policy (activation->context, -- transaction, -- connection, /* sender */ -- NULL, /* addressed recipient */ -- NULL, /* proposed recipient */ -- activation_message, -- entry, -- error, -- NULL)) -- { -- _DBUS_ASSERT_ERROR_IS_SET (error); -- _dbus_verbose ("activation not authorized: %s: %s\n", -- error != NULL ? error->name : "(error ignored)", -- error != NULL ? error->message : "(error ignored)"); -- return FALSE; -+ entry != NULL) -+ { -+ BusResult result; -+ -+ result = bus_context_check_security_policy (activation->context, -+ transaction, -+ connection, /* sender */ -+ NULL, /* addressed recipient */ -+ NULL, /* proposed recipient */ -+ activation_message, -+ entry, -+ error, -+ NULL); -+ if (result == BUS_RESULT_FALSE) -+ { -+ _DBUS_ASSERT_ERROR_IS_SET (error); -+ _dbus_verbose ("activation not authorized: %s: %s\n", -+ error != NULL ? error->name : "(error ignored)", -+ error != NULL ? error->message : "(error ignored)"); -+ return FALSE; -+ } -+ if (result == BUS_RESULT_LATER) -+ { -+ /* TODO */ -+ _dbus_verbose ("ALERT FIX ME!!!!!!!!!!!!!!!"); -+ } - } - - /* Bypass the registry lookup if we're auto-activating, bus_dispatch would not -diff --git a/bus/session.conf.in b/bus/session.conf.in -index affa7f1..157dfb4 100644 ---- a/bus/session.conf.in -+++ b/bus/session.conf.in -@@ -27,12 +27,32 @@ - - - -- -- -- -- -- -- -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ - - - -diff --git a/bus/system.conf.in b/bus/system.conf.in -index f139b55..19d0c04 100644 ---- a/bus/system.conf.in -+++ b/bus/system.conf.in -@@ -50,17 +50,20 @@ - - - -- -+ -+ -+ -+ -- - - - -- -+ - - - -- - - - - -+ -+ -+ - - -Date: Wed, 29 May 2019 16:32:50 +0200 -Subject: Fix gcc 8 warnings -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Compiling with -Werror isn't possible without adaptation -of the code. - -Signed-off-by: José Bollo - -diff --git a/bus/config-parser-trivial.c b/bus/config-parser-trivial.c -index dd65c6d..23dedb4 100644 ---- a/bus/config-parser-trivial.c -+++ b/bus/config-parser-trivial.c -@@ -194,6 +194,7 @@ bus_config_parser_start_element (BusConfigParser *parser, - case ELEMENT_POLICY: - case ELEMENT_LIMIT: - case ELEMENT_ALLOW: -+ case ELEMENT_CHECK: - case ELEMENT_DENY: - case ELEMENT_FORK: - case ELEMENT_PIDFILE: -@@ -316,6 +317,7 @@ bus_config_parser_content (BusConfigParser *parser, - case ELEMENT_POLICY: - case ELEMENT_LIMIT: - case ELEMENT_ALLOW: -+ case ELEMENT_CHECK: - case ELEMENT_DENY: - case ELEMENT_FORK: - case ELEMENT_PIDFILE: -diff --git a/bus/config-parser.c b/bus/config-parser.c -index b5f1dd1..7f91469 100644 ---- a/bus/config-parser.c -+++ b/bus/config-parser.c -@@ -3408,6 +3408,7 @@ elements_equal (const Element *a, - case ELEMENT_LISTEN: - case ELEMENT_AUTH: - case ELEMENT_ALLOW: -+ case ELEMENT_CHECK: - case ELEMENT_DENY: - case ELEMENT_FORK: - case ELEMENT_PIDFILE: -diff --git a/bus/desktop-file.c b/bus/desktop-file.c -index 4459858..4a27ee3 100644 ---- a/bus/desktop-file.c -+++ b/bus/desktop-file.c -@@ -382,7 +382,7 @@ is_valid_section_name (const char *name) - - while (*name) - { -- if (!((*name >= 'A' && *name <= 'Z') || (*name >= 'a' || *name <= 'z') || -+ if (!((*name >= ' ' && *name <= '~' && *name != '[' && *name != ']') || - *name == '\n' || *name == '\t')) - return FALSE; - -diff --git a/bus/driver.h b/bus/driver.h -index 183c28b..05e9886 100644 ---- a/bus/driver.h -+++ b/bus/driver.h -@@ -66,5 +66,7 @@ dbus_bool_t bus_driver_send_ack_reply (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error); -+dbus_bool_t bus_driver_check_message_is_for_us (DBusMessage *message, -+ DBusError *error); - - #endif /* BUS_DRIVER_H */ -diff --git a/bus/policy.c b/bus/policy.c -index 27b66d1..c4c3d4b 100644 ---- a/bus/policy.c -+++ b/bus/policy.c -@@ -1098,6 +1098,7 @@ bus_client_policy_check_can_send (DBusConnection *sender, - case BUS_POLICY_RULE_ACCESS_ALLOW: - result = BUS_RESULT_TRUE; - break; -+ default: - case BUS_POLICY_RULE_ACCESS_DENY: - result = BUS_RESULT_FALSE; - break; -@@ -1350,6 +1351,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, - case BUS_POLICY_RULE_ACCESS_ALLOW: - result = BUS_RESULT_TRUE; - break; -+ default: - case BUS_POLICY_RULE_ACCESS_DENY: - result = BUS_RESULT_FALSE; - break; -@@ -1443,6 +1445,7 @@ bus_rules_check_can_own (DBusList *rules, - case BUS_POLICY_RULE_ACCESS_ALLOW: - result = BUS_RESULT_TRUE; - break; -+ default: - case BUS_POLICY_RULE_ACCESS_DENY: - result = BUS_RESULT_FALSE; - break; -diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c -index 565e089..b96c735 100644 ---- a/dbus/dbus-sysdeps-unix.c -+++ b/dbus/dbus-sysdeps-unix.c -@@ -4364,7 +4364,11 @@ _dbus_daemon_unpublish_session_bus_address (void) - dbus_bool_t - _dbus_get_is_errno_eagain_or_ewouldblock (int e) - { -+#if EAGAIN != EWOULDBLOCK - return e == EAGAIN || e == EWOULDBLOCK; -+#else -+ return e == EAGAIN; -+#endif - } - - /** -diff --git a/tools/dbus-send.c b/tools/dbus-send.c -index 6fb65fe..d853b39 100644 ---- a/tools/dbus-send.c -+++ b/tools/dbus-send.c -@@ -293,10 +293,12 @@ main (int argc, char *argv[]) - { - is_bus = TRUE; - } -+#if 0 - else if (arg[2] == 'p') /* peer */ - { - is_bus = FALSE; - } -+#endif - else /* address; keeping backwards compatibility */ - { - is_bus = FALSE; --- -2.17.2 - diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0007-Fix-SIGSEGV-on-disconnections.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0007-Fix-SIGSEGV-on-disconnections.patch deleted file mode 100644 index b5ee138ed..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0007-Fix-SIGSEGV-on-disconnections.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 2a1c1c3f9264f53abc439ec44b33fdca8ffbb803 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= -Date: Fri, 16 Aug 2019 13:29:23 +0200 -Subject: [PATCH 7/8] Fix SIGSEGV on disconnections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Sometime, at start of the system, dbus-daemon was crashing -because a pending authorisation were reactivating a closed -connection. - -Also, clean unused function. - -Signed-off-by: José Bollo ---- - bus/check.c | 5 +++++ - bus/check.h | 1 + - bus/connection.c | 14 +++----------- - bus/connection.h | 3 --- - 4 files changed, 9 insertions(+), 14 deletions(-) - -diff --git a/bus/check.c b/bus/check.c -index f3d283f..b73d08b 100644 ---- a/bus/check.c -+++ b/bus/check.c -@@ -617,3 +617,8 @@ bus_deferred_message_response_received (BusDeferredMessage *deferred_message, - } - } - -+void -+bus_deferred_message_abort (BusDeferredMessage *deferred_message) -+{ -+ deferred_message->response_callback = NULL; -+} -diff --git a/bus/check.h b/bus/check.h -index 9c13c18..d718a69 100644 ---- a/bus/check.h -+++ b/bus/check.h -@@ -93,6 +93,7 @@ void bus_deferred_message_set_policy_check_info (BusDeferredMessa - const char *privilege); - dbus_bool_t bus_deferred_message_check_message_limits (BusDeferredMessage *deferred_message, - DBusError *error); -+void bus_deferred_message_abort (BusDeferredMessage *deferred_message); - - - #ifdef DBUS_ENABLE_EMBEDDED_TESTS -diff --git a/bus/connection.c b/bus/connection.c -index ee93384..b520d57 100644 ---- a/bus/connection.c -+++ b/bus/connection.c -@@ -47,6 +47,7 @@ - #define MAX_LOG_COMMAND_LEN 50 - - static void bus_connection_remove_transactions (DBusConnection *connection); -+static void bus_connection_clear_deferred_messages (DBusConnection *connection); - - typedef struct - { -@@ -2821,17 +2822,7 @@ bus_connection_pop_deferred_message (DBusConnection *connection) - return NULL; - } - --dbus_bool_t --bus_connection_putback_deferred_message (DBusConnection *connection, BusDeferredMessage *message) --{ -- BusConnectionData *d = BUS_CONNECTION_DATA(connection); -- if (_dbus_list_prepend(&d->deferred_messages, message)) -- { -- return TRUE; -- } -- return FALSE; --} -- -+static - void - bus_connection_clear_deferred_messages (DBusConnection *connection) - { -@@ -2846,6 +2837,7 @@ bus_connection_clear_deferred_messages (DBusConnection *connection) - next = _dbus_list_get_next_link (&d->deferred_messages, link); - message = link->data; - -+ bus_deferred_message_abort(message); - bus_deferred_message_unref(message); - _dbus_list_remove_link(&d->deferred_messages, link); - -diff --git a/bus/connection.h b/bus/connection.h -index 97dae96..6af7bf1 100644 ---- a/bus/connection.h -+++ b/bus/connection.h -@@ -90,15 +90,12 @@ dbus_bool_t bus_connection_queue_deferred_message (DBusConnection *con - BusDeferredMessage *message, - dbus_bool_t prepend); - BusDeferredMessage *bus_connection_pop_deferred_message (DBusConnection *connection); --dbus_bool_t bus_connection_putback_deferred_message (DBusConnection *connection, -- BusDeferredMessage *message); - void bus_connection_remove_deferred_message (DBusConnection *connection, - BusDeferredMessage *message); - dbus_bool_t bus_connection_replace_deferred_message (DBusConnection *connection, - BusDeferredMessage *oldMessage, - BusDeferredMessage *newMessage); - void bus_connection_dispatch_deferred (DBusConnection *connection); --void bus_connection_clear_deferred_messages (DBusConnection *connection); - - - /* called by signals.c */ --- -2.17.2 - diff --git a/meta-security/recipes-core/dbus-cynara/dbus_1.12.16.bbappend b/meta-security/recipes-core/dbus-cynara/dbus_1.12.16.bbappend deleted file mode 100644 index ce2bd0822..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus_1.12.16.bbappend +++ /dev/null @@ -1,17 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/dbus-cynara:" - -#SRC_URI_append_class-target = "\ -# file://0001-Integration-of-Cynara-asynchronous-security-checks.patch \ -# file://0002-Disable-message-dispatching-when-send-rule-result-is.patch \ -# file://0003-Handle-unavailability-of-policy-results-for-broadcas.patch \ -# file://0004-Add-own-rule-result-unavailability-handling.patch \ -# file://0005-Perform-Cynara-runtime-policy-checks-by-default.patch \ -# file://0006-Fix-gcc-8-warnings.patch \ -# file://0007-Fix-SIGSEGV-on-disconnections.patch \ -#" -SRC_URI_append_class-target = "\ -" - -#DEPENDS_append_class-target = " cynara smack" -#EXTRA_OECONF_append_class-target = " ${@bb.utils.contains('DISTRO_FEATURES','smack','--enable-cynara --disable-selinux','',d)}" - -- cgit 1.2.3-korg From 5011dd3b4900cc6030d18055f2148c21b8dde7b7 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 10 Feb 2020 15:10:17 -0500 Subject: zeus updates for dragonboard-410c Changes: - Update BBMASK definition in template to avoid new warning. - Rename linux-linaro-qcomlt bbappend to use a wildcard to cover both the new 5.4 kernel in meta-qcom and still the older 4.x kernels in that BSP that a user might configure instead. Bug-AGL: SPEC-2932 Change-Id: I8a735a38409822e7069cc84bc2a42c06d351a278 Signed-off-by: Scott Murray --- .../meta-qcom/recipes-kernel/linux/linux-linaro-qcomlt_%.bbappend | 3 +++ .../meta-qcom/recipes-kernel/linux/linux-linaro-qcomlt_4.14.bbappend | 3 --- templates/machine/dragonboard-410c/50_bblayers.conf.inc | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) create mode 100644 meta-agl-bsp/meta-qcom/recipes-kernel/linux/linux-linaro-qcomlt_%.bbappend delete mode 100644 meta-agl-bsp/meta-qcom/recipes-kernel/linux/linux-linaro-qcomlt_4.14.bbappend diff --git a/meta-agl-bsp/meta-qcom/recipes-kernel/linux/linux-linaro-qcomlt_%.bbappend b/meta-agl-bsp/meta-qcom/recipes-kernel/linux/linux-linaro-qcomlt_%.bbappend new file mode 100644 index 000000000..0b2b99d4d --- /dev/null +++ b/meta-agl-bsp/meta-qcom/recipes-kernel/linux/linux-linaro-qcomlt_%.bbappend @@ -0,0 +1,3 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" + +require recipes-kernel/linux/linux-agl.inc diff --git a/meta-agl-bsp/meta-qcom/recipes-kernel/linux/linux-linaro-qcomlt_4.14.bbappend b/meta-agl-bsp/meta-qcom/recipes-kernel/linux/linux-linaro-qcomlt_4.14.bbappend deleted file mode 100644 index 0b2b99d4d..000000000 --- a/meta-agl-bsp/meta-qcom/recipes-kernel/linux/linux-linaro-qcomlt_4.14.bbappend +++ /dev/null @@ -1,3 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/files:" - -require recipes-kernel/linux/linux-agl.inc diff --git a/templates/machine/dragonboard-410c/50_bblayers.conf.inc b/templates/machine/dragonboard-410c/50_bblayers.conf.inc index 4a3cae0f3..41fe36719 100644 --- a/templates/machine/dragonboard-410c/50_bblayers.conf.inc +++ b/templates/machine/dragonboard-410c/50_bblayers.conf.inc @@ -1,2 +1,2 @@ BBLAYERS =+ "${METADIR}/bsp/meta-qcom" -BBMASK .= "|bsp/meta-qcom/openembedded-layer/recipes-navigation/gpsd" +BBMASK += "bsp/meta-qcom/openembedded-layer/recipes-navigation/gpsd" -- cgit 1.2.3-korg From c2be9fc72af87fb702ac2f7cecc56ad029f7bf94 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Wed, 12 Feb 2020 14:00:20 -0500 Subject: meta-agl-profile-cluster-qt5: disable qtbase patches The patches to qtbase for supporting the qtcompositor cluster demo on dra7xx-evm do not apply against 5.13.2 and it is not clear if they are still required, disable them for now until someone with the hardware can investigate. Note that this change is required to unblock building the regular cluster demo. Bug-AGL: SPEC-2932 Change-Id: I47b7de17a0d2da5155b2c58f89bbe78ab516c4e1 Signed-off-by: Scott Murray --- meta-agl-profile-cluster-qt5/recipes-qt/qt5/qtbase_%.bbappend | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/meta-agl-profile-cluster-qt5/recipes-qt/qt5/qtbase_%.bbappend b/meta-agl-profile-cluster-qt5/recipes-qt/qt5/qtbase_%.bbappend index 50db225c1..e94ef03ae 100644 --- a/meta-agl-profile-cluster-qt5/recipes-qt/qt5/qtbase_%.bbappend +++ b/meta-agl-profile-cluster-qt5/recipes-qt/qt5/qtbase_%.bbappend @@ -2,9 +2,11 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/files:" - -SRC_URI += " file://0001-fixed-eglfs_kms-fails-to-build.patch \ - file://0002-fixed-invalid-conversion-from-EGLNativeDisplayType-to-void.patch \ - " +# FIXME: Disabled as they do not apply against 5.13.2, and it is +# unclear if they are still required for building dra7xx-evm, +# which fails for what looks like a different reason. +#SRC_URI += " file://0001-fixed-eglfs_kms-fails-to-build.patch \ +# file://0002-fixed-invalid-conversion-from-EGLNativeDisplayType-to-void.patch \ +# " PACKAGECONFIG_GL_append = "${@bb.utils.contains('DISTRO_FEATURES', 'opengl', ' eglfs kms gbm', '', d)}" -- cgit 1.2.3-korg From 47aa65ba73e1b29459171de24fb0ee0040cbb39c Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Tue, 11 Feb 2020 13:33:42 -0500 Subject: meta-agl-bsp: Add CONFIG_LSM workaround for 5.1+ kernels Add explicit clearing of CONFIG_LSM before running "make oldconfig" in the do_configure_append added by linux-agl.inc. This ensures that the derived value of CONFIG_LSM will reflect configuration changes done by the merged AGL provided fragments, i.e. SMACK being enabled. Without it, kernel recipes that are not based on linux-yocto.bbclass or have their own fragment handling done via prepend will end up with an incorrect value of CONFIG_LSM which effectively disables SMACK. Examples include the linux-imx or linux-fslc kernels used by NXP. Bug-AGL: SPEC-2932 Change-Id: Id99906e3de75128ebc54866d43d89d3a24bb1cf2 Signed-off-by: Scott Murray --- meta-agl-bsp/recipes-kernel/linux/linux-agl.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-agl-bsp/recipes-kernel/linux/linux-agl.inc b/meta-agl-bsp/recipes-kernel/linux/linux-agl.inc index 17fe96dff..c03c56ea3 100644 --- a/meta-agl-bsp/recipes-kernel/linux/linux-agl.inc +++ b/meta-agl-bsp/recipes-kernel/linux/linux-agl.inc @@ -14,6 +14,9 @@ def find_cfgs(d): do_configure_append () { [ ! -f .config ] && cp -a ${WORKDIR}/defconfig .config + # Need to clear CONFIG_LSM for 5.1+ kernels to ensure it'll get + # regenerated to reflect configuration changes (e.g. SMACK). + sed -i '/^CONFIG_LSM/d' .config merge_config.sh -m .config ${@" ".join(find_cfgs(d))} yes '' | make oldconfig } -- cgit 1.2.3-korg